JMertin

Installing the TIM inside a Docker container

Blog Post created by JMertin Employee on Mar 7, 2016

Yes - it is possible to actually "get around" the Operating system limitation to get the TIM software running, say, on a Ubuntu 14.04 LTS System.

This setup however will not be supported by CA - however will help our Field-Staff to setup their own APM Env. running on their local machine (linux ???) which has already one other OS running on it.

 

Now - why would one use a docker container ? Aren't there VMWare Images there yet ?

Simply put, containers provide OS-level process isolation whereas virtual machines offer isolation at the hardware abstraction layer (i.e., hardware virtualization). This makes the containerized access to resources way more efficient.

There's a very good article explaining the differences here: https://www.upguard.com/articles/docker-vs.-vmware-how-do-they-stack-up

 

So - where do we start from ? Let's assume you have docker installed on your computer already. Simply create a directory called docker (name it as you want it to be named), and inside issue the git clone command for the docker of the tim-dockerbuilder: https://github-isl-01.ca.com/merjr01/tim-dockerbuilder

 

jmertin@antigone:~$ mkdir docker

jmertin@antigone:~$ cd docker/

jmertin@antigone:~/docker$ git clone https://github-isl-01.ca.com/merjr01/tim-dockerbuilder.git

Cloning into 'tim-dockerbuilder'...

Username for 'https://github-isl-01.ca.com': merjr01

Password for 'https://merjr01@github-isl-01.ca.com'://merjr01@github-isl-01.ca.com':

remote: Counting objects: 16, done.

remote: Compressing objects: 100% (14/14), done.

remote: Total 16 (delta 2), reused 16 (delta 2), pack-reused 0

Unpacking objects: 100% (16/16), done.

Checking connectivity... done.

jmertin@antigone:~/docker$ ls -las

total 12

4 drwxrwxr-x   3 jmertin jmertin 4096 Mar  7 15:05 .

4 drwxr-xr-x 119 jmertin jmertin 4096 Mar  7 14:47 ..

4 drwxrwxr-x   4 jmertin jmertin 4096 Mar  7 15:05 tim-dockerbuilder

jmertin@antigone:~/docker$ cd tim-dockerbuilder/

jmertin@antigone:~/docker/tim-dockerbuilder$ ls -las

total 44

4 drwxrwxr-x 4 jmertin jmertin  4096 Mar  7 15:05 .

4 drwxrwxr-x 3 jmertin jmertin  4096 Mar  7 15:05 ..

4 -rw-rw-r-- 1 jmertin jmertin   221 Mar  7 15:05 CHANGELOG

4 -rw-rw-r-- 1 jmertin jmertin  1123 Mar  7 15:05 clean_rc.sh

4 drwxrwxr-x 8 jmertin jmertin  4096 Mar  7 15:05 .git

4 drwxrwxr-x 2 jmertin jmertin  4096 Mar  7 15:05 mod

4 -rw-rw-r-- 1 jmertin jmertin  2789 Mar  7 15:05 README

12 -rwxrwxr-x 1 jmertin jmertin 10653 Mar  7 15:05 TIMImage_builder.sh
4 -rw-rw-r-- 1 jmertin jmertin   125 Mar  7 15:05 yum.cron

This will show us the tim-dockerbuilder code. As we are not allowed to distribute any Binary or CA Code, we can't provide the TIM binaries.

Please download the required TIM Software (You can download several version if you need them, and place them into their respective directories): https://support.ca.com/irj/portal/anonymous/PublishedSolutions#

 

Next will be to actually Download the TIM binaries from the official download site, and place them into their respective Directories. tim10.1 for CA APM TIM 10.1, tim9.7 for CA APM TIM 9.7 and so on.

jmertin@antigone:~/docker/tim-dockerbuilder$ mkdir tim10.1

jmertin@antigone:~/docker/tim-dockerbuilder$ cd tim10.1/

jmertin@antigone:~/docker/tim-dockerbuilder/tim10.1$ tar xvf ~/Download/GEN09093659E.tar

tim-10.1.0.15.990014-a7f6ac1244c6142bc2e88871d812010a8c9add73.Linux.el6.x86_64-install.tar.gz

tim-10.1.0.15.990014-a7f6ac1244c6142bc2e88871d812010a8c9add73.Linux.el5.x86_64-install.tar.gz

CA-APM-TIM-public_key.txt

jmertin@antigone:~/docker/tim-dockerbuilder/tim10.1$ rm tim-10.1.0.15.990014-a7f6ac1244c6142bc2e88871d812010a8c9add73.Linux.el5.x86_64-install.tar.gz

rm: remove regular file ‘tim-10.1.0.15.990014-a7f6ac1244c6142bc2e88871d812010a8c9add73.Linux.el5.x86_64-install.tar.gz’? y

jmertin@antigone:~/docker/tim-dockerbuilder/tim10.1$ tar xvf tim-10.1.0.15.990014-a7f6ac1244c6142bc2e88871d812010a8c9add73.Linux.el6.x86_64-install.tar.gz

timInstall.bin

ca-eula.en.txt

jmertin@antigone:~/docker/tim-dockerbuilder/tim10.1$

In this step, we create the TIM Version directory, and place the binaries of the required release inside. Note that only the TIM binary for RedHat/CentOS 6.x can be used, so the other binary is deleted.

The Important files here are timInstall.bin, ca-eula.en.txt and the CA-APM-TIM-public_key.txt files.

This is all that is required to prepare the tim-dockerbuilder. We can now create a TIM Image and start it in a container.

jmertin@antigone:~/docker/tim-dockerbuilder$ ./TIMImage_builder.sh

>>> Which TIM version do you want to integrate into the image ?

>>> Available Versions are listed below:

===============================================================

* tim10.1

===============================================================

>>> Please copy & paste the right version: tim10.1

 

===============================================================

>>> How many TIM Worker processes should be activated [4]: 2

 

===============================================================

>>> How do you want to name the Image [caapm/tim10.1]:

*** Image Name set to: caapm/tim10.1

 

===============================================================

!!! You need to accept the Eula in tim10.1/ca-eula.en.txt !

>>> Do you accept the Eula [y/n]: y

 

===============================================================

>>> How do you want to name the Container [tim10.1]:

*** Container Name set to: tim10.1

 

===============================================================

>>> Which Docker Host physical network interface will be used

>>> as SPAN Port. Note that the interface will be made exclusively

>>> available to the container running the tim10.1, and will not

>>> be usable by the Docker Host or any other container !

>>> Use ifconfig to identify a suitable interface !

Which interface to use: [No Default]: dummy0

 

===============================================================

   For the following, keep in mind that the TIM uses by default

   port 80, 81 8080 and 443. These are the ports the TIM will

   run inside the Docker container. If any of these ports is

   already in useon the host system, it cannot be used by the

   docker-proxy.

 

===============================================================

>>> Which port do you want to map the HTTP Port 80 [80]: 9080

 

===============================================================

>>> Which port do you want to map the HTTP Port 8080 [8080]:  

*** Port 8080 mapped to 8080

 

===============================================================

>>> Which port do you want to map the HTTP Port 81 [81]:

*** Port 81 mapped to 81

 

===============================================================

>>> Which port do you want to map the HTTPS Port 443 [8443]: 9443

 

>>> Options for this Docker Image Build

===============================================================

TIM Version:            tim10.1

TIM Workers:            2

Image name:             caapm/tim10.1

Exposed ports:          8080 8443 81 80

Container Name:         tim10.1

Host SPAN Int.:         dummy0

Guest SPAN Int.:        span0

Port 80 mapped to:      9080

Port 81 mapped to:      81

Port 8080 mapped to:    8080

Port 8443 mapped to:    9443

 

===============================================================

>>> Proceed [y/n]: y

*** Generating CA_AUTOMATION file:  OK.

*** Generating Dockerfile:  OK.

*** Creating Container start script:  OK.

*** Creating Container access script:  OK.

 

===============================================================

>>> Create image [y/n]: y

Hitting y now will create the Image including the container start script, and the script allowing to access the container through a shell.
Regarding the network interface we will hijack into the container, we used the dummy0 interface as we have none available on this laptop the test is taking place.

Note that from now on, the configuration of this TIM Image exists inside the cfgs directory, and can be used to speed up the process:

 

./TIMImage_builder.sh cfgs/tim10.1.cfg 

 

You will be at the same position to create the image again. This - by example to actually create a new image with all CentOS updates installed.

The Build Process is quite long, so not included into this blog - but at the end - one should see a:

 

[......]

Step 20 : ENTRYPOINT /sbin/init

---> Running in c59abe037fbc

---> 98f896e55522

Removing intermediate container c59abe037fbc

Successfully built 98f896e55522

 

The image has been built. Time to start the container (Note that all configuration has been integrated into the startup-script.

jmertin@antigone:~/docker/tim-dockerbuilder$ ./start_tim10.1.sh

dc364eb41c63e26e566d222742200e1a7be864f3463d854532304698399bbf6f

jmertin@antigone:~/docker/tim-dockerbuilder$ ./tim10.1_shell.sh

[root@dc364eb41c63 ~]# ps auxw

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND

root         1  0.3  0.0  19292  2368 ?        Ss   15:47   0:00 /sbin/init

root       184  0.1  0.0 124320  6272 ?        S    15:47   0:00 /usr/bin/python /opt/CA/APM/apmpacket/bin/apmpacketwatchdog

root       191  0.0  0.2 426632 34000 ?        Sl   15:47   0:00 /opt/CA/APM/apmpacket/bin/apmpacket

root       209  0.0  0.0 206668 10064 ?        Ss   15:47   0:00 /usr/sbin/httpd

apache     214  0.0  0.0 208304  8288 ?        S    15:47   0:00 /usr/sbin/httpd

apache     215  0.0  0.0 208304  8276 ?        S    15:47   0:00 /usr/sbin/httpd

apache     216  0.0  0.0 208304  8276 ?        S    15:47   0:00 /usr/sbin/httpd

apache     217  0.0  0.0 208304  8276 ?        S    15:47   0:00 /usr/sbin/httpd

apache     218  0.0  0.0 208304  8276 ?        S    15:47   0:00 /usr/sbin/httpd

apache     219  0.0  0.0 208304  8276 ?        S    15:47   0:00 /usr/sbin/httpd

apache     220  0.0  0.0 208304  8276 ?        S    15:47   0:00 /usr/sbin/httpd

apache     221  0.0  0.0 208304  8276 ?        S    15:47   0:00 /usr/sbin/httpd

root       240  0.1  0.0 124352  6292 ?        Ss   15:47   0:00 /usr/bin/python /opt/CA/APM/tim/bin/timwatchdog

root       250  0.1  0.1 915664 20140 ?        Sl   15:47   0:00 /opt/CA/APM/tim/bin/tim

root       262  0.7  0.0  34100  5380 ?        S    15:47   0:00 timwatcher -configdir /opt/CA/APM/tim/config/ -datadir /opt/CA/APM/tim/data/

root       268  1.0  0.0  30708  4700 ?        Ss   15:47   0:00 /opt/CA/APM/tim/bin/timapmpacketcomm -infd=6 -outfd=11 -timeout=2

root       271  2.6  0.2 5999340 41560 ?       Sl   15:47   0:00 timworker -worker=0 -infd=11 -outfd=14 -workers=2

root       274  2.6  0.2 5998300 37548 ?       Sl   15:47   0:00 timworker -worker=1 -infd=15 -outfd=18 -workers=2

root       332  0.4  0.0 177004 10856 ?        S    15:47   0:00 /usr/bin/python /opt/CA/APM/tim/bin/tim-assist

root       351  0.0  0.0 116872  2340 ?        Ss   15:47   0:00 crond

root       360  0.6  0.0 108356  3052 ?        Ss   15:47   0:00 /bin/bash

root       371  0.0  0.0 110236  2256 ?        R+   15:47   0:00 ps auxw

[root@dc364eb41c63 ~]# ifconfig

dummy0    Link encap:Ethernet  HWaddr D6:9A:15:52:98:20 

          inet6 addr: fe80::d49a:15ff:fe52:9820/64 Scope:Link

          UP BROADCAST RUNNING NOARP PROMISC  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:0 (0.0 b)  TX bytes:420 (420.0 b)

 

 

eth0      Link encap:Ethernet  HWaddr 02:42:AC:11:00:02 

          inet addr:172.17.0.2  Bcast:0.0.0.0  Mask:255.255.0.0

          inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:23 errors:0 dropped:0 overruns:0 frame:0

          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:3773 (3.6 KiB)  TX bytes:648 (648.0 b)

 

 

lo        Link encap:Local Loopback 

          inet addr:127.0.0.1  Mask:255.0.0.0

          inet6 addr: ::1/128 Scope:Host

          UP LOOPBACK RUNNING  MTU:65536  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

 

Congrats. You can now reach the TIM UI under: http://localhost:9080/cgi-bin/ca/apm/tim/index

Note that here - as we run it on our laptop, we access it through localhost. In case it's installed on a remote Docker Server - one has to use the remote Server IP.

The regular setup rules still apply !

Details here: https://docops.ca.com/ca-apm/10-1/en/installing/apm-installation-and-upgrade/install-and-configure-tim-for-ca-cem

 

You may want to check out https://cawiki.ca.com/display/SASWAT/Docker+images+-+SWAT+Ruleset in case you also want to install a EM/Collector inside a docker container.

Outcomes