added gcore roles and playbooks used to deploy gcore enabling services @ENG, added gcore-smartgears-container role used to generate a smartgears docker container

This commit is contained in:
daniele.pavia 2017-05-04 16:09:54 +02:00
parent 1ee36151a4
commit 1393325469
60 changed files with 1639 additions and 0 deletions

View File

@ -0,0 +1,2 @@
test_port: "8080"
test_URL: "http://{{ inventory_hostname }}:{{ test_port }}"

View File

@ -0,0 +1,17 @@
- name: wait for the service to come up
wait_for: host={{ inventory_hostname }} port={{ test_port }} delay=3 connect_timeout=3
delegate_to: localhost
- name: check URL availability with curl
raw: curl -k "{{ test_URL }}"
register: curl_cmd
failed_when: curl_cmd.rc >= 1
#raw: curl -k -m 3 "{{ test_URL }}"
#- name: test the specified URL
# action: uri url={{ test_URL }}
# register: webpage
#- name : check the returned contents
# fail: msg="service not available"

View File

@ -0,0 +1,32 @@
---
#authorization_service_install: False
#authorization_service_upgrade: False
authorization_service_name: authorization-service
#authorization_service_file: '{{ authorization_service_name }}-2.0.0-20160927.120833-1.war'
#authorization_service_url: 'http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-snapshots/org/gcube/common/authorization-service/2.0.0-SNAPSHOT/{{ authorization_service_file }}'
#
#authorization_version: "2.0.1-4.2.0-134808"
authorization_service_version: "2.0.1-4.2.0-134808"
repo: "gcube-staging"
authorization_service_file: '{{ authorization_service_name }}-{{ authorization_service_version }}.war'
authorization_service_url: 'http://maven.research-infrastructures.eu/nexus/content/repositories/{{ repo }}/org/gcube/common/authorization-service/{{ authorization_service_version }}/{{ authorization_service_file }}'
authorization_service_persistence_dest: WEB-INF/classes/META-INF/persistence.xml
authorization_service_config_dest: WEB-INF/AuthorizationConfiguration.xml
#auth_user: '{{ d4science_user }}'
tomcat_user: "tomcat"
tomcat_document_root: "/usr/share/tomcat/"
authorization_service_loglevel: INFO
authorization_service_root_loglevel: WARN
#authorization_service_http_port: 8080
authorization_service_http_port: 80
authorized_ips:
# - 127.0.0.1
- 0.0.0.0
auth_postgresql_host: "localhost"
psql_db_name: "gcoreauthz"
psql_db_user: "gcoreauthz"
authorization_db_pwd: "gcore-authz"
postgres_port: "5431"
pgpool_port: "5432"

View File

@ -0,0 +1,4 @@
dependencies:
- role: tomcat
- role: postgresql
- role: pgpool

View File

@ -0,0 +1,75 @@
---
- block:
- name: Ensure that postgres is running
service: name=postgresql state=started
- name: Create postgres database {{ psql_db_name }} and user {{ psql_db_user }}
shell: sudo -u postgres createdb {{ psql_db_name }} && sudo -u postgres createuser -s {{ psql_db_user }}
ignore_errors: True
- name: Set password for user {{ psql_db_user }} and grant all privileges on database {{ psql_db_name }}
shell: sudo -u postgres psql -c "ALTER USER {{ psql_db_user }} WITH PASSWORD '{{ authorization_db_pwd }}';" && sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE {{ psql_db_name }} TO {{ psql_db_user }}";
ignore_errors: True
- name: Change postgres authentication method to password for localhost
lineinfile: dest=/var/lib/pgsql/data/pg_hba.conf state=present regexp='^host all all 127.0.0.1/32' line='host all all 127.0.0.1/32 password'
- name: Change postgres authentication method to password for localhost ipv6
lineinfile: dest=/var/lib/pgsql/data/pg_hba.conf state=present regexp='^host all all ::1/128' line='host all all ::1/128 password'
- name: Change postgres port to {{ postgres_port }}
lineinfile: dest="/usr/lib/systemd/system/postgresql.service" state=present regexp='^Environment=PGPORT=' line='Environment=PGPORT={{ postgres_port }}'
- name: Change pgpool port to {{ pgpool_port }}
lineinfile: dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^port =' line='port = {{ pgpool_port }}'
- name: Tell pgpool to connect to postgreqsl on port {{ postgres_port }}
lineinfile: dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^backend_port0 =' line='backend_port0 = {{ postgres_port }}'
- name: Tell pgpool to enable ssl
lineinfile: dest="/etc/pgpool-II/pgpool.conf" state=present regexp='^ssl = on' line='ssl = on'
- name: Running semanage to enable postgres to bind port {{ postgres_port }}
seport: ports={{ postgres_port }} proto=tcp setype=postgresql_port_t state=present reload=yes
- name: Running setsebool to allow tcp connections to the db
seboolean: name=httpd_can_network_connect_db state=yes persistent=yes
# - name: restart postgres
# service: name=postgresql state=restarted
#### on CentOS 7 we need to tell systemd to reload the service file since we made changes there
- name: restart postgresql
systemd: name=postgresql state=restarted enabled=yes daemon_reload=yes
- name: restart pgpool
service: name=pgpool state=restarted
- name: Stop tomcat when upgrading
service: name=tomcat state=stopped
- name: Create the authorization service webapp directory
file: dest={{ tomcat_document_root }}/webapps/authorization-service state=directory owner={{ tomcat_user }} group={{ tomcat_user }}
- name: Get and unpack the authorization war file
unarchive: copy=no src={{ authorization_service_url }} dest={{ tomcat_document_root }}/webapps/authorization-service owner={{ tomcat_user }} group={{ tomcat_user }}
args:
creates: '{{ tomcat_document_root }}/webapps/authorization-service/WEB-INF/AuthorizationConfiguration.xml'
- name: Install the authorization service AuthorizationConfiguration.xml template
template: src=AuthorizationConfiguration.xml.j2 dest={{ tomcat_document_root }}/webapps/authorization-service/{{ authorization_service_config_dest }} mode=0440 owner={{ tomcat_user }} group={{ tomcat_user }}
- name: Install the authorization service persistence.xml template
template: src=persistence.xml.j2 dest={{ tomcat_document_root }}/webapps/authorization-service/{{ authorization_service_persistence_dest }} mode=0440 owner={{ tomcat_user }} group={{ tomcat_user }}
- name: Install the logback configuration
template: src=logback.xml.j2 dest={{ tomcat_document_root }}/lib/logback.xml mode=0644 owner={{ tomcat_user }} group={{ tomcat_user }}
# - name: restore ownership
# file: dest={{ tomcat_document_root }} owner=root group=tomcat recurse=yes
- name: Start tomcat
service: name=tomcat state=started
become: true
become_user: root

View File

@ -0,0 +1,24 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Configuration>
<Rule path="/token/user" requiresToken="false">
{% for ip in authorized_ips %}
<Entity type="IP" value="{{ ip }}" />
{% endfor %}
</Rule>
<Rule path="/apikey" requiresToken="true" acceptedTokenTypes="USER"/>
<Rule path="/policyManager" requiresToken="true">
{% for ip in authorized_ips %}
<Entity type="IP" value="{{ ip }}" />
{% endfor %}
</Rule>
<Rule path="/token/external" requiresToken="true" acceptedTokenTypes="USER" />
<Rule path="/token/node" requiresToken="false" />
<Rule path="/token/service" requiresToken="true" acceptedTokenTypes="CONTAINER"/>
<Rule path="/token/resolve" requiresToken="false">
{% for ip in authorized_ips %}
<Entity type="IP" value="{{ ip }}" />
{% endfor %}
</Rule>
</Configuration>

View File

@ -0,0 +1,24 @@
<configuration>
<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${catalina.base}/logs/ghn.log</file>
<append>true</append>
<encoder>
<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{0}: %msg%n
</pattern>
</encoder>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${catalina.base}/logs/ghn.%d{yyyy-MM-dd}.log</fileNamePattern>
<maxHistory>30</maxHistory>
</rollingPolicy>
</appender>
<logger name="org.gcube" level="{{ authorization_service_loglevel }}" />
<logger name="org.gcube.common.authorizationservice" level="{{ authorization_service_loglevel }}" />
<logger name="org.gcube.common" level="{{ authorization_service_loglevel }}" />
<root level="{{ authorization_service_root_loglevel }}">
<appender-ref ref="FILE" />
</root>
</configuration>

View File

@ -0,0 +1,33 @@
<persistence xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd"
version="2.0" xmlns="http://java.sun.com/xml/ns/persistence">
<!-- change here if you want name of unit different -->
<persistence-unit name="authorization" transaction-type="RESOURCE_LOCAL">
<provider>org.eclipse.persistence.jpa.PersistenceProvider</provider>
<!-- Converters -->
<class>org.gcube.common.authorizationservice.persistence.entities.converters.StringListConverter</class>
<!-- Entities -->
<class>org.gcube.common.authorizationservice.persistence.entities.AuthorizationEntity</class>
<class>org.gcube.common.authorizationservice.persistence.entities.ServiceAuthorizationEntity</class>
<class>org.gcube.common.authorizationservice.persistence.entities.UserAuthorizationEntity</class>
<class>org.gcube.common.authorizationservice.persistence.entities.ExternalServiceAuthorizationEntity</class>
<class>org.gcube.common.authorizationservice.persistence.entities.NodeAuthorizationEntity</class>
<class>org.gcube.common.authorizationservice.persistence.entities.PolicyEntity</class>
<class>org.gcube.common.authorizationservice.persistence.entities.ServicePolicyEntity</class>
<class>org.gcube.common.authorizationservice.persistence.entities.UserPolicyEntity</class>
<properties>
<property name="javax.persistence.jdbc.url"
value="jdbc:postgresql://{{ auth_postgresql_host }}/{{ psql_db_name }}" />
<property name="javax.persistence.jdbc.driver" value="org.postgresql.Driver" />
<property name="javax.persistence.jdbc.user" value="{{ psql_db_user }}" />
<property name="javax.persistence.jdbc.password" value="{{ authorization_db_pwd }}" />
<property name="eclipselink.ddl-generation" value="create-tables" />
<property name="eclipselink.ddl-generation.output-mode"
value="database" />
</properties>
</persistence-unit>
</persistence>

View File

@ -0,0 +1,28 @@
---
repo: "gcube-staging"
#ghn_distribution_version: "7.0.0-4.2.1-132334"
ghn_distribution_bundle_version: "7.0.0-4.2.1-132334"
#### this gets the latest version in the specified repo
#globus_url: "http://maven.research-infrastructures.eu/nexus/service/local/artifact/maven/redirect?r={{ repo }}&g=org/gcube/distribution&a=ghn-distribution&v=LATEST&e=tar.gz"
#### this is for the ghn-distribution-bundle
#globus_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/ghn-distribution-bundle/{{ ghn_distribution_bundle_version }}/ghn-distribution-bundle-{{ ghn_distribution_bundle_version }}-bundle.tar.gz"
globus_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/ghn-distribution/{{ ghn_distribution_bundle_version }}/ghn-distribution-{{ ghn_distribution_bundle_version }}.tar.gz"
ant_url: 'http://archive.apache.org/dist/ant/binaries/apache-ant-1.6.5-bin.tar.gz'
ghn_user: 'gCore'
globus_location: "/opt/{{ ghn_user }}"
ant_location: '/opt/ant/'
ghn_port: 8080
ghn_hostname: "{{ ansible_hostname }}"
ghn_published_host: "{{ ghn_hostname }}:{{ ghn_port }}"
gcube_key: 'd4s.gcubekey'
servicemap_xmlfile: 'ServiceMap_d4s.xml'
servicemap_endpoint: "{{ ghn_published_host }}"
common_scope_maps_file: "common-scope-maps-1.0.4-4.2.0-128425-patched.jar"
patch_common_scope: 0

View File

@ -0,0 +1 @@
<EFBFBD><03><><EFBFBD><EFBFBD><EFBFBD>B<EFBFBD><42><EFBFBD><EFBFBD>2<02>$

2
gcore-base/meta/main.yml Normal file
View File

@ -0,0 +1,2 @@
dependencies:
- role: java-17

66
gcore-base/tasks/main.yml Normal file
View File

@ -0,0 +1,66 @@
- name: add ghn user #home is /opt/ghn/, password is "gCore??"
action: user name={{ ghn_user }} password=$1$SuG4r$6AGiUoMKjZAHFJgYLDTkW/ shell=/bin/bash createhome=yes home={{ globus_location }}
- name: download and extract ghn release specified in '../defaults/main.yml'
unarchive: src='{{ globus_url }}' dest="{{ globus_location }}" copy=no extra_opts='--strip-components=1'
#unarchive: src='{{ globus_url }}' dest="{{ globus_location }}" copy=no extra_opts='--show-stored-names --strip-components=1'
#unarchive: src='http://dl.uxnr.de/mirror/curl/curl-7.52.1.tar.gz' dest="{{ globus_location }}" copy=no
- name: Test if ant is already deployed
raw: ls -d {{ ant_location }}
register: is_ant_deployed
ignore_errors: True
tags:
- ant
- name: create ant_location as defined in '../defaults/main.yml'
file: path={{ ant_location }} state=directory owner=root group=root mode=0755
when: is_ant_deployed.rc != 0
tags:
- ant
- name: install apache ant
unarchive: src={{ ant_url }} dest={{ ant_location }} copy=no extra_opts='--strip-components=1'
#unarchive: src={{ ant_url }} dest={{ ant_location }} copy=no extra_opts='--show-stored-names --strip-components=1'
when: is_ant_deployed.rc != 0
tags:
- ant
- name: upload the gcube key specified in '../defaults/main.yml'
copy: src={{ gcube_key }} dest={{ globus_location }}/config/ mode=0600
- name: upload ghn start script
template: src=gcore-start.sh dest={{ globus_location }} mode=0700
- name: copy custom servicemap files
template: src=ServiceMap_d4s.xml dest={{ globus_location }}/config/
when: patch_common_scope != 0
- name: copy custom servicemap files
template: src=ServiceMap_d4stesting.xml dest={{ globus_location }}/config/
when: patch_common_scope != 0
- name: patch_common_scope={{ patch_common_scope }}, removing bundled common-scope-maps
raw: rm -f {{ globus_location }}/lib/common-scope-maps*
when: patch_common_scope != 0
ignore_errors: True
tags:
- common_scope_maps
- name: upload patched common-scope-maps
copy: src={{ common_scope_maps_file }} dest={{ globus_location }}/lib/ owner={{ ghn_user }} group={{ ghn_user }} mode=0644
when: patch_common_scope != 0
tags:
- common_scope_maps
- name: upload d4s.authorization
template: src=d4s.authorization dest={{ globus_location }}/config/ mode=0644
- name: restore ownership
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
# this is commented out since at this point no service has been deployed yet
#- name: start the container
# become: yes
# become_user: "{{ ghn_user }}"
# command: "{{ globus_location }}/gcore-start.sh"

View File

@ -0,0 +1,6 @@
<ServiceMap>
<Service name ="ISICAllQueryPT" endpoint ="http://{{ servicemap_endpoint }}/wsrf/services/gcube/informationsystem/collector/XQueryAccess"/>
<Service name ="ISICAllRegistrationPT" endpoint ="http://{{ servicemap_endpoint }}/wsrf/services/gcube/informationsystem/collector/Sink"/>
<Service name ="ISICAllCollectionPT" endpoint ="http://{{ servicemap_endpoint }}/wsrf/services/gcube/informationsystem/collector/wsdaix/XMLCollectionAccess"/>
<Service name ="ISICAllStoragePT" endpoint ="http://{{ servicemap_endpoint }}/wsrf/services/gcube/informationsystem/collector/XMLStorageAccess"/>
</ServiceMap>

View File

@ -0,0 +1,6 @@
<ServiceMap>
<Service name ="ISICAllQueryPT" endpoint ="http://{{ servicemap_endpoint_testing }}/wsrf/services/gcube/informationsystem/collector/XQueryAccess"/>
<Service name ="ISICAllRegistrationPT" endpoint ="http://{{ servicemap_endpoint_testing }}/wsrf/services/gcube/informationsystem/collector/Sink"/>
<Service name ="ISICAllCollectionPT" endpoint ="http://{{ servicemap_endpoint_testing }}/wsrf/services/gcube/informationsystem/collector/wsdaix/XMLCollectionAccess"/>
<Service name ="ISICAllStoragePT" endpoint ="http://{{ servicemap_endpoint_testing }}/wsrf/services/gcube/informationsystem/collector/XMLStorageAccess"/>
</ServiceMap>

View File

@ -0,0 +1 @@
# example: registry={{ COMMON_NPM_MIRROR_URL }}

View File

@ -0,0 +1 @@
<authorization-endpoint priority="1" infrastructure="d4s"><host>{{ authorization_hostname }}</host><secure>false</secure><port>{{ authorization_port }}</port></authorization-endpoint>

View File

@ -0,0 +1,6 @@
#!/bin/bash
export GLOBUS_LOCATION={{ globus_location }}
export PATH=$PATH:$GLOBUS_LOCATION/bin
export ANT_HOME={{ ant_location }}
nohup {{ globus_location }}/bin/gcore-start-container -p {{ ghn_port }}

View File

@ -0,0 +1,21 @@
---
# recent versions of eXist setup do not allow for a quiet installation, therefore we switch to the
# last known working version
#exist_url: 'https://bintray.com/existdb/releases/download_file?file_path=eXist-db-setup-2.2.jar'
exist_jar: 'eXist-setup-1.2.6-rev9165.jar'
exist_url: "http://downloads.sourceforge.net/project/exist/Stable/1.2/{{ exist_jar }}"
exist_location: "{{ globus_location }}/exist/"
repo: "gcube-staging"
#collector_version: "3.0.2-4.1.0-126944"
is_collector_service_version: "3.0.2-4.1.0-126944"
collector_artifact: "is-collector-service-{{ is_collector_service_version }}"
collector_gar: "{{ collector_artifact }}.gar"
collector_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/informationsystem/is-collector-service/{{ is_collector_service_version }}/{{ collector_gar }}"
collector_hostname: "d4s.res.eng.it"
collector_port: "8099"
collector_endpoint: "{{ collector_hostname }}:{{ collector_port }}"
start_scopes: ''
infrastructure: 'd4s'

View File

@ -0,0 +1,2 @@
dependencies:
- role: gcore-base

View File

@ -0,0 +1,73 @@
- name: download eXist DB
get_url: url={{ exist_url }} dest=/tmp force=yes
- name: create exist_location as defined in '../defaults/main.yml'
file: path={{ exist_location }} state=directory owner={{ ghn_user }} group={{ ghn_user }} mode=0755
- name: install eXist DB
command: "java -jar /tmp/{{ exist_jar }} -p {{ exist_location }}"
- name: remove eXist setup jar
file: path="/tmp/{{ exist_jar }}" state=absent
- name: add the EXIST_HOME parameter to the gcore startup script
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertafter="^export ANT_HOME" state=present line="export EXIST_HOME={{ exist_location }}"
# remotely using with_fileglob seems to give all sorts of issues
# while using copy module is out of question since it's not
# capable of using wildcards, hence we'll use the shell module
# when there's a need to use wildcards in filenames
#- name: copy exist libs in "{{ globus_location }}/lib/"
# copy: src={{ item }} dest="{{ globus_location }}/lib/" remote_src=true
# with_fileglob:
# - "{{ exist_location}}/exist.jar"
# - "{{ exist_location}}/lib/core/quartz-*.jar"
# - "{{ exist_location}}/lib/core/xmlrpc-*"
# - "{{ exist_location}}/lib/core/xmldb.jar"
# - "{{ exist_location}}/lib/core/jta.jar"
# - "{{ exist_location}}/lib/core/commons-pool-*.jar"
- name: copy exist.jar in $GLOBUS_LOCATION/lib
copy: src="{{ exist_location}}/exist.jar" dest="{{ globus_location }}/lib/" remote_src=true
- name: copy quartz jar in $GLOBUS_LOCATION/lib
shell: cp -R {{ exist_location}}/lib/core/quartz-*.jar {{ globus_location }}/lib/
- name: copy xmlrpc-* in $GLOBUS_LOCATION/lib
shell: cp -R {{ exist_location}}/lib/core/xmlrpc-* {{ globus_location }}/lib/
- name: copy xmldb in $GLOBUS_LOCATION/lib
copy: src="{{ exist_location}}/lib/core/xmldb.jar" dest="{{ globus_location }}/lib/" remote_src=true
- name: copy jta.jar in $GLOBUS_LOCATION/lib
copy: src="{{ exist_location}}/lib/core/jta.jar" dest="{{ globus_location }}/lib/" remote_src=true
- name: copy commons-pool-*.jar in $GLOBUS_LOCATION/lib
shell: cp -R {{ exist_location}}/lib/core/commons-pool-*.jar {{ globus_location }}/lib/
- name: download is-collector-service.gar
get_url: url={{ collector_url }} dest=/tmp force=yes
- name: deploy is-collector-service.gar
shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ collector_gar }}
- name: add GLOBUS_OPTIONS to the gcore startup script
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertafter="^export EXIST_HOME" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M -Dexist.home=$EXIST_HOME"'
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ collector_hostname }}"
- name: copy updated GHNConfig.xml
template: src=GHNConfig.xml dest={{ globus_location }}/config/
- name: updated is-collector-service jndi-config.xml, add start scopes
lineinfile: dest="{{ globus_location }}/etc/{{ collector_artifact }}/jndi-config.xml" insertafter='.*?<service name="gcube/informationsystem/collector">' state=present line=" <environment name=\"startScopes\" value=\"/{{ infrastructure }}/{{ start_scopes }}\" type=\"java.lang.String\" override=\"false\" />"
when: start_scopes != ""
- name: restore ownership
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
- name: start gCore
become: yes
become_user: "{{ ghn_user }}"
shell: "{{ globus_location }}/gcore-start.sh"

View File

@ -0,0 +1,87 @@
<?xml version="1.0" encoding="UTF-8"?>
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
<global>
<environment
name="securityenabled"
value="false"
type="java.lang.Boolean"
override="false" />
<environment
name="mode"
value="ROOT"
type="java.lang.String"
override="false" />
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
<environment
name="startScopes"
value="{{ start_scopes }}"
type="java.lang.String"
override="false" />
<environment
name="allowedScopes"
value=""
type="java.lang.String"
override="false" />
<environment
name="infrastructure"
value="{{ infrastructure }}"
type="java.lang.String"
override="false" />
<environment
name="labels"
value="GHNLabels.xml"
type="java.lang.String"
override="false" />
<environment
name="GHNtype"
value="STATIC"
type="java.lang.String"
override="false" />
<environment
name="localProxy"
value="/home/globus/..."
type="java.lang.String"
override="false" />
<environment
name="coordinates"
value="43.719627,10.421626"
type="java.lang.String"
override="false" />
<environment
name="country"
value="it"
type="java.lang.String"
override="false" />
<environment
name="location"
value="Pisa"
type="java.lang.String"
override="false" />
<environment
name="updateInterval"
value="60"
type="java.lang.Long"
override="false" />
<environment
name="trustedGHNSynchInterval"
value="600"
type="java.lang.Long"
override="false" />
<!-- Test PublishedHost -->
<environment
name="publishedHost"
value="{{ collector_hostname }}"
type="java.lang.String"
override="false" />
<!-- Test PublishedPort -->
<environment
name="publishedPort"
value="{{ collector_port }}"
type="java.lang.Integer"
override="false" />
</global>
</jndiConfig>

View File

@ -0,0 +1,13 @@
---
repo: "gcube-staging"
notifier_version: "1.4.0-4.1.0-126911"
notifier_artifact: "notifier-service-{{ notifier_version }}"
notifier_gar: "{{ notifier_artifact }}.gar"
notifier_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/informationsystem/notifier-service/{{ notifier_version }}/{{ notifier_gar }}"
notifier_hostname: "d4s.res.eng.it"
notifier_port: "d4s.res.eng.it"
notifier_endpoint: "{{ notifier_hostname }}:{{ notifier_port }}"
start_scopes: ''
infrastructure: 'd4s'

View File

@ -0,0 +1,2 @@
dependencies:
- role: gcore-base

View File

@ -0,0 +1,26 @@
- name: download {{ notifier_gar }}
get_url: url={{ notifier_url }} dest=/tmp force=yes
- name: deploy {{ notifier_gar }}
shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ notifier_gar }}
- name: add GLOBUS_OPTIONS to the gcore startup script
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
- name: copy updated GHNConfig.xml
template: src=GHNConfig.xml dest={{ globus_location }}/config/
## despite what the documentation says, seems there's no need to specify starting scopes for the notifier to work correctly
#- name: copy updated notifier-service jndi-config.xml
# template: src=jndi-config.xml dest={{ globus_location }}/etc/{{ notifier_artifact }}/
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ notifier_hostname }}"
- name: restore ownership
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
- name: start gCore
become: yes
become_user: "{{ ghn_user }}"
shell: "{{ globus_location }}/gcore-start.sh"

View File

@ -0,0 +1,85 @@
<?xml version="1.0" encoding="UTF-8"?>
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
<global>
<environment
name="securityenabled"
value="false"
type="java.lang.Boolean"
override="false" />
<environment
name="mode"
value="ROOT"
type="java.lang.String"
override="false" />
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
<environment
name="startScopes"
value="{{ start_scopes }}"
type="java.lang.String"
override="false" />
<environment
name="allowedScopes"
value=""
type="java.lang.String"
override="false" />
<environment
name="infrastructure"
value="{{ infrastructure }}"
type="java.lang.String"
override="false" />
<environment
name="labels"
value="GHNLabels.xml"
type="java.lang.String"
override="false" />
<environment
name="GHNtype"
value="STATIC"
type="java.lang.String"
override="false" />
<environment
name="localProxy"
value="/home/globus/..."
type="java.lang.String"
override="false" />
<environment
name="coordinates"
value="43.719627,10.421626"
type="java.lang.String"
override="false" />
<environment
name="country"
value="it"
type="java.lang.String"
override="false" />
<environment
name="location"
value="Pisa"
type="java.lang.String"
override="false" />
<environment
name="updateInterval"
value="60"
type="java.lang.Long"
override="false" />
<environment
name="trustedGHNSynchInterval"
value="600"
type="java.lang.Long"
override="false" />
<!-- Test PublishedHost -->
<environment
name="publishedHost"
value="{{ notifier_hostname }} "
type="java.lang.String"
override="false" />
<!-- Test PublishedPort -->
<environment
name="publishedPort"
value="{{ notifier_port }}"
type="java.lang.Integer"
override="false" />
</global>
</jndiConfig>

View File

@ -0,0 +1,17 @@
---
repo: "gcube-staging"
portal_version: "4.1.0-4.2.0-133176"
portal_bundle: "gcube-portal-bundle-{{ portal_version }}.tar.gz"
portal_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/gcube-portal-bundle/{{ portal_version }}/{{ portal_bundle }}"
portal_user: "gCore"
portal_home: "/opt/{{ portal_user }}"
gcube_key: 'd4s.gcubekey'
tomcat_port: "8080"
common_scope_maps_file: "common-scope-maps-1.0.4-4.2.0-128425-patched.jar"
patch_common_scope: 0
start_scopes: ''
infrastructure: 'd4s'

View File

@ -0,0 +1 @@
<EFBFBD><03><><EFBFBD><EFBFBD><EFBFBD>B<EFBFBD><42><EFBFBD><EFBFBD>2<02>$

View File

@ -0,0 +1,2 @@
dependencies:
- role: java-17

View File

@ -0,0 +1,69 @@
- name: add portal user #default home is /opt/ghn-portal/, password is "gCore??"
action: user name={{ portal_user }} password=$1$SuG4r$6AGiUoMKjZAHFJgYLDTkW/ shell=/bin/bash createhome=yes home={{ portal_home }}
- name: download and extract {{ portal_bundle }} as specified in '../defaults/main.yml'
unarchive: src={{ portal_url }} dest={{ portal_home }} copy=no #extra_opts='--show-stored-names --strip-components=1'
- name: upload the gcube key specified in '../defaults/main.yml'
copy: src={{ gcube_key }} dest="{{ portal_home }}/gCube/keys/" mode=0600
- name: retrieve tomcat path
shell: ls -d {{ portal_home }}/tomcat*
register: tomcat_path
#### since this role deploys from scratch, there's no way to actually patch the common-scope-maps that's
#### deployed from within the resource-management webapp for now, since the very same webapp hasn't been
#### deployed yet
#- name: retrieve resource-management webapp path
# shell: ls -d {{ portal_home }}/tomcat*/webapps/resource-management-*/
# register: resource_management_path
# ignore_errors: True
- name: upload configured infrastructure.properties
template: src="infrastructureproperties" dest="{{ tomcat_path.stdout }}/conf/infrastructure.properties" mode=0700
- name: updload portal-ext.properties
template: src="portal-ext.properties" dest="{{ tomcat_path.stdout }}/webapps/ROOT/WEB-INF/classes/"
- name: upload .bashrc to {{ portal_user }}
template: src=bashrc dest="{{ portal_home }}/.bashrc" mode=0644
- name: tell tomcat to listen to the tomcat_port variable defined in "../defaults/main.yml"
shell: sed -i "s/8080/{{ tomcat_port }}/g" "{{ tomcat_path.stdout }}/conf/server.xml"
- name: patch_common_scope enabled, removing bundled common-scope-maps
raw: rm -f {{ portal_home }}/{{ item }}/common-scope-maps*
with_items:
- gCube/lib/_fws
- lib/fws
# - "{{ resource_management_path }}"
when: patch_common_scope != 0
ignore_errors: True
tags:
- common_scope_maps
- name: upload patched common-scope-maps
copy: src={{ common_scope_maps_file }} dest={{ portal_home }}/{{ item }}/ owner={{ portal_user }} group={{ portal_user }} mode=0644
with_items:
- gCube/lib/_fws
- lib/fws
# - "{{ resource_management_path }}"
when: patch_common_scope != 0
tags:
- common_scope_maps
- name: upload d4s.authorization
template: src=d4s.authorization dest={{ item }} owner={{ portal_user }} group={{ portal_user }} mode=0644
with_items:
- "{{ portal_home }}/lib/"
- "{{ portal_home }}/gCube/lib/"
- "{{ tomcat_path.stdout }}/lib/"
- "{{ tomcat_path.stdout }}"
- name: restore ownership
file: dest={{ portal_home }} owner={{ portal_user }} group={{ portal_user }} recurse=yes
- name: start the portal
become: yes
become_user: "{{ portal_user }}"
shell: source ~/.bashrc && nohup {{ tomcat_path.stdout }}/bin/startup.sh &

View File

@ -0,0 +1,188 @@
---
- name: Test if liferay is already installed
raw: ls -l /var/lib/tomcat7/webapps/ROOT/WEB-INF/classes/portal-developer.properties
register: liferay_install
ignore_errors: True
tags:
- liferay
- name: Download the liferay war file
get_url: url="http://downloads.sourceforge.net/project/lportal/Liferay%20Portal/6.1.2%20GA3/liferay-portal-6.1.2-ce-ga3-20130816114619181.war?r=http%3A%2F%2Fwww.liferay.com%2Fit%2Fdownloads%2Fliferay-portal%2Fadditional-files&ts=1383123826&use_mirror=garr" dest=/var/tmp/liferay-6.1.war
when: liferay_install.rc != 0
tags:
- liferay
- name: Explode the liferay war
shell: cd /var/lib/tomcat7/webapps/ROOT ; jar xf /var/tmp/liferay-6.1.war ; chown -R root:root . ; rm -f /var/tmp/liferay-6.1.war
when: liferay_install.rc != 0
notify:
tomcat7 restart
tags:
- liferay
- name: Create the /usr/share/tomcat7/lib/ext directory
file: dest=/usr/share/tomcat7/lib/ext state=directory owner=root group=root mode=0755
tags:
- liferay
- name: Install other liferay dependencies (taken from the liferay bundle)
copy: src={{ item }} dest=/usr/share/tomcat7/lib/ext/{{ item }}
with_items:
- activation.jar
- ccpp.jar
# - hsql.jar
- jms.jar
- jta.jar
- jtds.jar
- junit.jar
- jutf7.jar
- mail.jar
# - mysql.jar
- persistence.jar
- portal-service.jar
- portlet.jar
# - postgresql.jar
- support-tomcat.jar
notify: tomcat7 restart
tags:
- liferay
- name: Install liferay patch for ldap without using the test password
copy: src={{ item }} dest=/var/lib/tomcat7/webapps/ROOT/WEB-INF/lib/{{ item }}
with_items:
- lps9001-ldap-ce6101-portal-impl.jar
when: liferay_ldap_fix is defined and liferay_ldap_fix == 'True'
notify: tomcat7 restart
tags:
- liferay
- liferaycfg
- name: Ensure that the ldap authentication patch is not installed
file: dest=/var/lib/tomcat7/webapps/ROOT/WEB-INF/lib/{{ item }} state=absent
with_items:
- lps9001-ldap-ce6101-portal-impl.jar
when: liferay_ldap_fix is not defined or liferay_ldap_fix == 'False'
notify: tomcat7 restart
tags:
- liferay
- liferaycfg
- name: Create the funny /var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies directory
file: dest=/var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies state=directory owner=root group=root mode=0755
tags:
- liferay
- name: Create the temp directory /var/lib/tomcat7/temp
file: dest=/var/lib/tomcat7/temp owner=tomcat7 group=tomcat7 mode=0750 state=directory
tags:
- liferay
- name: Create the funny path needed by some liferay dependencies
file: dest=/var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies state=directory owner=root group=root mode=0755
tags:
- liferay
- name: Install other liferay dependencies in funny places
copy: src=../files/{{ item }} dest=/var/lib/tomcat7/temp/liferay/com/liferay/portal/deploy/dependencies/{{ item }}
with_items:
- resin.jar
- script-10.jar
notify:
tomcat7 restart
tags:
- liferay
#
# Note: we have the dependencies as local files. The two following tasks are not needed anymore
#
# - name: get the liferay dependencies
# get_url: url="http://downloads.sourceforge.net/project/lportal/Liferay%20Portal/6.1.2%20GA3/liferay-portal-dependencies-6.1.2-ce-ga3-20130816114619181.zip?r=http%3A%2F%2Fwww.liferay.com%2Fit%2Fdownloads%2Fliferay-portal%2Fadditional-files&ts=1383130399&use_mirror=garr" dest=/var/tmp/liferay-dependencies.zip
# register: dependencies_download
# - name: Install the liferay dependencies
# shell: cd /usr/share/tomcat7/lib ; unzip /var/tmp/liferay-dependencies.zip ; chown -R root:root . ; ln -s */*.jar ./ext ; /bin/rm -f ./ext/hsql.jar
# when: dependencies_download.changed
# notify: tomcat7 restart
- name: liferay basic configuration
template: src=../templates/portal-ext.properties.j2 dest=/var/lib/tomcat7/webapps/ROOT/WEB-INF/classes/portal-ext.properties owner=root group=tomcat7 mode=0640
notify:
tomcat7 restart
tags:
- liferay
- liferaycfg
- name: Create the portal home directory outside the webapp root
file: dest={{ liferay.portal_home }} state=directory owner=tomcat7 group=tomcat7 mode=0750
tags:
- liferay
- liferaycfg
- name: Create data and deploy directories
file: dest={{ liferay.portal_home }}/{{ item }} state=directory owner=tomcat7 group=tomcat7 mode=0750
with_items:
- data
- deploy
- liferay
tags:
- liferay
- liferaycfg
- name: Force the logs in the right place
file: src=/var/log/tomcat7 dest={{ liferay.portal_home }}/logs state=link
tags:
- liferay
- liferaycfg
- name: Give write permissions to some directories
file: dest=/var/lib/tomcat7/webapps/ROOT/html/{{ item }} state=directory owner=tomcat7 group=tomcat7
with_items:
- icons
- themes
notify: Recursively set liferay write permissions
tags:
- liferay
- liferaycfg
- name: Put the static properties in the portal home directory
template: src=../templates/home-portal-ext.properties.j2 dest={{ liferay.portal_home }}/portal-ext.properties owner=root group=tomcat7 mode=0640
notify: tomcat7 restart
tags:
- liferay
- liferaycfg
- name: Create an empty portal-setup-wizard.properties if does not exist
copy: content="" dest={{ liferay.portal_home }}/portal-setup-wizard.properties owner=root group=tomcat7 mode=0660 force=no
tags:
- liferay
- liferaycfg
- name: Test if the related webapps are installed
raw: ls -l /var/lib/tomcat7/webapps/marketplace-portlet
register: liferay_bundled_apps
ignore_errors: True
tags:
- liferay
- name: Download the liferay bundle. Needed for the related webapps
get_url: url="http://downloads.sourceforge.net/project/lportal/Liferay%20Portal/6.1.2%20GA3/liferay-portal-tomcat-6.1.2-ce-ga3-20130816114619181.zip?r=http%3A%2F%2Fwww.liferay.com%2Fit%2Fdownloads%2Fliferay-portal%2Favailable-releases&ts=1383043780&use_mirror=garr" dest=/var/tmp/liferay-bundle.zip
when: liferay_bundled_apps.rc != 0
tags:
- liferay
- name: Explode the liferay bundle and install the needed webapps
shell: cd /var/tmp ; /var/lib/tomcat7/webapps/ROOT ; unzip /var/tmp/liferay-bundle.zip ; cd /var/tmp/liferay-portal-6.1.2-ce-ga3/tomcat-7.0.40/webapps ; cp -a marketplace-portlet portal-compat-hook resources-importer-web welcome-theme /var/lib/tomcat7/webapps/ ; cd /var/tmp ; rm -fr /var/tmp/liferay-bundle.zip /var/tmp/liferay-portal-6.1.2-ce-ga3
when: liferay_bundled_apps.rc != 0
notify:
tomcat7 restart
tags:
- liferay
- name: The images directory of the theme must be writeable by tomcat(!)
file: dest=/var/lib/tomcat7/webapps/welcome-theme/images state=directory owner=tomcat7 group=tomcat7 mode=0750
notify:
Recursively change welcome-theme images permissions
tags:
- liferay
- liferaycfg

View File

@ -0,0 +1,16 @@
# .bashrc
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
# User specific aliases and functions
export CLASSPATH=""
export CATALINA_HOME="{{ tomcat_path.stdout }}"
export JAVA_HOME="/usr/lib/jvm/jre-1.7.0"
export JRE_HOME="/usr/lib/jvm/jre-1.7.0"
#export CATALINA_OPTS="-DGLOBUS_LOCATION=$GLOBUS_LOCATION -Xmx2048m -Xms2048m -XX:MaxPermSize=256m -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Dlog4j.ignoreTCL=true -Dlog4j.configuration=file://$CATALINA_HOME/portal-log4j.properties"
export CATALINA_OPTS="-Dexternal-properties=portal-developer.properties -Xmx1000m -Xms1000m -XX:PermSize=512m -XX:MaxPermSize=512m -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Dlog4j.ignoreTCL=true -Dlog4j.configuration=file://$CATALINA_HOME/portal-log4j.properties -Dlogback.configurationFile=file://$CATALINA_HOME/portal-logback.xml"
export CATALINA_PID="{{ portal_home }}/pid.txt"

View File

@ -0,0 +1 @@
<authorization-endpoint priority="1" infrastructure="d4s"><host>{{ authorization_hostname }}</host><secure>false</secure><port>{{ authorization_port }}</port></authorization-endpoint>

View File

@ -0,0 +1,9 @@
# DO NOT DELETE THIS FILE
# gCube Infrastructure Properties tells the webapps on which infrastructure they run
# Author: Massimiliano Assante, ISTI-CNR
# a single infrastructure
infrastructure={{ infrastructure }}
# multiple scopes must be separated by comma (e.g FARM,gCubeApps)
scopes={{ start_scopes }}

View File

@ -0,0 +1,2 @@
liferay.home={{ portal_home }}
include-and-override={{ portal_home }}/portal-ext.properties

View File

@ -0,0 +1,13 @@
---
repo: "gcube-staging"
registry_version: "2.1.4-4.1.0-126945"
registry_artifact: "is-registry-service-{{ registry_version }}"
registry_gar: "{{ registry_artifact }}.gar"
registry_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/informationsystem/is-registry-service/{{ registry_version }}/{{ registry_gar }}"
start_scopes: ''
infrastructure: 'd4s'
registry_port: '8080'
registry_hostname: "{{ ansible_hostname }}"
registry_published_host: '{{ registry_hostname }}:{{ registry_port }}'

View File

@ -0,0 +1,2 @@
#dependencies:
# - role: gcore-base

View File

@ -0,0 +1,29 @@
- name: download {{ registry_gar }}
get_url: url={{ registry_url }} dest=/tmp force=yes
- name: deploy {{ registry_gar }}
shell: export GLOBUS_LOCATION={{ globus_location }} && export ANT_HOME={{ ant_location }} && export PATH=$PATH:$GLOBUS_LOCATION/bin && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ registry_gar }}
- name: add GLOBUS_OPTIONS to the gcore startup script
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
- name: copy updated GHNConfig.xml
template: src=GHNConfig.xml dest={{ globus_location }}/config/
- name: updated is-registry-service jndi-config.xml, add start scopes when needed
lineinfile: dest="{{ globus_location }}/etc/{{ registry_artifact }}/jndi-config.xml" insertafter='.*?<service name="gcube/informationsystem/registry">' state=present line=" <environment name=\"startScopes\" value=\"/{{ infrastructure }}/{{ start_scopes }}\" type=\"java.lang.String\" override=\"false\" />"
when: start_scopes != ""
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ registry_hostname }}"
- name: add is-registry Servicemap entry
lineinfile: dest="{{ globus_location }}/config/{{ servicemap_xmlfile }}" insertbefore="^</ServiceMap>" state=present line=' <Service name ="ISRegistry" endpoint="http://{{ registry_published_host }}/wsrf/services/gcube/informationsystem/registry/ResourceRegistration" />'
- name: restore ownership
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
- name: start gCore
become: yes
become_user: "{{ ghn_user }}"
shell: "{{ globus_location }}/gcore-start.sh"

View File

@ -0,0 +1,86 @@
<?xml version="1.0" encoding="UTF-8"?>
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
<global>
<environment
name="securityenabled"
value="false"
type="java.lang.Boolean"
override="false" />
<environment
name="mode"
value="ROOT"
type="java.lang.String"
override="false" />
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
<environment
name="startScopes"
value="{{ start_scopes }}"
type="java.lang.String"
override="false" />
<environment
name="allowedScopes"
value=""
type="java.lang.String"
override="false" />
<environment
name="infrastructure"
value="{{ infrastructure }}"
type="java.lang.String"
override="false" />
<environment
name="labels"
value="GHNLabels.xml"
type="java.lang.String"
override="false" />
<environment
name="GHNtype"
value="STATIC"
type="java.lang.String"
override="false" />
<environment
name="localProxy"
value="/home/globus/..."
type="java.lang.String"
override="false" />
<environment
name="coordinates"
value="43.719627,10.421626"
type="java.lang.String"
override="false" />
<environment
name="country"
value="it"
type="java.lang.String"
override="false" />
<environment
name="location"
value="Pisa"
type="java.lang.String"
override="false" />
<environment
name="updateInterval"
value="60"
type="java.lang.Long"
override="false" />
<environment
name="trustedGHNSynchInterval"
value="600"
type="java.lang.Long"
override="false" />
<!-- PublishedHost -->
<environment
name="publishedHost"
value="{{ registry_hostname }}"
type="java.lang.String"
override="false" />
<!-- PublishedPort -->
<environment
name="publishedPort"
value="{{ registry_port }}"
type="java.lang.Integer"
override="false" />
</global>
</jndiConfig>

View File

@ -0,0 +1,23 @@
---
repo: "gcube-staging"
resourcebroker_version: "1.2.0-4.1.0-126927"
resourcebroker_artifact: "resourcebroker-service-{{ resourcebroker_version }}"
resourcebroker_gar: "{{ resourcebroker_artifact }}.gar"
resourcebroker_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resourcebroker-service/{{ resourcebroker_version }}/{{ resourcebroker_gar }}"
resourcebroker_serialization_version: "1.2.0-4.1.0-126929"
resourcebroker_serialization_artifact: "resourcebroker-serialization-{{ resourcebroker_serialization_version }}"
resourcebroker_serialization_jar: "{{ resourcebroker_serialization_artifact }}.jar"
resourcebroker_serialization_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resourcebroker-serialization/{{ resourcebroker_serialization_version}}/{{ resourcebroker_serialization_jar }}"
resourcebroker_stubs_version: "1.2.0-4.1.0-126927"
resourcebroker_stubs_artifact: "rbstubs-{{ resourcebroker_stubs_version }}"
resourcebroker_stubs_jar: "{{ resourcebroker_stubs_artifact }}.jar"
resourcebroker_stubs_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/rbstubs/{{ resourcebroker_stubs_version }}/{{ resourcebroker_stubs_jar }}"
resourcebroker_hostname: "d4s.res.eng.it"
resourcebroker_port: "8399"
resourcebroker_endpoint: "{{ resourcebroker_hostname }}:{{ resourcebroker_port }}"
start_scopes: ''
infrastructure: 'd4s'

View File

@ -0,0 +1,2 @@
dependencies:
- role: gcore-base

View File

@ -0,0 +1,31 @@
- name: download {{ resourcebroker_gar }}
get_url: url={{ resourcebroker_url }} dest=/tmp force=yes
- name: deploy {{ resourcebroker_gar }}
shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ resourcebroker_gar }}
- name: add GLOBUS_OPTIONS to the gcore startup script
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
- name: copy updated GHNConfig.xml
template: src=GHNConfig.xml dest={{ globus_location }}/config/
#- name: update the resourcebroker jndi-config.xml, add start scopes when needed
# lineinfile: dest="{{ globus_location }}/etc/{{ registry_artifact }}/jndi-config.xml" insertafter='.*?<service name="gcube/informationsystem/registry">' state=present line=" <environment name=\"startScopes\" value=\"{{ start_scopes }}\" type=\"java.lang.String\" override=\"false\" />"
- name: deploy {{ resourcebroker_serialization_artifact }}
get_url: url={{ resourcebroker_serialization_url }} dest="{{ globus_location }}/lib/" force=yes
- name: deploy {{ resourcebroker_stubs_artifact }}
get_url: url={{ resourcebroker_stubs_url }} dest="{{ globus_location }}/lib/" force=yes
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ resourcebroker_hostname }}"
- name: restore ownership
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
- name: start gCore
become: yes
become_user: "{{ ghn_user }}"
shell: "{{ globus_location }}/gcore-start.sh"

View File

@ -0,0 +1,87 @@
<?xml version="1.0" encoding="UTF-8"?>
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
<global>
<environment
name="securityenabled"
value="false"
type="java.lang.Boolean"
override="false" />
<environment
name="mode"
value="ROOT"
type="java.lang.String"
override="false" />
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
<environment
name="startScopes"
value="{{ start_scopes }}"
type="java.lang.String"
override="false" />
<environment
name="allowedScopes"
value=""
type="java.lang.String"
override="false" />
<environment
name="infrastructure"
value="{{ infrastructure }}"
type="java.lang.String"
override="false" />
<environment
name="labels"
value="GHNLabels.xml"
type="java.lang.String"
override="false" />
<environment
name="GHNtype"
value="STATIC"
type="java.lang.String"
override="false" />
<environment
name="localProxy"
value="/home/globus/..."
type="java.lang.String"
override="false" />
<environment
name="coordinates"
value="43.719627,10.421626"
type="java.lang.String"
override="false" />
<environment
name="country"
value="it"
type="java.lang.String"
override="false" />
<environment
name="location"
value="Pisa"
type="java.lang.String"
override="false" />
<environment
name="updateInterval"
value="60"
type="java.lang.Long"
override="false" />
<environment
name="trustedGHNSynchInterval"
value="600"
type="java.lang.Long"
override="false" />
<!-- Test PublishedHost -->
<environment
name="publishedHost"
value="{{ resourcebroker_hostname }} "
type="java.lang.String"
override="false" />
<!-- Test PublishedPort -->
<environment
name="publishedPort"
value="{{ resourcebroker_port }}"
type="java.lang.Integer"
override="false" />
</global>
</jndiConfig>

View File

@ -0,0 +1,23 @@
---
repo: "gcube-staging"
resource_manager_version: "2.2.0-4.1.0-132314"
resource_manager_artifact: "resource-manager-service-{{ resource_manager_version }}"
resource_manager_gar: "{{ resource_manager_artifact }}.gar"
resource_manager_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resource-manager-service/{{ resource_manager_version }}/{{ resource_manager_gar}}"
resourcebroker_serialization_version: "1.2.0-4.1.0-126929"
resourcebroker_serialization_artifact: "resourcebroker-serialization-{{ resourcebroker_serialization_version }}"
resourcebroker_serialization_jar: "{{ resourcebroker_serialization_artifact }}.jar"
resourcebroker_serialization_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/resourcebroker-serialization/{{ resourcebroker_serialization_version}}/{{ resourcebroker_serialization_jar }}"
resourcebroker_stubs_version: "1.2.0-4.1.0-126927"
resourcebroker_stubs_artifact: "rbstubs-{{ resourcebroker_stubs_version }}"
resourcebroker_stubs_jar: "{{ resourcebroker_stubs_artifact }}.jar"
resourcebroker_stubs_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/rbstubs/{{ resourcebroker_stubs_version }}/{{ resourcebroker_stubs_jar }}"
resource_manager_hostname: "d4s.res.eng.it"
resource_manager_port: "8499"
resource_manager_endpoint: "{{ resource_manager_hostname }}:{{ resource_manager_port }}"
start_scopes: ''
infrastructure: 'd4s'

View File

@ -0,0 +1,2 @@
dependencies:
- role: gcore-base

View File

@ -0,0 +1,31 @@
- name: download {{ resource_manager_gar }}
get_url: url={{ resource_manager_url }} dest=/tmp force=yes
- name: deploy {{ resource_manager_gar }}
shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ resource_manager_gar }}
- name: add GLOBUS_OPTIONS to the gcore startup script
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
- name: copy updated GHNConfig.xml
template: src=GHNConfig.xml dest={{ globus_location }}/config/
#- name: copy updated resource-manager jndi-config.xml
# template: src=jndi-config.xml dest={{ globus_location }}/etc/{{ resource_manager_artifact }}/
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ resource_manager_hostname }}"
- name: deploy {{ resourcebroker_serialization_artifact }}
get_url: url={{ resourcebroker_serialization_url }} dest="{{ globus_location }}/lib/" force=yes
- name: deploy {{ resourcebroker_stubs_artifact }}
get_url: url={{ resourcebroker_stubs_url }} dest="{{ globus_location }}/lib/" force=yes
- name: restore ownership
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
- name: start gCore
become: yes
become_user: "{{ ghn_user }}"
shell: "{{ globus_location }}/gcore-start.sh"

View File

@ -0,0 +1,86 @@
<?xml version="1.0" encoding="UTF-8"?>
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
<global>
<environment
name="securityenabled"
value="false"
type="java.lang.Boolean"
override="false" />
<environment
name="mode"
value="ROOT"
type="java.lang.String"
override="false" />
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
<environment
name="startScopes"
value="{{ start_scopes }}"
type="java.lang.String"
override="false" />
<environment
name="allowedScopes"
value=""
type="java.lang.String"
override="false" />
<environment
name="infrastructure"
value="{{ infrastructure }}"
type="java.lang.String"
override="false" />
<environment
name="labels"
value="GHNLabels.xml"
type="java.lang.String"
override="false" />
<environment
name="GHNtype"
value="STATIC"
type="java.lang.String"
override="false" />
<environment
name="localProxy"
value="/home/globus/..."
type="java.lang.String"
override="false" />
<environment
name="coordinates"
value="43.719627,10.421626"
type="java.lang.String"
override="false" />
<environment
name="country"
value="it"
type="java.lang.String"
override="false" />
<environment
name="location"
value="Pisa"
type="java.lang.String"
override="false" />
<environment
name="updateInterval"
value="60"
type="java.lang.Long"
override="false" />
<environment
name="trustedGHNSynchInterval"
value="600"
type="java.lang.Long"
override="false" />
<!-- Test PublishedHost -->
<environment
name="publishedHost"
value="{{ resource_manager_hostname }} "
type="java.lang.String"
override="false" />
<!-- Test PublishedPort -->
<environment
name="publishedPort"
value="{{ resource_manager_port }}"
type="java.lang.Integer"
override="false" />
</global>
</jndiConfig>

View File

@ -0,0 +1,11 @@
repo: "gcube-staging"
smartgears_version: "2.0.0-4.2.1-133740"
image_name: "smartgears_whn"
image_tag: "{{ smartgears_version }}"
#image_tag: "latest"
infrastructure: "d4s"
hostname: "{{ ansible_hostname }}"
token: "24edab1c-6ff6-4c61-8f51-b52d4f5f4611-98187548"
container_mode: "offline"

View File

@ -0,0 +1,3 @@
dependencies:
# - role: java-17
- role: docker

View File

@ -0,0 +1,32 @@
- name: ensure that the unarchive utils tar relies upon for file extraction are available (CentOS/RHEL)
yum: name={{ item }} state=latest
with_items:
- bzip2
- unzip
when: ansible_os_family == "RedHat"
- name: ensure that the unarchive utils tar relies upon for file extraction are available (Debian/Ubuntu)
apt: name={{ item }} state=latest
with_items:
- bzip2
- unzip
when: ansible_os_family == "Debian"
- name: create temporary build directory
shell: mktemp -d
register: tempdir
- name: copy the Dockerfile
template: src=Dockerfile dest="{{ tempdir.stdout }}/"
- name: copy the authorization config file
template: src=d4s.authorization dest="{{ tempdir.stdout }}/" mode=0644
- name: Build the docker image
docker_image:
path: "{{ tempdir.stdout }}"
name: "{{ image_name }}"
tag: "{{ image_tag }}"
- name: remove the temporary build directory
file: path="{{ tempdir.stdout }}" state=absent

View File

@ -0,0 +1,23 @@
from openjdk:7
ENV GHN_HOME=/SmartGears-Bundle/
ENV BUNDLE_HOME=$GHN_HOME
ENV CATALINA_HOME=$GHN_HOME/tomcat/
ENV CATALINA_OPTS="-Xmx2000m -Xms2000m -XX:MaxPermSize=512M"
ENV CATALINA_PID=$CATALINA_HOME/pid.txt
RUN wget http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/smartgears-distribution-bundle/{{ smartgears_version }}/smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz
RUN tar xzvf smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz
RUN rm smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz
WORKDIR $GHN_HOME/
RUN echo 1 | /bin/bash $GHN_HOME/setup.sh -n {{ ansible_hostname }} -f
ADD d4s.authorization $CATALINA_HOME/lib/
RUN ln -s $GHN_HOME/SmartGears/container.xml $GHN_HOME/container.xml
RUN sed -ie 's/^$CATALINA_HOME\/bin\/startup.sh/$CATALINA_HOME\/bin\/catalina.sh\ run/' $GHN_HOME/startContainer.sh
RUN sed -ie "s/<container mode='offline'>/<container mode='{{ container_mode }}'>/" $GHN_HOME/container.xml
RUN sed -ie "s/<infrastructure>gcube<\/infrastructure>/<infrastructure>{{ infrastructure }}<\/infrastructure>/" $GHN_HOME/container.xml
RUN sed -ie "/<\/infrastructure>/a \ <token>{{ token }}</token>" $GHN_HOME/container.xml
EXPOSE 8080
CMD ./startContainer.sh

View File

@ -0,0 +1,25 @@
from openjdk:7
ENV GHN_HOME=/SmartGears-Bundle/
ENV BUNDLE_HOME=$GHN_HOME
ENV CATALINA_HOME=$GHN_HOME/tomcat/
ENV CATALINA_OPTS="-Xmx2000m -Xms2000m -XX:MaxPermSize=512M"
ENV CATALINA_PID=$CATALINA_HOME/pid.txt
#WORKDIR $GHN_HOME/
RUN \
wget http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/smartgears-distribution-bundle/{{ smartgears_version }}/smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz \
&& tar xzvf smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz \ #--strip-components=1 \
&& rm smartgears-distribution-bundle-{{ smartgears_version }}.tar.gz \
&& cd smartgears-distribution-bundle-{{ smartgears_version }} \
&& echo 1 | /bin/bash ./setup.sh -n {{ hostname }} -f \
&& ln -s $GHN_HOME/SmartGears/container.xml $GHN_HOME/container.xml \
&& sed -ie 's/^$CATALINA_HOME\/bin\/startup.sh/$CATALINA_HOME\/bin\/catalina.sh\ run/' startContainer.sh \
&& sed -ie "s/<container mode='offline'>/<container mode='{{ container_mode }}'>/" container.xml \
&& sed -ie "s/<infrastructure>gcube<\/infrastructure>/<infrastructure>{{ infrastructure }}<\/infrastructure>/" container.xml \
&& sed -ie "/<\/infrastructure>/a \ <token>{{ token }}</token>" container.xml
EXPOSE 8080
CMD /SmartGears-Bundle/startContainer.sh

View File

@ -0,0 +1 @@
<authorization-endpoint priority="1" infrastructure="d4s"><host>{{ authorization_hostname }}</host><secure>false</secure><port>{{ authorization_port }}</port></authorization-endpoint>

View File

@ -0,0 +1,13 @@
---
repo: "gcube-staging"
software_gateway_version: "1.1.6-4.1.0-126706"
software_gateway_artifact: "softwaregateway-service-{{ software_gateway_version }}"
software_gateway_gar: "{{ software_gateway_artifact }}.gar"
software_gateway_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/resourcemanagement/softwaregateway-service/{{ software_gateway_version }}/{{ software_gateway_gar }}"
software_gateway_hostname: "d4s.res.eng.it"
software_gateway_port: "8599"
software_gateway_endpoint: "{{ software_gateway_hostname }}:{{ software_gateway_port }}"
start_scopes: ''
infrastructure: 'd4s'

View File

@ -0,0 +1,61 @@
<settings xmlns="http://maven.apache.org/SETTINGS/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.
0 http://maven.apache.org/xsd/settings-1.1.0.xsd">
<servers>
<server>
<id>gcube-snapshots</id>
<username>gcube-user</username>
<password>maven</password>
</server>
<server>
<id>gcube-releases</id>
<username>gcube-user</username>
<password>maven</password>
</server>
</servers>
<profiles>
<profile>
<id>gcube</id>
<repositories>
<repository>
<id>gcube-staging</id>
<name>gCube Staging</name>
<url>http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-staging</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<enabled>true</enabled>
</releases>
</repository>
<repository>
<id>gcube-externals</id>
<name>gCube Externals</name>
<url>http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-externals</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<enabled>true</enabled>
</releases>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>gcube-releases</id>
<name>gCube Releases</name>
<url>http://maven.research-infrastructures.eu/nexus/content/repositories/gcube-releases</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<enabled>true</enabled>
</releases>
</pluginRepository>
</pluginRepositories>
</profile>
</profiles>
<activeProfiles>
<activeProfile>gcube</activeProfile>
</activeProfiles>
</settings>

View File

@ -0,0 +1,2 @@
dependencies:
- role: gcore-base

View File

@ -0,0 +1,25 @@
- name: download {{ software_gateway_gar }}
get_url: url={{ software_gateway_url }} dest=/tmp force=yes
- name: deploy {{ software_gateway_gar }}
shell: export GLOBUS_LOCATION={{ globus_location }} ANT_HOME={{ ant_location }} && {{ globus_location }}/bin/gcore-deploy-service /tmp/{{ software_gateway_gar }}
- name: add GLOBUS_OPTIONS to the gcore startup script
lineinfile: dest="{{ globus_location }}/gcore-start.sh" insertbefore="^nohup" state=present line='export GLOBUS_OPTIONS="-Xms512M -Xmx1024M"'
- name: copy updated GHNConfig.xml
template: src=GHNConfig.xml dest={{ globus_location }}/config/
- name: copy settings.xml as per "https://gcube.wiki.gcube-system.org/gcube/Talk:Creating_gCube_Maven_components:_How-To#Repositories"
copy: src=settings.xml dest={{ globus_location }}/etc/{{ software_gateway_artifact }}/
- name: set logicalhost parameter on {{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd
replace: dest="{{ globus_location }}/etc/globus_wsrf_core/server-config.wsdd" regexp='localhost' replace="{{ software_gateway_hostname }}"
- name: restore ownership
file: dest={{ globus_location }} owner={{ ghn_user }} group={{ ghn_user }} recurse=yes
- name: start gCore
become: yes
become_user: "{{ ghn_user }}"
shell: "{{ globus_location }}/gcore-start.sh"

View File

@ -0,0 +1,86 @@
<?xml version="1.0" encoding="UTF-8"?>
<jndiConfig xmlns="http://wsrf.globus.org/jndi/config">
<global>
<environment
name="securityenabled"
value="false"
type="java.lang.Boolean"
override="false" />
<environment
name="mode"
value="ROOT"
type="java.lang.String"
override="false" />
<!-- multiple scopes must be separated by a comma (e.g "EM,testing")-->
<environment
name="startScopes"
value="{{ start_scopes }}"
type="java.lang.String"
override="false" />
<environment
name="allowedScopes"
value=""
type="java.lang.String"
override="false" />
<environment
name="infrastructure"
value="{{ infrastructure }}"
type="java.lang.String"
override="false" />
<environment
name="labels"
value="GHNLabels.xml"
type="java.lang.String"
override="false" />
<environment
name="GHNtype"
value="STATIC"
type="java.lang.String"
override="false" />
<environment
name="localProxy"
value="/home/globus/..."
type="java.lang.String"
override="false" />
<environment
name="coordinates"
value="43.719627,10.421626"
type="java.lang.String"
override="false" />
<environment
name="country"
value="it"
type="java.lang.String"
override="false" />
<environment
name="location"
value="Pisa"
type="java.lang.String"
override="false" />
<environment
name="updateInterval"
value="60"
type="java.lang.Long"
override="false" />
<environment
name="trustedGHNSynchInterval"
value="600"
type="java.lang.Long"
override="false" />
<!-- Test PublishedHost -->
<environment
name="publishedHost"
value="{{ software_gateway_hostname }} "
type="java.lang.String"
override="false" />
<!-- Test PublishedPort -->
<environment
name="publishedPort"
value="{{ software_gateway_port }}"
type="java.lang.Integer"
override="false" />
</global>
</jndiConfig>