Add items related to dockerized version of mP

README.md

@@ -1,5 +1,7 @@
 # midPoint_container
 
-Eventually here will be a dockerized version of midPoint suitable for the use within TIER environment.
+In the [grouper-midpoint](grouper-midpoint) directory there is a [midPoint <-> Grouper integration demo](https://spaces.at.internet2.edu/display/TIERENTREG/midPoint+-+Grouper+integration+demo).
 
-Currently there is [midPoint <-> Grouper integration demo](grouper-midpoint), a work still in progress.
+In the [midpoint](midpoint) directory there is a dockerized version of midPoint suitable for the use within TIER environment.
+
+Both are in progress.

midpoint/README.md

@@ -0,0 +1,60 @@
+# Overview
+
+This is a preliminary version of midPoint dockerization for TIER environment.
+
+There are two containers there:
+
+- `midpoint-server`: provides the midPoint application
+- `midpoint-data`: provides the default midPoint repository
+
+The repository can be implemented in any other way: by another container (perhaps hosting a different database) or by providing it externally: on premises or in cloud.
+
+All files needed to build and compose these containers are in this directory.
+
+# Building and starting
+## Downloading midPoint
+
+Before building, please build or download current `midpoint-3.9-SNAPSHOT-dist.tar.gz` file and put it into `midpoint-server` directory. There are the following options:
+1. Build midPoint from sources as described [here](https://wiki.evolveum.com/display/midPoint/Building+MidPoint+From+Source+Code) - but use `tmp/tier` branch instead of `master`. It should contain a bit more stable code in comparison with the master branch.
+2. Use `download-midpoint` script.
+3. Download midPoint manually from [Evolveum web site](https://evolveum.com/downloads/midpoint-tier/midpoint-3.9-SNAPSHOT-dist.tar.gz).
+
+Showing e.g. the second option:
+
+```
+$ ./download-midpoint
+Downloading midPoint 3.9-SNAPSHOT
+-----------------------------------------
+  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
+                                 Dload  Upload   Total   Spent    Left  Speed
+100  157M  100  157M    0     0   867k      0  0:03:05  0:03:05 --:--:--  954k
+-----------------------------------------
+Checking the download...
+OK
+```
+
+## Creating Docker composition
+
+After midPoint archive is correctly placed into `midpoint-server` directory, please execute the following commands:
+
+```
+$ docker-compose up --build
+```
+
+This will take a while. 
+
+Finally, you will see notices like these:
+
+```
+Starting midpoint_midpoint-data_1 ... 
+Starting midpoint_midpoint-data_1 ... done
+Recreating midpoint_midpoint-server_1 ... 
+Recreating midpoint_midpoint-server_1 ... done
+Attaching to midpoint_midpoint-data_1, midpoint_midpoint-server_1
+```
+
+followed by startup messages from individual Docker containers.
+
+## After installation
+
+After Docker containers are up, check that you can log into midPoint at `http://localhost:8080/midpoint` using `administrator/5ecr3t`.

midpoint/configs-and-secrets/midpoint/database_password.txt

@@ -0,0 +1 @@
+456654

midpoint/docker-compose.yml

@@ -0,0 +1,61 @@
+#
+# Building:
+#  - docker-compose up --build
+#
+# It assumes that midpoint-3.9-SNAPSHOT-dist.tar.gz is present in the 'midpoint-server' directory. (TODO: eliminate this!)
+#
+
+version: "3.3"
+
+services:
+  midpoint-data:
+    build: ./midpoint-data/
+    expose:
+     - 3306
+    ports:
+     - 3306:3306
+    networks:
+     - back
+    volumes:
+     - midpoint_mysql:/var/lib/mysql
+
+  midpoint-server:
+    build: ./midpoint-server/
+    depends_on:
+      - midpoint-data
+    expose:
+      - 8080
+    ports:
+      - 8080:8080
+    volumes:
+      - midpoint_home:/opt/midpoint/var
+    networks:
+      - back
+    secrets:
+      - m_database_password.txt
+# the following is just to demonstrate required normalization of logging parameters
+#    environment:
+#      - LOGFILE=midpoint.log
+#      - COMPONENT=midpoint;tier
+#      - "USERTOKEN=user token "
+#      - ENV=demo only
+#
+# repository configuration examples
+#      - REPO_DATABASE_TYPE=mariadb
+#      - REPO_HOST=xyz
+#      - REPO_PORT=10000
+#      the following overrides default URL construction
+#      - REPO_JDBC_URL=jdbc:mariadb://midpoint-data:3306/midpoint
+
+networks:
+  back:    
+    driver: bridge
+
+
+secrets:
+  m_database_password.txt:
+    file: ./configs-and-secrets/midpoint/database_password.txt
+
+volumes:
+  midpoint_mysql:
+  midpoint_home:

midpoint/download-midpoint

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+echo "Downloading midPoint 3.9-SNAPSHOT"
+echo "-----------------------------------------"
+curl --output midpoint-server/midpoint-3.9-SNAPSHOT-dist.tar.gz "https://evolveum.com/downloads/midpoint-tier/midpoint-3.9-SNAPSHOT-dist.tar.gz"
+echo "-----------------------------------------"
+echo "Checking the download..."
+if tar -tf midpoint-server/midpoint-3.9-SNAPSHOT-dist.tar.gz >/dev/null; then
+  echo "OK"
+else
+  echo "The file was not downloaded correctly"
+fi
+

midpoint/midpoint-data/Dockerfile

@@ -0,0 +1,39 @@
+FROM centos:centos7
+
+LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
+
+COPY ./conf/mariadb.repo /etc/yum.repos.d/
+
+RUN yum install -y epel-release \
+    && yum update -y \
+    && yum install -y mariadb-server mariadb \
+    && yum clean all \
+    && rm -rf /var/cache/yum
+
+COPY database_password.txt /tmp/
+
+RUN mysql_install_db \
+    && chown -R mysql:mysql /var/lib/mysql/ \
+    && sed -i 's/^\(bind-address\s.*\)/# \1/' /etc/my.cnf \
+    && sed -i 's/^\(log_error\s.*\)/# \1/' /etc/my.cnf \
+    && sed -i 's/\[mysqld\]/\[mysqld\]\ncharacter_set_server = utf8/' /etc/my.cnf \
+    && sed -i 's/\[mysqld\]/\[mysqld\]\ncollation_server = utf8_bin/' /etc/my.cnf \
+    && sed -i 's/\[mysqld\]/\[mysqld\]\nport = 3306/' /etc/my.cnf \
+    && cat  /etc/my.cnf \
+    && echo "/usr/bin/mysqld_safe &" > /tmp/config \
+    && echo "mysqladmin --silent --wait=30 ping || exit 1" >> /tmp/config \
+    && echo "mysql -e \"CREATE USER 'root'@'%' IDENTIFIED BY '`cat /tmp/database_password.txt`';\"" >> /tmp/config \
+    && echo "echo ok0" >> /tmp/config \
+    && echo "mysql -e 'GRANT ALL PRIVILEGES ON *.* TO \"root\"@\"%\" WITH GRANT OPTION;'" >> /tmp/config \
+    && echo "echo ok1" >> /tmp/config \
+    && echo "mysql -e 'CREATE DATABASE midpoint CHARACTER SET utf8 COLLATE utf8_bin;'" >> /tmp/config \
+    && echo "echo ok2" >> /tmp/config \
+    && echo "mysql -e \"SET PASSWORD FOR 'root'@'localhost' = PASSWORD('`cat /tmp/database_password.txt`');\"" >> /tmp/config \
+    && echo "echo ok3" >> /tmp/config \
+    && cat /tmp/config \
+    && bash /tmp/config \
+    && rm -f /tmp/config /tmp/database_password.txt
+
+EXPOSE 3306
+
+CMD mysqld_safe

midpoint/midpoint-data/conf/mariadb.repo

@@ -0,0 +1,6 @@
+[mariadb]
+name = MariaDB
+baseurl = http://yum.mariadb.org/10.1/centos7-amd64
+gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
+gpgcheck=1
+

midpoint/midpoint-data/database_password.txt

@@ -0,0 +1 @@
+456654

midpoint/midpoint-data/readme.txt

@@ -0,0 +1 @@
+database_password.txt should be synchronized with ../configs-and-secrets/midpoint/database_password.txt

midpoint/midpoint-server/Dockerfile

@@ -0,0 +1,65 @@
+#
+#  Building assumes midpoint-3.9-SNAPSHOT-dist.tar.gz is present in the current directory.
+#
+
+FROM tier/shibboleth_sp
+
+MAINTAINER info@evolveum.com
+
+# TODO switch to other appropriate Java implementation
+
+RUN yum -y install java-1.8.0-openjdk
+
+# Build arguments
+
+ARG MP_VERSION=3.9-SNAPSHOT
+ARG MP_DIST_FILE=midpoint-${MP_VERSION}-dist.tar.gz
+
+ENV MP_DIR=/opt/midpoint
+
+# Copying files
+
+RUN mkdir -p ${MP_DIR}/var
+COPY ${MP_DIST_FILE} ${MP_DIR}
+COPY container_files/ ${MP_DIR}/
+RUN echo 'Extracting midPoint archive...' \
+ && tar xzf ${MP_DIR}/midpoint-${MP_VERSION}-dist.tar.gz -C ${MP_DIR} --strip-components=1
+
+VOLUME ${MP_DIR}/var
+
+# Repository parameters
+
+ENV REPO_HOST midpoint-data
+ENV REPO_PORT 3306
+ENV REPO_USER root
+ENV REPO_DATABASE midpoint
+ENV REPO_JDBC_URL default
+ENV REPO_PASSWORD_FILE /run/secrets/m_database_password.txt
+ENV REPO_DATABASE_TYPE mariadb
+
+# Logging parameters
+
+ENV COMPONENT midpoint
+ENV LOGFILE midpoint.log
+ENV ENV demo
+ENV USERTOKEN $MP_VERSION
+
+# Other parameters
+
+ENV MEM 2048M
+
+# Execution
+
+CMD java -Xmx$MEM -Xms2048M -Dfile.encoding=UTF8 \
+       -Dmidpoint.home=$MP_DIR/var \
+       -Dmidpoint.repository.database=$REPO_DATABASE_TYPE \
+       -Dmidpoint.repository.jdbcUsername=$REPO_USER \
+       -Dmidpoint.repository.jdbcPasswordFile=$REPO_PASSWORD_FILE \
+       -Dmidpoint.repository.jdbcUrl="`$MP_DIR/repository-url`" \
+       -Dmidpoint.repository.hibernateHbm2ddl=none \
+       -Dmidpoint.repository.missingSchemaAction=create \
+       -Dmidpoint.repository.initializationFailTimeout=60000 \
+       -Dmidpoint.logging.console.enabled=true \
+       -Dmidpoint.logging.console.prefix="`$MP_DIR/log-prefix`" \
+       -Dmidpoint.logging.console.timezone=UTC \
+       -jar $MP_DIR/lib/midpoint.war

midpoint/midpoint-server/container_files/log-prefix

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+C=${COMPONENT//[;]/_}
+L=${LOGFILE//[;]/_}
+E=${ENV//[; ]/_}
+U=${USERTOKEN//[; ]/_}
+echo $C\;$L\;$E\;$U\;

midpoint/midpoint-server/container_files/repository-url

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+if [ $REPO_JDBC_URL == "default" ]; then
+  echo "jdbc:mariadb://$REPO_HOST:$REPO_PORT/$REPO_DATABASE?characterEncoding=utf8"
+else
+  echo $REPO_JDBC_URL
+fi