From 1eb9be8e44f2416df8f45438c780a806d149fb83 Mon Sep 17 00:00:00 2001 From: Thomas Bouron Date: Wed, 6 Sep 2017 11:18:08 +0100 Subject: [PATCH 1/5] Extracting catalog item into their own file --- .../src/main/resources/catalog/catalog.bom | 368 ++++++++++++++++++ .../main/resources/etc/default.catalog.bom | 362 +---------------- 2 files changed, 369 insertions(+), 361 deletions(-) create mode 100644 karaf/apache-brooklyn/src/main/resources/catalog/catalog.bom diff --git a/karaf/apache-brooklyn/src/main/resources/catalog/catalog.bom b/karaf/apache-brooklyn/src/main/resources/catalog/catalog.bom new file mode 100644 index 0000000000..c62859df32 --- /dev/null +++ b/karaf/apache-brooklyn/src/main/resources/catalog/catalog.bom @@ -0,0 +1,368 @@ + +# this catalog bom is an illustration supplying a few useful sample items +# and templates to get started using Brooklyn + +brooklyn.catalog: + version: "0.12.0-SNAPSHOT" # BROOKLYN_VERSION + include: classpath://library-catalog-classes.bom + + items: + + - id: server + itemType: entity + description: | + Provision a server, with customizable provisioning.properties and credentials installed, + but no other special software process or scripts executed. + item: + type: org.apache.brooklyn.entity.software.base.EmptySoftwareProcess + name: Server + + - id: vanilla-bash-server + itemType: entity + description: | + Provision a server, with customizable provisioning.properties and credentials installed, + but no other special software process or scripts executed. + The script should be supplied in "launch.command" as per docs on + org.apache.brooklyn.entity.software.base.VanillaSoftwareProcess. + item: + type: org.apache.brooklyn.entity.software.base.VanillaSoftwareProcess + name: Server with Launch Script (bash) + + - id: load-balancer + itemType: entity + description: | + Create a load balancer which will point at members in the group entity + referred to by the config key "serverPool". + The sensor advertising the port can be configured with the "member.sensor.portNumber" config key, + defaulting to `http.port`; all member entities which have published "service.up" will then be picked up. + item: + type: org.apache.brooklyn.entity.proxy.nginx.NginxController + name: Load Balancer (nginx) + + - id: cluster + itemType: entity + description: | + Create a cluster of entities, resizable, with starting size "initialSize", + and using a spec supplied in the "memberSpec" key. + item: + type: org.apache.brooklyn.entity.group.DynamicCluster + + - id: 1-server-template + itemType: template + name: "Template 1: Server" + description: | + Sample YAML to provision a server in a cloud with illustrative VM properties + item: + name: Server (Brooklyn Example) + + # this basic example shows how Brooklyn can provision a single raw VM + # in the cloud or location of your choice + + services: + - type: server + name: My VM + + # location can be e.g. `softlayer` or `jclouds:openstack-nova:https://9.9.9.9:9999/v2.0/`, + # or `localhost` or `byon:(hosts="10.9.1.1,10.9.1.2,produser2@10.9.2.{10,11,20-29}")` + location: + jclouds:aws-ec2: + # edit these to use your credential (or delete if credentials specified in brooklyn.properties) + identity: + credential: + + region: eu-central-1 + + # we want Ubuntu, with a lot of RAM + osFamily: ubuntu + minRam: 8gb + + # set up this user and password (default is to authorize a public key) + user: sample + password: s4mpl3 + + - id: 2-bash-web-server-template + itemType: template + name: "Template 2: Bash Web Server" + description: | + Sample YAML building on Template 1, + adding bash commands to launch a Python-based web server + on port 8020 + item: + name: Python Web Server (Brooklyn Example) + + # this example builds on the previous one, + # adding some scripts to initialize the VM + + services: + - type: vanilla-bash-server + name: My Bash Web Server VM + brooklyn.config: + install.command: | + # install python if not present + which python || \ + { sudo apt-get update && sudo apt-get install python ; } || \ + { sudo yum update && sudo yum install python ; } || \ + { echo WARNING: cannot install python && exit 1 ; } + + customize.command: | + # create the web page to serve + cat > index.html << EOF + + Hello world. +

+ I am ${ENTITY_INFO}, ${MESSAGE:-a Brooklyn sample}. +

+ Created at: `date` +

+ I am running at ${HOSTNAME}, with on-box IP configuration: + 

+            `ifconfig | grep inet`
+
+ + EOF + + launch.command: | + # launch in background (ensuring no streams open), and record PID to file + nohup python -m SimpleHTTPServer ${PORT:-8020} < /dev/null > output.txt 2>&1 & + echo $! > ${PID_FILE:-pid.txt} + sleep 5 + ps -p `cat ${PID_FILE:-pid.txt}` + if [ $? -ne 0 ] ; then + cat output.txt + echo WARNING: python web server not running + exit 1 + fi + + shell.env: + HOSTNAME: $brooklyn:attributeWhenReady("host.name") + PORT: $brooklyn:config("my.app.port") + ENTITY_INFO: $brooklyn:component("this", "") + MESSAGE: $brooklyn:config("my.message") + + # custom + my.app.port: 8020 + my.message: "good to meet you" + + brooklyn.enrichers: + # publish the URL as a sensor; the GUI will pick this up (main.uri) + - type: org.apache.brooklyn.enricher.stock.Transformer + brooklyn.config: + uniqueTag: url-generator + enricher.sourceSensor: host.subnet.hostname + # use the definition from Attributes class, as it has a RendererHint so GUI makes it a link + enricher.targetSensor: $brooklyn:sensor("org.apache.brooklyn.core.entity.Attributes", "main.uri") + enricher.targetValue: + $brooklyn:formatString: + - "http://%s:%s/" + - $brooklyn:attributeWhenReady("host.subnet.hostname") + - $brooklyn:config("my.app.port") + + location: + jclouds:aws-ec2: + region: eu-central-1 + # edit these (or delete if credentials specified in brooklyn.properties) + identity: + credential: + + - id: 3-bash-web-and-riak-template + itemType: template + name: "Template 3: Bash Web Server and Scaling Riak Cluster" + description: | + Sample YAML building on Template 2, + composing that blueprint with a Riak cluster and injecting the URL + item: + name: Bash Web Server and Riak Cluster (Brooklyn Example) + + # this example *references* the previous one, + # combining it with a stock blueprint for a Riak cluster, + # and shows how a sensor from the latter can be injected + + services: + + # reference template 2, overriding message to point at riak + - type: 2-bash-web-server-template + brooklyn.config: + my.message: $brooklyn:formatString("connected to Riak at %s", + $brooklyn:entity("riak-cluster").attributeWhenReady("main.uri")) + # and clear the location defined there so it is taken from this template + locations: [] + + # use the off-the-shelf Riak cluster + - type: org.apache.brooklyn.entity.nosql.riak.RiakCluster + id: riak-cluster + initialSize: 3 + # and add a policy to scale based on ops per minute + brooklyn.policies: + - type: org.apache.brooklyn.policy.autoscaling.AutoScalerPolicy + brooklyn.config: + metric: riak.node.ops.1m.perNode + # more than 100 ops per second (6k/min) scales out, less than 50 scales back + # up to a max of 8 riak nodes here (can be changed in GUI / REST API afterwards) + metricLowerBound: 3000 + metricUpperBound: 6000 + minPoolSize: 3 + maxPoolSize: 8 + resizeUpStabilizationDelay: 30s + resizeDownStabilizationDelay: 5m + + location: + jclouds:aws-ec2: + region: eu-central-1 + # edit these (or delete if credentials specified in brooklyn.properties) + identity: + credential: + + - id: 4-resilient-bash-web-cluster-template + itemType: template + name: "Template 4: Resilient Load-Balanced Bash Web Cluster with Sensors" + description: | + Sample YAML to provision a cluster of the bash/python web server nodes, + with sensors configured, and a load balancer pointing at them, + and resilience policies for node replacement and scaling + item: + name: Resilient Load-Balanced Bash Web Cluster (Brooklyn Example) + + # this final example shows some of the advanced functionality: + # defining custom sensors, and a cluster with a "spec", + # policies for resilience and scaling based on that sensor, + # and wiring a load balancer in front of the cluster + + # combining this with the riak cluster in the previous example + # is left as a suggested exercise for the user + + services: + + # define a cluster of the web nodes + - type: cluster + name: Cluster of Bash Web Nodes + id: my-web-cluster + brooklyn.config: + initialSize: 1 + memberSpec: + $brooklyn:entitySpec: + # template 2 is used as the spec for items in this cluster + # with a new message overwriting the previous, + # and a lot of sensors defined + type: 2-bash-web-server-template + name: My Bash Web Server VM with Sensors + # and clear the location defined there so it is taken from this template + locations: [] + + brooklyn.config: + my.message: "part of the cluster" + + brooklyn.initializers: + # make a simple request-count sensor, by counting the number of 200 responses in output.txt + - type: org.apache.brooklyn.core.sensor.ssh.SshCommandSensor + brooklyn.config: + name: reqs.count + targetType: int + period: 5s + command: "cat output.txt | grep HTTP | grep 200 | wc | awk '{print $1}'" + # and publish the port as a sensor so the load-balancer can pick it up + - type: org.apache.brooklyn.core.sensor.StaticSensor + brooklyn.config: + name: app.port + targetType: int + static.value: $brooklyn:config("my.app.port") + + brooklyn.enrichers: + # derive reqs.per_sec from reqs.count + - type: org.apache.brooklyn.enricher.stock.YamlTimeWeightedDeltaEnricher + brooklyn.config: + enricher.sourceSensor: reqs.count + enricher.targetSensor: reqs.per_sec + enricher.delta.period: 1s + # and take an average over 30s for reqs.per_sec into reqs.per_sec.windowed_30s + - type: org.apache.brooklyn.enricher.stock.YamlRollingTimeWindowMeanEnricher + brooklyn.config: + enricher.sourceSensor: reqs.per_sec + enricher.targetSensor: reqs.per_sec.windowed_30s + enricher.window.duration: 30s + + # emit failure sensor if a failure connecting to the service is sustained for 30s + - type: org.apache.brooklyn.policy.ha.ServiceFailureDetector + brooklyn.config: + entityFailed.stabilizationDelay: 30s + + brooklyn.policies: + # restart if a failure is detected (with a max of one restart in 2m, sensor will propagate otherwise) + - type: org.apache.brooklyn.policy.ha.ServiceRestarter + brooklyn.config: + failOnRecurringFailuresInThisDuration: 2m + + # back at the cluster, create a total per-sec and some per-node average + brooklyn.enrichers: + - type: org.apache.brooklyn.enricher.stock.Aggregator + brooklyn.config: + enricher.sourceSensor: reqs.per_sec + enricher.targetSensor: reqs.per_sec + transformation: sum + - type: org.apache.brooklyn.enricher.stock.Aggregator + brooklyn.config: + enricher.sourceSensor: reqs.per_sec + enricher.targetSensor: reqs.per_sec.per_node + transformation: average + - type: org.apache.brooklyn.enricher.stock.Aggregator + brooklyn.config: + enricher.sourceSensor: reqs.per_sec.windowed_30s + enricher.targetSensor: reqs.per_sec.windowed_30s.per_node + transformation: average + + brooklyn.policies: + # resilience: if a per-node restart policy fails, + # just throw that node away and create a new one + - type: org.apache.brooklyn.policy.ha.ServiceReplacer + + # and scale based on reqs/sec + - type: org.apache.brooklyn.policy.autoscaling.AutoScalerPolicy + brooklyn.config: + # scale based on reqs/sec (though in a real-world situation, + # reqs.per_sec.windowed_30s.per_node might be a better choice) + metric: reqs.per_sec.per_node + + # really low numbers, so you can trigger a scale-out just by hitting reload a lot + metricUpperBound: 3 + metricLowerBound: 1 + + # sustain 3 reqs/sec for 2s and it will scale out + resizeUpStabilizationDelay: 2s + # only scale down when sustained for 1m + resizeDownStabilizationDelay: 1m + + maxPoolSize: 10 + + # and add a load-balancer pointing at the cluster + - type: load-balancer + id: load-bal + brooklyn.config: + # point this load balancer at the cluster, specifying port to forward to + loadbalancer.serverpool: $brooklyn:entity("my-web-cluster") + member.sensor.portNumber: app.port + # disable sticky sessions to allow easy validation of balancing via browser refresh + nginx.sticky: false + + brooklyn.enrichers: + # publish a few useful info sensors and KPI's to the root of the app + - type: org.apache.brooklyn.enricher.stock.Propagator + brooklyn.config: + uniqueTag: propagate-load-balancer-url + producer: $brooklyn:entity("load-bal") + propagating: + - main.uri + - type: org.apache.brooklyn.enricher.stock.Propagator + brooklyn.config: + uniqueTag: propagate-reqs-per-sec + producer: $brooklyn:entity("my-web-cluster") + propagating: + - reqs.per_sec + - reqs.per_sec.windowed_30s.per_node + + location: + jclouds:aws-ec2: + # edit these (or delete if credentials specified in brooklyn.properties) + identity: + credential: + + region: eu-central-1 + minRam: 2gb diff --git a/karaf/apache-brooklyn/src/main/resources/etc/default.catalog.bom b/karaf/apache-brooklyn/src/main/resources/etc/default.catalog.bom index ac658e1d3f..b12e93285c 100644 --- a/karaf/apache-brooklyn/src/main/resources/etc/default.catalog.bom +++ b/karaf/apache-brooklyn/src/main/resources/etc/default.catalog.bom @@ -5,365 +5,5 @@ brooklyn.catalog: bundle: brooklyn-default-karaf-catalog version: "0.12.0-SNAPSHOT" # BROOKLYN_VERSION - include: classpath://library-catalog-classes.bom - items: - - - id: server - itemType: entity - description: | - Provision a server, with customizable provisioning.properties and credentials installed, - but no other special software process or scripts executed. - item: - type: org.apache.brooklyn.entity.software.base.EmptySoftwareProcess - name: Server - - - id: vanilla-bash-server - itemType: entity - description: | - Provision a server, with customizable provisioning.properties and credentials installed, - but no other special software process or scripts executed. - The script should be supplied in "launch.command" as per docs on - org.apache.brooklyn.entity.software.base.VanillaSoftwareProcess. - item: - type: org.apache.brooklyn.entity.software.base.VanillaSoftwareProcess - name: Server with Launch Script (bash) - - - id: load-balancer - itemType: entity - description: | - Create a load balancer which will point at members in the group entity - referred to by the config key "serverPool". - The sensor advertising the port can be configured with the "member.sensor.portNumber" config key, - defaulting to `http.port`; all member entities which have published "service.up" will then be picked up. - item: - type: org.apache.brooklyn.entity.proxy.nginx.NginxController - name: Load Balancer (nginx) - - - id: cluster - itemType: entity - description: | - Create a cluster of entities, resizable, with starting size "initialSize", - and using a spec supplied in the "memberSpec" key. - item: - type: org.apache.brooklyn.entity.group.DynamicCluster - - - id: 1-server-template - itemType: template - name: "Template 1: Server" - description: | - Sample YAML to provision a server in a cloud with illustrative VM properties - item: - name: Server (Brooklyn Example) - - # this basic example shows how Brooklyn can provision a single raw VM - # in the cloud or location of your choice - - services: - - type: server - name: My VM - - # location can be e.g. `softlayer` or `jclouds:openstack-nova:https://9.9.9.9:9999/v2.0/`, - # or `localhost` or `byon:(hosts="10.9.1.1,10.9.1.2,produser2@10.9.2.{10,11,20-29}")` - location: - jclouds:aws-ec2: - # edit these to use your credential (or delete if credentials specified in brooklyn.properties) - identity: - credential: - - region: eu-central-1 - - # we want Ubuntu, with a lot of RAM - osFamily: ubuntu - minRam: 8gb - - # set up this user and password (default is to authorize a public key) - user: sample - password: s4mpl3 - - - id: 2-bash-web-server-template - itemType: template - name: "Template 2: Bash Web Server" - description: | - Sample YAML building on Template 1, - adding bash commands to launch a Python-based web server - on port 8020 - item: - name: Python Web Server (Brooklyn Example) - - # this example builds on the previous one, - # adding some scripts to initialize the VM - - services: - - type: vanilla-bash-server - name: My Bash Web Server VM - brooklyn.config: - install.command: | - # install python if not present - which python || \ - { sudo apt-get update && sudo apt-get install python ; } || \ - { sudo yum update && sudo yum install python ; } || \ - { echo WARNING: cannot install python && exit 1 ; } - - customize.command: | - # create the web page to serve - cat > index.html << EOF - - Hello world. -

- I am ${ENTITY_INFO}, ${MESSAGE:-a Brooklyn sample}. -

- Created at: `date` -

- I am running at ${HOSTNAME}, with on-box IP configuration: - 

-            `ifconfig | grep inet`
-
- - EOF - - launch.command: | - # launch in background (ensuring no streams open), and record PID to file - nohup python -m SimpleHTTPServer ${PORT:-8020} < /dev/null > output.txt 2>&1 & - echo $! > ${PID_FILE:-pid.txt} - sleep 5 - ps -p `cat ${PID_FILE:-pid.txt}` - if [ $? -ne 0 ] ; then - cat output.txt - echo WARNING: python web server not running - exit 1 - fi - - shell.env: - HOSTNAME: $brooklyn:attributeWhenReady("host.name") - PORT: $brooklyn:config("my.app.port") - ENTITY_INFO: $brooklyn:component("this", "") - MESSAGE: $brooklyn:config("my.message") - - # custom - my.app.port: 8020 - my.message: "good to meet you" - - brooklyn.enrichers: - # publish the URL as a sensor; the GUI will pick this up (main.uri) - - type: org.apache.brooklyn.enricher.stock.Transformer - brooklyn.config: - uniqueTag: url-generator - enricher.sourceSensor: host.subnet.hostname - # use the definition from Attributes class, as it has a RendererHint so GUI makes it a link - enricher.targetSensor: $brooklyn:sensor("org.apache.brooklyn.core.entity.Attributes", "main.uri") - enricher.targetValue: - $brooklyn:formatString: - - "http://%s:%s/" - - $brooklyn:attributeWhenReady("host.subnet.hostname") - - $brooklyn:config("my.app.port") - - location: - jclouds:aws-ec2: - region: eu-central-1 - # edit these (or delete if credentials specified in brooklyn.properties) - identity: - credential: - - - id: 3-bash-web-and-riak-template - itemType: template - name: "Template 3: Bash Web Server and Scaling Riak Cluster" - description: | - Sample YAML building on Template 2, - composing that blueprint with a Riak cluster and injecting the URL - item: - name: Bash Web Server and Riak Cluster (Brooklyn Example) - - # this example *references* the previous one, - # combining it with a stock blueprint for a Riak cluster, - # and shows how a sensor from the latter can be injected - - services: - - # reference template 2, overriding message to point at riak - - type: 2-bash-web-server-template - brooklyn.config: - my.message: $brooklyn:formatString("connected to Riak at %s", - $brooklyn:entity("riak-cluster").attributeWhenReady("main.uri")) - # and clear the location defined there so it is taken from this template - locations: [] - - # use the off-the-shelf Riak cluster - - type: org.apache.brooklyn.entity.nosql.riak.RiakCluster - id: riak-cluster - initialSize: 3 - # and add a policy to scale based on ops per minute - brooklyn.policies: - - type: org.apache.brooklyn.policy.autoscaling.AutoScalerPolicy - brooklyn.config: - metric: riak.node.ops.1m.perNode - # more than 100 ops per second (6k/min) scales out, less than 50 scales back - # up to a max of 8 riak nodes here (can be changed in GUI / REST API afterwards) - metricLowerBound: 3000 - metricUpperBound: 6000 - minPoolSize: 3 - maxPoolSize: 8 - resizeUpStabilizationDelay: 30s - resizeDownStabilizationDelay: 5m - - location: - jclouds:aws-ec2: - region: eu-central-1 - # edit these (or delete if credentials specified in brooklyn.properties) - identity: - credential: - - - id: 4-resilient-bash-web-cluster-template - itemType: template - name: "Template 4: Resilient Load-Balanced Bash Web Cluster with Sensors" - description: | - Sample YAML to provision a cluster of the bash/python web server nodes, - with sensors configured, and a load balancer pointing at them, - and resilience policies for node replacement and scaling - item: - name: Resilient Load-Balanced Bash Web Cluster (Brooklyn Example) - - # this final example shows some of the advanced functionality: - # defining custom sensors, and a cluster with a "spec", - # policies for resilience and scaling based on that sensor, - # and wiring a load balancer in front of the cluster - - # combining this with the riak cluster in the previous example - # is left as a suggested exercise for the user - - services: - - # define a cluster of the web nodes - - type: cluster - name: Cluster of Bash Web Nodes - id: my-web-cluster - brooklyn.config: - initialSize: 1 - memberSpec: - $brooklyn:entitySpec: - # template 2 is used as the spec for items in this cluster - # with a new message overwriting the previous, - # and a lot of sensors defined - type: 2-bash-web-server-template - name: My Bash Web Server VM with Sensors - # and clear the location defined there so it is taken from this template - locations: [] - - brooklyn.config: - my.message: "part of the cluster" - - brooklyn.initializers: - # make a simple request-count sensor, by counting the number of 200 responses in output.txt - - type: org.apache.brooklyn.core.sensor.ssh.SshCommandSensor - brooklyn.config: - name: reqs.count - targetType: int - period: 5s - command: "cat output.txt | grep HTTP | grep 200 | wc | awk '{print $1}'" - # and publish the port as a sensor so the load-balancer can pick it up - - type: org.apache.brooklyn.core.sensor.StaticSensor - brooklyn.config: - name: app.port - targetType: int - static.value: $brooklyn:config("my.app.port") - - brooklyn.enrichers: - # derive reqs.per_sec from reqs.count - - type: org.apache.brooklyn.enricher.stock.YamlTimeWeightedDeltaEnricher - brooklyn.config: - enricher.sourceSensor: reqs.count - enricher.targetSensor: reqs.per_sec - enricher.delta.period: 1s - # and take an average over 30s for reqs.per_sec into reqs.per_sec.windowed_30s - - type: org.apache.brooklyn.enricher.stock.YamlRollingTimeWindowMeanEnricher - brooklyn.config: - enricher.sourceSensor: reqs.per_sec - enricher.targetSensor: reqs.per_sec.windowed_30s - enricher.window.duration: 30s - - # emit failure sensor if a failure connecting to the service is sustained for 30s - - type: org.apache.brooklyn.policy.ha.ServiceFailureDetector - brooklyn.config: - entityFailed.stabilizationDelay: 30s - - brooklyn.policies: - # restart if a failure is detected (with a max of one restart in 2m, sensor will propagate otherwise) - - type: org.apache.brooklyn.policy.ha.ServiceRestarter - brooklyn.config: - failOnRecurringFailuresInThisDuration: 2m - - # back at the cluster, create a total per-sec and some per-node average - brooklyn.enrichers: - - type: org.apache.brooklyn.enricher.stock.Aggregator - brooklyn.config: - enricher.sourceSensor: reqs.per_sec - enricher.targetSensor: reqs.per_sec - transformation: sum - - type: org.apache.brooklyn.enricher.stock.Aggregator - brooklyn.config: - enricher.sourceSensor: reqs.per_sec - enricher.targetSensor: reqs.per_sec.per_node - transformation: average - - type: org.apache.brooklyn.enricher.stock.Aggregator - brooklyn.config: - enricher.sourceSensor: reqs.per_sec.windowed_30s - enricher.targetSensor: reqs.per_sec.windowed_30s.per_node - transformation: average - - brooklyn.policies: - # resilience: if a per-node restart policy fails, - # just throw that node away and create a new one - - type: org.apache.brooklyn.policy.ha.ServiceReplacer - - # and scale based on reqs/sec - - type: org.apache.brooklyn.policy.autoscaling.AutoScalerPolicy - brooklyn.config: - # scale based on reqs/sec (though in a real-world situation, - # reqs.per_sec.windowed_30s.per_node might be a better choice) - metric: reqs.per_sec.per_node - - # really low numbers, so you can trigger a scale-out just by hitting reload a lot - metricUpperBound: 3 - metricLowerBound: 1 - - # sustain 3 reqs/sec for 2s and it will scale out - resizeUpStabilizationDelay: 2s - # only scale down when sustained for 1m - resizeDownStabilizationDelay: 1m - - maxPoolSize: 10 - - # and add a load-balancer pointing at the cluster - - type: load-balancer - id: load-bal - brooklyn.config: - # point this load balancer at the cluster, specifying port to forward to - loadbalancer.serverpool: $brooklyn:entity("my-web-cluster") - member.sensor.portNumber: app.port - # disable sticky sessions to allow easy validation of balancing via browser refresh - nginx.sticky: false - - brooklyn.enrichers: - # publish a few useful info sensors and KPI's to the root of the app - - type: org.apache.brooklyn.enricher.stock.Propagator - brooklyn.config: - uniqueTag: propagate-load-balancer-url - producer: $brooklyn:entity("load-bal") - propagating: - - main.uri - - type: org.apache.brooklyn.enricher.stock.Propagator - brooklyn.config: - uniqueTag: propagate-reqs-per-sec - producer: $brooklyn:entity("my-web-cluster") - propagating: - - reqs.per_sec - - reqs.per_sec.windowed_30s.per_node - - location: - jclouds:aws-ec2: - # edit these (or delete if credentials specified in brooklyn.properties) - identity: - credential: - - region: eu-central-1 - minRam: 2gb + - file:catalog/catalog.bom From 4118fc4f936d7fa440d5961880af2465afa89928 Mon Sep 17 00:00:00 2001 From: Thomas Bouron Date: Wed, 6 Sep 2017 14:59:22 +0100 Subject: [PATCH 2/5] Improve RPM package --- .../main/filtered-resources/etc/brooklyn.cfg | 24 +++ .../src/main/resources/bin/runbrooklyn | 39 +++++ .../src/main/resources/bin/setenv | 7 + .../org.apache.brooklyn.osgilauncher.cfg | 2 +- rpm-packaging/pom.xml | 162 +++++++++++++----- rpm-packaging/rpm/postinstall.sh | 3 - rpm-packaging/rpm/preinstall.sh | 10 ++ .../service/systemd/brooklyn.service | 10 +- .../service/upstart/rpm/brooklyn.conf | 14 +- .../src/test/yaml/package-apps.yaml | 4 +- shared-packaging/src/test/yaml/package.bom | 44 ++--- 11 files changed, 240 insertions(+), 79 deletions(-) create mode 100644 karaf/apache-brooklyn/src/main/filtered-resources/etc/brooklyn.cfg create mode 100644 karaf/apache-brooklyn/src/main/resources/bin/runbrooklyn diff --git a/karaf/apache-brooklyn/src/main/filtered-resources/etc/brooklyn.cfg b/karaf/apache-brooklyn/src/main/filtered-resources/etc/brooklyn.cfg new file mode 100644 index 0000000000..abf8550cb5 --- /dev/null +++ b/karaf/apache-brooklyn/src/main/filtered-resources/etc/brooklyn.cfg @@ -0,0 +1,24 @@ +################################################################################ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +# Web login credentials + +# Credentials for user 'admin' +brooklyn.webconsole.security.users=admin +brooklyn.webconsole.security.user.admin.password=password diff --git a/karaf/apache-brooklyn/src/main/resources/bin/runbrooklyn b/karaf/apache-brooklyn/src/main/resources/bin/runbrooklyn new file mode 100644 index 0000000000..59c95549cd --- /dev/null +++ b/karaf/apache-brooklyn/src/main/resources/bin/runbrooklyn @@ -0,0 +1,39 @@ +#!/usr/bin/env bash + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# This script is a convenience wrapper for use to avoid problems on Centos 6 +# Upstart is too old on CentOS 6, at least v1.4 required to use setuid, setgid. +# This script does the setuid and handles termination via signals. + +trap terminate_all SIGTERM +trap kill_all SIGKILL + +function terminate_all () { + pkill -SIGTERM -g ${PGROUP} + kill -s SIGTERM ${KARAF} +} +function kill_all () { + pkill -SIGKILL -g ${PGROUP} + kill -s SIGKILL ${KARAF} +} + +su -c "/opt/brooklyn/bin/karaf server >> /dev/null 2>&1" brooklyn & KARAF=$! +sleep 1 # gives time for process structure to be established +PGROUP=$(pgrep -P $KARAF) +wait diff --git a/karaf/apache-brooklyn/src/main/resources/bin/setenv b/karaf/apache-brooklyn/src/main/resources/bin/setenv index 9a109fdec9..88cbc6a751 100644 --- a/karaf/apache-brooklyn/src/main/resources/bin/setenv +++ b/karaf/apache-brooklyn/src/main/resources/bin/setenv @@ -75,6 +75,10 @@ if [ "x$JAVA" = "x" ]; then fi fi +if [ -z "${BROOKLYN_PERSISTENCE_DIR}" ] ; then + export BROOKLYN_PERSISTENCE_DIR="~/.brooklyn/brooklyn-persisted-state" +fi + # force resolution of localhost to be loopback export EXTRA_JAVA_OPTS="-Dbrooklyn.location.localhost.address=127.0.0.1 ${EXTRA_JAVA_OPTS}" @@ -83,3 +87,6 @@ export EXTRA_JAVA_OPTS="-XX:SoftRefLRUPolicyMSPerMB=1 ${EXTRA_JAVA_OPTS}" # Set the TLS protocol versions export EXTRA_JAVA_OPTS="-Dhttps.protocols=TLSv1.1,TLSv1.2 ${EXTRA_JAVA_OPTS}" + +# Set the persistence directory +export EXTRA_JAVA_OPTS="-Dbrooklyn.persistence.dir=${BROOKLYN_PERSISTENCE_DIR} ${EXTRA_JAVA_OPTS}" diff --git a/karaf/config/src/main/resources/org.apache.brooklyn.osgilauncher.cfg b/karaf/config/src/main/resources/org.apache.brooklyn.osgilauncher.cfg index 84b750cafb..6f80460a56 100644 --- a/karaf/config/src/main/resources/org.apache.brooklyn.osgilauncher.cfg +++ b/karaf/config/src/main/resources/org.apache.brooklyn.osgilauncher.cfg @@ -58,7 +58,7 @@ default.catalog.location=${karaf.etc}/default.catalog.bom #persistMode=AUTO # The directory to read/write persisted state (or container name if using an object store) -#persistenceDir= +persistenceDir=${brooklyn.persistence.dir} # The location spec for an object store to read/write persisted state #persistenceLocation= diff --git a/rpm-packaging/pom.xml b/rpm-packaging/pom.xml index b2b7075e47..b81655533f 100644 --- a/rpm-packaging/pom.xml +++ b/rpm-packaging/pom.xml @@ -26,6 +26,14 @@ Brooklyn RPM Package for Centos 7 and RHEL 7 operating systems + + 740 + 740 + 740 + 740 + 664 + + org.apache.brooklyn brooklyn-dist-root @@ -36,8 +44,9 @@ org.apache.brooklyn - brooklyn-dist + apache-brooklyn ${project.version} + zip org.apache.brooklyn @@ -58,23 +67,22 @@ unpack - - - org.apache.brooklyn - brooklyn-dist - ${project.version} - dist - tar.gz - ${project.build.directory}/deps - - - org.apache.brooklyn - shared-packaging - ${project.version} - jar - ${project.build.directory}/deps/shared-packaging - - + + + org.apache.brooklyn + apache-brooklyn + ${project.version} + zip + ${project.build.directory}/deps + + + org.apache.brooklyn + shared-packaging + ${project.version} + jar + ${project.build.directory}/deps/shared-packaging + + @@ -97,66 +105,90 @@ Applications/Internet noarch + noarch Linux - java + java-1.8.0 _binaries_in_noarch_packages_terminate_build 0 - 755 - 644 + ${brooklyn.directory.permission.default} + ${brooklyn.file.permission.default} brooklyn brooklyn - /etc/brooklyn - true + /opt/brooklyn-${project.version} - /etc/brooklyn - true - 600 - brooklyn - brooklyn + /opt/brooklyn-${project.version}/bin + ${brooklyn.file.permission.bin} - ${project.build.directory}/deps/shared-packaging/conf/brooklyn.conf + ${project.build.directory}/deps/apache-brooklyn-${project.version}/bin - /etc/brooklyn - true + /opt/brooklyn-${project.version}/catalog - ${project.build.directory}/deps/shared-packaging/conf/logback.xml + ${project.build.directory}/deps/apache-brooklyn-${project.version}/catalog - /opt/brooklyn + /opt/brooklyn-${project.version}/data + true + true - ${project.build.directory}/deps/brooklyn-dist-${project.version} + ${project.build.directory}/deps/apache-brooklyn-${project.version}/data - /var/lib/brooklyn - true + /opt/brooklyn-${project.version}/data/log - /var/log/brooklyn - true - 700 - brooklyn - brooklyn + /opt/brooklyn-${project.version}/deploy + + + ${project.build.directory}/deps/apache-brooklyn-${project.version}/deploy + + - /etc/systemd/system/multi-user.target.wants + /etc/brooklyn + noreplace + ${brooklyn.file.permission.default} + + + ${project.build.directory}/deps/apache-brooklyn-${project.version}/etc + + + + + /opt/brooklyn-${project.version}/lib + + + ${project.build.directory}/deps/apache-brooklyn-${project.version}/lib + + + + + /opt/brooklyn-${project.version}/system + + + ${project.build.directory}/deps/apache-brooklyn-${project.version}/system + + + + + /lib/systemd/system false - 644 + ${brooklyn.file.permission.global} root root @@ -168,7 +200,7 @@ /etc/init false - 644 + ${brooklyn.file.permission.global} root root @@ -177,6 +209,48 @@ + + /etc/systemd/system/multi-user.target.wants + false + ${brooklyn.file.permission.global} + root + root + + + ${project.build.directory}/deps/shared-packaging/service/systemd + + + + + /var/lib/brooklyn + ${brooklyn.file.permission.default} + + + /opt/brooklyn + + + /opt/brooklyn-${project.version} + + + + + /var/log/brooklyn + + + /opt/brooklyn-${project.version}/data/log + + + + + + + /opt/brooklyn-${project.version}/etc + + + /etc/brooklyn + + + ${basedir}/rpm/preinstall.sh diff --git a/rpm-packaging/rpm/postinstall.sh b/rpm-packaging/rpm/postinstall.sh index 4782a23914..13abadd6de 100644 --- a/rpm-packaging/rpm/postinstall.sh +++ b/rpm-packaging/rpm/postinstall.sh @@ -19,7 +19,4 @@ if which systemctl >> /dev/null 2>&1; then systemctl daemon-reload - systemctl start brooklyn.service -else - initctl start brooklyn fi diff --git a/rpm-packaging/rpm/preinstall.sh b/rpm-packaging/rpm/preinstall.sh index 666327fe5d..7da5acf293 100644 --- a/rpm-packaging/rpm/preinstall.sh +++ b/rpm-packaging/rpm/preinstall.sh @@ -19,3 +19,13 @@ getent group brooklyn || groupadd -r brooklyn getent passwd brooklyn || useradd -r -g brooklyn -d /opt/brooklyn -s /sbin/nologin brooklyn +# Remove the symbolic link "/opt/brooklyn" if exists (means that we are upgrading brooklyn) +BROOKLYN_ROOT=/opt/brooklyn +if [[ -L $BROOKLYN_ROOT && -d $BROOKLYN_ROOT ]]; then + rm -f $BROOKLYN_ROOT +fi +# Remove the symbolic link "/var/log/brooklyn" if exists (means that we are upgrading brooklyn) +BROOKLYN_LOG=/var/log/brooklyn +if [[ -L $BROOKLYN_LOG && -d $BROOKLYN_LOG ]]; then + rm -f $BROOKLYN_LOG +fi diff --git a/shared-packaging/src/main/resources/service/systemd/brooklyn.service b/shared-packaging/src/main/resources/service/systemd/brooklyn.service index 52dd3b6b34..ef861bdf5a 100644 --- a/shared-packaging/src/main/resources/service/systemd/brooklyn.service +++ b/shared-packaging/src/main/resources/service/systemd/brooklyn.service @@ -22,12 +22,16 @@ Documentation=https://brooklyn.apache.org/documentation/index.html [Service] Type=simple WorkingDirectory=/opt/brooklyn/ -Environment="JAVA_OPTS=-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Dlogback.configurationFile=/etc/brooklyn/logback.xml -Xms256m -Xmx1g" -Environment="CLASSPATH=/opt/brooklyn/conf:/opt/brooklyn/lib/patch/*:/opt/brooklyn/lib/brooklyn/*:/opt/brooklyn/lib/dropins/*" -ExecStart=/usr/bin/java $JAVA_OPTS -cp "$CLASSPATH" org.apache.brooklyn.cli.Main launch --noGlobalBrooklynProperties --localBrooklynProperties /etc/brooklyn/brooklyn.conf --persist auto +Environment="EXTRA_JAVA_OPTS=-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Xms256m -Xmx1g" +Environment="KARAF_HOME=/opt/brooklyn" +Environment="KARAF_ETC=/etc/brooklyn" +Environment="KARAF_REDIRECT=/dev/null" +Environment="BROOKLYN_PERSISTENCE_DIR=/var/lib/brooklyn" +ExecStart=/opt/brooklyn/bin/karaf server >> "$KARAF_REDIRECT" 2>&1 Restart=always User=brooklyn Group=brooklyn +UMask=0066 [Install] WantedBy=multi-user.target diff --git a/shared-packaging/src/main/resources/service/upstart/rpm/brooklyn.conf b/shared-packaging/src/main/resources/service/upstart/rpm/brooklyn.conf index 804e0cdb49..1af0674f28 100644 --- a/shared-packaging/src/main/resources/service/upstart/rpm/brooklyn.conf +++ b/shared-packaging/src/main/resources/service/upstart/rpm/brooklyn.conf @@ -22,6 +22,7 @@ start on runlevel [23] stop on runlevel [016] respawn respawn limit 5 10 +umask 0066 console output @@ -30,13 +31,14 @@ pre-start script end script script - BROOKLYN_HOME="/opt/brooklyn/" - JAVA_OPTS="-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Dlogback.configurationFile=/etc/brooklyn/logback.xml -Xms256m -Xmx1g" - CLASSPATH="/opt/brooklyn/conf:/opt/brooklyn/lib/patch/*:/opt/brooklyn/lib/brooklyn/*:/opt/brooklyn/lib/dropins/*" - export BROOKLYN_HOME - # Upstart is too old on CentOS 6, at least v1.4 required to use setuid, setgid. + EXTRA_JAVA_OPTS="-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Xms256m -Xmx1g" + KARAF_HOME="/opt/brooklyn/" + KARAF_ETC="/etc/brooklyn/" + KARAF_REDIRECT=/dev/null + BROOKLYN_PERSISTENCE_DIR="/var/lib/brooklyn" + export EXTRA_JAVA_OPTS KARAF_REDIRECT KARAF_HOME KARAF_ETC BROOKLYN_PERSISTENCE_DIR chsh -s /bin/bash brooklyn - exec su -c "java ${JAVA_OPTS} -cp $CLASSPATH org.apache.brooklyn.cli.Main launch --noGlobalBrooklynProperties --localBrooklynProperties /etc/brooklyn/brooklyn.conf --persist auto" brooklyn + exec /opt/brooklyn/bin/runbrooklyn >> "$KARAF_REDIRECT" 2>&1 end script pre-stop script diff --git a/shared-packaging/src/test/yaml/package-apps.yaml b/shared-packaging/src/test/yaml/package-apps.yaml index de4420c0a3..bda0c515ae 100644 --- a/shared-packaging/src/test/yaml/package-apps.yaml +++ b/shared-packaging/src/test/yaml/package-apps.yaml @@ -51,7 +51,7 @@ services: # privateKeyFile: ~/.ssh/ user: vagrant brooklyn.config: - package.file: ~/.m2/repository/org/apache/brooklyn/rpm-packaging/0.12.0-SNAPSHOT/rpm-packaging-0.12.0-SNAPSHOT.rpm # BROOKLYN_VERSION + package.file: ~/.m2/repository/org/apache/brooklyn/rpm-packaging/0.12.0-SNAPSHOT/rpm-packaging-0.12.0-SNAPSHOT-noarch.rpm # BROOKLYN_VERSION --- @@ -64,6 +64,6 @@ services: # privateKeyFile: ~/.ssh/ user: vagrant brooklyn.config: - package.file: ~/.m2/repository/org/apache/brooklyn/rpm-packaging/0.12.0-SNAPSHOT/rpm-packaging-0.12.0-SNAPSHOT.rpm # BROOKLYN_VERSION + package.file: ~/.m2/repository/org/apache/brooklyn/rpm-packaging/0.12.0-SNAPSHOT/rpm-packaging-0.12.0-SNAPSHOT-noarch.rpm # BROOKLYN_VERSION diff --git a/shared-packaging/src/test/yaml/package.bom b/shared-packaging/src/test/yaml/package.bom index c17cb2cbad..bc1780db05 100644 --- a/shared-packaging/src/test/yaml/package.bom +++ b/shared-packaging/src/test/yaml/package.bom @@ -79,8 +79,8 @@ brooklyn.catalog: sudo iptables -I INPUT -p tcp -m tcp --dport 8081 -j ACCEPT sudo service iptables save fi - sudo yum -y install java-1.7.0-openjdk.x86_64 sudo yum -y install brooklyn-package.rpm + sudo systemctl start brooklyn - id: yum-upstart-brooklyn item: @@ -95,9 +95,8 @@ brooklyn.catalog: sudo iptables -I INPUT -p tcp -m tcp --dport 8081 -j ACCEPT sudo service iptables save fi - sudo yum -y install java-1.7.0-openjdk.x86_64 sudo yum -y install brooklyn-package.rpm - + sudo initctl start brooklyn ### Tests ### - id: test-is-up @@ -119,7 +118,7 @@ brooklyn.catalog: type: org.apache.brooklyn.test.framework.SimpleShellCommandTest name: Check process has started # The brackets prevent grep from matching its own process - command: ps ax | grep "[o]rg.apache.brooklyn.cli.Main" + command: ps ax | grep "[/]opt/brooklyn/bin/karaf" assertStatus: equals: 0 assertOut: @@ -131,7 +130,7 @@ brooklyn.catalog: type: org.apache.brooklyn.test.framework.SimpleShellCommandTest name: Check process is not started # The brackets prevent grep from matching its own process - command: ps ax | grep "[o]rg.apache.brooklyn.cli.Main" + command: ps ax | grep "[/]opt/brooklyn/bin/karaf" assertStatus: equals: 1 assertOut: @@ -143,7 +142,7 @@ brooklyn.catalog: type: org.apache.brooklyn.test.framework.SimpleShellCommandTest name: Check user the process is running under # The brackets prevent grep from matching its own process - command: ps -fu brooklyn | grep "[o]rg.apache.brooklyn.cli.Main" + command: ps -fu brooklyn | grep "[/]opt/brooklyn/bin/karaf" assertStatus: equals: 0 assertOut: @@ -166,24 +165,25 @@ brooklyn.catalog: type: org.apache.brooklyn.test.framework.SimpleShellCommandTest name: Check paths permissions command: | - [ "$(stat -c "%A %U %G" /opt/brooklyn)" = "drwxr-xr-x brooklyn brooklyn" ] && \ - [ "$(stat -c "%A %U %G" /var/lib/brooklyn)" = "drwxr-xr-x brooklyn brooklyn" ] && \ - [ "$(stat -c "%A %U %G" /var/log/brooklyn)" = "drwx------ brooklyn brooklyn" ] && \ - [ "$(stat -c "%A %U %G" /etc/systemd/system/multi-user.target.wants)" = "drwxr-xr-x root root" ] && \ - [ "$(sudo stat -c "%A %U %G" /etc/systemd/system/multi-user.target.wants/brooklyn.service)" = "-rw-r--r-- root root" ] && \ - [ "$(stat -c "%A %U %G" /etc/init)" = "drwxr-xr-x root root" ] && \ - [ "$(stat -c "%A %U %G" /etc/init/brooklyn.conf)" = "-rw-r--r-- root root" ] && \ - [ "$(stat -c "%A %U %G" /etc/brooklyn)" = "drwxr-xr-x brooklyn brooklyn" ] && \ - [ "$(sudo stat -c "%A %U %G" /etc/brooklyn/brooklyn.conf)" = "-rw------- brooklyn brooklyn" ] && \ - [ "$(stat -c "%A %U %G" /etc/brooklyn/logback.xml)" = "-rw-r--r-- brooklyn brooklyn" ] && \ - ! find /opt/brooklyn | xargs stat -c "%A %U %G" | grep -v "drwxr-xr-x brooklyn brooklyn\|-rw-r--r-- brooklyn brooklyn" + BROOKLYN_DIRECTORIES="/opt/brooklyn/ /etc/brooklyn/ /var/lib/brooklyn/ /var/log/brooklyn/" + [ "$(sudo stat -c "%A %U %G" /opt/brooklyn)" = "lrwxrwxrwx brooklyn brooklyn" ] + [ "$(sudo stat -c "%A %U %G" /etc/init)" = "drwxr-xr-x root root" ] + [ "$(sudo stat -c "%A %U %G" /lib/systemd/system/)" = "drwxr-xr-x root root" ] + [ "$(sudo stat -c "%A %U %G" /etc/init/brooklyn.conf)" = "-rw-rw-r-- root root" ] + [ "$(sudo stat -c "%A %U %G" /lib/systemd/system/brooklyn.service)" = "-rw-rw-r-- root root" ] + if hash systemctl ; then + [ "$(sudo stat -c "%A %U %G" /etc/systemd/system/multi-user.target.wants/brooklyn.service)" = "-rwxr----- root root" ] + fi + ! sudo ls -d /opt/brooklyn-* | xargs stat -c "%F %a %U %G" | grep -v -E "^directory\s740\sbrooklyn\sbrooklyn$" + ! sudo find ${BROOKLYN_DIRECTORIES} -type f | xargs sudo stat -c "%a %U %G" | grep -v -E "^[6,7][0,4,6][0]\sbrooklyn\sbrooklyn" + ! sudo find ${BROOKLYN_DIRECTORIES} -type d | xargs sudo stat -c "%a %U %G" | grep -v -E "^[6,7][0,1,4][0-1]\sbrooklyn\sbrooklyn" assertStatus: equals: 0 - id: test-log-files-exist item: type: org.apache.brooklyn.test.framework.SimpleShellCommandTest name: Check log files created at expected location - command: sudo ls /var/log/brooklyn/brooklyn.{debug,info}.log | wc -l + command: sudo ls /opt/brooklyn/data/log/brooklyn.{debug,info}.log | wc -l assertOut: equals: "2" - id: test-healthy @@ -228,8 +228,8 @@ brooklyn.catalog: - id: packaging-asserts item: type: org.apache.brooklyn.test.framework.TestCase - targetId: brooklyn brooklyn.config: + targetId: brooklyn timeout: 1m brooklyn.children: - type: test-is-up @@ -262,8 +262,12 @@ brooklyn.catalog: name: 13. Restart machine - type: test-is-not-up name: 14. Check not running while restarting + - type: test-is-up + name: 15. Wait for machine to fully restart + brooklyn.config: + timeout: 10m - type: test-healthy - name: 15. Check healthy + name: 16. Check healthy ### Combined tests with target entity - system specific ### - id: test-yum-upstart-brooklyn item: From c640784c6efd60afc494b776fe2a00a8c06b02a7 Mon Sep 17 00:00:00 2001 From: Thomas Bouron Date: Fri, 8 Sep 2017 15:47:06 +0100 Subject: [PATCH 3/5] Improve DEB package --- deb-packaging/deb/control/control | 2 +- deb-packaging/deb/control/postinst | 3 - deb-packaging/deb/control/preinst | 10 + deb-packaging/pom.xml | 173 +++++++++++++----- .../service/upstart/deb/brooklyn.conf | 13 +- shared-packaging/src/test/yaml/Vagrantfile | 4 +- .../src/test/yaml/package-apps.yaml | 6 +- shared-packaging/src/test/yaml/package.bom | 12 +- 8 files changed, 159 insertions(+), 64 deletions(-) diff --git a/deb-packaging/deb/control/control b/deb-packaging/deb/control/control index a1283d4e71..a3b6e26a55 100644 --- a/deb-packaging/deb/control/control +++ b/deb-packaging/deb/control/control @@ -19,6 +19,6 @@ Version: [[version]] Section: misc Priority: optional Architecture: all -Depends: default-jre-headless (>= 1.7) +Depends: java8-runtime Maintainer: Aleksandr Vasilev Description: Apache Brooklyn is a framework for modeling, monitoring, and managing applications through autonomic blueprints. diff --git a/deb-packaging/deb/control/postinst b/deb-packaging/deb/control/postinst index 20ddb29877..fd786d6b64 100644 --- a/deb-packaging/deb/control/postinst +++ b/deb-packaging/deb/control/postinst @@ -18,7 +18,4 @@ if which systemctl > /dev/null 2>&1; then systemctl daemon-reload - systemctl start brooklyn.service -elif which initctl > /dev/null 2>&1; then - initctl start brooklyn fi diff --git a/deb-packaging/deb/control/preinst b/deb-packaging/deb/control/preinst index 1c613dacc9..4215068bf1 100644 --- a/deb-packaging/deb/control/preinst +++ b/deb-packaging/deb/control/preinst @@ -17,3 +17,13 @@ # under the License. /usr/bin/getent group brooklyn || /usr/sbin/groupadd -r brooklyn /usr/bin/getent passwd brooklyn || /usr/sbin/useradd -r -g brooklyn -d /opt/brooklyn -s /bin/false brooklyn +# Remove the symbolic link "/opt/brooklyn" if exists (means that we are upgrading brooklyn) +BROOKLYN_ROOT=/opt/brooklyn +if [[ -L $BROOKLYN_ROOT && -d $BROOKLYN_ROOT ]]; then + rm -f $BROOKLYN_ROOT +fi +# Remove the symbolic link "/var/log/brooklyn" if exists (means that we are upgrading brooklyn) +BROOKLYN_LOG=/var/log/brooklyn +if [[ -L $BROOKLYN_LOG && -d $BROOKLYN_LOG ]]; then + rm -f $BROOKLYN_LOG +fi \ No newline at end of file diff --git a/deb-packaging/pom.xml b/deb-packaging/pom.xml index a6e5611959..27a9af9a1c 100644 --- a/deb-packaging/pom.xml +++ b/deb-packaging/pom.xml @@ -26,6 +26,14 @@ Brooklyn DEB Package for Debian and Ubuntu operating systems + + 740 + 740 + 740 + 740 + 664 + + org.apache.brooklyn brooklyn-dist-root @@ -36,8 +44,9 @@ org.apache.brooklyn - brooklyn-dist + apache-brooklyn ${project.version} + zip org.apache.brooklyn @@ -58,23 +67,22 @@ unpack - - - org.apache.brooklyn - brooklyn-dist - ${project.version} - dist - tar.gz - ${project.build.directory}/deps - - - org.apache.brooklyn - shared-packaging - ${project.version} - jar - ${project.build.directory}/deps/shared-packaging - - + + + org.apache.brooklyn + apache-brooklyn + ${project.version} + zip + ${project.build.directory}/deps + + + org.apache.brooklyn + shared-packaging + ${project.version} + jar + ${project.build.directory}/deps/shared-packaging + + @@ -92,86 +100,159 @@ false false - ${project.build.directory}/apache-brooklyn_${project.version}_all.deb + + all + ${project.build.directory}/apache-brooklyn-${project.version}-all.deb ${basedir}/deb/control - ${project.build.directory}/deps/brooklyn-dist-${project.version} + ${project.build.directory}/deps/apache-brooklyn-${project.version}/bin directory perm - /opt/brooklyn + /opt/brooklyn-${project.version}/bin brooklyn brooklyn + ${brooklyn.file.permission.bin} - ${project.build.directory}/deps/shared-packaging/service/upstart/deb/brooklyn.conf - file + ${project.build.directory}/deps/apache-brooklyn-${project.version}/catalog + directory perm - /etc/init - 644 + /opt/brooklyn-${project.version}/catalog + brooklyn + brooklyn + ${brooklyn.file.permission.default} - - ${project.build.directory}/deps/shared-packaging/service/systemd/brooklyn.service - file + ${project.build.directory}/deps/apache-brooklyn-${project.version}/data + directory perm - /etc/systemd/system/multi-user.target.wants - 644 + /opt/brooklyn-${project.version}/data + brooklyn + brooklyn + ${brooklyn.file.permission.default} + + + + ${project.build.directory}/deps/apache-brooklyn-${project.version}/deploy + directory + + perm + /opt/brooklyn-${project.version}/deploy + brooklyn + brooklyn + ${brooklyn.file.permission.default} + + + + ${project.build.directory}/deps/apache-brooklyn-${project.version}/etc + directory + true + + perm + /etc/brooklyn + brooklyn + brooklyn + ${brooklyn.file.permission.default} + + + + ${project.build.directory}/deps/apache-brooklyn-${project.version}/lib + directory + + perm + /opt/brooklyn-${project.version}/lib + brooklyn + brooklyn + ${brooklyn.file.permission.default} + + + + ${project.build.directory}/deps/apache-brooklyn-${project.version}/system + directory + + perm + /opt/brooklyn-${project.version}/system + brooklyn + brooklyn + ${brooklyn.file.permission.default} template - etc/brooklyn - var/lib/brooklyn + /opt/brooklyn-${project.version}/data/log perm brooklyn brooklyn + ${brooklyn.file.permission.default} template - var/log/brooklyn + /var/lib/brooklyn perm brooklyn brooklyn - 700 + ${brooklyn.file.permission.default} - ${project.build.directory}/deps/shared-packaging/conf/brooklyn.conf + ${project.build.directory}/deps/shared-packaging/service/upstart/deb/brooklyn.conf file - true perm - /etc/brooklyn - brooklyn - brooklyn - 600 + /etc/init + ${brooklyn.file.permission.global} - ${project.build.directory}/deps/shared-packaging/conf/logback.xml + ${project.build.directory}/deps/shared-packaging/service/systemd/brooklyn.service file - true perm - /etc/brooklyn - brooklyn - brooklyn - 644 + /lib/systemd/system + ${brooklyn.file.permission.global} + + + + + ${project.build.directory}/deps/shared-packaging/service/systemd/brooklyn.service + file + + perm + /etc/systemd/system/multi-user.target.wants + ${brooklyn.file.permission.global} + + link + /opt/brooklyn + /opt/brooklyn-${project.version} + true + + + link + /opt/brooklyn-${project.version}/etc + /etc/brooklyn + true + + + link + /var/log/brooklyn + /opt/brooklyn-${project.version}/data/log + true + diff --git a/shared-packaging/src/main/resources/service/upstart/deb/brooklyn.conf b/shared-packaging/src/main/resources/service/upstart/deb/brooklyn.conf index 931fffd8ff..c62a98ec78 100644 --- a/shared-packaging/src/main/resources/service/upstart/deb/brooklyn.conf +++ b/shared-packaging/src/main/resources/service/upstart/deb/brooklyn.conf @@ -22,6 +22,7 @@ start on started networking stop on runlevel [016] respawn respawn limit 5 10 +umask 0066 setuid brooklyn setgid brooklyn @@ -33,11 +34,13 @@ pre-start script end script script - BROOKLYN_HOME="/opt/brooklyn/" - JAVA_OPTS="-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Dlogback.configurationFile=/etc/brooklyn/logback.xml -Xms256m -Xmx1g" - CLASSPATH="/opt/brooklyn/conf:/opt/brooklyn/lib/patch/*:/opt/brooklyn/lib/brooklyn/*:/opt/brooklyn/lib/dropins/*" - export BROOKLYN_HOME - exec java ${JAVA_OPTS} -cp "${CLASSPATH}" org.apache.brooklyn.cli.Main launch --noGlobalBrooklynProperties --localBrooklynProperties /etc/brooklyn/brooklyn.conf --persist auto + EXTRA_JAVA_OPTS="-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Xms256m -Xmx1g" + KARAF_HOME="/opt/brooklyn/" + KARAF_ETC="/etc/brooklyn/" + KARAF_REDIRECT=/dev/null + BROOKLYN_PERSISTENCE_DIR="/var/lib/brooklyn" + export EXTRA_JAVA_OPTS KARAF_REDIRECT KARAF_HOME KARAF_ETC BROOKLYN_PERSISTENCE_DIR + exec /opt/brooklyn/bin/karaf server >> "$KARAF_REDIRECT" 2>&1 end script pre-stop script diff --git a/shared-packaging/src/test/yaml/Vagrantfile b/shared-packaging/src/test/yaml/Vagrantfile index 9855aff98b..3e561bdb2c 100644 --- a/shared-packaging/src/test/yaml/Vagrantfile +++ b/shared-packaging/src/test/yaml/Vagrantfile @@ -33,8 +33,10 @@ Vagrant.configure(2) do |config| config.vm.provision "shell", name:"set key permissions", privileged:false, inline: "chmod 400 ~/.ssh/authorized_keys" config.vm.define "apt-systemd" do |config| - config.vm.box = "ubuntu/wily64" + config.vm.box = "ubuntu/xenial64" config.vm.network "private_network", ip: "172.28.128.3" + config.ssh.insert_key = true + config.ssh.forward_agent = true end config.vm.define "apt-upstart" do |config| config.vm.box = "ubuntu/trusty64" diff --git a/shared-packaging/src/test/yaml/package-apps.yaml b/shared-packaging/src/test/yaml/package-apps.yaml index bda0c515ae..0900dd78b0 100644 --- a/shared-packaging/src/test/yaml/package-apps.yaml +++ b/shared-packaging/src/test/yaml/package-apps.yaml @@ -23,9 +23,9 @@ services: byon: hosts: ["172.28.128.3"] # privateKeyFile: ~/.ssh/ - user: vagrant + user: ubuntu brooklyn.config: - package.file: ~/.m2/repository/org/apache/brooklyn/deb-packaging/0.12.0-SNAPSHOT/deb-packaging-0.12.0-SNAPSHOT.deb # BROOKLYN_VERSION + package.file: ~/.m2/repository/org/apache/brooklyn/deb-packaging/0.12.0-SNAPSHOT/deb-packaging-0.12.0-SNAPSHOT-all.deb # BROOKLYN_VERSION --- @@ -38,7 +38,7 @@ services: # privateKeyFile: ~/.ssh/ user: vagrant brooklyn.config: - package.file: ~/.m2/repository/org/apache/brooklyn/deb-packaging/0.12.0-SNAPSHOT/deb-packaging-0.12.0-SNAPSHOT.deb # BROOKLYN_VERSION + package.file: ~/.m2/repository/org/apache/brooklyn/deb-packaging/0.12.0-SNAPSHOT/deb-packaging-0.12.0-SNAPSHOT-all.deb # BROOKLYN_VERSION --- diff --git a/shared-packaging/src/test/yaml/package.bom b/shared-packaging/src/test/yaml/package.bom index bc1780db05..ba5615a25c 100644 --- a/shared-packaging/src/test/yaml/package.bom +++ b/shared-packaging/src/test/yaml/package.bom @@ -53,6 +53,7 @@ brooklyn.catalog: sudo apt-get update sudo apt-get install -y default-jre-headless sudo dpkg -i brooklyn-package.deb + sudo systemctl start brooklyn - id: apt-upstart-brooklyn item: @@ -65,6 +66,7 @@ brooklyn.catalog: sudo apt-get update sudo apt-get install -y default-jre-headless sudo dpkg -i brooklyn-package.deb + sudo initctl start brooklyn - id: yum-systemd-brooklyn item: @@ -166,17 +168,17 @@ brooklyn.catalog: name: Check paths permissions command: | BROOKLYN_DIRECTORIES="/opt/brooklyn/ /etc/brooklyn/ /var/lib/brooklyn/ /var/log/brooklyn/" - [ "$(sudo stat -c "%A %U %G" /opt/brooklyn)" = "lrwxrwxrwx brooklyn brooklyn" ] + [ "$(sudo stat -c "%A" /opt/brooklyn)" = "lrwxrwxrwx" ] [ "$(sudo stat -c "%A %U %G" /etc/init)" = "drwxr-xr-x root root" ] [ "$(sudo stat -c "%A %U %G" /lib/systemd/system/)" = "drwxr-xr-x root root" ] [ "$(sudo stat -c "%A %U %G" /etc/init/brooklyn.conf)" = "-rw-rw-r-- root root" ] [ "$(sudo stat -c "%A %U %G" /lib/systemd/system/brooklyn.service)" = "-rw-rw-r-- root root" ] if hash systemctl ; then - [ "$(sudo stat -c "%A %U %G" /etc/systemd/system/multi-user.target.wants/brooklyn.service)" = "-rwxr----- root root" ] + [ "$(sudo stat -c "%A %U %G" /etc/systemd/system/multi-user.target.wants/brooklyn.service)" = "-rw-rw-r-- root root" ] fi - ! sudo ls -d /opt/brooklyn-* | xargs stat -c "%F %a %U %G" | grep -v -E "^directory\s740\sbrooklyn\sbrooklyn$" - ! sudo find ${BROOKLYN_DIRECTORIES} -type f | xargs sudo stat -c "%a %U %G" | grep -v -E "^[6,7][0,4,6][0]\sbrooklyn\sbrooklyn" - ! sudo find ${BROOKLYN_DIRECTORIES} -type d | xargs sudo stat -c "%a %U %G" | grep -v -E "^[6,7][0,1,4][0-1]\sbrooklyn\sbrooklyn" + ! sudo ls -d /opt/brooklyn-* | xargs stat -c "%F %a %U %G" | grep -v -E "^directory\s[7][4,5][0,5]\sbrooklyn\sbrooklyn$" + ! sudo find ${BROOKLYN_DIRECTORIES} -type f | xargs sudo stat -c "%a %U %G" | grep -v -E "^[6,7][0,4,6][0]\sbrooklyn\s(brooklyn|wheel)" + ! sudo find ${BROOKLYN_DIRECTORIES} -type d | xargs sudo stat -c "%a %U %G" | grep -v -E "^[6,7][0,1,4,5][0,1,5]\sbrooklyn\s(brooklyn|wheel)" assertStatus: equals: 0 - id: test-log-files-exist From 569f6d176555f9bffcc2eee4d52086d840507f14 Mon Sep 17 00:00:00 2001 From: Thomas Bouron Date: Wed, 13 Sep 2017 14:29:43 +0100 Subject: [PATCH 4/5] Disable auth by default --- .../src/main/filtered-resources/etc/brooklyn.cfg | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/karaf/apache-brooklyn/src/main/filtered-resources/etc/brooklyn.cfg b/karaf/apache-brooklyn/src/main/filtered-resources/etc/brooklyn.cfg index abf8550cb5..12068d054e 100644 --- a/karaf/apache-brooklyn/src/main/filtered-resources/etc/brooklyn.cfg +++ b/karaf/apache-brooklyn/src/main/filtered-resources/etc/brooklyn.cfg @@ -17,8 +17,12 @@ # ################################################################################ -# Web login credentials +# Disabling auth by default. +brooklyn.webconsole.security.provider = org.apache.brooklyn.rest.security.provider.AnyoneSecurityProvider + +# You can enable basic auth by commenting out the line above and uncomment the last 2 lines below +# Web login credentials # Credentials for user 'admin' -brooklyn.webconsole.security.users=admin -brooklyn.webconsole.security.user.admin.password=password +#brooklyn.webconsole.security.users=admin +#brooklyn.webconsole.security.user.admin.password=password From 939dd79b6a2d0a77489552d67f27fb6ef41f6543 Mon Sep 17 00:00:00 2001 From: Thomas Bouron Date: Wed, 13 Sep 2017 14:30:04 +0100 Subject: [PATCH 5/5] Increase -Xmx to 2G --- .../src/main/resources/service/systemd/brooklyn.service | 2 +- .../src/main/resources/service/upstart/deb/brooklyn.conf | 2 +- .../src/main/resources/service/upstart/rpm/brooklyn.conf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/shared-packaging/src/main/resources/service/systemd/brooklyn.service b/shared-packaging/src/main/resources/service/systemd/brooklyn.service index ef861bdf5a..d6510c792a 100644 --- a/shared-packaging/src/main/resources/service/systemd/brooklyn.service +++ b/shared-packaging/src/main/resources/service/systemd/brooklyn.service @@ -22,7 +22,7 @@ Documentation=https://brooklyn.apache.org/documentation/index.html [Service] Type=simple WorkingDirectory=/opt/brooklyn/ -Environment="EXTRA_JAVA_OPTS=-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Xms256m -Xmx1g" +Environment="EXTRA_JAVA_OPTS=-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Xms256m -Xmx2g" Environment="KARAF_HOME=/opt/brooklyn" Environment="KARAF_ETC=/etc/brooklyn" Environment="KARAF_REDIRECT=/dev/null" diff --git a/shared-packaging/src/main/resources/service/upstart/deb/brooklyn.conf b/shared-packaging/src/main/resources/service/upstart/deb/brooklyn.conf index c62a98ec78..6d9f356186 100644 --- a/shared-packaging/src/main/resources/service/upstart/deb/brooklyn.conf +++ b/shared-packaging/src/main/resources/service/upstart/deb/brooklyn.conf @@ -34,7 +34,7 @@ pre-start script end script script - EXTRA_JAVA_OPTS="-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Xms256m -Xmx1g" + EXTRA_JAVA_OPTS="-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Xms256m -Xmx2g" KARAF_HOME="/opt/brooklyn/" KARAF_ETC="/etc/brooklyn/" KARAF_REDIRECT=/dev/null diff --git a/shared-packaging/src/main/resources/service/upstart/rpm/brooklyn.conf b/shared-packaging/src/main/resources/service/upstart/rpm/brooklyn.conf index 1af0674f28..fe1513badc 100644 --- a/shared-packaging/src/main/resources/service/upstart/rpm/brooklyn.conf +++ b/shared-packaging/src/main/resources/service/upstart/rpm/brooklyn.conf @@ -31,7 +31,7 @@ pre-start script end script script - EXTRA_JAVA_OPTS="-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Xms256m -Xmx1g" + EXTRA_JAVA_OPTS="-Dbrooklyn.location.localhost.address=127.0.0.1 -XX:SoftRefLRUPolicyMSPerMB=1 -Xms256m -Xmx2g" KARAF_HOME="/opt/brooklyn/" KARAF_ETC="/etc/brooklyn/" KARAF_REDIRECT=/dev/null