Skip to content

/ midPoint_container

Permalink
Browse files

Add items related to dockerized version of mP

  • Loading branch information
@mederly
mederly committed Aug 31, 2018
1 parent a7addd4 commit 0234bc37601e2f0124315c1833d4ebc95103abdd
6 README.md
View file
@@ -1,5 +1,7 @@
# midPoint_container

Eventually here will be a dockerized version of midPoint suitable for the use within TIER environment.
In the [grouper-midpoint](grouper-midpoint) directory there is a [midPoint <-> Grouper integration demo](https://spaces.at.internet2.edu/display/TIERENTREG/midPoint+-+Grouper+integration+demo).

Currently there is [midPoint <-> Grouper integration demo](grouper-midpoint), a work still in progress.
In the [midpoint](midpoint) directory there is a dockerized version of midPoint suitable for the use within TIER environment.

Both are in progress.
60 midpoint/README.md
View file
@@ -0,0 +1,60 @@
# Overview

This is a preliminary version of midPoint dockerization for TIER environment.

There are two containers there:

- `midpoint-server`: provides the midPoint application
- `midpoint-data`: provides the default midPoint repository

The repository can be implemented in any other way: by another container (perhaps hosting a different database) or by providing it externally: on premises or in cloud.

All files needed to build and compose these containers are in this directory.

# Building and starting
## Downloading midPoint

Before building, please build or download current `midpoint-3.9-SNAPSHOT-dist.tar.gz` file and put it into `midpoint-server` directory. There are the following options:
1. Build midPoint from sources as described [here](https://wiki.evolveum.com/display/midPoint/Building+MidPoint+From+Source+Code) - but use `tmp/tier` branch instead of `master`. It should contain a bit more stable code in comparison with the master branch.
2. Use `download-midpoint` script.
3. Download midPoint manually from [Evolveum web site](https://evolveum.com/downloads/midpoint-tier/midpoint-3.9-SNAPSHOT-dist.tar.gz).

Showing e.g. the second option:

```
$ ./download-midpoint
Downloading midPoint 3.9-SNAPSHOT
-----------------------------------------
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 157M 100 157M 0 0 867k 0 0:03:05 0:03:05 --:--:-- 954k
-----------------------------------------
Checking the download...
OK
```

## Creating Docker composition

After midPoint archive is correctly placed into `midpoint-server` directory, please execute the following commands:

```
$ docker-compose up --build
```

This will take a while.

Finally, you will see notices like these:

```
Starting midpoint_midpoint-data_1 ...
Starting midpoint_midpoint-data_1 ... done
Recreating midpoint_midpoint-server_1 ...
Recreating midpoint_midpoint-server_1 ... done
Attaching to midpoint_midpoint-data_1, midpoint_midpoint-server_1
```

followed by startup messages from individual Docker containers.

## After installation

After Docker containers are up, check that you can log into midPoint at `http://localhost:8080/midpoint` using `administrator/5ecr3t`.
1 midpoint/configs-and-secrets/midpoint/database_password.txt
View file
@@ -0,0 +1 @@
456654
61 midpoint/docker-compose.yml
View file
@@ -0,0 +1,61 @@
#
# Building:
# - docker-compose up --build
#
# It assumes that midpoint-3.9-SNAPSHOT-dist.tar.gz is present in the 'midpoint-server' directory. (TODO: eliminate this!)
#

version: "3.3"

services:
midpoint-data:
build: ./midpoint-data/
expose:
- 3306
ports:
- 3306:3306
networks:
- back
volumes:
- midpoint_mysql:/var/lib/mysql

midpoint-server:
build: ./midpoint-server/
depends_on:
- midpoint-data
expose:
- 8080
ports:
- 8080:8080
volumes:
- midpoint_home:/opt/midpoint/var
networks:
- back
secrets:
- m_database_password.txt
# the following is just to demonstrate required normalization of logging parameters
# environment:
# - LOGFILE=midpoint.log
# - COMPONENT=midpoint;tier
# - "USERTOKEN=user token "
# - ENV=demo only
#
# repository configuration examples
# - REPO_DATABASE_TYPE=mariadb
# - REPO_HOST=xyz
# - REPO_PORT=10000
# the following overrides default URL construction
# - REPO_JDBC_URL=jdbc:mariadb://midpoint-data:3306/midpoint

networks:
back:
driver: bridge


secrets:
m_database_password.txt:
file: ./configs-and-secrets/midpoint/database_password.txt

volumes:
midpoint_mysql:
midpoint_home:
13 midpoint/download-midpoint
View file
@@ -0,0 +1,13 @@
#!/bin/bash

echo "Downloading midPoint 3.9-SNAPSHOT"
echo "-----------------------------------------"
curl --output midpoint-server/midpoint-3.9-SNAPSHOT-dist.tar.gz "https://evolveum.com/downloads/midpoint-tier/midpoint-3.9-SNAPSHOT-dist.tar.gz"
echo "-----------------------------------------"
echo "Checking the download..."
if tar -tf midpoint-server/midpoint-3.9-SNAPSHOT-dist.tar.gz >/dev/null; then
echo "OK"
else
echo "The file was not downloaded correctly"
fi

39 midpoint/midpoint-data/Dockerfile
View file
@@ -0,0 +1,39 @@
FROM centos:centos7

LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"

COPY ./conf/mariadb.repo /etc/yum.repos.d/

RUN yum install -y epel-release \
&& yum update -y \
&& yum install -y mariadb-server mariadb \
&& yum clean all \
&& rm -rf /var/cache/yum

COPY database_password.txt /tmp/

RUN mysql_install_db \
&& chown -R mysql:mysql /var/lib/mysql/ \
&& sed -i 's/^\(bind-address\s.*\)/# \1/' /etc/my.cnf \
&& sed -i 's/^\(log_error\s.*\)/# \1/' /etc/my.cnf \
&& sed -i 's/\[mysqld\]/\[mysqld\]\ncharacter_set_server = utf8/' /etc/my.cnf \
&& sed -i 's/\[mysqld\]/\[mysqld\]\ncollation_server = utf8_bin/' /etc/my.cnf \
&& sed -i 's/\[mysqld\]/\[mysqld\]\nport = 3306/' /etc/my.cnf \
&& cat /etc/my.cnf \
&& echo "/usr/bin/mysqld_safe &" > /tmp/config \
&& echo "mysqladmin --silent --wait=30 ping || exit 1" >> /tmp/config \
&& echo "mysql -e \"CREATE USER 'root'@'%' IDENTIFIED BY '`cat /tmp/database_password.txt`';\"" >> /tmp/config \
&& echo "echo ok0" >> /tmp/config \
&& echo "mysql -e 'GRANT ALL PRIVILEGES ON *.* TO \"root\"@\"%\" WITH GRANT OPTION;'" >> /tmp/config \
&& echo "echo ok1" >> /tmp/config \
&& echo "mysql -e 'CREATE DATABASE midpoint CHARACTER SET utf8 COLLATE utf8_bin;'" >> /tmp/config \
&& echo "echo ok2" >> /tmp/config \
&& echo "mysql -e \"SET PASSWORD FOR 'root'@'localhost' = PASSWORD('`cat /tmp/database_password.txt`');\"" >> /tmp/config \
&& echo "echo ok3" >> /tmp/config \
&& cat /tmp/config \
&& bash /tmp/config \
&& rm -f /tmp/config /tmp/database_password.txt

EXPOSE 3306

CMD mysqld_safe
6 midpoint/midpoint-data/conf/mariadb.repo
View file
@@ -0,0 +1,6 @@
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

1 midpoint/midpoint-data/database_password.txt
View file
@@ -0,0 +1 @@
456654
1 midpoint/midpoint-data/readme.txt
View file
@@ -0,0 +1 @@
database_password.txt should be synchronized with ../configs-and-secrets/midpoint/database_password.txt
65 midpoint/midpoint-server/Dockerfile
View file
@@ -0,0 +1,65 @@
#
# Building assumes midpoint-3.9-SNAPSHOT-dist.tar.gz is present in the current directory.
#

FROM tier/shibboleth_sp

MAINTAINER info@evolveum.com

# TODO switch to other appropriate Java implementation

RUN yum -y install java-1.8.0-openjdk

# Build arguments

ARG MP_VERSION=3.9-SNAPSHOT
ARG MP_DIST_FILE=midpoint-${MP_VERSION}-dist.tar.gz

ENV MP_DIR=/opt/midpoint

# Copying files

RUN mkdir -p ${MP_DIR}/var
COPY ${MP_DIST_FILE} ${MP_DIR}
COPY container_files/ ${MP_DIR}/
RUN echo 'Extracting midPoint archive...' \
&& tar xzf ${MP_DIR}/midpoint-${MP_VERSION}-dist.tar.gz -C ${MP_DIR} --strip-components=1

VOLUME ${MP_DIR}/var

# Repository parameters

ENV REPO_HOST midpoint-data
ENV REPO_PORT 3306
ENV REPO_USER root
ENV REPO_DATABASE midpoint
ENV REPO_JDBC_URL default
ENV REPO_PASSWORD_FILE /run/secrets/m_database_password.txt
ENV REPO_DATABASE_TYPE mariadb

# Logging parameters

ENV COMPONENT midpoint
ENV LOGFILE midpoint.log
ENV ENV demo
ENV USERTOKEN $MP_VERSION

# Other parameters

ENV MEM 2048M

# Execution

CMD java -Xmx$MEM -Xms2048M -Dfile.encoding=UTF8 \
-Dmidpoint.home=$MP_DIR/var \
-Dmidpoint.repository.database=$REPO_DATABASE_TYPE \
-Dmidpoint.repository.jdbcUsername=$REPO_USER \
-Dmidpoint.repository.jdbcPasswordFile=$REPO_PASSWORD_FILE \
-Dmidpoint.repository.jdbcUrl="`$MP_DIR/repository-url`" \
-Dmidpoint.repository.hibernateHbm2ddl=none \
-Dmidpoint.repository.missingSchemaAction=create \
-Dmidpoint.repository.initializationFailTimeout=60000 \
-Dmidpoint.logging.console.enabled=true \
-Dmidpoint.logging.console.prefix="`$MP_DIR/log-prefix`" \
-Dmidpoint.logging.console.timezone=UTC \
-jar $MP_DIR/lib/midpoint.war
7 midpoint/midpoint-server/container_files/log-prefix
View file
@@ -0,0 +1,7 @@
#!/bin/bash

C=${COMPONENT//[;]/_}
L=${LOGFILE//[;]/_}
E=${ENV//[; ]/_}
U=${USERTOKEN//[; ]/_}
echo $C\;$L\;$E\;$U\;
7 midpoint/midpoint-server/container_files/repository-url
View file
@@ -0,0 +1,7 @@
#!/bin/bash

if [ $REPO_JDBC_URL == "default" ]; then
echo "jdbc:mariadb://$REPO_HOST:$REPO_PORT/$REPO_DATABASE?characterEncoding=utf8"
else
echo $REPO_JDBC_URL
fi

0 comments on commit 0234bc3

Please sign in to comment.
You can’t perform that action at this time.