-
Notifications
You must be signed in to change notification settings - Fork 26
/
init_1_conf_glassfish.sh
147 lines (131 loc) · 6.28 KB
/
init_1_conf_glassfish.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
#!/bin/bash
################################################################################
# Configure Glassfish
#
# BEWARE: As this is done for Kubernetes, we will ALWAYS start with a fresh container!
# When moving to Glassfish/Payara 5+ the option commands are idempotent.
# The resources are to be created by the application on deployment,
# once Dataverse has proper refactoring, etc.
# See upstream issue IQSS/dataverse#5292
################################################################################
# Fail on any error
set -e
# Include some sane defaults
. ${SCRIPT_DIR}/default.config
# 0. Start the domain
asadmin start-domain
# 1. Password aliases from secrets
for alias in rserve doi db
do
if [ -f ${SECRETS_DIR}/$alias/password ]; then
cat ${SECRETS_DIR}/$alias/password | sed -e "s#^#AS_ADMIN_ALIASPASSWORD=#" > /tmp/$alias
asadmin create-password-alias --passwordfile /tmp/$alias ${alias}_password_alias
rm /tmp/$alias
else
echo "WARNING: Could not find 'password' secret for ${alias} in ${SECRETS_DIR}. Check your Kubernetes Secrets and their mounting!"
fi
done
# 1b. Create AWS access credentials when storage driver is set to s3
# Find all access keys
if [ -d "${SECRETS_DIR}/s3" ]; then
S3_KEYS=`find "${SECRETS_DIR}/s3" -readable -type f -iname '*access-key'`
S3_CRED_FILE=${HOME_DIR}/.aws/credentials
mkdir -p `dirname "${S3_CRED_FILE}"`
rm -f ${S3_CRED_FILE}
# Iterate keys
while IFS= read -r S3_ACCESS_KEY; do
echo "Loading S3 key ${S3_ACCESS_KEY}"
# Try to find the secret key, parse for profile and add to the credentials file.
S3_PROFILE=`echo "${S3_ACCESS_KEY}" | sed -ne "s#.*/\(.*\)-access-key#\1#p"`
S3_SECRET_KEY=`echo "${S3_ACCESS_KEY}" | sed -ne "s#\(.*/\|.*/.*-\)access-key#\1secret-key#p"`
if [ -r ${S3_SECRET_KEY} ]; then
[ -z "${S3_PROFILE}" ] && echo "[default]" >> "${S3_CRED_FILE}" || echo "[${S3_PROFILE}]" >> "${S3_CRED_FILE}"
cat "${S3_ACCESS_KEY}" | sed -e "s#^#aws_access_key_id = #" -e "s#\$#\n#" >> "${S3_CRED_FILE}"
cat "${S3_SECRET_KEY}" | sed -e "s#^#aws_secret_access_key = #" -e "s#\$#\n#" >> "${S3_CRED_FILE}"
echo "" >> "${S3_CRED_FILE}"
else
echo "ERROR: Could not find or read matching \"$S3_SECRET_KEY\"."
exit 1
fi
done <<< "${S3_KEYS}"
fi
# 2. Domain-spaced resources (JDBC, JMS, ...)
# JMS
echo "Creating JMS resources."
asadmin delete-connector-connection-pool --cascade=true jms/__defaultConnectionFactory-Connection-Pool
asadmin create-connector-connection-pool \
--steadypoolsize 1 \
--maxpoolsize 250 \
--poolresize 2 \
--maxwait 60000 \
--raname jmsra \
--connectiondefinition javax.jms.QueueConnectionFactory \
jms/IngestQueueConnectionFactoryPool
asadmin create-connector-resource \
--poolname jms/IngestQueueConnectionFactoryPool \
--description "ingest connector resource" \
jms/IngestQueueConnectionFactory
asadmin create-admin-object \
--restype javax.jms.Queue \
--raname jmsra \
--description "sample administered object" \
--property Name=DataverseIngest \
jms/DataverseIngest
# JDBC
echo "Creating JDBC resources."
asadmin create-jdbc-connection-pool \
--restype javax.sql.DataSource \
--datasourceclassname org.postgresql.ds.PGPoolingDataSource \
--property create=true:User=${POSTGRES_USER}:PortNumber=${POSTGRES_PORT}:databaseName=${POSTGRES_DATABASE}:ServerName=${POSTGRES_SERVER} \
dvnDbPool
asadmin set resources.jdbc-connection-pool.dvnDbPool.property.password='${ALIAS=db_password_alias}'
asadmin create-jdbc-resource --connectionpoolid dvnDbPool jdbc/VDCNetDS
# JavaMail
echo "Configuring JavaMail."
asadmin create-javamail-resource \
--mailhost "${MAIL_SERVER}" \
--mailuser "dataversenotify" \
--fromaddress "${MAIL_FROMADDRESS}" \
mail/notifyMailSession
echo "Setting miscellaneous configuration options."
# Timer data source
asadmin set configs.config.server-config.ejb-container.ejb-timer-service.timer-datasource=jdbc/VDCNetDS
# AJP connector
asadmin create-network-listener --protocol http-listener-1 --listenerport 8009 --jkenabled true jk-connector
# Disable logging for grizzly SSL problems
asadmin set-log-levels org.glassfish.grizzly.http.server.util.RequestUtils=SEVERE
# COMET support
asadmin set server-config.network-config.protocols.protocol.http-listener-1.http.comet-support-enabled="true"
# SAX parser options
asadmin create-jvm-options "\-Djavax.xml.parsers.SAXParserFactory=com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl"
# Set Max Heap Space (see also https://www.eclipse.org/openj9/docs/xxinitialrampercentage)
asadmin create-jvm-options "\-XX\:+UseContainerSupport:\-Xss${MEM_XSS}:\-XX\:MaxRAMPercentage=${MEM_MAX_RAM_PERCENTAGE}"
# If configured, enable Prometheus JMX agent
# 3. Enable JDWP (debugger)
if [ "x${ENABLE_JMX_EXPORT}" = "x1" ]; then
echo "Enabling Prometheus JMX Exporter Java Agent on port ${JMX_EXPORTER_PORT} and config at ${JMX_EXPORTER_CONFIG}."
asadmin create-jvm-options "\-javaagent\:${HOME}/jmx_exporter_agent.jar=${JMX_EXPORTER_PORT}\:${JMX_EXPORTER_CONFIG}"
fi
# 3. Domain based configuration options
# Set Dataverse environment variables
echo "Setting system properties for Dataverse configuration options:"
env | grep -Ee "^(dataverse|doi)_" | sort -fd
env -0 | grep -z -Ee "^(dataverse|doi)_" | while IFS='=' read -r -d '' k v; do
# transform __ to -
KEY=`echo "${k}" | sed -e "s#__#-#g"`
# transform remaining single _ to .
KEY=`echo "${KEY}" | tr '_' '.'`
# escape colons in values
v=`echo "${v}" | sed -e 's/:/\\\:/g'`
echo "Handling ${KEY}=${v}."
asadmin delete-jvm-options "-D${KEY}"
asadmin create-jvm-options "-D${KEY}=${v}"
done
# 4. Stop the domain again (will be started in foreground later)
asadmin stop-domain
# 5. Symlink the WAR file to autodeploy on real start
ln -s ${HOME_DIR}/dvinstall/dataverse.war ${DOMAIN_DIR}/autodeploy/dataverse.war
# 6. Symlink the jHove configuration
ln -s ${HOME_DIR}/dvinstall/jhove.conf ${DOMAIN_DIR}/config/jhove.conf
ln -s ${HOME_DIR}/dvinstall/jhoveConfig.xsd ${DOMAIN_DIR}/config/jhoveConfig.xsd
sed -i ${DOMAIN_DIR}/config/jhove.conf -e "s:/usr/local/glassfish4/glassfish/domains/domain1:${DOMAIN_DIR}:g"