...
Table of Contents |
---|
Include Page | ||||
---|---|---|---|---|
|
Latest i2-incommon container
See the latest grouper tap container https://hub.docker.com/r/tier/grouper/tags
...
https://github.internet2.edu/docker/grouper
Conf and logs
Basically we are identifying a folder on our server which is reserved for grouper. There are config files on the host machine which will be read from the container. There are log dirs which will be written to from the container. Later will map which dirs on the host machine connect to which dirs in the container. It is helpful if they are not the exact same path so you can keep them straight.
...
Code Block |
---|
docker logs grouper-ui -or for grouper logs go to- /opt/groupercontainer/logs/grouper-ui |
Init database
Start a container below.
Then SSH into it and init database (one time task to create grouper tables)
...
Code Block | ||
---|---|---|
| ||
[root@ip-172-30-0-83 ~]# docker run --detach \ --mount type=bind,src=/opt/groupercontainer/conf,dst=/opt/grouper/conf \ --mount type=bind,src=/opt/groupercontainer/logs/grouper-ui,dst=/opt/grouper/logs \ --mount type=bind,src=/opt/groupercontainer/ddlScripts,dst=/opt/grouper/grouper.apiBinary/ddlScripts/ \ --name dbInit \ --entrypoint /opt/grouper/grouper.apiBinary/bin/gsh \ tier/grouper:2.4.0-a89-u55-w11-p12-20200110-rc1 \ -registry -check -runscript -noprompt # NOTE: The /opt/groupercontainer/ddlScripts dir will contain the ddl file that was executed against the DB. ( If you want it. ) # Now you can delete that container. The above line will only check and correct the DB if needed, but generally should not be done trivially. [root@ip-172-30-0-83 ~]# docker rm dbInit |
UI
Code Block |
---|
[root@ip-172-30-0-157 ~]# docker run --detach --publish 443:443 \ --mount type=bind,src=/opt/groupercontainer/conf,dst=/opt/grouper/conf \ --mount type=bind,src=/opt/groupercontainer/logs/grouper-ui,dst=/opt/grouper/logs \ --mount type=bind,src=/opt/groupercontainer/httpd/ssl-enabled.conf,dst=/etc/httpd/conf.d/ssl-enabled.conf \ --mount type=bind,src=/opt/groupercontainer/httpd/grouper-www.conf,dst=/etc/httpd/conf.d/grouper-www.conf \ --mount type=bind,src=/opt/groupercontainer/tomcat/tomcat-users.xml,dst=/opt/tomcat/conf/tomcat-users.xml \ --mount type=bind,src=/opt/groupercontainer/tomcat/server.xml,dst=/opt/tomcat/conf/server.xml \ --mount type=bind,src=/opt/groupercontainer/tomcat/grouper-ui-web.xml,dst=/opt/grouper/grouper.ui/WEB-INF/web.xml \ --restart always --name grouper-ui \ tier/grouper:2.4.0-a89-u55-w11-p12-20200110-rc1 \ ui |
...
https://ec2-54-210-221-100.compute-1.amazonaws.com/grouper/
Daemon
Run
Code Block |
---|
docker run --detach \ --mount type=bind,src=/opt/groupercontainer/conf,dst=/opt/grouper/conf \ --mount type=bind,src=/opt/groupercontainer/logs/grouper-daemon,dst=/opt/grouper/logs \ --restart always --name grouper-daemon \ tier/grouper:2.4.0-a89-u55-w11-p12-20200110-rc1 \ daemon |
See it working in the UI: misc → all daemon jobs → see change log temp to change log
WS
Run
Code Block |
---|
docker run --detach --publish 8443:443 \ --mount type=bind,src=/opt/groupercontainer/conf,dst=/opt/grouper/conf \ --mount type=bind,src=/opt/groupercontainer/logs/grouper-ws,dst=/opt/grouper/logs \ --mount type=bind,src=/opt/groupercontainer/httpd/ssl-enabled.conf,dst=/etc/httpd/conf.d/ssl-enabled.conf \ --mount type=bind,src=/opt/groupercontainer/httpd/grouper-www.conf,dst=/etc/httpd/conf.d/grouper-www.conf \ --mount type=bind,src=/opt/groupercontainer/tomcat/tomcat-users.xml,dst=/opt/tomcat/conf/tomcat-users.xml \ --mount type=bind,src=/opt/groupercontainer/tomcat/server.xml,dst=/opt/tomcat/conf/server.xml \ --mount type=bind,src=/opt/groupercontainer/tomcat/grouper-ui-web.xml,dst=/opt/grouper/grouper.ui/WEB-INF/web.xml \ --restart always --name grouper-ws \ tier/grouper:2.4.0-a89-u55-w11-p12-20200110-rc1 \ ws |
...
Code Block |
---|
[root@ip-172-30-0-157 logs]# cd /tmp [root@ip-172-30-0-157 tmp]# mkdir grouperClient [root@ip-172-30-0-157 tmp]# cd grouperClient [root@ip-172-30-0-157 grouperClient]# wget https://software.internet2.edu/grouper/release/2.4.0/grouper.clientBinary-2.4.0.tar.gz [root@ip-172-30-0-157 grouperClient]# tar xzvf grouper.clientBinary-2.4.0.tar.gz [root@ip-172-30-0-157 grouperClient]# cd grouper.clientBinary-2.4.0/ [root@ip-172-30-0-157 grouper.clientBinary-2.4.0]# yum install java-1.8.0-openjdk Edit grouper.client.properties # url of web service, should include everything up to the first resource to access # e.g. http://groups.school.edu:8090/grouper-ws/servicesRest # e.g. https://groups.school.edu/grouper-ws/servicesRest grouperClient.webService.url = https://ec2-34-239-141-228.compute-1.amazonaws.com:8443/grouper-ws/servicesRest # kerberos principal used to connect to web service grouperClient.webService.login = GrouperSystem # password for shared secret authentication to web service # or you can put a filename with an encrypted password grouperClient.webService.password = ********** [root@ip-172-30-0-157 grouper.clientBinary-2.4.0]# java -jar grouperClient.jar --operation=getSubjectsWs --subjectIds=GrouperSystem --debug=true |
Upgrade container (or change version)
Code Block |
---|
[root@ip-172-30-0-82 ~]# docker stop grouper-ui grouper-ui [root@ip-172-30-0-82 ~]# docker stop grouper-ws grouper-ws [root@ip-172-30-0-82 ~]# docker stop grouper-daemon grouper-daemon [root@ip-172-30-0-82 ~]# docker rm grouper-ui grouper-ui [root@ip-172-30-0-82 ~]# docker rm grouper-ws grouper-ws [root@ip-172-30-0-82 ~]# docker rm grouper-daemon grouper-daemon [root@ip-172-30-0-82 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tier/grouper 2.4.0-a89-u55-w11-p12-20200110-rc1 4218bfea3573 2 days ago 1.34GB [root@ip-172-30-0-82 ~]# docker rmi 4218bfea3573 [root@ip-172-30-0-82 ~]# Pull a new tag from: https://hub.docker.com/r/tier/grouper/tags [root@ip-172-30-0-82 ~]# docker pull tier/grouper:2.4.0-a86-u53-w10-p12-20191224-rc1 Startup the UI and WS and daemon per command above with new version |
...