forked from ISTI-ansible-roles/ansible-roles
library/roles/smartgears: Handle the case when we need VO level authorization. Use the locally saved scopes instead of the provided ones. See https://support.d4science.org/issues/7880
This commit is contained in:
Andrea Dell'Amico
parent
8c3a37c5bc
commit
c9a63a6330
|
|
@ -16,7 +16,8 @@ smartgears_user: '{{ d4science_user }}'
|
|||
smartgears_user_home: '{{ d4science_user_home }}'
|
||||
smartgears_instance_path: '{{ smartgears_user_home }}/tomcat'
|
||||
smartgears_install_path: '{{ smartgears_user_home }}/SmartGears'
|
||||
smartgears_distribution_version: 2.1.0-4.3.0-142337
|
||||
#smartgears_distribution_version: 2.1.0-4.3.0-142337
|
||||
smartgears_distribution_version: 2.1.2-4.4.0-146408
|
||||
smartgears_file: 'smartgears-distribution-{{ smartgears_distribution_version }}.tar.gz'
|
||||
smartgears_url: 'http://maven.research-infrastructures.eu/nexus/content/repositories/{{ gcube_repository }}/org/gcube/distribution/smartgears-distribution/{{ smartgears_distribution_version }}/{{ smartgears_file }}'
|
||||
smartgears_mode: online
|
||||
|
|
@ -40,7 +41,7 @@ smartgears_country: it
|
|||
smartgears_location: pisa
|
||||
smartgears_latitude: 41.9000
|
||||
smartgears_longitude: 12.5000
|
||||
smartgears_publication_frequency: 180
|
||||
smartgears_publication_frequency: 300
|
||||
smartgears_http_port: 9000
|
||||
smartgears_service_name: 'tomcat-instance-{{ smartgears_http_port }}'
|
||||
|
||||
|
|
|
|||
|
|
@ -58,6 +58,26 @@
|
|||
copy: src=TokenGenerator.class dest=/usr/local/lib/TokenGenerator.class owner=root group=root mode=0644
|
||||
tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
|
||||
|
||||
- name: Install the script that manages the smartgears loglevel
|
||||
template: src=change-logback-loglevel.sh.j2 dest=/usr/local/bin/change-logback-loglevel owner=root group=root mode=0755
|
||||
with_items: '{{ tomcat_m_instances }}'
|
||||
when: not item.skip_smartgears
|
||||
tags: [ 'smartgears', 'smartgears_loglevel', 'tomcat' ]
|
||||
|
||||
- name: Change the smartgears log level
|
||||
become: True
|
||||
become_user: '{{ smartgears_user }}'
|
||||
shell: /usr/local/bin/change-logback-loglevel
|
||||
tags: [ 'smartgears', 'tomcat', 'smartgears_loglevel' ]
|
||||
|
||||
- name: Remove some wrong symbolic links created by the install/upgrade script
|
||||
file: dest={{ item }} state=absent
|
||||
with_items:
|
||||
- '{{ smartgears_install_path }}/lib/lib'
|
||||
- '{{ smartgears_install_path }}/apps/webapps'
|
||||
when: smartgears_upgrade
|
||||
tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
|
||||
|
||||
- name: Install the script that fetches the scope tokens
|
||||
template: src=get-scopes.j2 dest=/usr/local/bin/get-scopes owner=root group={{ smartgears_user }} mode=0750
|
||||
with_items: '{{ tomcat_m_instances }}'
|
||||
|
|
@ -81,38 +101,20 @@
|
|||
with_items: '{{ tomcat_m_instances }}'
|
||||
tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
|
||||
|
||||
- name: Get the scope tokens from the authorization service and assemble the container.xml file
|
||||
- name: Get the scope tokens from the authorization service and assemble the container.xml file when whe have an authorization token or we are upgrading
|
||||
become: True
|
||||
become_user: '{{ smartgears_user }}'
|
||||
shell: /usr/local/bin/get-scopes {{ gcube_admin_token | default(omit) }}
|
||||
when: gcube_admin_token is defined
|
||||
shell: /usr/local/bin/get-scopes {{ gcube_admin_token | default('') }}
|
||||
when: gcube_admin_token is defined or smartgears_upgrade
|
||||
notify: Restart smartgears
|
||||
tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
|
||||
|
||||
- name: Remove the smartgears application state if requested
|
||||
#file: dest={{ smartgears_install_path }}/state state=absent
|
||||
file: dest=/home/gcube/SmartGears/state state=absent
|
||||
when: smartgears_remove_state
|
||||
notify: Restart smartgears
|
||||
tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
|
||||
|
||||
- name: Install the script that manages the smartgears loglevel
|
||||
template: src=change-logback-loglevel.sh.j2 dest=/usr/local/bin/change-logback-loglevel owner=root group=root mode=0755
|
||||
with_items: '{{ tomcat_m_instances }}'
|
||||
when: not item.skip_smartgears
|
||||
tags: [ 'smartgears', 'smartgears_loglevel', 'tomcat' ]
|
||||
|
||||
- name: Change the smartgears log level
|
||||
become: True
|
||||
become_user: '{{ smartgears_user }}'
|
||||
shell: /usr/local/bin/change-logback-loglevel
|
||||
tags: [ 'smartgears', 'tomcat', 'smartgears_loglevel' ]
|
||||
|
||||
- name: Remove some wrong symbolic links created by the install/upgrade script
|
||||
file: dest={{ item }} state=absent
|
||||
with_items:
|
||||
- '{{ smartgears_install_path }}/lib/lib'
|
||||
- '{{ smartgears_install_path }}/apps/webapps'
|
||||
when: smartgears_upgrade
|
||||
shell: . {{ smartgears_user_home }}/.bashrc ; cd {{ smartgears_user_home }}/SmartGears/scripts ; ./clean-container-state -s old_saved_scopes.xml
|
||||
when: smartgears_remove_state and not smartgears_upgrade
|
||||
notify: Restart smartgears
|
||||
tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
|
||||
|
||||
- name: Force a smartgears restart
|
||||
|
|
|
|||
|
|
@ -6,11 +6,37 @@ CONTAINER_XML_TAIL={{ smartgears_user_home }}/.containerxml/3-container.xml
|
|||
LOCAL_LIB=/usr/local/lib
|
||||
LOCAL_ETC=/usr/local/etc
|
||||
LOG_PREFIX="get-scopes: "
|
||||
GHN_ENV_FILE=/etc/default/tomcat-instance-{{ item.http_port }}.local
|
||||
SMARTGEARS_VO_AUTH={{ smartgears_authorized_on_all_scopes }}
|
||||
SMARTGEARS_UPGRADE={{ smartgears_upgrade }}
|
||||
SMARTGEARS_SAVED_STATE_F=saved_scopes_list.xml
|
||||
SMARTGEARS_SAVED_STATE_PATH={{ smartgears_user_home }}/SmartGears/$SMARTGEARS_SAVED_STATE_F
|
||||
SMARTGEARS_SCRIPTS_DIR={{ smartgears_user_home }}/SmartGears/scripts
|
||||
|
||||
|
||||
CONTAINER_XML_FILE={{ smartgears_install_path }}/container.xml
|
||||
|
||||
# 0: True, 1: False
|
||||
USE_SAVED_STATE=1
|
||||
|
||||
RETVAL=
|
||||
|
||||
# Scenario:
|
||||
# - First installation, no upgrade.
|
||||
# - The node must run on all VOs
|
||||
# In these cases we use our scopes list
|
||||
|
||||
if [ "$SMARTGEARS_VO_AUTH" == 'false' ] ; then
|
||||
if [ "$SMARTGEARS_UPGRADE" == 'True' ] ; then
|
||||
USE_SAVED_STATE=0
|
||||
logger "$LOG_PREFIX setting the correct variables so that we are going to use the local scopes"
|
||||
else
|
||||
logger "$LOG_PREFIX We are going to use our scopes list. A valid token is mandatory"
|
||||
fi
|
||||
else
|
||||
logger "$LOG_PREFIX We are going to use our scopes list. A valid token is mandatory"
|
||||
fi
|
||||
|
||||
SCOPES_LIST=""
|
||||
if [ -f $LOCAL_ETC/scopes.list ] ; then
|
||||
. $LOCAL_ETC/scopes.list
|
||||
|
|
@ -18,14 +44,16 @@ else
|
|||
logger "$LOG_PREFIX There is no token list, aborting"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
||||
if [ $# -ne 1 ] ; then
|
||||
echo "The token must be passed as the sole argument"
|
||||
logger "$LOG_PREFIX The token must be passed as the sole argument"
|
||||
|
||||
if [ $# -ne 1 -a $USE_SAVED_STATE -ne 0 ] ; then
|
||||
echo "The token must be passed as the sole argument when we are not using the local state"
|
||||
logger "$LOG_PREFIX The token must be passed as the sole argument when we are not using the local state"
|
||||
exit 1
|
||||
elif [ $# -eq 1 ] ; then
|
||||
logger "$LOG_PREFIX We have an authorization token"
|
||||
TOKEN=$1
|
||||
fi
|
||||
TOKEN=$1
|
||||
|
||||
{%if setup_nginx %}
|
||||
{%if https_port is defined %}
|
||||
|
|
@ -43,21 +71,33 @@ HTTP_PORT={{ http_port }}
|
|||
HTTP_PORT={{ item.http_port }}
|
||||
{% endif %}
|
||||
|
||||
for jar in $( ls -1 /home/gcube/tomcat/lib/ ) ; do
|
||||
export CLASSPATH="/home/gcube/SmartGears/lib/${jar}:$CLASSPATH"
|
||||
done
|
||||
if [ $USE_SAVED_STATE -ne 0 ] ; then
|
||||
logger "$LOG_PREFIX First installation or moving avay to a configuration that needs to be present on all the VREs. Using our scopes list and not the state memorized one"
|
||||
for jar in $( ls -1 /home/gcube/tomcat/lib/ ) ; do
|
||||
export CLASSPATH="/home/gcube/SmartGears/lib/${jar}:$CLASSPATH"
|
||||
done
|
||||
|
||||
cd $LOCAL_LIB
|
||||
cd $LOCAL_LIB
|
||||
|
||||
java TokenGenerator {{ smartgears_hostname }} $TOKEN $HTTP_PORT $SCOPES_FILE $SCOPES_LIST
|
||||
RETVAL=$?
|
||||
if [ $RETVAL -eq 0 ] ; then
|
||||
logger "$LOG_PREFIX We got the scope tokens"
|
||||
java TokenGenerator {{ smartgears_hostname }} $TOKEN $HTTP_PORT $SCOPES_FILE $SCOPES_LIST >/dev/null 2>&1
|
||||
RETVAL=$?
|
||||
if [ $RETVAL -eq 0 ] ; then
|
||||
logger "$LOG_PREFIX We got the scope tokens"
|
||||
else
|
||||
logger "$LOG_PREFIX Unable to obtain the scope tokens, aborting"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
logger "$LOG_PREFIX Unable to obtain the scope tokens, aborting"
|
||||
exit 1
|
||||
logger "$LOG_PREFIX We are going to use the scopes memorized into the state"
|
||||
SCOPES_FILE=$SMARTGEARS_SAVED_STATE_PATH
|
||||
fi
|
||||
|
||||
# We always remove the current state
|
||||
cd $SMARTGEARS_SCRIPTS_DIR
|
||||
. $GHN_ENV_FILE
|
||||
./clean-container-state -s $SMARTGEARS_SAVED_STATE_F
|
||||
|
||||
|
||||
# Now that we have the tokens, we can assemble the container.xml file
|
||||
chmod 640 $CONTAINER_XML_FILE
|
||||
CREATE_CONTAINER_XML_RES=0
|
||||
|
|
|
|||
Loading…
Reference in New Issue