diff --git a/centos74-fludetector/playbook.yml b/centos74-fludetector/playbook.yml index d4ec63b..1f10fed 100644 --- a/centos74-fludetector/playbook.yml +++ b/centos74-fludetector/playbook.yml @@ -38,7 +38,7 @@ file: path=/opt/fludetector/logs state=directory - name: Deploy fludetector Flask app - unarchive: src=https://github.com/UCL/fludetector-flask/archive/v1.1.tar.gz dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" + unarchive: src=https://github.com/UCL/fludetector-flask/archive/v2.2.tar.gz dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" - name: Copy env file copy: src=conf/env dest=/opt/fludetector/.env diff --git a/centos74-fludetector3/Vagrantfile b/centos74-fludetector3/Vagrantfile new file mode 100644 index 0000000..8c733de --- /dev/null +++ b/centos74-fludetector3/Vagrantfile @@ -0,0 +1,17 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + + config.vm.box = "centos-7.4" + + config.vm.provision "ansible" do |ansible| + ansible.playbook = "playbook.yml" + ansible.compatibility_mode = "2.0" + end + + config.vm.network "forwarded_port", guest: 80, host: 10080 + + config.ssh.insert_key = false + +end diff --git a/centos74-fludetector3/conf/nginx.conf b/centos74-fludetector3/conf/nginx.conf new file mode 100644 index 0000000..64a4468 --- /dev/null +++ b/centos74-fludetector3/conf/nginx.conf @@ -0,0 +1,19 @@ +upstream gunicorn_server { + server unix:/var/run/gunicorn.sock fail_timeout=0; +} + +server { + + server_name localhost; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options nosniff; + + location / { + proxy_pass http://gunicorn_server; + proxy_set_header Host localhost; + proxy_set_header X-Forwarded-For $remote_addr; + } + +} \ No newline at end of file diff --git a/centos74-fludetector3/conf/supervisor.ini.j2 b/centos74-fludetector3/conf/supervisor.ini.j2 new file mode 100644 index 0000000..9f52897 --- /dev/null +++ b/centos74-fludetector3/conf/supervisor.ini.j2 @@ -0,0 +1,4 @@ +[program:fludetector] +command = /opt/fludetector/scripts/serve.sh +directory = /opt/fludetector +user = {{fludetector_user}} \ No newline at end of file diff --git a/centos74-fludetector3/playbook.yml b/centos74-fludetector3/playbook.yml new file mode 100644 index 0000000..80d7296 --- /dev/null +++ b/centos74-fludetector3/playbook.yml @@ -0,0 +1,196 @@ +--- +- hosts: localhost + user: vagrant + +- hosts: all + become: True + become_method: sudo + vars: + virtualenv_dir: /opt/fludetector/flask/venv + listen_as: http + fludetector_user: root + fludetector_model: FluDetectorModel-Google201807.tar.gz + fludetector_sql: model_data_google_2018_07.sql + matlab_localdir: /Volumes/cs-iso/Linux-Software/Matlab/ + installation_key_file: "{{lookup('file', 'installationKey.txt')}}" + license_file: license.txt + fludetector_version: v2.0 + model_id: 1 + tasks: + - name: Install EPEL repository + yum: + name: epel-release + state: present + + - name: Install Python 3.4 and Pip + yum: + name: "{{item}}" + state: present + with_items: + - python34 + - python34-pip + + - name: Install SQLite3 and lzop + yum: + name: "{{item}}" + state: latest + with_items: + - sqlite + - lzop + + - name: Setup a Python 3.4 environment + shell: pyvenv {{virtualenv_dir}} + + - name: Create fludetector log directory + file: + path: /opt/fludetector/flask/logs + state: directory + + - name: Deploy fludetector Flask app + unarchive: + src: https://github.com/UCL/fludetector-api-flask/archive/v1.0-cr1.tar.gz + dest: /opt/fludetector/flask/ + remote_src: yes + extra_opts: "--strip-components=1" + + - name: Install Supervisor + yum: + name: supervisor + state: present + + - name: Deploy Supervisor configuration for Flask-Gunicorn app + template: + src: conf/supervisor.ini.j2 + dest: /etc/supervisord.d/fludetector.ini + + - name: Install Nginx + yum: + name: nginx + state: present + + - name: Upload Nginx configuration for fludetector + copy: + src: conf/nginx.conf + dest: /etc/nginx/conf.d/fludetector.conf + + - name: Enable nginx port in firewall + command: firewall-cmd --zone=public --permanent --add-service={{listen_as}} + + - name: Enable nginx + systemd: + name: nginx + state: started + enabled: yes + + - name: Start supervisord + systemd: + name: supervisord + state: started + enabled: yes + + - name: Restart firewalld + systemd: + name: firewalld + state: restarted + + - name: Install requirements for Matlab + yum: + name: "{{item}}" + state: present + with_items: + - libX11 + - libXext + - libXt + + - name: Create Downloads directory if it doesn't exist + file: + path: /root/Downloads + state: directory + + - name: Copy Matlab DVDs + copy: + src: "{{matlab_localdir}}/{{item}}" + dest: /root/Downloads/ + with_items: + - R2017a_glnxa64_dvd1.iso + - R2017a_glnxa64_dvd2.iso + + - name: Mount Matlab DVD 1 + mount: + path: /mnt + src: /root/Downloads/R2017a_glnxa64_dvd1.iso + fstype: auto + opts: loop + state: mounted + + - name: Create directory for Matlab archives install + file: + path: /root/Downloads/MathWorks/R2017a + state: directory + + - name: Mount Matlab DVD 2 + mount: + path: /root/Downloads/MathWorks/R2017a + src: /root/Downloads/R2017a_glnxa64_dvd1.iso + fstype: auto + opts: loop + state: mounted + + - name: Copy license file + copy: + src: "{{license_file}}" + dest: /root/ + + - name: Install Matlab + command: /mnt/install -mode silent -agreeToLicense yes -destinationFolder /opt/MATLAB -fileInstallationKey {{installation_key_file}} -licensePath /root/{{license_file}} -product.MATLAB + + - name: Create symlink to Matlab executable + file: + path: /usr/local/bin/matlab + src: /opt/MATLAB/bin/matlab + state: link + + - name: Unmount DVDs and remove from fstab + mount: + path: "{{item}}" + state: absent + with_items: + - /root/Downloads/MathWorks/R2017a + - /mnt + + - name: Delete Matlab iso files + file: + path: "/root/Downloads/{{item}}" + state: absent + with_items: + - R2017a_glnxa64_dvd1.iso + - R2017a_glnxa64_dvd2.iso + + - name: Install Matlab engine for Python + command: python3 setup.py install --prefix {{virtualenv_dir}} + args: + chdir: /opt/MATLAB/extern/engines/python + + - name: Create directory for GPML package + file: + path: "/opt/fludetector/flask/matlab/gpml" + state: directory + + - name: Download GPML package + unarchive: + src: http://gaussianprocess.org/gpml/code/matlab/release/gpml-matlab-v4.2-2018-06-11.tar.gz + dest: "/opt/fludetector/flask/matlab/gpml" + remote_src: yes + extra_opts: "--strip-components=1" + + - name: Upload FluDetector artifacts + copy: + src: "{{fludetector_model}}" + dest: /tmp + + - name: Deploy Matlab artifacts + unarchive: + src: "/tmp/{{fludetector_model}}" + exclude: "{{fludetector_sql}}" + dest: /opt/fludetector/flask/matlab + remote_src: yes diff --git a/centos74-matlab-fludetector/README.adoc b/centos74-matlab-fludetector/README.adoc new file mode 100644 index 0000000..f3cb6f5 --- /dev/null +++ b/centos74-matlab-fludetector/README.adoc @@ -0,0 +1,76 @@ +ifdef::env-github[] +:tip-caption: :bulb: +:note-caption: :information_source: +:important-caption: :heavy_exclamation_mark: +:caution-caption: :fire: +:warning-caption: :warning: +endif::[] + += centos74-matlab-fludetector + +This Ansible playbook provisions a CentOS 7.4 machine with a single-node instance of the FluDetector app (https://github.com/UCL/fludetector-flask) + +== Requirements + +- Ansible (version 2.4.2) - https://www.ansible.com/ +- Matlab (version R2017a) - https://uk.mathworks.com/products/matlab.html +- FluDetector model artifacts (version 2018.04) - tarball archive available by request + +=== Matlab + +The playbook installs Matlab from the DVD iso files. Make sure the following files are present in the playbook directory: + +- `R2017a_glnxa64_dvd1.iso` +- `R2017a_glnxa64_dvd2.iso` +- `installationKey.txt` (https://uk.mathworks.com/help/install/ug/install-and-activate-without-an-internet-connection.html) +- `license.txt` (http://uk.mathworks.com/help/install/ug/install-license-manager-using-a-file-installation-key.html) + +[NOTE] +==== +The `license.txt` file is required for networked installations of Matlab. Edit the playbook if using a different installation method for Matlab. +==== + +== Installation + +Save the FluDetector model tarball archive in this directory, edit `hosts.ini` inventory file to set the hostname of the productive system +and execute the ansible playbook to install the FluDetector app. + +.... +ansible-playbook -i hosts.ini --limit 'productive' -u [remoteuser] -b -k -K playbook.yml +.... + +== Testing + +A Vagrant (https://www.vagrantup.com/) file is provided for local testing. It requires a CentOS 7.4 box installed with the name 'centos-7.4'. Fire up the vagrant up to test the installation: + +.... +vagrant up +.... + +The web interface is available on http://localhost:10080/ + +== Configuration of FluDetector model + +=== Install model data in SQLite instance + +An SQL script with all the parameters required to run the model is provided in the tarball archive. +.... +cd /opt/fludetector +tar xfO /tmp/FluDetectorModel-Google201804.tar.gz --wildcards '*.sql' | sudo sqlite3 data.db +.... + +=== Calculate model scores + +Install the Google API key in the `.env` file and run a model score calculation for dates in the past. +.... +cd /opt/fludetector +sudo sed -i 's/^\(GOOGLE_API_KEY=\).*/\1APIKEY/' .env +sudo ./scripts/run.sh runmodel 1 --start [yyyy-mm-dd] --end [yyyy-mm-dd] +.... + +=== Start scheduler for calculation of model scores + +Once the calculation of scores for past dates is completed, start the scheduler to run these calculations automatically on a daily basis. +.... +sudo supervisorctl restart fludetector fludetector-google +.... \ No newline at end of file diff --git a/centos74-matlab-fludetector/README.md b/centos74-matlab-fludetector/README.md deleted file mode 100644 index 582a7b5..0000000 --- a/centos74-matlab-fludetector/README.md +++ /dev/null @@ -1 +0,0 @@ -# centos74-matlab-fludetector diff --git a/centos74-matlab-fludetector/conf/supervisor.ini.j2 b/centos74-matlab-fludetector/conf/supervisor.ini.j2 index 9f52897..f0f64f9 100644 --- a/centos74-matlab-fludetector/conf/supervisor.ini.j2 +++ b/centos74-matlab-fludetector/conf/supervisor.ini.j2 @@ -1,4 +1,9 @@ [program:fludetector] command = /opt/fludetector/scripts/serve.sh directory = /opt/fludetector -user = {{fludetector_user}} \ No newline at end of file +user = {{fludetector_user}} + +[program:fludetector-google] +command = /opt/fludetector/scripts/run.sh runmodelscheduler {{model_id}} '30 14 * * *' +directory = /opt/fludetector +user = {{fludetector_user}} diff --git a/centos74-matlab-fludetector/hosts.ini b/centos74-matlab-fludetector/hosts.ini index 1f5f51a..78f4ece 100644 --- a/centos74-matlab-fludetector/hosts.ini +++ b/centos74-matlab-fludetector/hosts.ini @@ -1,6 +1,6 @@ [vagrant] -127.0.0.1 ansible_connection=local -localhost ansible_connection=local +127.0.0.1:2222 ansible_connection=local +localhost:2222 ansible_connection=local [production] fmdetect.cs.ucl.ac.uk diff --git a/centos74-matlab-fludetector/playbook.yml b/centos74-matlab-fludetector/playbook.yml index 211d20d..1e6748d 100644 --- a/centos74-matlab-fludetector/playbook.yml +++ b/centos74-matlab-fludetector/playbook.yml @@ -9,8 +9,12 @@ virtualenv_dir: /opt/fludetector/venv listen_as: http fludetector_user: root + fludetector_model: FluDetectorModel-Google201804.tar.gz + fludetector_sql: model_data_google_2018_04.sql installation_key_file: "{{lookup('file', 'installationKey.txt')}}" license_file: license.txt + fludetector_version: v2.2 + model_id: 1 tasks: - name: Install EPEL repository yum: name=epel-release state=present @@ -40,22 +44,11 @@ file: path=/opt/fludetector/logs state=directory - name: Deploy fludetector Flask app - unarchive: src=https://github.com/UCL/fludetector-flask/archive/v1.1.tar.gz dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" + unarchive: src="https://github.com/UCL/fludetector-flask/archive/{{fludetector_version}}.tar.gz" dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" - name: Copy env file copy: src=conf/env dest=/opt/fludetector/.env - - name: Configure fludetector Flask app - command: /opt/fludetector/scripts/init.sh chdir=/opt/fludetector - - - name: Upload seed data - copy: src=conf/seed.sql dest=/opt/fludetector/seed.sql - - - name: Import seed data - shell: sqlite3 data.db < seed.sql - args: - chdir: /opt/fludetector - - name: Install Supervisor yum: name=supervisor state=present @@ -71,12 +64,6 @@ - name: Enable nginx port in firewall command: firewall-cmd --zone=public --permanent --add-service={{listen_as}} - - name: Start nginx - systemd: name=nginx state=started enabled=yes - - - name: Start supervisord - systemd: name=supervisord state=started enabled=yes - - name: Restart firewalld systemd: name=firewalld state=restarted @@ -119,14 +106,19 @@ src: /opt/MATLAB/bin/matlab state: link - - name: Unmount DVDs + - name: Unmount DVDs and remove from fstab mount: path: "{{item}}" - state: unmounted + state: absent with_items: - /root/Downloads/MathWorks/R2017a - /mnt + - name: Install Matlab engine for Python + command: python setup.py install --prefix {{virtualenv_dir}} + args: + chdir: /opt/MATLAB/extern/engines/python + - name: Create directory for GPML package file: path: "/opt/fludetector/matlab/gpml" @@ -134,16 +126,41 @@ - name: Download GPML package unarchive: - src: http://gaussianprocess.org/gpml/code/matlab/release/gpml-matlab-v4.1-2017-10-19.tar.gz + src: http://gaussianprocess.org/gpml/code/matlab/release/gpml-matlab-v4.2-2018-06-11.tar.gz dest: "/opt/fludetector/matlab/gpml" remote_src: yes extra_opts: "--strip-components=1" - - name: Upload Matlab artifacts + - name: Upload FluDetector artifacts copy: - src: "{{item}}" - dest: "/opt/fludetector/matlab" - with_items: - - infer_ILI_rate_google_2018_04.m - - logit.m - - gp_model_all_data_logity1.mat + src: "{{fludetector_model}}" + dest: /tmp + + - name: Deploy Matlab artifacts + unarchive: + src: "/tmp/{{fludetector_model}}" + exclude: "{{fludetector_sql}}" + dest: /opt/fludetector/matlab + remote_src: yes + + - name: Configure fludetector Flask app + command: /opt/fludetector/scripts/init.sh + args: + chdir: /opt/fludetector + + - name: Upload seed data + copy: + src: conf/seed.sql + dest: /opt/fludetector/seed.sql + + - name: Import seed data + shell: sqlite3 data.db < seed.sql + args: + chdir: /opt/fludetector + + - name: Start nginx + systemd: name=nginx state=started enabled=yes + + - name: Start supervisord + systemd: name=supervisord state=started enabled=yes + diff --git a/centos74-octave-fludetector/.gitignore b/centos74-octave-fludetector/.gitignore new file mode 100644 index 0000000..7ec3e16 --- /dev/null +++ b/centos74-octave-fludetector/.gitignore @@ -0,0 +1,4 @@ +.DS_Store + +FluDetectorModel-Google201804.tar.gz +*.rpm diff --git a/centos74-octave-fludetector/README.adoc b/centos74-octave-fludetector/README.adoc new file mode 100644 index 0000000..573ef7a --- /dev/null +++ b/centos74-octave-fludetector/README.adoc @@ -0,0 +1,75 @@ +ifdef::env-github[] +:tip-caption: :bulb: +:note-caption: :information_source: +:important-caption: :heavy_exclamation_mark: +:caution-caption: :fire: +:warning-caption: :warning: +endif::[] + += centos74-octave-fludetector + +This Ansible playbook provisions a CentOS 7.4 machine with a single-node instance of the FluDetector app (https://github.com/UCL/fludetector-flask) + +== Requirements + +- Ansible (version 2.4.2) - https://www.ansible.com/ +- Octave 4.x for CentOS - rpm archives available +- FluDetector model artifacts (version 2018.04) - tarball archive available by request + +=== Octave + +The playbook installs Octave from the rpm file. Make sure the file `octave-4.2.2-6.el7.centos.1.x86_64.rpm` is present in the playbook directory: + +== Installation + +Save the FluDetector model tarball archive in this directory, edit `hosts.ini` inventory file to set the hostname of the productive system +and execute the ansible playbook to install the FluDetector app. + +.... +ansible-playbook -i hosts.ini --limit 'productive' -u [remoteuser] -b -k -K playbook.yml +.... + +== Testing + +A Vagrant (https://www.vagrantup.com/) file is provided for local testing. It requires a CentOS 7.4 box installed with the name 'centos-7.4'. Fire up the vagrant up to test the installation: + +.... +vagrant up +.... + +The web interface is available on http://localhost:10080/ + +== Configuration of FluDetector model + +=== Initial configuration + +A script is provided to configure the application + +.... +cd /opt/fludetector +./scripts/init.sh +.... + +=== Install model data in SQLite instance + +An SQL script with all the parameters required to run the model is provided in the tarball archive. +.... +cd /opt/fludetector +tar xfO /tmp/FluDetectorModel-Google201804.tar.gz --wildcards '*.sql' | sudo sqlite3 data.db +.... + +=== Calculate model scores + +Install the Google API key in the `.env` file and run a model score calculation for dates in the past. +.... +cd /opt/fludetector +sudo sed -i 's/^\(GOOGLE_API_KEY=\).*/\1APIKEY/' .env +sudo ./scripts/run.sh runmodel 1 --start [yyyy-mm-dd] --end [yyyy-mm-dd] +.... + +=== Start scheduler for calculation of model scores + +Once the calculation of scores for past dates is completed, start the scheduler to run these calculations automatically on a daily basis. +.... +sudo systemctl start supervisord +.... \ No newline at end of file diff --git a/centos74-octave-fludetector/Vagrantfile b/centos74-octave-fludetector/Vagrantfile new file mode 100644 index 0000000..1c01328 --- /dev/null +++ b/centos74-octave-fludetector/Vagrantfile @@ -0,0 +1,15 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + + config.vm.box = "centos-7.4" + + config.vm.provision "ansible" do |ansible| + ansible.playbook = "playbook.yml" + ansible.compatibility_mode = "2.0" + end + + config.vm.network "forwarded_port", guest: 80, host: 10080 + +end diff --git a/centos74-octave-fludetector/conf/env b/centos74-octave-fludetector/conf/env new file mode 100644 index 0000000..1ac8a83 --- /dev/null +++ b/centos74-octave-fludetector/conf/env @@ -0,0 +1,5 @@ +GOOGLE_API_KEY=invalidcredential +ADMIN_USERNAME=invalidcredential +ADMIN_PASSWORD=invalidcredential +SECRET_KEY=invalidcredential +MODEL_ENGINE=octave diff --git a/centos74-octave-fludetector/conf/nginx.conf b/centos74-octave-fludetector/conf/nginx.conf new file mode 100644 index 0000000..64a4468 --- /dev/null +++ b/centos74-octave-fludetector/conf/nginx.conf @@ -0,0 +1,19 @@ +upstream gunicorn_server { + server unix:/var/run/gunicorn.sock fail_timeout=0; +} + +server { + + server_name localhost; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options nosniff; + + location / { + proxy_pass http://gunicorn_server; + proxy_set_header Host localhost; + proxy_set_header X-Forwarded-For $remote_addr; + } + +} \ No newline at end of file diff --git a/centos74-octave-fludetector/conf/seed.sql b/centos74-octave-fludetector/conf/seed.sql new file mode 100644 index 0000000..8ef649b --- /dev/null +++ b/centos74-octave-fludetector/conf/seed.sql @@ -0,0 +1,13 @@ +BEGIN TRANSACTION; +INSERT INTO "model" VALUES(1,'Dummy Google Data','google',1,'nonexistent_function,1'); +INSERT INTO "model_score" VALUES('2018-01-01','e',0.0,1); +INSERT INTO "model_score" VALUES('2018-01-02','e',0.2,1); +INSERT INTO "model_score" VALUES('2018-01-03','e',0.4,1); +INSERT INTO "model_score" VALUES('2018-01-04','e',0.6,1); +INSERT INTO "model_score" VALUES('2018-01-05','e',0.8,1); +INSERT INTO "model_score" VALUES('2018-01-06','e',0.9,1); +INSERT INTO "model_score" VALUES('2018-01-07','e',0.7,1); +INSERT INTO "model_score" VALUES('2018-01-08','e',0.5,1); +INSERT INTO "model_score" VALUES('2018-01-09','e',0.3,1); +INSERT INTO "model_score" VALUES('2018-01-10','e',0.1,1); +COMMIT; diff --git a/centos74-octave-fludetector/conf/supervisor.ini.j2 b/centos74-octave-fludetector/conf/supervisor.ini.j2 new file mode 100644 index 0000000..f0f64f9 --- /dev/null +++ b/centos74-octave-fludetector/conf/supervisor.ini.j2 @@ -0,0 +1,9 @@ +[program:fludetector] +command = /opt/fludetector/scripts/serve.sh +directory = /opt/fludetector +user = {{fludetector_user}} + +[program:fludetector-google] +command = /opt/fludetector/scripts/run.sh runmodelscheduler {{model_id}} '30 14 * * *' +directory = /opt/fludetector +user = {{fludetector_user}} diff --git a/centos74-octave-fludetector/hosts.ini b/centos74-octave-fludetector/hosts.ini new file mode 100644 index 0000000..78f4ece --- /dev/null +++ b/centos74-octave-fludetector/hosts.ini @@ -0,0 +1,6 @@ +[vagrant] +127.0.0.1:2222 ansible_connection=local +localhost:2222 ansible_connection=local + +[production] +fmdetect.cs.ucl.ac.uk diff --git a/centos74-octave-fludetector/playbook.yml b/centos74-octave-fludetector/playbook.yml new file mode 100644 index 0000000..9ff930f --- /dev/null +++ b/centos74-octave-fludetector/playbook.yml @@ -0,0 +1,139 @@ +--- +- hosts: localhost + user: vagrant + +- hosts: all + become: True + become_method: sudo + vars: + virtualenv_dir: /opt/fludetector/venv + listen_as: http + fludetector_user: root + fludetector_model: FluDetectorModel-Google201804.tar.gz + fludetector_sql: model_data_google_2018_04.sql + fludetector_version: v2.2 + octave_version: 4.2.2-6.el7.centos.1 + model_id: 1 + tasks: + - name: Install EPEL repository + yum: + name: epel-release + state: present + + - name: Install Python 2.7 and Pip + yum: + name: "{{item}}" + state: present + with_items: + - python + - python-pip + + - name: Install SQLite3 and lzop + yum: + name: "{{item}}" + state: latest + with_items: + - sqlite + - lzop + + - name: Update pip and virtualenv + pip: + name: "{{item}}" + state: latest + with_items: + - pip + - virtualenv + + - name: Setup a Python 2.7 environment + shell: virtualenv -p /usr/bin/python2.7 {{virtualenv_dir}} + + - name: Create fludetector log directory + file: + path: /opt/fludetector/logs + state: directory + + - name: Deploy fludetector Flask app + unarchive: + src: "https://github.com/UCL/fludetector-flask/archive/{{fludetector_version}}.tar.gz" + dest: /opt/fludetector/ + remote_src: yes + extra_opts: "--strip-components=1" + + - name: Copy env file + copy: + src: conf/env + dest: /opt/fludetector/.env + + - name: Install Supervisor + yum: + name: supervisor + state: present + + - name: Deploy Supervisor configuration for Flask-Gunicorn app + template: + src: conf/supervisor.ini.j2 + dest: /etc/supervisord.d/fludetector.ini + + - name: Install Nginx + yum: + name: nginx + state: present + + - name: Upload Nginx configuration for fludetector + copy: + src: conf/nginx.conf + dest: /etc/nginx/conf.d/fludetector.conf + + - name: Enable nginx port in firewall + command: firewall-cmd --zone=public --permanent --add-service={{listen_as}} + + - name: Restart firewalld + systemd: + name: firewalld + state: restarted + + - name: Upload Octave rpm + copy: + src: "octave-{{octave_version}}.x86_64.rpm" + dest: /tmp/ + + - name: Install Octave + yum: + name: "/tmp/octave-{{octave_version}}.x86_64.rpm" + state: present + + - name: Create directory for GPML package + file: + path: "/opt/fludetector/octave/gpml" + state: directory + + - name: Download GPML package + unarchive: + src: http://gaussianprocess.org/gpml/code/matlab/release/gpml-matlab-v4.2-2018-06-11.tar.gz + dest: "/opt/fludetector/octave/gpml" + remote_src: yes + extra_opts: "--strip-components=1" + + - name: Upload FluDetector artifacts + copy: + src: "{{fludetector_model}}" + dest: /tmp + + - name: Deploy Matlab artifacts + unarchive: + src: "/tmp/{{fludetector_model}}" + exclude: "{{fludetector_sql}}" + dest: /opt/fludetector/octave + remote_src: yes + + - name: Start nginx + systemd: + name: nginx + state: started + enabled: yes + + - name: Start supervisord + systemd: + name: supervisord + state: started + enabled: yes diff --git a/centos74-openmq-glassfish/playbook.yml b/centos74-openmq-glassfish/playbook.yml index b763196..9ae7e2f 100644 --- a/centos74-openmq-glassfish/playbook.yml +++ b/centos74-openmq-glassfish/playbook.yml @@ -16,9 +16,9 @@ home: /opt/glassfish shell: /bin/nologin - - name: Install OpenJDK 8 + - name: Install OpenJDK 8 (versions after u151 cause problems in Grizzly/Glassfish 5 that affect Jersey OAuth1 client) yum: - name: 'java-1.8.0-openjdk' + name: 'java-1.8.0-openjdk-1.8.0.151-5.b12.el7_4.x86_64' state: present - name: Install unzip diff --git a/centos75-node-glassfish/README.md b/centos75-node-glassfish/README.md new file mode 100644 index 0000000..7b7b25e --- /dev/null +++ b/centos75-node-glassfish/README.md @@ -0,0 +1,25 @@ +# CentOS 7.5 with Node and Glassfish + +## Software versions: + +- Node 10 +- Glassfish 5 + +## Installation + +Define Ansible host for apiclient and run with `ansible-playbook` +``` +ansible-playbook -u dguzman -k -K playbook.yml --extra-vars "target=searchapp" +``` + +## Testing (connection to CS network required) + +For local testing, just start a VM using vagrant. + +``` +vagrant up --no-provision + +ansible-playbook --private-key=.vagrant/machines/default/virtualbox/private_key -u vagrant -i .vagrant/provisioners/ansible/inventory --extra-vars "target=all" --connection=ssh --ssh-extra-args="-o UserKnownHostsFile=/dev/null -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o Port=2222 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=vagrant -o ConnectTimeout=30" playbook.yml +``` + +Once the provisioning has completed, open http://localhost:10080 with a web browser \ No newline at end of file diff --git a/centos75-node-glassfish/Vagrantfile b/centos75-node-glassfish/Vagrantfile new file mode 100644 index 0000000..45b40dd --- /dev/null +++ b/centos75-node-glassfish/Vagrantfile @@ -0,0 +1,18 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + + config.vm.box = "centos-7.5" + + config.vm.provision "ansible" do |ansible| + ansible.playbook = "playbook.yml" + ansible.compatibility_mode = "2.0" + ansible.extra_vars = { + target: "all" + } + end + + config.vm.network "forwarded_port", guest: 80, host: 10080 + +end diff --git a/centos75-node-glassfish/conf/glassfish.service b/centos75-node-glassfish/conf/glassfish.service new file mode 100644 index 0000000..f370e3c --- /dev/null +++ b/centos75-node-glassfish/conf/glassfish.service @@ -0,0 +1,13 @@ +[Unit] +Description = GlassFish Server v5 +After = syslog.target network.target + +[Service] +User = glassfish +ExecStart = /usr/bin/java -jar /opt/glassfish/glassfish/lib/client/appserver-cli.jar start-domain +ExecStop = /usr/bin/java -jar /opt/glassfish/glassfish/lib/client/appserver-cli.jar stop-domain +ExecReload = /usr/bin/java -jar /opt/glassfish/glassfish/lib/client/appserver-cli.jar restart-domain +Type = forking + +[Install] +WantedBy = multi-user.target \ No newline at end of file diff --git a/centos75-node-glassfish/conf/nginx.conf b/centos75-node-glassfish/conf/nginx.conf new file mode 100644 index 0000000..df71a4c --- /dev/null +++ b/centos75-node-glassfish/conf/nginx.conf @@ -0,0 +1,41 @@ +server { + + server_name localhost; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options nosniff; + + location /api/ { + + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' '$http_referer'; + add_header 'Access-Control-Allow-Methods' 'OPTIONS,PUT'; + add_header 'Access-Control-Allow-Headers' 'Content-Type'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain; charset=utf-8'; + add_header 'Content-Length' 0; + return 204; + } + + if ($request_method = 'PUT') { + add_header 'Access-Control-Allow-Origin' '$http_referer'; + add_header 'Access-Control-Allow-Methods' 'PUT'; + add_header 'Access-Control-Allow-Headers' 'Content-Type'; + } + + proxy_pass http://localhost:8080/; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $remote_addr; + + } + + location / { + + proxy_pass http://localhost:5000/; + proxy_set_header Host localhost; + proxy_set_header X-Forwarded-For $remote_addr; + + } + +} diff --git a/centos75-node-glassfish/conf/takeout-react.service b/centos75-node-glassfish/conf/takeout-react.service new file mode 100644 index 0000000..2a3512b --- /dev/null +++ b/centos75-node-glassfish/conf/takeout-react.service @@ -0,0 +1,14 @@ +[Unit] +Description=Takeout React app - web interface +Documentation=https://www.github.com/UCL/takeout-app-react +After=network.target + +[Service] +Type=simple +User=root +WorkingDirectory=/opt/node/takeout-app-react +ExecStart=/usr/bin/serve -s build +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/centos75-node-glassfish/playbook.yml b/centos75-node-glassfish/playbook.yml new file mode 100644 index 0000000..587a31b --- /dev/null +++ b/centos75-node-glassfish/playbook.yml @@ -0,0 +1,185 @@ +--- +- hosts: '{{ target }}' + become: True + become_method: sudo + vars: + glassfish_version: '5.0' + nodeapp_version: '0.4' + javaeeapp_tag: '0.3' + javaeeapp_version: '1.0-SNAPSHOT' + pgjdbc_version: '42.2.5' + vars_prompt: + - name: pg_user + prompt: Enter the user for connecting to the database + private: no + - name: pg_pass + prompt: Enter the password for connecting to the database + private: yes + - name: pg_dbname + prompt: Enter the name of the database + private: no + - name: pg_host + prompt: Enter the hostname for the database + private: no + tasks: + - name: Install NodeSource yum repository + shell: curl -sL https://rpm.nodesource.com/setup_10.x | sudo bash - + args: + warn: false + + - name: Install EPEL repository + yum: + name: epel-release + state: present + + - name: Install Node.js and npm + yum: + name: nodejs + state: present + + - name: Create system user for Node + user: + name: node + system: yes + local: yes + createhome: yes + home: /opt/node + shell: /sbin/nologin + + - name: Install serve package + npm: + name: serve + global: yes + + - name: Download and unpack Node app + unarchive: + src: "https://github.com/UCL/takeout-app-react/archive/{{nodeapp_version}}.tar.gz" + dest: /opt/node + remote_src: yes + become_user: node + + - name: Rename Node app directory + command: "mv /opt/node/takeout-app-react-{{nodeapp_version}} /opt/node/takeout-app-react" + become_user: node + + - name: Install packages from package.json + npm: + path: /opt/node/takeout-app-react + state: present + production: yes + become_user: node + + - name: Build Node app + command: "npm run build" + args: + chdir: /opt/node/takeout-app-react + become_user: node + environment: + REACT_APP_API_HOST: '/api/takeout-api-javaee' + + - name: Upload systemd configuration file for the Takeout app + copy: + src: conf/takeout-react.service + dest: /etc/systemd/system/takeout-react.service + + - name: Start Node app + service: + name: takeout-react + state: started + enabled: yes + + - name: Create system user for Glassfish + user: + name: glassfish + system: yes + local: yes + createhome: yes + home: /opt/glassfish + shell: /sbin/nologin + + - name: Install OpenJDK 8 + yum: + name: java-1.8.0-openjdk-devel + state: present + + - name: Install unzip + yum: + name: unzip + state: present + + - name: Download and unpack Glassfish + unarchive: + src: 'http://download.oracle.com/glassfish/{{glassfish_version}}/release/glassfish-{{glassfish_version}}.zip' + dest: /opt + creates: /opt/glassfish5 + remote_src: yes + owner: glassfish + group: glassfish + + - name: Move Glassfish files to HOME + shell: mv /opt/glassfish5/* /opt/glassfish + become_user: glassfish + + - name: Remove glassfish5 directory + file: + path: /opt/glassfish5 + state: absent + + - name: Upload Systemd unit file for Glassfish + copy: + src: conf/glassfish.service + dest: /usr/lib/systemd/system/glassfish.service + + - name: Download PostgreSQL JDBC driver + get_url: + url: 'https://jdbc.postgresql.org/download/postgresql-{{pgjdbc_version}}.jar' + dest: /opt/glassfish/glassfish/lib + owner: glassfish + group: glassfish + + - name: Start Glassfish + service: + name: glassfish + state: started + enabled: yes + + - name: Configure JDBC connection pool + command: '/opt/glassfish/bin/asadmin create-jdbc-connection-pool --restype javax.sql.ConnectionPoolDataSource --datasourceclassname org.postgresql.ds.PGConnectionPoolDataSource --property portNumber=5432:user={{pg_user}}:password={{pg_pass}}:databaseName={{pg_dbname}}:serverName={{pg_host}} dataPool' + become_user: glassfish + + - name: Configure JDBC resource + command: '/opt/glassfish/bin/asadmin create-jdbc-resource --connectionpoolid dataPool jdbc/takeout' + become_user: glassfish + + - name: Download Takeout API + get_url: + url: 'https://github.com/UCL/takeout-api-javaee/releases/download/v{{javaeeapp_tag}}/takeout-api-javaee-{{javaeeapp_version}}.war' + dest: /tmp + owner: glassfish + group: glassfish + + - name: Deploy Takeout API + command: '/opt/glassfish/bin/asadmin deploy --name takeout-api-javaee --contextroot takeout-api-javaee /tmp/takeout-api-javaee-{{javaeeapp_version}}.war' + become_user: glassfish + + - name: Install NGINX + yum: + name: nginx + state: present + + - name: Upload NGINX configuration file + copy: + src: conf/nginx.conf + dest: /etc/nginx/conf.d/takeout.conf + + - name: Start NGINX + service: + name: nginx + state: started + enabled: yes + + - name: Configure firewall + command: 'firewall-cmd --zone=public --permanent --add-service=http' + + - name: Reload firewall rules + command: firewall-cmd --reload diff --git a/scientificlinux69-matlab-flask/.gitignore b/scientificlinux69-matlab-flask/.gitignore deleted file mode 100644 index 713be26..0000000 --- a/scientificlinux69-matlab-flask/.gitignore +++ /dev/null @@ -1,6 +0,0 @@ -installationKey.txt -license.txt -*.iso -*.m -*.mat - diff --git a/scientificlinux69-matlab-flask/README.md b/scientificlinux69-matlab-flask/README.md deleted file mode 100644 index 5073dee..0000000 --- a/scientificlinux69-matlab-flask/README.md +++ /dev/null @@ -1 +0,0 @@ -# scientificlinux69-matlab-flask diff --git a/scientificlinux69-matlab-flask/Vagrantfile b/scientificlinux69-matlab-flask/Vagrantfile deleted file mode 100644 index beaf13f..0000000 --- a/scientificlinux69-matlab-flask/Vagrantfile +++ /dev/null @@ -1,24 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -Vagrant.configure("2") do |config| - - config.vm.box = "scientificlinux-6.9" - - config.vm.provision "ansible" do |ansible| - ansible.playbook = "playbook.yml" - ansible.compatibility_mode = "2.0" - end - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine. In the example below, - # accessing "localhost:8080" will access port 80 on the guest machine. - # NOTE: This will enable public access to the opened port - # config.vm.network "forwarded_port", guest: 80, host: 8080 - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine and only allow access - # via 127.0.0.1 to disable public access - # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1" - -end diff --git a/scientificlinux69-matlab-flask/playbook.yml b/scientificlinux69-matlab-flask/playbook.yml deleted file mode 100644 index 9d39b15..0000000 --- a/scientificlinux69-matlab-flask/playbook.yml +++ /dev/null @@ -1,113 +0,0 @@ ---- -- hosts: localhost - user: vagrant - -- hosts: all - become: True - become_method: sudo - vars: - flask_dir: /opt/matlab-flask - virtualenv_dir: /opt/matlab-flask/venv - installation_key_file: "{{lookup('file', 'installationKey.txt')}}" - license_file: license.txt - tasks: - - name: Install requirements - yum: - name: "{{item}}" - state: present - with_items: - - gcc - - openssl-devel - - readline-devel - - sqlite-devel - - libX11 - - libXext - - libXt - - - name: Download Python 2.7 - unarchive: - src: https://www.python.org/ftp/python/2.7.15/Python-2.7.15.tgz - dest: /usr/src - remote_src: yes - - - name: Configure Python - command: ./configure --with-ensurepip=install - args: - chdir: /usr/src/Python-2.7.15 - - - name: Build Python - make: - chdir: /usr/src/Python-2.7.15 - target: altinstall - - - name: Update pip and virtualenv - pip: - name: "{{item}}" - state: latest - executable: /usr/local/bin/pip2.7 - with_items: - - pip - - virtualenv - - - name: Setup a Python 2.7 environment - command: /usr/local/bin/virtualenv -p /usr/local/bin/python2.7 {{virtualenv_dir}} - - - name: Mount Matlab DVD 1 - mount: - path: /mnt - src: /vagrant/R2017a_glnxa64_dvd1.iso - fstype: auto - opts: loop - state: mounted - - - name: Create directory for Matlab archives install - file: - path: /root/Downloads/MathWorks/R2017a - state: directory - - - name: Mount Matlab DVD 2 - mount: - path: /root/Downloads/MathWorks/R2017a - src: /vagrant/R2017a_glnxa64_dvd2.iso - fstype: auto - opts: loop - state: mounted - - - name: Install Matlab - command: /mnt/install -mode silent -agreeToLicense yes -destinationFolder /opt/MATLAB -fileInstallationKey {{installation_key_file}} -licensePath /vagrant/{{license_file}} -product.MATLAB - - - name: Create symlink to Matlab executable - file: - path: /usr/local/bin/matlab - src: /opt/MATLAB/bin/matlab - state: link - - - name: Unmount DVDs - mount: - path: "{{item}}" - state: unmounted - with_items: - - /root/Downloads/MathWorks/R2017a - - /mnt - - - name: Create directory for GPML package - file: - path: "{{flask_dir}}/gpml" - state: directory - - - name: Download GPML package - unarchive: - src: http://gaussianprocess.org/gpml/code/matlab/release/gpml-matlab-v4.1-2017-10-19.tar.gz - dest: "{{flask_dir}}/gpml" - remote_src: yes - extra_opts: "--strip-components=1" - - - name: Upload Matlab artifacts - copy: - src: "{{item}}" - dest: "{{flask_dir}}" - with_items: - - infer_ILI_rate_google_2018_04.m - - logit.m - - gp_model_all_data_logity1.mat -