In [None]:
%%bash
set -euo pipefail
cd "$(dirname "$(dirname "$PWD")")"
source scripts/bin/setup_project_env.sh
ssh -o StrictHostKeyChecking=accept-new bastion-host 'true'
ssh -o StrictHostKeyChecking=accept-new swarm-manager 'hostname'
docker info --format 'Name: {{.Name}} | Swarm: {{.Swarm.LocalNodeState}}'


# Deploy Monitoring (Prometheus/Grafana) and Logging (Loki/Promtail)

### 사전 준비
1. `source scripts/bin/setup_project_env.sh`
2. `export DOCKER_HOST="ssh://swarm-manager"`
3. 필요 시 포트 포워딩: `ssh -N -L 9090:localhost:9090 -L 3000:localhost:3000 -L 3100:localhost:3100 swarm-manager`

### 1. 네트워크 생성

In [None]:
%%bash
export DOCKER_HOST="ssh://swarm-manager"
docker network create --driver overlay monitoring_net 2>/dev/null || true
docker network create --driver overlay logging_net 2>/dev/null || true

### 2. 모니터링 스택 배포 (Prometheus + Grafana)

In [13]:
%%bash
set -euxo pipefail
cd "$(dirname "$(dirname "$PWD")")"
source scripts/bin/setup_project_env.sh
STACK_FILE="02-operations/monitoring/stack.yml"
docker stack deploy -c "$STACK_FILE" monitoring


+++ dirname /home/aki/STUDY/ANSIBLE/AWS-ANSIBLE-DockerSwarm/04-runtime/notebooks
++ dirname /home/aki/STUDY/ANSIBLE/AWS-ANSIBLE-DockerSwarm/04-runtime
+ cd /home/aki/STUDY/ANSIBLE/AWS-ANSIBLE-DockerSwarm
+ source scripts/bin/setup_project_env.sh
++ echo
++ echo ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
++ echo '🔹 Step 0: Initialize'
++ echo ━━━━━━━━━━━━━━━━━━━━━━���━━━━━━━━━━━━━━━━━━━━━
++++ dirname -- scripts/bin/setup_project_env.sh



━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔹 Step 0: Initialize
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━


+++ cd -- scripts/bin
+++ pwd
++ SCRIPT_DIR=/home/aki/STUDY/ANSIBLE/AWS-ANSIBLE-DockerSwarm/scripts/bin
+++ cd /home/aki/STUDY/ANSIBLE/AWS-ANSIBLE-DockerSwarm/scripts/bin/../..
+++ pwd
++ PROJECT_ROOT=/home/aki/STUDY/ANSIBLE/AWS-ANSIBLE-DockerSwarm
++ TERRAFORM_ENVIRONMENT=production
++ echo 'Setting up project environment (Terraform env: production)...'
+++ cd /home/aki/STUDY/ANSIBLE/AWS-ANSIBLE-DockerSwarm/01-infrastructure/terraform/envs/production
+++ pwd
++ TERRAFORM_DIR=/home/aki/STUDY/ANSIBLE/AWS-ANSIBLE-DockerSwarm/01-infrastructure/terraform/envs/production
++ '[' -z /home/aki/STUDY/ANSIBLE/AWS-ANSIBLE-DockerSwarm/01-infrastructure/terraform/envs/production ']'
++ '[' '!' -d /home/aki/STUDY/ANSIBLE/AWS-ANSIBLE-DockerSwarm/01-infrastructure/terraform/envs/production ']'
++ command -v python3
++ echo
++ echo ━━━━━━━━━━━━━━━━━━━━━━━━���━━━━━━━━━━━━━━━━━━━
++ echo '🔹 Step 1: Export Terraform outputs'
++ echo ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+++ python3 - /home/aki/STUD

Setting up project environment (Terraform env: production)...

━━━━━━━━━━━━���━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔹 Step 1: Export Terraform outputs
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━


++ terraform_values='3.34.245.190
~/.aws/key/test_key.pem
10.0.101.10
10.0.102.10 10.0.101.11'
++ status=0
++ '[' 0 -ne 0 ']'
++ mapfile -t _tf_lines
++ BASTION_PUBLIC_IP=3.34.245.190
++ SSH_KEY_PATH='~/.aws/key/test_key.pem'
++ MANAGER_PRIVATE_IP=10.0.101.10
++ WORKER_PRIVATE_IPS='10.0.102.10 10.0.101.11'
++ '[' -z 3.34.245.190 ']'
++ '[' -z '~/.aws/key/test_key.pem' ']'
++ '[' -z 10.0.101.10 ']'
+++ eval echo '~/.aws/key/test_key.pem'
++++ echo /home/aki/.aws/key/test_key.pem
++ SSH_KEY_PATH=/home/aki/.aws/key/test_key.pem
+++ echo '10.0.102.10 10.0.101.11'
++ WORKER_PRIVATE_IPS='10.0.102.10 10.0.101.11'
++ echo '✅ BASTION_PUBLIC_IP=3.34.245.190'
++ echo '✅ SSH_KEY_PATH=/home/aki/.aws/key/test_key.pem'
++ echo '✅ MANAGER_PRIVATE_IP=10.0.101.10'
++ '[' -n '10.0.102.10 10.0.101.11' ']'
++ echo '✅ WORKER_PRIVATE_IPS=10.0.102.10 10.0.101.11'
++ export BASTION_PUBLIC_IP SSH_KEY_PATH MANAGER_PRIVATE_IP WORKER_PRIVATE_IPS
++ echo
++ echo ━━━��━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
++ echo

✅ BASTION_PUBLIC_IP=3.34.245.190
✅ SSH_KEY_PATH=/home/aki/.aws/key/test_key.pem
✅ MANAGER_PRIVATE_IP=10.0.101.10
✅ WORKER_PRIVATE_IPS=10.0.102.10 10.0.101.11

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔹 Step 1.5: Cleanup old SSH host keys
━━━━━━━━━━━━━━━━━━━��━━━━━━━━━━━━━━━━━━━━━━━━
# Host 3.34.245.190 found: line 77
# Host 3.34.245.190 found: line 78
# Host 3.34.245.190 found: line 79
/home/aki/.ssh/known_hosts updated.
Original contents retained as /home/aki/.ssh/known_hosts.old


++ ssh-keygen -R bastion-host
++ ssh-keygen -R 10.0.101.10
++ ssh-keygen -R swarm-manager
++ worker_index=1
++ for ip in $WORKER_PRIVATE_IPS
++ ssh-keygen -R 10.0.102.10
++ ssh-keygen -R worker1
++ worker_index=2
++ for ip in $WORKER_PRIVATE_IPS
++ ssh-keygen -R 10.0.101.11
++ ssh-keygen -R worker2
++ worker_index=3
++ echo '✅ Old SSH host keys removed from known_hosts'
++ echo
++ echo ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━���━━━━━━━
++ echo '🔹 Step 2: Configure SSH config'
++ echo ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━��━━━━━━━━━━━━━
++ SSH_CONFIG_FILE=/home/aki/.ssh/config
++ SSH_USER=ubuntu
++ MANAGED_MARKER=setup_project_env.sh
++ '[' '!' -f /home/aki/.ssh/config ']'


✅ Old SSH host keys removed from known_hosts

━━━━━━━━━━━━━━━━━���━━━━━━━━━━━━━━━━━━━━━━━━━━
🔹 Step 2: Configure SSH config
━━━━━━━━━━━━━━━━━━━━━━━━━━━━���━━━━━━━━━━━━━━━


++ add_ssh_host bastion-host 3.34.245.190 /home/aki/.aws/key/test_key.pem ''
++ local host_name=bastion-host
++ local host_ip=3.34.245.190
++ local identity_file=/home/aki/.aws/key/test_key.pem
++ local proxy_jump=
++ local 'begin_marker=# >>> setup_project_env.sh: bastion-host >>>'
++ local 'end_marker=# <<< setup_project_env.sh: bastion-host <<<'
++ grep -qF '# >>> setup_project_env.sh: bastion-host >>>' /home/aki/.ssh/config
++ sed -i '/# >>> setup_project_env.sh: bastion-host >>>/,/# <<< setup_project_env.sh: bastion-host <<</d' /home/aki/.ssh/config
++ echo '# >>> setup_project_env.sh: bastion-host >>>'
++ echo 'Host bastion-host'
++ echo '    Hostname 3.34.245.190'
++ echo '    User ubuntu'
++ echo '    IdentityFile /home/aki/.aws/key/test_key.pem'
++ '[' -n '' ']'
++ echo '# <<< setup_project_env.sh: bastion-host <<<'
++ echo
++ add_ssh_host swarm-manager 10.0.101.10 /home/aki/.aws/key/test_key.pem ubuntu@3.34.245.190
++ local host_name=swarm-manager
++ local host_ip=10.0.101.10

✅ SSH config updated with bastion, manager, and worker nodes


++ mv /tmp/tmp.taAW5MvgvX /home/aki/.ssh/config
++ chmod 600 /home/aki/.ssh/config
++ echo
++ echo ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
++ echo '🔹 Step 2.5: Register SSH known_hosts'
++ echo ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━



━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔹 Step 2.5: Register SSH known_hosts
━━━━━━━━��━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━


++ ensure_known_host bastion-host 3.34.245.190
++ local alias=bastion-host
++ local ip=3.34.245.190
++ ssh -F /home/aki/.ssh/config -o BatchMode=yes -o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=/home/aki/.ssh/known_hosts -o ConnectTimeout=15 bastion-host true
++ '[' -n 3.34.245.190 ']'
++ ssh -F /home/aki/.ssh/config -o BatchMode=yes -o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=/home/aki/.ssh/known_hosts -o HostKeyAlias=3.34.245.190 -o ConnectTimeout=15 bastion-host true
++ ensure_known_host swarm-manager 10.0.101.10
++ local alias=swarm-manager
++ local ip=10.0.101.10
++ ssh -F /home/aki/.ssh/config -o BatchMode=yes -o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=/home/aki/.ssh/known_hosts -o ConnectTimeout=15 swarm-manager true
++ true
++ '[' -n 10.0.101.10 ']'
++ ssh -F /home/aki/.ssh/config -o BatchMode=yes -o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=/home/aki/.ssh/known_hosts -o HostKeyAlias=10.0.101.10 -o ConnectTimeout=15 swarm-m

✅ Hosts added to known_hosts to avoid authenticity prompt

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔹 Step 3: SSH agent check & add key
━━━━━━━━━━━━━━━━━━━━━━���━━━━━━━━━━━━━━━━━━━━━


++ echo '⚠️ SSH agent not running. Starting ssh-agent...'


⚠️ SSH agent not running. Starting ssh-agent...


+++ ssh-agent -s
++ eval 'SSH_AUTH_SOCK=/tmp/ssh-XXXXXX2WvIjf/agent.332616; export SSH_AUTH_SOCK;
SSH_AGENT_PID=332617; export SSH_AGENT_PID;
echo Agent pid 332617;'
+++ SSH_AUTH_SOCK=/tmp/ssh-XXXXXX2WvIjf/agent.332616
+++ export SSH_AUTH_SOCK
+++ SSH_AGENT_PID=332617
+++ export SSH_AGENT_PID
+++ echo Agent pid 332617
++ ssh-add -l
+++ basename /home/aki/.aws/key/test_key.pem
++ grep -q test_key.pem
++ ssh-add /home/aki/.aws/key/test_key.pem
++ echo '✅ SSH key added to agent successfully.'
++ echo
++ echo ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
++ echo '🔹 Step 4: Docker host setup'


✅ SSH key added to agent successfully.

━━━━━━━━━━━━━━━━━━━���━━━━━━━━━━━━━━━━━━━━━━━━
🔹 Step 4: Docker host setup
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━���━━━━━━━━━━━━
✅ DOCKER_HOST set to ssh://swarm-manager


++ echo ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━��━━━━━━━━━━━━━
++ DOCKER_HOST=ssh://swarm-manager
++ export DOCKER_HOST
++ echo '✅ DOCKER_HOST set to ssh://swarm-manager'
++ echo '   (run '\''unset DOCKER_HOST'\'' to switch back to the local Docker daemon)'
++ echo
++ echo '🎉 Project environment setup complete. You can now run Ansible commands and connection scripts.'


   (run 'unset DOCKER_HOST' to switch back to the local Docker daemon)

🎉 Project environment setup complete. You can now run Ansible commands and connection scripts.


+ STACK_FILE=02-operations/monitoring/stack.yml
+ docker stack deploy -c 02-operations/monitoring/stack.yml monitoring
Since --detach=false was not specified, tasks will be created in the background.
In a future release, --detach=false will become the default.
error during connect: Get "http://docker.example.com/v1.47/info": command [ssh -o ConnectTimeout=30 -T -- swarm-manager docker system dial-stdio] has exited with exit status 255, make sure the URL is valid, and Docker 18.09 or later is installed on the remote host: stderr=ssh_askpass: exec(/usr/bin/ssh-askpass): No such file or directory
Host key verification failed.



CalledProcessError: Command 'b'set -euxo pipefail\ncd "$(dirname "$(dirname "$PWD")")"\nsource scripts/bin/setup_project_env.sh\nSTACK_FILE="02-operations/monitoring/stack.yml"\ndocker stack deploy -c "$STACK_FILE" monitoring\n'' returned non-zero exit status 1.

### 3. 로깅 스택 배포 (Loki + Promtail)

In [None]:
%%bash
export DOCKER_HOST="ssh://swarm-manager"
STACK_FILE=../02-operations/logging/stack.yml
docker stack deploy -c ${STACK_FILE} logging


### 4. 서비스 확인

In [None]:
%%bash
export DOCKER_HOST="ssh://swarm-manager"
docker service ls | grep monitoring
docker service ls | grep logging

### 5. 접속 정보
- Prometheus: http://localhost:9090
- Grafana: http://localhost:3000 (ID/PW: admin/admin)
- Loki API: http://localhost:3100
스택 제거: `docker stack rm monitoring`, `docker stack rm logging`