diff --git a/README.md b/README.md
index 5c8c77d6..0ca43593 100644
--- a/README.md
+++ b/README.md
@@ -71,7 +71,7 @@ The EOEPCA system deployment comprises several steps. Instructions are provided
The first step is to clone this repository to your local platform...
```
-$ git clone --branch v0.1 git@github.com:EOEPCA/eoepca.git
+$ git clone --branch v0.1.1 git@github.com:EOEPCA/eoepca.git
```
NOTE that this clones the specific tag that is well tested. For the latest development branch the `--branch` option should be omitted.
@@ -124,6 +124,7 @@ Not started yet
EOEPCA system releases are made to provide integrated deployments of the developed building blocks. The release history is as follows:
+* 06/08/2020 - [Release 0.1.1](release-notes/release-0.1.1.md)
* 22/06/2020 - [Release 0.1](release-notes/release-0.1.md)
diff --git a/bin/install-terraform.sh b/bin/install-terraform.sh
index 66095f86..f673be5a 100755
--- a/bin/install-terraform.sh
+++ b/bin/install-terraform.sh
@@ -13,7 +13,7 @@ if ! unzip --help >/dev/null 2>&1
then
sudo apt-get -y install unzip
fi
-curl -sLo terraform.zip https://releases.hashicorp.com/terraform/0.12.26/terraform_0.12.26_linux_amd64.zip
+curl -sLo terraform.zip https://releases.hashicorp.com/terraform/0.12.29/terraform_0.12.29_linux_amd64.zip
unzip terraform.zip
rm -f terraform.zip
chmod +x terraform
diff --git a/creodias/README.md b/creodias/README.md
index 81fefad6..387b849a 100644
--- a/creodias/README.md
+++ b/creodias/README.md
@@ -12,7 +12,7 @@ Terraform must be installed. See [terraform website](https://www.terraform.io/)
Alternatively, use helper script [install-terraform.sh](../bin/install-terraform.sh)...
```
-$ ../bin/install-terraform.sh
+$ bin/install-terraform.sh
```
## OpenStack Client
@@ -53,7 +53,7 @@ The clouds.yaml must be placed in one of the following locations:
## Deployment Configuration
-Before initiating deployment, the file [eoepca.tfvars](./eoepca.tfvars) should be tailored to fit the specific needs of your target environment.
+Before initiating deployment, the file [creodias/eoepca.tfvars](./eoepca.tfvars) should be tailored to fit the specific needs of your target environment.
## Initiate Deployment
diff --git a/kubernetes/README.md b/kubernetes/README.md
index 749e629d..41bad80b 100644
--- a/kubernetes/README.md
+++ b/kubernetes/README.md
@@ -20,7 +20,7 @@ RKE must be installed. See [Rancher website](https://rancher.com/products/rke/)
Alternatively, use helper script [install-rke.sh](../bin/install-rke.sh)...
```
-$ ../bin/install-rke.sh
+$ bin/install-rke.sh
```
## RKE Configuration
@@ -35,7 +35,8 @@ The helper script [create-cluster-config.sh](create-cluster-config.sh) automatic
* configuration of connection via bastion
```
-$ ./create-cluster-config.sh
+$ cd kubernetes
+$ create-cluster-config.sh
```
## Create Kubernetes Cluster
@@ -73,7 +74,7 @@ NOTE that, in order to use kubectl from your local platform, it is necessary to
## Access via Bastion host
-For administration the deployment VMs must be accessed through the bastion host (via its public floating IP). The default deployment installs the public key of the user as an authorized key in each VM to facilitate this. Further information [here](../creodias/README.md#access_via_bastion_host).
+For administration the deployment VMs must be accessed through the bastion host (via its public floating IP). The default deployment installs the public key of the user as an authorized key in each VM to facilitate this. Further information [here](../creodias/README.md#access-via-bastion-host).
The ssh connection to the bastion can be used to establish a VPN from your local platform to the cluster using [sshuttle](https://sshuttle.readthedocs.io/en/stable/), for example...
```
diff --git a/minikube/README.md b/minikube/README.md
index af7cfa21..fb49103b 100644
--- a/minikube/README.md
+++ b/minikube/README.md
@@ -10,7 +10,7 @@ For k8s cluster adminstration the kubectl command must be installed. See [Kubern
Alternatively, use helper script [install-kubectl.sh](../bin/install-kubectl.sh)...
```
-$ ../bin/install-kubectl.sh
+$ bin/install-kubectl.sh
```
## Install minikube
@@ -19,7 +19,13 @@ Minikube can be installed by following the instructions on the [Minikube website
Alternatively, use helper script [setup-minikube.sh](./setup-minikube.sh) to download and install Minikube...
```
-$ ./setup-minikube.sh
+$ minikube/setup-minikube.sh
+```
+
+NOTE for running minikube in a VM...
+The setup-minikube.sh script retains the default (preferred) dpeloyment of minikube as a docker container. This is not ideal if running minikube inside a VM. In this case it is better to run minikube natively inside VM using the 'none' driver, rather than the 'docker' driver. This can be achieved by running the script as follows...
+```
+$ minikube/setup-minikube.sh native
```
## Next Steps
diff --git a/minikube/setup-minikube.sh b/minikube/setup-minikube.sh
index 5e30617a..cd238100 100755
--- a/minikube/setup-minikube.sh
+++ b/minikube/setup-minikube.sh
@@ -10,12 +10,33 @@ mkdir -p $HOME/.local/bin
# minikube: download and install locally
echo "Download minikube..."
-curl -sLo $HOME/.local/bin/minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 \
+curl -sLo $HOME/.local/bin/minikube https://github.com/kubernetes/minikube/releases/download/v1.12.1/minikube-linux-amd64 \
&& chmod +x $HOME/.local/bin/minikube
-# start minikube
-# - default container runtime is docker - see https://minikube.sigs.k8s.io/docs/handbook/config/#runtime-configuration
-echo "Start minikube, and wait for cluster..."
-minikube start --addons ingress --wait "all"
+# If MINIKUBE_MODE is not set, and USER is vagrant, deduce we are running in a VM, so use 'native' mode
+MINIKUBE_MODE="$1"
+if [ -z "${MINIKUBE_MODE}" -a "${USER}" = "vagrant" ]; then MINIKUBE_MODE="native"; fi
+
+# minikube (native)
+if [ "${MINIKUBE_MODE}" = "native" ]
+then
+ if hash conntrack 2>/dev/null
+ then
+ # start minikube
+ # - default container runtime is docker - see https://minikube.sigs.k8s.io/docs/handbook/config/#runtime-configuration
+ echo "Start minikube (native), and wait for cluster..."
+ export CHANGE_MINIKUBE_NONE_USER=true
+ sudo -E $HOME/.local/bin/minikube start --driver=none --addons ingress --wait "all"
+ else
+ echo "ERROR: conntrack must be installed for minikube driver='none', e.g. 'sudo apt install conntrack'. Aborting..."
+ exit 1
+ fi
+# minikube docker
+else
+ # start minikube
+ # - default container runtime is docker - see https://minikube.sigs.k8s.io/docs/handbook/config/#runtime-configuration
+ echo "Start minikube (default), and wait for cluster..."
+ minikube start --addons ingress --wait "all"
+fi
echo "...READY"
diff --git a/release-notes/release-0.1.1.md b/release-notes/release-0.1.1.md
new file mode 100644
index 00000000..341f4238
--- /dev/null
+++ b/release-notes/release-0.1.1.md
@@ -0,0 +1,9 @@
+# EOEPCA System - Release 0.1.1
+
+Release 0.1.1 is a minor version release that includes system-level integration and deployment fixes back-ported from the main development branch.
+
+The scope & functionality, and hence the component versions, are unchanged from release 0.1 whose description is in the [Release 0.1 Release Note](release-0.1.md).
+
+## Further Information
+
+For further project information, including details of how to make a deployment of the EOEPCA system, please see the [main project page](../README.md).
diff --git a/terraform/global/proc-ades/dependencies.tf b/terraform/global/proc-ades/dependencies.tf
index 778aa568..9ca150e9 100644
--- a/terraform/global/proc-ades/dependencies.tf
+++ b/terraform/global/proc-ades/dependencies.tf
@@ -1,8 +1,3 @@
-resource "null_resource" "waitfor-login-service" {
- depends_on = [ var.module_depends_on ]
- provisioner "local-exec" {
- command = </dev/null | grep "Nextcloud was successfully installed" >/dev/null 2>&1
+ do
+ test $(( count % step )) -eq 0 && echo "Waiting for service/workspace"
+ sleep $interval
+ count=$(( count + interval ))
+ done
+ EOT
+ }
}
diff --git a/terraform/global/rm-workspace/workspace-ingress.tf b/terraform/global/rm-workspace/workspace-ingress.tf
index 3b7daf68..8c684e64 100644
--- a/terraform/global/rm-workspace/workspace-ingress.tf
+++ b/terraform/global/rm-workspace/workspace-ingress.tf
@@ -18,4 +18,3 @@ resource "kubernetes_ingress" "workspace" {
}
}
}
-
diff --git a/terraform/global/storage/processing.tf b/terraform/global/storage/processing.tf
index 4b4fe527..228f275b 100644
--- a/terraform/global/storage/processing.tf
+++ b/terraform/global/storage/processing.tf
@@ -1,5 +1,5 @@
resource "kubernetes_persistent_volume" "eoepca_proc_pv" {
- count = "${var.nfs_server_address == "none" ? 0 : 1}"
+ count = "${var.storage_class == "eoepca-nfs" ? 1 : 0}"
metadata {
name = "eoepca-proc-pv"
labels = {
@@ -15,7 +15,30 @@ resource "kubernetes_persistent_volume" "eoepca_proc_pv" {
persistent_volume_source {
nfs {
server = var.nfs_server_address
- path = "/data/proc"
+ path = "/data/proc"
+ }
+ }
+ }
+}
+
+resource "kubernetes_persistent_volume" "eoepca_proc_pv_host" {
+ count = "${var.storage_class == "eoepca-nfs" ? 0 : 1}"
+ metadata {
+ name = "eoepca-proc-pv-host"
+ labels = {
+ eoepca_type = "proc"
+ }
+ }
+ spec {
+ storage_class_name = var.storage_class
+ access_modes = ["ReadWriteMany"]
+ capacity = {
+ storage = "5Gi"
+ }
+ persistent_volume_source {
+ host_path {
+ path = "/kubedata/proc"
+ type = "DirectoryOrCreate"
}
}
}
@@ -30,7 +53,7 @@ resource "kubernetes_persistent_volume_claim" "eoepca_pvc" {
}
spec {
storage_class_name = var.storage_class
- access_modes = ["ReadWriteMany"]
+ access_modes = ["ReadWriteMany"]
resources {
requests = {
storage = "3Gi"
diff --git a/terraform/global/storage/resource-management.tf b/terraform/global/storage/resource-management.tf
index b95cfdc7..56701a7d 100644
--- a/terraform/global/storage/resource-management.tf
+++ b/terraform/global/storage/resource-management.tf
@@ -1,5 +1,5 @@
resource "kubernetes_persistent_volume" "eoepca_resman_pv" {
- count = "${var.nfs_server_address == "none" ? 0 : 1}"
+ count = "${var.storage_class == "eoepca-nfs" ? 1 : 0}"
metadata {
name = "eoepca-resman-pv"
labels = {
@@ -15,7 +15,30 @@ resource "kubernetes_persistent_volume" "eoepca_resman_pv" {
persistent_volume_source {
nfs {
server = var.nfs_server_address
- path = "/data/resman"
+ path = "/data/resman"
+ }
+ }
+ }
+}
+
+resource "kubernetes_persistent_volume" "eoepca_resman_pv_host" {
+ count = "${var.storage_class == "eoepca-nfs" ? 0 : 1}"
+ metadata {
+ name = "eoepca-resman-pv-host"
+ labels = {
+ eoepca_type = "resman"
+ }
+ }
+ spec {
+ storage_class_name = var.storage_class
+ access_modes = ["ReadWriteMany"]
+ capacity = {
+ storage = "5Gi"
+ }
+ persistent_volume_source {
+ host_path {
+ path = "/kubedata/resman"
+ type = "DirectoryOrCreate"
}
}
}
@@ -30,7 +53,7 @@ resource "kubernetes_persistent_volume_claim" "eoepca_resman_pvc" {
}
spec {
storage_class_name = var.storage_class
- access_modes = ["ReadWriteMany"]
+ access_modes = ["ReadWriteMany"]
resources {
requests = {
storage = "3Gi"
diff --git a/terraform/global/storage/user-management.tf b/terraform/global/storage/user-management.tf
index ae481e1b..b2ee2d6b 100644
--- a/terraform/global/storage/user-management.tf
+++ b/terraform/global/storage/user-management.tf
@@ -1,5 +1,5 @@
resource "kubernetes_persistent_volume" "eoepca_userman_pv" {
- count = "${var.nfs_server_address == "none" ? 0 : 1}"
+ count = "${var.storage_class == "eoepca-nfs" ? 1 : 0}"
metadata {
name = "eoepca-userman-pv"
labels = {
@@ -15,7 +15,30 @@ resource "kubernetes_persistent_volume" "eoepca_userman_pv" {
persistent_volume_source {
nfs {
server = var.nfs_server_address
- path = "/data/userman"
+ path = "/data/userman"
+ }
+ }
+ }
+}
+
+resource "kubernetes_persistent_volume" "eoepca_userman_pv_host" {
+ count = "${var.storage_class == "eoepca-nfs" ? 0 : 1}"
+ metadata {
+ name = "eoepca-userman-pv-host"
+ labels = {
+ eoepca_type = "userman"
+ }
+ }
+ spec {
+ storage_class_name = var.storage_class
+ access_modes = ["ReadWriteMany"]
+ capacity = {
+ storage = "5Gi"
+ }
+ persistent_volume_source {
+ host_path {
+ path = "/kubedata/userman"
+ type = "DirectoryOrCreate"
}
}
}
@@ -30,7 +53,7 @@ resource "kubernetes_persistent_volume_claim" "eoepca_userman_pvc" {
}
spec {
storage_class_name = var.storage_class
- access_modes = ["ReadWriteMany"]
+ access_modes = ["ReadWriteMany"]
resources {
requests = {
storage = "3Gi"
diff --git a/terraform/global/um-login-service/config/load-config.tf b/terraform/global/um-login-service/config/load-config.tf
index 41ded5e6..f46fc263 100755
--- a/terraform/global/um-login-service/config/load-config.tf
+++ b/terraform/global/um-login-service/config/load-config.tf
@@ -2,7 +2,7 @@ resource "kubernetes_job" "config_init_load_job" {
metadata {
name = "config-init-load-job"
}
- depends_on = [ kubernetes_config_map.config-cm ]
+ depends_on = [kubernetes_config_map.config-cm]
spec {
template {
@@ -39,11 +39,11 @@ resource "kubernetes_job" "config_init_load_job" {
name = "GLUU_SECRET_ADAPTER"
value = "kubernetes"
}
-
+
volume_mount {
- name = "config-cm"
- mount_path = "/opt/config-init/db/generate.json"
- sub_path = "generate.json"
+ name = "config-cm"
+ mount_path = "/opt/config-init/db/generate.json"
+ sub_path = "generate.json"
mount_propagation = "HostToContainer"
}
}
@@ -52,5 +52,9 @@ resource "kubernetes_job" "config_init_load_job" {
}
}
}
+ wait_for_completion = true
+ timeouts {
+ create = "5m"
+ update = "5m"
+ }
}
-
diff --git a/terraform/global/um-login-service/ldap/dependencies.tf b/terraform/global/um-login-service/ldap/dependencies.tf
index 40438b0e..9ca150e9 100644
--- a/terraform/global/um-login-service/ldap/dependencies.tf
+++ b/terraform/global/um-login-service/ldap/dependencies.tf
@@ -1,18 +1,3 @@
-resource "null_resource" "waitfor-opendj-init" {
- depends_on = [ var.module_depends_on ]
- provisioner "local-exec" {
- command = </dev/null | grep "The Directory Server has started successfully" >/dev/null 2>&1
+ do
+ test $(( count % step )) -eq 0 && echo "Waiting for opendj-init0"
+ sleep $interval
+ count=$(( count + interval ))
+ done
+ EOT
+ }
+}
diff --git a/terraform/global/um-login-service/ldap/persistence.tf b/terraform/global/um-login-service/ldap/persistence.tf
index db4cf1c8..4839e5e8 100755
--- a/terraform/global/um-login-service/ldap/persistence.tf
+++ b/terraform/global/um-login-service/ldap/persistence.tf
@@ -3,7 +3,7 @@ resource "kubernetes_job" "um_login_persistence" {
name = "um-login-persistence"
}
- depends_on = [ null_resource.waitfor-config-init, null_resource.waitfor-opendj-init ]
+ depends_on = [null_resource.waitfor-module-depends, kubernetes_stateful_set.opendj_init]
spec {
backoff_limit = 1
@@ -70,5 +70,9 @@ resource "kubernetes_job" "um_login_persistence" {
}
}
}
+ wait_for_completion = true
+ timeouts {
+ create = "5m"
+ update = "5m"
+ }
}
-
diff --git a/terraform/global/um-login-service/main.tf b/terraform/global/um-login-service/main.tf
index 7e4f3d24..b669719b 100644
--- a/terraform/global/um-login-service/main.tf
+++ b/terraform/global/um-login-service/main.tf
@@ -34,7 +34,7 @@ module "nginx" {
source = "./nginx"
nginx_ip = var.nginx_ip
hostname = var.hostname
- module_depends_on = [module.ldap.ldap-up]
+ module_depends_on = [module.config.config-done]
}
module "oxauth" {
diff --git a/terraform/global/um-login-service/nginx/dependencies.tf b/terraform/global/um-login-service/nginx/dependencies.tf
index 392bf2ea..5ec1c1b6 100644
--- a/terraform/global/um-login-service/nginx/dependencies.tf
+++ b/terraform/global/um-login-service/nginx/dependencies.tf
@@ -1,20 +1,3 @@
-resource "null_resource" "waitfor-tls-secrets" {
- depends_on = [ var.module_depends_on ]
- provisioner "local-exec" {
- command = < ingress.crt
+} # kubectl get secret gluu -o json | grep '\"ssl_cert' | awk -F '"' '{print $4}' | base64 --decode > ingress.crt
resource "local_file" "ingress_key" {
- content = data.kubernetes_secret.gluu.data.ssl_key
+ content = data.kubernetes_secret.gluu.data.ssl_key
filename = "./ingress.key"
-
- depends_on = [ null_resource.waitfor-tls-secrets, null_resource.waitfor-persistence ]
} # kubectl get secret gluu -o json | grep '\"ssl_key' | awk -F '"' '{print $4}' | base64 --decode > ingress.key
resource "kubernetes_secret" "tls-certificate" {
@@ -57,6 +51,4 @@ resource "kubernetes_secret" "tls-certificate" {
}
type = "kubernetes.io/tls"
-
- depends_on = [ null_resource.waitfor-tls-secrets, null_resource.waitfor-persistence ]
-} # kubectl create secret tls tls-certificate --key ingress.key --cert ingress.crt
\ No newline at end of file
+} # kubectl create secret tls tls-certificate --key ingress.key --cert ingress.crt
diff --git a/terraform/global/um-login-service/nginx/variables.tf b/terraform/global/um-login-service/nginx/variables.tf
index ef50be86..edf9ca16 100644
--- a/terraform/global/um-login-service/nginx/variables.tf
+++ b/terraform/global/um-login-service/nginx/variables.tf
@@ -1,9 +1,9 @@
variable "nginx_ip" {
- type = string
+ type = string
}
variable "hostname" {
- type = string
+ type = string
}
variable "module_depends_on" {
@@ -11,6 +11,6 @@ variable "module_depends_on" {
}
output "nginx-done" {
- value = true
- depends_on = [ kubernetes_ingress.gluu_ingress_scim_configuration ]
-}
\ No newline at end of file
+ value = true
+ depends_on = [kubernetes_ingress.gluu_ingress_scim_configuration]
+}
diff --git a/terraform/global/um-login-service/oxauth/dependencies.tf b/terraform/global/um-login-service/oxauth/dependencies.tf
index 571fca1e..9ca150e9 100644
--- a/terraform/global/um-login-service/oxauth/dependencies.tf
+++ b/terraform/global/um-login-service/oxauth/dependencies.tf
@@ -1,8 +1,3 @@
-resource "null_resource" "waitfor-persistence" {
- depends_on = [ var.module_depends_on ]
- provisioner "local-exec" {
- command = </dev/null | grep "Server:main: Started" >/dev/null 2>&1
+ do
+ test $(( count % step )) -eq 0 && echo "Waiting for service/oxauth"
+ sleep $interval
+ count=$(( count + interval ))
+ done
+ EOT
}
}
@@ -43,8 +51,8 @@ resource "kubernetes_deployment" "oxauth" {
labels = { app = "oxauth" }
}
- depends_on = [ null_resource.waitfor-persistence ]
-
+ depends_on = [null_resource.waitfor-module-depends]
+
spec {
replicas = 1
selector {
@@ -55,9 +63,9 @@ resource "kubernetes_deployment" "oxauth" {
labels = { app = "oxauth" }
}
spec {
-
+
automount_service_account_token = true
-
+
volume {
name = "vol-userman"
@@ -101,7 +109,7 @@ resource "kubernetes_deployment" "oxauth" {
}
host_aliases {
ip = var.nginx_ip
- hostnames = [ var.hostname ]
+ hostnames = [var.hostname]
}
}
}
diff --git a/terraform/global/um-login-service/oxpassport/dependencies.tf b/terraform/global/um-login-service/oxpassport/dependencies.tf
index 571fca1e..9ca150e9 100644
--- a/terraform/global/um-login-service/oxpassport/dependencies.tf
+++ b/terraform/global/um-login-service/oxpassport/dependencies.tf
@@ -1,8 +1,3 @@
-resource "null_resource" "waitfor-persistence" {
- depends_on = [ var.module_depends_on ]
- provisioner "local-exec" {
- command = </dev/null | grep "Server listening on" >/dev/null 2>&1
+ do
+ test $(( count % step )) -eq 0 && echo "Waiting for service/oxpassport"
+ sleep $interval
+ count=$(( count + interval ))
+ done
+ EOT
+ }
}
resource "kubernetes_deployment" "oxpassport" {
@@ -46,7 +59,7 @@ resource "kubernetes_deployment" "oxpassport" {
}
}
- depends_on = [null_resource.waitfor-persistence]
+ depends_on = [null_resource.waitfor-module-depends]
timeouts {
create = "10m"
@@ -116,4 +129,3 @@ resource "kubernetes_deployment" "oxpassport" {
}
}
}
-
diff --git a/terraform/global/um-login-service/oxpassport/variables.tf b/terraform/global/um-login-service/oxpassport/variables.tf
index ab7ebbd1..93c96f34 100644
--- a/terraform/global/um-login-service/oxpassport/variables.tf
+++ b/terraform/global/um-login-service/oxpassport/variables.tf
@@ -1,9 +1,9 @@
variable "nginx_ip" {
- type = string
+ type = string
}
variable "hostname" {
- type = string
+ type = string
}
variable "module_depends_on" {
@@ -11,6 +11,6 @@ variable "module_depends_on" {
}
output "oxpassport-up" {
- value = true
- depends_on = [ kubernetes_service.oxpassport ]
-}
\ No newline at end of file
+ value = true
+ depends_on = [kubernetes_service.oxpassport]
+}
diff --git a/terraform/global/um-login-service/oxtrust/dependencies.tf b/terraform/global/um-login-service/oxtrust/dependencies.tf
index 7d6d4cba..9ca150e9 100644
--- a/terraform/global/um-login-service/oxtrust/dependencies.tf
+++ b/terraform/global/um-login-service/oxtrust/dependencies.tf
@@ -1,17 +1,3 @@
-resource "null_resource" "waitfor-persistence" {
- depends_on = [ var.module_depends_on ]
- provisioner "local-exec" {
- command = </dev/null | grep "Server:main: Started" >/dev/null 2>&1
+ do
+ test $(( count % step )) -eq 0 && echo "Waiting for service/oxtrust"
+ sleep $interval
+ count=$(( count + interval ))
+ done
+ EOT
+ }
+}
diff --git a/terraform/global/um-login-service/oxtrust/variables.tf b/terraform/global/um-login-service/oxtrust/variables.tf
index f71e2e39..0991ac39 100644
--- a/terraform/global/um-login-service/oxtrust/variables.tf
+++ b/terraform/global/um-login-service/oxtrust/variables.tf
@@ -1,9 +1,9 @@
variable "nginx_ip" {
- type = string
+ type = string
}
variable "hostname" {
- type = string
+ type = string
}
variable "module_depends_on" {
@@ -11,6 +11,6 @@ variable "module_depends_on" {
}
output "oxtrust-up" {
- value = true
- depends_on = [ kubernetes_service.oxtrust ]
-}
\ No newline at end of file
+ value = true
+ depends_on = [kubernetes_stateful_set.oxtrust]
+}
diff --git a/terraform/global/um-pep-engine/config/dependencies.tf b/terraform/global/um-pep-engine/config/dependencies.tf
deleted file mode 100755
index 13032490..00000000
--- a/terraform/global/um-pep-engine/config/dependencies.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-resource "null_resource" "waitfor-login-service" {
- provisioner "local-exec" {
- command = </dev/null | grep "Running on http://0.0.0.0" >/dev/null 2>&1
+ do
+ test $(( count % step )) -eq 0 && echo "Waiting for service/pep-engine"
+ sleep $interval
+ count=$(( count + interval ))
+ done
+ EOT
+ }
}
+
resource "kubernetes_deployment" "pep-engine" {
metadata {
name = "pep-engine"
labels = { app = "pep-engine" }
}
- depends_on = [null_resource.waitfor-login-service]
+ depends_on = [null_resource.waitfor-module-depends]
spec {
replicas = 1
@@ -99,15 +110,14 @@ resource "kubernetes_deployment" "pep-engine" {
volume {
name = "vol-userman"
-
persistent_volume_claim {
claim_name = "eoepca-userman-pvc"
}
}
-
container {
name = "pep-engine"
- image = "eoepca/um-pep-engine:v0.1.1"
+ image = "eoepca/um-pep-engine:latest"
+
port {
container_port = 5566
name = "http-pep"
@@ -123,11 +133,32 @@ resource "kubernetes_deployment" "pep-engine" {
}
volume_mount {
name = "vol-userman"
- mount_path = "/opt/gluu/jetty/pep-engine/logs"
- sub_path = "pep-engine/logs"
+ mount_path = "/data/db/resource"
+ sub_path = "pep-engine/db/resource"
}
image_pull_policy = "Always"
}
+ container {
+ name = "mongo"
+ image = "mongo"
+ port {
+ container_port = 27017
+ name = "http-rp"
+ }
+
+ env_from {
+ config_map_ref {
+ name = "um-pep-engine-config"
+ }
+ }
+ volume_mount {
+ name = "vol-userman"
+ mount_path = "/data/db/resource"
+ sub_path = "pep-engine/db/resource"
+ }
+ image_pull_policy = "Always"
+ }
+
host_aliases {
ip = var.nginx_ip
hostnames = [var.hostname]
@@ -136,4 +167,3 @@ resource "kubernetes_deployment" "pep-engine" {
}
}
}
-
diff --git a/terraform/global/um-pep-engine/variables.tf b/terraform/global/um-pep-engine/variables.tf
index fde1510b..7da4bbb3 100755
--- a/terraform/global/um-pep-engine/variables.tf
+++ b/terraform/global/um-pep-engine/variables.tf
@@ -1,10 +1,9 @@
variable "nginx_ip" {
- type = string
- default = "0.0.0.0"
+ type = string
}
variable "hostname" {
- type = string
+ type = string
}
variable "module_depends_on" {
@@ -13,5 +12,5 @@ variable "module_depends_on" {
output "um-pep-engine-up" {
value = true
- depends_on = [module.config]
+ depends_on = [kubernetes_service.pep-engine]
}
diff --git a/terraform/global/um-user-profile/config/dependencies.tf b/terraform/global/um-user-profile/config/dependencies.tf
deleted file mode 100755
index b7315511..00000000
--- a/terraform/global/um-user-profile/config/dependencies.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-resource "null_resource" "waitfor-login-service" {
- depends_on = [ var.config_module_depends_on ]
- provisioner "local-exec" {
- command = </dev/null | grep "Running on http://0.0.0.0" >/dev/null 2>&1
+ do
+ test $(( count % step )) -eq 0 && echo "Waiting for service/user-profile"
+ sleep $interval
+ count=$(( count + interval ))
+ done
+ EOT
+ }
}
resource "kubernetes_deployment" "user-profile" {
@@ -122,7 +130,7 @@ resource "kubernetes_deployment" "user-profile" {
name = "user-profile"
labels = { app = "user-profile" }
}
- depends_on = [ null_resource.waitfor-login-service ]
+ depends_on = [null_resource.waitfor-module-depends]
spec {
replicas = 1
@@ -134,7 +142,7 @@ resource "kubernetes_deployment" "user-profile" {
labels = { app = "user-profile" }
}
spec {
-
+
automount_service_account_token = true
volume {
@@ -156,11 +164,11 @@ resource "kubernetes_deployment" "user-profile" {
image = "eoepca/um-user-profile:v0.1.1"
port {
container_port = 5566
- name = "http-up"
+ name = "http-up"
}
port {
container_port = 443
- name = "https-up"
+ name = "https-up"
}
env_from {
config_map_ref {
@@ -168,9 +176,9 @@ resource "kubernetes_deployment" "user-profile" {
}
}
volume_mount {
- name = "um-user-profile-config"
- mount_path = "/opt/user-profile/db/um-user-profile-config"
- sub_path = "um-user-profile-config"
+ name = "um-user-profile-config"
+ mount_path = "/opt/user-profile/db/um-user-profile-config"
+ sub_path = "um-user-profile-config"
mount_propagation = "HostToContainer"
}
volume_mount {
@@ -182,10 +190,9 @@ resource "kubernetes_deployment" "user-profile" {
}
host_aliases {
ip = var.nginx_ip
- hostnames = [ var.hostname ]
+ hostnames = [var.hostname]
}
}
}
}
}
-
diff --git a/terraform/global/um-user-profile/variables.tf b/terraform/global/um-user-profile/variables.tf
index e45d61c5..5692eb9c 100755
--- a/terraform/global/um-user-profile/variables.tf
+++ b/terraform/global/um-user-profile/variables.tf
@@ -1,10 +1,9 @@
variable "nginx_ip" {
- type = string
- default = "0.0.0.0"
+ type = string
}
variable "hostname" {
- type = string
+ type = string
}
variable "module_depends_on" {
@@ -12,6 +11,6 @@ variable "module_depends_on" {
}
output "um-user-profile-up" {
- value = module.config.um-user-profile-up
- depends_on = [module.config]
+ value = true
+ depends_on = [kubernetes_service.user-profile]
}
diff --git a/terraform/test/README.md b/terraform/test/README.md
index 9cf742ea..9c6d20a2 100644
--- a/terraform/test/README.md
+++ b/terraform/test/README.md
@@ -22,7 +22,8 @@ The deployment is initiated via script [deployEOEPCA.sh](deployEOEPCA.sh).
The script is configured through the following environment variables, that can be set either by editing the script directly, or exporting them before running [deployEOEPCA.sh](deployEOEPCA.sh):
* `DOCKER_EMAIL`: Email of the account with access to the Dockerhub EOEPCA repository
* `DOCKER_USERNAME`: User name of the account with access to the Dockerhub EOEPCA repository
-* `DOCKER_PASSWORD`: Password of the account with access to the Dockerhub EOEPCA repository
+* `DOCKER_PASSWORD`: Password of the account with access to the Dockerhub EOEPCA repository
+ *NOTE that the above DOCKER_XXX environment variables are not currently used, and so can be left unset.*
* `WSPACE_USERNAME`: User name of the account with access to the workspace. Defaults to 'eoepca' if not set
* `WSPACE_PASSWORD`: Password of the workspace account. Defaults to 'telespazio' if not set
*NOTE that the Workspace component is a stub (using [Nextcloud](https://nextcloud.com/)) that is instantiated within the cluster to support the stage-out of the ADES component using WebDAV. Hence, the credentials used are not important.*
@@ -33,7 +34,7 @@ There are some additional environment variables whose value is automatically ded
## Initiate Deployment
-The deployment uses the Terraform Kubernetes provider, that relies upon a working kubectl connection to the k8s cluster. Thus it is necessary to ensure that [Access via Bastion host](../../kubernetes/README.md#access_via_bastion_host) is established.
+The deployment uses the Terraform Kubernetes provider, that relies upon a working kubectl connection to the k8s cluster. Thus it is necessary to ensure that [Access via Bastion host](../../kubernetes/README.md#access-via-bastion-host) is established.
Once the appropriate environment variables are configured, then the script is executed to initiate deployment...
```
diff --git a/terraform/test/deployEOEPCA.sh b/terraform/test/deployEOEPCA.sh
index e289bbcd..28215825 100755
--- a/terraform/test/deployEOEPCA.sh
+++ b/terraform/test/deployEOEPCA.sh
@@ -46,10 +46,10 @@ echo "Using PUBLIC_IP=${PUBLIC_IP}"
echo "Using NFS_SERVER_ADDRESS=${NFS_SERVER_ADDRESS}"
# Storage class
-# If using minikube then set storage class to 'standard' (host storage OK for dev testing)
+# If using minikube then set storage class to 'eoepca-host' (host storage OK for dev testing)
if [ "${PUBLIC_IP}" = "${MINIKUBE_IP}" ]
then
- STORAGE_CLASS="${STORAGE_CLASS:-standard}"
+ STORAGE_CLASS="${STORAGE_CLASS:-eoepca-host}"
echo "INFO: using minikube with IP ${MINIKUBE_IP} and storage class ${STORAGE_CLASS}"
fi
if [ -n "${STORAGE_CLASS}" ]; then VAR_STORAGE_CLASS="--var=storage_class=${STORAGE_CLASS}"; fi
@@ -61,7 +61,7 @@ KUBECTL_PLUGIN="terraform-provider-kubectl"
if [ ! -x "$KUBECTL_PLUGIN" ]
then
echo Installing $KUBECTL_PLUGIN
- curl -Ls https://api.github.com/repos/gavinbunney/terraform-provider-kubectl/releases/latest \
+ curl -Ls https://api.github.com/repos/gavinbunney/terraform-provider-kubectl/releases/tags/v1.5.1 \
| jq -r '.assets[] | .browser_download_url | select(contains("linux-amd64"))' \
| xargs -n 1 curl -Lo "$KUBECTL_PLUGIN"
chmod +x "$KUBECTL_PLUGIN"
diff --git a/terraform/test/main.tf b/terraform/test/main.tf
index c9b4b945..4fe0e2bf 100644
--- a/terraform/test/main.tf
+++ b/terraform/test/main.tf
@@ -1,5 +1,6 @@
provider "kubernetes" {
# When no host is specified this provider reads ~./kube/config
+ version = "~> 1.12"
}
provider "kubectl" {
@@ -31,7 +32,7 @@ module "nfs-provisioner" {
module "storage" {
source = "../global/storage"
nfs_server_address = var.nfs_server_address
- storage_class = var.storage_class
+ storage_class = var.storage_class
}
module "um-login-service" {
@@ -45,14 +46,14 @@ module "um-pep-engine" {
source = "../global/um-pep-engine"
nginx_ip = var.public_ip
hostname = var.hostname
- module_depends_on = [module.um-login-service]
+ module_depends_on = [module.um-login-service.um-login-service-up]
}
module "um-user-profile" {
source = "../global/um-user-profile"
nginx_ip = var.public_ip
hostname = var.hostname
- module_depends_on = [module.um-login-service, module.um-pep-engine]
+ module_depends_on = [module.um-login-service.um-login-service-up]
}
module "proc-ades" {
@@ -63,7 +64,7 @@ module "proc-ades" {
wspace_user_name = var.wspace_user_name
wspace_user_password = var.wspace_user_password
hostname = var.hostname
- module_depends_on = [module.um-login-service, module.um-pep-engine, module.um-user-profile]
+ module_depends_on = []
}
module "rm-workspace" {
@@ -71,5 +72,5 @@ module "rm-workspace" {
wspace_user_name = var.wspace_user_name
wspace_user_password = var.wspace_user_password
hostname = var.hostname
- module_depends_on = [module.proc-ades]
+ module_depends_on = []
}
diff --git a/test/acceptance/02__Processing/01__ADES/eo_metadata_generation_1_0.json b/test/acceptance/02__Processing/01__ADES/eo_metadata_generation_1_0.json
index 557a0569..95c8d59e 100644
--- a/test/acceptance/02__Processing/01__ADES/eo_metadata_generation_1_0.json
+++ b/test/acceptance/02__Processing/01__ADES/eo_metadata_generation_1_0.json
@@ -7,7 +7,7 @@
"mimeType": "application/xml"
},
"value": {
- "inlineValue": "https://raw.githubusercontent.com/EOEPCA/eoepca/v0.1/test/acceptance/02__Processing/01__ADES/eo_metadata_generation_1_0.xml"
+ "inlineValue": "https://raw.githubusercontent.com/EOEPCA/eoepca/v0.1.1/test/acceptance/02__Processing/01__ADES/eo_metadata_generation_1_0.xml"
}
}
}
diff --git a/test/acceptance/acceptance_tests.sh b/test/acceptance/acceptance_tests.sh
index 71139f28..d271dd59 100755
--- a/test/acceptance/acceptance_tests.sh
+++ b/test/acceptance/acceptance_tests.sh
@@ -26,6 +26,7 @@ function setup_venv() {
}
function install_robot_framework() {
+ # python components
echo "INFO: Installing/updating Robot Framework and dependencies..."
pip install -U robotframework \
&& pip install -U docutils \
@@ -33,6 +34,12 @@ function install_robot_framework() {
&& pip install -U robotframework-seleniumlibrary \
&& pip install -U robotframework-sshlibrary \
&& pip install -U webdrivermanager
+ # Chrome driver
+ if ! hash chromedriver 2>/dev/null
+ then
+ echo "INFO: Installing chrome webdriver..."
+ webdrivermanager chrome:83.0.4103.39
+ fi
}
function install_test_requirements() {