You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by la...@apache.org on 2016/10/01 23:46:30 UTC
[08/49] airavata git commit: Added pga role to deploy pga, fix #1
Added pga role to deploy pga, fix #1
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/c5b37ac5
Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/c5b37ac5
Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/c5b37ac5
Branch: refs/heads/lahiru/AIRAVATA-2107
Commit: c5b37ac515fbeb400358e0f31ff147eae0fca0bb
Parents: f50e7ad
Author: Shameera Rathnayaka <sh...@gmail.com>
Authored: Fri Jul 29 01:15:03 2016 -0400
Committer: Shameera Rathnayaka <sh...@gmail.com>
Committed: Fri Jul 29 01:15:03 2016 -0400
----------------------------------------------------------------------
hosts | 3 +-
roles/pga/tasks/main.yml | 66 ++++++++
roles/pga/templates/pga_config.php.j2 | 238 +++++++++++++++++++++++++++++
roles/pga/vars/main.yml | 28 ++++
site.yml | 8 +
5 files changed, 342 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/airavata/blob/c5b37ac5/hosts
----------------------------------------------------------------------
diff --git a/hosts b/hosts
index 11a03c7..66f650f 100644
--- a/hosts
+++ b/hosts
@@ -9,7 +9,8 @@
#149.165.171.11 host_name=js-171-11 host_address=149.165.171.11
[pga]
-149.165.156.196
+#149.165.156.196
+149.165.171.11
[zookeeper]
149.165.156.196 host_name=js-156-196 host_address=149.165.156.196
http://git-wip-us.apache.org/repos/asf/airavata/blob/c5b37ac5/roles/pga/tasks/main.yml
----------------------------------------------------------------------
diff --git a/roles/pga/tasks/main.yml b/roles/pga/tasks/main.yml
new file mode 100644
index 0000000..ae08942
--- /dev/null
+++ b/roles/pga/tasks/main.yml
@@ -0,0 +1,66 @@
+---
+# - name: Create a new user group "{{ pga_group }}"
+# group: name={{ pga_group }}
+# # tags: user
+#
+# - name: Create a new user "{{ pga_user }}"
+# user: name={{ pga_user }} group={{ pga_group }}
+# # tags: user
+
+- name: Install pre-requireties
+ yum: name="{{ item }}" state=latest update_cache=yes
+ with_items:
+ - git
+ - httpd
+ - php-soap
+ - php
+ - composer
+ - php-mcrypt
+ - firewalld
+
+# This doesn't work sometimes, make sure selinux is dissabled in remote machine
+# - name: Allow selinux outbound connection from web server
+ # command: setsebool -P httpd_can_network_connect 1
+
+- name: Create root directory
+ file: path="{{ doc_root_dir }}" state=directory
+
+- name: Git clone php gateway
+ git: repo=https://github.com/apache/airavata-php-gateway.git dest="{{ doc_root_dir }}" version=master
+
+- name: Run composer update
+ command: composer update chdir="{{ doc_root_dir }}"
+
+- name: Create user data dir {{ user_data_dir }}
+ file: path="{{ user_data_dir }}" state=directory
+
+# step 6: Change pga configurations
+- name: Copy pga config file
+ template: src=pga_config.php.j2 dest="{{ doc_root_dir }}/app/config/pga_config.php"
+
+# do we need to change permissions for root user?
+# - name: Change storage permissions to g+rwx
+# acl: name="{{ doc_root_dir }}/app/storage" entity="{{ pga_group }}" etype=group permissions="rwx" state=present
+
+# Ignored step 8,9 in doc by assuming selinux is dissabled in remote machine
+
+# TODO: stop iptables service, can't have both iptables and firewalld on same host
+- name: Stop iptables, ip6tables services
+ service: name="{{ item }}" state=stopped
+ with_items:
+ - iptables
+ - ip6tables
+
+- name: Start firewalld service
+ service: name=firewalld state=started
+
+- name: Eanble https and http service on public zone
+ firewalld: service="{{ item }}" permanent=true state=enabled zone=public immediate=True
+ with_items:
+ - http
+ - https
+
+- name: Edit file
+ lineinfile: dest="{{ httpd_conf_file }}" regexp=^AllowOverride line="AllowOverride All"
+
+...
http://git-wip-us.apache.org/repos/asf/airavata/blob/c5b37ac5/roles/pga/templates/pga_config.php.j2
----------------------------------------------------------------------
diff --git a/roles/pga/templates/pga_config.php.j2 b/roles/pga/templates/pga_config.php.j2
new file mode 100644
index 0000000..703f67f
--- /dev/null
+++ b/roles/pga/templates/pga_config.php.j2
@@ -0,0 +1,238 @@
+<?php
+return array(
+ /**
+ * *****************************************************************
+ * WSO2 Identity Server Related Configurations
+ * *****************************************************************
+ */
+
+ 'wsis' => [
+
+ /**
+ * Admin Role Name
+ */
+ 'admin-role-name' => 'Internal/everyone',
+
+ /**
+ * Read only Admin Role Name
+ */
+ 'read-only-admin-role-name' => 'Internal/everyone',
+
+ /**
+ * Gateway user role
+ */
+ 'user-role-name' => 'Internal/everyone',
+
+ /**
+ * Tenant Domain
+ */
+ 'tenant-domain' => '{{ tenant_domain }}',
+
+ /**
+ * Tenant admin's username
+ */
+ 'admin-username' => '{{ admin_username }}',
+
+ /**
+ * Tenant admin's password
+ */
+ 'admin-password' => '{{ admin_password }}',
+
+ /**
+ * OAuth client key
+ */
+ 'oauth-client-key' => '{{ oauth_client_key }}',
+
+ /**
+ * OAuth client secret
+ */
+ 'oauth-client-secret' => '{{ oauth_client_secret }}',
+
+ /**
+ * Identity server domain
+ */
+ 'server' => 'idp.scigap.org',
+
+ /**
+ * Identity server url
+ */
+ 'service-url' => 'https://idp.scigap.org:9443/',
+
+ /**
+ * Enable HTTPS server verification
+ */
+ 'verify-peer' => true,
+
+ /**
+ * Path to the server certificate file
+ */
+ 'cafile-path' => app_path() . '/resources/security/idp_scigap_org.pem',
+
+ /**
+ * Allow self signed server certificates
+ */
+ 'allow-self-signed-cert' => false
+ ],
+
+
+ /**
+ * *****************************************************************
+ * Airavata Client Configurations
+ * *****************************************************************
+ */
+ 'airavata' => [
+
+ /**
+ * Airavata API server location. Use tls:// as the protocol to
+ * connect TLS enabled Airavata
+ */
+ 'airavata-server' => '{{ airavata_server }}',
+
+ /**
+ * Airavata API server port
+ */
+ 'airavata-port' => '{{ airavata_port }}',
+
+ /**
+ * Airavata API server thrift communication timeout
+ */
+ 'airavata-timeout' => '1000000',
+
+ /**
+ * PGA Gateway ID
+ */
+ 'gateway-id' => '{{ gateway_id }}',
+
+ /**
+ * Maximum size of a file which is allowed to upload to the server
+ */
+ 'server-allowed-file-size' => 64,
+
+ /**
+ * absolute path of the data dir
+ */
+ 'experiment-data-absolute-path' => '{{ experiment_data_dir }}',
+
+ /**
+ * Advanced experiments options
+ */
+ 'advanced-experiment-options' => '',
+
+ /**
+ * Default queue name
+ */
+ 'queue-name' => 'long',
+
+ /**
+ * Default node count
+ */
+ 'node-count' => '1',
+
+ /**
+ * Default total core count
+ */
+ 'total-cpu-count' => '16',
+
+ /**
+ * Default wall time limit
+ */
+ 'wall-time-limit' => '30',
+
+ /**
+ * Enable app-catalog cache
+ */
+ 'enable-app-catalog-cache' => true,
+
+ /**
+ * Life time of app catalog data cache in minutes
+ */
+ 'app-catalog-cache-duration' => 5,
+
+ /**
+ * Gateway data store resource id
+ */
+ 'gateway-data-store-resource-id' => '{{ gateway_data_store_resource_id }}'
+ ],
+
+ /**
+ * *****************************************************************
+ * Portal Related Configurations
+ * *****************************************************************
+ */
+ 'portal' => [
+ /**
+ * Whether this portal is the SciGaP admin portal
+ */
+ 'super-admin-portal' => {{ super_admin_portal }},
+
+ /**
+ * Set the name of theme in use here
+ */
+ 'theme' => 'base',
+
+ /**
+ * Portal title
+ */
+ 'portal-title' => 'Airavata PHP Gateway',
+
+ /**
+ * Email address of the portal admin. Portal admin well get email notifications for events
+ * such as new user creation
+ */
+ 'admin-emails' => [{{ admin_emails }}],
+
+ /**
+ * Email account that the portal should login to send emails
+ */
+ 'portal-email-username' => '{{ portal_email_username }}',
+
+ /**
+ * Password for the portal's email account
+ */
+ 'portal-email-password' => '{{ portal_email_password }}',
+
+ /**
+ * SMTP server on which the portal should connect
+ */
+ 'portal-smtp-server-host' => 'smtp.gmail.com',
+
+ /**
+ * SMTP server port on which the portal should connect
+ */
+ 'portal-smtp-server-port' => '587',
+
+ /**
+ * Set JIRA Issue Collector scripts here.
+ */
+ 'jira-help' =>
+ [
+ /**
+ * Report Issue Script issued for your app by Atlassian JIRA
+ */
+ 'report-issue-script' => '',
+ /**
+ * Collector id at the end of the above script
+ */
+ 'report-issue-collector-id' => '',
+ /**
+ * Create Report Script issued for your app by Atlassian JIRA
+ */
+ 'request-feature-script' => '',
+ /**
+ * Collector id at the end of the above script
+ */
+ 'request-feature-collector-id' => ''
+ ],
+
+ /**
+ * Set Google Analytics Id here. ID format that generates from
+ * creating tracker object should be
+ *
+ * UA-XXXXX-Y
+ *
+ * for it to be working correctly. Currently it is only set for
+ * sending pageviews.
+ */
+ 'google-analytics-id' => ''
+ ]
+);
http://git-wip-us.apache.org/repos/asf/airavata/blob/c5b37ac5/roles/pga/vars/main.yml
----------------------------------------------------------------------
diff --git a/roles/pga/vars/main.yml b/roles/pga/vars/main.yml
new file mode 100644
index 0000000..1ece511
--- /dev/null
+++ b/roles/pga/vars/main.yml
@@ -0,0 +1,28 @@
+---
+pga_user: "pga"
+pga_group: "pga"
+doc_root_dir: "/var/www/html/php-gateway"
+user_data_dir: "/var/www/user_data"
+httpd_conf_file: "/etc/httpd/conf/httpd.conf"
+
+## WSO2 IS related variables
+tenant_domain: "master2.airavata"
+admin_username: "master2"
+admin_password: "master"
+oauth_client_key: "5_GFR88Nzd4XvGthSMF1fnOJPuMa"
+oauth_client_secret: "KNTf_LPLuGBDbRVZwkrP_fF5z2Ea"
+
+## Airavata Client related variables
+airavata_server: "tls://gw77.iu.xsede.org"
+airavata_port: "9930"
+gateway_id: "default"
+# relative to document root dir
+experiment_data_dir: "{{ user_data_dir }}"
+gateway_data_store_resource_id: "gw75.iu.xsede.org_3e40e62b-be11-4590-bf24-b1b6796c3572"
+
+## Portal related variables
+super_admin_portal: "false"
+admin_emails: "'sgg@iu.edu','blas@gmail.com'"
+portal_email_username: "pga.airavata@gmail.com"
+portal_email_password: "airavata12"
+...
http://git-wip-us.apache.org/repos/asf/airavata/blob/c5b37ac5/site.yml
----------------------------------------------------------------------
diff --git a/site.yml b/site.yml
index cf71290..728d3f0 100644
--- a/site.yml
+++ b/site.yml
@@ -1,25 +1,33 @@
---
#Master playbook
- hosts: zookeeper
+ tags: zookeeper
roles:
- setup
- zookeeper
- hosts: rabbitmq
+ tags: rabbitmq
roles:
- setup
- rabbitmq
- hosts: gfac
+ tags: gfac
roles:
- setup
- common
- gfac
- hosts: api-orch
+ tags: api-orch
roles:
- setup
- common
- api-orch
+- hosts: pga
+ tags: pga
+ roles:
+ - pga
...