3.2. Installing via docker-compose

3.2.1. Pre-Installation Steps

If you would like the Dashboard to run securely and support SSL/TLS internally, then a certificate must be provided at install time to enable HTTPS. Running securely is strongly recommended for production environments.

When internal SSL (https) mode is enabled, Dashboard handles the SSL by itself without external services (i.e. proxy, ingress, ...). Dashboard will also automatically redirect any http request to https, using the provided certificate.

Placing a certificate under the alias jetty into cert/jetty.jks prior to installation will enable the Dashboard to run in SSL mode.

To generate an SSL certificate, you may create a self-signed cert or source one from a commercial vendor. We have provided examples below for self-signed and and Let's Encrypt.

Important

Keep your certificate password readily available, because you will be prompted for it during installation process.

3.2.1.1. Self-Signed

Below is an example of generating a self-signed certificate using the Java keytool command:

shell> cd /opt/continuent/software/tungsten-dashboard-8.0.1-82
shell> mkdir -p cert
shell> keytool -keysize 2048 -genkey
                -alias jetty
                -keyalg RSA
                -keystore cert/jetty.jks
                -storepass $DASHBOARD_KEYSTORE_PASSWORD
                -dname "CN=localhost, OU=Test, O=MyOrg, L=MyCity, ST=MyState, C=US"
                -ext "SAN=dns:localhost,ip:127.0.0.1"

Generating 2048-bit RSA key pair and self-signed certificate (SHA384withRSA) with a validity of 90 days
  for: CN=localhost, OU=Test, O=MyOrg, L=MyCity, ST=MyState, C=US

3.2.1.2. Let's Encrypt

Below is an example of converting an existing cert issued by Let's Encrypt using our provided tool letsencrypt2dashboard.pl, which calls the openssl and Java keytool commands:

shell> sudo ./letsencrypt2jetty.pl -d dashdev.continuent.com

Keystore file's password: tungsten
Creating `./cert/`
>>> ACTION: Converting the Let's Encrypt source files to P12 format:
SOURCE:
  /etc/letsencrypt/live/dashdev.continuent.com/fullchain.pem
  /etc/letsencrypt/live/dashdev.continuent.com/privkey.pem
TARGET
  cert/jetty.p12

SUCCESS: Generated the P12 file 'cert/jetty.p12'

>>> ACTION: Converting the P12 file to JKS format:
SOURCE
  cert/jetty.p12
TARGET
  cert/jetty.jks

Importing keystore cert/jetty.p12 to cert/jetty.jks...

SUCCESS: Generated the internal jetty cert file 'cert/jetty.jks'

shell> sudo chown -R dashboard: cert

Or:

shell> mkdir cert
shell> cp /etc/letsencrypt/live/dashdev.continuent.com/fullchain.pem cert/ 
shell> sudo cp /etc/letsencrypt/live/dashdev.continuent.com/privkey.pem cert/
shell> sudo chmod a+r cert/privkey.pem
shell> ./letsencrypt2jetty.pl -f cert/fullchain.pem -k cert/privkey.pem

Keystore file's password: tungsten
Creating `./cert/`
>>> ACTION: Converting the Let's Encrypt source files to P12 format:
SOURCE:
  ./fullchain.pem
  ./privkey.pem
TARGET
  cert/jetty.p12

SUCCESS: Generated the P12 file 'cert/jetty.p12'

>>> ACTION: Converting the P12 file to JKS format:
SOURCE
  cert/jetty.p12
TARGET
  cert/jetty.jks

Importing keystore cert/jetty.p12 to cert/jetty.jks...

SUCCESS: Generated the internal jetty cert file 'cert/jetty.jks'

3.2.2. Install Steps for docker-compose

Below is an example of installing Tungsten Dashboard using the install.pl script:

shell> cd /opt/continuent/software/tungsten-dashboard-8.0.1-82
shell> ./install.pl -d

The installation will prompt for a number of configuration items, such as usernames, passwords, whether or not to use HTTPS or not. Each prompt will provide details along with the default values.

Warning

During installation you will be asked for the DASHBOARD_SECRET, or have it auto generated for you.

It is critical that this key is stored safely as it will be required for future upgrades since it serves as the encryption key. If it is lost, then there is the possibility of losing data after upgrades.

3.2.3. Uninstall

Important

Before running the uninstall command, you MUST ensure you are in the original installation directory and the docker-compose.yml file must also exist in that directory

To uninstall Tungsten Dashboard, simply execute the following:

shell> cd <ORIGINAL INSTALL PATH>
shell> docker-compose down

or, to remove persistent volumes along with the uninstallation:

shell> cd <ORIGINAL INSTALL PATH>
shell> docker-compose down -v

Warning

When removing persistent volumes you loose the application state: application settings, application users, and connected clusters.