-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Bonita BPM Official Docker image #263
Merged
Merged
Changes from 12 commits
Commits
Show all changes
15 commits
Select commit
Hold shift + click to select a range
80895cf
Add Bonita BPM Official Docker image
JeremJR 443849a
update markdown format
JeremJR e4a39a8
fix markdown format
JeremJR 21a0a67
fix typo
JeremJR a3053fa
explaining how to use the MySQL official container directly
JeremJR bf8dc1f
fix typo
JeremJR 6e71681
explaining how to use the PostgreSQL official container directly
JeremJR 5b14285
update documentation links to 7.0.0 version
JeremJR 6a215bb
Describe environnement variables
JeremJR 6e301dd
add "How to extend this image"
JeremJR 093ead8
add "Where to Store Data" and "Migrate from an earlier version of Bon…
JeremJR f1337fd
fix ident
JeremJR c17e789
fix mistake
JeremJR 27f58c0
rephrase sentences and update the example of migration with 7.0.3
JeremJR b2a7174
simplify pathes
JeremJR File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Bonita BPM is an open-source business process management and workflow suite |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,273 @@ | ||
# What is Bonita BPM? | ||
|
||
Bonita BPM is an open-source business process management and workflow suite created in 2001. It was started in France National Institute for Research in Computer Science, and then had incubated several years inside of the French computer science company Groupe Bull. Since 2009, the development of Bonita is supported by a company dedicated to this activity: Bonitasoft. | ||
|
||
> [wikipedia.org/wiki/Bonita_BPM](http://en.wikipedia.org/wiki/Bonita_BPM) | ||
|
||
![logo](https://github.com/bonitasoft/docker/blob/master/bonita/7.0.0/logo.png?raw=true) | ||
|
||
# How to use this image | ||
|
||
## Quick start | ||
|
||
docker run --name bonita -d -p 8080:8080 bonita | ||
|
||
This will start a container running the [Tomcat Bundle](http://documentation.bonitasoft.com/tomcat-bundle-2) with Bonita BPM Engine + Portal. As you didn't specify any environment variables it's almost like if you have launched the Bundle on your host using startup.{sh|bat} (with security hardening on REST and HTTP APIs, cf Security part). It means that Bonita BPM uses a H2 database here. | ||
|
||
You can access to the portal on http://localhost:8080/bonita and login using the default credentials : install / install | ||
|
||
## Link Bonita BPM to a database | ||
|
||
### MySQL | ||
|
||
We need to [increase the packet size](http://documentation.bonitasoft.com/database-configuration-2#mysqlspec) set by default to 1M : | ||
|
||
mkdir -p ~/Documents/Docker/Volumes/custom_mysql | ||
echo "[mysqld]" > ~/Documents/Docker/Volumes/custom_mysql/bonita.cnf | ||
echo "max_allowed_packet=16M" >> ~/Documents/Docker/Volumes/custom_mysql/bonita.cnf | ||
|
||
Then we can mount that directory location as /etc/mysql/conf.d inside the MySQL container : | ||
|
||
docker run --name mydbmysql -v ~/Documents/Docker/Volumes/custom_mysql/:/etc/mysql/conf.d -e MYSQL_ROOT_PASSWORD=mysecretpassword -d mysql:5.5 | ||
|
||
See the [official MySQL documentation](https://registry.hub.docker.com/_/mysql/) for more details. | ||
|
||
Now we can start our application container like this in order to link it to the MySQL container : | ||
|
||
docker run --name bonita_mysql --link mydbmysql:mysql -d -p 8080:8080 bonita | ||
|
||
### PostgreSQL | ||
|
||
We need to [set max_prepared_transactions to 100](http://documentation.bonitasoft.com/database-configuration-business-data-1) : | ||
|
||
mkdir -p ~/Documents/Docker/Volumes/custom_postgres | ||
echo '#!/bin/bash' > ~/Documents/Docker/Volumes/custom_postgres/bonita.sh | ||
echo 'sed -i "s/^.*max_prepared_transactions\s*=\s*\(.*\)$/max_prepared_transactions = 100/" "$PGDATA"/postgresql.conf' >> ~/Documents/Docker/Volumes/custom_postgres/bonita.sh | ||
chmod +x ~/Documents/Docker/Volumes/custom_postgres/bonita.sh | ||
|
||
Then we can mount that directory location as /docker-entrypoint-initdb.d inside the PostgreSQL container : | ||
|
||
docker run --name mydbpostgres -v ~/Documents/Docker/Volumes/custom_postgres/:/docker-entrypoint-initdb.d -e POSTGRES_PASSWORD=mysecretpassword -d postgres:9.3 | ||
|
||
See the [official PostgreSQL documentation](https://registry.hub.docker.com/_/postgres/) for more details. | ||
|
||
docker run --name bonita_postgres --link mydbpostgres:postgres -d -p 8080:8080 bonita | ||
|
||
## Modify default credentials | ||
|
||
docker run --name=bonita -e "TENANT_LOGIN=tech_user" -e "TENANT_PASSWORD=secret" -e "PLATFORM_LOGIN=pfadmin" -e "PLATFORM_PASSWORD=pfsecret" -d -p 8080:8080 bonita | ||
|
||
If you do so, you can access to the portal on http://localhost:8080/bonita and login using : tech_user / secret | ||
|
||
## Where to Store Data | ||
|
||
Most of the data are stored in database and can be stored outside the Bonita container as described above using PostgreSQL or MySQL container. However some data remains inside the Bonita Bundle. The [Bonita Home](http://documentation.bonitasoft.com/bonita-home-0) is a folder called `bonita` which contains configuration, working, and temporary folders and files. There are also logs file inside the `logs` folder. | ||
|
||
Important note: There are several ways to store data used by applications that run in Docker containers. We encourage users of the `%%REPO%%` images to familiarize themselves with the options available, including: | ||
|
||
- Let Docker manage the storage of your data [by writing the files to disk on the host system using its own internal volume management](https://docs.docker.com/userguide/dockervolumes/#adding-a-data-volume). This is the default and is easy and fairly transparent to the user. The downside is that the files may be hard to locate for tools and applications that run directly on the host system, i.e. outside containers. | ||
- Create a data directory on the host system (outside the container) and [mount this to a directory visible from inside the container](https://docs.docker.com/userguide/dockervolumes/#mount-a-host-directory-as-a-data-volume). This places the database files in a known location on the host system, and makes it easy for tools and applications on the host system to access the files. The downside is that the user needs to make sure that the directory exists, and that e.g. directory permissions and other security mechanisms on the host system are set up correctly. | ||
|
||
The Docker documentation is a good starting point for understanding the different storage options and variations, and there are multiple blogs and forum postings that discuss and give advice in this area. We will simply show the basic procedure here for the latter option above: | ||
|
||
1. Create a data directory on a suitable volume on your host system, e.g. `/my/own/datadir`. | ||
2. Start your `%%REPO%%` container like this: | ||
|
||
docker run --name some-%%REPO%% -v /my/own/datadir:/opt/bonita -d %%REPO%%:tag | ||
|
||
The `-v /my/own/datadir:/opt/bonita` part of the command mounts the `/my/own/datadir` directory from the underlying host system as `/opt/bonita` inside the container, where Bonita by default will deploy its Bundle and write its data files. | ||
|
||
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to the new data directory so that the container will be allowed to access it: | ||
|
||
chcon -Rt svirt_sandbox_file_t /my/own/datadir | ||
|
||
## Migrate from an earlier version of Bonita BPM | ||
|
||
1. First we need to stop the container to perform a backup | ||
|
||
docker stop bonita_7.0.0_postgres | ||
|
||
2. Check where your data are stored | ||
|
||
docker inspect bonita_7.0.0_postgres | grep -A1 '"Volumes"' | ||
"Volumes": { | ||
"/opt/bonita": {} | ||
-- | ||
"Volumes": { | ||
"/opt/bonita": "/home/user/Documents/Docker/Volumes/bonita_7.0.0_postgres" | ||
|
||
3. Copy data from the filesystem | ||
|
||
cp -r ~/Documents/Docker/Volumes/bonita_7.0.0_postgres ~/Documents/Docker/Volumes/bonita_7.0.1_postgres | ||
|
||
4. Retrieve the DB container IP | ||
|
||
docker inspect --format '{{ .NetworkSettings.IPAddress }}' mydbpostgres | ||
172.17.0.26 | ||
|
||
5. Dump the database | ||
|
||
export PGPASSWORD=mysecretpassword | ||
pg_dump -O -x -h 172.17.0.26 -U postgres bonitadb > /tmp/bonitadb.sql | ||
|
||
Note that businessdb won't be updated with the migration tool but you may wan't to also backup/move it. | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. wan't -> want There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. thank you, it's updated |
||
|
||
6. Load the dump | ||
|
||
export PGPASSWORD=mysecretpassword | ||
psql -U postgres -h 172.17.0.26 -d postgres -c "CREATE USER newbonitauser WITH PASSWORD 'newbonitapass';" | ||
psql -U postgres -h 172.17.0.26 -d postgres -c "CREATE DATABASE newbonitadb OWNER newbonitauser;" | ||
export PGPASSWORD=newbonitapass | ||
cat /tmp/bonitadb.sql | psql -U newbonitauser -h 172.17.0.26 newbonitadb | ||
|
||
7. Retrieve the last migration tool and the target version of bonita bundle | ||
|
||
cd ~/Documents/Docker/Volumes/bonita_7.0.1_postgres | ||
wget http://download.forge.ow2.org/bonita/bonita-migration-distrib-2.0.0.zip | ||
wget http://download.forge.ow2.org/bonita/BonitaBPMCommunity-7.0.1-Tomcat-7.0.55.zip | ||
unzip bonita-migration-distrib-2.0.0.zip -d bonita-migration-distrib-2.0.0 | ||
unzip BonitaBPMCommunity-7.0.1-Tomcat-7.0.55.zip | ||
|
||
8. Move previous home into the new bundle | ||
|
||
mv BonitaBPMCommunity-7.0.1-Tomcat-7.0.55/bonita/ BonitaBPMCommunity-7.0.1-Tomcat-7.0.55/bonita.orig | ||
cp -r BonitaBPMCommunity-7.0.0-Tomcat-7.0.55/bonita/ BonitaBPMCommunity-7.0.1-Tomcat-7.0.55/bonita/ | ||
|
||
9. Configure the migration tool | ||
|
||
cd bonita-migration-distrib-2.0.0/ | ||
|
||
add jdbc driver | ||
|
||
cp ../BonitaBPMCommunity-7.0.0-Tomcat-7.0.55/lib/bonita/postgresql-9.3-1102.jdbc41.jar lib/ | ||
|
||
edit the migration tool config to point towards the copy of bonita home and db | ||
|
||
vim Config.properties | ||
|
||
For example : | ||
|
||
bonita.home=/home/user/Documents/Docker/Volumes/bonita_7.0.1_postgres/BonitaBPMCommunity-7.0.1-Tomcat-7.0.55/bonita | ||
# JDBC properties | ||
## Postgres | ||
db.vendor=postgres | ||
db.url=jdbc:postgresql://172.17.0.26:5432/newbonitadb | ||
db.driverClass=org.postgresql.Driver | ||
db.user=newbonitauser | ||
db.password=newbonitapass | ||
|
||
10. Launch the migration : | ||
|
||
./migration.sh | ||
|
||
11. launch the new container pointing towards the copy of DB and filesystem : | ||
|
||
docker run --name=bonita_7.0.1_postgres --link mydbpostgres:postgres -e "DB_NAME=newbonitadb" -e "DB_USER=newbonitauser" -e "DB_PASS=newbonitapass" -v ~/Documents/Docker/Volumes/bonita_7.0.1_postgres:/opt/bonita/ -d -p 8081:8080 bonita:7.0.1 | ||
|
||
For more details regarding Bonita migration, see the [documentation](http://documentation.bonitasoft.com/migrate-earlier-version-bonita-bpm-0). | ||
|
||
## Security | ||
|
||
This docker image ensures to activate by default both static and dynamic authorization checks on REST API. To be coherent it also deactivates the HTTP API. | ||
|
||
- REST API authorization | ||
|
||
- [Static authorization checking](http://documentation.bonitasoft.com/rest-api-authorization-0#static) | ||
|
||
- [Dynamic authorization checking](http://documentation.bonitasoft.com/rest-api-authorization-0#dynamic) | ||
|
||
- [HTTP API](http://documentation.bonitasoft.com/rest-api-authorization-0#activate) | ||
|
||
But for specific needs you can override this behavior by setting HTTP_API to true and REST_API_DYN_AUTH_CHECKS to false : | ||
|
||
docker run -e HTTP_API=true -e REST_API_DYN_AUTH_CHECKS=false --name bonita -d -p 8080:8080 bonita | ||
|
||
## Environnement variables | ||
|
||
When you start the `bonita` image, you can adjust the configuration of the Bonita instance by passing one or more environment variables on the `docker run` command line. | ||
|
||
### `PLATFORM_PASSWORD` | ||
|
||
This environment variable [is recommended](http://documentation.bonitasoft.com/first-steps-after-setup-1#reset_pw) for you to use the Bonita image. This environment variable sets the platform administrator password for Bonita. If it is not specified, then the default password of `platform` will be used. | ||
|
||
### `PLATFORM_LOGIN` | ||
|
||
This optional environment variable is used in conjunction with `PLATFORM_PASSWORD` to define the username for the platform administrator. If it is not specified, then the default user of `platformAdmin` will be used. | ||
|
||
### `TENANT_PASSWORD` | ||
|
||
This environment variable [is recommended](http://documentation.bonitasoft.com/first-steps-after-setup-1#reset_pw) for you to use the Bonita image. This environment variable sets the tenant administrator password for Bonita. If it is not specified, then the default password of `install` will be used. | ||
|
||
### `TENANT_LOGIN` | ||
|
||
This optional environment variable is used in conjunction with `TENANT_PASSWORD` to define the username for the tenant administrator. If it is not specified, then the default user of `install` will be used. | ||
|
||
### `REST_API_DYN_AUTH_CHECKS` | ||
|
||
This optional environment variable is used to enable or not [dynamic authorization checking](http://documentation.bonitasoft.com/rest-api-authorization-0#dynamic) on Bonita REST API. The default value is true`, which will activate dynamic authorization checking. | ||
|
||
### `HTTP_API` | ||
|
||
This optional environment variable is used to enable or not Bonita HTTP API. The default value is `false`, which will deactivate the HTTP API. | ||
|
||
### `JAVA_OPTS` | ||
|
||
This optional environment variable is used to customize JAVA_OPTS. The default value is `-Xms1024m -Xmx1024m -XX:MaxPermSize=256m`. | ||
|
||
### `ENSURE_DB_CHECK_AND_CREATION` | ||
|
||
This optional environment variable is used to allow or not the SQL queries to automatically check and create the databases using the database adminstrator credentials. The default value is `true`. | ||
|
||
### `DB_VENDOR` | ||
|
||
This environment variable is automatically set to `postgres` or `mysql` if the bonita container is linked to a PostgreSQL or MySQL database using `--link`. The default value is `h2`. It can be overrided if you don't use the `--link` capability. | ||
|
||
### `DB_HOST`, `DB_PORT` | ||
|
||
These variables are optional, used in conjunction to configure the `bonita` image to reach the database instance. There are automatically set if `--link` is used to run the container. | ||
|
||
### `DB_NAME`, `DB_USER`, `DB_PASS` | ||
|
||
These variables are used in conjunction to create a new user, set that user's password and create the `bonita` database. | ||
|
||
`DB_NAME` default value is `bonitadb`. | ||
|
||
`DB_USER` default value is `bonitauser`. | ||
|
||
`DB_PASS` default value is `bonitapass`. | ||
|
||
### `BIZ_DB_NAME`, `BIZ_DB_USER`, `BIZ_DB_PASS` | ||
|
||
These variables are used in conjunction to create a new user, set that user's password and create the `bonita` [business database](http://documentation.bonitasoft.com/business-data-model#bdmanddb). | ||
|
||
`BIZ_DB_NAME` default value is `businessdb`. | ||
|
||
`BIZ_DB_USER` default value is `businessuser`. | ||
|
||
`BIZ_DB_PASS` default value is `businesspass`. | ||
|
||
### `DB_ADMIN_USER`, `DB_ADMIN_PASS` | ||
|
||
These variables are optional, used in conjunction to create users and databases through the administrator account used on the database instance. | ||
|
||
`DB_ADMIN_USER` if no value is provided, it's automatically set to `root` with MySQL or `postgres` with PostgreSQL. | ||
|
||
`DB_ADMIN_PASS` if no value is provided, it's automatically set using the value from the container linked : `MYSQL_ENV_MYSQL_ROOT_PASSWORD` or `POSTGRES_ENV_POSTGRES_PASSWORD`. | ||
|
||
# How to extend this image | ||
|
||
If you would like to do additional initialization, you can add a `*.sh` script under `/opt/custom-init.d`. The `startup.sh` file will source any `*.sh` script found in that directory to do further initialization before starting the service. | ||
|
||
For example, you can increase the log level : | ||
|
||
mkdir -p ~/Documents/Docker/Volumes/custom_bonita | ||
echo '#!/bin/bash' > ~/Documents/Docker/Volumes/custom_bonita/bonita.sh | ||
echo 'sed -i "s/^org.bonitasoft.level = WARNING$/org.bonitasoft.level = FINEST/" /opt/bonita/BonitaBPMCommunity-7.0.0-Tomcat-7.0.55/conf/logging.properties' >> ~/Documents/Docker/Volumes/custom_bonita/bonita.sh | ||
chmod +x ~/Documents/Docker/Volumes/custom_bonita/bonita.sh | ||
|
||
docker run --name bonita_custom -v ~/Documents/Docker/Volumes/custom_bonita/:/opt/custom-init.d -d -p 8080:8080 bonita | ||
|
||
Note : there are several ways to check the `bonita` logs, one of them is | ||
|
||
docker exec -ti bonita_custom /bin/bash | ||
tail -f /opt/bonita/BonitaBPMCommunity-7.0.0-Tomcat-7.0.55/logs/bonita.`date +%Y-%m-%d`.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
Bonita BPM image includes two parts : | ||
|
||
- Bonita BPM Engine under [LGPL v2.1](https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html) | ||
|
||
- Bonita BPM Portal under [GPL v2.0](http://www.gnu.org/licenses/old-licenses/gpl-2.0.html) | ||
|
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should probably simplify this local directory in this and previous lines since
~/
may not expand properly. I think justmkdir custom_postgres
and then this run would be-v "$PWD"/custom_postgres/:/docker-entrypoint-initdb.d
. What do you think?Could even skip the
mkdir
and just-v "$PWD"/bonita.sh:/docker-entrypoint-initdb.d/bonita.sh
.