Pulling the Agent Image

Pull the version of the Agent image that corresponds to the JS7 release in use:

docker image pull sosberlin/js7:agent-2-0-0-SNAPSHOT

Running the Agent Container

After pulling the Agent image you can run the container with a number of options like this:

#!/bin/sh

docker run -dit --rm \
      --user="$(id -u $USER):$(id -g $USER)" \
      --hostname=js7-agent-primary \
      --network=js7 \
      --publish=16445:4445 \
      --env="RUN_JS_JAVA_OPTIONS=-Xmx256m" \
      --mount="type=volume,src=js7-agent-primary-config,dst=/var/sos-berlin.com/js7/agent/var_4445/config" \
      --mount="type=volume,src=js7-agent-primary-logs,dst=/var/sos-berlin.com/js7/agent/var_4445/logs" \
      --mount="type=volume,src=js7-agent-primary-state,dst=/var/sos-berlin.com/js7/agent/var_4445/state" \
      --name js7-agent-primary \
      sosberlin/js7:agent-2-0-0-SNAPSHOT

Explanations:

• --user Inside the container the Agent is operated for the user account jobscheduler. In order to access e.g. log files created by the Agent that are mounted to the Docker host it is recommended that you map the account that is starting the container to the jobscheduler account inside the container. The --user option accepts the user ID and group ID of the account that will be mapped. The above example makes use of the current user.
• --network The above example makes use of a Docker network - created e.g. with the command docker network create js7 - to allow network sharing between containers. Consider that any inside ports used by Docker containers are visible within a Docker network. Therefore an Agent running for the inside port 4445 is accessible with the container's hostname and the same port within the Docker network.
• --publish The Agent is prepared to listen to the HTTP port 4445. An outside port of the Docker host can be mapped to the Agent's inside HTTP port. This is not required for use with a Docker network, see --network, however, it will allow direct access to the Agent from the Docker host by its outside port .
• --env=RUN_JS_JAVA_OPTIONS This allows to inject any Java options to the Agent's container. Preferably this is used to specify memory requirements of an Agent, e.g. with -Xmx256m.
• --mount The following volume mounts are suggested:
  • config: The configuration folder allows to specify individual settings for Agent operation, see below chapters and the JS7 - Agent Configuration Items article. Without this folder the default settings are used.
  • logs: In order to have Agent log files persisted they have to be written to a volume that is mounted for the container. Feel free to adjust the volume name from the src attribute, however, the value of the dst attribute should not be changed as it reflects the directory hierarchy inside the container.
  • state: The Agent requires a directory for journal information that should be persisted. The journal is required to restore the state of orders when restarting the Agent.

  • Docker offers a number of ways how to mount volumes to containers that include e.g. to create a local folder and to map the folder to a volume before executing the above docker run command.:
    
    

    Example how to create Docker volumes

    # example to map volumes to directories on the Docker host prior to running the Agent container
    mkdir -p /home/sos/js7/js7-agent-primary/config /home/sos/js7/js7-agent-primary/logs /home/sos/js7/js7-agent-primary/state
    docker volume create --driver local --opt o=bind --opt type=none --opt device="/home/sos/js7/js7-agent-primary/config" js7-agent-primary-config
    docker volume create --driver local --opt o=bind --opt type=none --opt device="/home/sos/js7/js7-agent-primary/logs" js7-agent-primary-logs
    docker volume create --driver local --opt o=bind --opt type=none --opt device="/home/sos/js7/js7-agent-primary/state" js7-agent-primary-state

Further Resources

Configure the Agent

Consider that it is not required to configure the Agent - it runs out-of-the-box. The default configuration includes that

• deployment of objects, e.g. workflows and jobs, is not subject to compliance requirements such as non-repudiation.
• HTTP connections are used that expose unencrypted communication between Controller instances and Agent. Authentication is performed by hashed passwords.

Users who intend to operate a compliant and secure job scheduling environment are suggested the JS7 - Agent Configuration for Docker Containers article series.

Build the Agent Image

User who wish to create individual images of the Agent find instructions with the JS7 - Agent Build for Docker Image article.