GroundWork 8 has default settings that will work for most environments, however there are some adjustment you can make, and may need to make, to allow it to be used in one or more of your networks. Various settings can be specified in the following configuration files in the gw8 directory.

gw8.env

Timezone

  • The TZ  variable sets the timezone for the cron job schedule. The default is Etc/UTC if not set. The format is the same as the Linux Timezone setting, e.g.,:

    America/New_York
    America/Chicago
    America/Denver
    America/Phoenix
    America/Los_Angeles
  • For example, to set the time zone to the West Coast of the USA, from the gw8 directory change the line in gw8.env file to:

    GW8_TZ=America/Los_Angeles

docker-compose.yml

The primary configuration file for GroundWork 8 is docker-compose.yml, however, this file should never be edited. It  

There is a way to override all the available options on running containers, which is the docker-compose.override.yml file. As the name implies, any settable option for a container can be set there, and it's fine to edit it as long as you know what you are doing and are aware of the consequences.  

While it's not ok to edit docker-compose.yml, you can, in some circumstances, replace it. One particular circumstance can arise with GroundWork 8.2.0 and above where this makes sense. If you installed with the default container set, you will be running Logstash, Curator, Kibana and Elasticsearch. These containers are in support of the use of Elastic in GroundWork 8, which is an example of the powerful TCG Elastic connector. In production you may wish to disable these containers. 

While installing 8.2.1 will afford you the opportunity to disable (or enable) these containers and several others, you may want to disable them after installing. The attached file docker-compose.yml.default.8.2.0.no-ELK can be used to replace the 8.2.0 version of docker-compose.yaml.

Simply save your existing copy, and download this one. Then stop GroundWork, and copy it into the gw8 directory as docker-compose.yml, and restart. 

docker-compose.override.yml

Subnet used by the GW8 containers

  • The networking settings are designed to avoid conflicts in your networking setup. If you use the 172.16.0.0/12 subnet anywhere internally, you will want to make sure there isn't a conflict with the subnet used by Docker. You may not be able to use the system until you correct this conflict. You may adjust it in the docker-compose.override.yml file by specifying the subnet used by the GroundWork 8 containers. See the comments in the file for details. This file is in the gw8 directory.

Postgres InfluxDB ports

  • GroundWork Monitor 8.1.0 and later will ship with only ports 80, 443, and 5667 NSCA open. In some cases you may want direct access to Postgres and/or InfluxDB, for example if you want to use InfluxDB for reporting data from a reporting designer. Port settings are specified in the docker-compose.yml file, but editing this file is not supported, and in fact is highly discouraged. To close or open InfluxDB or PostgreSQL ports, edit the docker-compose.override.yml file in the gw8 directory. Removing # will open the indicated ports:

    influxdb:
       # ports:
         # - "8086:8086"   # InfluxDB
    pg:
      # ports:
         # - "5432:5432"   # PostgreSQL
    
    
  • After making changes to docker-compose-override.yml, you must restart the GroundWork containers with the following: 

    docker-compose down
    CODE
    docker-compose up -d
    CODE

If you expose these ports, you should be prepared to manage the PostgreSQL/InfluxDB security administration. This primarily means password and identity management on these databases, which you can do as you would any postgres or influxdb system. In some cases it may require configuring firewalls on the host or its network. 

Adding Custom Host DNS Entries

Sometimes it is convenient to add an entry to the local /etc/hosts file on your linux system to map a name to an address without accessing the local DNS server. While this isn't really good practice except in very specific cases (such as a DR or Standby system), it is sometimes unavoidable. 

In Docker, the containers don't generally parse the /etc/hosts file on the host system. This means you may need a way to tell the container about a host-address mapping in the container network context. You can do this in the docker-compose.override.yml file, by using the extra_hosts directive. For example, to add a host called "mydrhost" to be resolvable a 192.168.4.55 to the monarch container, you would to this:

  1. On the command line of your GroundWork server, go to the gw8 directory and edit the docker-compose.override.yml file:  

    cd gw8
    vi docker-compose.override.yml
  2.  In the services: section add (or edit an existing) monarch section, and add an extra_hosts parameter: 

      monarch:
        extra_hosts:
        - "myderhost:192.168.4.55"
  3. Save the file and restart GroundWork:

    docker-compose down
    docker-compose up -d

    Of course, the change you make will only be effective in the container whose service you specify. If you need a host to be available in all containers, add an extra_hosts parameter to every service.  

Related Resources