NAME, name of the mysql image, default value is validation
TAG_PRE, first part of the image version, default value is mysql
TAG_VER, last part of the image version, default value is latest
-MYSQL_HOST_PORT, port on which mysql is exposed on host, default value is 3307
In order to deploy the container, this script can be executed with the appropriate parameters.
NAME, the name of the mysql image, default value is validation
TAG_PRE, the first part of the image version, default value is mysql
TAG_VER, the last part of the image version, default value is latest
-MYSQL_HOST_PORT, the port on which mysql is exposed on host, default value is 3307
In order to deploy the container, this script can be executed with the appropriate parameters.
ENCRYPTION_KEY, the key that should be used by the AES algorithm for encrypting passwords stored in database, this variable is required
UI_ADMIN_PASSWORD, the desired Blueprint Validation UI password for the admin user, this variable is required
TRUST_ALL, the variable that defines whether the UI should trust all certificates or not, default value is false
+USE_NETWORK_HOST, the variable that defines whether the UI container should run in 'network host' mode or not, default value is "false"
Note that, for a functional UI, the following prerequisites are needed:
NAME=validation
TAG_PRE=mysql
TAG_VER=latest
-MYSQL_HOST_PORT=3307
while [ $# -gt 0 ]; do
if [[ $1 == *"--"* ]]; then
IMAGE="$REGISTRY"/"$NAME":"$TAG_PRE"-"$TAG_VER"
chmod 0444 "/$(pwd)/mysql.conf"
-docker run --detach --name $CONTAINER_NAME --publish $MYSQL_HOST_PORT:3306 -v $DOCKER_VOLUME_NAME:/var/lib/mysql -v "$(pwd)/mysql.conf:/etc/mysql/conf.d/my.cnf" -e MYSQL_ROOT_PASSWORD="$MYSQL_ROOT_PASSWORD" -e MYSQL_DATABASE="akraino_bluvalui" -e MYSQL_USER="$MYSQL_USER" -e MYSQL_PASSWORD="$MYSQL_PASSWORD" $IMAGE
+docker run --detach --name $CONTAINER_NAME -v $DOCKER_VOLUME_NAME:/var/lib/mysql -v "$(pwd)/mysql.conf:/etc/mysql/conf.d/my.cnf" -e MYSQL_ROOT_PASSWORD="$MYSQL_ROOT_PASSWORD" -e MYSQL_DATABASE="akraino_bluvalui" -e MYSQL_USER="$MYSQL_USER" -e MYSQL_PASSWORD="$MYSQL_PASSWORD" $IMAGE
sleep 10
NAME=validation
TAG_PRE=mysql
TAG_VER=latest
-MYSQL_HOST_PORT=3307
while [ $# -gt 0 ]; do
if [[ $1 == *"--"* ]]; then
done
IMAGE="$REGISTRY"/"$NAME":"$TAG_PRE"-"$TAG_VER"
-docker run --detach --name $CONTAINER_NAME --publish $MYSQL_HOST_PORT:3306 -v $DOCKER_VOLUME_NAME:/var/lib/mysql -v "$(pwd)/mysql.conf:/etc/mysql/conf.d/my.cnf" $IMAGE
+docker run --detach --name $CONTAINER_NAME -v $DOCKER_VOLUME_NAME:/var/lib/mysql -v "$(pwd)/mysql.conf:/etc/mysql/conf.d/my.cnf" $IMAGE
sleep 10
ENCRYPTION_KEY=""
UI_ADMIN_PASSWORD=""
TRUST_ALL="false"
+USE_NETWORK_HOST="false"
while [ $# -gt 0 ]; do
if [[ $1 == *"--"* ]]; then
echo "Note: If there is a password already stored in database, the supplied UI_ADMIN_PASSWORD will be ignored."
IMAGE="$REGISTRY"/"$NAME":"$TAG_PRE"-"$TAG_VER"
-docker run --detach --name $CONTAINER_NAME --network="host" -v "$(pwd)/server.xml:/usr/local/tomcat/conf/server.xml" -v "$CERTDIR/bluval.key:/usr/local/tomcat/bluval.key" -v "$CERTDIR/bluval.crt:/usr/local/tomcat/bluval.crt" -v "$(pwd)/root_index.jsp:/usr/local/tomcat/webapps/ROOT/index.jsp" -e DB_IP_PORT="$DB_IP_PORT" -e MYSQL_USER="$MYSQL_USER" -e MYSQL_PASSWORD="$MYSQL_PASSWORD" -e JENKINS_URL="$JENKINS_URL" -e JENKINS_USERNAME="$JENKINS_USERNAME" -e JENKINS_USER_PASSWORD="$JENKINS_USER_PASSWORD" -e JENKINS_JOB_NAME="$JENKINS_JOB_NAME" -e NEXUS_PROXY="$NEXUS_PROXY" -e JENKINS_PROXY="$JENKINS_PROXY" -e ENCRYPTION_KEY="$ENCRYPTION_KEY" -e UI_ADMIN_PASSWORD="$UI_ADMIN_PASSWORD" -e TRUST_ALL="$TRUST_ALL" $IMAGE
+if [[ $USE_NETWORK_HOST = "true" ]]
+ then
+ docker run --detach --name $CONTAINER_NAME --network="host" -v "$(pwd)/server.xml:/usr/local/tomcat/conf/server.xml" -v "$CERTDIR/bluval.key:/usr/local/tomcat/bluval.key" -v "$CERTDIR/bluval.crt:/usr/local/tomcat/bluval.crt" -v "$(pwd)/root_index.jsp:/usr/local/tomcat/webapps/ROOT/index.jsp" -e DB_IP_PORT="$DB_IP_PORT" -e MYSQL_USER="$MYSQL_USER" -e MYSQL_PASSWORD="$MYSQL_PASSWORD" -e JENKINS_URL="$JENKINS_URL" -e JENKINS_USERNAME="$JENKINS_USERNAME" -e JENKINS_USER_PASSWORD="$JENKINS_USER_PASSWORD" -e JENKINS_JOB_NAME="$JENKINS_JOB_NAME" -e NEXUS_PROXY="$NEXUS_PROXY" -e JENKINS_PROXY="$JENKINS_PROXY" -e ENCRYPTION_KEY="$ENCRYPTION_KEY" -e UI_ADMIN_PASSWORD="$UI_ADMIN_PASSWORD" -e TRUST_ALL="$TRUST_ALL" $IMAGE
+ else
+ docker run --detach --name $CONTAINER_NAME -v "$(pwd)/server.xml:/usr/local/tomcat/conf/server.xml" -v "$CERTDIR/bluval.key:/usr/local/tomcat/bluval.key" -v "$CERTDIR/bluval.crt:/usr/local/tomcat/bluval.crt" -v "$(pwd)/root_index.jsp:/usr/local/tomcat/webapps/ROOT/index.jsp" -e DB_IP_PORT="$DB_IP_PORT" -e MYSQL_USER="$MYSQL_USER" -e MYSQL_PASSWORD="$MYSQL_PASSWORD" -e JENKINS_URL="$JENKINS_URL" -e JENKINS_USERNAME="$JENKINS_USERNAME" -e JENKINS_USER_PASSWORD="$JENKINS_USER_PASSWORD" -e JENKINS_JOB_NAME="$JENKINS_JOB_NAME" -e NEXUS_PROXY="$NEXUS_PROXY" -e JENKINS_PROXY="$JENKINS_PROXY" -e ENCRYPTION_KEY="$ENCRYPTION_KEY" -e UI_ADMIN_PASSWORD="$UI_ADMIN_PASSWORD" -e TRUST_ALL="$TRUST_ALL" $IMAGE
+fi
sleep 10
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at : Java HTTP Connector: /docs/config/http.html
Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html
- Define a non-SSL/TLS HTTP/1.1 Connector on port 8080 -->
- <Connector port="8080" protocol="HTTP/1.1"
- connectionTimeout="20000" redirectPort="8443" />
+ Define an SSL/TLS Connector on port 8443 for backwards compatibility-->
+ <Connector
+ protocol="org.apache.coyote.http11.Http11NioProtocol"
+ port="8443" maxThreads="200"
+ scheme="https" secure="true" SSLEnabled="true"
+ SSLCertificateFile="/usr/local/tomcat/bluval.crt"
+ SSLCertificateKeyFile="/usr/local/tomcat/bluval.key"
+ SSLVerifyClient="none" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2" />
<!-- A "Connector" using the shared thread pool -->
<!-- <Connector executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1"
connectionTimeout="20000" redirectPort="8443" /> -->
clientAuth="false" sslProtocol="TLS" />-->
<Connector
protocol="org.apache.coyote.http11.Http11NioProtocol"
- port="8443" maxThreads="200"
+ port="443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="/usr/local/tomcat/bluval.crt"
SSLCertificateKeyFile="/usr/local/tomcat/bluval.key"
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3"
- redirectPort="8443" />
+ redirectPort="443" />
<!-- An Engine represents the entry point (within Catalina) that
NAME, name of the mysql image, default value is validation
TAG_PRE, first part of the image version, default value is mysql
TAG_VER, last part of the image version, default value is latest
-MYSQL_HOST_PORT, port on which mysql is exposed on host, default value is 3307
In order to build and deploy the image using only the required parameters, the below instructions should be followed:
-The mysql root password, mysql akraino user password (currently the UI connects to the database using the akraino user), the UI admin password and the UI akraino password should be configured using the appropriate variables and the following commands should be executed:
+The mysql root password and the mysql user password (currently the UI connects to the database using the akraino user) should be configured using the appropriate variables and the following commands should be executed (the user should override default variables based on requirements):
.. code-block:: console
NAME, the name of the mysql image, default value is validation
TAG_PRE, the first part of the image version, default value is mysql
TAG_VER, the last part of the image version, default value is latest
-MYSQL_HOST_PORT, the port on which mysql is exposed on host, default value is 3307
-In order to deploy the image using only the required parameters and the existing persistent storage, the below instructions should be followed:
-
-The mysql root user password should be configured using the appropriate variable and the following commands should be executed:
+In order to deploy the image using only the required parameters and the existing persistent storage, the below instructions should be followed (the user should override the default variables based on the requirements):
.. code-block:: console
Finally, if the database must be re-deployed (it is assumed that the corresponding mysql container has been stopped and deleted) and the old persistent storage must be deleted, the used docker volume should be first deleted (note that all database's data will be lost).
-To this end, after the image build process, the following commands should be executed:
+To this end, after the image build process, the following commands should be executed (the user should override the default variables based on the requirements):
.. code-block:: console
ENCRYPTION_KEY, the key that should be used by the AES algorithm for encrypting passwords stored in database, this variable is required
UI_ADMIN_PASSWORD, the desired Blueprint Validation UI password for the admin user, this variable is required
TRUST_ALL, the variable that defines whether the UI should trust all certificates or not, default value is false
+USE_NETWORK_HOST, the variable that defines whether the UI container should run in 'network host' mode or not, default value is "false"
So, for a functional UI, the following prerequisites are needed:
- A Jenkins instance capable of running the blueprint validation test (this is optional and is needed only for UI full control loop mode)
- A Nexus repo in which all the test results are stored.
-Then, the following commands can be executed in order to deploy the UI container:
+Then, the following commands can be executed in order to deploy the UI container (the user should override the default variables based on requirements):
.. code-block:: console
cd ../docker/ui
More users can be created using the 'Create User' tab of the UI. This tab is available only for the admin user.
-The UI should be available in the following url:
+If the content of the 'USE_NETWORK_HOST' is equal to true (in this case, the ports 8443 and 443 must be available on the host), the UI should be available in the following url:
+
+ https://<IP of the host>
- https://<IP of UI container>:8443/bluvalui/
+Else, the UI should be available in the following url:
-Note that the deployment uses the network host mode, so the ports 8080 and 8443 must be available on the host.
+ https://<IP of the UI container>
As far as the SSL certificates are concerned, self-signed built-in certificates exist in the 'validation/docker/ui' directory which are used by default. It should be noted that these
certificates should be used only for demo purposes. If a user wants to use different ones which are more appropriate for a production environment, the directory that contains these new