From 9592c22577194ac173e13487b9c802decd91a4f9 Mon Sep 17 00:00:00 2001 From: David Guzman Date: Sun, 20 May 2018 00:46:39 +0100 Subject: [PATCH 01/16] Change version of Java as versions after JDK8 u151 cause problems in Grizzly/Glassfish 5 --- centos74-openmq-glassfish/playbook.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/centos74-openmq-glassfish/playbook.yml b/centos74-openmq-glassfish/playbook.yml index b763196..9ae7e2f 100644 --- a/centos74-openmq-glassfish/playbook.yml +++ b/centos74-openmq-glassfish/playbook.yml @@ -16,9 +16,9 @@ home: /opt/glassfish shell: /bin/nologin - - name: Install OpenJDK 8 + - name: Install OpenJDK 8 (versions after u151 cause problems in Grizzly/Glassfish 5 that affect Jersey OAuth1 client) yum: - name: 'java-1.8.0-openjdk' + name: 'java-1.8.0-openjdk-1.8.0.151-5.b12.el7_4.x86_64' state: present - name: Install unzip From 8362e04a93a29ee52e1bc10c6a606d8cfcc0a9ed Mon Sep 17 00:00:00 2001 From: David Guzman Date: Mon, 16 Jul 2018 16:44:55 +0100 Subject: [PATCH 02/16] Update to Flu Detector 2.0 --- .../conf/supervisor.ini.j2 | 7 ++- centos74-matlab-fludetector/playbook.yml | 44 +++++++++++-------- 2 files changed, 32 insertions(+), 19 deletions(-) diff --git a/centos74-matlab-fludetector/conf/supervisor.ini.j2 b/centos74-matlab-fludetector/conf/supervisor.ini.j2 index 9f52897..f0f64f9 100644 --- a/centos74-matlab-fludetector/conf/supervisor.ini.j2 +++ b/centos74-matlab-fludetector/conf/supervisor.ini.j2 @@ -1,4 +1,9 @@ [program:fludetector] command = /opt/fludetector/scripts/serve.sh directory = /opt/fludetector -user = {{fludetector_user}} \ No newline at end of file +user = {{fludetector_user}} + +[program:fludetector-google] +command = /opt/fludetector/scripts/run.sh runmodelscheduler {{model_id}} '30 14 * * *' +directory = /opt/fludetector +user = {{fludetector_user}} diff --git a/centos74-matlab-fludetector/playbook.yml b/centos74-matlab-fludetector/playbook.yml index 211d20d..097e9bb 100644 --- a/centos74-matlab-fludetector/playbook.yml +++ b/centos74-matlab-fludetector/playbook.yml @@ -11,6 +11,8 @@ fludetector_user: root installation_key_file: "{{lookup('file', 'installationKey.txt')}}" license_file: license.txt + fludetector_version: v2.0 + model_id: 1 tasks: - name: Install EPEL repository yum: name=epel-release state=present @@ -40,22 +42,11 @@ file: path=/opt/fludetector/logs state=directory - name: Deploy fludetector Flask app - unarchive: src=https://github.com/UCL/fludetector-flask/archive/v1.1.tar.gz dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" + unarchive: src="https://github.com/UCL/fludetector-flask/archive/{{fludetector_version}}.tar.gz" dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" - name: Copy env file copy: src=conf/env dest=/opt/fludetector/.env - - name: Configure fludetector Flask app - command: /opt/fludetector/scripts/init.sh chdir=/opt/fludetector - - - name: Upload seed data - copy: src=conf/seed.sql dest=/opt/fludetector/seed.sql - - - name: Import seed data - shell: sqlite3 data.db < seed.sql - args: - chdir: /opt/fludetector - - name: Install Supervisor yum: name=supervisor state=present @@ -71,12 +62,6 @@ - name: Enable nginx port in firewall command: firewall-cmd --zone=public --permanent --add-service={{listen_as}} - - name: Start nginx - systemd: name=nginx state=started enabled=yes - - - name: Start supervisord - systemd: name=supervisord state=started enabled=yes - - name: Restart firewalld systemd: name=firewalld state=restarted @@ -127,6 +112,11 @@ - /root/Downloads/MathWorks/R2017a - /mnt + - name: Install Matlab engine for Python + command: python setup.py install --prefix {{virtualenv_dir}} + args: + chdir: /opt/MATLAB/extern/engines/python + - name: Create directory for GPML package file: path: "/opt/fludetector/matlab/gpml" @@ -147,3 +137,21 @@ - infer_ILI_rate_google_2018_04.m - logit.m - gp_model_all_data_logity1.mat + + - name: Configure fludetector Flask app + command: /opt/fludetector/scripts/init.sh chdir=/opt/fludetector + + - name: Upload seed data + copy: src=conf/seed.sql dest=/opt/fludetector/seed.sql + + - name: Import seed data + shell: sqlite3 data.db < seed.sql + args: + chdir: /opt/fludetector + + - name: Start nginx + systemd: name=nginx state=started enabled=yes + + - name: Start supervisord + systemd: name=supervisord state=started enabled=yes + From 6abf9d07fc20b361c42ff84f791b8c58377e63a2 Mon Sep 17 00:00:00 2001 From: David Guzman Date: Mon, 16 Jul 2018 16:50:37 +0100 Subject: [PATCH 03/16] Delete scientificlinux69-matlab-flask --- scientificlinux69-matlab-flask/.gitignore | 6 -- scientificlinux69-matlab-flask/README.md | 1 - scientificlinux69-matlab-flask/Vagrantfile | 24 ----- scientificlinux69-matlab-flask/playbook.yml | 113 -------------------- 4 files changed, 144 deletions(-) delete mode 100644 scientificlinux69-matlab-flask/.gitignore delete mode 100644 scientificlinux69-matlab-flask/README.md delete mode 100644 scientificlinux69-matlab-flask/Vagrantfile delete mode 100644 scientificlinux69-matlab-flask/playbook.yml diff --git a/scientificlinux69-matlab-flask/.gitignore b/scientificlinux69-matlab-flask/.gitignore deleted file mode 100644 index 713be26..0000000 --- a/scientificlinux69-matlab-flask/.gitignore +++ /dev/null @@ -1,6 +0,0 @@ -installationKey.txt -license.txt -*.iso -*.m -*.mat - diff --git a/scientificlinux69-matlab-flask/README.md b/scientificlinux69-matlab-flask/README.md deleted file mode 100644 index 5073dee..0000000 --- a/scientificlinux69-matlab-flask/README.md +++ /dev/null @@ -1 +0,0 @@ -# scientificlinux69-matlab-flask diff --git a/scientificlinux69-matlab-flask/Vagrantfile b/scientificlinux69-matlab-flask/Vagrantfile deleted file mode 100644 index beaf13f..0000000 --- a/scientificlinux69-matlab-flask/Vagrantfile +++ /dev/null @@ -1,24 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -Vagrant.configure("2") do |config| - - config.vm.box = "scientificlinux-6.9" - - config.vm.provision "ansible" do |ansible| - ansible.playbook = "playbook.yml" - ansible.compatibility_mode = "2.0" - end - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine. In the example below, - # accessing "localhost:8080" will access port 80 on the guest machine. - # NOTE: This will enable public access to the opened port - # config.vm.network "forwarded_port", guest: 80, host: 8080 - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine and only allow access - # via 127.0.0.1 to disable public access - # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1" - -end diff --git a/scientificlinux69-matlab-flask/playbook.yml b/scientificlinux69-matlab-flask/playbook.yml deleted file mode 100644 index 9d39b15..0000000 --- a/scientificlinux69-matlab-flask/playbook.yml +++ /dev/null @@ -1,113 +0,0 @@ ---- -- hosts: localhost - user: vagrant - -- hosts: all - become: True - become_method: sudo - vars: - flask_dir: /opt/matlab-flask - virtualenv_dir: /opt/matlab-flask/venv - installation_key_file: "{{lookup('file', 'installationKey.txt')}}" - license_file: license.txt - tasks: - - name: Install requirements - yum: - name: "{{item}}" - state: present - with_items: - - gcc - - openssl-devel - - readline-devel - - sqlite-devel - - libX11 - - libXext - - libXt - - - name: Download Python 2.7 - unarchive: - src: https://www.python.org/ftp/python/2.7.15/Python-2.7.15.tgz - dest: /usr/src - remote_src: yes - - - name: Configure Python - command: ./configure --with-ensurepip=install - args: - chdir: /usr/src/Python-2.7.15 - - - name: Build Python - make: - chdir: /usr/src/Python-2.7.15 - target: altinstall - - - name: Update pip and virtualenv - pip: - name: "{{item}}" - state: latest - executable: /usr/local/bin/pip2.7 - with_items: - - pip - - virtualenv - - - name: Setup a Python 2.7 environment - command: /usr/local/bin/virtualenv -p /usr/local/bin/python2.7 {{virtualenv_dir}} - - - name: Mount Matlab DVD 1 - mount: - path: /mnt - src: /vagrant/R2017a_glnxa64_dvd1.iso - fstype: auto - opts: loop - state: mounted - - - name: Create directory for Matlab archives install - file: - path: /root/Downloads/MathWorks/R2017a - state: directory - - - name: Mount Matlab DVD 2 - mount: - path: /root/Downloads/MathWorks/R2017a - src: /vagrant/R2017a_glnxa64_dvd2.iso - fstype: auto - opts: loop - state: mounted - - - name: Install Matlab - command: /mnt/install -mode silent -agreeToLicense yes -destinationFolder /opt/MATLAB -fileInstallationKey {{installation_key_file}} -licensePath /vagrant/{{license_file}} -product.MATLAB - - - name: Create symlink to Matlab executable - file: - path: /usr/local/bin/matlab - src: /opt/MATLAB/bin/matlab - state: link - - - name: Unmount DVDs - mount: - path: "{{item}}" - state: unmounted - with_items: - - /root/Downloads/MathWorks/R2017a - - /mnt - - - name: Create directory for GPML package - file: - path: "{{flask_dir}}/gpml" - state: directory - - - name: Download GPML package - unarchive: - src: http://gaussianprocess.org/gpml/code/matlab/release/gpml-matlab-v4.1-2017-10-19.tar.gz - dest: "{{flask_dir}}/gpml" - remote_src: yes - extra_opts: "--strip-components=1" - - - name: Upload Matlab artifacts - copy: - src: "{{item}}" - dest: "{{flask_dir}}" - with_items: - - infer_ILI_rate_google_2018_04.m - - logit.m - - gp_model_all_data_logity1.mat - From 1f2d2e1260caa28e985c394d8eeab8ef42ba07c0 Mon Sep 17 00:00:00 2001 From: David Guzman Date: Wed, 18 Jul 2018 13:13:02 +0100 Subject: [PATCH 04/16] Package model artifacts in a tar.gz archive --- centos74-matlab-fludetector/README.adoc | 7 +++++ centos74-matlab-fludetector/README.md | 1 - centos74-matlab-fludetector/playbook.yml | 33 +++++++++++++++--------- 3 files changed, 28 insertions(+), 13 deletions(-) create mode 100644 centos74-matlab-fludetector/README.adoc delete mode 100644 centos74-matlab-fludetector/README.md diff --git a/centos74-matlab-fludetector/README.adoc b/centos74-matlab-fludetector/README.adoc new file mode 100644 index 0000000..d8f5b02 --- /dev/null +++ b/centos74-matlab-fludetector/README.adoc @@ -0,0 +1,7 @@ += centos74-matlab-fludetector + +== Requirements + +- Vagrant +- Ansible +- Matlab \ No newline at end of file diff --git a/centos74-matlab-fludetector/README.md b/centos74-matlab-fludetector/README.md deleted file mode 100644 index 582a7b5..0000000 --- a/centos74-matlab-fludetector/README.md +++ /dev/null @@ -1 +0,0 @@ -# centos74-matlab-fludetector diff --git a/centos74-matlab-fludetector/playbook.yml b/centos74-matlab-fludetector/playbook.yml index 097e9bb..164b5a1 100644 --- a/centos74-matlab-fludetector/playbook.yml +++ b/centos74-matlab-fludetector/playbook.yml @@ -9,6 +9,8 @@ virtualenv_dir: /opt/fludetector/venv listen_as: http fludetector_user: root + fludetector_model: FluDetectorModel-Google201804.tar.gz + fludetector_sql: model_data_google_2018_04.sql installation_key_file: "{{lookup('file', 'installationKey.txt')}}" license_file: license.txt fludetector_version: v2.0 @@ -104,10 +106,10 @@ src: /opt/MATLAB/bin/matlab state: link - - name: Unmount DVDs + - name: Unmount DVDs and remove from fstab mount: path: "{{item}}" - state: unmounted + state: absent with_items: - /root/Downloads/MathWorks/R2017a - /mnt @@ -124,25 +126,32 @@ - name: Download GPML package unarchive: - src: http://gaussianprocess.org/gpml/code/matlab/release/gpml-matlab-v4.1-2017-10-19.tar.gz + src: http://gaussianprocess.org/gpml/code/matlab/release/gpml-matlab-v4.2-2018-06-11.tar.gz dest: "/opt/fludetector/matlab/gpml" remote_src: yes extra_opts: "--strip-components=1" - - name: Upload Matlab artifacts + - name: Upload FluDetector artifacts copy: - src: "{{item}}" - dest: "/opt/fludetector/matlab" - with_items: - - infer_ILI_rate_google_2018_04.m - - logit.m - - gp_model_all_data_logity1.mat + src: "{{fludetector_model}}" + dest: /tmp + + - name: Deploy Matlab artifacts + unarchive: + src: "/tmp/{{fludetector_model}}" + exclude: "{{fludetector_sql}}" + dest: /opt/fludetector/matlab + remote_src: yes - name: Configure fludetector Flask app - command: /opt/fludetector/scripts/init.sh chdir=/opt/fludetector + command: /opt/fludetector/scripts/init.sh + args: + chdir: /opt/fludetector - name: Upload seed data - copy: src=conf/seed.sql dest=/opt/fludetector/seed.sql + copy: + src: conf/seed.sql + dest: /opt/fludetector/seed.sql - name: Import seed data shell: sqlite3 data.db < seed.sql From d88d4ee6391c6f6f9fdd8e4419ed8c32adc50be5 Mon Sep 17 00:00:00 2001 From: David Guzman Date: Wed, 18 Jul 2018 16:08:05 +0100 Subject: [PATCH 05/16] Update README --- centos74-matlab-fludetector/README.adoc | 44 +++++++++++++++++++++++-- centos74-matlab-fludetector/hosts.ini | 4 +-- 2 files changed, 43 insertions(+), 5 deletions(-) diff --git a/centos74-matlab-fludetector/README.adoc b/centos74-matlab-fludetector/README.adoc index d8f5b02..16ced9f 100644 --- a/centos74-matlab-fludetector/README.adoc +++ b/centos74-matlab-fludetector/README.adoc @@ -2,6 +2,44 @@ == Requirements -- Vagrant -- Ansible -- Matlab \ No newline at end of file +- Ansible (version 2.4.2) - https://www.ansible.com/ +- Matlab (version R2017a) - https://uk.mathworks.com/products/matlab.html +- FluDetector model artifacts (version 2018.04) - tarball archive available by request + +== Installation + +Save the FluDetector model tarball archive in this directory + +== Testing + +A Vagrant (https://www.vagrantup.com/) file is provided for local testing + +.... +vagrant up +.... + +The web interface is available on http://localhost:10080/ + +== Configuration of FluDetector model + +=== Install model data in SQLite instance + +An SQL script with all the parameters required to run the model is provided in the tarball archive. +.... +cd /opt/fludetector +tar xfO /tmp/FluDetectorModel-Google201804.tar.gz --wildcards '*.sql' | sudo sqlite3 data.db +.... + +=== Calculate model scores + +.... +cd /opt/fludetector +sudo sed -i 's/^\(GOOGLE_API_KEY=\).*/\1APIKEY/' .env +sudo ./scripts/run.sh runmodel 1 --start [yyyy-mm-dd] --end [yyyy-mm-dd] +.... + +=== Start scheduler for calculation of model scores + +.... +sudo supervisorctl restart fludetector fludetector-google +.... \ No newline at end of file diff --git a/centos74-matlab-fludetector/hosts.ini b/centos74-matlab-fludetector/hosts.ini index 1f5f51a..78f4ece 100644 --- a/centos74-matlab-fludetector/hosts.ini +++ b/centos74-matlab-fludetector/hosts.ini @@ -1,6 +1,6 @@ [vagrant] -127.0.0.1 ansible_connection=local -localhost ansible_connection=local +127.0.0.1:2222 ansible_connection=local +localhost:2222 ansible_connection=local [production] fmdetect.cs.ucl.ac.uk From 3acf7dd7fafb4b8a3d2eb47b2e4de4733db5755d Mon Sep 17 00:00:00 2001 From: David Guzman Date: Wed, 18 Jul 2018 16:22:50 +0100 Subject: [PATCH 06/16] Update README --- centos74-matlab-fludetector/README.adoc | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/centos74-matlab-fludetector/README.adoc b/centos74-matlab-fludetector/README.adoc index 16ced9f..942ec49 100644 --- a/centos74-matlab-fludetector/README.adoc +++ b/centos74-matlab-fludetector/README.adoc @@ -1,5 +1,7 @@ = centos74-matlab-fludetector +This Ansible playbook provisions a CentOS 7.4 machine with a single-node instance of the FluDetector app (https://github.com/UCL/fludetector-flask) + == Requirements - Ansible (version 2.4.2) - https://www.ansible.com/ @@ -8,11 +10,16 @@ == Installation -Save the FluDetector model tarball archive in this directory +Save the FluDetector model tarball archive in this directory, edit `hosts.ini` inventory file to set the hostname of the productive system +and execute the ansible playbook to install the FluDetector app. + +.... +ansible-playbook -i hosts.ini --limit 'productive' -u [remoteuser] -b -k -K playbook.yml +.... == Testing -A Vagrant (https://www.vagrantup.com/) file is provided for local testing +A Vagrant (https://www.vagrantup.com/) file is provided for local testing. It requires a CentOS 7.4 box installed with the name 'centos-7.4'. Fire up the vagrant up to test the installation: .... vagrant up @@ -32,6 +39,7 @@ tar xfO /tmp/FluDetectorModel-Google201804.tar.gz --wildcards '*.sql' | sudo sql === Calculate model scores +Install the Google API key in the `.env` file and run a model score calculation for dates in the past. .... cd /opt/fludetector sudo sed -i 's/^\(GOOGLE_API_KEY=\).*/\1APIKEY/' .env @@ -40,6 +48,7 @@ sudo ./scripts/run.sh runmodel 1 --start [yyyy-mm-dd] --end [yyyy-mm-dd] === Start scheduler for calculation of model scores +Once the calculation of scores for past dates is completed, start the scheduler to run these calculations automatically on a daily basis. .... sudo supervisorctl restart fludetector fludetector-google .... \ No newline at end of file From 9aece19570c17d2a5afdb54379da33e4232bd911 Mon Sep 17 00:00:00 2001 From: David Guzman Date: Wed, 18 Jul 2018 16:50:29 +0100 Subject: [PATCH 07/16] Update README with information about installation of Matlab --- centos74-matlab-fludetector/README.adoc | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/centos74-matlab-fludetector/README.adoc b/centos74-matlab-fludetector/README.adoc index 942ec49..38bc4de 100644 --- a/centos74-matlab-fludetector/README.adoc +++ b/centos74-matlab-fludetector/README.adoc @@ -8,6 +8,20 @@ This Ansible playbook provisions a CentOS 7.4 machine with a single-node instanc - Matlab (version R2017a) - https://uk.mathworks.com/products/matlab.html - FluDetector model artifacts (version 2018.04) - tarball archive available by request +=== Matlab + +The playbook installs Matlab from the DVD iso files. Make sure the following files are present in the playbook directory: + +- `R2017a_glnxa64_dvd1.iso` +- `R2017a_glnxa64_dvd2.iso` +- `installationKey.txt` (https://uk.mathworks.com/help/install/ug/install-and-activate-without-an-internet-connection.html) +- `license.txt` (http://uk.mathworks.com/help/install/ug/install-license-manager-using-a-file-installation-key.html) + +[NOTE] +==== +The `license.txt` file is required for networked installations of Matlab. Edit the playbook if using a different installation method for Matlab. +==== + == Installation Save the FluDetector model tarball archive in this directory, edit `hosts.ini` inventory file to set the hostname of the productive system From e940cd047401e7dc59be655d09d85601becc556a Mon Sep 17 00:00:00 2001 From: David Guzman Date: Wed, 18 Jul 2018 16:54:51 +0100 Subject: [PATCH 08/16] Configure admonitions --- centos74-matlab-fludetector/README.adoc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/centos74-matlab-fludetector/README.adoc b/centos74-matlab-fludetector/README.adoc index 38bc4de..f3cb6f5 100644 --- a/centos74-matlab-fludetector/README.adoc +++ b/centos74-matlab-fludetector/README.adoc @@ -1,3 +1,11 @@ +ifdef::env-github[] +:tip-caption: :bulb: +:note-caption: :information_source: +:important-caption: :heavy_exclamation_mark: +:caution-caption: :fire: +:warning-caption: :warning: +endif::[] + = centos74-matlab-fludetector This Ansible playbook provisions a CentOS 7.4 machine with a single-node instance of the FluDetector app (https://github.com/UCL/fludetector-flask) From 1453d9576c7870d5332c79e956b38a1a9720cddf Mon Sep 17 00:00:00 2001 From: David Guzman Date: Wed, 8 Aug 2018 17:26:57 +0100 Subject: [PATCH 09/16] New fludetector version --- centos74-fludetector3/Vagrantfile | 17 +++++ centos74-fludetector3/conf/nginx.conf | 19 ++++++ centos74-fludetector3/conf/supervisor.ini.j2 | 4 ++ centos74-fludetector3/playbook.yml | 65 ++++++++++++++++++++ 4 files changed, 105 insertions(+) create mode 100644 centos74-fludetector3/Vagrantfile create mode 100644 centos74-fludetector3/conf/nginx.conf create mode 100644 centos74-fludetector3/conf/supervisor.ini.j2 create mode 100644 centos74-fludetector3/playbook.yml diff --git a/centos74-fludetector3/Vagrantfile b/centos74-fludetector3/Vagrantfile new file mode 100644 index 0000000..8c733de --- /dev/null +++ b/centos74-fludetector3/Vagrantfile @@ -0,0 +1,17 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + + config.vm.box = "centos-7.4" + + config.vm.provision "ansible" do |ansible| + ansible.playbook = "playbook.yml" + ansible.compatibility_mode = "2.0" + end + + config.vm.network "forwarded_port", guest: 80, host: 10080 + + config.ssh.insert_key = false + +end diff --git a/centos74-fludetector3/conf/nginx.conf b/centos74-fludetector3/conf/nginx.conf new file mode 100644 index 0000000..64a4468 --- /dev/null +++ b/centos74-fludetector3/conf/nginx.conf @@ -0,0 +1,19 @@ +upstream gunicorn_server { + server unix:/var/run/gunicorn.sock fail_timeout=0; +} + +server { + + server_name localhost; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options nosniff; + + location / { + proxy_pass http://gunicorn_server; + proxy_set_header Host localhost; + proxy_set_header X-Forwarded-For $remote_addr; + } + +} \ No newline at end of file diff --git a/centos74-fludetector3/conf/supervisor.ini.j2 b/centos74-fludetector3/conf/supervisor.ini.j2 new file mode 100644 index 0000000..9f52897 --- /dev/null +++ b/centos74-fludetector3/conf/supervisor.ini.j2 @@ -0,0 +1,4 @@ +[program:fludetector] +command = /opt/fludetector/scripts/serve.sh +directory = /opt/fludetector +user = {{fludetector_user}} \ No newline at end of file diff --git a/centos74-fludetector3/playbook.yml b/centos74-fludetector3/playbook.yml new file mode 100644 index 0000000..15a869c --- /dev/null +++ b/centos74-fludetector3/playbook.yml @@ -0,0 +1,65 @@ +--- +- hosts: localhost + user: vagrant + +- hosts: all + become: True + become_method: sudo + vars: + virtualenv_dir: /opt/fludetector/venv + listen_as: http + fludetector_user: root + fludetector_model: FluDetectorModel-Google201804.tar.gz + fludetector_sql: model_data_google_2018_04.sql + installation_key_file: "{{lookup('file', 'installationKey.txt')}}" + license_file: license.txt + fludetector_version: v2.0 + model_id: 1 + tasks: + - name: Install EPEL repository + yum: name=epel-release state=present + + - name: Install Python 3.4 and Pip + yum: name={{item}} state=present + with_items: + - python34 + - python34-pip + + - name: Install SQLite3 and lzop + yum: name={{item}} state=latest + with_items: + - sqlite + - lzop + + - name: Setup a Python 3.4 environment + shell: pyvenv {{virtualenv_dir}} + + - name: Create fludetector log directory + file: path=/opt/fludetector/logs state=directory + + - name: Deploy fludetector Flask app + unarchive: src=https://github.com/UCL/fludetector-api-flask/archive/v1.0-cr1.tar.gz dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" + + - name: Install Supervisor + yum: name=supervisor state=present + + - name: Deploy Supervisor configuration for Flask-Gunicorn app + template: src=conf/supervisor.ini.j2 dest=/etc/supervisord.d/fludetector.ini + + - name: Install Nginx + yum: name=nginx state=present + + - name: Upload Nginx configuration for fludetector + copy: src=conf/nginx.conf dest=/etc/nginx/conf.d/fludetector.conf + + - name: Enable nginx port in firewall + command: firewall-cmd --zone=public --permanent --add-service={{listen_as}} + + - name: Enable nginx + systemd: name=nginx state=started enabled=yes + + - name: Start supervisord + systemd: name=supervisord state=started enabled=yes + + - name: Restart firewalld + systemd: name=firewalld state=restarted From 78b02e6e66c7f1b5b1dfd8183fe808f44804de06 Mon Sep 17 00:00:00 2001 From: David Guzman Date: Thu, 9 Aug 2018 13:04:14 +0100 Subject: [PATCH 10/16] Complete installation of Flask app --- centos74-fludetector3/playbook.yml | 161 ++++++++++++++++++++++++++--- 1 file changed, 146 insertions(+), 15 deletions(-) diff --git a/centos74-fludetector3/playbook.yml b/centos74-fludetector3/playbook.yml index 15a869c..80d7296 100644 --- a/centos74-fludetector3/playbook.yml +++ b/centos74-fludetector3/playbook.yml @@ -6,27 +6,34 @@ become: True become_method: sudo vars: - virtualenv_dir: /opt/fludetector/venv + virtualenv_dir: /opt/fludetector/flask/venv listen_as: http fludetector_user: root - fludetector_model: FluDetectorModel-Google201804.tar.gz - fludetector_sql: model_data_google_2018_04.sql + fludetector_model: FluDetectorModel-Google201807.tar.gz + fludetector_sql: model_data_google_2018_07.sql + matlab_localdir: /Volumes/cs-iso/Linux-Software/Matlab/ installation_key_file: "{{lookup('file', 'installationKey.txt')}}" license_file: license.txt fludetector_version: v2.0 model_id: 1 tasks: - name: Install EPEL repository - yum: name=epel-release state=present + yum: + name: epel-release + state: present - name: Install Python 3.4 and Pip - yum: name={{item}} state=present + yum: + name: "{{item}}" + state: present with_items: - python34 - python34-pip - name: Install SQLite3 and lzop - yum: name={{item}} state=latest + yum: + name: "{{item}}" + state: latest with_items: - sqlite - lzop @@ -35,31 +42,155 @@ shell: pyvenv {{virtualenv_dir}} - name: Create fludetector log directory - file: path=/opt/fludetector/logs state=directory + file: + path: /opt/fludetector/flask/logs + state: directory - name: Deploy fludetector Flask app - unarchive: src=https://github.com/UCL/fludetector-api-flask/archive/v1.0-cr1.tar.gz dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" + unarchive: + src: https://github.com/UCL/fludetector-api-flask/archive/v1.0-cr1.tar.gz + dest: /opt/fludetector/flask/ + remote_src: yes + extra_opts: "--strip-components=1" - name: Install Supervisor - yum: name=supervisor state=present + yum: + name: supervisor + state: present - name: Deploy Supervisor configuration for Flask-Gunicorn app - template: src=conf/supervisor.ini.j2 dest=/etc/supervisord.d/fludetector.ini + template: + src: conf/supervisor.ini.j2 + dest: /etc/supervisord.d/fludetector.ini - name: Install Nginx - yum: name=nginx state=present + yum: + name: nginx + state: present - name: Upload Nginx configuration for fludetector - copy: src=conf/nginx.conf dest=/etc/nginx/conf.d/fludetector.conf + copy: + src: conf/nginx.conf + dest: /etc/nginx/conf.d/fludetector.conf - name: Enable nginx port in firewall command: firewall-cmd --zone=public --permanent --add-service={{listen_as}} - name: Enable nginx - systemd: name=nginx state=started enabled=yes + systemd: + name: nginx + state: started + enabled: yes - name: Start supervisord - systemd: name=supervisord state=started enabled=yes + systemd: + name: supervisord + state: started + enabled: yes - name: Restart firewalld - systemd: name=firewalld state=restarted + systemd: + name: firewalld + state: restarted + + - name: Install requirements for Matlab + yum: + name: "{{item}}" + state: present + with_items: + - libX11 + - libXext + - libXt + + - name: Create Downloads directory if it doesn't exist + file: + path: /root/Downloads + state: directory + + - name: Copy Matlab DVDs + copy: + src: "{{matlab_localdir}}/{{item}}" + dest: /root/Downloads/ + with_items: + - R2017a_glnxa64_dvd1.iso + - R2017a_glnxa64_dvd2.iso + + - name: Mount Matlab DVD 1 + mount: + path: /mnt + src: /root/Downloads/R2017a_glnxa64_dvd1.iso + fstype: auto + opts: loop + state: mounted + + - name: Create directory for Matlab archives install + file: + path: /root/Downloads/MathWorks/R2017a + state: directory + + - name: Mount Matlab DVD 2 + mount: + path: /root/Downloads/MathWorks/R2017a + src: /root/Downloads/R2017a_glnxa64_dvd1.iso + fstype: auto + opts: loop + state: mounted + + - name: Copy license file + copy: + src: "{{license_file}}" + dest: /root/ + + - name: Install Matlab + command: /mnt/install -mode silent -agreeToLicense yes -destinationFolder /opt/MATLAB -fileInstallationKey {{installation_key_file}} -licensePath /root/{{license_file}} -product.MATLAB + + - name: Create symlink to Matlab executable + file: + path: /usr/local/bin/matlab + src: /opt/MATLAB/bin/matlab + state: link + + - name: Unmount DVDs and remove from fstab + mount: + path: "{{item}}" + state: absent + with_items: + - /root/Downloads/MathWorks/R2017a + - /mnt + + - name: Delete Matlab iso files + file: + path: "/root/Downloads/{{item}}" + state: absent + with_items: + - R2017a_glnxa64_dvd1.iso + - R2017a_glnxa64_dvd2.iso + + - name: Install Matlab engine for Python + command: python3 setup.py install --prefix {{virtualenv_dir}} + args: + chdir: /opt/MATLAB/extern/engines/python + + - name: Create directory for GPML package + file: + path: "/opt/fludetector/flask/matlab/gpml" + state: directory + + - name: Download GPML package + unarchive: + src: http://gaussianprocess.org/gpml/code/matlab/release/gpml-matlab-v4.2-2018-06-11.tar.gz + dest: "/opt/fludetector/flask/matlab/gpml" + remote_src: yes + extra_opts: "--strip-components=1" + + - name: Upload FluDetector artifacts + copy: + src: "{{fludetector_model}}" + dest: /tmp + + - name: Deploy Matlab artifacts + unarchive: + src: "/tmp/{{fludetector_model}}" + exclude: "{{fludetector_sql}}" + dest: /opt/fludetector/flask/matlab + remote_src: yes From f29a0e490cc6d241470835414d7ca3059b2335d4 Mon Sep 17 00:00:00 2001 From: David Guzman Date: Thu, 13 Sep 2018 18:31:16 +0100 Subject: [PATCH 11/16] WIP: Playbook for installing FluDetector app and Octave --- centos74-octave-fludetector/.gitignore | 4 + centos74-octave-fludetector/README.adoc | 66 +++++++++++ centos74-octave-fludetector/Vagrantfile | 15 +++ centos74-octave-fludetector/conf/env | 4 + centos74-octave-fludetector/conf/nginx.conf | 19 ++++ centos74-octave-fludetector/conf/seed.sql | 13 +++ .../conf/supervisor.ini.j2 | 9 ++ centos74-octave-fludetector/hosts.ini | 6 + centos74-octave-fludetector/playbook.yml | 105 ++++++++++++++++++ 9 files changed, 241 insertions(+) create mode 100644 centos74-octave-fludetector/.gitignore create mode 100644 centos74-octave-fludetector/README.adoc create mode 100644 centos74-octave-fludetector/Vagrantfile create mode 100644 centos74-octave-fludetector/conf/env create mode 100644 centos74-octave-fludetector/conf/nginx.conf create mode 100644 centos74-octave-fludetector/conf/seed.sql create mode 100644 centos74-octave-fludetector/conf/supervisor.ini.j2 create mode 100644 centos74-octave-fludetector/hosts.ini create mode 100644 centos74-octave-fludetector/playbook.yml diff --git a/centos74-octave-fludetector/.gitignore b/centos74-octave-fludetector/.gitignore new file mode 100644 index 0000000..7ec3e16 --- /dev/null +++ b/centos74-octave-fludetector/.gitignore @@ -0,0 +1,4 @@ +.DS_Store + +FluDetectorModel-Google201804.tar.gz +*.rpm diff --git a/centos74-octave-fludetector/README.adoc b/centos74-octave-fludetector/README.adoc new file mode 100644 index 0000000..8e33ee0 --- /dev/null +++ b/centos74-octave-fludetector/README.adoc @@ -0,0 +1,66 @@ +ifdef::env-github[] +:tip-caption: :bulb: +:note-caption: :information_source: +:important-caption: :heavy_exclamation_mark: +:caution-caption: :fire: +:warning-caption: :warning: +endif::[] + += centos74-octave-fludetector + +This Ansible playbook provisions a CentOS 7.4 machine with a single-node instance of the FluDetector app (https://github.com/UCL/fludetector-flask) + +== Requirements + +- Ansible (version 2.4.2) - https://www.ansible.com/ +- Octave 4.x for CentOS - rpm archives available +- FluDetector model artifacts (version 2018.04) - tarball archive available by request + +=== Octave + +The playbook installs Octave from the rpm file. Make sure the file `octave-4.2.2-6.el7.centos.1.x86_64.rpm` is present in the playbook directory: + +== Installation + +Save the FluDetector model tarball archive in this directory, edit `hosts.ini` inventory file to set the hostname of the productive system +and execute the ansible playbook to install the FluDetector app. + +.... +ansible-playbook -i hosts.ini --limit 'productive' -u [remoteuser] -b -k -K playbook.yml +.... + +== Testing + +A Vagrant (https://www.vagrantup.com/) file is provided for local testing. It requires a CentOS 7.4 box installed with the name 'centos-7.4'. Fire up the vagrant up to test the installation: + +.... +vagrant up +.... + +The web interface is available on http://localhost:10080/ + +== Configuration of FluDetector model + +=== Install model data in SQLite instance + +An SQL script with all the parameters required to run the model is provided in the tarball archive. +.... +cd /opt/fludetector +tar xfO /tmp/FluDetectorModel-Google201804.tar.gz --wildcards '*.sql' | sudo sqlite3 data.db +.... + +=== Calculate model scores + +Install the Google API key in the `.env` file and run a model score calculation for dates in the past. +.... +cd /opt/fludetector +sudo sed -i 's/^\(GOOGLE_API_KEY=\).*/\1APIKEY/' .env +sudo ./scripts/run.sh runmodel 1 --start [yyyy-mm-dd] --end [yyyy-mm-dd] +.... + +=== Start scheduler for calculation of model scores + +Once the calculation of scores for past dates is completed, start the scheduler to run these calculations automatically on a daily basis. +.... +sudo supervisorctl restart fludetector fludetector-google +.... \ No newline at end of file diff --git a/centos74-octave-fludetector/Vagrantfile b/centos74-octave-fludetector/Vagrantfile new file mode 100644 index 0000000..1c01328 --- /dev/null +++ b/centos74-octave-fludetector/Vagrantfile @@ -0,0 +1,15 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + + config.vm.box = "centos-7.4" + + config.vm.provision "ansible" do |ansible| + ansible.playbook = "playbook.yml" + ansible.compatibility_mode = "2.0" + end + + config.vm.network "forwarded_port", guest: 80, host: 10080 + +end diff --git a/centos74-octave-fludetector/conf/env b/centos74-octave-fludetector/conf/env new file mode 100644 index 0000000..258de38 --- /dev/null +++ b/centos74-octave-fludetector/conf/env @@ -0,0 +1,4 @@ +GOOGLE_API_KEY=invalidcredential +ADMIN_USERNAME=invalidcredential +ADMIN_PASSWORD=invalidcredential +SECRET_KEY=invalidcredential \ No newline at end of file diff --git a/centos74-octave-fludetector/conf/nginx.conf b/centos74-octave-fludetector/conf/nginx.conf new file mode 100644 index 0000000..64a4468 --- /dev/null +++ b/centos74-octave-fludetector/conf/nginx.conf @@ -0,0 +1,19 @@ +upstream gunicorn_server { + server unix:/var/run/gunicorn.sock fail_timeout=0; +} + +server { + + server_name localhost; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options nosniff; + + location / { + proxy_pass http://gunicorn_server; + proxy_set_header Host localhost; + proxy_set_header X-Forwarded-For $remote_addr; + } + +} \ No newline at end of file diff --git a/centos74-octave-fludetector/conf/seed.sql b/centos74-octave-fludetector/conf/seed.sql new file mode 100644 index 0000000..8ef649b --- /dev/null +++ b/centos74-octave-fludetector/conf/seed.sql @@ -0,0 +1,13 @@ +BEGIN TRANSACTION; +INSERT INTO "model" VALUES(1,'Dummy Google Data','google',1,'nonexistent_function,1'); +INSERT INTO "model_score" VALUES('2018-01-01','e',0.0,1); +INSERT INTO "model_score" VALUES('2018-01-02','e',0.2,1); +INSERT INTO "model_score" VALUES('2018-01-03','e',0.4,1); +INSERT INTO "model_score" VALUES('2018-01-04','e',0.6,1); +INSERT INTO "model_score" VALUES('2018-01-05','e',0.8,1); +INSERT INTO "model_score" VALUES('2018-01-06','e',0.9,1); +INSERT INTO "model_score" VALUES('2018-01-07','e',0.7,1); +INSERT INTO "model_score" VALUES('2018-01-08','e',0.5,1); +INSERT INTO "model_score" VALUES('2018-01-09','e',0.3,1); +INSERT INTO "model_score" VALUES('2018-01-10','e',0.1,1); +COMMIT; diff --git a/centos74-octave-fludetector/conf/supervisor.ini.j2 b/centos74-octave-fludetector/conf/supervisor.ini.j2 new file mode 100644 index 0000000..f0f64f9 --- /dev/null +++ b/centos74-octave-fludetector/conf/supervisor.ini.j2 @@ -0,0 +1,9 @@ +[program:fludetector] +command = /opt/fludetector/scripts/serve.sh +directory = /opt/fludetector +user = {{fludetector_user}} + +[program:fludetector-google] +command = /opt/fludetector/scripts/run.sh runmodelscheduler {{model_id}} '30 14 * * *' +directory = /opt/fludetector +user = {{fludetector_user}} diff --git a/centos74-octave-fludetector/hosts.ini b/centos74-octave-fludetector/hosts.ini new file mode 100644 index 0000000..78f4ece --- /dev/null +++ b/centos74-octave-fludetector/hosts.ini @@ -0,0 +1,6 @@ +[vagrant] +127.0.0.1:2222 ansible_connection=local +localhost:2222 ansible_connection=local + +[production] +fmdetect.cs.ucl.ac.uk diff --git a/centos74-octave-fludetector/playbook.yml b/centos74-octave-fludetector/playbook.yml new file mode 100644 index 0000000..2a2922f --- /dev/null +++ b/centos74-octave-fludetector/playbook.yml @@ -0,0 +1,105 @@ +--- +- hosts: localhost + user: vagrant + +- hosts: all + become: True + become_method: sudo + vars: + virtualenv_dir: /opt/fludetector/venv + listen_as: http + fludetector_user: root + fludetector_model: FluDetectorModel-Google201804.tar.gz + fludetector_sql: model_data_google_2018_04.sql + installation_key_file: "{{lookup('file', 'installationKey.txt')}}" + license_file: license.txt + fludetector_version: v2.0 + model_id: 1 + tasks: + - name: Install EPEL repository + yum: name=epel-release state=present + + - name: Install Python 2.7 and Pip + yum: name={{item}} state=present + with_items: + - python + - python-pip + + - name: Install SQLite3 and lzop + yum: name={{item}} state=latest + with_items: + - sqlite + - lzop + + - name: Update pip and virtualenv + pip: name={{item}} state=latest + with_items: + - pip + - virtualenv + + - name: Setup a Python 2.7 environment + shell: virtualenv -p /usr/bin/python2.7 {{virtualenv_dir}} + + - name: Create fludetector log directory + file: path=/opt/fludetector/logs state=directory + + - name: Deploy fludetector Flask app + unarchive: src="https://github.com/UCL/fludetector-flask/archive/{{fludetector_version}}.tar.gz" dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" + + - name: Copy env file + copy: src=conf/env dest=/opt/fludetector/.env + + - name: Install Nginx + yum: + name: nginx + state: present + + - name: Upload Nginx configuration for fludetector + copy: + src: conf/nginx.conf + dest: /etc/nginx/conf.d/fludetector.conf + + - name: Enable nginx port in firewall + command: firewall-cmd --zone=public --permanent --add-service={{listen_as}} + + - name: Restart firewalld + systemd: + name: firewalld + state: restarted + + - name: Upload Octave rpm + copy: + src: octave-4.2.2-6.el7.centos.1.x86_64.rpm + dest: /tmp/ + + - name: Install Octave + yum: + name: /tmp/octave-4.2.2-6.el7.centos.1.x86_64.rpm + state: present + + - name: Create directory for GPML package + file: + path: "/opt/fludetector/octave/gpml" + state: directory + + - name: Download GPML package + unarchive: + src: http://gaussianprocess.org/gpml/code/matlab/release/gpml-matlab-v4.2-2018-06-11.tar.gz + dest: "/opt/fludetector/octave/gpml" + remote_src: yes + extra_opts: "--strip-components=1" + + - name: Upload FluDetector artifacts + copy: + src: "{{fludetector_model}}" + dest: /tmp + + - name: Deploy Matlab artifacts + unarchive: + src: "/tmp/{{fludetector_model}}" + exclude: "{{fludetector_sql}}" + dest: /opt/fludetector/octave + remote_src: yes + + - name: Start nginx + systemd: name=nginx state=started enabled=yes From 5bc8e5ed93ed80fb262ac677924dd6311af37fb6 Mon Sep 17 00:00:00 2001 From: David Guzman Date: Fri, 14 Sep 2018 14:16:49 +0100 Subject: [PATCH 12/16] Add installation of Octave --- centos74-octave-fludetector/README.adoc | 9 +++++++++ centos74-octave-fludetector/conf/env | 3 ++- centos74-octave-fludetector/playbook.yml | 2 +- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/centos74-octave-fludetector/README.adoc b/centos74-octave-fludetector/README.adoc index 8e33ee0..f500817 100644 --- a/centos74-octave-fludetector/README.adoc +++ b/centos74-octave-fludetector/README.adoc @@ -41,6 +41,15 @@ The web interface is available on http://localhost:10080/ == Configuration of FluDetector model +=== Initial configuration + +A script is provided to configure the application + +```` +cd /opt/fludetector +./scripts/init.sh +```` + === Install model data in SQLite instance An SQL script with all the parameters required to run the model is provided in the tarball archive. diff --git a/centos74-octave-fludetector/conf/env b/centos74-octave-fludetector/conf/env index 258de38..1ac8a83 100644 --- a/centos74-octave-fludetector/conf/env +++ b/centos74-octave-fludetector/conf/env @@ -1,4 +1,5 @@ GOOGLE_API_KEY=invalidcredential ADMIN_USERNAME=invalidcredential ADMIN_PASSWORD=invalidcredential -SECRET_KEY=invalidcredential \ No newline at end of file +SECRET_KEY=invalidcredential +MODEL_ENGINE=octave diff --git a/centos74-octave-fludetector/playbook.yml b/centos74-octave-fludetector/playbook.yml index 2a2922f..ce64428 100644 --- a/centos74-octave-fludetector/playbook.yml +++ b/centos74-octave-fludetector/playbook.yml @@ -13,7 +13,7 @@ fludetector_sql: model_data_google_2018_04.sql installation_key_file: "{{lookup('file', 'installationKey.txt')}}" license_file: license.txt - fludetector_version: v2.0 + fludetector_version: v2.1 model_id: 1 tasks: - name: Install EPEL repository From 9c42b210a485cc4ddaab9403283c23e9acd68b43 Mon Sep 17 00:00:00 2001 From: David Guzman Date: Fri, 14 Sep 2018 14:20:40 +0100 Subject: [PATCH 13/16] Add installation of Octave --- centos74-octave-fludetector/README.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/centos74-octave-fludetector/README.adoc b/centos74-octave-fludetector/README.adoc index f500817..c50c29d 100644 --- a/centos74-octave-fludetector/README.adoc +++ b/centos74-octave-fludetector/README.adoc @@ -45,10 +45,10 @@ The web interface is available on http://localhost:10080/ A script is provided to configure the application -```` +.... cd /opt/fludetector ./scripts/init.sh -```` +.... === Install model data in SQLite instance From 74875d1218d5d86dd3b4493d5a2bc02b04b242d8 Mon Sep 17 00:00:00 2001 From: David Guzman Date: Fri, 14 Sep 2018 16:05:04 +0100 Subject: [PATCH 14/16] Add installation and configuration of Supervisor --- centos74-octave-fludetector/README.adoc | 2 +- centos74-octave-fludetector/playbook.yml | 52 ++++++++++++++++++------ 2 files changed, 41 insertions(+), 13 deletions(-) diff --git a/centos74-octave-fludetector/README.adoc b/centos74-octave-fludetector/README.adoc index c50c29d..573ef7a 100644 --- a/centos74-octave-fludetector/README.adoc +++ b/centos74-octave-fludetector/README.adoc @@ -71,5 +71,5 @@ sudo ./scripts/run.sh runmodel 1 --start [yyyy-mm-dd] --end [yyyy-mm-dd] Once the calculation of scores for past dates is completed, start the scheduler to run these calculations automatically on a daily basis. .... -sudo supervisorctl restart fludetector fludetector-google +sudo systemctl start supervisord .... \ No newline at end of file diff --git a/centos74-octave-fludetector/playbook.yml b/centos74-octave-fludetector/playbook.yml index ce64428..65fe128 100644 --- a/centos74-octave-fludetector/playbook.yml +++ b/centos74-octave-fludetector/playbook.yml @@ -11,28 +11,35 @@ fludetector_user: root fludetector_model: FluDetectorModel-Google201804.tar.gz fludetector_sql: model_data_google_2018_04.sql - installation_key_file: "{{lookup('file', 'installationKey.txt')}}" - license_file: license.txt fludetector_version: v2.1 + octave_version: 4.2.2-6.el7.centos.1 model_id: 1 tasks: - name: Install EPEL repository - yum: name=epel-release state=present + yum: + name: epel-release + state: present - name: Install Python 2.7 and Pip - yum: name={{item}} state=present + yum: + name: "{{item}}" + state: present with_items: - python - python-pip - name: Install SQLite3 and lzop - yum: name={{item}} state=latest + yum: + name: "{{item}}" + state: latest with_items: - sqlite - lzop - name: Update pip and virtualenv - pip: name={{item}} state=latest + pip: + name: "{{item}}" + state: latest with_items: - pip - virtualenv @@ -41,13 +48,31 @@ shell: virtualenv -p /usr/bin/python2.7 {{virtualenv_dir}} - name: Create fludetector log directory - file: path=/opt/fludetector/logs state=directory + file: + path: /opt/fludetector/logs + state: directory - name: Deploy fludetector Flask app - unarchive: src="https://github.com/UCL/fludetector-flask/archive/{{fludetector_version}}.tar.gz" dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" + unarchive: + src: "https://github.com/UCL/fludetector-flask/archive/{{fludetector_version}}.tar.gz" + dest: /opt/fludetector/ + remote_src: yes + extra_opts: "--strip-components=1" - name: Copy env file - copy: src=conf/env dest=/opt/fludetector/.env + copy: + src: conf/env + dest: /opt/fludetector/.env + + - name: Install Supervisor + yum: + name: supervisor + state: present + + - name: Deploy Supervisor configuration for Flask-Gunicorn app + template: + src: conf/supervisor.ini.j2 + dest: /etc/supervisord.d/fludetector.ini - name: Install Nginx yum: @@ -69,12 +94,12 @@ - name: Upload Octave rpm copy: - src: octave-4.2.2-6.el7.centos.1.x86_64.rpm + src: "octave-{{octave_version}}.x86_64.rpm" dest: /tmp/ - name: Install Octave yum: - name: /tmp/octave-4.2.2-6.el7.centos.1.x86_64.rpm + name: "/tmp/octave-{{octave_version}}.x86_64.rpm" state: present - name: Create directory for GPML package @@ -102,4 +127,7 @@ remote_src: yes - name: Start nginx - systemd: name=nginx state=started enabled=yes + systemd: + name: nginx + state: started + enabled: yes From 3ac36100439317a4f81817b57e53d11b17ddd876 Mon Sep 17 00:00:00 2001 From: David Guzman Date: Wed, 19 Sep 2018 14:41:07 +0100 Subject: [PATCH 15/16] Update version of FluDetector app --- centos74-fludetector/playbook.yml | 2 +- centos74-matlab-fludetector/playbook.yml | 2 +- centos74-octave-fludetector/playbook.yml | 8 +++++++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/centos74-fludetector/playbook.yml b/centos74-fludetector/playbook.yml index d4ec63b..1f10fed 100644 --- a/centos74-fludetector/playbook.yml +++ b/centos74-fludetector/playbook.yml @@ -38,7 +38,7 @@ file: path=/opt/fludetector/logs state=directory - name: Deploy fludetector Flask app - unarchive: src=https://github.com/UCL/fludetector-flask/archive/v1.1.tar.gz dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" + unarchive: src=https://github.com/UCL/fludetector-flask/archive/v2.2.tar.gz dest=/opt/fludetector/ remote_src=yes extra_opts="--strip-components=1" - name: Copy env file copy: src=conf/env dest=/opt/fludetector/.env diff --git a/centos74-matlab-fludetector/playbook.yml b/centos74-matlab-fludetector/playbook.yml index 164b5a1..1e6748d 100644 --- a/centos74-matlab-fludetector/playbook.yml +++ b/centos74-matlab-fludetector/playbook.yml @@ -13,7 +13,7 @@ fludetector_sql: model_data_google_2018_04.sql installation_key_file: "{{lookup('file', 'installationKey.txt')}}" license_file: license.txt - fludetector_version: v2.0 + fludetector_version: v2.2 model_id: 1 tasks: - name: Install EPEL repository diff --git a/centos74-octave-fludetector/playbook.yml b/centos74-octave-fludetector/playbook.yml index 65fe128..9ff930f 100644 --- a/centos74-octave-fludetector/playbook.yml +++ b/centos74-octave-fludetector/playbook.yml @@ -11,7 +11,7 @@ fludetector_user: root fludetector_model: FluDetectorModel-Google201804.tar.gz fludetector_sql: model_data_google_2018_04.sql - fludetector_version: v2.1 + fludetector_version: v2.2 octave_version: 4.2.2-6.el7.centos.1 model_id: 1 tasks: @@ -131,3 +131,9 @@ name: nginx state: started enabled: yes + + - name: Start supervisord + systemd: + name: supervisord + state: started + enabled: yes From cbb55db91479a2f8425e64f82c068797b1061baf Mon Sep 17 00:00:00 2001 From: David Guzman Date: Thu, 17 Jan 2019 18:50:27 +0000 Subject: [PATCH 16/16] Test box for the Takeout app --- centos75-node-glassfish/README.md | 25 +++ centos75-node-glassfish/Vagrantfile | 18 ++ .../conf/glassfish.service | 13 ++ centos75-node-glassfish/conf/nginx.conf | 41 ++++ .../conf/takeout-react.service | 14 ++ centos75-node-glassfish/playbook.yml | 185 ++++++++++++++++++ 6 files changed, 296 insertions(+) create mode 100644 centos75-node-glassfish/README.md create mode 100644 centos75-node-glassfish/Vagrantfile create mode 100644 centos75-node-glassfish/conf/glassfish.service create mode 100644 centos75-node-glassfish/conf/nginx.conf create mode 100644 centos75-node-glassfish/conf/takeout-react.service create mode 100644 centos75-node-glassfish/playbook.yml diff --git a/centos75-node-glassfish/README.md b/centos75-node-glassfish/README.md new file mode 100644 index 0000000..7b7b25e --- /dev/null +++ b/centos75-node-glassfish/README.md @@ -0,0 +1,25 @@ +# CentOS 7.5 with Node and Glassfish + +## Software versions: + +- Node 10 +- Glassfish 5 + +## Installation + +Define Ansible host for apiclient and run with `ansible-playbook` +``` +ansible-playbook -u dguzman -k -K playbook.yml --extra-vars "target=searchapp" +``` + +## Testing (connection to CS network required) + +For local testing, just start a VM using vagrant. + +``` +vagrant up --no-provision + +ansible-playbook --private-key=.vagrant/machines/default/virtualbox/private_key -u vagrant -i .vagrant/provisioners/ansible/inventory --extra-vars "target=all" --connection=ssh --ssh-extra-args="-o UserKnownHostsFile=/dev/null -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o Port=2222 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=vagrant -o ConnectTimeout=30" playbook.yml +``` + +Once the provisioning has completed, open http://localhost:10080 with a web browser \ No newline at end of file diff --git a/centos75-node-glassfish/Vagrantfile b/centos75-node-glassfish/Vagrantfile new file mode 100644 index 0000000..45b40dd --- /dev/null +++ b/centos75-node-glassfish/Vagrantfile @@ -0,0 +1,18 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + + config.vm.box = "centos-7.5" + + config.vm.provision "ansible" do |ansible| + ansible.playbook = "playbook.yml" + ansible.compatibility_mode = "2.0" + ansible.extra_vars = { + target: "all" + } + end + + config.vm.network "forwarded_port", guest: 80, host: 10080 + +end diff --git a/centos75-node-glassfish/conf/glassfish.service b/centos75-node-glassfish/conf/glassfish.service new file mode 100644 index 0000000..f370e3c --- /dev/null +++ b/centos75-node-glassfish/conf/glassfish.service @@ -0,0 +1,13 @@ +[Unit] +Description = GlassFish Server v5 +After = syslog.target network.target + +[Service] +User = glassfish +ExecStart = /usr/bin/java -jar /opt/glassfish/glassfish/lib/client/appserver-cli.jar start-domain +ExecStop = /usr/bin/java -jar /opt/glassfish/glassfish/lib/client/appserver-cli.jar stop-domain +ExecReload = /usr/bin/java -jar /opt/glassfish/glassfish/lib/client/appserver-cli.jar restart-domain +Type = forking + +[Install] +WantedBy = multi-user.target \ No newline at end of file diff --git a/centos75-node-glassfish/conf/nginx.conf b/centos75-node-glassfish/conf/nginx.conf new file mode 100644 index 0000000..df71a4c --- /dev/null +++ b/centos75-node-glassfish/conf/nginx.conf @@ -0,0 +1,41 @@ +server { + + server_name localhost; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options nosniff; + + location /api/ { + + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' '$http_referer'; + add_header 'Access-Control-Allow-Methods' 'OPTIONS,PUT'; + add_header 'Access-Control-Allow-Headers' 'Content-Type'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain; charset=utf-8'; + add_header 'Content-Length' 0; + return 204; + } + + if ($request_method = 'PUT') { + add_header 'Access-Control-Allow-Origin' '$http_referer'; + add_header 'Access-Control-Allow-Methods' 'PUT'; + add_header 'Access-Control-Allow-Headers' 'Content-Type'; + } + + proxy_pass http://localhost:8080/; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $remote_addr; + + } + + location / { + + proxy_pass http://localhost:5000/; + proxy_set_header Host localhost; + proxy_set_header X-Forwarded-For $remote_addr; + + } + +} diff --git a/centos75-node-glassfish/conf/takeout-react.service b/centos75-node-glassfish/conf/takeout-react.service new file mode 100644 index 0000000..2a3512b --- /dev/null +++ b/centos75-node-glassfish/conf/takeout-react.service @@ -0,0 +1,14 @@ +[Unit] +Description=Takeout React app - web interface +Documentation=https://www.github.com/UCL/takeout-app-react +After=network.target + +[Service] +Type=simple +User=root +WorkingDirectory=/opt/node/takeout-app-react +ExecStart=/usr/bin/serve -s build +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/centos75-node-glassfish/playbook.yml b/centos75-node-glassfish/playbook.yml new file mode 100644 index 0000000..587a31b --- /dev/null +++ b/centos75-node-glassfish/playbook.yml @@ -0,0 +1,185 @@ +--- +- hosts: '{{ target }}' + become: True + become_method: sudo + vars: + glassfish_version: '5.0' + nodeapp_version: '0.4' + javaeeapp_tag: '0.3' + javaeeapp_version: '1.0-SNAPSHOT' + pgjdbc_version: '42.2.5' + vars_prompt: + - name: pg_user + prompt: Enter the user for connecting to the database + private: no + - name: pg_pass + prompt: Enter the password for connecting to the database + private: yes + - name: pg_dbname + prompt: Enter the name of the database + private: no + - name: pg_host + prompt: Enter the hostname for the database + private: no + tasks: + - name: Install NodeSource yum repository + shell: curl -sL https://rpm.nodesource.com/setup_10.x | sudo bash - + args: + warn: false + + - name: Install EPEL repository + yum: + name: epel-release + state: present + + - name: Install Node.js and npm + yum: + name: nodejs + state: present + + - name: Create system user for Node + user: + name: node + system: yes + local: yes + createhome: yes + home: /opt/node + shell: /sbin/nologin + + - name: Install serve package + npm: + name: serve + global: yes + + - name: Download and unpack Node app + unarchive: + src: "https://github.com/UCL/takeout-app-react/archive/{{nodeapp_version}}.tar.gz" + dest: /opt/node + remote_src: yes + become_user: node + + - name: Rename Node app directory + command: "mv /opt/node/takeout-app-react-{{nodeapp_version}} /opt/node/takeout-app-react" + become_user: node + + - name: Install packages from package.json + npm: + path: /opt/node/takeout-app-react + state: present + production: yes + become_user: node + + - name: Build Node app + command: "npm run build" + args: + chdir: /opt/node/takeout-app-react + become_user: node + environment: + REACT_APP_API_HOST: '/api/takeout-api-javaee' + + - name: Upload systemd configuration file for the Takeout app + copy: + src: conf/takeout-react.service + dest: /etc/systemd/system/takeout-react.service + + - name: Start Node app + service: + name: takeout-react + state: started + enabled: yes + + - name: Create system user for Glassfish + user: + name: glassfish + system: yes + local: yes + createhome: yes + home: /opt/glassfish + shell: /sbin/nologin + + - name: Install OpenJDK 8 + yum: + name: java-1.8.0-openjdk-devel + state: present + + - name: Install unzip + yum: + name: unzip + state: present + + - name: Download and unpack Glassfish + unarchive: + src: 'http://download.oracle.com/glassfish/{{glassfish_version}}/release/glassfish-{{glassfish_version}}.zip' + dest: /opt + creates: /opt/glassfish5 + remote_src: yes + owner: glassfish + group: glassfish + + - name: Move Glassfish files to HOME + shell: mv /opt/glassfish5/* /opt/glassfish + become_user: glassfish + + - name: Remove glassfish5 directory + file: + path: /opt/glassfish5 + state: absent + + - name: Upload Systemd unit file for Glassfish + copy: + src: conf/glassfish.service + dest: /usr/lib/systemd/system/glassfish.service + + - name: Download PostgreSQL JDBC driver + get_url: + url: 'https://jdbc.postgresql.org/download/postgresql-{{pgjdbc_version}}.jar' + dest: /opt/glassfish/glassfish/lib + owner: glassfish + group: glassfish + + - name: Start Glassfish + service: + name: glassfish + state: started + enabled: yes + + - name: Configure JDBC connection pool + command: '/opt/glassfish/bin/asadmin create-jdbc-connection-pool --restype javax.sql.ConnectionPoolDataSource --datasourceclassname org.postgresql.ds.PGConnectionPoolDataSource --property portNumber=5432:user={{pg_user}}:password={{pg_pass}}:databaseName={{pg_dbname}}:serverName={{pg_host}} dataPool' + become_user: glassfish + + - name: Configure JDBC resource + command: '/opt/glassfish/bin/asadmin create-jdbc-resource --connectionpoolid dataPool jdbc/takeout' + become_user: glassfish + + - name: Download Takeout API + get_url: + url: 'https://github.com/UCL/takeout-api-javaee/releases/download/v{{javaeeapp_tag}}/takeout-api-javaee-{{javaeeapp_version}}.war' + dest: /tmp + owner: glassfish + group: glassfish + + - name: Deploy Takeout API + command: '/opt/glassfish/bin/asadmin deploy --name takeout-api-javaee --contextroot takeout-api-javaee /tmp/takeout-api-javaee-{{javaeeapp_version}}.war' + become_user: glassfish + + - name: Install NGINX + yum: + name: nginx + state: present + + - name: Upload NGINX configuration file + copy: + src: conf/nginx.conf + dest: /etc/nginx/conf.d/takeout.conf + + - name: Start NGINX + service: + name: nginx + state: started + enabled: yes + + - name: Configure firewall + command: 'firewall-cmd --zone=public --permanent --add-service=http' + + - name: Reload firewall rules + command: firewall-cmd --reload