docker-vigil-orchestration
Docker Compose orchestration for Vigil Guard v2.0.0 microservices (11 services). Use when deploying services, managing containers, troubleshooting Docker network issues, working with vigil-net, configuring docker-compose.yml, handling service dependencies, or working with 3-branch detection services (heuristics, semantic, prompt-guard).
Best use case
docker-vigil-orchestration is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Docker Compose orchestration for Vigil Guard v2.0.0 microservices (11 services). Use when deploying services, managing containers, troubleshooting Docker network issues, working with vigil-net, configuring docker-compose.yml, handling service dependencies, or working with 3-branch detection services (heuristics, semantic, prompt-guard).
Teams using docker-vigil-orchestration should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/docker-vigil-orchestration/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How docker-vigil-orchestration Compares
| Feature / Agent | docker-vigil-orchestration | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Docker Compose orchestration for Vigil Guard v2.0.0 microservices (11 services). Use when deploying services, managing containers, troubleshooting Docker network issues, working with vigil-net, configuring docker-compose.yml, handling service dependencies, or working with 3-branch detection services (heuristics, semantic, prompt-guard).
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Docker Orchestration for Vigil Guard v2.0.0
## Overview
Multi-service Docker deployment orchestration for Vigil Guard's 3-branch parallel detection architecture with 11 microservices.
## When to Use This Skill
- Starting/stopping services
- Debugging container issues
- Managing Docker network (vigil-net)
- Modifying docker-compose.yml
- Viewing service logs
- Checking service health
- Troubleshooting port conflicts
- Understanding service dependencies
- Managing 3-branch detection services
## Service Architecture (v2.0.0)
### All Services (11 containers)
```yaml
services:
# 3-Branch Detection Engine
heuristics-service: # Branch A - Pattern detection (5005)
semantic-service: # Branch B - Embedding similarity (5006)
prompt-guard-api: # Branch C - LLM safety (8000)
# PII & Language Detection
presidio-pii-api: # Dual-language PII detection (5001)
language-detector: # Hybrid language detection (5002)
# Core Platform
n8n: # Workflow engine - 24-node pipeline (5678)
web-ui-backend: # Express API server (8787)
web-ui-frontend: # React SPA (80 internal)
# Monitoring Stack
clickhouse: # Analytics database (8123, 9000)
grafana: # Dashboards (3001)
# Infrastructure
caddy: # Reverse proxy (80, 443)
```
### Service Ports
| Service | Internal Port | External Port | Purpose |
|---------|---------------|---------------|---------|
| heuristics-service | 5005 | 5005 | Branch A detection |
| semantic-service | 5006 | 5006 | Branch B detection |
| prompt-guard-api | 8000 | 8000 | Branch C detection |
| presidio-pii-api | 5001 | 5001 | PII detection |
| language-detector | 5002 | 5002 | Language detection |
| n8n | 5678 | 5678 | Workflow engine |
| web-ui-backend | 8787 | 8787 | Config API |
| web-ui-frontend | 80 | - | React UI (via Caddy) |
| clickhouse | 8123, 9000 | 8123, 9000 | Analytics DB |
| grafana | 3000 | 3001 | Monitoring |
| caddy | 80, 443 | 80, 443 | Reverse proxy |
### Docker Network
All services communicate via `vigil-net` external network.
**Internal hostnames:**
- `heuristics-service` (Branch A)
- `semantic-service` (Branch B)
- `prompt-guard-api` (Branch C)
- `vigil-presidio-pii` or `presidio-pii-api`
- `vigil-language-detector` or `language-detector`
- `vigil-clickhouse` or `clickhouse`
- `vigil-n8n` or `n8n`
- `web-ui-backend`
- `web-ui-frontend`
## Service Dependencies (Startup Order)
```
vigil-net (network)
│
┌─────────────────────┼─────────────────────┐
│ │ │
clickhouse grafana caddy
│
├── heuristics-service
├── semantic-service (depends: clickhouse)
├── prompt-guard-api
│
├── presidio-pii-api
├── language-detector
│
└── n8n (depends: all detection services)
│
└── web-ui-backend (depends: n8n, clickhouse)
│
└── web-ui-frontend
```
## Common Commands
### Start All Services
```bash
docker-compose up -d
```
### Start Services by Function
```bash
# 3-Branch Detection only
docker-compose up -d heuristics-service semantic-service prompt-guard-api
# PII Detection only
docker-compose up -d presidio-pii-api language-detector
# Monitoring only
docker-compose up -d clickhouse grafana
# Web UI only
docker-compose up -d web-ui-backend web-ui-frontend caddy
# Workflow engine
docker-compose up -d n8n
```
### View Logs
```bash
# All services
docker-compose logs -f
# Specific service
docker-compose logs -f heuristics-service
# Last 100 lines
docker-compose logs --tail=100 n8n
# Multiple services
docker-compose logs -f heuristics-service semantic-service prompt-guard-api
```
### Restart Services
```bash
# All
docker-compose restart
# Specific
docker-compose restart heuristics-service
# 3-Branch services
docker-compose restart heuristics-service semantic-service prompt-guard-api
```
### Stop and Remove
```bash
# Stop all
docker-compose down
# Stop and remove volumes (DESTRUCTIVE!)
docker-compose down -v
```
### Rebuild After Changes
```bash
# Rebuild all
docker-compose up --build -d
# Rebuild specific
docker-compose up --build -d heuristics-service
# Rebuild with no cache
docker-compose build --no-cache heuristics-service
```
## Service Health Checks
### Check Running Containers
```bash
docker ps
# Should show 11 containers: vigil-*, heuristics-service, semantic-service, etc.
```
### Test Service Endpoints
```bash
# Branch A - Heuristics
curl http://localhost:5005/health
# Branch B - Semantic
curl http://localhost:5006/health
# Branch C - LLM Guard
curl http://localhost:8000/health
# PII Detection
curl http://localhost:5001/health
# Language Detection
curl http://localhost:5002/health
# n8n
curl http://localhost:5678/healthz
# ClickHouse
curl http://localhost:8123/ping
# Grafana
curl -I http://localhost:3001
# Backend API
curl http://localhost:8787/api/files
# Proxy
curl -I http://localhost/ui/
```
### Check All Services Script
```bash
#!/bin/bash
# scripts/health-check.sh
services=(
"5005:Heuristics"
"5006:Semantic"
"8000:LLM Guard"
"5001:Presidio"
"5002:Language"
"5678:n8n"
"8123:ClickHouse"
"3001:Grafana"
"8787:Backend"
)
for svc in "${services[@]}"; do
port="${svc%%:*}"
name="${svc##*:}"
if curl -s "http://localhost:$port/health" > /dev/null 2>&1; then
echo "✅ $name (:$port)"
else
echo "❌ $name (:$port)"
fi
done
```
## Docker Network
### Inspect Network
```bash
docker network inspect vigil-net
```
### Create Network (if missing)
```bash
docker network create vigil-net
```
### Test Inter-Service Connectivity
```bash
# From n8n to heuristics
docker exec vigil-n8n curl -s http://heuristics-service:5005/health
# From n8n to semantic
docker exec vigil-n8n curl -s http://semantic-service:5006/health
# From n8n to prompt-guard
docker exec vigil-n8n curl -s http://prompt-guard-api:8000/health
```
## Volume Management
### List Volumes
```bash
docker volume ls | grep vigil
```
### Backup Volumes
```bash
# ClickHouse data
docker run --rm -v vigil_clickhouse_data:/data -v $(pwd):/backup alpine tar czf /backup/clickhouse-backup.tar.gz /data
# n8n data
docker run --rm -v vigil_n8n_data:/data -v $(pwd):/backup alpine tar czf /backup/n8n-backup.tar.gz /data
# Semantic embeddings
docker run --rm -v vigil_semantic_data:/data -v $(pwd):/backup alpine tar czf /backup/semantic-backup.tar.gz /data
```
### Remove Volumes (DESTRUCTIVE!)
```bash
docker volume rm vigil_clickhouse_data
```
## Troubleshooting
### Port Already in Use
```bash
# Find process using port
lsof -i :5005
# Kill process (if needed)
kill -9 <PID>
```
### Service Won't Start
```bash
# Check logs
docker-compose logs heuristics-service
# Check network
docker network inspect vigil-net
# Verify environment variables
docker-compose config
# Check dependencies
docker-compose ps
```
### Container Crashes
```bash
# View last logs before crash
docker logs --tail=100 heuristics-service
# Check restart count
docker ps -a | grep vigil
# Inspect container
docker inspect heuristics-service
```
### Network Issues
```bash
# Restart networking
docker-compose down
docker network rm vigil-net
docker network create vigil-net
docker-compose up -d
```
### Branch Timeout Issues
```bash
# Check branch timing in ClickHouse
docker exec vigil-clickhouse clickhouse-client -q "
SELECT
avg(branch_a_timing_ms) as a_avg,
avg(branch_b_timing_ms) as b_avg,
avg(branch_c_timing_ms) as c_avg
FROM n8n_logs.events_processed
WHERE timestamp > now() - INTERVAL 1 HOUR
"
# Check service resource usage
docker stats heuristics-service semantic-service prompt-guard-api
```
## Environment Variables
Loaded from `.env` file:
```bash
# ClickHouse
CLICKHOUSE_USER=admin
CLICKHOUSE_PASSWORD=<auto-generated>
# Grafana
GF_SECURITY_ADMIN_PASSWORD=<auto-generated>
# Backend
SESSION_SECRET=<auto-generated>
JWT_SECRET=<auto-generated>
# Heuristics Service
HEURISTICS_PORT=5005
HEURISTICS_TIMEOUT=1000
# Semantic Service
SEMANTIC_PORT=5006
SEMANTIC_TIMEOUT=2000
EMBEDDING_MODEL=all-MiniLM-L6-v2
# LLM Guard
PROMPT_GUARD_PORT=8000
PROMPT_GUARD_TIMEOUT=3000
```
## Development vs Production
### Development (individual services)
```bash
# Backend dev server
cd services/web-ui/backend && npm run dev
# Frontend dev server
cd services/web-ui/frontend && npm run dev
# Heuristics dev
cd services/heuristics-service && npm run dev
# Semantic dev
cd services/semantic-service && python app.py
```
### Production (Docker)
```bash
# Build and start all
docker-compose up --build -d
# Verify all healthy
./scripts/status.sh
```
## Monitoring Resources
### Container Stats
```bash
docker stats
```
### Disk Usage
```bash
docker system df
```
### Prune Unused Resources
```bash
# Remove unused containers, images, networks
docker system prune
# Remove volumes too (CAREFUL!)
docker system prune -a --volumes
```
## Related Skills
- `n8n-vigil-workflow` - 24-node workflow service
- `clickhouse-grafana-monitoring` - Database management
- `pattern-library-manager` - Heuristics patterns
- `presidio-pii-specialist` - PII detection service
## References
- Docker Compose: `docker-compose.yml`
- Heuristics: `services/heuristics-service/`
- Semantic: `services/semantic-service/`
- Environment: `.env`
## Version History
- **v2.0.0** (Current): 11 services, 3-branch architecture
- **v1.6.11**: 9 services (no heuristics, no semantic)
- **v1.6.0**: Added presidio-pii-api, language-detectorRelated Skills
featbit-deployment-docker
Expert guidance for deploying FeatBit with Docker Compose across three tiers - Standalone (PostgreSQL only), Standard (PostgreSQL/MongoDB + Redis), and Professional (+ ClickHouse + Kafka). Use when user mentions "docker-compose", "deploy with Docker", "standalone vs standard vs pro", works with docker-compose.yml files, or asks about container configuration, environment variables, or production Docker setup.
dockerfile-optimization
Optimize Dockerfiles for smaller images, faster builds, better caching, and security. Use this skill when writing, reviewing, or debugging Dockerfiles.
Docker Hub Automation
Automate Docker Hub tasks via Rube MCP (Composio): repositories, images, tags, and container registry management. Always search tools first for current schemas.
docker
Docker y Compose. Proyecto usa este skill; contenido canónico en .ai-system.
docker-workflow
Comprehensive Docker containerization workflow covering multi-stage builds, docker-compose orchestration, image optimization, debugging, and production best practices. Use when containerizing applications, setting up development environments, or deploying with Docker.
docker-to-k8s-manifests
Automatically generate optimized Kubernetes deployment manifests from Dockerfile and docker-compose configurations with proper resource limits and health checks.
docker-test-environments
Docker-based test environment management for isolated, reproducible test execution. Create Docker Compose environments, manage test containers, configure service dependencies, and integrate with CI/CD pipelines.
docker-setup
Dockerfile and Docker Compose patterns with multi-stage builds, layer optimization, security hardening, and health checks. Use when containerizing applications, writing Dockerfiles, or setting up Docker Compose environments.
docker-optimize
Audit and optimize Dockerfiles and docker-compose files for size, security, build speed, and best practices. Triggers on: optimize dockerfile, audit docker, fix dockerfile, docker best practices, docker compose security.
docker-node
Containerization for TypeScript/Node.js applications. Use when deploying Node.js backends, need consistent dev environments, or setting up CI/CD pipelines. Covers multi-stage builds, docker-compose for development, and production optimization. Choose this skill for containerizing tRPC/Express APIs with Prisma.
docker-manage
Manage Docker containers and services efficiently
Docker & Kubernetes
Containerization, orchestration, and deployment with Docker and K8s