added the smartgears container related roles to build a smartgears docker image

smartgears/smartgears-base-image/defaults/main.yml

@@ -0,0 +1,27 @@
+smartgears_user: "root"
+smartgears_user_home: "/root/"
+#smartgears_user: "tomcat7"
+#smartgears_user_home:  "/usr/share/tomcat7/"
+smartgears_distribution_version: "2.1.3-4.7.0-154641"
+smartgears_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/distribution/smartgears-distribution/{{ smartgears_distribution_version }}/smartgears-distribution-{{ smartgears_distribution_version }}.tar.gz"
+smartgears_log_dir: "/var/log/tomcat7"
+smartgears_log_max_history: 30
+smartgears_log_max_file_size: 10MB
+smartgears_log_total_file_cap: 500MB
+smartgears_loglevel: "WARN"
+smartgears_log_use_timesize_appender: True
+
+orchestrator_user: "orchestrator"
+orchestrator_ssh_key:
+#orchestrator_ssh_key: "ssh-rsa placeholder orchestrator@placeholder"
+
+java_jdk: "java8-jdk" #### either java8-jdk or openjdk-8
+java_home: "/usr/lib/jvm/java-8-oracle"
+catalina_home: "{{ smartgears_user_home }}"
+catalina_opts: "-Xmx2000m -Xms2000m -XX:MaxPermSize=512M"
+tomcat_port: 8080
+
+image_name: "smartgears-base-image-{{ java_jdk }}"
+#image_tag: "latest"   #{{ smartgears_distribution_version }}
+image_tag: "{{ smartgears_distribution_version }}"
+push_to_repo: "no"

smartgears/smartgears-base-image/files/smartgears_run.sh

@@ -0,0 +1,74 @@
+#!/bin/bash
+####################################################################
+#### Written by Daniele Pavia (ENG)
+#### configures the container.xml, runs the default tomcat instance
+#### and executes the ssh server in foreground to enable ansible
+#### provisioning while keeping the container alive
+####################################################################
+
+#### let's configure the container
+#### if no token is set refuse to run
+if [[ -z "$CONTAINER_TOKENS" ]];
+  ## spacchetta_token!
+  then
+    echo "CONTAINER_TOKENS not set, failed to configure the container. Exiting with errors.";
+    exit 1
+  else
+    #echo "tokens: $CONTAINER_TOKENS"
+    OLDIFS=$IFS
+    IFS=","
+    read -r -a tokens <<< "$CONTAINER_TOKENS"
+    for token in ${tokens[@]};
+    do
+            sed -i "/<infrastructure>gcube<\/infrastructure>/a \\\t<token>$token<\/token>" container.xml;
+    done
+    IFS=$OLDIFS
+fi
+
+if [[ -z "$CONTAINER_MODE" ]];
+  then
+    echo "CONTAINER_MODE not set, assuming default value.";
+  else
+    sed -i "s/<container mode='offline'>/<container mode='$CONTAINER_MODE'>/" container.xml;
+fi
+
+if [[ -z "$CONTAINER_HOSTNAME" ]];
+  then
+    echo "CONTAINER_HOSTNAME not set, assuming default value.";
+  else
+    sed -i "s/<hostname>localhost<\/hostname>/<hostname>$CONTAINER_HOSTNAME<\/hostname>/" container.xml;
+fi
+
+if [[ -z "$CONTAINER_PORT" ]];
+  then
+    echo "CONTAINER_PORT not set, assuming default value.";
+  else
+    sed -i "s/<port>8080<\/port>/<port>$CONTAINER_PORT<\/port>/" container.xml;
+fi
+
+if [[ -z "$CONTAINER_INFRASTRUCTURE" ]];
+  then
+    echo "CONTAINER_INFRASTRUCTURE not set, assuming default value.";
+  else
+    sed -i "s/<infrastructure>gcube<\/infrastructure>/<infrastructure>$CONTAINER_INFRASTRUCTURE<\/infrastructure>/" container.xml;
+fi
+
+if [[ $PATCH_COMMON_SCOPES = "1" ]];
+  then
+    rm ./lib/common-scope-maps-*;
+    mv common-scope-maps-patched.jar ./lib/
+fi
+
+if [[ $PATCH_COMMON_AUTHORIZATION = "1" ]];
+  then
+    rm ./lib/common-authorization-*;
+    mv common-authorization-patched.jar ./lib/
+fi
+echo "Container configuration done"
+
+#### let's start tomcat. Ignore its status after the start.
+echo "Starting Tomcat7"
+service tomcat7 start
+
+echo "Starting ssh server in foreground"
+/usr/sbin/sshd -D

smartgears/smartgears-base-image/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+# - role: java-17
+ - role: ../roles/docker

smartgears/smartgears-base-image/tasks/main.yml

@@ -0,0 +1,34 @@
+
+- name: create temporary build directory
+  shell: mktemp -d
+  register: tempdir
+
+- name: copy the Dockerfile
+  template: src=Dockerfile dest="{{ tempdir.stdout }}/"
+
+- name: copy the logback configuration
+  template: src=logback.xml.j2 dest="{{ tempdir.stdout }}/logback.xml"
+
+- name: copy the startup script
+  copy: src=smartgears_run.sh dest="{{ tempdir.stdout }}/" mode=0755
+
+- name: copy the pacthed common-scope-maps jar
+  copy: src=common-scope-maps-patched.jar dest="{{ tempdir.stdout }}/" mode=0755
+  when: patch_common_scope != 0
+
+- name: copy the pacthed common-authorization jar
+  copy: src=common-authorization-patched.jar dest="{{ tempdir.stdout }}/" mode=0755
+  when: patch_common_authorization != 0
+
+- name: Build the docker image
+  docker_image:
+    path: "{{ tempdir.stdout }}"
+    name: "{{ image_name }}"
+    tag: "{{ image_tag }}"
+    state: present
+    force: yes
+    rm: True
+    push: "{{ push_to_repo }}"
+
+- name: remove the temporary build directory
+  file: path="{{ tempdir.stdout }}" state=absent

smartgears/smartgears-base-image/templates/Dockerfile

@@ -0,0 +1,69 @@
+FROM ubuntu:14.04
+
+ENV JAVA_HOME {{ java_home }}
+ENV CATALINA_HOME {{ catalina_home }}
+ENV GHN_HOME {{ smartgears_user_home }}
+
+WORKDIR {{ smartgears_user_home }}
+ADD {{ smartgears_url }} {{ smartgears_user_home }}
+ADD smartgears_run.sh {{ smartgears_user_home }}
+COPY common-scope-maps-patched.ja* {{ smartgears_user_home }}
+COPY common-authorization-patched.ja* {{ smartgears_user_home }}
+
+RUN \
+  #### install either the Oracle JDK or OpenJDK
+  apt-get update && \
+  apt-get install -y software-properties-common && \
+  {% if java_jdk == 'java8-jdk' %}
+    echo oracle-java8-installer shared/accepted-oracle-license-v1-1 select true | debconf-set-selections && \
+    add-apt-repository -y ppa:webupd8team/java && \
+    apt-get update && \
+    apt-get install -y oracle-java8-installer && \
+    rm -rf /var/lib/apt/lists/* && \
+    rm -rf /var/cache/oracle-jdk8-installer && \
+  {% elif java_jdk == 'openjdk-8' %}
+    apt-add-repository -y ppa:openjdk-r/ppa && \
+    apt-get update && \
+    apt-get install -y openjdk-8-jdk-headless && \
+  {% endif %}
+
+  apt-get update && apt-get install -y tomcat7 openssh-client openssh-server python wget && \
+  ln -s /var/lib/tomcat7/webapps/ /usr/share/tomcat7/webapps && \
+  sed -ie 's/^TOMCAT7_USER=tomcat7/TOMCAT7_USER={{ smartgears_user }}/' /etc/default/tomcat7 && \
+  sed -ie 's/^TOMCAT7_GROUP=tomcat7/TOMCAT7_GROUP={{ smartgears_user }}/' /etc/default/tomcat7 && \
+
+  #### set the default JDK for tomcat
+  {% if java_jdk == 'java8-jdk' %}
+    echo "JAVA_HOME=/usr/lib/jvm/java-8-oracle/" >> /etc/default/tomcat7 && \
+  {% elif java_jdk == 'openjdk-8' %}
+    echo "JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/" >> /etc/default/tomcat7 && \
+  {% endif %}
+
+  echo GHN_HOME={{ smartgears_user_home }} >> /etc/default/tomcat7 && \
+  echo CATALINA_HOME={{ catalina_home }} >> /etc/default/tomcat7 && \
+  echo CATALINA_OPTS=\"{{ catalina_opts }}\" >> /etc/default/tomcat7 && \
+  ln -s /etc/init.d/tomcat7 /etc/init.d/tomcat-instance-9000 && \
+  sed -i 's/8080/{{ tomcat_port }}/' /var/lib/tomcat7/conf/server.xml && \
+  mkdir /var/run/sshd && \
+
+  #### if an orchestrator ssh key is specified then add it to the authorized_keys
+  {% if orchestrator_ssh_key is defined %}
+    mkdir -p ~/.ssh/ && touch ~/.ssh/authorized_keys && \
+    echo "{{ orchestrator_ssh_key }}" >> ~/.ssh/authorized_keys && \
+    echo "{{ orchestrator_user }} ALL=(ALL) ALL" >> /etc/sudoers && \
+  {% endif %}
+
+  #### is this pem required?
+  wget -O /usr/local/share/ca-certificates/infn-ca-2015.crt https://security.fi.infn.it/CA/mgt/INFNCA.pem && \
+  tar xzvf smartgears-distribution-{{ smartgears_distribution_version }}.tar.gz
+
+WORKDIR {{ smartgears_user_home }}/smartgears-distribution-{{ smartgears_distribution_version }}/
+RUN \
+  ./install -s tomcat
+
+COPY logback.xml {{ smartgears_user_home }}/lib/
+
+WORKDIR {{ smartgears_user_home }}
+
+EXPOSE 22 8080
+ENTRYPOINT ["{{ smartgears_user_home }}/smartgears_run.sh"]

smartgears/smartgears-base-image/templates/logback.xml.j2

@@ -0,0 +1,139 @@
+<configuration>
+  <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>{{ smartgears_log_dir }}/ghn.log</file>
+    <append>true</append>
+    <encoder>
+      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{0}: %msg%n</pattern>
+    </encoder>
+{% if smartgears_log_use_timesize_appender %}
+    <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+      <fileNamePattern>{{ smartgears_log_dir }}/ghn.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+      <maxHistory>{{ smartgears_log_max_history }}</maxHistory>
+      <maxFileSize>{{ smartgears_log_max_file_size }}</maxFileSize>
+      <totalSizeCap>{{ smartgears_log_total_file_cap }}</totalSizeCap>
+    </rollingPolicy>
+{% else %}
+    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>{{ smartgears_log_dir }}/ghn.%d{yyyy-MM-dd}.log</fileNamePattern>
+      <maxHistory>{{ smartgears_log_max_history }}</maxHistory>
+    </rollingPolicy>
+{% endif %}
+  </appender>
+
+  <appender name="ACCOUNT_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>{{ smartgears_log_dir }}/accounting.log</file>
+    <append>true</append>
+    <encoder>
+      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{0}: %msg%n</pattern>
+    </encoder>
+{% if smartgears_log_use_timesize_appender %}
+    <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+      <fileNamePattern>{{ smartgears_log_dir }}/accounting.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+      <maxHistory>{{ smartgears_log_max_history }}</maxHistory>
+      <maxFileSize>{{ smartgears_log_max_file_size }}</maxFileSize>
+      <totalSizeCap>{{ smartgears_log_total_file_cap }}</totalSizeCap>
+    </rollingPolicy>
+{% else %}
+    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>{{ smartgears_log_dir }}/accounting.%d{yyyy-MM-dd}.log</fileNamePattern>
+      <maxHistory>{{ smartgears_log_max_history }}</maxHistory>
+    </rollingPolicy>
+{% endif %}
+  </appender>
+
+  <appender name="ACCESS_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>{{ smartgears_log_dir }}/access.log</file>
+    <append>true</append>
+    <encoder>
+      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{0}: %msg%n</pattern>
+    </encoder>
+{% if smartgears_log_use_timesize_appender %}
+    <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+      <fileNamePattern>{{ smartgears_log_dir }}/access.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+      <maxHistory>{{ smartgears_log_max_history }}</maxHistory>
+      <maxFileSize>{{ smartgears_log_max_file_size }}</maxFileSize>
+      <totalSizeCap>{{ smartgears_log_total_file_cap }}</totalSizeCap>
+    </rollingPolicy>
+{% else %}
+    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <fileNamePattern>{{ smartgears_log_dir }}/access.%d{yyyy-MM-dd}.log</fileNamePattern>
+      <maxHistory>{{ smartgears_log_max_history }}</maxHistory>
+    </rollingPolicy>
+{% endif %}
+  </appender>
+
+{% if dataminer_app_install is defined and dataminer_app_install %}
+  <appender name="ANALYSIS" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>{{ smartgears_log_dir }}/analysis.log</file>
+    <append>true</append>
+    <encoder>
+      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{0}: %msg%n</pattern>
+    </encoder>
+{% if smartgears_log_use_timesize_appender %}
+    <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+      <fileNamePattern>{{ smartgears_log_dir }}/analysis.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+      <maxHistory>{{ smartgears_log_max_history }}</maxHistory>
+      <maxFileSize>{{ smartgears_log_max_file_size }}</maxFileSize>
+      <totalSizeCap>{{ smartgears_log_total_file_cap }}</totalSizeCap>
+    </rollingPolicy>
+{% else %}
+    <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+      <maxFileSize>{{ smartgears_log_max_file_size }}</maxFileSize>
+      <fileNamePattern>{{ smartgears_log_dir }}/analysis.%d{yyyy-MM-dd}.log</fileNamePattern>
+      <maxHistory>{{ smartgears_log_max_history }}</maxHistory>
+    </rollingPolicy>
+{% endif %}
+  </appender>
+
+  <logger name="org.gcube.dataanalysis" level="{{ smartgears_dataanalysis_loglevel }}">
+    <appender-ref ref="ANALYSIS" />
+  </logger>
+  <logger name="AnalysisLogger" level="{{ smartgears_dataanalysis_loglevel }}">
+    <appender-ref ref="ANALYSIS" />
+  </logger>
+{% endif %}
+
+{% if smartgears_appender_list is defined %}
+{% for obj in smartgears_appender_list %}
+ <appender name="{{ obj.appender_name }}" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <file>/home/gcube/tomcat/logs/{{ obj.appender_file_name }}.log</file>
+    <append>true</append>
+    <encoder>
+      <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{0}: %msg%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+      <fileNamePattern>/home/gcube/tomcat/logs/{{ obj.appender_file_name | default('custom') }}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+      <maxHistory>{{ obj.appender_maxHistory | default('30') }}</maxHistory>
+      <maxFileSize>{{ obj.appender_maxFileSize | default('10MB') }}</maxFileSize>
+      <totalSizeCap>{{ obj.appender_totalSizeCap | default('2GB') }}</totalSizeCap>
+    </rollingPolicy>
+  </appender>
+  <logger name="{{ obj.appender_package }}" level="{{ obj.appender_level | default('WARN') }}">
+    <appender-ref ref="{{ obj.appender_name | default('SERVICE')  }}" />
+  </logger>
+{% endfor %}
+{% endif %}
+
+
+  <logger name="org.gcube.data.publishing" level="FATAL">
+    <appender-ref ref="ACCOUNT_FILE" />
+  </logger>
+  <logger name="org.gcube.documentstore" level="FATAL">
+    <appender-ref ref="ACCOUNT_FILE" />
+  </logger>
+
+  <logger name="org.gcube.smartgears.handlers.application.request"
+          level="INFO">
+    <appender-ref ref="ACCESS_FILE" />
+  </logger>
+
+  <logger name="org.gcube" level="{{ smartgears_loglevel }}" />
+  <logger name="org.gcube.smartgears" level="{{ smartgears_loglevel }}" />
+  <logger name="org.gcube.common.events" level="{{ smartgears_loglevel }}" />
+  <logger name="org.gcube.data.publishing" level="FATAL" />
+  <logger name="org.gcube.documentstore" level="FATAL" />
+
+  <root level="{{ smartgears_loglevel }}">
+    <appender-ref ref="FILE" />
+  </root>
+</configuration>

smartgears/smartgears-container-bootstrap/defaults/main.yml

@@ -0,0 +1,10 @@
+smartgears_container_name: "smartgears_base_container"
+smartgears_image: "smartgears_base_image"
+image_version: "{{ smartgears_distribution_version }}"
+container_ssh_port: 2222
+tomcat_port: 8080
+
+smartgear_tokens: "c8610c1b-4293-4ed4-ad53-f2aeaf4fbeb8-97827"
+container_mode: "online"
+container_hostname: "shinyproxy"
+container_infrastructure: "d4s"

smartgears/smartgears-container-bootstrap/tasks/main.yml

@@ -0,0 +1,20 @@
+#### runs/replaces a smartgears container with the provided params
+- name: run a smartgears container based on the "{{ smartgears_image }}" image
+  docker_container:
+    name: "{{ smartgears_container_name }}"
+    state: started
+    image: "{{ smartgears_image }}:{{ image_version }}"
+    #pull: True
+    recreate: yes
+    detach: True
+    env:
+      CONTAINER_TOKENS: "{{ smartgear_tokens }}"
+      CONTAINER_MODE: "{{ container_mode }}"
+      CONTAINER_HOSTNAME: "{{ container_hostname }}"
+      CONTAINER_PORT: "{{ tomcat_port }}"
+      CONTAINER_INFRASTRUCTURE: "{{ container_infrastructure }}"
+      PATCH_COMMON_SCOPES: "{{ patch_common_scope }}"
+      PATCH_COMMON_AUTHORIZATION: "{{ patch_common_authorization }}"
+    published_ports:
+      - "{{ container_ssh_port }}:22"
+      - "{{ tomcat_port }}:{{ tomcat_port }}"

smartgears/smartgears-container-home-library/defaults/main.yml

@@ -0,0 +1,7 @@
+image_name: "smartgears_home_library"
+image_tag: "{{ home_library_war_version }}"
+push_to_repo: "no"
+repo: "gcube-staging"
+
+home_library_artifact_url: "http://maven.research-infrastructures.eu/nexus/service/local/repositories/{{ repo }}/content/org/gcube/data/access/home-library-webapp/{{ home_library_war_version }}/home-library-webapp-{{ home_library_war_version }}.war"
+catalina_home: "/usr/share/tomcat7/"

smartgears/smartgears-container-home-library/tasks/main.yml

@@ -0,0 +1,20 @@
+- name: create temporary build directory
+  shell: mktemp -d
+  register: tempdir
+
+- name: copy the Dockerfile
+  template: src=Dockerfile dest="{{ tempdir.stdout }}/"
+
+- name: Build the docker image
+  docker_image:
+    path: "{{ tempdir.stdout }}"
+    name: "{{ image_name }}"
+    tag: "{{ image_tag }}"
+    state: present
+    force: yes
+    rm: True
+    pull: False
+    push: "{{ push_to_repo }}"
+
+- name: remove the temporary build directory
+  file: path="{{ tempdir.stdout }}" state=absent

smartgears/smartgears-container-home-library/templates/Dockerfile

@@ -0,0 +1,3 @@
+FROM smartgears_base_image:{{ smartgears_distribution_version }}
+
+ADD {{ home_library_artifact_url }} "{{ catalina_home }}/webapps/"