Dockerized Installation of Universal Orchestrator 1.1.2

This Blog was to be written last year itself (Late September 2023), finally found sometime to document it for all fellow Workload Automation Professionals. The Blog aims to give a quick hand holding on how Universal Orchestrator 1.1.2 can be setup quickly in order to have a Sandbox or Test Environment setup to get a preview on the Product, so that at a later time a Kubernetes rollout can be planned in higher environments post validation and testing.

As a first step , we would authenticate on HCL Repository : hclcr.io inorder to download the images :
 
docker login hclcr.io
Username : [email protected]
Password : XXXXXX
All of the 11 Microservices in Universal Orchestrator are composed into 4 yaml files :
 

1. docker-compose-ms-harbor.yml
2. docker-compose-auth-kafka.yml
3. docker-compose-mongo.yml
4. docker-compose-wa-console-standard.yml

 
 
docker-compose-ms-harbor.yml File :
 
The file docker-compose-ms-harbor.yml would look as below where :
 

1. First Stanza is for UnO Console to authenticate to OIDC Connect Relay Server URL which is the Keycloak service in this case ,also specifying the OIDC credentials secret , Mongo Db connection string and credentials to connect to the DB, the docker volumes can be aligned to the File system volumes in the extract .
2. hcl-uno-gateway : Similar OIDC Parameters to authenticate into Keycloak service , followed by Java Heap Size and Volume Mappings .
3. hcl-uno-audit : Quarkus Mongo DB connection string followed by Volume Mappings.
4. hcl-uno-toolbox : Quarkus Mongo DB connection string followed by Volume Mappings.
5. hcl-uno-timer, hcl-uno-orchestrator, hcl-uno-scheduler : Quarkus Mongo DB connection string followed by Credentials followed by Volume Mappings.
6. hcl-uno-agentmanager : defines Parameters like UnO Gateway Public Host , Private host , Public Port and Private Port
7. hcl-uno-executor, hcl-uno-eventmanager: Java Heap Size , Port mappings on HTTPS Service and Debug Ports, followed by Volume mappings.
8. hcl-uno-iaa: Nginx Gateway URL , Gateway Hostname and Port.
9. hcl-uno-storage: Port mappings on Service and Volume Mappings.
10. hcl-uno-externalpod: HTTPS Service and Port specifications.

 
version: '3.5'

 
  # ---------------------------------------------------------------------------------------
  # UnO Microservices
  # ---------------------------------------------------------------------------------------
 
  #RUN docker-compose files as (for more options see docker-compose-readme.md doc):
  # docker-compose -f docker-compose-ms.yml \
  #                -f devops/kafka/docker-compose-kafka.yml \
  #                -f devops/waconsole/docker-compose-wa-console-standard.yml \
  #                -f devops/mongo/docker-compose-mongo.yml \
  #                up -d
 
  hcl-uno-console:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-console:1.1.2.0
    environment:
      - QUARKUS_OIDC_CONNECTION_TIMEOUT=PT1M
      - QUARKUS_OIDC_TENANT_ENABLED=true
      - QUARKUS_OIDC_AUTH_SERVER_URL=https://hcl-uno-keycloak-ssl:8443/realms/uno # Specify keycloak server hostname and port
      - QUARKUS_OIDC_CLIENT_ID=uno-service
      - QUARKUS_OIDC_CREDENTIALS_SECRET=XXXXXXXXXXXXXXXXXXXXXXXXX
      - QUARKUS_OIDC_TOKEN_STATE_MANAGER_ENCRYPTION_REQUIRED=true
      - QUARKUS_OIDC_TOKEN_STATE_MANAGER_SPLIT_TOKENS=true
      - QUARKUS_OIDC_TLS_VERIFICATION=none
      - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://hcl-uno-mongodb-server:27017
      - MONGO_USER=XXXXX
      - MONGO_PASSWORD=XXXXX
      #  - UNO_MICROSERVICE_JWT_EXPIRATION_DURATION=PT10M
      #  - UNO_MICROSERVICE_APIKEY_LIFESPAN_WARNING_DAYS=5
      #  - BULKHEAD_VALUE=12
      #  - BULKHEAD_WAITINGTASKQUEUE=12
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "8441:8443" #HTTPS
    #  - "7777:7777" #DEBUG
    container_name: "hcl-uno-console"
    hostname: hcl-uno-console
    volumes:
      - ./security/certs:/security/certs
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
      - ./engines:/config/engines
    networks:
      - hcl-uno-ms-network
 
  hcl-uno-gateway:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-gateway:1.1.2.0
    environment:
      - UNO_GATEWAY_ENABLE_OPENAPI_FOR_V1=false # ONLY FOR DEV AND TEST USE - DON'T EXPOSE IN PRODUCTION
      - QUARKUS_OIDC_CONNECTION_TIMEOUT=PT1M
      - QUARKUS_OIDC_TENANT_ENABLED=false
      - QUARKUS_OIDC_AUTH_SERVER_URL=https://hcl-uno-keycloak-ssl:8443/realms/uno # Specify keycloak server hostname and port
      - QUARKUS_OIDC_CLIENT_ID=uno-service
      - QUARKUS_OIDC_CREDENTIALS_SECRET=XXXXXXXXXX
      - QUARKUS_OIDC_TOKEN_STATE_MANAGER_ENCRYPTION_REQUIRED=true
      - QUARKUS_OIDC_TOKEN_STATE_MANAGER_SPLIT_TOKENS=true
      - QUARKUS_OIDC_TLS_VERIFICATION=none
      - UNO_REFRESH_INTERVAL_SECONDS=60
    #  - UNO_MICROSERVICE_JWT_EXPIRATION_DURATION=PT10M
    #  - UNO_MICROSERVICE_APIKEY_LIFESPAN_WARNING_DAYS=5
    #  - BULKHEAD_VALUE=12
    #  - BULKHEAD_WAITINGTASKQUEUE=12
      - JAVA_MEM=-Xms32m -Xmx256m
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "8442:8443" #HTTPS
    #  - "7777:7777" #DEBUG
    container_name: "hcl-uno-gateway"
    hostname: hcl-uno-gateway
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
    networks:
      - hcl-uno-ms-network
 
  hcl-uno-audit:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-audit:1.1.2.0
    environment:
      - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://hcl-uno-mongodb-server:27017
      - MONGO_USER=XXXXXXX
      - MONGO_PASSWORD=XXXXXXX
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "8084:8443" #HTTPS
    container_name: "hcl-uno-audit"
    hostname: hcl-uno-audit
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
    networks:
      - hcl-uno-ms-network
 
  hcl-uno-toolbox:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-toolbox:1.1.2.0
    environment:
      - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://hcl-uno-mongodb-server:27017
      - MONGO_USER=XXXXXX
      - MONGO_PASSWORD=XXXXXX
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "8491:8443" #HTTPS
    container_name: "hcl-uno-toolbox"
    hostname: hcl-uno-toolbox
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
    networks:
      - hcl-uno-ms-network
 
  hcl-uno-timer:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-timer:1.1.2.0
    environment:
      - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://hcl-uno-mongodb-server:27017
      - MONGO_USER=XXXXXX
      - MONGO_PASSWORD=XXXXXX
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "8877:8443" #HTTPS
    container_name: "hcl-uno-timer"
    hostname: hcl-uno-timer
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
    networks:
      - hcl-uno-ms-network
 
  hcl-uno-orchestrator:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-orchestrator:1.1.2.0
    environment:
      - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://hcl-uno-mongodb-server:27017
      - MONGO_USER=XXXXXX
      - MONGO_PASSWORD=XXXXXX
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "8445:8443" #HTTPS
      #- "7778:7778"
    container_name: "hcl-uno-orchestrator"
    hostname: hcl-uno-orchestrator
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
    networks:
      - hcl-uno-ms-network
 
  hcl-uno-scheduler:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-scheduler:1.1.2.0
    environment:
      - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://hcl-uno-mongodb-server:27017
      - MONGO_USER=XXXXX
      - MONGO_PASSWORD=XXXXX
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "8446:8443" #HTTPS
    container_name: "hcl-uno-scheduler"
    hostname: hcl-uno-scheduler
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
    networks:
      - hcl-uno-ms-network
 
  hcl-uno-agentmanager:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-agentmanager:1.1.2.0
    environment:
      - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://hcl-uno-mongodb-server:27017
      - MONGO_USER=XXXXX
      - MONGO_PASSWORD=XXXXX
      - JAVA_MEM=-Xms32m -Xmx256m
      - UNO_GATEWAY_PUBLIC_HOST=hcl-uno-gateway
      - UNO_GATEWAY_PRIVATE_HOST=hcl-uno-gateway
      - UNO_GATEWAY_PUBLIC_PORT=8443
      - UNO_GATEWAY_PRIVATE_PORT=8443
    #     - UNO_PLUGINS_STORE_LOCATION=/storage
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "9440:8443" #HTTPS
      #- "7777:7777" #DEBUG
    container_name: "hcl-uno-agentmanager"
    hostname: hcl-uno-agentmanager
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
      - ./security/maestro-public-key.pem:/security/maestro-public-key.pem
    networks:
      - hcl-uno-ms-network
 
  hcl-uno-executor:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-executor:1.1.2.0
    environment:
      - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://hcl-uno-mongodb-server:27017
      - MONGO_USER=XXXXX
      - MONGO_PASSWORD=XXXXX
      - JAVA_MEM=-Xms32m -Xmx256m
    #  - UNO_PLUGINS_STORE_LOCATION=/storage
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "9455:8443" #HTTPS
      #- "7777:7777" #DEBUG
    container_name: "hcl-uno-executor"
    hostname: hcl-uno-executor
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
    networks:
      - hcl-uno-ms-network
 
  hcl-uno-eventmanager:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-eventmanager:1.1.2.0
    environment:
      - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://hcl-uno-mongodb-server:27017
      - MONGO_USER=XXXXX
      - MONGO_PASSWORD=XXXXX
      - JAVA_MEM=-Xms32m -Xmx256m
      # - UNO_EVENT_MANAGER_PLUGINS_STORAGE_LOCATION=/storage
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "8458:8443" #HTTPS
      #- "7777:7777" #DEBUG
    container_name: "hcl-uno-eventmanager"
    hostname: hcl-uno-eventmanager
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
    networks:
      - hcl-uno-ms-network
 
 
  hcl-uno-iaa:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-iaa:1.1.2.0
    environment:
      - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://hcl-uno-mongodb-server:27017
      - MONGO_USER=XXXXX
      - MONGO_PASSWORD=XXXXX
      # Represents how often the iaa service will remove from the database api keys which token has never been created after the specified timeout
      # - UNO_PENDING_APIKEYS_CLEANUP_FREQUENCY=5m
      # - UNO_PENDING_APIKEYS_CLEANUP_TIMEOUT=15m # Maximum allowed value is 1d
      # - UNO_AUTHENTICATION_CONSOLE_HOSTNAME=my-auth-url
      # - UNO_AUTHENTICATION_CONSOLE_PORT=443
      # - UNO_AUTHENTICATION_OIDC_ENABLE=true
      # - UNO_AUTHENTICATION_ON_FAIL_USE_OIDC=false
      # - UNO_MICROSERVICE_APIKEY_LIFESPAN_WARNING_DAYS=5
      # - UNO_MICROSERVICE_APIKEY_PERSONAL_EXPIRATION_DURATION=P365D
      # - UNO_MICROSERVICE_APIKEY_SERVICE_EXPIRATION_DURATION=P365D
      # - UNO_GROUPS_CACHE_EXPIRATION_DURATION=P30D
      - UNO_EXTERNAL_NGINX_URL=http://hcl-uno-externalpod:8080
      - UNO_AUTHENTICATION_API_HOSTNAME=hcl-uno-gateway # Specify gateway hostname
      - UNO_AUTHENTICATION_API_PORT=8443 # Specify gateway port
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "8483:8443" #HTTPS
    container_name: "hcl-uno-iaa"
    hostname: hcl-uno-iaa
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
    networks:
      - hcl-uno-ms-network
 
  hcl-uno-storage:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-storage:1.1.2.0
    environment:
      - QUARKUS_MONGODB_CONNECTION_STRING=mongodb://hcl-uno-mongodb-server:27017
      - MONGO_USER=XXXXX
      - MONGO_PASSWORD=XXXXX
      - JAVA_MEM=-Xms32m -Xmx512m
      - QUARKUS_HTTP_LIMITS_MAX_BODY_SIZE=100M
    #  - UNO_STORAGE_TYPE=filesystem #Storage provider
    #  - UNO_FILESYSTEM_BASE_PATH=/storage #Base path to store files
    #  - UNO_FILESYSTEM_DIR_LENGTH=1 #Max length for names of storage subdirs
    #  - UNO_FILESYSTEM_FILE_EXTENSION=.dat #File extension used when saving documents
    #  - UNO_FILESYSTEM_DIGEST_ALGORITHM=MD5 #Algorithm used for checksum evaluation (MD5 | SHA1)
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "8470:8443" #HTTPS
    container_name: "hcl-uno-storage"
    hostname: hcl-uno-storage
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
    networks:
      - hcl-uno-ms-network
 
 
  hcl-uno-externalpod:
    env_file:
      - uno.env
    image: wa-registry.prod.hclpnp.com/maestro-dev/hcl-uno-external-pod:1.1.2.0
    #Enable to get HWA packages image
    #image: wa-registry.prod.hclpnp.com/wa-dev/hcl-workload-automation-packages:10.2.2.00
    environment:
      - PACKAGES_URL=http://hcl-uno-externalpod:8080/
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "8450:8080" #HTTPS
    container_name: "hcl-uno-externalpod"
    hostname: hcl-uno-externalpod
    volumes:
      - ./security/certs:/security/certs
      - ./security/ext_agt_depot:/security/ext_agt_depot
      - ./security/jwt:/security/jwt
      - ./security/TWSServerTrustFile.pem:/security/TWSServerTrustFile.pem
    networks:
      - hcl-uno-ms-network
 

  hcl-uno-ms-network:
    name: hcl-uno-ms-network
 
docker-compose-auth-kafka.yml File
 
The kafka yaml would look as below :
 
 
 
 
 
version: '3.5'

 
  hcl-uno-kafka-broker-0:
    image: 'bitnami/kafka:3.4.0'
    container_name: "hcl-uno-kafka-0"
    ports:
      - "9092:9092"
    environment:
      KAFKA_CFG_PROCESS_ROLES: 'broker,controller'
      KAFKA_CFG_CONTROLLER_LISTENER_NAMES: 'CONTROLLER'
      KAFKA_CFG_LISTENERS: 'SASL_SSL://hcl-uno-kafka-0:9092,CONTROLLER://hcl-uno-kafka-0:9093,PLAINTEXT://hcl-uno-kafka-0:9094'
      KAFKA_ADVERTISED_LISTENERS: 'SASL_SSL://hcl-uno-kafka-0:9092,PLAINTEXT://hcl-uno-kafka-0:9094'
      KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP: 'SASL_SSL:SASL_SSL,CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT'
      KAFKA_CFG_BROKER_ID: 1
      KAFKA_CFG_CONTROLLER_QUORUM_VOTERS: '1@hcl-uno-kafka-0:9093,2@hcl-uno-kafka-1:9093,3@hcl-uno-kafka-2:9093'
      KAFKA_CFG_CONTROLLER_LISTENER_NAME: 'CONTROLLER'
      KAFKA_KRAFT_CLUSTER_ID: 'r4zt_wrqTRuT7W2NJsB_GA'
      KAFKA_CFG_NODE_ID: 1
      KAFKA_TLS_TYPE: 'JKS'
      KAFKA_CFG_SASL_ENABLED_MECHANISMS: 'PLAIN'
      KAFKA_CFG_INTER_BROKER_LISTENER_NAME: 'PLAINTEXT'
      KAFKA_CFG_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: ''
      KAFKA_CFG_SSL_KEYSTORE_LOCATION: 'C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\certs\keystore\kafka.keystore.jks'
      KAFKA_CFG_SSL_KEYSTORE_PASSWORD: 'XXXXXX'
      KAFKA_CERTIFICATE_PASSWORD: 'XXXXXX'
      KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: 'true'
   
    volumes:
      - hcl-uno-kafka-broker-0-data:/bitnami/kafka/data
      - 'C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\certs\keystore\kafka.keystore.jks:C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\certs\keystore\kafka.keystore.jks:ro'
      - 'C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\certs\truststore\kafka.truststore.jks:C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\certs\truststore\kafka.truststore.jks:ro'
      - 'C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\kafka_jaas.conf:C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\kafka_jaas.conf:ro'
    networks:
      - hcl-uno-ms-network
  hcl-uno-kafka-broker-1:
    image: 'bitnami/kafka:3.4.0'
    container_name: "hcl-uno-kafka-1"
    ports:
      - "9093:9092"
    environment:
      KAFKA_CFG_PROCESS_ROLES: 'broker,controller'
      KAFKA_CFG_CONTROLLER_LISTENER_NAMES: 'CONTROLLER'
      KAFKA_CFG_LISTENERS: 'SASL_SSL://hcl-uno-kafka-1:9092,CONTROLLER://hcl-uno-kafka-1:9093,PLAINTEXT://hcl-uno-kafka-1:9094'
      KAFKA_ADVERTISED_LISTENERS: 'SASL_SSL://hcl-uno-kafka-1:9092,PLAINTEXT://hcl-uno-kafka-1:9094'
      KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP: 'SASL_SSL:SASL_SSL,CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT'
      KAFKA_CFG_BROKER_ID: 2
      KAFKA_CFG_CONTROLLER_QUORUM_VOTERS: '1@hcl-uno-kafka-0:9093,2@hcl-uno-kafka-1:9093,3@hcl-uno-kafka-2:9093'
      KAFKA_CFG_CONTROLLER_LISTENER_NAME: 'CONTROLLER'
      KAFKA_KRAFT_CLUSTER_ID: 'r4zt_wrqTRuT7W2NJsB_GA'
      KAFKA_CFG_NODE_ID: 2
      KAFKA_TLS_TYPE: 'JKS'
      KAFKA_CFG_SASL_ENABLED_MECHANISMS: 'PLAIN'
      KAFKA_CFG_INTER_BROKER_LISTENER_NAME: 'PLAINTEXT'
      KAFKA_CFG_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: ''
      KAFKA_CFG_SSL_KEYSTORE_LOCATION: '/opt/bitnami/kafka/config/certs/kafka.keystore.jks'
      KAFKA_CFG_SSL_KEYSTORE_PASSWORD: 'XXXXXX'
      KAFKA_CERTIFICATE_PASSWORD: 'XXXXXX'
      KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: 'true'
    volumes:
      - hcl-uno-kafka-broker-1-data:/bitnami/kafka/data
      - 'C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\certs\keystore\kafka.keystore.jks:C:\Users\sriram-v\Documents\UnO\kafka\kraft\certs\keystore\kafka.keystore.jks:ro'
      - 'C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\certs\truststore\kafka.truststore.jks:C:\Users\sriram-v\Documents\UnO\kafka\kraft\certs\truststore\kafka.truststore.jks:ro'
      - 'C:\Users\sriram-v\Documents\UnO\kafka\kraft\kafka_jaas.conf:C:\Users\sriram-v\Documents\UnO\kafka\kraft\kafka_jaas.conf:ro'
    networks:
      - hcl-uno-ms-network
 
  hcl-uno-kafka-broker-2:
    image: 'bitnami/kafka:3.4.0'
    container_name: "hcl-uno-kafka-2"
    ports:
      - "9094:9092"
    environment:
      KAFKA_CFG_PROCESS_ROLES: 'broker,controller'
      KAFKA_CFG_CONTROLLER_LISTENER_NAMES: 'CONTROLLER'
      KAFKA_CFG_LISTENERS: 'SASL_SSL://hcl-uno-kafka-2:9092,CONTROLLER://hcl-uno-kafka-2:9093,PLAINTEXT://hcl-uno-kafka-2:9094'
      KAFKA_ADVERTISED_LISTENERS: 'SASL_SSL://hcl-uno-kafka-2:9092,PLAINTEXT://hcl-uno-kafka-2:9094'
      KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP: 'SASL_SSL:SASL_SSL,CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT'
      KAFKA_CFG_BROKER_ID: 3
      KAFKA_CFG_CONTROLLER_QUORUM_VOTERS: '1@hcl-uno-kafka-0:9093,2@hcl-uno-kafka-1:9093,3@hcl-uno-kafka-2:9093'
      KAFKA_CFG_CONTROLLER_LISTENER_NAME: 'CONTROLLER'
      KAFKA_KRAFT_CLUSTER_ID: 'r4zt_wrqTRuT7W2NJsB_GA'
      KAFKA_CFG_NODE_ID: 3
      KAFKA_TLS_TYPE: 'JKS'
      KAFKA_CFG_SASL_ENABLED_MECHANISMS: 'PLAIN'
      KAFKA_CFG_INTER_BROKER_LISTENER_NAME: 'PLAINTEXT'
      KAFKA_CFG_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM: ''
      KAFKA_CFG_SSL_KEYSTORE_LOCATION: '/opt/bitnami/kafka/config/certs/kafka.keystore.jks'
      KAFKA_CFG_SSL_KEYSTORE_PASSWORD: 'XXXXXX'
      KAFKA_CERTIFICATE_PASSWORD: 'XXXXXX'
      KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: 'true'
    volumes:
      - hcl-uno-kafka-broker-2-data:/bitnami/kafka/data
      - 'C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\certs\keystore\kafka.keystore.jks:C:\Program Files\kafka\kraft\certs\keystore\kafka.keystore.jks:ro'
      - 'C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\certs\truststore\kafka.truststore.jks:C:\Program Files\kafka\kraft\certs\truststore\kafka.truststore.jks:ro'
      - 'C:\Users\sriram-v\Documents\UnO\kafka\kafka\kraft\kafka_jaas.conf:C:\Program Files\bitnami\kafka\config\kafka_jaas.conf:ro'
    networks:
      - hcl-uno-ms-network

  hcl-uno-kafka-broker-0-data:
  hcl-uno-kafka-broker-1-data:
  hcl-uno-kafka-broker-2-data:
 

  hcl-uno-ms-network:
    name: hcl-uno-ms-network
   
 
 
docker-compose-mongo.yml File
The docker-compose-mongo.yml would look as below :
version: '3.5'
services:
 
  # ---------------------------------------------------------------------------------------
  # UnO Microservices MongoDB NoSQl storage
  # ---------------------------------------------------------------------------------------
 
  # MongoDB single instance server
  hcl-uno-mongodb-server:
    container_name: hcl-uno-mongodb-server
    image: mongo:latest
    command: mongod --config C:\Windows\System32\drivers\etc\mongod.conf
    ports:
      - "27017:27017"
    restart: always
    environment:
      MONGO_INITDB_ROOT_USERNAME: XXXXXXXXXXXX
      MONGO_INITDB_ROOT_PASSWORD: XXXXXXXXXXXX
    networks:
      - hcl-uno-ms-network
    volumes:
      - hcl-uno-mongo-data:/data/db
      - C:\Users\sriram-v\Documents\UnO\mongo\mongod.conf:C:\Windows\System32\drivers\etc\mongod.conf
      - C:\Users\sriram-v\Documents\UnO\mongotls.pem:C:\Windows\System32\drivers\etc\ssl\mongodb.pem
 
  # MongoDB web console
#  hcl-uno-mongo-express:
#    container_name: hcl-uno-dev-mongodb-express
#    image: mongo-express
#    restart: always
#    environment:
#      - ME_CONFIG_MONGODB_SERVER=hcl-uno-mongodb-server
#      - ME_CONFIG_MONGODB_PORT=27017
#      - ME_CONFIG_MONGODB_ENABLE_ADMIN=true
#      - ME_CONFIG_MONGODB_AUTH_DATABASE=admin
#      - ME_CONFIG_MONGODB_AUTH_USERNAME=${MONGO_ROOT_USER:-wauser}
#      - ME_CONFIG_MONGODB_AUTH_PASSWORD=${MONGO_ROOT_PASSWORD:-wauser}
#      - ME_CONFIG_SITE_SSL_ENABLED=true
     # - ME_CONFIG_SITE_SSL_CRT_PATH=/etc/ssl/tls.crt
     # - ME_CONFIG_SITE_SSL_KEY_PATH=/etc/ssl/ca.key
#      - ME_CONFIG_SITE_SSL_KEY_PATH=/etc/ssl/tls.pem
      #- ME_CONFIG_BASICAUTH_USERNAME=${MONGOEXPRESS_LOGIN}
      #- ME_CONFIG_BASICAUTH_PASSWORD=${MONGOEXPRESS_PASSWORD}
#    depends_on:
#      - hcl-uno-mongodb-server
#    ports:
#      - "8082:8081"
#    volumes:
#      - ./security/certs/tls.crt:/etc/ssl/tls.crt
#      - ./security/certs/tls.key:/etc/ssl/ca.key
#      - ./security/certs/tls.pem:/etc/ssl/ca.pem
#    networks:
#      - hcl-uno-ms-network
 
networks:
  hcl-uno-ms-network:
    name: hcl-uno-ms-network
volumes:
  hcl-uno-mongo-data:
 
docker-compose-wa-console-standard.yml :
 
Below is how the docker-compose-wa-console-standard.yml would look like :
 
version: '3.5'

 
  # ---------------------------------------------------------------------------------------
  # Workload automation Console Legacy
  # ---------------------------------------------------------------------------------------
 
  hcl-uno-console:
    env_file:
      - uno.env
    environment:
      - DB_TYPE=DERBY
      - ENGINE_HOSTNAME=hcl-uno-gateway # The host name or IP address of the engine (DO NOT TOUCH)
      - ENGINE_PORT=8443
      - IS_UNO=true
      - ENGINE_TYPE=uno
      - SSL_PASSWORD=XXXXXXX
      - PACKAGES_URL=http://hcl-uno-externalpod:8080/packages.json
    image: wa-registry.prod.hclpnp.com/wa-dev/hcl-workload-automation-console:10.2.0.00
 
    ports: # port mapping "external:internal". Internal ports are predefined.
      - "9433:9443" #HTTPS DWC
    container_name: "hcl-uno-console"
    hostname: hcl-uno-console
    networks:
      - hcl-uno-ms-network
    volumes:
      - hcl-uno-console-data:/home/wauser
      - C:\Users\sriram-v\Documents\UnO\security\certsDwc:/opt/wautils/certs
      - C:\Users\sriram-v\Documents\UnO\waconsole\security\liberty:/opt/wautils/dropins
 

  hcl-uno-console-data:

  hcl-uno-ms-network:
    name: hcl-uno-ms-network
 
 
Installation :
 
Installation command would be one single command as follows :
 
docker-compose -f docker-compose-ms-harbor.yml -f docker-compose-auth-kafka.yml -f docker-compose-mongo.yml -f waconsole/docker-compose-wa-console-standard.yml up -d
 
~/UNO# docker-compose -f docker-compose-ms-harbor.yml -f docker-compose-auth-kafka.yml -f docker-compose-mongo.yml -f waconsole/docker-compose-wa-console-standard.yml up -d
[+] Running 29/29

•   hcl-uno-console 28 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                        71.7s
•    c2f139282d74 Pull complete                                                                                            8.0s
•    ad414a888d43 Pull complete                                                                                            8.3s
•    33ea847667c8 Pull complete                                                                                            8.6s
•    c9aa5a4baf40 Pull complete                                                                                           10.6s
•    05f6ca9d4ff4 Pull complete                                                                                           10.6s
•    4d579952aca4 Pull complete                                                                                           10.7s
•    23efee06f2af Pull complete                                                                                           10.8s
•    f73c99fd0430 Pull complete                                                                                           10.8s
•    76af70813a4a Pull complete                                                                                           10.9s
•    e48552ddc8ef Pull complete                                                                                           11.1s
•    e3999567629d Pull complete                                                                                           11.4s
•    2b969b8cc8c9 Pull complete                                                                                           11.6s
•    e48a204e7e62 Pull complete                                                                                           11.8s
•    3bacacd46211 Pull complete                                                                                           12.1s
•    18c5f0ead31d Pull complete                                                                                           12.3s
•    4a06e4244940 Pull complete                                                                                           12.5s
•    69b7943f2360 Pull complete                                                                                           13.4s
•    3a383b7d9a6b Pull complete                                                                                           13.6s
•    b435dfb60600 Pull complete                                                                                           24.3s
•    a56f178b6fc6 Pull complete                                                                                           24.5s
•    dcd15ea4977e Pull complete                                                                                           25.0s
•    589ecd88948b Pull complete                                                                                           25.2s
•    5254487102cb Pull complete                                                                                           25.5s
•    925b28d0634b Pull complete                                                                                           25.8s
•    15851995e01b Pull complete                                                                                           25.9s
•    98ae2d1bbbbb Pull complete                                                                                           69.3s
•    7f57fd5f3043 Pull complete                                                                                           69.5s
•    fd1eb8d733f4 Pull complete                                                                                           69.8s

[+] Running 17/17

•   Volume "uno_hcl-uno-console-data"  Created                                                                              0.0s
•   Container hcl-uno-timer            Started                                                                             20.5s
•   Container hcl-uno-scheduler        Started                                                                             17.5s
•   Container hcl-uno-executor         Started                                                                             18.4s
•   Container hcl-uno-storage          Started                                                                             18.2s
•   Container hcl-uno-console          Started                                                                             18.4s
•   Container hcl-uno-toolbox          Started                                                                             17.8s
•   Container hcl-uno-kafka-1          Started                                                                             19.5s
•   Container hcl-uno-kafka-2          Started                                                                             20.3s
•   Container hcl-uno-audit            Started                                                                             19.2s
•   Container hcl-uno-mongodb-server   Started                                                                             20.3s
•   Container hcl-uno-agentmanager     Started                                                                             17.9s
•   Container hcl-uno-gateway          Started                                                                             19.3s
•   Container hcl-uno-kafka-0          Started                                                                             17.5s
•   Container hcl-uno-iaa              Started                                                                             19.5s
•   Container hcl-uno-externalpod      Started                                                                             19.2s
•   Container hcl-uno-orchestrator     Started                                                                             19.9s

 
 

---

Sriram V, Technical Architect, HCL Technologies
​
I am a Veteran on Workload Automation with about 16 years of experience and have donned many hats such as : SaaS Product Support , Migration Consultant , Country SME ,Subject Matter Expert over the years in IBM and HCL , lately I am focused on the Tech Sales side as a Technical Architect on the Product. ​