firethorn

changeset 4315:d26d2cfa6b16

Notes on latest TAP/Firethorn (WFAU) deploy
author Stelios <stv@roe.ac.uk>
date Fri Jan 15 16:40:57 2021 +0200 (6 weeks ago)
parents a544ca0d35c9
children 2f17074a7e0c
files doc/notes/stv/20201209-TAP-Swarm-deploy-2.1.36.txt docker/sql-client/Dockerfile
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/doc/notes/stv/20201209-TAP-Swarm-deploy-2.1.36.txt	Fri Jan 15 16:40:57 2021 +0200
     1.3 @@ -0,0 +1,442 @@
     1.4 +#
     1.5 +# <meta:header>
     1.6 +#   <meta:licence>
     1.7 +#     Copyright (c) 2015, ROE (http://www.roe.ac.uk/)
     1.8 +#
     1.9 +#     This information is free software: you can redistribute it and/or modify
    1.10 +#     it under the terms of the GNU General Public License as published by
    1.11 +#     the Free Software Foundation, either version 3 of the License, or
    1.12 +#     (at your option) any later version.
    1.13 +#
    1.14 +#     This information is distributed in the hope that it will be useful,
    1.15 +#     but WITHOUT ANY WARRANTY; without even the implied warranty of
    1.16 +#     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    1.17 +#     GNU General Public License for more details.
    1.18 +#  
    1.19 +#     You should have received a copy of the GNU General Public License
    1.20 +#     along with this program.  If not, see <http://www.gnu.org/licenses/>.
    1.21 +#   </meta:licence>
    1.22 +# </meta:header>
    1.23 +#
    1.24 +#
    1.25 +
    1.26 +
    1.27 +## ------------------------------------------------------------------------------------------
    1.28 +## CreateVM
    1.29 +## ------------------------------------------------------------------------------------------
    1.30 +
    1.31 +stv@trop02:~$ createvm
    1.32 +..
    1.33 +Creating new volume [Eterathiel.qcow]
    1.34 +Vol Eterathiel.qcow created
    1.35 +Name:           Eterathiel.qcow
    1.36 +Type:           file
    1.37 +Capacity:       32.00 GiB
    1.38 +Allocation:     196.00 KiB
    1.39 +
    1.40 +Vol Eterathiel.iso deleted
    1.41 +Vol Eterathiel.iso created
    1.42 +Creating new virtual machine [Eterathiel]
    1.43 +Domain Eterathiel defined from /tmp/tmp.PT4TTUgzox
    1.44 +Starting new virtual machine [Eterathiel]
    1.45 +Domain Eterathiel started
    1.46 +
    1.47 +
    1.48 +
    1.49 +## ------------------------------------------------------------------------------------------
    1.50 +## Initialize Swarm with VM's address
    1.51 +## ------------------------------------------------------------------------------------------
    1.52 +
    1.53 +ssh Stevedore@Araybwyn
    1.54 +
    1.55 +ip=$(ip -f inet -o addr show ens3|cut -d\  -f 7 | cut -d/ -f 1)
    1.56 +docker swarm init --advertise-addr ${ip}
    1.57 +
    1.58 +
    1.59 +## Firewall Ports for Swarm
    1.60 +
    1.61 +sudo su
    1.62 +    firewall-cmd --add-port=2377/tcp --permanent
    1.63 +    firewall-cmd --add-port=2377/tcp --permanent
    1.64 +    firewall-cmd --add-port=7946/tcp --permanent
    1.65 +    firewall-cmd --add-port=4789/tcp --permanent
    1.66 +    firewall-cmd --add-port=4789/udp --permanent
    1.67 +    iptables -A INPUT -p 50 -j ACCEPT    
    1.68 +    firewall-cmd --reload
    1.69 +exit
    1.70 +
    1.71 +
    1.72 +
    1.73 +
    1.74 +## -------------------------------------------------------------------------------------------
    1.75 +## Add secret function.
    1.76 +## -------------------------------------------------------------------------------------------
    1.77 +
    1.78 +    secrethost='stv@shepseskaf.roe.ac.uk'
    1.79 +    secretfile='${HOME:?}/secret.store.20201209'
    1.80 +
    1.81 +    secret()
    1.82 +    {
    1.83 +        local key=${1:?}
    1.84 +        ssh -o 'VisualHostKey=no' "${secrethost:?}" "sed -n 's/${key}=\\(.*\\)/\\1/p' \"${secretfile:?}\"" 
    1.85 +    }
    1.86 +
    1.87 +    secret 'firethorn.ssh.keys' >> "${HOME}/.ssh/authorized_keys"
    1.88 +
    1.89 +
    1.90 +
    1.91 +## -------------------------------------------------------------------------------------------
    1.92 +## Set the target branch and builtag
    1.93 +## -------------------------------------------------------------------------------------------
    1.94 +
    1.95 +
    1.96 +    export buildtag=2.1.36
    1.97 +    export branch=default
    1.98 +
    1.99 +
   1.100 +
   1.101 +## -------------------------------------------------------------------------------------------
   1.102 +## Create our chain.properties file
   1.103 +## -------------------------------------------------------------------------------------------
   1.104 +
   1.105 +cat > "${HOME:?}/chain.properties" << EOF
   1.106 +
   1.107 +metadata=postgres
   1.108 +metauser=$(pwgen 20 1)
   1.109 +metapass=$(pwgen 20 1) 
   1.110 +
   1.111 +userhost=$(secret 'firethorn.user.host')
   1.112 +userdata=$(secret 'firethorn.user.data')
   1.113 +useruser=$(secret 'firethorn.user.user')
   1.114 +userpass=$(secret 'firethorn.user.pass')
   1.115 +usertype=mssql
   1.116 +
   1.117 +datahost=$(secret 'firethorn.data.host')
   1.118 +datadata=$(secret 'firethorn.data.data')
   1.119 +datacatalog=$(secret 'firethorn.data.catalog')
   1.120 +datatype=$(secret 'firethorn.data.type')
   1.121 +datauser=$(secret 'firethorn.data.user')
   1.122 +datapass=$(secret 'firethorn.data.pass')
   1.123 +
   1.124 +tapschemadata=$(secret 'firethorn.tapschema.database.name')
   1.125 +tapschemauser=$(secret 'firethorn.tapschema.database.user')
   1.126 +tapschemapass=$(secret 'firethorn.tapschema.database.pass')
   1.127 +tapschemahost=$(secret 'firethorn.tapschema.database.host')
   1.128 +tapschemaport=$(secret 'firethorn.tapschema.database.port')
   1.129 +tapschematype=$(secret 'firethorn.tapschema.database.type')
   1.130 +tapschemajdbc=$(secret 'firethorn.tapschema.jdbc.name')
   1.131 +
   1.132 +tunneluser=$(secret 'ssh.tunnel.user')
   1.133 +tunnelhost=$(secret 'ssh.tunnel.host')
   1.134 +
   1.135 +admingroup=$(pwgen 20 1)	
   1.136 +adminuser=$(pwgen 20 1)
   1.137 +adminpass=$(pwgen 20 1)
   1.138 +
   1.139 +adql_query_delay_first=$(secret 'adql.query.delay.first')
   1.140 + 
   1.141 +firethorn_limits_rows_absolute=$(secret 'firethorn.limits.rows.absolute')
   1.142 +firethorn_limits_rows_default=$(secret 'firethorn.limits.rows.default')
   1.143 +
   1.144 +guestgroup=friends
   1.145 +endpoint=$(secret 'endpoint')
   1.146 +
   1.147 +firethornhost=gillian
   1.148 +
   1.149 +EOF
   1.150 +
   1.151 +
   1.152 +
   1.153 +## -----------------------------------------------------
   1.154 +## Create our Firethorn properties.
   1.155 +## -----------------------------------------------------
   1.156 +
   1.157 +source "${HOME:?}/chain.properties"
   1.158 +cat > "${HOME:?}/firethorn.properties" << EOF
   1.159 +
   1.160 +firethorn.meta.type=pgsql
   1.161 +firethorn.meta.driver=org.postgresql.Driver
   1.162 +firethorn.meta.host=bethany
   1.163 +firethorn.meta.url=jdbc:postgresql://bethany/${metadata}
   1.164 +firethorn.meta.data=postgres
   1.165 +firethorn.meta.user=${metauser:?}
   1.166 +firethorn.meta.pass=${metapass:?}
   1.167 +
   1.168 +firethorn.user.type=mssql
   1.169 +firethorn.user.url=jdbc:jtds:sqlserver://${userhost:?}/${userdata:?}
   1.170 +firethorn.user.driver=net.sourceforge.jtds.jdbc.Driver
   1.171 +firethorn.user.host=${userhost:?}
   1.172 +firethorn.user.data=${userdata:?}
   1.173 +firethorn.user.user=${useruser:?}
   1.174 +firethorn.user.pass=${userpass:?}
   1.175 +
   1.176 +firethorn.tapschema.resource.name=${tapschemajdbc}
   1.177 +firethorn.tapschema.database.name=${tapschemadata}
   1.178 +firethorn.tapschema.database.host=${tapschemahost}
   1.179 +firethorn.tapschema.database.port=${tapschemaport}
   1.180 +firethorn.tapschema.database.user=${tapschemauser}
   1.181 +firethorn.tapschema.database.pass=${tapschemapass}
   1.182 +
   1.183 +firethorn.admin.community=${admingroup:?}
   1.184 +firethorn.admin.user.name=${adminuser:?}
   1.185 +firethorn.admin.user.pass=${adminpass:?}
   1.186 +
   1.187 +firethorn.guest.community=${guestgroup:?}
   1.188 +
   1.189 +adql.query.delay.first=${adql_query_delay_first:?}
   1.190 +
   1.191 +firethorn.limits.rows.absolute=${firethorn_limits_rows_absolute:?}
   1.192 +firethorn.limits.rows.default=${firethorn_limits_rows_default:?}
   1.193 +
   1.194 +firethornhost=gillian
   1.195 +
   1.196 +
   1.197 +EOF
   1.198 +
   1.199 +
   1.200 +
   1.201 +## -------------------------------------------------------------------------------------------
   1.202 +## Create our compose env files.
   1.203 +## -------------------------------------------------------------------------------------------
   1.204 +
   1.205 +source "${HOME:?}/chain.properties"
   1.206 +cat > "${HOME:?}/.env" << EOF
   1.207 +
   1.208 +buildtag=${branch:?}
   1.209 +endpoint=${endpoint:?}
   1.210 +
   1.211 +
   1.212 +metadata=postgres
   1.213 +metauser=${metauser:?}
   1.214 +metapass=${metapass:?}
   1.215 +firethorn.meta.type=pgsql
   1.216 +firethorn.meta.driver=org.postgresql.Driver
   1.217 +firethorn.meta.host=bethany
   1.218 +firethorn.meta.url=jdbc:postgresql://bethany/postgres
   1.219 +firethorn.meta.data=postgres
   1.220 +firethorn.meta.user=${metauser:?}
   1.221 +firethorn.meta.pass=${metapass:?}
   1.222 +
   1.223 +
   1.224 +datadata=${datadata:?}
   1.225 +datauser=${datauser:?}
   1.226 +datapass=${datapass:?}
   1.227 +datahost=${datahost:?}
   1.228 +datacatalog=${datacatalog:?}
   1.229 +datatype=mssql
   1.230 +
   1.231 +
   1.232 +tapschemadata=${tapschemadata:?}
   1.233 +tapschemauser=${tapschemauser:?}
   1.234 +tapschemapass=${tapschemapass:?}
   1.235 +tapschemahost=${tapschemahost}
   1.236 +tapschemaport=${tapschemaport:?}
   1.237 +tapschemajdbc=${tapschemajdbc:?}
   1.238 +tapschematype=${tapschematype:?}
   1.239 +firethorn.tapschema.resource.name=${tapschemajdbc:?}
   1.240 +firethorn.tapschema.database.name=${tapschemadata:?}
   1.241 +firethorn.tapschema.database.host=${tapschemahost:?}
   1.242 +firethorn.tapschema.database.port=5432
   1.243 +firethorn.tapschema.database.user=${tapschemauser:?}
   1.244 +firethorn.tapschema.database.pass=${tapschemapass:?}
   1.245 +firethorn.tapschema.database.type=pgsql
   1.246 +
   1.247 +userhost=${userhost:?}
   1.248 +userdata=${userdata:?}
   1.249 +useruser=${useruser:?}
   1.250 +userpass=${userpass:?}
   1.251 +usertype=mssql
   1.252 +firethorn.user.type=mssql
   1.253 +firethorn.user.url=jdbc:jtds:sqlserver://${userhost:?}/${userdata:?}
   1.254 +firethorn.user.driver=net.sourceforge.jtds.jdbc.Driver
   1.255 +firethorn.user.host=${userhost:?}
   1.256 +firethorn.user.data=${userdata:?}
   1.257 +firethorn.user.user=${useruser:?}
   1.258 +firethorn.user.pass=${userpass:?}
   1.259 +
   1.260 +
   1.261 +admingroup=${admingroup:?}
   1.262 +adminuser=${adminuser:?}
   1.263 +adminpass=${adminpass:?}
   1.264 +guestgroup=${guestgroup:?}
   1.265 +firethorn.admin.community=${admingroup:?}
   1.266 +firethorn.admin.user.name=${adminuser:?}
   1.267 +firethorn.admin.user.pass=${adminpass:?}
   1.268 +firethorn.guest.community=${guestgroup:?}
   1.269 +
   1.270 +
   1.271 +adql_query_delay_first=${adql_query_delay_first:?}
   1.272 +adql.query.delay.first=${adql_query_delay_first:?}
   1.273 +firethorn_limits_rows_absolute=${firethorn_limits_rows_absolute:?}
   1.274 +firethorn_limits_rows_default=${firethorn_limits_rows_default:?}
   1.275 +firethorn.limits.rows.absolute=${firethorn_limits_rows_absolute:?}
   1.276 +firethorn.limits.rows.default=${firethorn_limits_rows_default:?}
   1.277 +
   1.278 +firethorn.ogsadai.endpoint=http://jarmila:8080/ogsadai/services
   1.279 +firethornhost=gillian
   1.280 +
   1.281 +
   1.282 +EOF
   1.283 +
   1.284 +
   1.285 +source "${HOME:?}/chain.properties"
   1.286 +cat > "${HOME:?}/.tapschema_env" << EOF
   1.287 +
   1.288 +POSTGRES_DB=${tapschemadata}
   1.289 +POSTGRES_USER=${tapschemauser}
   1.290 +POSTGRES_PASSWORD=${tapschemapass}
   1.291 +
   1.292 +EOF
   1.293 +
   1.294 +
   1.295 +source "${HOME:?}/chain.properties"
   1.296 +cat > "${HOME:?}/.metadata_env" << EOF
   1.297 +
   1.298 +POSTGRES_DB=${metadata}
   1.299 +POSTGRES_USER=${metauser}
   1.300 +POSTGRES_PASSWORD=${metapass}
   1.301 +         
   1.302 +EOF
   1.303 +
   1.304 +
   1.305 +
   1.306 +
   1.307 +## -------------------------------------------------------------------------------------------
   1.308 +## Fetch the TAP Deployer
   1.309 +## -------------------------------------------------------------------------------------------
   1.310 +
   1.311 +wget https://raw.githubusercontent.com/stvoutsin/firethorn.py/master/docker/firethorn-compose-v3.yml -O  docker-compose.yml
   1.312 +
   1.313 +
   1.314 +
   1.315 +
   1.316 +## ------------------------------------------------------------------------
   1.317 +## Deploy Swarm stack
   1.318 +## ------------------------------------------------------------------------
   1.319 +
   1.320 +docker stack deploy -c docker-compose.yml ft
   1.321 +
   1.322 +
   1.323 +
   1.324 +## ------------------------------------------------------------------------
   1.325 +## To remove stack of services
   1.326 +## ------------------------------------------------------------------------
   1.327 +
   1.328 +# docker stack rm ft
   1.329 +
   1.330 +
   1.331 +## ------------------------------------------------------------------------
   1.332 +## Check that the services started
   1.333 +## ------------------------------------------------------------------------
   1.334 +
   1.335 +docker ps
   1.336 +CONTAINER ID        IMAGE                           COMMAND                  CREATED             STATUS                  PORTS               NAMES
   1.337 +b6c43b0fcc39        firethorn/firethorn-py:latest   "python3"                11 hours ago        Up 11 hours                                 ft_firethorn-py.1.ttyojmr0tw108b9kurg5m1l6t
   1.338 +d347cc0e8fcf        firethorn/firethorn:latest      "/bin/sh -c '/var/lo…"   11 hours ago        Up 11 hours (healthy)   8080/tcp            ft_gillian.1.7gjs4uwpxzx8d55agqd91e60v
   1.339 +e81cc914579c        firethorn/ogsadai:latest        "/bin/sh -c '/var/lo…"   11 hours ago        Up 11 hours (healthy)   8080/tcp            ft_jarmila.1.sy5d8zm2f4f6oehp46h0f4lxy
   1.340 +eadf4ace83d4        firethorn/postgres:latest       "docker-entrypoint.s…"   11 hours ago        Up 11 hours             5432/tcp            ft_carolina.1.mbikmqmtgg9r5joehq0ywz0xp
   1.341 +7c4fa13ff87e        firethorn/postgres:latest       "docker-entrypoint.s…"   11 hours ago        Up 11 hours             5432/tcp            ft_bethany.1.sope4plrrq51uctwvdod4w078
   1.342 +
   1.343 +
   1.344 +## ------------------------------------------------------------------------
   1.345 +## Run Docker Compose tap-deployer.yml from firethorn.py
   1.346 +## ------------------------------------------------------------------------
   1.347 +
   1.348 +docker exec -it ft_firethorn-py.1.ttyojmr0tw108b9kurg5m1l6t bash
   1.349 +
   1.350 +
   1.351 +cat > "deployer_osa.py" << EOF
   1.352 +
   1.353 +def main():
   1.354 +    import firethorn
   1.355 +    import firethorn_utils.configurator as configur
   1.356 +    ft = firethorn.Firethorn(endpoint="http://gillian:8080/firethorn")
   1.357 +    ft.login(firethorn.config.adminuser, firethorn.config.adminpass, firethorn.config.admingroup)
   1.358 +    configurator =  configur.Configurator(ft)
   1.359 +    configurator.load_resources("https://raw.githubusercontent.com/stvoutsin/metadata/master/firethorn/config/osa-tap.json")
   1.360 + 
   1.361 +if __name__== "__main__":
   1.362 +    main()
   1.363 +
   1.364 +EOF
   1.365 +
   1.366 +
   1.367 +cat > "deployer_ssa.py" << EOF
   1.368 +
   1.369 +def main():
   1.370 +    import firethorn
   1.371 +    import firethorn_utils.configurator as configur
   1.372 +    ft = firethorn.Firethorn(endpoint="http://gillian:8080/firethorn")
   1.373 +    ft.login(firethorn.config.adminuser, firethorn.config.adminpass, firethorn.config.admingroup)
   1.374 +    configurator =  configur.Configurator(ft)
   1.375 +    configurator.load_resources("https://raw.githubusercontent.com/stvoutsin/metadata/master/firethorn/config/ssa-tap.json")
   1.376 + 
   1.377 +if __name__== "__main__":
   1.378 +    main()
   1.379 +
   1.380 +EOF
   1.381 +
   1.382 +cat > "deployer_vsa.py" << EOF
   1.383 +
   1.384 +def main():
   1.385 +    import firethorn
   1.386 +    import firethorn_utils.configurator as configur
   1.387 +    ft = firethorn.Firethorn(endpoint="http://gillian:8080/firethorn")
   1.388 +    ft.login(firethorn.config.adminuser, firethorn.config.adminpass, firethorn.config.admingroup)
   1.389 +    configurator =  configur.Configurator(ft)
   1.390 +    configurator.load_resources("https://raw.githubusercontent.com/stvoutsin/metadata/master/firethorn/config/vsa-tap.json")
   1.391 + 
   1.392 +if __name__== "__main__":
   1.393 +    main()
   1.394 +
   1.395 +EOF
   1.396 +
   1.397 +cat > "deployer_wsa.py" << EOF
   1.398 +
   1.399 +def main():
   1.400 +    import firethorn
   1.401 +    import firethorn_utils.configurator as configur
   1.402 +    ft = firethorn.Firethorn(endpoint="http://gillian:8080/firethorn")
   1.403 +    ft.login(firethorn.config.adminuser, firethorn.config.adminpass, firethorn.config.admingroup)
   1.404 +    configurator =  configur.Configurator(ft)
   1.405 +    configurator.load_resources("https://raw.githubusercontent.com/stvoutsin/metadata/master/firethorn/config/wsa-tap.json")
   1.406 +
   1.407 +if __name__== "__main__":
   1.408 +    main()
   1.409 +
   1.410 +
   1.411 +EOF
   1.412 +
   1.413 +
   1.414 +nohup python3 -u deployer_osa.py > osa.out &
   1.415 +nohup python3 -u deployer_ssa.py > ssa.out &
   1.416 +nohup python3 -u deployer_vsa.py > vsa.out &
   1.417 +nohup python3 -u deployer_wsa.py > wsa.out &
   1.418 +
   1.419 +
   1.420 +
   1.421 +
   1.422 +## ------------------------------------------------------------------------
   1.423 +## Update Apache Proxy with new TAP services
   1.424 +## ------------------------------------------------------------------------
   1.425 +
   1.426 +
   1.427 +    ProxyPassMatch    ^/osa\/(.*)$  http://araybwyn:8080/firethorn/tap/54/$1
   1.428 +    ProxyPassReverse  ^/osa\/(.*)$  http://araybwyn:8080/firethorn/tap/54/$1
   1.429 +
   1.430 +    ProxyPassMatch    ^/ssa\/(.*)$  http://araybwyn:8080/firethorn/tap/57/$1
   1.431 +    ProxyPassReverse  ^/ssa\/(.*)$  http://araybwyn:8080/firethorn/tap/57/$1
   1.432 +
   1.433 +    ProxyPassMatch    ^/vsa\/(.*)$  http://araybwyn:8080/firethorn/tap/60/$1
   1.434 +    ProxyPassReverse  ^/vsa\/(.*)$  http://araybwyn:8080/firethorn/tap/60/$1
   1.435 +
   1.436 +    ProxyPassMatch    ^/wsa\/(.*)$  http://araybwyn:8080/firethorn/tap/63/$1
   1.437 +    ProxyPassReverse  ^/wsa\/(.*)$  http://araybwyn:8080/firethorn/tap/63/$1
   1.438 +
   1.439 +    ProxyPassMatch    ^/firethorn\/(.*)$  http://araybwyn:8080/firethorn/$1
   1.440 +    ProxyPassReverse  ^/firethorn\/(.*)$  http://araybwyn:8080/firethorn/$1
   1.441 +
   1.442 +
   1.443 +
   1.444 +
   1.445 +
     2.1 --- a/docker/sql-client/Dockerfile	Mon Nov 09 11:36:54 2020 +0200
     2.2 +++ b/docker/sql-client/Dockerfile	Fri Jan 15 16:40:57 2021 +0200
     2.3 @@ -23,7 +23,7 @@
     2.4  
     2.5  #
     2.6  # Install the EPEL repository.
     2.7 -RUN yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
     2.8 +RUN yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
     2.9  
    2.10  #
    2.11  # Install misc tools.