You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by sh...@apache.org on 2016/09/24 01:58:44 UTC
[19/29] airavata git commit: Airavata pga and gfac works perfectly
Airavata pga and gfac works perfectly
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/2b6f220a
Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/2b6f220a
Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/2b6f220a
Branch: refs/heads/develop
Commit: 2b6f220a06f7ca255471648d4a0ce480d789787c
Parents: 6e0715b
Author: Shameera Rathnayaka <sh...@gmail.com>
Authored: Mon Aug 22 16:12:22 2016 -0400
Committer: Shameera Rathnayaka <sh...@gmail.com>
Committed: Mon Aug 22 16:12:22 2016 -0400
----------------------------------------------------------------------
group_vars/all | 54 ------------
group_vars/all.yml | 78 ++++++++++++++++++
hosts | 33 +++-----
roles/api-orch/handlers/main.yml | 8 +-
roles/api-orch/tasks/main.yml | 80 ++++++++++--------
.../templates/airavata-server.properties.j2 | 34 ++++----
roles/api-orch/vars/main.yml | 3 -
roles/common/files/airavata.jks | Bin 1410 -> 2289 bytes
roles/common/files/airavata_sym.jks | Bin 0 -> 501 bytes
roles/common/files/client_truststore.jks | Bin 3558 -> 0 bytes
roles/common/tasks/main.yml | 25 ++++--
roles/common/vars/main.yml | 3 +-
roles/database/handlers/main.yml | 4 +
roles/database/tasks/main.yml | 27 ++++--
roles/database/vars/main.yml | 14 ++++
roles/gfac/tasks/main.yml | 82 +++++++++++--------
.../templates/airavata-server.properties.j2 | 34 ++++----
roles/gfac/vars/main.yml | 3 -
roles/pga/tasks/main.yml | 54 +++++++-----
roles/rabbitmq/handlers/main.yml | 4 +-
roles/rabbitmq/tasks/main.yml | 2 +-
roles/zookeeper/handlers/main.yml | 4 +-
roles/zookeeper/vars/main.yml | 2 +-
site.yml | 28 ++++---
24 files changed, 325 insertions(+), 251 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/group_vars/all
----------------------------------------------------------------------
diff --git a/group_vars/all b/group_vars/all
deleted file mode 100644
index da3b24e..0000000
--- a/group_vars/all
+++ /dev/null
@@ -1,54 +0,0 @@
----
-ansible_connection: ssh
-ansible_ssh_user: centos
-#ansible_ssh_private_key_file: /Users/syodage/Projects/scigap/JetCloud/jetcloud.key
-ansible_ssh_private_key_file: /Users/syodage/Projects/airavata-ansible/shameera-aws.pem.txt
-
-user: centos
-group: centos
-user_home: "/home/{{ user }}"
-deployment_dir: "{{ user_home }}/master-deployment"
-
-airavata_dist: "apache-airavata-server-0.17-SNAPSHOT"
-airavata_dist_name: "{{ airavata_dist }}-bin.tar.gz"
-
-db_server: "gw62.iu.xsede.org"
-db_server_port: "3306"
-db_user: "airavata"
-db_password: "airavata"
-app_catalog: "app_catalog"
-exp_catalog: "exp_catalog"
-replica_catalog: "replica_catalog"
-workflow_catalog: "wf_catalog"
-credential_store: "credential_store"
-
-rabbitmq_server: "localhost"
-rabbitmq_vhost: "master"
-rabbitmq_user: "airavata"
-rabbitmq_password: "airavata"
-rabbitmq_port: "5672"
-rabbitmq_broker_url: "amqp://{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ rabbitmq_server}}:{{ rabbitmq_port }}/{{ rabbitmq_vhost }}"
-
-key_store: "airavata.jks"
-cred_key_store: "client_truststore.jks"
-cred_store_server_host: "gw77.iu.xsede.org"
-key_stores_location: "{{ deployment_dir }}/keystores"
-
-mysql_connector_jar: "mysql-connector-java-5.1.37-bin.jar"
-
-api_server_name: "apiserver-node0"
-api_server_host: "{{ ansible_fqdn }}"
-api_server_port: "8930"
-
-orchestrator_name: "orchestrator-node0"
-orchestrator_host: "{{ ansible_fqdn }}"
-orchestrator_port: "8940"
-
-gfac_name: "gfac-node0"
-gfac_host: "{{ ansible_fqdn }}"
-gfac_port: "8950"
-
-monitor_email_address: "jobs@scigap.org"
-monitor_email_password: "xxxxx"
-
-...
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/group_vars/all.yml
----------------------------------------------------------------------
diff --git a/group_vars/all.yml b/group_vars/all.yml
new file mode 100644
index 0000000..0269ff2
--- /dev/null
+++ b/group_vars/all.yml
@@ -0,0 +1,78 @@
+---
+ansible_connection: ssh
+ansible_ssh_user: centos
+#ansible_ssh_private_key_file: /Users/syodage/Projects/scigap/JetCloud/jetcloud.key
+ansible_ssh_private_key_file: /Users/syodage/Projects/airavata-ansible/shameera-aws.pem.txt
+
+user: centos
+group: centos
+user_home: "/home/{{ user }}"
+
+# deployment related variables
+deployment_dir: "{{ user_home }}/master-deployment"
+airavata_source_dir: "{{ user_home }}/source"
+airavata_dist: "apache-airavata-server-0.17-SNAPSHOT"
+airavata_dist_name: "{{ airavata_dist }}-bin.tar.gz"
+git_branch: master
+
+# Database related variables
+db_server: "{{ groups['database'][0] }}"
+db_server_port: "3306"
+db_user: "airavata"
+db_password: "airavata"
+app_catalog: "app_catalog"
+exp_catalog: "exp_catalog"
+replica_catalog: "replica_catalog"
+workflow_catalog: "wf_catalog"
+credential_store: "credential_store"
+
+mysql_connector_jar: "mysql-connector-java-5.1.37-bin.jar"
+
+# Rabbitmq related vareables
+rabbitmq_server: "{{ groups['rabbitmq'][0] }}"
+rabbitmq_vhost: "master"
+rabbitmq_user: "airavata"
+rabbitmq_password: "airavata"
+rabbitmq_port: "5672"
+rabbitmq_broker_url: "amqp://{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ rabbitmq_server}}:{{ rabbitmq_port }}/{{ rabbitmq_vhost }}"
+
+# Zoookeeper related variables
+zookeeper_client_port: 2181
+zookeeper_url: "{{ groups['zookeeper'][0] }}:{{ zookeeper_client_port }}"
+# API Server and Orchestrator related variables
+api_server_name: "apiserver-node0"
+api_server_host: "{{ ansible_fqdn }}"
+api_server_port: "8930"
+api_secured: "true"
+tls_enable: "false"
+api_server_tls_port: "9930"
+
+orchestrator_name: "orchestrator-node0"
+orchestrator_host: "{{ ansible_fqdn }}"
+orchestrator_port: "8940"
+api_orch_dir: "{{ deployment_dir }}/api-orchestrator"
+
+# Credential and keystore related variables
+#authorization_server: "https://{{ groups['wso2is'][0]}}:9443/services/"
+authorization_server: "https://idp.scigap.org:9443/services/"
+keystore: "airavata.jks"
+keystore_passwd: "airavata"
+#client_truststore: "client_truststore.jks"
+client_truststore: "airavata.jks"
+client_truststore_passwd: "airavata"
+cred_keystore: "airavata_sym.jks"
+cred_keystore_passwd: "airavata"
+cred_keystore_alias: "airavata"
+cred_store_server_host: "{{ ansible_fqdn }}"
+cred_store_port: "8960"
+keystores_location: "{{ deployment_dir }}/keystores"
+
+# Gfac related variables
+gfac_name: "gfac-node0"
+gfac_host: "{{ ansible_fqdn }}"
+gfac_port: "8950"
+gfac_dir: "{{ deployment_dir }}/gfac-instance"
+
+# Monitoring variables
+monitor_email_address: "test.airavata@gmail.com"
+monitor_email_password: "airavata"
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/hosts
----------------------------------------------------------------------
diff --git a/hosts b/hosts
index b14e7fd..4ff2de0 100644
--- a/hosts
+++ b/hosts
@@ -1,30 +1,23 @@
---
# inventory file : production
-[api-orch]
-#js-156.196.jetstream-cloud.org
-#js-171-11.jetstream-cloud.org
-
-[gfac]
-#js-156.196.jetstream-cloud.org
-#js-171-11.jetstream-cloud.org
-
-[pga]
-#js-156.196.jetstream-cloud.org
-#js-171-11.jetstream-cloud.org
-
[zookeeper]
-#js-156.196.jetstream-cloud.org
-#js-171-11.jetstream-cloud.org
+52.91.41.223
[rabbitmq]
-#js-156.196.jetstream-cloud.org
-#js-171-11.jetstream-cloud.org rabbit_hostName="jetcloud-1-centos-7"
-54.236.73.114
+52.91.41.223
[database]
-#js-156.196.jetstream-cloud.org
-#js-171-11.jetstream-cloud.org
+54.221.0.3
[wso2is]
-52.91.87.213
+#52.87.209.219
+
+[api-orch]
+54.164.53.207
+
+[gfac]
+54.85.248.150
+
+[pga]
+54.236.200.110
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/api-orch/handlers/main.yml
----------------------------------------------------------------------
diff --git a/roles/api-orch/handlers/main.yml b/roles/api-orch/handlers/main.yml
index c1a828d..a2288d9 100644
--- a/roles/api-orch/handlers/main.yml
+++ b/roles/api-orch/handlers/main.yml
@@ -2,9 +2,13 @@
# Api server, Orchestrator related handlers
- name: start api-orch
- command: ./bin/airavata-server-start.sh api-orch -d chdir="{{ api_orch_dir }}/{{ airavata_dist }}/" creates="{{ api_orch_dir }}/{{ airavata_dist }}/bin/server_start_*"
+ command: ./bin/airavata-server-start.sh api-orch -d
+ chdir="{{ api_orch_dir }}/{{ airavata_dist }}/"
+ creates="{{ api_orch_dir }}/{{ airavata_dist }}/bin/server_start_*"
- name: stop api-orch
- command: ./bin/airavata-server-stop.sh -f chdir="{{ api_orch_dir }}/{{ airavata_dist }}/" removes="{{ api_orch_dir }}/{{ airavata_dist }}/bin/server_start_*"
+ command: ./bin/airavata-server-stop.sh -f
+ chdir="{{ api_orch_dir }}/{{ airavata_dist }}/"
+ removes="{{ api_orch_dir }}/{{ airavata_dist }}/bin/server_start_*"
...
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/api-orch/tasks/main.yml
----------------------------------------------------------------------
diff --git a/roles/api-orch/tasks/main.yml b/roles/api-orch/tasks/main.yml
index 827f520..369bb2b 100644
--- a/roles/api-orch/tasks/main.yml
+++ b/roles/api-orch/tasks/main.yml
@@ -4,51 +4,61 @@
- name: Create api-orchestrator deployment directory
file: path="{{ api_orch_dir }}" state=directory owner="{{ user }}" group="{{ group }}"
when: build|success
- tags: deploy, update_api_orch, update
- name: Check previous deployments
stat: path="{{ api_orch_dir }}/{{ airavata_dist }}" get_md5=no get_checksum=no
- register: pp
- tags: deploy, update_api_orch, update
-
-- block:
- - name: stop api-orch
- command: ./bin/airavata-server-stop.sh -f chdir="{{ api_orch_dir }}/{{ airavata_dist }}/" removes="{{ api_orch_dir }}/{{ airavata_dist }}/bin/server_start_*"
-
- - name: Delete previous deployments
- file: path="{{ gfac_dir }}/{{ airavata_dist }}" state=absent
-
- when: pp.stat.exists == True
- tags: deploy, update_api_orch, update
-#
-# - block:
-# - name: Remove pervious backup directory
-# file: path="{{ api_orch_dir }}/backup" state=absent
-# notify:
-# - stop api-orch
-#
-# - name: Backup previous deployment directory
-# copy: src="{{ api_orch_dir }}/{{ airavata_dist }}" dest="{{ api_orch_dir }}/backup" copy=no
-#
-# when: p.stat.exist == True
-# tags: deploy update_api_orch update
+ register: check
+
+- name: stop api-orch
+ command: ./bin/airavata-server-stop.sh -f
+ chdir="{{ api_orch_dir }}/{{ airavata_dist }}/"
+ removes="{{ api_orch_dir }}/{{ airavata_dist }}/bin/server_start_*"
+ when: check.stat.exists == True
+
+- name: Delete previous deployments
+ file: path="{{ api_orch_dir }}/{{ airavata_dist }}" state=absent
- name: Copy distribution to api-orcheatrator deployment directory
- unarchive: src="{{ airavata_source_dir }}/distribution/target/{{ airavata_dist_name }}" dest="{{ api_orch_dir }}/" copy=no
- become: yes
- become_user: "{{ user }}"
- tags: deploy, update_api_orch, update
+ unarchive: src="{{ airavata_source_dir }}/distribution/target/{{ airavata_dist_name }}"
+ dest="{{ api_orch_dir }}/"
+ copy=no
- name: Copy Airavata server properties file
- template: src=airavata-server.properties.j2 dest="{{ api_orch_dir }}/{{ airavata_dist }}/bin/airavata-server.properties" owner="{{ user }}" group="{{ group }}" mode="u=rw,g=r,o=r"
- tags: deploy, update_api_orch, update
+ template: src=airavata-server.properties.j2
+ dest="{{ api_orch_dir }}/{{ airavata_dist }}/bin/airavata-server.properties"
+ owner={{ user }}
+ group={{ group }}
+ mode="u=rw,g=r,o=r"
- name: Copy Gfac configuration file
- template: src=gfac-config.yaml.j2 dest="{{ api_orch_dir }}/{{ airavata_dist }}/bin/gfac-config.yaml" owner="{{ user }}" group="{{ group }}" mode="u=rw,g=r,o=r"
- tags: deploy, update_api_orch, update
+ template: src=gfac-config.yaml.j2
+ dest="{{ api_orch_dir }}/{{ airavata_dist }}/bin/gfac-config.yaml"
+ owner={{ user }}
+ group={{ group }}
+ mode="u=rw,g=r,o=r"
- name: Copy Mysql jar to lib
- copy: src="{{ mysql_connector_jar }}" dest="{{ api_orch_dir }}/{{ airavata_dist }}/lib/{{ mysql_connector_jar }}" owner="{{ user }}" group="{{ group }}"
- tags: deploy, update_api_orch, update
+ copy: src={{ mysql_connector_jar }}
+ dest="{{ api_orch_dir }}/{{ airavata_dist }}/lib/{{ mysql_connector_jar }}"
+ owner={{ user }}
+ group={{ group }}
+
+- name: Open firwall ports
+ firewalld: port={{ item }} zone=public permanent=true state=enabled immediate=yes
+ with_items:
+ - "{{ api_server_port }}/tcp"
+ - "{{ orchestrator_port }}/tcp"
+ - "{{ cred_store_port }}/tcp"
+ become: yes
+
+- name: stop api-orch
+ command: ./bin/airavata-server-stop.sh -f
+ chdir="{{ api_orch_dir }}/{{ airavata_dist }}/"
+ removes="{{ api_orch_dir }}/{{ airavata_dist }}/bin/server_start_*"
+
+- name: start api-orch
+ command: ./bin/airavata-server-start.sh api-orch -d
+ chdir="{{ api_orch_dir }}/{{ airavata_dist }}/"
+ creates="{{ api_orch_dir }}/{{ airavata_dist }}/bin/server_start_*"
...
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/api-orch/templates/airavata-server.properties.j2
----------------------------------------------------------------------
diff --git a/roles/api-orch/templates/airavata-server.properties.j2 b/roles/api-orch/templates/airavata-server.properties.j2
index 449a7fd..9418e82 100644
--- a/roles/api-orch/templates/airavata-server.properties.j2
+++ b/roles/api-orch/templates/airavata-server.properties.j2
@@ -34,7 +34,7 @@
#registry.jdbc.url=jdbc:derby://localhost:1527/experiment_catalog;create=true;user=airavata;password=airavata
# MySql database configuration
registry.jdbc.driver=com.mysql.jdbc.Driver
-registry.jdbc.url=jdbc:mysql://{{ db_server }}:3306/{{ exp_catalog }}
+registry.jdbc.url=jdbc:mysql://{{ db_server }}:{{ db_server_port }}/{{ exp_catalog }}
registry.jdbc.user={{ db_user }}
registry.jdbc.password={{ db_password }}
#FIXME: Probably the following property should be removed.
@@ -107,21 +107,16 @@ userprofile.mongodb.port=27017
###########################################################################
# API Server Configurations
###########################################################################
+apiserver=org.apache.airavata.api.server.AiravataAPIServer
apiserver.name={{ api_server_name }}
apiserver.host={{ api_server_host }}
apiserver.port={{ api_server_port }}
apiserver.min.threads=50
###########################################################################
-# API Server SSL Configurations
-###########################################################################
-apiserver.tls.enabled=true
-apiserver.keystore={{ key_stores_location }}/{{ key_store }}
-apiserver.keystore.password=airavata
-
-###########################################################################
# Orchestrator Server Configurations
###########################################################################
+orchestrator=org.apache.airavata.orchestrator.server.OrchestratorServer
orchestrator.server.name={{ orchestrator_name }}
orchestrator.server.host={{ orchestrator_host }}
orchestrator.server.port={{ orchestrator_port }}
@@ -137,6 +132,7 @@ enable.validation=true
###########################################################################
# GFac Server Configurations
###########################################################################
+gfac=org.apache.airavata.gfac.server.GfacServer
gfac.server.name={{ gfac_name }}
gfac.server.host={{ gfac_host }}
gfac.server.port={{ gfac_port }}
@@ -171,15 +167,15 @@ job.notification.flags=abe
###########################################################################
# Credential Store module Configuration
###########################################################################
-credential.store.keystore.url=/home/airavata/airavata_sym.jks
-credential.store.keystore.alias=airavata
-credential.store.keystore.password=airavata
+credential.store.keystore.url={{ keystores_location }}/{{ cred_keystore }}
+credential.store.keystore.alias={{ cred_keystore_alias }}
+credential.store.keystore.password={{ cred_keystore_passwd }}
credential.store.jdbc.url=jdbc:mysql://{{ db_server }}:3306/{{ credential_store }}
credential.store.jdbc.user={{ db_user }}
credential.store.jdbc.password={{ db_password }}
credential.store.jdbc.driver=com.mysql.jdbc.Driver
credential.store.server.host={{ cred_store_server_host }}
-credential.store.server.port=8960
+credential.store.server.port={{ cred_store_port }}
credentialstore=org.apache.airavata.credential.store.server.CredentialStoreServer
# these properties used by credential store email notifications
@@ -250,23 +246,23 @@ rabbitmq.exchange.name=airavata_rabbitmq_exchange
# Zookeeper Server Configuration
###########################################################################
embedded.zk=false
-zookeeper.server.connection=localhost:2181
+zookeeper.server.connection={{ zookeeper_url }}
zookeeper.timeout=30000
########################################################################
## API Security Configuration
########################################################################
-api.secured=true
+api.secured={{ api_secured }}
security.manager.class=org.apache.airavata.api.server.security.DefaultAiravataSecurityManager
### TLS related configuration ####
-TLS.enabled=true
-TLS.api.server.port=9930
+TLS.enabled={{ tls_enable }}
+TLS.api.server.port={{ api_server_tls_port }}
TLS.client.timeout=10000
#### keystore configuration ####
-keystore.path={{ key_stores_location }}/{{ key_store }}
-keystore.password=airavata
+keystore.path={{ keystores_location }}/{{ keystore }}
+keystore.password={{ keystore_passwd }}
#### trust store configuration ####
-trust.store={{ key_stores_location }}/{{ cred_key_store }}
+trust.store={{ keystores_location }}/{{ client_truststore }}
trust.store.password=airavata
#### remote authorization server url ####
remote.oauth.authorization.server=https://idp.scigap.org:9443/services/
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/api-orch/vars/main.yml
----------------------------------------------------------------------
diff --git a/roles/api-orch/vars/main.yml b/roles/api-orch/vars/main.yml
deleted file mode 100644
index 16b85b0..0000000
--- a/roles/api-orch/vars/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-# API Server and Orchestrator related variables
-api_orch_dir: "{{ deployment_dir }}/api-orchestrator"
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/common/files/airavata.jks
----------------------------------------------------------------------
diff --git a/roles/common/files/airavata.jks b/roles/common/files/airavata.jks
index e0e46e2..685cc00 100644
Binary files a/roles/common/files/airavata.jks and b/roles/common/files/airavata.jks differ
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/common/files/airavata_sym.jks
----------------------------------------------------------------------
diff --git a/roles/common/files/airavata_sym.jks b/roles/common/files/airavata_sym.jks
new file mode 100644
index 0000000..3dd27d6
Binary files /dev/null and b/roles/common/files/airavata_sym.jks differ
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/common/files/client_truststore.jks
----------------------------------------------------------------------
diff --git a/roles/common/files/client_truststore.jks b/roles/common/files/client_truststore.jks
deleted file mode 100644
index 4d39906..0000000
Binary files a/roles/common/files/client_truststore.jks and /dev/null differ
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/common/tasks/main.yml
----------------------------------------------------------------------
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 9c1884d..4289515 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -26,23 +26,30 @@
- name: Run maven build
command: mvn clean install -Dmaven.test.skip=true chdir="{{ airavata_source_dir }}/"
- when: (checkout|success) or (checkout|skipped)
+ environment:
+ MAVEN_OPTS: "-Xmx1024m"
register: build
tags: update
+ # when: (checkout|success) and (checkout.changed == true)
################################################################################
# copy key store and trust store files
- name: Create KeyStores directory
- file: path="{{ key_stores_location }}"
+ file: path={{ keystores_location }}
state=directory
- owner="{{ user }}" group="{{ group }}"
+ owner={{ user }} group={{ group }}
- name: Transfer airavata.jks KeyStore file
- copy: src="{{ key_store }}"
- dest="{{ key_stores_location }}/{{ key_store }}"
- owner="{{ user }}" group="{{ group }}"
+ copy: src={{ keystore }}
+ dest="{{ keystores_location }}/{{ keystore }}"
+ owner={{ user }} group={{ group }}
+
+- name: Transfer airavata_sym.jks KeyStore file
+ copy: src={{ cred_keystore }}
+ dest="{{ keystores_location }}/{{ cred_keystore }}"
+ owner={{ user }} group={{ group }}
- name: Transfer client trust store KeyStore file
- copy: src="{{ cred_key_store }}"
- dest="{{ key_stores_location }}/{{ cred_key_store }}"
- owner="{{ user }}" group="{{ group }}"
+ copy: src={{ client_truststore }}
+ dest="{{ keystores_location }}/{{ client_truststore }}"
+ owner={{ user }} group={{ group }}
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/common/vars/main.yml
----------------------------------------------------------------------
diff --git a/roles/common/vars/main.yml b/roles/common/vars/main.yml
index 0df33c5..e2d93e7 100644
--- a/roles/common/vars/main.yml
+++ b/roles/common/vars/main.yml
@@ -1,5 +1,4 @@
---
# Common variables
-airavata_source_dir: "{{ user_home }}/source"
-git_branch: master
+
...
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/database/handlers/main.yml
----------------------------------------------------------------------
diff --git a/roles/database/handlers/main.yml b/roles/database/handlers/main.yml
index 5400e8b..1906365 100644
--- a/roles/database/handlers/main.yml
+++ b/roles/database/handlers/main.yml
@@ -7,4 +7,8 @@
service: name=mariadb state=stopped
become: yes
+- name: restart mariadb
+ service: name=mariadb state=restarted enabled=yes
+ become: yes
+
...
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/database/tasks/main.yml
----------------------------------------------------------------------
diff --git a/roles/database/tasks/main.yml b/roles/database/tasks/main.yml
index 5fb75e4..4a75abb 100644
--- a/roles/database/tasks/main.yml
+++ b/roles/database/tasks/main.yml
@@ -38,16 +38,25 @@
- name: create databases
mysql_db: name="{{ item }}" state=present
with_items:
- - "{{ app_catalog }}"
- - "{{ exp_catalog }}"
- - "{{ replica_catalog }}"
- - "{{ workflow_catalog }}"
- - "{{ credential_store }}"
+ - "{{ mysql_databases }}"
-- name: create new user {{ db_user }} with all privilege
- mysql_user: name="{{ db_user }}" password="{{ db_password }}" priv=*.*:ALL state=present
+- name: give access to {{ db_user }} from remote
+ mysql_user: name="{{ db_user }}" password="{{ db_password }}" host="{{ item }}"
+ with_items:
+ - "{{ groups['api-orch'] }}"
+ - "{{ groups['gfac'] }}"
+ tags: testdb
-- name: open database port
- firewalld: port="{{ db_server_port }}/tcp" zone=public permanent=true state=enabled immediate=yes
+- name: create new user {{ db_user }} with all privilege
+ mysql_user: name="{{ db_user }}"
+ password="{{ db_password }}"
+ append_privs=yes
+ host_all=yes
+ priv=*.*:ALL,GRANT state=present
+ tags: testdb
+
+- name: open firewall port {{ db_server_port }}
+ firewalld: port="{{ db_server_port }}/tcp"
+ zone=public permanent=true state=enabled immediate=yes
become: yes
...
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/database/vars/main.yml
----------------------------------------------------------------------
diff --git a/roles/database/vars/main.yml b/roles/database/vars/main.yml
index 3bbc070..1f37424 100644
--- a/roles/database/vars/main.yml
+++ b/roles/database/vars/main.yml
@@ -4,4 +4,18 @@ mysql_packages:
- mariadb
mysql_root_password: "admin"
+mysql_databases:
+ - "{{ app_catalog }}"
+ - "{{ exp_catalog }}"
+ - "{{ replica_catalog }}"
+ - "{{ workflow_catalog }}"
+ - "{{ credential_store }}"
+
+mysql_privs:
+ - "{{ app_catalog }}.*:ALL"
+ - "{{ exp_catalog }}.*:ALL"
+ - "{{ replica_catalog }}.*:ALL"
+ - "{{ workflow_catalog }}.*:ALL"
+ - "{{ credential_store }}.*:ALL"
+
...
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/gfac/tasks/main.yml
----------------------------------------------------------------------
diff --git a/roles/gfac/tasks/main.yml b/roles/gfac/tasks/main.yml
index bae85cf..06d6dda 100644
--- a/roles/gfac/tasks/main.yml
+++ b/roles/gfac/tasks/main.yml
@@ -3,51 +3,61 @@
################################################################################
# gfac deployments
- name: Create Gfac deployment directory
- file: path="{{ gfac_dir }}" state=directory owner="{{ user }}" group="{{ group }}"
+ file: path="{{ gfac_dir }}" state=directory owner={{ user }} group={{ group }}
when: build|success
- tags: deploy, update_gfac, update
- name: Check previous deployments
stat: path="{{ gfac_dir }}/{{ airavata_dist }}" get_md5=no get_checksum=no
- register: p
- tags: deploy, update_gfac, update
-
-- block:
- - name: stop gfac
- command: ./bin/airavata-server-stop.sh -f chdir="{{ gfac_dir }}/{{ airavata_dist }}/" removes="{{ gfac_dir }}/{{ airavata_dist }}/bin/server_start_*"
-
- - name: Delete previous deployments
- file: path="{{ gfac_dir }}/{{ airavata_dist }}" state=absent
-
- when: p.stat.exists == True
- tags: deploy, update_gfac, update
-
-# - block:
-# - name: Remove pervious backup directory
-# file: path="{{ gfac_dir }}/backup" state=absent
-# notify:
-# - stop gfac
-#
-# - name: Backup previous deployment directory
-# copy: src="{{ gfac_dir }}/{{ airavata_dist }}" dest="{{ gfac_dir }}/backup" copy=no
-#
-# when: p.stat.exists == True
-# tags: deploy, update_gfac, update
+ register: check
+
+- name: stop gfac
+ command: ./bin/airavata-server-stop.sh -f
+ chdir="{{ gfac_dir }}/{{ airavata_dist }}/"
+ removes="{{ gfac_dir }}/{{ airavata_dist }}/bin/server_start_*"
+ when: check.stat.exists == True
+
+- name: Delete previous deployments
+ file: path="{{ gfac_dir }}/{{ airavata_dist }}" state=absent
- name: Copy distribution to gfac deployment directory
- unarchive: src="{{ airavata_source_dir }}/distribution/target/{{ airavata_dist_name }}" dest="{{ gfac_dir }}/" copy=no
- become: yes
- become_user: "{{ user }}"
- tags: deploy, update_gfac, update
+ unarchive: src="{{ airavata_source_dir }}/distribution/target/{{ airavata_dist_name }}"
+ dest="{{ gfac_dir }}/"
+ copy=no
- name: Copy Airavata server properties file
- template: src=airavata-server.properties.j2 dest="{{ gfac_dir }}/{{ airavata_dist }}/bin/airavata-server.properties" owner="{{ user }}" group="{{ group }}" mode="u=rw,g=r,o=r"
- tags: deploy, update_gfac, update
+ template: src=airavata-server.properties.j2
+ dest="{{ gfac_dir }}/{{ airavata_dist }}/bin/airavata-server.properties"
+ owner={{ user }}
+ group={{ group }}
+ mode="u=rw,g=r,o=r"
- name: Copy Gfac configuration file
- template: src=gfac-config.yaml.j2 dest="{{ gfac_dir }}/{{ airavata_dist }}/bin/gfac-config.yaml" owner="{{ user }}" group="{{ group }}" mode="u=rw,g=r,o=r"
- tags: deploy, update_gfac, update
+ template: src=gfac-config.yaml.j2
+ dest="{{ gfac_dir }}/{{ airavata_dist }}/bin/gfac-config.yaml"
+ owner={{ user }}
+ group={{ group }}
+ mode="u=rw,g=r,o=r"
- name: Copy Mysql jar to lib
- copy: src="{{ mysql_connector_jar }}" dest="{{ gfac_dir }}/{{ airavata_dist }}/lib/{{ mysql_connector_jar }}" owner="{{ user }}" group="{{ group }}"
- tags: deploy, update_gfac, update
+ copy: src="{{ mysql_connector_jar }}"
+ dest="{{ gfac_dir }}/{{ airavata_dist }}/lib/{{ mysql_connector_jar }}"
+ owner={{ user }}
+ group={{ group }}
+
+
+- name: Open firwall ports
+ firewalld: port="{{ gfac_port }}/tcp" zone=public permanent=true state=enabled immediate=yes
+ become: yes
+
+- name: stop gfac
+ command: ./bin/airavata-server-stop.sh -f
+ chdir="{{ gfac_dir }}/{{ airavata_dist }}/"
+ removes="{{ gfac_dir }}/{{ airavata_dist }}/bin/server_start_*"
+
+- name: start gfac
+ command: ./bin/airavata-server-start.sh gfac -d
+ chdir="{{ gfac_dir }}/{{ airavata_dist }}/"
+ creates="{{ gfac_dir }}/{{ airavata_dist }}/bin/server_start_*"
+
+
+...
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/gfac/templates/airavata-server.properties.j2
----------------------------------------------------------------------
diff --git a/roles/gfac/templates/airavata-server.properties.j2 b/roles/gfac/templates/airavata-server.properties.j2
index 449a7fd..9418e82 100644
--- a/roles/gfac/templates/airavata-server.properties.j2
+++ b/roles/gfac/templates/airavata-server.properties.j2
@@ -34,7 +34,7 @@
#registry.jdbc.url=jdbc:derby://localhost:1527/experiment_catalog;create=true;user=airavata;password=airavata
# MySql database configuration
registry.jdbc.driver=com.mysql.jdbc.Driver
-registry.jdbc.url=jdbc:mysql://{{ db_server }}:3306/{{ exp_catalog }}
+registry.jdbc.url=jdbc:mysql://{{ db_server }}:{{ db_server_port }}/{{ exp_catalog }}
registry.jdbc.user={{ db_user }}
registry.jdbc.password={{ db_password }}
#FIXME: Probably the following property should be removed.
@@ -107,21 +107,16 @@ userprofile.mongodb.port=27017
###########################################################################
# API Server Configurations
###########################################################################
+apiserver=org.apache.airavata.api.server.AiravataAPIServer
apiserver.name={{ api_server_name }}
apiserver.host={{ api_server_host }}
apiserver.port={{ api_server_port }}
apiserver.min.threads=50
###########################################################################
-# API Server SSL Configurations
-###########################################################################
-apiserver.tls.enabled=true
-apiserver.keystore={{ key_stores_location }}/{{ key_store }}
-apiserver.keystore.password=airavata
-
-###########################################################################
# Orchestrator Server Configurations
###########################################################################
+orchestrator=org.apache.airavata.orchestrator.server.OrchestratorServer
orchestrator.server.name={{ orchestrator_name }}
orchestrator.server.host={{ orchestrator_host }}
orchestrator.server.port={{ orchestrator_port }}
@@ -137,6 +132,7 @@ enable.validation=true
###########################################################################
# GFac Server Configurations
###########################################################################
+gfac=org.apache.airavata.gfac.server.GfacServer
gfac.server.name={{ gfac_name }}
gfac.server.host={{ gfac_host }}
gfac.server.port={{ gfac_port }}
@@ -171,15 +167,15 @@ job.notification.flags=abe
###########################################################################
# Credential Store module Configuration
###########################################################################
-credential.store.keystore.url=/home/airavata/airavata_sym.jks
-credential.store.keystore.alias=airavata
-credential.store.keystore.password=airavata
+credential.store.keystore.url={{ keystores_location }}/{{ cred_keystore }}
+credential.store.keystore.alias={{ cred_keystore_alias }}
+credential.store.keystore.password={{ cred_keystore_passwd }}
credential.store.jdbc.url=jdbc:mysql://{{ db_server }}:3306/{{ credential_store }}
credential.store.jdbc.user={{ db_user }}
credential.store.jdbc.password={{ db_password }}
credential.store.jdbc.driver=com.mysql.jdbc.Driver
credential.store.server.host={{ cred_store_server_host }}
-credential.store.server.port=8960
+credential.store.server.port={{ cred_store_port }}
credentialstore=org.apache.airavata.credential.store.server.CredentialStoreServer
# these properties used by credential store email notifications
@@ -250,23 +246,23 @@ rabbitmq.exchange.name=airavata_rabbitmq_exchange
# Zookeeper Server Configuration
###########################################################################
embedded.zk=false
-zookeeper.server.connection=localhost:2181
+zookeeper.server.connection={{ zookeeper_url }}
zookeeper.timeout=30000
########################################################################
## API Security Configuration
########################################################################
-api.secured=true
+api.secured={{ api_secured }}
security.manager.class=org.apache.airavata.api.server.security.DefaultAiravataSecurityManager
### TLS related configuration ####
-TLS.enabled=true
-TLS.api.server.port=9930
+TLS.enabled={{ tls_enable }}
+TLS.api.server.port={{ api_server_tls_port }}
TLS.client.timeout=10000
#### keystore configuration ####
-keystore.path={{ key_stores_location }}/{{ key_store }}
-keystore.password=airavata
+keystore.path={{ keystores_location }}/{{ keystore }}
+keystore.password={{ keystore_passwd }}
#### trust store configuration ####
-trust.store={{ key_stores_location }}/{{ cred_key_store }}
+trust.store={{ keystores_location }}/{{ client_truststore }}
trust.store.password=airavata
#### remote authorization server url ####
remote.oauth.authorization.server=https://idp.scigap.org:9443/services/
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/gfac/vars/main.yml
----------------------------------------------------------------------
diff --git a/roles/gfac/vars/main.yml b/roles/gfac/vars/main.yml
deleted file mode 100644
index f5451c3..0000000
--- a/roles/gfac/vars/main.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-# Gfac related variables
-gfac_dir: "{{ deployment_dir }}/gfac-instance"
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/pga/tasks/main.yml
----------------------------------------------------------------------
diff --git a/roles/pga/tasks/main.yml b/roles/pga/tasks/main.yml
index ae08942..05bca80 100644
--- a/roles/pga/tasks/main.yml
+++ b/roles/pga/tasks/main.yml
@@ -1,35 +1,44 @@
---
-# - name: Create a new user group "{{ pga_group }}"
-# group: name={{ pga_group }}
-# # tags: user
-#
-# - name: Create a new user "{{ pga_user }}"
-# user: name={{ pga_user }} group={{ pga_group }}
-# # tags: user
+- name: Create root directory
+ file: path="{{ doc_root_dir }}" state=directory
+ become: yes
- name: Install pre-requireties
yum: name="{{ item }}" state=latest update_cache=yes
with_items:
- git
- httpd
- - php-soap
- php
- - composer
+ - php-soap
- php-mcrypt
- - firewalld
+ - libselinux-python
+ - composer
+ become: yes
-# This doesn't work sometimes, make sure selinux is dissabled in remote machine
# - name: Allow selinux outbound connection from web server
# command: setsebool -P httpd_can_network_connect 1
-- name: Create root directory
- file: path="{{ doc_root_dir }}" state=directory
+- name: install composer
+ yum: name=composer state=latest update_cache=yes
+ become: yes
- name: Git clone php gateway
- git: repo=https://github.com/apache/airavata-php-gateway.git dest="{{ doc_root_dir }}" version=master
+ git: repo=https://github.com/apache/airavata-php-gateway.git
+ dest="{{ doc_root_dir }}" version=master
+ become: yes
+
+ #Make sure selinux is dissabled in remote machine
+- name: Disable selinux
+ selinux: state=disabled
+ become: yes
- name: Run composer update
- command: composer update chdir="{{ doc_root_dir }}"
+ composer: command=update working_dir="{{ doc_root_dir }}"
+ become: yes
+
+# - name: Run composer update
+# command: composer update chdir="{{ doc_root_dir }}"
+# become: yes
- name: Create user data dir {{ user_data_dir }}
file: path="{{ user_data_dir }}" state=directory
@@ -38,6 +47,7 @@
- name: Copy pga config file
template: src=pga_config.php.j2 dest="{{ doc_root_dir }}/app/config/pga_config.php"
+
# do we need to change permissions for root user?
# - name: Change storage permissions to g+rwx
# acl: name="{{ doc_root_dir }}/app/storage" entity="{{ pga_group }}" etype=group permissions="rwx" state=present
@@ -45,22 +55,22 @@
# Ignored step 8,9 in doc by assuming selinux is dissabled in remote machine
# TODO: stop iptables service, can't have both iptables and firewalld on same host
-- name: Stop iptables, ip6tables services
- service: name="{{ item }}" state=stopped
- with_items:
- - iptables
- - ip6tables
+# - name: Stop iptables, ip6tables services
+# service: name="{{ item }}" state=stopped
+# with_items:
+# - iptables
+# - ip6tables
- name: Start firewalld service
service: name=firewalld state=started
+ become: yes
- name: Eanble https and http service on public zone
firewalld: service="{{ item }}" permanent=true state=enabled zone=public immediate=True
with_items:
- http
- https
+ become: yes
- name: Edit file
lineinfile: dest="{{ httpd_conf_file }}" regexp=^AllowOverride line="AllowOverride All"
-
-...
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/rabbitmq/handlers/main.yml
----------------------------------------------------------------------
diff --git a/roles/rabbitmq/handlers/main.yml b/roles/rabbitmq/handlers/main.yml
index 5ce5a59..fef807a 100644
--- a/roles/rabbitmq/handlers/main.yml
+++ b/roles/rabbitmq/handlers/main.yml
@@ -1,7 +1,7 @@
---
# Rabbitmq related handlers
- name: start rabbitmq
- service: name=rabbitmq-server state=started
+ service: name=rabbitmq-server state=started enabled=yes
become: yes
- name: stop rabbitmq
@@ -9,5 +9,5 @@
become: yes
- name: restart rabbitmq
- service: name=rabbitmq-server state=restarted
+ service: name=rabbitmq-server state=restarted enabled=yes
become: yes
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/rabbitmq/tasks/main.yml
----------------------------------------------------------------------
diff --git a/roles/rabbitmq/tasks/main.yml b/roles/rabbitmq/tasks/main.yml
index b487737..f44a0a6 100644
--- a/roles/rabbitmq/tasks/main.yml
+++ b/roles/rabbitmq/tasks/main.yml
@@ -29,7 +29,7 @@
become: yes
- name: Start Rabbitmq server
- service: name=rabbitmq-server state=started
+ service: name=rabbitmq-server state=started enabled=yes
become: yes
- name: Enable rabbitmq management plugin
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/zookeeper/handlers/main.yml
----------------------------------------------------------------------
diff --git a/roles/zookeeper/handlers/main.yml b/roles/zookeeper/handlers/main.yml
index 5f30254..daefebe 100644
--- a/roles/zookeeper/handlers/main.yml
+++ b/roles/zookeeper/handlers/main.yml
@@ -1,6 +1,6 @@
---
- name: start zookeeper
- service: name=zookeeper state=started
+ service: name=zookeeper state=started enabled=yes
become: yes
- name: stop zookeeper
@@ -8,5 +8,5 @@
become: yes
- name: restart zookeeper
- service: name=zookeeper state=restarted
+ service: name=zookeeper state=restarted enabled=yes
become: yes
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/roles/zookeeper/vars/main.yml
----------------------------------------------------------------------
diff --git a/roles/zookeeper/vars/main.yml b/roles/zookeeper/vars/main.yml
index 825f26f..a3e10db 100644
--- a/roles/zookeeper/vars/main.yml
+++ b/roles/zookeeper/vars/main.yml
@@ -5,7 +5,7 @@ zookeeper_version: 3.4.8
zookeeper_url: http://www.us.apache.org/dist/zookeeper/zookeeper-{{zookeeper_version}}/zookeeper-{{zookeeper_version}}.tar.gz
apt_cache_timeout: 3600
-client_port: 2181
+client_port: "{{ zookeeper_client_port }}"
init_limit: 5
sync_limit: 2
tick_time: 2000
http://git-wip-us.apache.org/repos/asf/airavata/blob/2b6f220a/site.yml
----------------------------------------------------------------------
diff --git a/site.yml b/site.yml
index 6dd294e..a9472dd 100644
--- a/site.yml
+++ b/site.yml
@@ -13,10 +13,24 @@
- env_setup
- rabbitmq
+- hosts: database
+ tags: mysql
+ roles:
+ - env_setup
+ - database
+
+- hosts: wso2is
+ tags: wso2is
+ roles:
+ - env_setup
+ - java
+ - wso2_is
+
- hosts: gfac
tags: gfac, airavata
roles:
- env_setup
+ - java
- common
- gfac
@@ -24,24 +38,14 @@
tags: api-orch, airavata
roles:
- env_setup
+ - java
- common
- api-orch
- hosts: pga
tags: pga
roles:
- - pga
-
-- hosts: database
- tags: mysql
- roles:
- env_setup
- - database
+ - pga
-- hosts: wso2is
- tags: wso2is
- roles:
- - env_setup
- - java
- - wso2_is
...