Child pages
  • Install the Grouper v2.5 container with maturity level 0 using installer
Skip to end of metadata
Go to start of metadata

 

If you dont have a software that will run a container install it.  Assume linux.  Assume docker.



Get a server and database

Here is an example with AWS, basically for this example you need a Unix-based server (or Mac), and a postgres (recommended), or mysql or oracle database.  Install Docker as well

Here is an example with postgres on docker

Grouper installer will install the container

See which container to user from release notes.  In this case we will do 2.5.19 but you should substitute for latest stable version

Get the installer

[root@ip-172-30-3-127 ~]# yum install java-1.8.0-openjdk
[root@ip-172-30-3-127 ~]# yum install java-1.8.0-openjdk-devel
[root@ip-172-30-3-127 ~]# yum install wget
[root@ip-172-30-3-127 ~]# yum -y install mlocate
[root@ip-172-30-3-127 ~]# updatedb
[root@ip-172-30-3-127 java-1.8.0]# export JAVA_HOME=/usr/lib/jvm/java-1.8.0
[root@ip-172-30-3-127 java-1.8.0]# export PATH=$JAVA_HOME/bin:$PATH
[root@ip-172-30-3-127 java-1.8.0]# java -version
openjdk version "1.8.0_242"
[root@ip-172-30-3-127 ~]# mkdir /opt/grouperInstaller
[root@ip-172-30-3-127 grouperInstaller]# wget https://repo1.maven.org/maven2/edu/internet2/middleware/grouper/grouper-installer/2.5.XX/grouper-installer-2.5.XX.jar

### OPTIONAL ### [root@ip-172-30-3-127 grouperInstaller]# wget https://raw.githubusercontent.com/Internet2/grouper/GROUPER_RELEASE_2.5.XX/grouper-misc/grouper-installer/conf/grouper.installer.example.properties

### OPTIONAL ### [root@ip-172-30-3-127 grouperInstaller]# touch grouper.installer.properties

[root@ip-172-30-3-127 grouperInstaller]# java -jar grouper-installer-2.5.XX.jar 
Non-fatal ERROR: you should have the environment variable JAVA_HOME set to a 1.7+ JDK (currently not set)
WARNING: JAVA_HOME or Java path errors may cause issues when running external commands - these should be fixed before continuing.
Press <enter> to continue... 
Do you want to install ('installContainer') a new grouper container , 'upgrade' an existing installation,
  'patch' an existing installation, 'admin' utilities, 'buildContainer', 'installContainer', or 'createPatch' for Grouper developers
  (enter: 'installContainer', 'upgrade', 'patch', 'admin', 'createPatch', 'buildContainer', or blank for the default) [installContainer]: 
Where do you want your host grouper container base directory (e.g. /opt/grouperContainer)? [/opt/grouperInstaller]: 
Using shell command: bash
We detected docker is installed at: /usr/bin/docker

Is the path above correct? (t|f) [t]: 
Going to check if docker is running. 
docker is running. 
Client:
 Debug Mode: false

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 5
 Server Version: 19.03.8
 Storage Driver: overlay2
  Backing Filesystem: <unknown>
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 894b81a4b802e4eb2a91d1ce216b8817763c29fb
 runc version: 425e105d5a03fabd737a126ad93d62a9eeede87f
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 4.18.0-80.4.2.el8_0.x86_64
 Operating System: Red Hat Enterprise Linux 8.0 (Ootpa)
 OSType: linux
 Architecture: x86_64
 CPUs: 2
 Total Memory: 3.691GiB
 Name: ip-172-30-3-152.ec2.internal
 ID: XZXV:JHFI:P6JW:QPNW:OBYN:WHDC:X434:RKBM:DEVQ:QC4H:RWF6:RNYG
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false


Going to check if gsh, ws, grouper, or ui containers already exist.
No conflicting containers found. 
Going to pull grouper docker image: i2incommon/grouper:2.5.20
...
2.5.20: Pulling from i2incommon/grouper
8ba884070f61: Already exists
c0cad5d16e5b: Already exists
d7505336a19d: Already exists
b5ce0977c22d: Already exists
335fdbe335b3: Already exists
5371dcea8d71: Already exists
8ad3d60f115a: Already exists
b6af259850af: Already exists
e4486a938308: Already exists
60fc957653a3: Already exists
37b112776dc0: Already exists
73cb01c9f525: Already exists
713a4f4d388e: Already exists
86dfd00a7162: Already exists
19e615be92e8: Already exists
79bf91ee472d: Already exists
43f08cd48f53: Pulling fs layer
04f950133405: Pulling fs layer
d79aef79ca48: Pulling fs layer
7434bc51d8f3: Pulling fs layer
7dcd5c2aa455: Pulling fs layer
281018524ca6: Pulling fs layer
79c615610f2b: Pulling fs layer
78d2382556c1: Pulling fs layer
7e21c3cda8d3: Pulling fs layer
59f90055f58b: Pulling fs layer
3cf8ff23a0c0: Pulling fs layer
79c615610f2b: Waiting
78d2382556c1: Waiting
7e21c3cda8d3: Waiting
59f90055f58b: Waiting
3cf8ff23a0c0: Waiting
7434bc51d8f3: Waiting
7dcd5c2aa455: Waiting
281018524ca6: Waiting
43f08cd48f53: Pull complete
7434bc51d8f3: Verifying Checksum
7434bc51d8f3: Download complete
d79aef79ca48: Download complete
04f950133405: Verifying Checksum
04f950133405: Download complete
79c615610f2b: Verifying Checksum
79c615610f2b: Download complete
78d2382556c1: Verifying Checksum
78d2382556c1: Download complete
7e21c3cda8d3: Verifying Checksum
7e21c3cda8d3: Download complete
59f90055f58b: Verifying Checksum
59f90055f58b: Download complete
3cf8ff23a0c0: Verifying Checksum
3cf8ff23a0c0: Download complete
7dcd5c2aa455: Verifying Checksum
7dcd5c2aa455: Download complete
281018524ca6: Verifying Checksum
281018524ca6: Download complete
04f950133405: Pull complete
d79aef79ca48: Pull complete
7434bc51d8f3: Pull complete
7dcd5c2aa455: Pull complete
281018524ca6: Pull complete
79c615610f2b: Pull complete
78d2382556c1: Pull complete
7e21c3cda8d3: Pull complete
59f90055f58b: Pull complete
3cf8ff23a0c0: Pull complete
Digest: sha256:e1e8579cb6167f4efb1d31a1b358877bc12c42a7563c5c8733b026dc8deab6ef
Status: Downloaded newer image for i2incommon/grouper:2.5.20
docker.io/i2incommon/grouper:2.5.20

Do you want to use the randomly generated morphString key? (CRGvUNFkXjvOYI6oqJpg) (t|f) [t]: 
 - added to end of property file: encrypt.key = CRGvUNFkXjvOYI6oqJpg
Going to create grouper.hibernate.properties file in /opt/grouperInstaller/conf
Database setup
##################################

Example mysql URL: jdbc:mysql://localhost:3306/grouper
Example oracle URL: jdbc:oracle:thin:@server.school.edu:1521:sid
Example postgres URL: jdbc:postgresql://localhost:5432/database

Enter the database URL: jdbc:mysql://database-1.cstlzkqw179p.us-east-1.rds.amazonaws.com:3306/grouper_v2_5b?useSSL=false
Database user: grouper_v2_5b
Database password (note, you aren't setting the pass here, you are using an existing pass, this will be echoed back) [<blank>]: grouper_v2_5b1
 - added to end of property file: hibernate.connection.url = jdbc:mysql://database-1.cstlzkqw179p.us-east-1.rds.amazonaws.com:3306/grouper_v2_5b?useSSL=false
 - added to end of property file: hibernate.connection.username = grouper_v2_5b
 - added to end of property file: hibernate.connection.password = tawbPaS0eoCvGoyAKfuYgA==
 - added to end of property file: grouper.is.ui.basicAuthn = true
 - added to end of property file: grouper.is.ws.basicAuthn = true
 - added to end of property file: grouper.is.scim.basicAuthn = true
Do you want to init the database and auto-upgrade for subsequent containers of the same major and minor version of Grouper (t|f)? [t] 
 - added to end of property file: registry.auto.ddl.upToVersion = 2.5.*
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
docker database initialization logs are at: /opt/grouperInstaller/docker_logs_init_db_Wed_Apr_08_17:56:46_UTC_2020.log
From the logs: Script was executed successfully
Press any key to continue. 
First 25 lines of logs are below: 
sending incremental file list
opt/grouper/grouperWebapp/WEB-INF/classes/grouper.client.properties
opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties
opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties
opt/grouper/grouperWebapp/WEB-INF/classes/morphString.properties
opt/grouper/grouperWebapp/WEB-INF/classes/subject.properties

sent 6,300 bytes  received 116 bytes  12,832.00 bytes/sec
total size is 5,740  speedup is 0.89
executing /opt/grouper/grouperWebapp/WEB-INF/bin/gsh.sh -registry -check -runscript -noprompt
Detected Grouper directory structure 'webapp' (valid is api, apiMvn, webapp)
Using GROUPER_HOME:           /opt/grouper/grouperWebapp/WEB-INF
Using GROUPER_CONF:           /opt/grouper/grouperWebapp/WEB-INF/classes
Using JAVA:                   /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java
Using CLASSPATH:              /opt/grouper/grouperWebapp/WEB-INF/classes:/opt/grouper/grouperWebapp/WEB-INF/lib/*
using MEMORY:                 64m-750m
Grouper starting up: version: 2.5.20, build date: 2020/04/07 23:55:50 +0000, env: <no label configured>
grouperPatchStatus read from: /opt/grouper/grouperWebapp/WEB-INF/grouperPatchStatus.properties
No patches detected to be installed
grouper.properties read from: /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.properties
Grouper current directory is: /opt/grouper/grouperWebapp/WEB-INF
log4j.properties read from:   /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties
Grouper warning, it is detected that you are logging edu.internet2.middleware.grouper as ERROR and not WARN level.  It is recommended to log at at least WARN level in log4j.properties
Grouper is logging to file:   console, /opt/grouper/logs/grouper.log, at min level ERROR for package: edu.internet2.middleware.grouper, based on log4j.properties
grouper.hibernate.properties: /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties

Removed 'gsh' container successfully. 
Press any key to continue 
Enter the password for user 'GrouperSystem' for grouper UI: pass
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
docker ui password setup logs are at: /opt/grouperInstaller/docker_logs_ui_password_Wed_Apr_08_17:57:13_UTC_2020.log
Password was created successfully.
Press any key to continue. 
First 25 lines of logs are below: 
sending incremental file list
opt/grouper/grouperWebapp/WEB-INF/bin/createGrouperSystemPasswordUi.gsh
opt/grouper/grouperWebapp/WEB-INF/classes/grouper.client.properties
opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties
opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties
opt/grouper/grouperWebapp/WEB-INF/classes/morphString.properties
opt/grouper/grouperWebapp/WEB-INF/classes/subject.properties

sent 6,845 bytes  received 136 bytes  13,962.00 bytes/sec
total size is 6,162  speedup is 0.88
executing /opt/grouper/grouperWebapp/WEB-INF/bin/gsh.sh /opt/grouper/grouperWebapp/WEB-INF/bin/createGrouperSystemPasswordUi.gsh
Detected Grouper directory structure 'webapp' (valid is api, apiMvn, webapp)
Using GROUPER_HOME:           /opt/grouper/grouperWebapp/WEB-INF
Using GROUPER_CONF:           /opt/grouper/grouperWebapp/WEB-INF/classes
Using JAVA:                   /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java
Using CLASSPATH:              /opt/grouper/grouperWebapp/WEB-INF/classes:/opt/grouper/grouperWebapp/WEB-INF/lib/*
using MEMORY:                 64m-750m
Grouper starting up: version: 2.5.20, build date: 2020/04/07 23:55:50 +0000, env: <no label configured>
grouperPatchStatus read from: /opt/grouper/grouperWebapp/WEB-INF/grouperPatchStatus.properties
No patches detected to be installed
grouper.properties read from: /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.properties
Grouper current directory is: /opt/grouper/grouperWebapp/WEB-INF
log4j.properties read from:   /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties
Grouper warning, it is detected that you are logging edu.internet2.middleware.grouper as ERROR and not WARN level.  It is recommended to log at at least WARN level in log4j.properties
Grouper is logging to file:   console, /opt/grouper/logs/grouper.log, at min level ERROR for package: edu.internet2.middleware.grouper, based on log4j.properties

Removed gsh container successfully. 
Press any key to continue 
Please enter the password for user 'GrouperSystem' for grouper web services: pass
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
Waiting for docker command to finish.
docker ws password setup logs are at: /opt/grouperInstaller/docker_logs_ws_password_Wed_Apr_08_17:57:53_UTC_2020.log
Password was created successfully.
Press any key to continue. 
First 25 lines of logs are below: 
sending incremental file list
opt/grouper/grouperWebapp/WEB-INF/bin/createGrouperSystemPasswordWs.gsh
opt/grouper/grouperWebapp/WEB-INF/classes/grouper.client.properties
opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties
opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties
opt/grouper/grouperWebapp/WEB-INF/classes/morphString.properties
opt/grouper/grouperWebapp/WEB-INF/classes/subject.properties

sent 6,845 bytes  received 136 bytes  13,962.00 bytes/sec
total size is 6,164  speedup is 0.88
executing /opt/grouper/grouperWebapp/WEB-INF/bin/gsh.sh /opt/grouper/grouperWebapp/WEB-INF/bin/createGrouperSystemPasswordWs.gsh
Detected Grouper directory structure 'webapp' (valid is api, apiMvn, webapp)
Using GROUPER_HOME:           /opt/grouper/grouperWebapp/WEB-INF
Using GROUPER_CONF:           /opt/grouper/grouperWebapp/WEB-INF/classes
Using JAVA:                   /usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java
Using CLASSPATH:              /opt/grouper/grouperWebapp/WEB-INF/classes:/opt/grouper/grouperWebapp/WEB-INF/lib/*
using MEMORY:                 64m-750m
Grouper starting up: version: 2.5.20, build date: 2020/04/07 23:55:50 +0000, env: <no label configured>
grouperPatchStatus read from: /opt/grouper/grouperWebapp/WEB-INF/grouperPatchStatus.properties
No patches detected to be installed
grouper.properties read from: /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.properties
Grouper current directory is: /opt/grouper/grouperWebapp/WEB-INF
log4j.properties read from:   /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties
Grouper warning, it is detected that you are logging edu.internet2.middleware.grouper as ERROR and not WARN level.  It is recommended to log at at least WARN level in log4j.properties
Grouper is logging to file:   console, /opt/grouper/logs/grouper.log, at min level ERROR for package: edu.internet2.middleware.grouper, based on log4j.properties

Removed 'gsh' container successfully. 
Press any key to continue 
Press any key to start the container: 
Inside container grouper runs on port 8080
Logs are at: /opt/grouperInstaller/logs
Press any key to exit 
[root@ip-172-30-3-152 grouperInstaller]# 

That will run the UI.  From there you can look at other docs and run the daemon and WS.

There is a README.txt that captures all the commands and documentation

Create logs directory in /opt/grouperInstaller



Create log4j.properties file in /opt/grouperInstaller/conf/log4j.properties

Copy the content from https://spaces.at.internet2.edu/display/Grouper/Install+the+Grouper+v2.5+container+with+maturity+level+0+using+installer



Make sure docker is installed and running. Run the following command to check if docker is installed.

which docker

If docker is not installed, go to: https://docs.docker.com/install/ and select the correct platform and follow the instructions. 



Run the following command to check if docker is running

docker info



Run the following command to start docker if it's not running already. Command might vary based on the platform.

sudo service docker start



Run the following command to view the containers names

docker ps --all --format "{{.Names}}" 
If you have gsh, ws, grouper or ui containers already there. Please stop them, remove them and then continue.
To stop a running container, run the following command. 
docker kill <container name>
You might want to add -f flag to docker kill command if unable to stop.
To remove the container, run the following command.
docker rm <container name>
You might want to add -f flag to docker rm command if unable to remove.



Pull grouper docker image by running the following command. 

docker pull i2incommon/grouper:2.5.20



Create slashRoot directory in /opt/grouperInstaller

Create morphString.properties file in /opt/grouperInstaller/conf
Add the following lines to morphString.properties file. Replace the placeholders below with actual values
encrypt.key = <random alphanumeric key with minimum 8 characters>



Create grouper.hibernate.properties file in /opt/grouperInstaller/conf
Add the following lines to grouper.hibernate.properties file. Replace the placeholders below with actual values
hibernate.connection.url = <db url> eg: jdbc:mysql://localhost:3306/grouper
hibernate.connection.username = <user> eg: root
hibernate.connection.password = <morph string encrypted password> eg: 86asd9f87a9sdf87a9s78df97
grouper.is.ui.basicAuthn = true
grouper.is.ws.basicAuthn = true
grouper.is.scim.basicAuthn = true


Create a blank grouper.client.properties file in /opt/grouperInstaller/conf


Create a blank subject.properties file in /opt/grouperInstaller/conf


Run the following command to init the database. It is not a required step.
docker run --detach --mount type=bind,src=/opt/grouperInstaller/conf,dst=/opt/grouper/conf --mount type=bind,src=/opt/grouperInstaller/logs,dst=/opt/grouper/logs --mount type=bind,src=/opt/grouperInstall
er/slashRoot,dst=/opt/grouper/slashRoot --name gsh i2incommon/grouper:2.5.20 /opt/grouper/grouperWebapp/WEB-INF/bin/gsh.sh -registry -check -runscript -noprompt

Run 'docker rm -f gsh' to remove the gsh container.



If you want to use grouper basic authentication for UI, follow the instructions below.
Create createGrouperSystemPasswordUi.gsh file in /opt/grouperInstaller/slashRoot/opt/grouper/grouperWebapp/WEB-INF/bin
Add the following lines to createGrouperSystemPasswordUi.gsh. Replace placeholder with actual values below.
GrouperSession grouperSession = GrouperSession.startRootSession();
GrouperPasswordSave grouperPasswordSave = new GrouperPasswordSave();
grouperPasswordSave.assignUsername("GrouperSystem");
grouperPasswordSave.assignEntityType("username");
grouperPasswordSave.assignPassword("<password>");
grouperPasswordSave.assignApplication(GrouperPassword.Application.UI);
new Authentication().assignUserPassword(grouperPasswordSave);



Run the following command to add UI password to grouper.
docker run --detach --mount type=bind,src=/opt/grouperInstaller/conf,dst=/opt/grouper/conf --mount type=bind,src=/opt/grouperInstaller/logs,dst=/opt/grouper/logs --mount type=bind,src=/opt/grouperInstall
er/slashRoot,dst=/opt/grouper/slashRoot --name gsh i2incommon/grouper:2.5.20 /opt/grouper/grouperWebapp/WEB-INF/bin/gsh.sh /opt/grouper/grouperWebapp/WEB-INF/bin/createGrouperSystemPasswordUi.gsh



Delete createGrouperSystemPasswordUi.gsh file from /opt/grouperInstaller/slashRoot/opt/grouper/grouperWebapp/WEB-INF/bin because it contains password in plain text.

If you want to use grouper basic authentication for grouper web services, follow the instructions below.
Create createGrouperSystemPasswordWs.gsh file in /opt/grouperInstaller/slashRoot/opt/grouper/grouperWebapp/WEB-INF/bin
Add the following lines to createGrouperSystemPasswordWs.gsh. Replace placeholder with actual values below.
GrouperSession grouperSession = GrouperSession.startRootSession();
GrouperPasswordSave grouperPasswordSave = new GrouperPasswordSave();
grouperPasswordSave.assignUsername("GrouperSystem");
grouperPasswordSave.assignEntityType("username");
grouperPasswordSave.assignPassword("<password>");
grouperPasswordSave.assignApplication(GrouperPassword.Application.WS);
new Authentication().assignUserPassword(grouperPasswordSave);



Run the following command to add WS password to grouper.
docker run --detach --mount type=bind,src=/opt/grouperInstaller/conf,dst=/opt/grouper/conf --mount type=bind,src=/opt/grouperInstaller/logs,dst=/opt/grouper/logs --mount type=bind,src=/opt/grouperInstall
er/slashRoot,dst=/opt/grouper/slashRoot --name gsh i2incommon/grouper:2.5.20 /opt/grouper/grouperWebapp/WEB-INF/bin/gsh.sh /opt/grouper/grouperWebapp/WEB-INF/bin/createGrouperSystemPasswordWs.gsh



Delete createGrouperSystemPasswordWs.gsh file from /opt/grouperInstaller/slashRoot/opt/grouper/grouperWebapp/WEB-INF/bin because it contains password in plain text.

Run the following command to start the container.
docker run --detach --publish 8080:8080 --mount type=bind,src=/opt/grouperInstaller/conf,dst=/opt/grouper/conf --mount type=bind,src=/opt/grouperInstaller/logs,dst=/opt/grouper/logs --mount type=bind,src
=/opt/grouperInstaller/slashRoot,dst=/opt/grouper/slashRoot --restart always --name grouper i2incommon/grouper:2.5.20 ui



  • No labels