Merge branch 'airavata-3369'
diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
index 724e27c..a5e1894 100644
--- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
+++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
@@ -5081,9 +5081,11 @@
sharingClient.shareEntityWithUsers(gatewayId, resourceId,
Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "READ", true);
else if(userPermission.getValue().equals(ResourcePermissionType.MANAGE_SHARING)) {
- if (userHasAccessInternal(sharingClient, authzToken, resourceId, ResourcePermissionType.OWNER))
+ if (userHasAccessInternal(sharingClient, authzToken, resourceId, ResourcePermissionType.OWNER)) {
+ createManageSharingPermissionTypeIfMissing(sharingClient, gatewayId);
sharingClient.shareEntityWithUsers(gatewayId, resourceId,
Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "MANAGE_SHARING", true);
+ }
else
throw new AuthorizationException("User is not allowed to grant sharing permission because the user is not the resource owner.");
}
@@ -5126,9 +5128,11 @@
sharingClient.shareEntityWithGroups(gatewayId, resourceId,
Arrays.asList(groupPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "READ", true);
else if(groupPermission.getValue().equals(ResourcePermissionType.MANAGE_SHARING)){
- if(userHasAccessInternal(sharingClient, authzToken, resourceId, ResourcePermissionType.OWNER))
+ if(userHasAccessInternal(sharingClient, authzToken, resourceId, ResourcePermissionType.OWNER)) {
+ createManageSharingPermissionTypeIfMissing(sharingClient, gatewayId);
sharingClient.shareEntityWithGroups(gatewayId, resourceId,
Arrays.asList(groupPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "MANAGE_SHARING", true);
+ }
else
throw new AuthorizationException("User is not allowed to grant sharing permission because the user is not the resource owner.");
}
@@ -5170,9 +5174,11 @@
sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "READ");
else if(userPermission.getValue().equals(ResourcePermissionType.MANAGE_SHARING)){
- if (userHasAccessInternal(sharingClient, authzToken, resourceId, ResourcePermissionType.OWNER))
+ if (userHasAccessInternal(sharingClient, authzToken, resourceId, ResourcePermissionType.OWNER)) {
+ createManageSharingPermissionTypeIfMissing(sharingClient, gatewayId);
sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "MANAGE_SHARING");
+ }
else
throw new AuthorizationException("User is not allowed to change sharing permission because the user is not the resource owner.");
}
@@ -5213,7 +5219,7 @@
ResourceType.EXPERIMENT, ResourceType.APPLICATION_DEPLOYMENT, ResourceType.GROUP_RESOURCE_PROFILE
));
if (adminRestrictedResourceTypes.contains(resourceType)) {
- // Prevent removing Admins WRITE access and Read Only Admins READ access
+ // Prevent removing Admins WRITE/MANAGE_SHARING access and Read Only Admins READ access
GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, gatewayId);
if (groupPermissionList.containsKey(gatewayGroups.getAdminsGroupId())
&& groupPermissionList.get(gatewayGroups.getAdminsGroupId()).equals(ResourcePermissionType.WRITE)) {
@@ -5224,8 +5230,12 @@
throw new Exception("Not allowed to remove Read Only Admins group's READ access.");
}
if (groupPermissionList.containsKey(gatewayGroups.getAdminsGroupId())
+ && groupPermissionList.get(gatewayGroups.getAdminsGroupId()).equals(ResourcePermissionType.READ)) {
+ throw new Exception("Not allowed to remove Admins group's READ access.");
+ }
+ if (groupPermissionList.containsKey(gatewayGroups.getAdminsGroupId())
&& groupPermissionList.get(gatewayGroups.getAdminsGroupId()).equals(ResourcePermissionType.MANAGE_SHARING)) {
- throw new Exception("Not allowed to remove Admins group's SHARING access.");
+ throw new Exception("Not allowed to remove Admins group's MANAGE_SHARING access.");
}
}
for(Map.Entry<String, ResourcePermissionType> groupPermission : groupPermissionList.entrySet()){
@@ -5236,9 +5246,11 @@
sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
Arrays.asList(groupPermission.getKey()), gatewayId + ":" + "READ");
else if(groupPermission.getValue().equals(ResourcePermissionType.MANAGE_SHARING)){
- if(userHasAccessInternal(sharingClient, authzToken, resourceId, ResourcePermissionType.OWNER))
+ if(userHasAccessInternal(sharingClient, authzToken, resourceId, ResourcePermissionType.OWNER)) {
+ createManageSharingPermissionTypeIfMissing(sharingClient, gatewayId);
sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
Arrays.asList(groupPermission.getKey()), gatewayId + ":" + "MANAGE_SHARING");
+ }
else
throw new AuthorizationException("User is not allowed to change sharing because the user is not the resource owner");
}
@@ -6098,6 +6110,8 @@
private void shareEntityWithAdminGatewayGroups(RegistryService.Client regClient, SharingRegistryService.Client sharingClient, Entity entity) throws TException {
final String domainId = entity.getDomainId();
GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, domainId);
+ createManageSharingPermissionTypeIfMissing(sharingClient, domainId);
+ sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()), domainId + ":MANAGE_SHARING", true);
sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()), domainId + ":WRITE", true);
sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId(), gatewayGroups.getReadOnlyAdminsGroupId()), domainId + ":READ", true);
}
@@ -6133,6 +6147,20 @@
throw new RuntimeException("Unrecognized entity type id: " + entity.getEntityTypeId());
}
+ private void createManageSharingPermissionTypeIfMissing(SharingRegistryService.Client sharingClient, String domainId) throws TException {
+ // AIRAVATA-3297 Some gateways were created without the MANAGE_SHARING permission, so add it if missing
+ String permissionTypeId = domainId + ":MANAGE_SHARING";
+ if (!sharingClient.isPermissionExists(domainId, permissionTypeId)) {
+ PermissionType permissionType = new PermissionType();
+ permissionType.setPermissionTypeId(permissionTypeId);
+ permissionType.setDomainId(domainId);
+ permissionType.setName("MANAGE_SHARING");
+ permissionType.setDescription("Manage sharing permission type");
+ sharingClient.createPermissionType(permissionType);
+ logger.info("Created MANAGE_SHARING permission type for domain " + domainId);
+ }
+ }
+
private GatewayGroups retrieveGatewayGroups(RegistryService.Client regClient, String gatewayId) throws TException {
if (regClient.isGatewayGroupsExists(gatewayId)) {
diff --git a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
index e93d6c0..7baa89d 100644
--- a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
+++ b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
@@ -62,10 +62,7 @@
private static Keycloak getClient(String adminUrl, String realm, PasswordCredential AdminPasswordCreds) {
- ResteasyClient resteasyClient = new ResteasyClientBuilder()
- .connectionPoolSize(10)
- .trustStore(loadKeyStore())
- .build();
+ ResteasyClient resteasyClient = getResteasyClient();
return KeycloakBuilder.builder()
.serverUrl(adminUrl)
.realm(realm)
@@ -78,10 +75,7 @@
private static Keycloak getClient(String adminUrl, String realm, String accessToken) {
- ResteasyClient resteasyClient = new ResteasyClientBuilder()
- .connectionPoolSize(10)
- .trustStore(loadKeyStore())
- .build();
+ ResteasyClient resteasyClient = getResteasyClient();
return KeycloakBuilder.builder()
.serverUrl(adminUrl)
.realm(realm)
@@ -90,6 +84,19 @@
.build();
}
+ private static ResteasyClient getResteasyClient() {
+
+ ResteasyClientBuilder builder = new ResteasyClientBuilder().connectionPoolSize(10);
+ try {
+ if (ServerSettings.isTrustStorePathDefined()) {
+ builder.trustStore(loadKeyStore());
+ }
+ } catch (ApplicationSettingsException e) {
+ throw new RuntimeException("Failed to read application settings", e);
+ }
+ return builder.build();
+ }
+
private static KeyStore loadKeyStore() {
InputStream is = null;
@@ -833,8 +840,9 @@
public static void main(String[] args) throws IamAdminServicesException, ApplicationSettingsException {
TenantManagementKeycloakImpl tenantManagementKeycloak = new TenantManagementKeycloakImpl();
- ServerSettings.setSetting("trust.store", "./modules/configuration/server/src/main/resources/client_truststore.jks");
- ServerSettings.setSetting("trust.store.password", "airavata");
+ // If testing with self-signed certificate, load certificate into modules/configuration/server/src/main/resources/client_truststore.jks and uncomment the following
+ // ServerSettings.setSetting("trust.store", "./modules/configuration/server/src/main/resources/client_truststore.jks");
+ // ServerSettings.setSetting("trust.store.password", "airavata");
ServerSettings.setSetting("iam.server.url", "");
String accessToken = "";
String tenantId = "";
diff --git a/airavata-services/services-security/pom.xml b/airavata-services/services-security/pom.xml
index 0f53e2d..d02c71d 100644
--- a/airavata-services/services-security/pom.xml
+++ b/airavata-services/services-security/pom.xml
@@ -102,6 +102,11 @@
<artifactId>json</artifactId>
<version>20131018</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.airavata</groupId>
+ <artifactId>platform-monitoring</artifactId>
+ <version>${project.version}</version>
+ </dependency>
</dependencies>
<build>
<plugins>
diff --git a/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java
index c8f3d71..607a2ee 100644
--- a/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java
+++ b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java
@@ -203,10 +203,12 @@
@Override
public void initializeSecurityInfra() throws AiravataSecurityException {
try {
- //initialize SSL context with the trust store that contains the public cert of WSO2 Identity Server.
- TrustStoreManager trustStoreManager = new TrustStoreManager();
- trustStoreManager.initializeTrustStoreManager(ServerSettings.getTrustStorePath(),
- ServerSettings.getTrustStorePassword());
+ //initialize SSL context with the trust store (if defined) that contains the public cert of WSO2 Identity Server.
+ if (ServerSettings.isTrustStorePathDefined()) {
+ TrustStoreManager trustStoreManager = new TrustStoreManager();
+ trustStoreManager.initializeTrustStoreManager(ServerSettings.getTrustStorePath(),
+ ServerSettings.getTrustStorePassword());
+ }
} catch (Exception e) {
throw new AiravataSecurityException(e.getMessage(), e);
}
@@ -540,8 +542,9 @@
}
public static void main(String[] args) throws AiravataSecurityException, ApplicationSettingsException {
- ServerSettings.setSetting("trust.store", "./modules/configuration/server/src/main/resources/client_truststore.jks");
- ServerSettings.setSetting("trust.store.password", "airavata");
+ // If testing with self-signed certificate, load certificate into modules/configuration/server/src/main/resources/client_truststore.jks and uncomment the following
+ // ServerSettings.setSetting("trust.store", "./modules/configuration/server/src/main/resources/client_truststore.jks");
+ // ServerSettings.setSetting("trust.store.password", "airavata");
KeyCloakSecurityManager keyCloakSecurityManager = new KeyCloakSecurityManager();
final String tokenURL = "...";
final String clientId = "...";
diff --git a/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/interceptor/SecurityInterceptor.java b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/interceptor/SecurityInterceptor.java
index f026557..db44bf0 100644
--- a/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/interceptor/SecurityInterceptor.java
+++ b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/interceptor/SecurityInterceptor.java
@@ -26,6 +26,7 @@
import org.apache.airavata.common.utils.ServerSettings;
import org.apache.airavata.model.error.AuthorizationException;
import org.apache.airavata.model.security.AuthzToken;
+import org.apache.airavata.patform.monitoring.CountMonitor;
import org.apache.airavata.security.AiravataSecurityException;
import org.apache.airavata.service.security.AiravataSecurityManager;
import org.apache.airavata.service.security.IdentityContext;
@@ -41,14 +42,17 @@
*/
public class SecurityInterceptor implements MethodInterceptor {
private final static Logger logger = LoggerFactory.getLogger(SecurityInterceptor.class);
+ private final static CountMonitor apiRequestCounter = new CountMonitor("api_server_request_counter", "method");
@Override
public Object invoke(MethodInvocation invocation) throws Throwable {
+
//obtain the authz token from the input parameters
AuthzToken authzToken = (AuthzToken) invocation.getArguments()[0];
//authorize the API call
HashMap<String, String> metaDataMap = new HashMap();
metaDataMap.put(Constants.API_METHOD_NAME, invocation.getMethod().getName());
+ apiRequestCounter.inc(invocation.getMethod().getName());
authorize(authzToken, metaDataMap);
//set the user identity info in a thread local to be used in downstream execution.
IdentityContext.set(authzToken);
diff --git a/airavata-services/services-security/src/test/java/org/apache/airavata/service/security/KeyCloakSecurityManagerTest.java b/airavata-services/services-security/src/test/java/org/apache/airavata/service/security/KeyCloakSecurityManagerTest.java
index aa29b75..ee04534 100644
--- a/airavata-services/services-security/src/test/java/org/apache/airavata/service/security/KeyCloakSecurityManagerTest.java
+++ b/airavata-services/services-security/src/test/java/org/apache/airavata/service/security/KeyCloakSecurityManagerTest.java
@@ -77,6 +77,7 @@
@Before
public void setUp() throws AiravataSecurityException, ApplicationSettingsException {
new Expectations() {{
+ mockServerSettings.isTrustStorePathDefined(); result = true;
mockTrustStoreManager.initializeTrustStoreManager(anyString, anyString);
mockServerSettings.isAPISecured(); result = true;
mockServerSettings.getRegistryServerHost(); result = "localhost"; minTimes = 0;
diff --git a/dev-tools/ansible/database.yml b/dev-tools/ansible/database.yml
index 1ecc726..6c64d44 100644
--- a/dev-tools/ansible/database.yml
+++ b/dev-tools/ansible/database.yml
@@ -22,7 +22,6 @@
# Gather facts on the following
- hosts: api-orch
- hosts: helix
-- hosts: django
- hosts: database
tags: mysql , airavata
diff --git a/dev-tools/ansible/django.yml b/dev-tools/ansible/django.yml
index 0d90bfa..9f9227f 100644
--- a/dev-tools/ansible/django.yml
+++ b/dev-tools/ansible/django.yml
@@ -29,8 +29,8 @@
- role: env_setup
when: inventory_hostname == groups['django_' + ansible_hostname][0]
# Oracle JDK is needed by Django apps that call Java code (e.g., SimCCS Maptool)
- - role: java
- when: inventory_hostname == groups['django_' + ansible_hostname][0]
+ # - role: java
+ # when: inventory_hostname == groups['django_' + ansible_hostname][0] and ansible_os_family == "RedHat"
- role: httpd
when: inventory_hostname == groups['django_' + ansible_hostname][0]
- role: letsencrypt
diff --git a/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vars.yml b/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vars.yml
index be0741e..93f32ed 100644
--- a/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/develop/group_vars/all/vars.yml
@@ -96,8 +96,8 @@
# Credential and keystore related variables
keystore_src_path: "{{inventory_dir}}/files/airavata.jks"
keystore_passwd: "{{ vault_keystore_passwd }}"
-client_truststore_src_path: "{{inventory_dir}}/files/client_truststore.jks"
-client_truststore_passwd: "{{ vault_client_truststore_passwd }}"
+# client_truststore_src_path: "{{inventory_dir}}/files/client_truststore.jks"
+# client_truststore_passwd: "{{ vault_client_truststore_passwd }}"
cred_keystore_src_path: "{{inventory_dir}}/files/airavata_sym.jks"
cred_keystore_passwd: "{{ vault_cred_keystore_passwd }}"
cred_keystore_alias: "airavata"
@@ -181,3 +181,48 @@
thrift_client_pool_abandoned_removal_logged: true
usage_reporting_key: "{{ vault_usage_reporting_key }}"
+
+participant_monitoring_enabled: true
+participant_monitoring_host: "0.0.0.0"
+participant_monitoring_port: 9096
+
+pre_workflow_manager_monitoring_enabled: true
+pre_workflow_manager_monitoring_host: "0.0.0.0"
+pre_workflow_manager_monitoring_port: 9093
+
+post_workflow_manager_monitoring_enabled: true
+post_workflow_manager_monitoring_host: "0.0.0.0"
+post_workflow_manager_monitoring_port: 9094
+
+parser_workflow_manager_monitoring_enabled: true
+parser_workflow_manager_monitoring_host: "0.0.0.0"
+parser_workflow_manager_monitoring_port: 9095
+
+api_server_monitoring_enabled: true
+api_server_monitoring_host: "0.0.0.0"
+api_server_monitoring_port: 9097
+
+# Subnet definitions
+iu_subnets:
+ - "149.163.0.0/16"
+ - "140.182.0.0/16"
+ - "149.165.0.0/16"
+ - "192.68.133.0/24"
+ - "192.12.206.0/24"
+ - "149.159.0.0/16"
+ - "156.56.0.0/16"
+ - "149.161.0.0/16"
+ - "149.160.0.0/16"
+ - "149.166.0.0/16"
+ - "134.68.0.0/16"
+ - "129.79.0.0/16"
+
+zk_subnets: "{{ iu_subnets }}"
+kafka_subnets: "{{ iu_subnets }}"
+sharing_subnets: "{{ iu_subnets }}"
+registry_subnets: "{{ iu_subnets }}"
+credential_store_subnets: "{{ iu_subnets }}"
+rabbitmq_subnets: "{{ iu_subnets }}"
+db_subnets: "{{ iu_subnets }}"
+zabbix_subnets: "{{ iu_subnets }}"
+monitoring_subnets: "{{ iu_subnets }}"
diff --git a/dev-tools/ansible/inventories/scigap/develop/hosts b/dev-tools/ansible/inventories/scigap/develop/hosts
index 9184ea6..6e96fe7 100644
--- a/dev-tools/ansible/inventories/scigap/develop/hosts
+++ b/dev-tools/ansible/inventories/scigap/develop/hosts
@@ -2,7 +2,7 @@
# inventory file : scigap develop deployment
[zookeeper]
-149.165.156.195
+149.165.157.37
[rabbitmq]
149.165.156.195
diff --git a/dev-tools/ansible/inventories/scigap/production/group_vars/all/vars.yml b/dev-tools/ansible/inventories/scigap/production/group_vars/all/vars.yml
index 5dd1d7e..c2617ad 100644
--- a/dev-tools/ansible/inventories/scigap/production/group_vars/all/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/group_vars/all/vars.yml
@@ -92,8 +92,8 @@
# Credential and keystore related variables
keystore_src_path: "{{inventory_dir}}/files/airavata.jks"
keystore_passwd: "{{ vault_keystore_passwd }}"
-client_truststore_src_path: "{{inventory_dir}}/files/client_truststore.jks"
-client_truststore_passwd: "{{ vault_client_truststore_passwd }}"
+# client_truststore_src_path: "{{inventory_dir}}/files/client_truststore.jks"
+# client_truststore_passwd: "{{ vault_client_truststore_passwd }}"
cred_keystore_src_path: "{{inventory_dir}}/files/airavata_sym.jks"
cred_keystore_passwd: "{{ vault_cred_keystore_passwd }}"
cred_keystore_alias: "airavata"
@@ -143,7 +143,7 @@
helix_url: http://www-us.apache.org/dist//helix/{{helix_version}}/binaries/helix-core-{{helix_version}}-pkg.tar
helix_dir: "{{ deployment_dir }}/airavata-helix"
helix_cluster_name: "AiravataDemoCluster"
-snapshot_version: "0.20"
+snapshot_version: "0.20-SNAPSHOT"
helix_controller_name: "helixcontroller"
helix_participant_name: "helixparticipant"
helix_pre_wm_name: "prewm"
@@ -184,3 +184,48 @@
parser_broker_publisher_id: "ParserProducer"
usage_reporting_key: "{{ vault_usage_reporting_key }}"
+
+participant_monitoring_enabled: true
+participant_monitoring_host: "0.0.0.0"
+participant_monitoring_port: 9096
+
+pre_workflow_manager_monitoring_enabled: true
+pre_workflow_manager_monitoring_host: "0.0.0.0"
+pre_workflow_manager_monitoring_port: 9093
+
+post_workflow_manager_monitoring_enabled: true
+post_workflow_manager_monitoring_host: "0.0.0.0"
+post_workflow_manager_monitoring_port: 9094
+
+parser_workflow_manager_monitoring_enabled: true
+parser_workflow_manager_monitoring_host: "0.0.0.0"
+parser_workflow_manager_monitoring_port: 9095
+
+api_server_monitoring_enabled: true
+api_server_monitoring_host: "0.0.0.0"
+api_server_monitoring_port: 9097
+
+# Subnet definitions
+iu_subnets:
+ - "149.163.0.0/16"
+ - "140.182.0.0/16"
+ - "149.165.0.0/16"
+ - "192.68.133.0/24"
+ - "192.12.206.0/24"
+ - "149.159.0.0/16"
+ - "156.56.0.0/16"
+ - "149.161.0.0/16"
+ - "149.160.0.0/16"
+ - "149.166.0.0/16"
+ - "134.68.0.0/16"
+ - "129.79.0.0/16"
+
+zk_subnets: "{{ iu_subnets }}"
+kafka_subnets: "{{ iu_subnets }}"
+sharing_subnets: "{{ iu_subnets }}"
+registry_subnets: "{{ iu_subnets }}"
+credential_store_subnets: "{{ iu_subnets }}"
+rabbitmq_subnets: "{{ iu_subnets }}"
+db_subnets: "{{ iu_subnets }}"
+zabbix_subnets: "{{ iu_subnets }}"
+monitoring_subnets: "{{ iu_subnets }}"
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/ampgateway/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/ampgateway/vars.yml
index 89b25e5..e4b9e01 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/ampgateway/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/ampgateway/vars.yml
@@ -48,4 +48,6 @@
admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu'), ('Barry Schneider', ' bis@nist.gov')]"
portal_title: "Atomic and Molecular Physics and Optics Gateway"
+django_google_analytics_tracking_id: "UA-177950242-1"
+
...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/bcbportal/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/bcbportal/vars.yml
index 89ee503..0d5ad5d 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/bcbportal/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/bcbportal/vars.yml
@@ -47,4 +47,6 @@
admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu')]"
portal_title: "BCB Gateway"
+django_google_analytics_tracking_id: "UA-178055397-1"
+
...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/covid-geoact/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/covid-geoact/vars.yml
new file mode 100644
index 0000000..e94accd
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/covid-geoact/vars.yml
@@ -0,0 +1,54 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+#gateway_data_store_resource_id: "js-168-166.jetstream-cloud.org_e86fd426-201a-461a-a0b4-4368af59ca28"
+#gateway_data_store_hostname: "js-168-166.jetstream-cloud.org"
+
+vhost_servername: "geoact.sdsc.edu"
+vhost_server_redirect: "geoact.org"
+vhost_ssl: True
+ssl_certificate_file: "/etc/letsencrypt/live/geoact.sdsc.edu/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/geoact.sdsc.edu/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/geoact.sdsc.edu/privkey.pem"
+
+
+## Keycloak related variables
+tenant_domain: "covid-geoact"
+oauth_client_key: "{{ vault_oauth_client_key }}"
+oauth_client_secret: "{{ vault_oauth_client_secret }}"
+
+auth_options:
+ password:
+ name: "Covid GeoAct Gateway"
+ external:
+ - name: "Existing Institution Credentials"
+ idp_alias: "cilogon"
+ logo: "images/cilogon-logo-24x24-b.png"
+
+gateway_id: "covid-geoact"
+experiment_data_dir: "{{ user_data_dir }}/covid-geoact"
+gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZpB6Q2bMcB9eTpMXBf6adFysDWE++Q7cNFfo3bTZgfH9YqZlvBLCDgQ7dWB5fiag2y/AGm0DPnEerIbG8df9HpJ/pOvqGjHKzkoz+Xi1J0n8FFCiPtuOE2sWwnFNniAwQeAKzCiBn1oL84IiYsJ2nTmRXcl6qIREsBOfG6oDMGYbI3fOaGKwVscJSKFjfRVhaHRgwcOuvsuf1Z/E4X9C1uhIE4BSFA7BoTbtTictTVp7lo4XvCorBziO3fZacFI9gCMVSNnI4OUZu5rXqXPjXfmIV2tDz9kGMTzW5OIk3xdU6MHGprwUkXPttdERVGTbFha+HJk3S2jaeV1pnDxlt"
+
+admin_emails: "[('CIRC', 'circ-iu-group@iu.edu'), ('Ilya Zaslavsky', 'zaslavsk@sdsc.edu'), ('Kaushik Ganapathy', 'krganapa@ucsd.edu'), ('Johnny Lei', 'jil1119@ucsd.edu')]"
+portal_title: "Covid GeoAct Gateway"
+
+#django_google_analytics_tracking_id: "UA-178055994-1"
+...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/covid-geoact/vault.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/covid-geoact/vault.yml
new file mode 100644
index 0000000..8fb0c8d
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/covid-geoact/vault.yml
@@ -0,0 +1,15 @@
+$ANSIBLE_VAULT;1.1;AES256
+36303333353566663038653966336264353661316462313362386465663562626233363264353330
+6563623034636530616139623664333135373036666662630a383963303432363430666266373239
+39656364396431376164666166383463623732646437313830363362666631353265663138346265
+3833303161663635660a306239396364396635326439643764326132636231373963323065336636
+34313163653435313436396337653939643266373161646638636633356265653262653632366132
+61643034323730343230353437613139623031663032313337616639303066616435613937316334
+39393363303234656530653733326666316463623638663264613432646638383262366261363833
+37323864333430343931323938326437373966646138353238393265343538663630633631656537
+62653238343338346432653731623838356466393334396533613738643833306339326562616135
+36623330346536663066626631663332393530306431626535383432623964616131393239626338
+64643133313165323062623139383737643761353762313264643138663065663432633131333537
+32623736363161373630633266336562353138373365653231396330663261393437636165303866
+35646365633863626635313664393531633762623934626566643663623363313163643564373230
+3465623936656130343235663139373536666535366464623431
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/delta/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/delta/vars.yml
index 8513d07..2dcf3c3 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/delta/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/delta/vars.yml
@@ -26,6 +26,7 @@
gateway_data_store_resource_id: "delta-topology.jetstream-cloud.org_61fe21d4-07ea-41fc-9f2e-104bc3061318"
#django_tus_endpoint: "https://tus.scigap.org/files/" this requires manual installation steps outside of Ansible.
django_tus_endpoint:
+airavata_django_git_branch: "delta-topology-workshop"
vhost_servername: "delta-topology.org"
vhost_ssl: True
@@ -55,4 +56,5 @@
admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu'),('Aurora Clark','auclark@wsu.edu'),('Sudhakar Pamidighantam','pamidigs@iu.edu')]"
portal_title: "DELTA Gateway"
+django_google_analytics_tracking_id: "UA-178024455-1"
...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/distantreader/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/distantreader/vars.yml
index 84c9bdf..4bac6ab 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/distantreader/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/distantreader/vars.yml
@@ -26,7 +26,7 @@
ssl_certificate_key_file: "/etc/letsencrypt/live/distantreader.org/privkey.pem"
django_file_upload_max_file_size_mb: 256
-django_pga_url: "https://distantreader.scigap.org"
+#django_pga_url: "https://distantreader.scigap.org"
## Keycloak related variables
tenant_domain: "distantreader"
@@ -48,4 +48,5 @@
admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu'), ('Eric Morgan','emorgan@nd.edu')]"
portal_title: "Distant Reader Portal"
+django_google_analytics_tracking_id: "UA-177994029-1"
...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/geo/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/geo/vars.yml
new file mode 100644
index 0000000..d4d5a62
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/geo/vars.yml
@@ -0,0 +1,64 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+#gateway_data_store_resource_id: "js-168-166.jetstream-cloud.org_e86fd426-201a-461a-a0b4-4368af59ca28"
+#gateway_data_store_hostname: "js-168-166.jetstream-cloud.org"
+
+airavata_django_extra_dependencies:
+ - "git+https://github.com/GeoGateway/geogateway-django-app.git@master#egg=geogateway_django_app"
+
+
+vhost_servername: "geo-gateway.org"
+vhost_ssl: True
+vhost_redirects:
+ - from: "^/$"
+ to: "/geogateway_django_app/#/maptools"
+ regex: true
+ssl_certificate_file: "/etc/letsencrypt/live/geo-gateway.org/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/geo-gateway.org/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/geo-gateway.org/privkey.pem"
+
+
+django_extra_settings:
+ LOGIN_REDIRECT_URL: "/geogateway_django_app/"
+
+## Keycloak related variables
+tenant_domain: "geo"
+oauth_client_key: "{{ vault_oauth_client_key }}"
+oauth_client_secret: "{{ vault_oauth_client_secret }}"
+
+auth_options:
+ password:
+ name: "Geo Gateway"
+ external:
+ - name: "Existing Institution Credentials"
+ idp_alias: "cilogon"
+ logo: "images/cilogon-logo-24x24-b.png"
+
+gateway_id: "geo"
+experiment_data_dir: "{{ user_data_dir }}/geo"
+gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZyps8huDQdr9ZJARtF0RcbyOD3FqMZZKldhW7soaWvOn7ev5rMgpto+TI/YQ8w5lWwWsqtxOByxJaGFgAkwI9+/vr0MPsMz/gmHi2NaEOYm+AA25ozPW9aMWRkaeAlK9sLWI85Cg6owozZngXV745R1LjtxhGO4/sOJLBIZxndLuaIlV1th2yontOsjv5CLr525mc8+0keViSWf7agdqTI7hN51fyyDM1KucwLfXXZZd4vQRJ68o9A6INH66KAbx54u6dd7PBKrJQC63RsPZG6i9jn6qBaLv7xkGH2iM7HfVy8ywMlyvQRb3DJdxG0AUXlZuxOHRH95hdBlgiSsTl"
+
+admin_emails: "[('CIRC', 'circ-iu-group@iu.edu')]"
+portal_title: "Geo Gateway"
+
+django_google_analytics_tracking_id: "UA-66348921-1"
+...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/geo/vault.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/geo/vault.yml
new file mode 100644
index 0000000..37e6dad
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/geo/vault.yml
@@ -0,0 +1,15 @@
+$ANSIBLE_VAULT;1.1;AES256
+35656363396232303364636463333737396262663039666361326130653065623163356138313536
+3234353431376237663565353065323339613266366663650a386565373862666164653162336336
+32386463326265373563303032356462313065373161623362613938366333646165393836386532
+3330636539653466340a653166313466636230386230653264376533666637313436303563353739
+30663131363736393839363864323835393236323538363331633538623735616461383639383266
+36656663366532336130613632396435666232663931313862396439353261666538653734343163
+65653463323634373531363261346462333465306562353132346633643739316261366336363135
+32623265373037623631653034393631646438376333323837663437303738363963643337656466
+38396463303162663130613965343032376232383831323965376661613833326664303638313934
+62666466663135326236356430633264343435303434626466396264393233363236646233653232
+63356236343431346430373130653864366237646435333664303138653530333138343434363433
+65653733626262636136333930383161623963363033626633653436383130383364383635366332
+33613766626630363862383130303564336566633534323934303137626461363135626638383134
+6535326463646631356438313935656131623833393233363466
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/global-flood/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/global-flood/vars.yml
new file mode 100644
index 0000000..16df3d6
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/global-flood/vars.yml
@@ -0,0 +1,53 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+#gateway_data_store_resource_id: "js-168-166.jetstream-cloud.org_e86fd426-201a-461a-a0b4-4368af59ca28"
+#gateway_data_store_hostname: "js-168-166.jetstream-cloud.org"
+
+vhost_servername: "globalflood.scigap.org"
+vhost_ssl: True
+ssl_certificate_file: "/etc/letsencrypt/live/globalflood.scigap.org/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/globalflood.scigap.org/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/globalflood.scigap.org/privkey.pem"
+
+
+## Keycloak related variables
+tenant_domain: "global-flood"
+oauth_client_key: "{{ vault_oauth_client_key }}"
+oauth_client_secret: "{{ vault_oauth_client_secret }}"
+
+auth_options:
+ password:
+ name: "Global Flood Assessment Gateway"
+ external:
+ - name: "Existing Institution Credentials"
+ idp_alias: "cilogon"
+ logo: "images/cilogon-logo-24x24-b.png"
+
+gateway_id: "global-flood"
+experiment_data_dir: "{{ user_data_dir }}/global-flood"
+gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPuGmLPwwXu15TCdLwsE9dFoWJu1kzQzdLukslMKjVCf05Fe+MyCP7EG5n1psGigSORGm0bo/9t9fPQGyPRUR2jIBI5lR2bE5JJ8XNotf+Gdv45FXhXHTIPSeb1bAymEQVghALxqeYOWnnP+6aL61Zy6nAokMJdkdRXFRxr0paYLbH3oaCAVdp2ggMXP+KMvkKHjMSa9aZFK/V/YrIRONKDrdK+DV7D0xk4XGplRAsw8UpS8GJipfq8uTM23Tr/UMCYUCbW8qqf0HYFohY+51lT/1JjYb+cBWjy1iuNGVQVnQsuNSOoDnW1C07V6VFzwKZJOv+rYhw6iL5rcq3fzDD"
+
+admin_emails: "[('CIRC', 'circ-iu-group@iu.edu'),('Wang Jun','wang208@iu.edu')]"
+portal_title: "Global Flood Assessment Gateway"
+
+#django_google_analytics_tracking_id: "UA-66348921-1"
+...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/global-flood/vault.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/global-flood/vault.yml
new file mode 100644
index 0000000..11892c3
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/global-flood/vault.yml
@@ -0,0 +1,15 @@
+$ANSIBLE_VAULT;1.1;AES256
+37626635613934633764323832616234313762356331386239333735326635633232346237653261
+3266623134383564383631326536353139626565393366350a666166313965306331626133363734
+34383365333333646661346537653835393861323331303932333734363761633338333861656263
+3561636365383632660a623934663233326538306561616532653530623938353634663962623033
+66336233313434663431383934326162366231386335653630613431396539323030363562626234
+64383162333265323434313238396337313131313537633637343530383061613233353334313638
+64363861656235303430386431393039396135383031323865333039653365363633363230303862
+39643265333265313136643234303466343965646263613133353063396265383438306461656663
+38306265646631336235303236656363666633346232616266326466303936636234653931373466
+39633232353966336334323161396236393266663935656437383235626339616638313562373739
+37343631616338633130373839643537326139346437653339353238613230333936353534663165
+37353833643338633035653736333966613139623663646366363431313237383065346564306335
+33623637353839386433346131323438653933663138366330313133313139376461353462356363
+6563346534383030383633663962663237386438376433656365
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/hicops-deepsnap/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/hicops-deepsnap/vars.yml
new file mode 100644
index 0000000..180e6dc
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/hicops-deepsnap/vars.yml
@@ -0,0 +1,54 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+#gateway_data_store_resource_id: "js-168-166.jetstream-cloud.org_e86fd426-201a-461a-a0b4-4368af59ca28"
+#gateway_data_store_hostname: "js-168-166.jetstream-cloud.org"
+
+vhost_servername: "hicops.cs.fiu.edu"
+vhost_ssl: True
+ssl_certificate_file: "/etc/letsencrypt/live/hicops.cs.fiu.edu/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/hicops.cs.fiu.edu/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/hicops.cs.fiu.edu/privkey.pem"
+
+#django_file_upload_max_file_size_mb: 2500
+
+## Keycloak related variables
+tenant_domain: "hicops"
+oauth_client_key: "{{ vault_oauth_client_key }}"
+oauth_client_secret: "{{ vault_oauth_client_secret }}"
+
+auth_options:
+ password:
+ name: "HICOPS Gateway"
+ external:
+ - name: "Existing Institution Credentials"
+ idp_alias: "cilogon"
+ logo: "images/cilogon-logo-24x24-b.png"
+
+gateway_id: "hicops"
+experiment_data_dir: "{{ user_data_dir }}/hicops"
+gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnwOfvXERKIUcsH9W4GH+S+glClMrxzlEV6cXtCgrr92ooTEw3oxjmQGyvGs0G6AFHe7Tbkxnp6QBFD/VvNLpaXcvZc3t37IvbKqm2Wu5TkLhgHZqG/ceGSlaLqgKIhU5kENF3Y0XtK/QSd4hfECWQ/VyzafPCLs88xuaXdhUQE4dw+COrimaW57nCZ/A1lspBIKsnwxqFpmIXE1gsR/eU0UjVCNixm3PoO+0hr6MTzzped+xAdQHuTST/0bu0vcrK1qVixsD8rKVLgaaEaHml93vG85wlzBmsiGID4yKNTJSQBNn3G8r51mjzw72tRHovaYlP3NMpPuWeVZgY7WF9"
+
+admin_emails: "[('CIRC', 'circ-iu-group@iu.edu'),('Muhammad Haseeb','mhaseeb@fiu.edu'),('Fahad Saeed','fsaeed@fiu.edu')]"
+portal_title: "HICOPS Portal"
+
+#django_google_analytics_tracking_id: "UA-66348921-1"
+...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/hicops-deepsnap/vault.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/hicops-deepsnap/vault.yml
new file mode 100644
index 0000000..0e67a43
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/hicops-deepsnap/vault.yml
@@ -0,0 +1,15 @@
+$ANSIBLE_VAULT;1.1;AES256
+65343532636331363838383766326637306364313564623364656535643463633730383262343961
+6238656335356538303063626137333231336465623764610a356263643833306332633965373365
+66326363346463616230306635663663623366656536336338613862653831333639383030656330
+6337313762373934640a383661333838373032626163363432323139326433353762346233373936
+36633363383738366437333166623530633465313963363331643364396466376133346134353264
+39313861636138626531373733336533643863643966346431626433633937333038643933383436
+31663164623731383737393831383866653437333062336165393861343466616435326330333662
+36303938666166623161373137306531343330623365383666333731633531323337653431636533
+33363066393261383133346263643230313263343836343239386336393165303530346662376463
+66643563396334376332653337326232383033626363633533333636353530383762663238623737
+35633864383839373235346665386561646332386437623636623130666637316161626532376331
+61633963666138326262633737663862646561393137313066353932623232633765646337343439
+64323664643966326166346437633636326239336139363234636338313162643836393165663135
+3732376230386463353264626365653566363937363636663437
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/immune/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/immune/vars.yml
new file mode 100644
index 0000000..464f0dc
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/immune/vars.yml
@@ -0,0 +1,54 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+#gateway_data_store_resource_id: "js-168-166.jetstream-cloud.org_e86fd426-201a-461a-a0b4-4368af59ca28"
+#gateway_data_store_hostname: "js-168-166.jetstream-cloud.org"
+
+vhost_servername: "immuneportal.ccbb.iupui.edu"
+vhost_ssl: True
+ssl_certificate_file: "/etc/letsencrypt/live/immuneportal.ccbb.iupui.edu/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/immuneportal.ccbb.iupui.edu/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/immuneportal.ccbb.iupui.edu/privkey.pem"
+
+django_file_upload_max_file_size_mb: 2500
+
+## Keycloak related variables
+tenant_domain: "immune"
+oauth_client_key: "{{ vault_oauth_client_key }}"
+oauth_client_secret: "{{ vault_oauth_client_secret }}"
+
+auth_options:
+ password:
+ name: "Immune Portal"
+ external:
+ - name: "Existing Institution Credentials"
+ idp_alias: "cilogon"
+ logo: "images/cilogon-logo-24x24-b.png"
+
+gateway_id: "immune"
+experiment_data_dir: "{{ user_data_dir }}/immune"
+gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCntbE2GLI5S2QNRlruR8vjmLHUbpePz9NBcSJuvffOT+R75nsWlyjVEI7Tn43qvJMPR7SpOy5W5u7mmjLYx0lphMv5RJ64Hy5tIK39RlXya3s/+0gyA//I9tS4BAt7NKmGItvIZI/JLGxyUY8ZTnkRofAbEHJy3KtW1lBWUHKNsJfXyR7KJwmEkOVMU8x4fC/C/OyfsofsipG82fYJlfAgpJc+kODAgJBZI90h9pisOmfk2Wkiqt6aC3JHUZmIF2x3w5eXyhTc6RCBgNNQUy88KPOp5neMnCEbrCMx0aZGqLZFb9Q+4DVdnsmS+QvCEEpI8eFiceSN0D1Yo5IC9bvh"
+
+admin_emails: "[('CIRC', 'circ-iu-group@iu.edu'),('Chuanpeng Dong','cpdong@iu.edu')]"
+portal_title: "Immune Portal"
+
+#django_google_analytics_tracking_id: "UA-66348921-1"
+...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/immune/vault.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/immune/vault.yml
new file mode 100644
index 0000000..5ff053e
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/immune/vault.yml
@@ -0,0 +1,15 @@
+$ANSIBLE_VAULT;1.1;AES256
+31383835363561393637363930353739386334633762396434376139663637343630663564373937
+3836353265666639663537633034313933343361346534640a313038653239643035303033653936
+31323665333332326130313132303164373830393662353237376661313461663032646363333865
+3731623134393466310a636366343534623334666564313363633533373833323132386134656636
+38656466396631323663616138643061333730636239623461633061663136386537383165353834
+39626536333938386264366563386361323163376136613332623561616565383531663937353763
+35633933333266353634366666326538343663393534393464613431666133316430316666396638
+30623061613866383032303035616630623135396462633036373533666663663533313435323238
+36373639663930656561616339363632386662383532643538633130303932333739303536643861
+36306530363136653538643466613061353231303931326362346136633362366132316165366437
+65393264613764626331663739363632316161353761333036326630326232643533643561393238
+61313739656630653039343163663662623466326234666437653937356630343535643636393639
+64633464623934643334303763363938666538363063643765316639653833303363616133356538
+3239633763303865373836353762346139363237643662613930
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/louisiana-state/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/louisiana-state/vars.yml
new file mode 100644
index 0000000..ee0f4b5
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/louisiana-state/vars.yml
@@ -0,0 +1,54 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+#gateway_data_store_resource_id: "js-168-166.jetstream-cloud.org_e86fd426-201a-461a-a0b4-4368af59ca28"
+#gateway_data_store_hostname: "js-168-166.jetstream-cloud.org"
+
+vhost_servername: "gateway.hpc.lsu.edu"
+vhost_ssl: True
+ssl_certificate_file: "/etc/letsencrypt/live/gateway.hpc.lsu.edu/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/gateway.hpc.lsu.edu/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/gateway.hpc.lsu.edu/privkey.pem"
+
+#django_file_upload_max_file_size_mb: 2500
+
+## Keycloak related variables
+tenant_domain: "louisiana-state"
+oauth_client_key: "{{ vault_oauth_client_key }}"
+oauth_client_secret: "{{ vault_oauth_client_secret }}"
+
+auth_options:
+ password:
+ name: "LSU Gateway"
+ external:
+ - name: "Existing Institution Credentials"
+ idp_alias: "cilogon"
+ logo: "images/cilogon-logo-24x24-b.png"
+
+gateway_id: "louisiana-state"
+experiment_data_dir: "{{ user_data_dir }}/louisiana-state"
+gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCGku09BKS2SsQvp6rwoKqvbGrjZ7YcUUFU3zqU7Rd+jtxaRMw/di+ejAcJ3ouQhikW1RsF5BhulWHa7YtH3D/GaDpUeosdYn7al/TuJhC+GEsdVc9hCDxbFY2b7wjF4K8Xt+5/y/ySzTCb1V40ExfH/tBC/9c1CvdkJv4+a8t9O+ZgnWdR6pSarzyFIAXe6oFHauq4o8LRYyBhWaF+4NQDOx/bC46AiaRUtwhWUG5mhEZtKJO9GTcmOMT+TD2U6BDtT6yhL+A+FSM7TepY9nBeO+YHWbZf/yydAjRh8cONWpy7QPieSYm8yAkk0sF8qqAkZusgJFIIhPK/CJQioxuv"
+
+admin_emails: "[('CIRC', 'circ-iu-group@iu.edu'),('Zach Byerly','zbyerl1@lsu.edu')]"
+portal_title: "LSU Portal"
+
+#django_google_analytics_tracking_id: "UA-66348921-1"
+...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/louisiana-state/vault.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/louisiana-state/vault.yml
new file mode 100644
index 0000000..1240194
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/louisiana-state/vault.yml
@@ -0,0 +1,15 @@
+$ANSIBLE_VAULT;1.1;AES256
+38313835326431336534323663636437366161386238393036343134323133326262383864383635
+3332613534386432306362616637313831346663393666340a363466343433396562626533333763
+66366662313531666533323562306130666161326138643737666361613736336164633430356662
+3136616438326134360a383364363464623330333230383965336134643230393930323961663737
+66613361376330663339353663613561613135326264313131316433616332623465343434396331
+65366635313238653261373766303062643562623733366166373430373539653662663361346464
+30366262313966356430623231366161303237646631653738646266646366313531393365353062
+61303061623733353263373736396235313634613239636265613535663662666533653136353632
+62383566373865643164333532356638333034316137323061653539626561356639373334666137
+33636336306637313864633430666533306433653038393734623063633532306662636536366235
+32323336373837396537373665353632363163653437366332306264613332633034623564633634
+61363036323235363839363930643862336664663934653334656132366638643733396232643330
+61613435653534353531623561346133373864656163323763666264353335633332613533393732
+6338613461626165363163383332363838333637613934656438
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/lrose/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/lrose/vars.yml
index b1844d7..862f92c 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/lrose/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/lrose/vars.yml
@@ -45,7 +45,8 @@
experiment_data_dir: "{{ user_data_dir }}/lrose"
gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCBRVHtPN6m/9VUXuYK6+92BSWR65D7+8Y+HAwevv1teLTuaZutyvysbQDPeKYMpqj+z3GMPo0E86zIoXXFHKXS6assBsvpQNNXBfIl91J0b3gUD3SukBbShPyhTawIi7za6VPMvUSa3koC/52Ihbz8VQLNc0xCxnSWHhgc1bIBMoA1JsXOnKPAQZvjkBwXAZUeDXLyS3koE9WNnbRoqOUkqs0MO8tKCvfaVTqILHToOSvgaXrXbEEpND9dCvIuer6tREgakoig+1ck9t9VzPLb/1FsaWGA/V/0WKHcsGvfDmIZcjtdL+eUhVJIJif3BCXDeQJJVap7smll3DXmkgKb"
-admin_emails: "[('CIRC', 'circ-iu-group@iu.edu'),('Brenda Javornik', 'brenda@ucar.edu')]"
+admin_emails: "[('CIRC', 'circ-iu-group@iu.edu'),('Brenda Javornik', 'brenda@ucar.edu'),('Mike Dixon', 'dixon@ucar.edu'),('Ting-Yu Cha', 'tingyu@rams.colostate.edu'),('Jen DeHart', 'jcdehart@colostate.edu')]"
portal_title: "LROSE Gateway"
+django_google_analytics_tracking_id: "UA-178055994-1"
...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/microbial-genomes/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/microbial-genomes/vars.yml
index 9856fa6..e7bcd2d 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/microbial-genomes/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/microbial-genomes/vars.yml
@@ -48,7 +48,8 @@
experiment_data_dir: "{{ user_data_dir }}/microbial-genomes"
gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCG/syNtrxrgfdHpxln172epFN36uztXhblac4uqNYW9Qlp8K5YI1MICxCW+HJu1mOkIvOLseYaZm1m8Vt7KwTvp/RP6iyZ8M/fWMPO+v9ZLjGupi/iDLA8JNfD0trpwXzW4PCFaqPG2+LtpzsfsI8Bx6UwFXbHKdEo5eC548Cc5EVkZ9xFEChCQHdUcxWI7zs7+S9wsAOY3Qbsrg/UtLAe4P8ZFxABSgBdirKusxdbw/0LgVhkj1aTKIE7n+7b7b11m4A1bzvsvhNLBlN+hRXG9ZiOOYExO1T5p3rX+HHIeUNAi1AMlc6KTa833ni0FWK3EYbGEwC1og6hSfl2ZGRp"
-admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu'),('Luis Rodriguez Rojas', 'lrr@gatech.edu')]"
+admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu'),('Luis Rodriguez Rojas', 'miguel.rodriguez@uibk.ac.at'),('Konstantinos Konstantinidis','kostas@ce.gatech.edu'),('Luis Rodriguez Rojas','lmrodriguezr@gmail.com')]"
portal_title: "Microbial Genomes Gateway"
+django_google_analytics_tracking_id: "UA-177964723-1"
...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/mines/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/mines/vars.yml
index 62f6f51..7947beb 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/mines/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/mines/vars.yml
@@ -1,4 +1,4 @@
-#
+ #
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/pace-gatech/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/pace-gatech/vars.yml
index eeb09e1..5422b46 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/pace-gatech/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/pace-gatech/vars.yml
@@ -27,6 +27,8 @@
ssl_certificate_chain_file: "/etc/letsencrypt/live/gateway.hive.pace.gatech.edu/fullchain.pem"
ssl_certificate_key_file: "/etc/letsencrypt/live/gateway.hive.pace.gatech.edu/privkey.pem"
+django_file_upload_max_file_size_mb: 1000
+
## Keycloak related variables
tenant_domain: "pace-gatech"
oauth_client_key: "{{ vault_oauth_client_key }}"
@@ -44,7 +46,7 @@
experiment_data_dir: "{{ user_data_dir }}/pace-gatech"
gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCNOy82E44c+/64s1Gd/VeQ4CpcGuTHwodXd1sLKu9sUDVO3pH4oBIQi0SLAns7W9qG63mZWO7lh2lSpqVyVzPY8eN+s/9JcvdLpJaTD35mxIXFTzPjbaVczpSB7DVpwPeQkHysrFe4U3TDgZemmVtFEe0TwU6wmVA42XFZi9+Z+q+jEJuG6t4O4v25jqkX6pQPkfDzMWh8Wxu2jXoBVLYIkpl1hXVGx+xLZFsgPkpjI9/+e29TEfcHBocE2a0/rtRUEFZjYApg2zb8Zglq37c6y8NepT5YyznA0QJV/hr7BogVHqrLy1HL5MCTt83Yn8e5/srNq27yjow1Jy8UHlB3"
-admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu'),('Semir Sarajlic', 'semir.sarajlic@oit.gatech.edu')]"
+admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu'),('PACE Support', 'pace-support@oit.gatech.edu')]"
portal_title: "PACE Gateway"
...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/regsnps/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/regsnps/vars.yml
new file mode 100644
index 0000000..eb9d483
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/regsnps/vars.yml
@@ -0,0 +1,53 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+#gateway_data_store_resource_id: "js-168-166.jetstream-cloud.org_e86fd426-201a-461a-a0b4-4368af59ca28"
+#gateway_data_store_hostname: "js-168-166.jetstream-cloud.org"
+
+vhost_servername: "regsnps.ccbb.iupui.edu"
+vhost_ssl: True
+ssl_certificate_file: "/etc/letsencrypt/live/regsnps.ccbb.iupui.edu/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/regsnps.ccbb.iupui.edu/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/regsnps.ccbb.iupui.edu/privkey.pem"
+
+
+## Keycloak related variables
+tenant_domain: "regsnps"
+oauth_client_key: "{{ vault_oauth_client_key }}"
+oauth_client_secret: "{{ vault_oauth_client_secret }}"
+
+auth_options:
+ password:
+ name: "RegSNPs Gateway"
+ external:
+ - name: "Existing Institution Credentials"
+ idp_alias: "cilogon"
+ logo: "images/cilogon-logo-24x24-b.png"
+
+gateway_id: "regsnps"
+experiment_data_dir: "{{ user_data_dir }}/regsnps"
+gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAlldWcIK6yNgrj8Firns6JzHVv7iHEdj+VRe6GBIbPSsvY70dx6wfxxCaQvaEvfbXasdPsteTGxjYZ1qSiFQ5XWbX0azThxtMpz/ycQ0V9npsEhRMQ7dzRCI/r5RJOMryVK8KeHRxKJC3SUg4NkDqQ9TFkxYv0vWdsuhPFflpR2QvacD4kfh7nBvVhjxLqSlyDYJEJkKBuvx2n6p+Kx9sr9V1UXDZl22TXyTIHGdVwcTS6nhItqMeSCtBDsofv7U1xvKCb3u4D0tXlSAgLv7Anc+CQmJlj6QJQV4U2fsRy0eW+kkn5U3Dza9km0aXdAo+VHuBXdCGTG13e7yTgRRr"
+
+admin_emails: "[('CIRC', 'circ-iu-group@iu.edu')]"
+portal_title: "RegSNPs Gateway"
+
+#django_google_analytics_tracking_id: "UA-66348921-1"
+...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/regsnps/vault.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/regsnps/vault.yml
new file mode 100644
index 0000000..abc9740
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/regsnps/vault.yml
@@ -0,0 +1,15 @@
+$ANSIBLE_VAULT;1.1;AES256
+34366238346164303231616665336337386235303337366338643364626430396239343862666561
+3566336332306335333264656165623165623961303065630a646139343136323837306562623863
+61656335643433396461316235306130623030383965396530353337366233316239333031653531
+3630366638356561380a303563373537343563643261343835663664303030336431366435393966
+66626264396632363331363336653565356465306365353732313732653938333836646237663361
+38656362663137623532616163393031663736633865393866646665656331613939333037393434
+35326434313031613731333063626136396461326231616262643931616266633532363630313735
+65623261386565363131353164383338303361323732643638623139323766353832646135626163
+65383631363031643164363939636233386164386261333935653239323831626130363331353963
+62393466316138353833376262386635623633616536313563393364636133643433396135346665
+30356362613366386461613934376661383033383061316636613964616138656137393263663331
+64633735373836653761383138343165646330393063653465656535356131633237663163666332
+65383537636230306233636436306430373834656438613861366538643135303731316332336238
+3265656662633865313264313536643561373661393635303436
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/rutgersgemr/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/rutgersgemr/vars.yml
deleted file mode 100644
index 7e7ede2..0000000
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/rutgersgemr/vars.yml
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-
----
-vhost_servername: "gemr.scigap.org"
-vhost_ssl: True
-ssl_certificate_file: "/etc/letsencrypt/live/gemr.scigap.org/cert.pem"
-ssl_certificate_chain_file: "/etc/letsencrypt/live/gemr.scigap.org/fullchain.pem"
-ssl_certificate_key_file: "/etc/letsencrypt/live/gemr.scigap.org/privkey.pem"
-
-## Keycloak related variables
-tenant_domain: "prostate-cancer-prediction"
-oauth_client_key: "{{ vault_oauth_client_key }}"
-oauth_client_secret: "{{ vault_oauth_client_secret }}"
-
-auth_options:
- password:
- name: "Prostate Cancer Prediction Gateway"
- # external:
- # - name: "existing institution credentials"
- # idp_alias: "cilogon"
- # logo: "images/cilogon-logo-24x24-b.png"
-
-gateway_id: "prostate-cancer-prediction"
-experiment_data_dir: "{{ user_data_dir }}/prostate-cancer-prediction"
-gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaSojVxYa+6AS+jf+AyUnD0YqWisUeyiqjJ1Bi0p+d0FCAgxk2xyOX1m1eVvOLlxoL1KYzHV6cBqLyhSMMRsp1qiDrWkq9UdJiSywO/KvgjKfMrOrsgSj84BRo7ceJK5irAqeGIdAgDhGTJFuV+OEm+iDaRK1Om2QvkuGwEYQ1EZLY9H7JpGgU6Fw0Aoh4e2wYwp/RQ2QGNjc5EGddZJZil8W3NlibKJ+5Yl90kyX3s2tEUjQSBNYXcokUvc01ZdfAY3TUwQlTlMyJpjZyuTF8Ea4fw3p9sVHRNrLIyCmYHrMxGTNVapV5bk1NZd1LxhqRjhKvIP4kFNd7lW30k/sT"
-
-admin_emails: "[('SGRC','sgrc-iu-group@iu.edu'),('Kristina Plazonic','kp807@oarc.rutgers.edu')]"
-portal_title: "Prostate Cancer Prediction Gateway"
-
-...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/rutgersgemr/vault.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/rutgersgemr/vault.yml
deleted file mode 100644
index 755a82f..0000000
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/rutgersgemr/vault.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-$ANSIBLE_VAULT;1.1;AES256
-32306130313732636537656435346434323632663564333832646665326639653166393263306235
-6530363831316437343936326364613438353164396231310a323833323535623566326437616166
-64336265383533373863396432356233623236363833613865373336336330343730366339363766
-3639376533616462340a656136313436353062386463613066653936356433623966383535613962
-37646565386434326666373232663562363561663164323564383265383232343337626363393731
-36613762306461353762353963613766323532623733643464616531646263663466636437633836
-30383233636132643264353665373339613333636463616665616664646231633238636534653735
-33626532383431313363393433356135333838303736363366393332346237353066323035323739
-32316337323165383864363038656234386636313961353365353036653132323034393963623730
-31323261613238626334623539393365306337613838386531353363386536613137316365333232
-35303339336161383431623531346663656633376466393364383961393436393338356165653561
-37336637336262633933363435333833653235643961616164383737306664363730643264333739
-30303166396566333962303633353038393630633337316330643231333463656637346632356663
-6231323363646663373563663332306539613364653662616139
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/saverx/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/saverx/vars.yml
index ea1c265..90a6fa4 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/saverx/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/saverx/vars.yml
@@ -47,4 +47,5 @@
admin_emails: "[('SGRC','sgrc-iu-group@iu.edu'),('Bowei Kang','kbw@uchicago.edu'), ('Jingshu Wang','jingshuw@uchicago.edu'), ('Nancy Zhang','nzh@wharton.upenn.edu')]"
portal_title: "Saver-X Gateway"
+django_google_analytics_tracking_id: "UA-178027975-1"
...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/searchsra/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/searchsra/vars.yml
index 1d42bfa..29cd923 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/searchsra/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/searchsra/vars.yml
@@ -26,7 +26,7 @@
ssl_certificate_key_file: "/etc/letsencrypt/live/www.searchsra.org/privkey.pem"
django_file_upload_max_file_size_mb: 60
-django_pga_url: "https://pga.searchsra.scigap.org"
+#django_pga_url: "https://pga.searchsra.scigap.org"
## Keycloak related variables
tenant_domain: "searching-sra"
@@ -48,4 +48,5 @@
admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu'), ('Robert Edwards', 'raedwards@gmail.com'),('Robert Edwards', 'redwards@sdsu.edu'), ('Mats Rynge','rynge@isi.edu'), ('Eroma Abeysinghe', 'eabeysin@iu.edu')]"
portal_title: "Search-SRA Portal"
+django_google_analytics_tracking_id: "UA-177998970-1"
...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular/vars.yml
index 70e2c91..3c9195f 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular/vars.yml
@@ -19,14 +19,25 @@
#
---
-vhost_servername: "django.simvascular.scigap.org"
+
+# Simvascular is deployed on its own server at simvascular.stanford.edu
+
+django_tus_endpoint: "https://tus.simvascular.scigap.org/files/"
+# configure user_data_dir and real_user_data_dir
+user_data_dir: "/var/www/portals/gateway-user-data"
+real_user_data_dir: "/home/www-shared/gateway-user-data"
+django_database_host_ip_address: "localhost"
+django_database_hosts:
+ # Database is installed on the same host as the Django server
+ - simvascular
+
+vhost_servername: "new.django.simvascular.scigap.org"
vhost_ssl: True
-ssl_certificate_file: "/etc/letsencrypt/live/django.simvascular.scigap.org/cert.pem"
-ssl_certificate_chain_file: "/etc/letsencrypt/live/django.simvascular.scigap.org/fullchain.pem"
-ssl_certificate_key_file: "/etc/letsencrypt/live/django.simvascular.scigap.org/privkey.pem"
+ssl_certificate_file: "/etc/letsencrypt/live/{{ vhost_servername }}/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/{{ vhost_servername }}/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/{{ vhost_servername }}/privkey.pem"
django_file_upload_max_file_size_mb: 2000
-django_pga_url: "https://gateway.simvascular.org"
## Keycloak related variables
tenant_domain: "simvascular"
@@ -43,6 +54,8 @@
gateway_id: "simvascular"
experiment_data_dir: "{{ user_data_dir }}/simvascular"
+gateway_data_store_hostname: "simvascular.stanford.edu"
+gateway_data_store_resource_id: "simvascular.stanford.edu_758fc879-e037-4a10-980f-3566ac7cab1b"
gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCNdivlUyLh11poF2vufwa8pCjVY0/fkvym9qdpEeu6nS55CVZe5VXqA1NZ+IwVDabAFwoLrUvaWt7eE8POEZNiBgtonZ21x6KIK5/HilSM6jHds1u6NY436AiHqmcybO/u+NkUI8gUjWTbs4S/i/2WfvAHZc3dbcCHls3QgG55TqOdNnh2pjFLSA1wu0d1qRnrPwnje/yC4GD+3XU1HPLHb9FXLHO4umswKq8sDk2lOIN7u08pCF8Y+BPYfmEdvY8oFwdVsj3OoA3fWEE42xTjb3g65X2oCbhco1g1ya0cfJMgSUbHCcOc2D//rXD+L4/z0/A2VCiEFJtTllrws609"
admin_emails: "[('CIRC', 'circ-iu-group@iu.edu'), ('Alison Marsden', 'amarsden@stanford.edu'), ('Nathan Wilson', 'nwilson@osmsc.com'), ('Eroma Abeysinghe', 'eabeysin@iu.edu'), ('Martin Pfaller','pfaller@stanford.edu'), ('Weiguang Yang','wgyang@stanford.edu'), ('David W. Parker','davep@stanford.edu')]"
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular/vault.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular/vault.yml
index aecdd17..929364c 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular/vault.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular/vault.yml
@@ -1,15 +1,18 @@
$ANSIBLE_VAULT;1.1;AES256
-33323735346138626633386636373833613861656535663834366466343266666239626466623062
-6237336437386537613964613233313965343632386430310a303532646239633533333631636236
-34333630363961663936663037643362316262386330313935666634653062623937356234306662
-3766366539316437300a633165313136623366663561633961383138626161333962303633363134
-31666430633339353838313931616164613832663031643939336339326135623761343264356430
-35363264326334623761643363386539326461303338633862333239363561326137616166376162
-39353837653565343837663063363330386538353334666162663838616263306364396339346338
-65303761376431313865323534656639346365633265303639396465656334636139383434626365
-31616430666437323162343135316435306231646630323364353962316135643262343634386530
-65663439643333393534343233343463356635323738383930613064633032333664386631383033
-66316165633930643664363531346164616632353533393436623230626162373965313366313832
-66633963613134366539306166343339623136336132373138353435613435326132663332373065
-38306164623938303133303866616231666136313434333835663264373536363663636538646536
-6134613564643561346338633932313739623431333530613465
+39656265613239336132643464393439353834333938363462333835356235613837366431376435
+3661323464643837663338623333386132666534663031320a666134633334663333663035646366
+64653734663437613361613736396565393162663465666133323530613166613165366130333961
+3264336232666161630a393064356331346566646261393939373730356635353063643138373761
+33393866383935383837306565343830306564346165666361303036353566303639306365666465
+35323135356433656663663166653936373433663039313464346530643837303235663030393934
+38326436336137393035616238333764383939393234366131383836316565343134323734626665
+38313139633032643338336431623436623333353832323936303035393535656436643036663731
+39343638333938386239323035356561646236323366333331363966613731333332333237633431
+39366535613037343334356338373439356234656139383339346537323363323835333433623266
+36373734636533376566613032326363336332306438363536636265336339336264346664643038
+65373431393164386561376565313862313866316334326333633263626365663731323035353363
+62646230343664316366323961353566356334356332306661646235653938366562313935396363
+65643261343335663333663538323335366265386564346164346662353832643763336438646362
+66653963343961303264363033663635656161363130343762346235326632353333396630323732
+37383630653133386266386332356631663932643365646330616436323366373439653365343134
+61336161616566356433386636376130316563396662623063303364323935313730
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular_old/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular_old/vars.yml
new file mode 100644
index 0000000..1a0ebff
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular_old/vars.yml
@@ -0,0 +1,53 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+vhost_servername: "gateway.simvascular.org"
+vhost_ssl: True
+ssl_certificate_file: "/etc/letsencrypt/live/gateway.simvascular.org/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/gateway.simvascular.org/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/gateway.simvascular.org/privkey.pem"
+django_database_name: "django_simvascular"
+
+django_file_upload_max_file_size_mb: 2000
+#django_pga_url: "https://gateway.simvascular.org"
+
+## Keycloak related variables
+tenant_domain: "simvascular"
+oauth_client_key: "{{ vault_oauth_client_key }}"
+oauth_client_secret: "{{ vault_oauth_client_secret }}"
+
+auth_options:
+ password:
+ name: "SimVascular"
+ external:
+ - name: "existing institution credentials"
+ idp_alias: "cilogon"
+ logo: "images/cilogon-logo-24x24-b.png"
+
+gateway_id: "simvascular"
+experiment_data_dir: "{{ user_data_dir }}/simvascular"
+gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCNdivlUyLh11poF2vufwa8pCjVY0/fkvym9qdpEeu6nS55CVZe5VXqA1NZ+IwVDabAFwoLrUvaWt7eE8POEZNiBgtonZ21x6KIK5/HilSM6jHds1u6NY436AiHqmcybO/u+NkUI8gUjWTbs4S/i/2WfvAHZc3dbcCHls3QgG55TqOdNnh2pjFLSA1wu0d1qRnrPwnje/yC4GD+3XU1HPLHb9FXLHO4umswKq8sDk2lOIN7u08pCF8Y+BPYfmEdvY8oFwdVsj3OoA3fWEE42xTjb3g65X2oCbhco1g1ya0cfJMgSUbHCcOc2D//rXD+L4/z0/A2VCiEFJtTllrws609"
+
+admin_emails: "[('CIRC', 'circ-iu-group@iu.edu'), ('Alison Marsden', 'amarsden@stanford.edu'), ('Nathan Wilson', 'nwilson@osmsc.com'), ('Eroma Abeysinghe', 'eabeysin@iu.edu'), ('Martin Pfaller','pfaller@stanford.edu'), ('Weiguang Yang','wgyang@stanford.edu'), ('David W. Parker','davep@stanford.edu')]"
+portal_title: "SimVascular Gateway Portal"
+
+django_google_analytics_tracking_id: "UA-111528347-7"
+...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular_old/vault.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular_old/vault.yml
new file mode 100644
index 0000000..aecdd17
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/simvascular_old/vault.yml
@@ -0,0 +1,15 @@
+$ANSIBLE_VAULT;1.1;AES256
+33323735346138626633386636373833613861656535663834366466343266666239626466623062
+6237336437386537613964613233313965343632386430310a303532646239633533333631636236
+34333630363961663936663037643362316262386330313935666634653062623937356234306662
+3766366539316437300a633165313136623366663561633961383138626161333962303633363134
+31666430633339353838313931616164613832663031643939336339326135623761343264356430
+35363264326334623761643363386539326461303338633862333239363561326137616166376162
+39353837653565343837663063363330386538353334666162663838616263306364396339346338
+65303761376431313865323534656639346365633265303639396465656334636139383434626365
+31616430666437323162343135316435306231646630323364353962316135643262343634386530
+65663439643333393534343233343463356635323738383930613064633032333664386631383033
+66316165633930643664363531346164616632353533393436623230626162373965313366313832
+66633963613134366539306166343339623136336132373138353435613435326132663332373065
+38306164623938303133303866616231666136313434333835663264373536363663636538646536
+6134613564643561346338633932313739623431333530613465
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/smaltr/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/smaltr/vars.yml
index 820ff18..7593cb2 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/smaltr/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/smaltr/vars.yml
@@ -47,4 +47,5 @@
admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu'),('Aaron Frank', 'afrankz@umich.edu')]"
portal_title: "SMALTR Gateway"
+django_google_analytics_tracking_id: "UA-178055906-1"
...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/toppic/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/toppic/vars.yml
index 9b33541..5f960f8 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/toppic/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/toppic/vars.yml
@@ -49,4 +49,6 @@
admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu'),('Liu Xiaowen' 'xwliu@iupui.edu'),('In Kwon Choi','inkwchoi@iu.edu'),('Liu Xiaowen','xwliu@iu.edu')]"
portal_title: "TopPIC Gateway"
+django_google_analytics_tracking_id: "UA-178002567-1"
+
...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/tsunami/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/tsunami/vars.yml
new file mode 100644
index 0000000..7de5979
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/tsunami/vars.yml
@@ -0,0 +1,52 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+#gateway_data_store_resource_id: "js-168-166.jetstream-cloud.org_e86fd426-201a-461a-a0b4-4368af59ca28"
+#gateway_data_store_hostname: "js-168-166.jetstream-cloud.org"
+
+vhost_servername: "netbio.sciencegateways.iu.edu"
+vhost_ssl: True
+ssl_certificate_file: "/etc/letsencrypt/live/netbio.sciencegateways.iu.edu/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/netbio.sciencegateways.iu.edu/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/netbio.sciencegateways.iu.edu/privkey.pem"
+
+## Keycloak related variables
+tenant_domain: "tsunami"
+oauth_client_key: "{{ vault_oauth_client_key }}"
+oauth_client_secret: "{{ vault_oauth_client_secret }}"
+
+auth_options:
+ password:
+ name: "TSUNAMI Gateway"
+ external:
+ - name: "Existing Institution Credentials"
+ idp_alias: "cilogon"
+ logo: "images/cilogon-logo-24x24-b.png"
+
+gateway_id: "tsunami"
+experiment_data_dir: "{{ user_data_dir }}/tsunami"
+gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4/mMdvcRHp7ThTToIRpmO+O46pme1Oo649yFLNoFlnIYHxT3cUnxYbxrxgcw83PwwFTK4FV04ITUEyOmD9Qoa1liwdrCvEqR31eTD+GkUVVGUgCp+GvqCWnZkEJ8+z/VBLuJjK0HxpT+9kSh0DChoZ6k64/dsNrA4l1YE0EBrOfLKSGJ0Ik2tlKxbIrwTe8ZDWu2iVKFMnFaLbsWoraQ+sYWTbW+1BCYAxsT9ykH4KOYE/YPBUECr8zVzBSXSxyNPtuySvy0PzNjLrm8nN4uIr5wgrFqi2iL2i2vQyFMTJJToyvcBVLK3eCw+AmYrlHZq49E8+uAhfDhDahy4WraJ"
+
+admin_emails: "[('CIRC', 'circ-iu-group@iu.edu')]"
+portal_title: "TSUNAMI Gateway"
+
+django_google_analytics_tracking_id: "UA-178055994-1"
+...
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/tsunami/vault.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/tsunami/vault.yml
new file mode 100644
index 0000000..2829f23
--- /dev/null
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/tsunami/vault.yml
@@ -0,0 +1,15 @@
+$ANSIBLE_VAULT;1.1;AES256
+39666435313663646338396162376135326139323230623835393835653635633566313763316361
+3037363366633266326633316235326438336263643862330a346435313232333730383938636665
+62316432653534396536623266633234616364666261316535316630396131356437326663656638
+6462316261636161610a633639386631653038323032653238613366343736313133346263326462
+39313731353835333535316537393864646361316464643532336431333037306338366531323432
+38316531613632343266383939386635353862623833393866393561623632343137613234313565
+63353762323531316331386562656137316635393864343766626533353836373261363833313064
+36353934333861373963313661333132393666336138386538633564333161663865633437343633
+62346139656438323139353164363538373631636562656335343832666136396237663536336262
+37323331396138643233333833326531643839316162393730353935303933356665613836383337
+33373930326563306230373637633534376633306633376537616333316635393931646462623962
+61656536643432616137386237353364633531336330336561323038633765333333623639653563
+61623639303663616139393765356334663662326133363535643532346234613336663438613134
+6663346130623566373939336136643039336430363130343730
diff --git a/dev-tools/ansible/inventories/scigap/production/host_vars/v4i/vars.yml b/dev-tools/ansible/inventories/scigap/production/host_vars/v4i/vars.yml
index 2444f94..f52c5c8 100644
--- a/dev-tools/ansible/inventories/scigap/production/host_vars/v4i/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/host_vars/v4i/vars.yml
@@ -47,4 +47,5 @@
admin_emails: "[('SGRC', 'sgrc-iu-group@iu.edu')]"
portal_title: "V4I Gateway"
+django_google_analytics_tracking_id: "UA-178047106-1"
...
diff --git a/dev-tools/ansible/inventories/scigap/production/hosts b/dev-tools/ansible/inventories/scigap/production/hosts
index 1a833bf..239ee89 100644
--- a/dev-tools/ansible/inventories/scigap/production/hosts
+++ b/dev-tools/ansible/inventories/scigap/production/hosts
@@ -43,12 +43,10 @@
oscer ansible_host=156.56.104.84
phasta ansible_host=156.56.104.84
r-hpc ansible_host=156.56.104.84
-rutgersgemr ansible_host=156.56.104.84
saverx ansible_host=156.56.104.84
sdstate ansible_host=156.56.104.84
seagrid ansible_host=156.56.104.84
searchsra ansible_host=156.56.104.84
-simvascular ansible_host=156.56.104.84
snowvision ansible_host=156.56.104.84
southdakota ansible_host=156.56.104.84
testdrive ansible_host=156.56.104.84
@@ -64,6 +62,14 @@
pathogenomics ansible_host=156.56.104.84
bcbportal ansible_host=156.56.104.84
lrose ansible_host=156.56.104.84
+tsunami ansible_host=156.56.104.84
+geo ansible_host=156.56.104.84
+covid-geoact ansible_host=156.56.104.84
+immune ansible_host=156.56.104.84
+regsnps ansible_host=156.56.104.84
+global-flood ansible_host=156.56.104.84
+louisiana-state ansible_host=156.56.104.84
+hicops-deepsnap ansible_host=156.56.104.84
# dreg jetstream server
dreg ansible_host=149.165.156.72 ansible_user=centos
@@ -79,3 +85,8 @@
# simccs server
simccs ansible_host=scigap11.sciencegateways.iu.edu ansible_user=root
+
+# simvascular server
+simvascular ansible_host=simvascular.stanford.edu ansible_user=gateway
+# we can remove this once the migration is complete
+simvascular_old ansible_host=156.56.104.84
diff --git a/dev-tools/ansible/inventories/scigap/production/pga_config/simvascular/vars.yml b/dev-tools/ansible/inventories/scigap/production/pga_config/simvascular/vars.yml
index cb286e7..a0878f9 100644
--- a/dev-tools/ansible/inventories/scigap/production/pga_config/simvascular/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/pga_config/simvascular/vars.yml
@@ -19,16 +19,18 @@
#
---
+# Simvascular is deployed on its own server at simvascular.stanford.edu
+
pga_repo: "https://github.com/apache/airavata-php-gateway.git"
user: "pga"
group: "pga"
doc_root_dir: "/var/www/portals/simvascular"
-vhost_servername: "gateway.simvascular.org"
+vhost_servername: "pga.simvascular.scigap.org"
vhost_ssl: True
# TODO: have Ansible manage these files as well
-ssl_certificate_file: "/etc/letsencrypt/live/gateway.simvascular.org/cert.pem"
-ssl_certificate_chain_file: "/etc/letsencrypt/live/gateway.simvascular.org/fullchain.pem"
-ssl_certificate_key_file: "/etc/letsencrypt/live/gateway.simvascular.org/privkey.pem"
+ssl_certificate_file: "/etc/letsencrypt/live/{{ vhost_servername }}/cert.pem"
+ssl_certificate_chain_file: "/etc/letsencrypt/live/{{ vhost_servername }}/fullchain.pem"
+ssl_certificate_key_file: "/etc/letsencrypt/live/{{ vhost_servername }}/privkey.pem"
php_upload_max_filesize: "300M"
php_post_max_size: "2000M"
@@ -56,8 +58,8 @@
gateway_id: "simvascular"
# relative to document root dir
experiment_data_dir: "{{ user_data_dir }}/simvascular"
-gateway_data_store_resource_id: "gf4.ucs.indiana.edu_61552681-96f0-462a-a36c-a62a010bffc6"
-gateway_data_store_ssh_public_key: ""
+gateway_data_store_resource_id: "simvascular.stanford.edu_758fc879-e037-4a10-980f-3566ac7cab1b"
+gateway_data_store_ssh_public_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCNdivlUyLh11poF2vufwa8pCjVY0/fkvym9qdpEeu6nS55CVZe5VXqA1NZ+IwVDabAFwoLrUvaWt7eE8POEZNiBgtonZ21x6KIK5/HilSM6jHds1u6NY436AiHqmcybO/u+NkUI8gUjWTbs4S/i/2WfvAHZc3dbcCHls3QgG55TqOdNnh2pjFLSA1wu0d1qRnrPwnje/yC4GD+3XU1HPLHb9FXLHO4umswKq8sDk2lOIN7u08pCF8Y+BPYfmEdvY8oFwdVsj3OoA3fWEE42xTjb3g65X2oCbhco1g1ya0cfJMgSUbHCcOc2D//rXD+L4/z0/A2VCiEFJtTllrws609"
group_resource_profile_id: "6359d7f5-be13-4548-9762-943c1cc1a6f2"
## Portal related variables
diff --git a/dev-tools/ansible/inventories/scigap/staging/group_vars/all/vars.yml b/dev-tools/ansible/inventories/scigap/staging/group_vars/all/vars.yml
index 69cdf57..4fa00f2 100644
--- a/dev-tools/ansible/inventories/scigap/staging/group_vars/all/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/staging/group_vars/all/vars.yml
@@ -91,8 +91,8 @@
# Credential and keystore related variables
keystore_src_path: "{{inventory_dir}}/files/airavata.jks"
keystore_passwd: "{{ vault_keystore_passwd }}"
-client_truststore_src_path: "{{inventory_dir}}/files/client_truststore.jks"
-client_truststore_passwd: "{{ vault_client_truststore_passwd }}"
+# client_truststore_src_path: "{{inventory_dir}}/files/client_truststore.jks"
+# client_truststore_passwd: "{{ vault_client_truststore_passwd }}"
cred_keystore_src_path: "{{inventory_dir}}/files/airavata_sym.jks"
cred_keystore_passwd: "{{ vault_cred_keystore_passwd }}"
cred_keystore_alias: "airavata"
@@ -187,3 +187,27 @@
thrift_client_pool_abandoned_removal_enabled: true
thrift_client_pool_abandoned_removal_logged: true
+
+# Subnet definitions
+iu_subnets:
+ - "149.163.0.0/16"
+ - "140.182.0.0/16"
+ - "149.165.0.0/16"
+ - "192.68.133.0/24"
+ - "192.12.206.0/24"
+ - "149.159.0.0/16"
+ - "156.56.0.0/16"
+ - "149.161.0.0/16"
+ - "149.160.0.0/16"
+ - "149.166.0.0/16"
+ - "134.68.0.0/16"
+ - "129.79.0.0/16"
+
+zk_subnets: "{{ iu_subnets }}"
+kafka_subnets: "{{ iu_subnets }}"
+sharing_subnets: "{{ iu_subnets }}"
+registry_subnets: "{{ iu_subnets }}"
+credential_store_subnets: "{{ iu_subnets }}"
+rabbitmq_subnets: "{{ iu_subnets }}"
+db_subnets: "{{ iu_subnets }}"
+zabbix_subnets: "{{ iu_subnets }}"
diff --git a/dev-tools/ansible/inventories/scigap/testing/group_vars/all/vars.yml b/dev-tools/ansible/inventories/scigap/testing/group_vars/all/vars.yml
index 03108ef..bf6b5a3 100644
--- a/dev-tools/ansible/inventories/scigap/testing/group_vars/all/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/testing/group_vars/all/vars.yml
@@ -162,4 +162,28 @@
platform_name: "Testing Environment"
platform_monitor_email_address: "airavataplatformmonitor@gmail.com"
platform_monitor_email_password: "{{ vault_platform_monitor_email_password }}"
-platform_monitor_target_email_addresses: "dimuthu.upeksha2@gmail.com,dwannipu@iu.edu"
\ No newline at end of file
+platform_monitor_target_email_addresses: "dimuthu.upeksha2@gmail.com,dwannipu@iu.edu"
+
+# Subnet definitions
+iu_subnets:
+ - "149.163.0.0/16"
+ - "140.182.0.0/16"
+ - "149.165.0.0/16"
+ - "192.68.133.0/24"
+ - "192.12.206.0/24"
+ - "149.159.0.0/16"
+ - "156.56.0.0/16"
+ - "149.161.0.0/16"
+ - "149.160.0.0/16"
+ - "149.166.0.0/16"
+ - "134.68.0.0/16"
+ - "129.79.0.0/16"
+
+zk_subnets: "{{ iu_subnets }}"
+kafka_subnets: "{{ iu_subnets }}"
+sharing_subnets: "{{ iu_subnets }}"
+registry_subnets: "{{ iu_subnets }}"
+credential_store_subnets: "{{ iu_subnets }}"
+rabbitmq_subnets: "{{ iu_subnets }}"
+db_subnets: "{{ iu_subnets }}"
+zabbix_subnets: "{{ iu_subnets }}"
\ No newline at end of file
diff --git a/dev-tools/ansible/pga-single-vhost.yml b/dev-tools/ansible/pga-single-vhost.yml
index cb0d2c1..7c24198 100644
--- a/dev-tools/ansible/pga-single-vhost.yml
+++ b/dev-tools/ansible/pga-single-vhost.yml
@@ -32,6 +32,7 @@
- "{{ vars_dir }}/vault.yml"
roles:
- env_setup
+ - httpd
- letsencrypt
- pga
diff --git a/dev-tools/ansible/pga.yml b/dev-tools/ansible/pga.yml
index d86f82e..16e3c64 100644
--- a/dev-tools/ansible/pga.yml
+++ b/dev-tools/ansible/pga.yml
@@ -23,6 +23,7 @@
tags: pga
roles:
- env_setup
+ - httpd
- letsencrypt
- pga
diff --git a/dev-tools/ansible/roles/api-orch/tasks/main.yml b/dev-tools/ansible/roles/api-orch/tasks/main.yml
index a81449d..7ecd593 100644
--- a/dev-tools/ansible/roles/api-orch/tasks/main.yml
+++ b/dev-tools/ansible/roles/api-orch/tasks/main.yml
@@ -81,16 +81,66 @@
owner={{ user }}
group={{ group }}
-- name: Open firwall ports
- firewalld: port={{ item }} zone=public permanent=true state=enabled immediate=yes
+- name: allow only selected networks to access Airavata Sharing Registry
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ sharing_registry_port }}" protocol=tcp accept
with_items:
- - "{{ api_server_port }}/tcp"
- - "{{ api_server_tls_port }}/tcp"
- - "{{ orchestrator_port }}/tcp"
- - "{{ cred_store_port }}/tcp"
- - "{{ registry_port }}/tcp"
- - "{{ profile_service_port }}/tcp"
- - "{{ sharing_registry_port }}/tcp"
+ - "{{ sharing_subnets }}"
+ become_user: root
+
+- name: allow only selected networks to access Airavata Registry
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ registry_port }}" protocol=tcp accept
+ with_items:
+ - "{{ registry_subnets }}"
+ become_user: root
+
+- name: allow only selected networks to access Airavata Credential Store
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ cred_store_port }}" protocol=tcp accept
+ with_items:
+ - "{{ credential_store_subnets }}"
+ become_user: root
+
+- name: allow all networks to access Airavata API Server over TLS
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ port: "{{ api_server_tls_port }}/tcp"
+ become_user: root
+
+- name: allow all networks to access Airavata Profile service
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ port: "{{ profile_service_port }}/tcp"
+ become_user: root
+
+- name: Openning API Server Monitoring Port
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ api_server_monitoring_port }}" protocol=tcp accept
+ with_items:
+ - "{{ monitoring_subnets }}"
become_user: root
- name: Install api-orch systemd script
diff --git a/dev-tools/ansible/roles/api-orch/templates/airavata-server.properties.j2 b/dev-tools/ansible/roles/api-orch/templates/airavata-server.properties.j2
index 21cb2ff..4f1af00 100644
--- a/dev-tools/ansible/roles/api-orch/templates/airavata-server.properties.j2
+++ b/dev-tools/ansible/roles/api-orch/templates/airavata-server.properties.j2
@@ -285,9 +285,11 @@
#### keystore configuration ####
keystore.path={{ keystores_location }}/{{ keystore_src_path | basename }}
keystore.password={{ keystore_passwd }}
+{% if client_truststore_src_path is defined %}
#### trust store configuration ####
trust.store={{ keystores_location }}/{{ client_truststore_src_path | basename }}
trust.store.password={{ client_truststore_passwd }}
+{% endif %}
#### authorization cache related configuration ####
authz.cache.enabled=true
authz.cache.manager.class=org.apache.airavata.service.security.authzcache.DefaultAuthzCacheManager
@@ -329,3 +331,10 @@
###########################################################################
thrift.client.pool.abandoned.removal.enabled={{ thrift_client_pool_abandoned_removal_enabled }}
thrift.client.pool.abandoned.removal.logged={{ thrift_client_pool_abandoned_removal_logged }}
+
+###########################################################################
+# Platform Monitoring Configuration
+###########################################################################
+api.server.monitoring.enabled={{ api_server_monitoring_enabled }}
+api.server.monitoring.host={{ api_server_monitoring_host }}
+api.server.monitoring.port={{ api_server_monitoring_port }}
diff --git a/dev-tools/ansible/roles/common/defaults/main.yml b/dev-tools/ansible/roles/common/defaults/main.yml
index e5635e1..3337d48 100644
--- a/dev-tools/ansible/roles/common/defaults/main.yml
+++ b/dev-tools/ansible/roles/common/defaults/main.yml
@@ -19,8 +19,7 @@
#
keystore_src_path: "airavata.jks"
-client_truststore_src_path: "airavata.jks"
cred_keystore_src_path: "airavata_sym.jks"
-apache_maven_version: "apache-maven-3.6.2"
-apache_maven_url: "https://www-eu.apache.org/dist/maven/maven-3/3.6.2/binaries/apache-maven-3.6.2-bin.tar.gz"
+apache_maven_version: "apache-maven-3.6.3"
+apache_maven_url: "https://www-eu.apache.org/dist/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz"
diff --git a/dev-tools/ansible/roles/common/tasks/main.yml b/dev-tools/ansible/roles/common/tasks/main.yml
index f72118d..e2c1a2c 100644
--- a/dev-tools/ansible/roles/common/tasks/main.yml
+++ b/dev-tools/ansible/roles/common/tasks/main.yml
@@ -92,3 +92,4 @@
copy: src={{ client_truststore_src_path }}
dest="{{ keystores_location }}/{{ client_truststore_src_path | basename }}"
owner={{ user }} group={{ group }}
+ when: client_truststore_src_path is defined
diff --git a/dev-tools/ansible/roles/database/tasks/main.yml b/dev-tools/ansible/roles/database/tasks/main.yml
index 04ae6e8..b781968 100644
--- a/dev-tools/ansible/roles/database/tasks/main.yml
+++ b/dev-tools/ansible/roles/database/tasks/main.yml
@@ -142,10 +142,13 @@
- include: keycloak.yml
when: "'keycloak' in groups"
-- include: django.yml
- when: "'django' in groups"
-
-- name: open firewall port {{ db_server_port }}
- firewalld: port="{{ db_server_port }}/tcp"
- zone=public permanent=true state=enabled immediate=yes
+- name: allow only selected networks to access DB
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ db_server_port }}" protocol=tcp accept
+ with_items:
+ - "{{ db_subnets }}"
become_user: root
diff --git a/dev-tools/ansible/roles/django/defaults/main.yml b/dev-tools/ansible/roles/django/defaults/main.yml
index 58f002a..df6b9bb 100644
--- a/dev-tools/ansible/roles/django/defaults/main.yml
+++ b/dev-tools/ansible/roles/django/defaults/main.yml
@@ -27,10 +27,12 @@
vhost_servername: "{{ groups['django'][0] }}"
vhost_ssl: False
vhost_aliases: []
+vhost_redirects: []
vhost_timeout: 60
+django_vhost_conf_name: "django-{{ gateway_id }}"
httpd_confd_file_location:
- RedHat: "/etc/httpd/conf.d/django-{{ gateway_id }}.conf"
- Debian: "/etc/apache2/sites-available/django-{{ gateway_id }}.conf"
+ RedHat: "/etc/httpd/conf.d/{{ django_vhost_conf_name }}.conf"
+ Debian: "/etc/apache2/sites-available/{{ django_vhost_conf_name }}.conf"
httpd_name:
Debian: apache2
RedHat: httpd
@@ -43,9 +45,13 @@
django_settings_local_template: "settings_local.py.j2"
django_extra_settings: {}
django_database_name: "django_{{ gateway_id }}"
+django_database_backend: "mysql"
django_hidden_airavata_apps: "[]"
django_tus_data_dir: "{{user_data_dir}}/tus-temp-dir"
django_file_upload_max_file_size_mb: 64
+django_database_hosts: "{{ groups['database'] }}"
+django_db_username: "django"
+django_database_host_ip_address: "{{ groups['database'][0] }}"
# Should be a python expression that evaluates to a string representing a file path. For example:
# django_keycloak_ca_certfile_path: "/etc/ca.pem"
diff --git a/dev-tools/ansible/roles/database/tasks/django.yml b/dev-tools/ansible/roles/django/tasks/database.yml
similarity index 69%
rename from dev-tools/ansible/roles/database/tasks/django.yml
rename to dev-tools/ansible/roles/django/tasks/database.yml
index 7f2c864..4589562 100644
--- a/dev-tools/ansible/roles/database/tasks/django.yml
+++ b/dev-tools/ansible/roles/django/tasks/database.yml
@@ -20,21 +20,24 @@
---
-# Setup django user and databases
-- name: create django databases
- mysql_db: name="{{ hostvars[item]['django_database_name'] }}" state=present encoding=utf8 collation=utf8_bin
- with_items:
- - "{{ groups['django'] }}"
+- name: Adds Python MySQL support on Debian/Ubuntu
+ apt: pkg="python-mysqldb" state=present
+ become_user: root
+ when: ansible_os_family == 'Debian'
+
+- name: Adds Python MySQL support on RedHat/CentOS
+ yum: name=MySQL-python state=present
+ become_user: root
+ when: ansible_os_family == 'RedHat'
+
+- name: create django database ({{ django_database_name }})
+ mysql_db: name="{{ django_database_name }}" state=present encoding=utf8 collation=utf8_bin
- name: give access to {{ django_db_username }} from remote (internal ip)
- mysql_user: name="{{ django_db_username }}" password="{{ django_db_password }}" host="{{ hostvars[item]['ansible_default_ipv4']['address'] }}"
- with_items:
- - "{{ groups['django'] }}"
+ mysql_user: name="{{ django_db_username }}" password="{{ django_db_password }}" host="{{ ansible_default_ipv4.address }}"
- name: give access to {{ django_db_username }} from remote (public ip)
- mysql_user: name="{{ django_db_username }}" password="{{ django_db_password }}" host="{{ hostvars[item].ansible_host }}"
- with_items:
- - "{{ groups['django'] }}"
+ mysql_user: name="{{ django_db_username }}" password="{{ django_db_password }}" host="{{ ansible_host }}"
- name: give access to {{ django_db_username }} from localhost
mysql_user: name="{{ django_db_username }}" password="{{ django_db_password }}" host="localhost"
@@ -44,6 +47,4 @@
password="{{ django_db_password }}"
append_privs=yes
host_all=yes
- priv={{ hostvars[item]['django_database_name'] }}.*:ALL,GRANT state=present
- with_items:
- - "{{ groups['django'] }}"
+ priv={{ django_database_name }}.*:ALL,GRANT state=present
diff --git a/dev-tools/ansible/roles/django/tasks/main.yml b/dev-tools/ansible/roles/django/tasks/main.yml
index 2e8124b..007b448 100644
--- a/dev-tools/ansible/roles/django/tasks/main.yml
+++ b/dev-tools/ansible/roles/django/tasks/main.yml
@@ -27,6 +27,14 @@
with_items:
- "{{ groups['database'] }}"
+- name: Run tasks to setup Django database
+ include: database.yml
+ delegate_to: "{{ item }}"
+ become: yes
+ become_user: "{{ hostvars[item]['user'] }}"
+ with_items:
+ - "{{ django_database_hosts }}"
+
- name: Create root directory
file: path="{{ doc_root_dir }}" state=directory owner="{{user}}" group="{{group}}"
become: yes
@@ -243,6 +251,16 @@
become: yes
when: ansible_os_family == "RedHat"
+# some Python libraries want to write files to /tmp and execute them, see
+# https://bugzilla.redhat.com/show_bug.cgi?id=645193 for more details
+- name: Allow Django code to exec in tmp directory
+ seboolean:
+ name: httpd_tmp_exec
+ state: yes
+ persistent: yes
+ become: yes
+ when: ansible_os_family == "RedHat"
+
- name: run restorecon on those directories
command: restorecon -F -R {{ doc_root_dir }}
become: yes
@@ -262,6 +280,13 @@
- restart httpd
when: vhost_ssl
+- name: Enable site in Apache (Debian)
+ command: a2ensite {{ django_vhost_conf_name }}
+ become: yes
+ notify:
+ - restart httpd
+ when: ansible_os_family == "Debian"
+
- name: copy user's SSH key for the gateway data store
authorized_key:
user: "{{user}}"
diff --git a/dev-tools/ansible/roles/django/templates/django-ssl-vhost.conf.j2 b/dev-tools/ansible/roles/django/templates/django-ssl-vhost.conf.j2
index 3789e98..3e6e4b7 100644
--- a/dev-tools/ansible/roles/django/templates/django-ssl-vhost.conf.j2
+++ b/dev-tools/ansible/roles/django/templates/django-ssl-vhost.conf.j2
@@ -64,11 +64,22 @@
</Directory>
{% endfor %}
+ {# Custom redirects #}
+ {% for redirect in vhost_redirects %}
+ {% if redirect.regex is defined and redirect.regex %}
+ RedirectMatch "{{ redirect.from }}" "{{ redirect.to }}"
+ {% else %}
+ Redirect "{{ redirect.from }}" "{{ redirect.to }}"
+ {% endif %}
+ {% endfor %}
+
WSGIDaemonProcess {{ vhost_servername }} display-name=%{GROUP} python-home={{ doc_root_dir }}/venv python-path={{ doc_root_dir }}/airavata-django-portal processes={{ django_wsgi_processes }} user={{ user }} group={{ group }}
WSGIProcessGroup {{ vhost_servername }}
WSGIScriptAlias / {{ doc_root_dir }}/airavata-django-portal/django_airavata/wsgi.py
WSGIApplicationGroup %{GLOBAL}
+ # To allow bearer token based authorization, pass 'Authorization' through to Django process
+ WSGIPassAuthorization On
<Directory {{ doc_root_dir }}/airavata-django-portal/django_airavata>
<Files wsgi.py>
diff --git a/dev-tools/ansible/roles/django/templates/django-vhost.conf.j2 b/dev-tools/ansible/roles/django/templates/django-vhost.conf.j2
index b21f19f..dd9b271 100644
--- a/dev-tools/ansible/roles/django/templates/django-vhost.conf.j2
+++ b/dev-tools/ansible/roles/django/templates/django-vhost.conf.j2
@@ -55,11 +55,22 @@
</Directory>
{% endfor %}
+ {# Custom redirects #}
+ {% for redirect in vhost_redirects %}
+ {% if redirect.regex is defined and redirect.regex %}
+ RedirectMatch "{{ redirect.from }}" "{{ redirect.to }}"
+ {% else %}
+ Redirect "{{ redirect.from }}" "{{ redirect.to }}"
+ {% endif %}
+ {% endfor %}
+
WSGIDaemonProcess {{ vhost_servername }} display-name=%{GROUP} python-home={{ doc_root_dir }}/venv python-path={{ doc_root_dir }}/airavata-django-portal processes={{ django_wsgi_processes }} user={{ user }} group={{ group }}
WSGIProcessGroup {{ vhost_servername }}
WSGIScriptAlias / {{ doc_root_dir }}/airavata-django-portal/django_airavata/wsgi.py
WSGIApplicationGroup %{GLOBAL}
+ # To allow bearer token based authorization, pass 'Authorization' through to Django process
+ WSGIPassAuthorization On
<Directory {{ doc_root_dir }}/airavata-django-portal/django_airavata>
<Files wsgi.py>
diff --git a/dev-tools/ansible/roles/django/templates/settings_local.py.j2 b/dev-tools/ansible/roles/django/templates/settings_local.py.j2
index b57e4d8..90e5bda 100644
--- a/dev-tools/ansible/roles/django/templates/settings_local.py.j2
+++ b/dev-tools/ansible/roles/django/templates/settings_local.py.j2
@@ -38,11 +38,12 @@
STATIC_ROOT = "{{ doc_root_dir }}/static/"
ALLOWED_HOSTS = ['{{ vhost_servername }}']
+{% if django_database_backend == "mysql" %}
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': '{{ django_database_name }}',
- 'HOST': '{{ db_server }}',
+ 'HOST': '{{ django_database_host_ip_address }}',
'USER': '{{ django_db_username }}',
'PASSWORD': '{{ django_db_password }}'
},
@@ -50,6 +51,7 @@
'init_command': 'SET default_storage_engine=INNODB,collation_connection=utf8_bin',
}
}
+{% endif %}
# Django - Email settings
# Uncomment and specify the following for sending emails (default email backend
diff --git a/dev-tools/ansible/roles/django_setup/tasks/install_deps_CentOS_7.yml b/dev-tools/ansible/roles/django_setup/tasks/install_deps_CentOS_7.yml
new file mode 100644
index 0000000..b3d78ee
--- /dev/null
+++ b/dev-tools/ansible/roles/django_setup/tasks/install_deps_CentOS_7.yml
@@ -0,0 +1,108 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+
+- name: Install Airavata Django Portal prerequisites (CentOS 7)
+ yum: name={{ item }} state=latest update_cache=yes
+ with_items:
+ - python36
+ - httpd-devel
+ - python36-devel
+ - mysql-devel
+ - gcc
+ - zlib-devel
+ - openssl-devel
+ become: yes
+
+- name: Create mod_wsgi directory
+ file: path={{ mod_wsgi_dir }} state=directory
+ become: yes
+
+- name: Fetch mod_wsgi
+ get_url:
+ url: "{{ mod_wsgi_url }}"
+ dest: "{{ mod_wsgi_tarball_dest }}"
+ become: yes
+
+- name: Untar mod_wsgi
+ unarchive:
+ src: "{{ mod_wsgi_tarball_dest }}"
+ remote_src: yes
+ dest: "{{ mod_wsgi_dir }}"
+ creates: "{{ mod_wsgi_unarchive_dir }}"
+ become: yes
+
+- name: Configure mod_wsgi
+ command: ./configure --with-python=/usr/bin/python3
+ args:
+ chdir: "{{ mod_wsgi_unarchive_dir }}"
+ creates: "{{ mod_wsgi_unarchive_dir }}/Makefile"
+ become: yes
+
+- name: make mod_wsgi
+ command: make
+ args:
+ chdir: "{{ mod_wsgi_unarchive_dir }}"
+ creates: "{{ mod_wsgi_unarchive_dir }}/src/server/mod_wsgi.la"
+ become: yes
+
+- name: make install mod_wsgi
+ command: make install
+ args:
+ chdir: "{{ mod_wsgi_unarchive_dir }}"
+ become: yes
+
+- name: Copy mod_wsgi config file
+ copy:
+ src: 00-wsgi.conf
+ dest: "{{ httpd_conf_modules_dir }}/00-wsgi.conf"
+ become: yes
+
+# Allow httpd to copy file attributes when handling uploaded files and moving
+# them from temporary to final destination (which may cross partitions)
+- name: double check policycoreutils installed
+ yum: name=policycoreutils-python state=installed
+ become: yes
+
+- name: Copy SELinux type enforcement file
+ copy: src=django-httpd.te dest=/tmp/
+
+- name: Compile SELinux module file
+ command: checkmodule -M -m -o /tmp/django-httpd.mod /tmp/django-httpd.te
+
+- name: Build SELinux policy package
+ command: semodule_package -o /tmp/django-httpd.pp -m /tmp/django-httpd.mod
+
+- name: unLoad SELinux policy package
+ command: semodule -r django-httpd
+ become: yes
+ ignore_errors: True
+
+- name: Load SELinux policy package
+ command: semodule -i /tmp/django-httpd.pp
+ become: yes
+
+- name: Remove temporary files
+ file: path={{ item }} state=absent
+ with_items:
+ - /tmp/django-httpd.mod
+ - /tmp/django-httpd.pp
+ - /tmp/django-httpd.te
diff --git a/dev-tools/ansible/roles/django_setup/tasks/install_deps_Ubuntu_18.yml b/dev-tools/ansible/roles/django_setup/tasks/install_deps_Ubuntu_18.yml
new file mode 100644
index 0000000..37ae751
--- /dev/null
+++ b/dev-tools/ansible/roles/django_setup/tasks/install_deps_Ubuntu_18.yml
@@ -0,0 +1,38 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+
+- name: Install prerequisites
+ apt: name="{{ item }}" state=latest update_cache=yes
+ with_items:
+ - python3.6
+ - apache2-dev
+ - python3.6-dev
+ - python3-venv
+ # Needed by https://pypi.org/project/mysqlclient/
+ - default-libmysqlclient-dev
+ # mod_wsgi Apache module
+ - libapache2-mod-wsgi-py3
+ become: yes
+
+- name: enable Apache mod_wsgi module
+ command: a2enmod wsgi
+ become: yes
diff --git a/dev-tools/ansible/roles/django_setup/tasks/main.yml b/dev-tools/ansible/roles/django_setup/tasks/main.yml
index 408c8be..2d453e3 100644
--- a/dev-tools/ansible/roles/django_setup/tasks/main.yml
+++ b/dev-tools/ansible/roles/django_setup/tasks/main.yml
@@ -19,91 +19,6 @@
#
---
-- name: Install Airavata Django Portal prerequisites
- yum: name={{ item }} state=latest update_cache=yes
- with_items:
- - python36
- - httpd-devel
- - python36-devel
- - mysql-devel
- - gcc
- - zlib-devel
- - openssl-devel
- become: yes
-
-- name: Create mod_wsgi directory
- file: path={{ mod_wsgi_dir }} state=directory
- become: yes
-
-- name: Fetch mod_wsgi
- get_url:
- url: "{{ mod_wsgi_url }}"
- dest: "{{ mod_wsgi_tarball_dest }}"
- become: yes
-
-- name: Untar mod_wsgi
- unarchive:
- src: "{{ mod_wsgi_tarball_dest }}"
- remote_src: yes
- dest: "{{ mod_wsgi_dir }}"
- creates: "{{ mod_wsgi_unarchive_dir }}"
- become: yes
-
-- name: Configure mod_wsgi
- command: ./configure --with-python=/usr/bin/python3
- args:
- chdir: "{{ mod_wsgi_unarchive_dir }}"
- creates: "{{ mod_wsgi_unarchive_dir }}/Makefile"
- become: yes
-
-- name: make mod_wsgi
- command: make
- args:
- chdir: "{{ mod_wsgi_unarchive_dir }}"
- creates: "{{ mod_wsgi_unarchive_dir }}/src/server/mod_wsgi.la"
- become: yes
-
-- name: make install mod_wsgi
- command: make install
- args:
- chdir: "{{ mod_wsgi_unarchive_dir }}"
- become: yes
-
-- name: Copy mod_wsgi config file
- copy:
- src: 00-wsgi.conf
- dest: "{{ httpd_conf_modules_dir }}/00-wsgi.conf"
- become: yes
-
-# Allow httpd to copy file attributes when handling uploaded files and moving
-# them from temporary to final destination (which may cross partitions)
-- name: double check policycoreutils installed
- yum: name=policycoreutils-python state=installed
- become: yes
-
-- name: Copy SELinux type enforcement file
- copy: src=django-httpd.te dest=/tmp/
-
-- name: Compile SELinux module file
- command: checkmodule -M -m -o /tmp/django-httpd.mod /tmp/django-httpd.te
-
-- name: Build SELinux policy package
- command: semodule_package -o /tmp/django-httpd.pp -m /tmp/django-httpd.mod
-
-- name: unLoad SELinux policy package
- command: semodule -r django-httpd
- become: yes
- ignore_errors: True
-
-- name: Load SELinux policy package
- command: semodule -i /tmp/django-httpd.pp
- become: yes
-
-- name: Remove temporary files
- file: path={{ item }} state=absent
- with_items:
- - /tmp/django-httpd.mod
- - /tmp/django-httpd.pp
- - /tmp/django-httpd.te
+- include: install_deps_{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml
...
diff --git a/dev-tools/ansible/roles/env_setup/tasks/main.yml b/dev-tools/ansible/roles/env_setup/tasks/main.yml
index 716cffd..bd7ba9b 100644
--- a/dev-tools/ansible/roles/env_setup/tasks/main.yml
+++ b/dev-tools/ansible/roles/env_setup/tasks/main.yml
@@ -57,4 +57,27 @@
firewalld: port="22/tcp"
zone=public permanent=true state=enabled immediate=yes
become: yes
+ when: ansible_os_family == "RedHat"
+
+# Issues with firewalld module on Ubuntu https://github.com/ansible/ansible/issues/24855
+# So as workaround, just calling firewall-cmd directly for now
+- name: open firewall port 22 for SSH connections (Debian)
+ command: firewall-cmd --zone=public --add-port=22/tcp
+ become: yes
+ when: ansible_os_family == "Debian"
+
+- name: open firewall port 22 for SSH connections permanently (Debian)
+ command: firewall-cmd --zone=public --permanent --add-port=22/tcp
+ become: yes
+ when: ansible_os_family == "Debian"
+
+- name: allow all networks to access zabbix
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ port: 10050/tcp
+ immediate: yes
+ become: yes
+ when: ansible_os_family == "RedHat"
...
diff --git a/dev-tools/ansible/roles/helix_setup/tasks/main.yml b/dev-tools/ansible/roles/helix_setup/tasks/main.yml
index 8d827b2..a189764 100644
--- a/dev-tools/ansible/roles/helix_setup/tasks/main.yml
+++ b/dev-tools/ansible/roles/helix_setup/tasks/main.yml
@@ -136,6 +136,50 @@
- { command: ./bin/post-wm-daemon.sh start, dir: "{{ helix_post_wm_version }}" }
- { command: ./bin/parser-wm-daemon.sh start, dir: "{{ helix_parser_wm_version }}" }
+- name: Openning Participant Monitoring Port
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ participant_monitoring_port }}" protocol=tcp accept
+ with_items:
+ - "{{ monitoring_subnets }}"
+ become_user: root
+
+- name: Openning Pre Workflow Manager Monitoring Port
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ pre_workflow_manager_monitoring_port }}" protocol=tcp accept
+ with_items:
+ - "{{ monitoring_subnets }}"
+ become_user: root
+
+- name: Openning Post Workflow Manager Monitoring Port
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ post_workflow_manager_monitoring_port }}" protocol=tcp accept
+ with_items:
+ - "{{ monitoring_subnets }}"
+ become_user: root
+
+- name: Openning Parser Workflow Manager Monitoring Port
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ parser_workflow_manager_monitoring_port }}" protocol=tcp accept
+ with_items:
+ - "{{ monitoring_subnets }}"
+ become_user: root
+
#- name: systemd install helix setup service scripts
# template: src={{ item.template }}
# dest=/usr/lib/systemd/system/{{ item.service }}
diff --git a/dev-tools/ansible/roles/helix_setup/templates/parser-wm/airavata-server.properties.j2 b/dev-tools/ansible/roles/helix_setup/templates/parser-wm/airavata-server.properties.j2
index afb4a5d..5f86f6b 100644
--- a/dev-tools/ansible/roles/helix_setup/templates/parser-wm/airavata-server.properties.j2
+++ b/dev-tools/ansible/roles/helix_setup/templates/parser-wm/airavata-server.properties.j2
@@ -65,3 +65,10 @@
###########################################################################
thrift.client.pool.abandoned.removal.enabled={{ thrift_client_pool_abandoned_removal_enabled }}
thrift.client.pool.abandoned.removal.logged={{ thrift_client_pool_abandoned_removal_logged }}
+
+###########################################################################
+# Platform Monitoring Configuration
+###########################################################################
+parser.workflow.manager.monitoring.enabled={{ parser_workflow_manager_monitoring_enabled }}
+parser.workflow.manager.monitoring.host={{ parser_workflow_manager_monitoring_host }}
+parser.workflow.manager.monitoring.port={{ parser_workflow_manager_monitoring_port }}
\ No newline at end of file
diff --git a/dev-tools/ansible/roles/helix_setup/templates/participant/airavata-server.properties.j2 b/dev-tools/ansible/roles/helix_setup/templates/participant/airavata-server.properties.j2
index 5f842b5..0473df1 100644
--- a/dev-tools/ansible/roles/helix_setup/templates/participant/airavata-server.properties.j2
+++ b/dev-tools/ansible/roles/helix_setup/templates/participant/airavata-server.properties.j2
@@ -106,4 +106,11 @@
###########################################################################
usage.reporting.key={{ usage_reporting_key }}
-usage.reporting.endpoint=https://xsede-xdcdb-api.xsede.org/gateway/v2/job_attributes
\ No newline at end of file
+usage.reporting.endpoint=https://xsede-xdcdb-api.xsede.org/gateway/v2/job_attributes
+
+###########################################################################
+# Platform Monitoring Configuration
+###########################################################################
+participant.monitoring.enabled={{ participant_monitoring_enabled }}
+participant.monitoring.host={{ participant_monitoring_host }}
+participant.monitoring.port={{ participant_monitoring_port }}
\ No newline at end of file
diff --git a/dev-tools/ansible/roles/helix_setup/templates/post-wm/airavata-server.properties.j2 b/dev-tools/ansible/roles/helix_setup/templates/post-wm/airavata-server.properties.j2
index 33cb199..b7fd434 100644
--- a/dev-tools/ansible/roles/helix_setup/templates/post-wm/airavata-server.properties.j2
+++ b/dev-tools/ansible/roles/helix_setup/templates/post-wm/airavata-server.properties.j2
@@ -59,3 +59,10 @@
###########################################################################
thrift.client.pool.abandoned.removal.enabled={{ thrift_client_pool_abandoned_removal_enabled }}
thrift.client.pool.abandoned.removal.logged={{ thrift_client_pool_abandoned_removal_logged }}
+
+###########################################################################
+# Platform Monitoring Configuration
+###########################################################################
+post.workflow.manager.monitoring.enabled={{ post_workflow_manager_monitoring_enabled }}
+post.workflow.manager.monitoring.host={{ post_workflow_manager_monitoring_host }}
+post.workflow.manager.monitoring.port={{ post_workflow_manager_monitoring_port }}
\ No newline at end of file
diff --git a/dev-tools/ansible/roles/helix_setup/templates/pre-wm/airavata-server.properties.j2 b/dev-tools/ansible/roles/helix_setup/templates/pre-wm/airavata-server.properties.j2
index e854e8c..610f0fb 100644
--- a/dev-tools/ansible/roles/helix_setup/templates/pre-wm/airavata-server.properties.j2
+++ b/dev-tools/ansible/roles/helix_setup/templates/pre-wm/airavata-server.properties.j2
@@ -56,3 +56,10 @@
###########################################################################
thrift.client.pool.abandoned.removal.enabled={{ thrift_client_pool_abandoned_removal_enabled }}
thrift.client.pool.abandoned.removal.logged={{ thrift_client_pool_abandoned_removal_logged }}
+
+###########################################################################
+# Platform Monitoring Configuration
+###########################################################################
+pre.workflow.manager.monitoring.enabled={{ pre_workflow_manager_monitoring_enabled }}
+pre.workflow.manager.monitoring.host={{ pre_workflow_manager_monitoring_host }}
+pre.workflow.manager.monitoring.port={{ pre_workflow_manager_monitoring_port }}
\ No newline at end of file
diff --git a/dev-tools/ansible/roles/httpd/defaults/main.yml b/dev-tools/ansible/roles/httpd/defaults/main.yml
index 1317100..d1e6053 100644
--- a/dev-tools/ansible/roles/httpd/defaults/main.yml
+++ b/dev-tools/ansible/roles/httpd/defaults/main.yml
@@ -42,6 +42,9 @@
httpd_default_ssl_vhost_certificate_key_location:
RedHat: "/etc/httpd/ssl/private/default_vhost.key"
Debian: "/etc/apache2/ssl/private/default_vhost.key"
+httpd_default_document_root:
+ RedHat: "/www/default"
+ Debian: "/var/www/html"
httpd_name:
Debian: apache2
RedHat: httpd
diff --git a/dev-tools/ansible/roles/httpd/tasks/install_deps_Ubuntu_16.yml b/dev-tools/ansible/roles/httpd/tasks/install_deps_Ubuntu_16.yml
index 7ceabda..7a83d57 100644
--- a/dev-tools/ansible/roles/httpd/tasks/install_deps_Ubuntu_16.yml
+++ b/dev-tools/ansible/roles/httpd/tasks/install_deps_Ubuntu_16.yml
@@ -55,10 +55,3 @@
owner: www-data
group: www-data
mode: 0775
-
-- name: set DocumentRoot in default site-enabled
- lineinfile:
- dest: /etc/apache2/sites-enabled/000-default.conf
- line: ' DocumentRoot "/var/www/html/php-gateway/public"'
- regexp: '^\s+DocumentRoot'
- state: present
diff --git a/dev-tools/ansible/roles/httpd/tasks/install_deps_Ubuntu_18.yml b/dev-tools/ansible/roles/httpd/tasks/install_deps_Ubuntu_18.yml
new file mode 100644
index 0000000..40ae0e1
--- /dev/null
+++ b/dev-tools/ansible/roles/httpd/tasks/install_deps_Ubuntu_18.yml
@@ -0,0 +1,40 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+
+- name: Install prerequisites
+ apt: name="{{ item }}" state=latest update_cache=yes
+ with_items:
+ - git
+ - apache2
+ - python-selinux
+ - python-apt
+ - unzip
+ - openssl
+ - curl
+ become: yes
+
+- name: enable apache rewrite
+ command: a2enmod {{ item }}
+ with_items:
+ - rewrite
+ - ssl
+ become: yes
diff --git a/dev-tools/ansible/roles/httpd/tasks/main.yml b/dev-tools/ansible/roles/httpd/tasks/main.yml
index 2f7be68..15a71fd 100644
--- a/dev-tools/ansible/roles/httpd/tasks/main.yml
+++ b/dev-tools/ansible/roles/httpd/tasks/main.yml
@@ -87,13 +87,54 @@
- http
- https
become: yes
+ when: ansible_os_family == "RedHat"
- name: open firewall port {{ httpd_default_http_port }}
firewalld: port="{{ httpd_default_http_port }}/tcp"
zone=public permanent=true state=enabled immediate=yes
become: yes
+ when: ansible_os_family == "RedHat"
- name: open firewall port {{ httpd_default_https_port }}
firewalld: port="{{ httpd_default_https_port }}/tcp"
zone=public permanent=true state=enabled immediate=yes
become: yes
+ when: ansible_os_family == "RedHat"
+
+# Issues with firewalld module oon Ubuntu https://github.com/ansible/ansible/issues/24855
+# So as workaround, just calling firewall-cmd directly for now
+- name: Enable https and http service on public zone (Debian)
+ command: firewall-cmd --zone=public --add-service={{ item }}
+ with_items:
+ - http
+ - https
+ become: yes
+ when: ansible_os_family == "Debian"
+
+- name: Enable https and http service on public zone permanently (Debian)
+ command: firewall-cmd --zone=public --permanent --add-service={{ item }}
+ with_items:
+ - http
+ - https
+ become: yes
+ when: ansible_os_family == "Debian"
+
+- name: open firewall port {{ httpd_default_http_port }} (Debian)
+ command: firewall-cmd --zone=public --add-port={{ httpd_default_http_port}}/tcp
+ become: yes
+ when: ansible_os_family == "Debian"
+
+- name: open firewall port {{ httpd_default_http_port }} permanently (Debian)
+ command: firewall-cmd --zone=public --permanent --add-port={{ httpd_default_http_port}}/tcp
+ become: yes
+ when: ansible_os_family == "Debian"
+
+- name: open firewall port {{ httpd_default_https_port }} (Debian)
+ command: firewall-cmd --zone=public --add-port={{ httpd_default_https_port }}/tcp
+ become: yes
+ when: ansible_os_family == "Debian"
+
+- name: open firewall port {{ httpd_default_https_port }} permanently (Debian)
+ command: firewall-cmd --zone=public --permanent --add-port={{ httpd_default_https_port }}/tcp
+ become: yes
+ when: ansible_os_family == "Debian"
diff --git a/dev-tools/ansible/roles/httpd/templates/default.conf.j2 b/dev-tools/ansible/roles/httpd/templates/default.conf.j2
index 1bf550d..ee83a03 100644
--- a/dev-tools/ansible/roles/httpd/templates/default.conf.j2
+++ b/dev-tools/ansible/roles/httpd/templates/default.conf.j2
@@ -1,10 +1,10 @@
# Setup default virtual host as a catchall to prevent resolving to the first defined virtual host
# This will show the welcome page when requesting on the ip address or server default hostname
<VirtualHost *:{{ httpd_default_http_port }}>
- DocumentRoot "/www/default"
+ DocumentRoot "{{ httpd_default_document_root[ansible_os_family] }}"
</VirtualHost>
<VirtualHost *:{{ httpd_default_https_port }}>
- DocumentRoot "/www/default"
+ DocumentRoot "{{ httpd_default_document_root[ansible_os_family] }}"
SSLEngine on
SSLCertificateFile "{{ httpd_default_ssl_vhost_certificate_location[ansible_os_family] }}"
SSLCertificateKeyFile "{{ httpd_default_ssl_vhost_certificate_key_location[ansible_os_family] }}"
diff --git a/dev-tools/ansible/roles/java/tasks/main.yml b/dev-tools/ansible/roles/java/tasks/main.yml
index bc04add..3513e48 100644
--- a/dev-tools/ansible/roles/java/tasks/main.yml
+++ b/dev-tools/ansible/roles/java/tasks/main.yml
@@ -25,6 +25,7 @@
tags:
- always
+# NOTE: If you see a file not found error, try running rm /var/lib/alternatives/{{ item.exe }} in the target machine
- name: set {{ java_home }} as default
alternatives:
name="{{ item.exe }}"
diff --git a/dev-tools/ansible/roles/job_monitor/templates/email-monitor/email-config.yaml.j2 b/dev-tools/ansible/roles/job_monitor/templates/email-monitor/email-config.yaml.j2
index 135ea68..4f9ce90 100644
--- a/dev-tools/ansible/roles/job_monitor/templates/email-monitor/email-config.yaml.j2
+++ b/dev-tools/ansible/roles/job_monitor/templates/email-monitor/email-config.yaml.j2
@@ -76,6 +76,8 @@
- SLURM resource manager <slurm@pearc19-headnode.novalocal>
- slurm@sdsc.edu
- super user <root@localhost> # Bigred3
+ - SLURM resource manager <slurm@lrose-vc.novalocal>
+ - SLURM resource manager <slurm@testvc.novalocal>
- jobManagerType: UGE
emailParser: org.apache.airavata.monitor.email.parser.UGEEmailParser
diff --git a/dev-tools/ansible/roles/kafka/tasks/main.yml b/dev-tools/ansible/roles/kafka/tasks/main.yml
index f758b6f..5b91cc8 100644
--- a/dev-tools/ansible/roles/kafka/tasks/main.yml
+++ b/dev-tools/ansible/roles/kafka/tasks/main.yml
@@ -69,12 +69,24 @@
notify: restart kafka-rest-proxy
become: yes
-# Open kafka port to be accessible from outside
-- name: Open firwall ports
- firewalld: port={{ item }} zone=public permanent=true state=enabled immediate=yes
+- name: open kafka port
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port={{ kafka_listener_port }} protocol=tcp accept
with_items:
- - "{{ kafka_listener_port }}/tcp"
- - "{{ kafka_rest_proxy_listener_port }}/tcp"
+ - "{{ kafka_subnets }}"
+ become: yes
+
+- name: open kafka rest proxy port
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ port: "{{ kafka_rest_proxy_listener_port }}/tcp"
+ immediate: yes
become: yes
- name: systemd install kafka service script
diff --git a/dev-tools/ansible/roles/keycloak/templates/vhost.conf.j2 b/dev-tools/ansible/roles/keycloak/templates/vhost.conf.j2
index 4d7f40d..b03a0dc 100644
--- a/dev-tools/ansible/roles/keycloak/templates/vhost.conf.j2
+++ b/dev-tools/ansible/roles/keycloak/templates/vhost.conf.j2
@@ -36,7 +36,7 @@
ProxyPassReverse / "http://localhost:8080/"
ProxyPreserveHost On
# See https://issues.redhat.com/browse/KEYCLOAK-3067 for more info
- LimitRequestFieldSize 32768
+ LimitRequestFieldSize 65536
ErrorLog /var/log/httpd/keycloak.error.log
CustomLog /var/log/httpd/keycloak.requests.log combined
diff --git a/dev-tools/ansible/roles/letsencrypt/tasks/main.yml b/dev-tools/ansible/roles/letsencrypt/tasks/main.yml
index 0c46e46..2f6ea87 100644
--- a/dev-tools/ansible/roles/letsencrypt/tasks/main.yml
+++ b/dev-tools/ansible/roles/letsencrypt/tasks/main.yml
@@ -27,15 +27,33 @@
- python2-acme
- python2-certbot-apache
become_user: root
+ when: ansible_os_family == "RedHat"
+
+- name: add Certbot PPA repository
+ apt_repository:
+ repo: "ppa:certbot/certbot"
+ become: yes
+ when: ansible_os_family == "Debian"
+
+- name: Install Certbot and dependencies (Debian)
+ apt: name={{ item }} state=latest update_cache=yes
+ with_items:
+ - certbot
+ - python-certbot-apache
+ become: yes
+ when: ansible_os_family == "Debian"
+
+# Note: on Ubuntu crontab is automatically created to run cert renewal. Only
+# CentOS requires enabling the certbot-renew timer.
- name: enable certbot (letsencrypt) renewal
systemd:
- state: started
enabled: true
name: certbot-renew
daemon_reload: true
become: true
become_user: root
+ when: ansible_os_family == "RedHat"
- name: enable certbot (letsencrypt) renewal timer
systemd:
@@ -45,3 +63,4 @@
daemon_reload: true
become: true
become_user: root
+ when: ansible_os_family == "RedHat"
diff --git a/dev-tools/ansible/roles/pga/tasks/install_deps_Ubuntu_18.yml b/dev-tools/ansible/roles/pga/tasks/install_deps_Ubuntu_18.yml
new file mode 100644
index 0000000..3750d01
--- /dev/null
+++ b/dev-tools/ansible/roles/pga/tasks/install_deps_Ubuntu_18.yml
@@ -0,0 +1,55 @@
+#
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+---
+
+- name: Add the PHP PPA Ubuntu archive
+ apt_repository:
+ repo: ppa:ondrej/php
+ become: yes
+
+- name: Install prerequisites
+ apt: name="{{ item }}" state=latest update_cache=yes
+ with_items:
+ - libapache2-mod-php5.6
+ - php5.6
+ - php5.6-curl
+ - php5.6-soap
+ - php5.6-mysql
+ - php5.6-mcrypt
+ - composer
+ become: yes
+
+- name: Set php version
+ alternatives:
+ name: php
+ path: /usr/bin/php5.6
+ become: yes
+
+- name: enable apache rewrite
+ command: a2enmod {{ item }}
+ with_items:
+ - php5.6
+ become: yes
+
+# this just creates symlinks in /etc/php5/{apache2,cli}/conf.d/20-mcryp.ini to /etc/php5/modules-avail/mcrypt.ini
+- name: enable mcrypt
+ command: phpenmod mcrypt
+ become: yes
diff --git a/dev-tools/ansible/roles/pga/tasks/main.yml b/dev-tools/ansible/roles/pga/tasks/main.yml
index 72f5d67..25c3dfa 100644
--- a/dev-tools/ansible/roles/pga/tasks/main.yml
+++ b/dev-tools/ansible/roles/pga/tasks/main.yml
@@ -129,13 +129,6 @@
become: yes
when: ansible_os_family == "RedHat"
-- name: Enable https and http service on public zone
- firewalld: service="{{ item }}" permanent=true state=enabled zone=public immediate=True
- with_items:
- - http
- - https
- become: yes
-
- name: copy virtual host config file
template: src={{ pga_vhost_template }} dest={{ httpd_confd_file_location[ansible_os_family] }} backup=yes
become: yes
@@ -150,19 +143,12 @@
- restart httpd
when: vhost_ssl
-- name: copy default virtual host file
- template: src={{ pga_default_conf_template }} dest={{ default_conf_file_location[ansible_os_family] }} backup=yes
+- name: Enable site in Apache (Debian)
+ command: a2ensite pga-{{ gateway_id }}
become: yes
notify:
- restart httpd
-
-- name: copy modified ssl.conf file
- template: src={{ pga_ssl_conf_template }} dest={{ ssl_conf_file_location[ansible_os_family] }} backup=yes
- become: yes
- notify:
- - restart httpd
- # TODO: make the same fix (disabling SSLv3) on Debian systems too
- when: ansible_os_family == "RedHat"
+ when: ansible_os_family == "Debian"
- name: copy pga user's SSH key for the gateway data store
authorized_key:
@@ -170,13 +156,3 @@
key: "{{ gateway_data_store_ssh_public_key }}"
become: yes
when: gateway_data_store_ssh_public_key != ""
-
-- name: open firewall port {{ pga_default_http_port }}
- firewalld: port="{{ pga_default_http_port }}/tcp"
- zone=public permanent=true state=enabled immediate=yes
- become: yes
-
-- name: open firewall port {{ pga_default_https_port }}
- firewalld: port="{{ pga_default_https_port }}/tcp"
- zone=public permanent=true state=enabled immediate=yes
- become: yes
diff --git a/dev-tools/ansible/roles/rabbitmq/tasks/main.yml b/dev-tools/ansible/roles/rabbitmq/tasks/main.yml
index d71ffaa..cfa31a1 100644
--- a/dev-tools/ansible/roles/rabbitmq/tasks/main.yml
+++ b/dev-tools/ansible/roles/rabbitmq/tasks/main.yml
@@ -29,11 +29,26 @@
yum: name=https://www.rabbitmq.com/releases/rabbitmq-server/v3.6.3/rabbitmq-server-3.6.3-1.noarch.rpm state=present
become: yes
-- name: open rabbitmq ports
- firewalld: port={{ item }} zone=public permanent=true state=enabled immediate=yes
+- name: allow only selected networks to access Airavata RabbitMQ
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ rabbitmq_port }}" protocol=tcp accept
+ immediate: yes
with_items:
- - "{{ rabbitmq_port }}/tcp"
- - "{{ management_plugin_port }}/tcp"
+ - "{{ rabbitmq_subnets }}"
+ become: yes
+
+- name: allow only selected networks to access Airavata RabbitMQ Management Console
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port="{{ management_plugin_port }}" protocol=tcp accept
+ with_items:
+ - "{{ rabbitmq_subnets }}"
become: yes
- name: Edit /etc/hosts file
diff --git a/dev-tools/ansible/roles/zookeeper/tasks/main.yml b/dev-tools/ansible/roles/zookeeper/tasks/main.yml
index 2d2c303..2cf5085 100644
--- a/dev-tools/ansible/roles/zookeeper/tasks/main.yml
+++ b/dev-tools/ansible/roles/zookeeper/tasks/main.yml
@@ -30,7 +30,14 @@
become: yes
- name: open zookeeper port
- firewalld: port=2181/tcp zone=public permanent=true state=enabled immediate=yes
+ firewalld:
+ zone: public
+ permanent: yes
+ state: enabled
+ immediate: yes
+ rich_rule: rule family=ipv4 source address="{{ item }}" port port=2181 protocol=tcp accept
+ with_items:
+ - "{{ zk_subnets }}"
become: yes
- name: Copy zoo.cfg file
diff --git a/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/PoolingSSHJClient.java b/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/PoolingSSHJClient.java
index d7caa29..8010cb5 100644
--- a/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/PoolingSSHJClient.java
+++ b/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/PoolingSSHJClient.java
@@ -163,7 +163,7 @@
SSHClientWrapper sshClient = minEntry.getKey();
- if (!sshClient.isConnected() || !sshClient.isAuthenticated() || !sshClient.isErrored()) {
+ if (!sshClient.isConnected() || !sshClient.isAuthenticated() || sshClient.isErrored()) {
logger.warn("Client for host {} is not connected or not authenticated. Creating a new client", host);
removeDisconnectedClients(sshClient, true);
return newClientWithSessionValidation();
diff --git a/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/SSHJAgentAdaptor.java b/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/SSHJAgentAdaptor.java
index 07fb978..5e6059f 100644
--- a/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/SSHJAgentAdaptor.java
+++ b/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/SSHJAgentAdaptor.java
@@ -468,9 +468,11 @@
} catch (Exception e) {
throw new AgentException(e);
}*/
+ /*
if (fileName.endsWith("*")) {
throw new AgentException("Wildcards that ends with * does not support for security reasons. Specify an extension");
}
+ */
CommandOutput commandOutput = executeCommand("ls " + fileName, parentPath); // This has a risk of returning folders also
String[] filesTmp = commandOutput.getStdOut().split("\n");
diff --git a/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/wrapper/SFTPClientWrapper.java b/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/wrapper/SFTPClientWrapper.java
index 635ddfd..6327d30 100644
--- a/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/wrapper/SFTPClientWrapper.java
+++ b/modules/airavata-helix/agent-impl/sshj-agent/src/main/java/org/apache/airavata/helix/adaptor/wrapper/SFTPClientWrapper.java
@@ -25,7 +25,6 @@
import java.util.function.Consumer;
public class SFTPClientWrapper extends SFTPClient {
- private SFTPClient sftpClient;
private Consumer<Integer> onCloseFunction;
private SSHClientWrapper originalSSHClient;
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/participant/GlobalParticipant.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/participant/GlobalParticipant.java
index ce1372a..fb439f4 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/participant/GlobalParticipant.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/participant/GlobalParticipant.java
@@ -20,8 +20,10 @@
package org.apache.airavata.helix.impl.participant;
import org.apache.airavata.common.exception.ApplicationSettingsException;
+import org.apache.airavata.common.utils.ServerSettings;
import org.apache.airavata.helix.core.AbstractTask;
import org.apache.airavata.helix.core.participant.HelixParticipant;
+import org.apache.airavata.patform.monitoring.MonitoringServer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -75,6 +77,15 @@
taskClasses.add(Class.forName(taskClassName).asSubclass(AbstractTask.class));
}
+ if (ServerSettings.getBooleanSetting("participant.monitoring.enabled")) {
+ MonitoringServer monitoringServer = new MonitoringServer(
+ ServerSettings.getSetting("participant.monitoring.host"),
+ ServerSettings.getIntSetting("participant.monitoring.port"));
+ monitoringServer.start();
+
+ Runtime.getRuntime().addShutdownHook(new Thread(monitoringServer::stop));
+ }
+
GlobalParticipant participant = new GlobalParticipant(taskClasses, null);
participant.startServer();
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/env/EnvSetupTask.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/env/EnvSetupTask.java
index d6b00c5..03a35ea 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/env/EnvSetupTask.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/env/EnvSetupTask.java
@@ -25,6 +25,7 @@
import org.apache.airavata.helix.task.api.TaskHelper;
import org.apache.airavata.helix.task.api.annotation.TaskDef;
import org.apache.airavata.model.status.ProcessState;
+import org.apache.airavata.patform.monitoring.CountMonitor;
import org.apache.helix.task.TaskResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -33,10 +34,12 @@
public class EnvSetupTask extends AiravataTask {
private final static Logger logger = LoggerFactory.getLogger(EnvSetupTask.class);
+ private final static CountMonitor envSetupTaskCounter = new CountMonitor("env_setup_task_counter");
@Override
public TaskResult onRun(TaskHelper taskHelper, TaskContext taskContext) {
try {
+ envSetupTaskCounter.inc();
saveAndPublishProcessStatus(ProcessState.CONFIGURING_WORKSPACE);
AgentAdaptor adaptor = taskHelper.getAdaptorSupport().fetchAdaptor(
getTaskContext().getGatewayId(),
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/parsing/DataParsingTask.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/parsing/DataParsingTask.java
index b290f16..09cfb57 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/parsing/DataParsingTask.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/parsing/DataParsingTask.java
@@ -58,6 +58,7 @@
import org.apache.airavata.model.data.replica.DataReplicaLocationModel;
import org.apache.airavata.model.data.replica.ReplicaLocationCategory;
import org.apache.airavata.model.data.replica.ReplicaPersistentType;
+import org.apache.airavata.patform.monitoring.CountMonitor;
import org.apache.airavata.registry.api.RegistryService;
import org.apache.airavata.registry.api.client.RegistryServiceClientFactory;
import org.apache.airavata.registry.api.exception.RegistryServiceException;
@@ -85,6 +86,7 @@
public class DataParsingTask extends AbstractTask {
private final static Logger logger = LoggerFactory.getLogger(DataParsingTask.class);
+ private final static CountMonitor parsingTaskCounter = new CountMonitor("parsing_task_counter");
@TaskParam(name = "Parser Id")
private String parserId;
@@ -107,7 +109,7 @@
@Override
public TaskResult onRun(TaskHelper helper) {
logger.info("Starting data parsing task " + getTaskId());
-
+ parsingTaskCounter.inc();
try {
Parser parser = getRegistryServiceClient().getParser(parserId, gatewayId);
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/ArchiveTask.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/ArchiveTask.java
index 7d4ffa0..141bb2a 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/ArchiveTask.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/ArchiveTask.java
@@ -27,6 +27,7 @@
import org.apache.airavata.helix.task.api.annotation.TaskDef;
import org.apache.airavata.model.status.ProcessState;
import org.apache.airavata.model.task.DataStagingTaskModel;
+import org.apache.airavata.patform.monitoring.CountMonitor;
import org.apache.helix.task.TaskResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -40,10 +41,13 @@
private final static Logger logger = LoggerFactory.getLogger(ArchiveTask.class);
private final static long MAX_ARCHIVE_SIZE = 1024L * 1024L * 1024L * 20L; // 20GB
+ private final static CountMonitor archiveTaskCounter = new CountMonitor("archive_task_counter");
+
@Override
public TaskResult onRun(TaskHelper taskHelper, TaskContext taskContext) {
logger.info("Starting archival task " + getTaskId() + " in experiment " + getExperimentId());
+ archiveTaskCounter.inc();
saveAndPublishProcessStatus(ProcessState.OUTPUT_DATA_STAGING);
try {
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/DataStagingTask.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/DataStagingTask.java
index 9258dd0..1df76a2 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/DataStagingTask.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/DataStagingTask.java
@@ -31,6 +31,7 @@
import org.apache.airavata.helix.task.api.support.AdaptorSupport;
import org.apache.airavata.model.appcatalog.storageresource.StorageResourceDescription;
import org.apache.airavata.model.task.DataStagingTaskModel;
+import org.apache.airavata.patform.monitoring.CountMonitor;
import org.apache.commons.io.FileUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -47,6 +48,7 @@
public abstract class DataStagingTask extends AiravataTask {
private final static Logger logger = LoggerFactory.getLogger(DataStagingTask.class);
+ private final static CountMonitor transferSizeTaskCounter = new CountMonitor("transfer_data_size_counter");
private final static ExecutorService PASS_THROUGH_EXECUTOR =
new ThreadPoolExecutor(10, 60, 0L, TimeUnit.MILLISECONDS,
@@ -162,6 +164,8 @@
throw new TaskOnFailException("Local file does not exist at " + tempFile, false, null);
}
+ transferSizeTaskCounter.inc(localFile.length());
+
try {
logger.info("Uploading file form local temp file " + tempFile + " to " + destFile);
destAdaptor.uploadFile(tempFile, destFile);
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/InputDataStagingTask.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/InputDataStagingTask.java
index e7e9010..7c329c6 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/InputDataStagingTask.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/InputDataStagingTask.java
@@ -29,6 +29,7 @@
import org.apache.airavata.model.application.io.InputDataObjectType;
import org.apache.airavata.model.status.ProcessState;
import org.apache.airavata.model.task.DataStagingTaskModel;
+import org.apache.airavata.patform.monitoring.CountMonitor;
import org.apache.helix.task.TaskResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -40,11 +41,14 @@
public class InputDataStagingTask extends DataStagingTask {
private final static Logger logger = LoggerFactory.getLogger(InputDataStagingTask.class);
+ private final static CountMonitor inputDSTaskCounter = new CountMonitor("input_ds_task_counter");
@Override
public TaskResult onRun(TaskHelper taskHelper, TaskContext taskContext) {
logger.info("Starting Input Data Staging Task " + getTaskId());
+ inputDSTaskCounter.inc();
+
saveAndPublishProcessStatus(ProcessState.INPUT_DATA_STAGING);
try {
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/OutputDataStagingTask.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/OutputDataStagingTask.java
index a5d9d74..4419250 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/OutputDataStagingTask.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/staging/OutputDataStagingTask.java
@@ -31,6 +31,7 @@
import org.apache.airavata.model.application.io.OutputDataObjectType;
import org.apache.airavata.model.status.ProcessState;
import org.apache.airavata.model.task.DataStagingTaskModel;
+import org.apache.airavata.patform.monitoring.CountMonitor;
import org.apache.helix.task.TaskResult;
import org.apache.thrift.TException;
import org.slf4j.Logger;
@@ -48,11 +49,13 @@
public class OutputDataStagingTask extends DataStagingTask {
private final static Logger logger = LoggerFactory.getLogger(OutputDataStagingTask.class);
+ private final static CountMonitor outputDSTaskCounter = new CountMonitor("output_ds_task_counter");
@Override
public TaskResult onRun(TaskHelper taskHelper, TaskContext taskContext) {
logger.info("Starting output data staging task " + getTaskId() + " in experiment " + getExperimentId());
+ outputDSTaskCounter.inc();
saveAndPublishProcessStatus(ProcessState.OUTPUT_DATA_STAGING);
try {
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/DefaultJobSubmissionTask.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/DefaultJobSubmissionTask.java
index ae02bb5..4a76e1d 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/DefaultJobSubmissionTask.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/DefaultJobSubmissionTask.java
@@ -32,6 +32,7 @@
import org.apache.airavata.model.job.JobModel;
import org.apache.airavata.model.status.*;
import org.apache.airavata.model.workspace.GatewayUsageReportingCommand;
+import org.apache.airavata.patform.monitoring.CountMonitor;
import org.apache.helix.task.TaskResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -46,12 +47,14 @@
public class DefaultJobSubmissionTask extends JobSubmissionTask {
private final static Logger logger = LoggerFactory.getLogger(DefaultJobSubmissionTask.class);
+ private final static CountMonitor defaultJSTaskCounter = new CountMonitor("default_js_task_counter");
private static final String DEFAULT_JOB_ID = "DEFAULT_JOB_ID";
@Override
public TaskResult onRun(TaskHelper taskHelper, TaskContext taskContext) {
+ defaultJSTaskCounter.inc();
String jobId = null;
AgentAdaptor adaptor;
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/config/GroovyMapBuilder.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/config/GroovyMapBuilder.java
index 937c0e6..14c72e5 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/config/GroovyMapBuilder.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/config/GroovyMapBuilder.java
@@ -193,7 +193,7 @@
if (moduleCmds != null) {
List<String> modulesCmdCollect = moduleCmds.stream()
.sorted((e1, e2) -> e1.getCommandOrder() - e2.getCommandOrder())
- .map(map -> map.getCommand())
+ .map(map -> parseCommands(map.getCommand(), mapData))
.collect(Collectors.toList());
mapData.setModuleCommands(modulesCmdCollect);
}
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/config/GroovyMapData.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/config/GroovyMapData.java
index 316a34f..45c9e9d 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/config/GroovyMapData.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/task/submission/config/GroovyMapData.java
@@ -23,11 +23,13 @@
import groovy.text.GStringTemplateEngine;
import groovy.text.TemplateEngine;
import org.apache.airavata.common.utils.ApplicationSettings;
+import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.lang.reflect.Field;
import java.net.URL;
+import java.nio.charset.Charset;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -531,6 +533,8 @@
Writable make;
try {
make = engine.createTemplate(templateStr).make(toImmutableMap());
+ //String intermediateOut = make.toString();
+ //make = engine.createTemplate(intermediateOut).make(toImmutableMap()); // Parsing through the map to resolve parameters in the map values (AIRAVATA-3391)
} catch (Exception e) {
throw new Exception("Error while generating script using groovy map for string " + templateStr, e);
}
@@ -546,22 +550,15 @@
URL templateUrl = ApplicationSettings.loadFile(templateName);
if (templateUrl == null) {
String error = "Template file '" + templateName + "' not found";
+ logger.error(error);
throw new Exception(error);
}
- //File template = new File(templateUrl.getPath());
- TemplateEngine engine = new GStringTemplateEngine();
- Writable make;
- try {
- make = engine.createTemplate(templateUrl).make(toImmutableMap());
+ try {
+ String templateStr = IOUtils.toString(templateUrl.openStream(), Charset.defaultCharset());
+ return loadFromString(templateStr);
} catch (Exception e) {
throw new Exception("Error while generating script using groovy map for template " + templateUrl.getPath(), e);
}
-
- if (logger.isTraceEnabled()) {
- logger.trace("Groovy map as string for template " + templateName);
- logger.trace(make.toString());
- }
- return make.toString();
}
}
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/ParserWorkflowManager.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/ParserWorkflowManager.java
index 772206c..1646ee1 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/ParserWorkflowManager.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/ParserWorkflowManager.java
@@ -35,6 +35,8 @@
import org.apache.airavata.model.application.io.OutputDataObjectType;
import org.apache.airavata.model.experiment.ExperimentModel;
import org.apache.airavata.model.process.ProcessModel;
+import org.apache.airavata.patform.monitoring.CountMonitor;
+import org.apache.airavata.patform.monitoring.MonitoringServer;
import org.apache.airavata.registry.api.RegistryService;
import org.apache.kafka.clients.consumer.*;
import org.apache.kafka.common.TopicPartition;
@@ -54,6 +56,7 @@
public class ParserWorkflowManager extends WorkflowManager {
private final static Logger logger = LoggerFactory.getLogger(ParserWorkflowManager.class);
+ private final static CountMonitor parserwfCounter = new CountMonitor("parser_wf_counter");
private String parserStorageResourceId = ServerSettings.getSetting("parser.storage.resource.id");
@@ -63,6 +66,16 @@
}
public static void main(String[] args) throws Exception {
+
+ if (ServerSettings.getBooleanSetting("parser.workflow.manager.monitoring.enabled")) {
+ MonitoringServer monitoringServer = new MonitoringServer(
+ ServerSettings.getSetting("parser.workflow.manager.monitoring.host"),
+ ServerSettings.getIntSetting("parser.workflow.manager.monitoring.port"));
+ monitoringServer.start();
+
+ Runtime.getRuntime().addShutdownHook(new Thread(monitoringServer::stop));
+ }
+
ParserWorkflowManager manager = new ParserWorkflowManager();
manager.init();
manager.runConsumer();
@@ -162,6 +175,7 @@
// TODO: figure out processId and register
// registerWorkflowForProcess(processId, workflow, "PARSER");
logger.info("Launched workflow " + workflow);
+ parserwfCounter.inc();
}
getRegistryClientPool().returnResource(registryClient);
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/PostWorkflowManager.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/PostWorkflowManager.java
index f3b9dea..7008b98 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/PostWorkflowManager.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/PostWorkflowManager.java
@@ -47,6 +47,8 @@
import org.apache.airavata.model.task.DataStagingTaskModel;
import org.apache.airavata.model.task.TaskModel;
import org.apache.airavata.model.task.TaskTypes;
+import org.apache.airavata.patform.monitoring.CountMonitor;
+import org.apache.airavata.patform.monitoring.MonitoringServer;
import org.apache.airavata.registry.api.RegistryService;
import org.apache.kafka.clients.consumer.*;
import org.apache.kafka.common.TopicPartition;
@@ -61,6 +63,7 @@
public class PostWorkflowManager extends WorkflowManager {
private final static Logger logger = LoggerFactory.getLogger(PostWorkflowManager.class);
+ private final static CountMonitor postwfCounter = new CountMonitor("post_wf_counter");
private ExecutorService processingPool = Executors.newFixedThreadPool(10);
@@ -198,6 +201,7 @@
private void executePostWorkflow(String processId, String gateway, boolean forceRun) throws Exception {
+ postwfCounter.inc();
RegistryService.Client registryClient = getRegistryClientPool().getResource();
ProcessModel processModel;
@@ -388,6 +392,15 @@
public static void main(String[] args) throws Exception {
+ if (ServerSettings.getBooleanSetting("post.workflow.manager.monitoring.enabled")) {
+ MonitoringServer monitoringServer = new MonitoringServer(
+ ServerSettings.getSetting("post.workflow.manager.monitoring.host"),
+ ServerSettings.getIntSetting("post.workflow.manager.monitoring.port"));
+ monitoringServer.start();
+
+ Runtime.getRuntime().addShutdownHook(new Thread(monitoringServer::stop));
+ }
+
PostWorkflowManager postManager = new PostWorkflowManager();
postManager.startServer();
}
diff --git a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/PreWorkflowManager.java b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/PreWorkflowManager.java
index 9423854..3bb4c81 100644
--- a/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/PreWorkflowManager.java
+++ b/modules/airavata-helix/helix-spectator/src/main/java/org/apache/airavata/helix/impl/workflow/PreWorkflowManager.java
@@ -41,6 +41,8 @@
import org.apache.airavata.model.status.ProcessStatus;
import org.apache.airavata.model.task.TaskModel;
import org.apache.airavata.model.task.TaskTypes;
+import org.apache.airavata.patform.monitoring.CountMonitor;
+import org.apache.airavata.patform.monitoring.MonitoringServer;
import org.apache.airavata.registry.api.RegistryService;
import org.apache.thrift.TBase;
import org.apache.thrift.TException;
@@ -53,6 +55,7 @@
public class PreWorkflowManager extends WorkflowManager {
private final static Logger logger = LoggerFactory.getLogger(PreWorkflowManager.class);
+ private final static CountMonitor prewfCounter = new CountMonitor("pre_wf_counter");
private Subscriber subscriber;
@@ -78,6 +81,7 @@
private String createAndLaunchPreWorkflow(String processId, boolean forceRun) throws Exception {
+ prewfCounter.inc();
RegistryService.Client registryClient = getRegistryClientPool().getResource();
ProcessModel processModel;
@@ -216,6 +220,16 @@
}
public static void main(String[] args) throws Exception {
+
+ if (ServerSettings.getBooleanSetting("pre.workflow.manager.monitoring.enabled")) {
+ MonitoringServer monitoringServer = new MonitoringServer(
+ ServerSettings.getSetting("pre.workflow.manager.monitoring.host"),
+ ServerSettings.getIntSetting("pre.workflow.manager.monitoring.port"));
+ monitoringServer.start();
+
+ Runtime.getRuntime().addShutdownHook(new Thread(monitoringServer::stop));
+ }
+
PreWorkflowManager preWorkflowManager = new PreWorkflowManager();
preWorkflowManager.startServer();
}
diff --git a/modules/airavata-helix/platform-monitor/pom.xml b/modules/airavata-helix/platform-monitor/pom.xml
deleted file mode 100644
index 9b850c0..0000000
--- a/modules/airavata-helix/platform-monitor/pom.xml
+++ /dev/null
@@ -1,24 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <parent>
- <artifactId>airavata-helix</artifactId>
- <groupId>org.apache.airavata</groupId>
- <version>0.20-SNAPSHOT</version>
- </parent>
- <modelVersion>4.0.0</modelVersion>
-
- <artifactId>platform-monitor</artifactId>
-
- <dependencies>
- <dependency>
- <groupId>org.apache.airavata</groupId>
- <artifactId>helix-spectator</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>javax.mail</groupId>
- <artifactId>mail</artifactId>
- <version>1.4</version>
- </dependency>
- </dependencies>
-</project>
diff --git a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/ErrorNotifier.java b/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/ErrorNotifier.java
deleted file mode 100644
index 0293d5b..0000000
--- a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/ErrorNotifier.java
+++ /dev/null
@@ -1,67 +0,0 @@
-package org.apache.airavata.helix.cluster.monitoring;
-
-import org.apache.airavata.common.utils.ServerSettings;
-import org.apache.commons.lang.exception.ExceptionUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.Properties;
-import javax.mail.*;
-import javax.mail.internet.InternetAddress;
-import javax.mail.internet.MimeMessage;
-
-public class ErrorNotifier {
-
- private final static Logger logger = LoggerFactory.getLogger(ErrorNotifier.class);
-
- public void sendNotification(PlatformMonitorError monitorError) {
- if (monitorError.getError() == null) {
- logger.error("Monitor error " + monitorError.getReason());
- } else {
- logger.error("Monitor error " + monitorError.getReason(), monitorError.getError());
- }
- sendEmail(monitorError);
- }
-
- private void sendEmail(PlatformMonitorError monitorError) {
-
- try {
-
- String username = ServerSettings.getSetting("sender.email.account");
- String password = ServerSettings.getSetting("sender.email.password");
- String targetEmails = ServerSettings.getSetting("target.email.accounts");
-
- Properties props = new Properties();
- props.put("mail.smtp.auth", "true");
- props.put("mail.smtp.starttls.enable", "true");
- props.put("mail.smtp.host", "smtp.gmail.com");
- props.put("mail.smtp.port", "587");
-
- String[] targetEmailArr = targetEmails.split(",");
-
- for (String targetEmail : targetEmailArr) {
- Session session = Session.getInstance(props,
- new javax.mail.Authenticator() {
- protected PasswordAuthentication getPasswordAuthentication() {
- return new PasswordAuthentication(username, password);
- }
- });
-
- Message message = new MimeMessage(session);
- message.setFrom(new InternetAddress(username));
- message.setRecipients(Message.RecipientType.TO,
- InternetAddress.parse(targetEmail));
- message.setSubject("Possible issue in " + ServerSettings.getSetting("platform.name"));
- message.setText(monitorError.getReason() + "\n" + "Error code " + monitorError.getErrorCode() + "\n" +
- (monitorError.getError() != null ? ExceptionUtils.getFullStackTrace(monitorError.getError()) : ""));
-
- Transport.send(message);
-
- logger.info("Sent notification email to " + targetEmail);
- }
-
- } catch (Exception e) {
- logger.error("Failed to send email", e);
- }
- }
-}
diff --git a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/MainMonitor.java b/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/MainMonitor.java
deleted file mode 100644
index 7b02f02..0000000
--- a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/MainMonitor.java
+++ /dev/null
@@ -1,36 +0,0 @@
-package org.apache.airavata.helix.cluster.monitoring;
-
-import org.apache.airavata.common.exception.ApplicationSettingsException;
-import org.apache.airavata.common.utils.ServerSettings;
-import org.apache.airavata.helix.cluster.monitoring.agents.*;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.Arrays;
-import java.util.List;
-import java.util.concurrent.Executors;
-import java.util.concurrent.ScheduledExecutorService;
-import java.util.concurrent.TimeUnit;
-
-public class MainMonitor {
-
- private final static Logger logger = LoggerFactory.getLogger(MainMonitor.class);
-
- public static void main(String args[]) throws Exception {
-
- logger.info("Starting platform monitor");
-
- List<PlatformMonitor> platformMonitors = Arrays.asList(new ApiServerMonitor(),
- new DbMonitor(), new HelixControllerMonitor(),
- new HelixParticipantMonitor(), new ZookeeperMonitor());
-
- ErrorNotifier errorNotifier = new ErrorNotifier();
-
- for (PlatformMonitor monitor : platformMonitors) {
- ScheduledExecutorService executorService = Executors.newSingleThreadScheduledExecutor();
- executorService.scheduleWithFixedDelay(() -> monitor.monitor(errorNotifier), 0,
- Integer.parseInt(ServerSettings.getSetting("platform_monitor_interval_minutes")),
- TimeUnit.MINUTES);
- }
- }
-}
\ No newline at end of file
diff --git a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/PlatformMonitor.java b/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/PlatformMonitor.java
deleted file mode 100644
index ee9e1b6..0000000
--- a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/PlatformMonitor.java
+++ /dev/null
@@ -1,5 +0,0 @@
-package org.apache.airavata.helix.cluster.monitoring;
-
-public interface PlatformMonitor {
- public void monitor(ErrorNotifier notifier);
-}
diff --git a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/PlatformMonitorError.java b/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/PlatformMonitorError.java
deleted file mode 100644
index 076d8b9..0000000
--- a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/PlatformMonitorError.java
+++ /dev/null
@@ -1,46 +0,0 @@
-package org.apache.airavata.helix.cluster.monitoring;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class PlatformMonitorError {
-
- private final static Logger logger = LoggerFactory.getLogger(PlatformMonitorError.class);
-
- private String reason;
- private String errorCode;
- private String category;
- private Throwable error;
-
- public String getReason() {
- return reason;
- }
-
- public void setReason(String reason) {
- this.reason = reason;
- }
-
- public String getErrorCode() {
- return errorCode;
- }
-
- public void setErrorCode(String errorCode) {
- this.errorCode = errorCode;
- }
-
- public String getCategory() {
- return category;
- }
-
- public void setCategory(String category) {
- this.category = category;
- }
-
- public Throwable getError() {
- return error;
- }
-
- public void setError(Throwable error) {
- this.error = error;
- }
-}
\ No newline at end of file
diff --git a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/ApiServerMonitor.java b/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/ApiServerMonitor.java
deleted file mode 100644
index 6dc301b..0000000
--- a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/ApiServerMonitor.java
+++ /dev/null
@@ -1,47 +0,0 @@
-package org.apache.airavata.helix.cluster.monitoring.agents;
-
-import org.apache.airavata.common.exception.ApplicationSettingsException;
-import org.apache.airavata.common.utils.ServerSettings;
-import org.apache.airavata.helix.cluster.monitoring.ErrorNotifier;
-import org.apache.airavata.helix.cluster.monitoring.PlatformMonitor;
-import org.apache.airavata.helix.cluster.monitoring.PlatformMonitorError;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.net.Socket;
-
-public class ApiServerMonitor implements PlatformMonitor {
-
- private final static Logger logger = LoggerFactory.getLogger(PlatformMonitor.class);
-
- private String apiServerHost =ServerSettings.getSetting("api.server.host");
- private String apiServerPort = ServerSettings.getSetting("api.server.port");
-
- public ApiServerMonitor() throws ApplicationSettingsException {
- }
-
- public void monitor(ErrorNotifier notifier) {
-
- logger.info("Monitoring API Server started");
- Socket s = null;
-
- try {
- s = new Socket(apiServerHost, Integer.parseInt(apiServerPort));
- } catch (IOException e) {
- PlatformMonitorError monitorError = new PlatformMonitorError();
- monitorError.setError(e);
- monitorError.setReason("Could not establish a connection with Api Server " + apiServerHost + ":" + apiServerPort);
- monitorError.setCategory("ApiServer");
- monitorError.setCategory("AS001");
- notifier.sendNotification(monitorError);
- } finally {
- if(s != null)
- try {s.close();}
- catch(Exception ignored){}
- }
-
- logger.info("Monitoring API Server finished");
-
- }
-}
diff --git a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/DbMonitor.java b/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/DbMonitor.java
deleted file mode 100644
index 4d71216..0000000
--- a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/DbMonitor.java
+++ /dev/null
@@ -1,48 +0,0 @@
-package org.apache.airavata.helix.cluster.monitoring.agents;
-
-import org.apache.airavata.common.exception.ApplicationSettingsException;
-import org.apache.airavata.common.utils.ServerSettings;
-import org.apache.airavata.helix.cluster.monitoring.ErrorNotifier;
-import org.apache.airavata.helix.cluster.monitoring.PlatformMonitor;
-import org.apache.airavata.helix.cluster.monitoring.PlatformMonitorError;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.net.Socket;
-
-public class DbMonitor implements PlatformMonitor {
-
- private final static Logger logger = LoggerFactory.getLogger(DbMonitor.class);
-
- private String dbServerHost = ServerSettings.getSetting("database.host");
- private String dbPort = ServerSettings.getSetting("database.port");
-
- public DbMonitor() throws ApplicationSettingsException {
- }
-
- public void monitor(ErrorNotifier notifier) {
-
- logger.info("Monitoring Database Server started");
-
- Socket s = null;
-
- try {
- s = new Socket(dbServerHost, Integer.parseInt(dbPort));
- } catch (IOException e) {
- PlatformMonitorError monitorError = new PlatformMonitorError();
- monitorError.setError(e);
- monitorError.setReason("Could not establish a connection with Database " + dbServerHost + ":" + dbPort);
- monitorError.setCategory("Database");
- monitorError.setCategory("DB001");
- notifier.sendNotification(monitorError);
- } finally {
- if(s != null)
- try {s.close();}
- catch(Exception ignored){}
- }
-
- logger.info("Monitoring Database Server finished");
-
- }
-}
diff --git a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/HelixControllerMonitor.java b/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/HelixControllerMonitor.java
deleted file mode 100644
index 9e081b5..0000000
--- a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/HelixControllerMonitor.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package org.apache.airavata.helix.cluster.monitoring.agents;
-
-import org.apache.airavata.helix.cluster.monitoring.ErrorNotifier;
-import org.apache.airavata.helix.cluster.monitoring.PlatformMonitor;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class HelixControllerMonitor implements PlatformMonitor {
-
- private final static Logger logger = LoggerFactory.getLogger(HelixControllerMonitor.class);
-
- @Override
- public void monitor(ErrorNotifier notifier) {
- logger.info("Monitoring Controller started");
- logger.info("Monitoring Controller finished");
- }
-}
\ No newline at end of file
diff --git a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/HelixParticipantMonitor.java b/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/HelixParticipantMonitor.java
deleted file mode 100644
index cb40fb4..0000000
--- a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/HelixParticipantMonitor.java
+++ /dev/null
@@ -1,108 +0,0 @@
-package org.apache.airavata.helix.cluster.monitoring.agents;
-
-import org.apache.airavata.common.exception.ApplicationSettingsException;
-import org.apache.airavata.common.utils.ServerSettings;
-import org.apache.airavata.helix.cluster.monitoring.ErrorNotifier;
-import org.apache.airavata.helix.cluster.monitoring.PlatformMonitor;
-import org.apache.airavata.helix.cluster.monitoring.PlatformMonitorError;
-import org.apache.airavata.helix.impl.task.mock.MockTask;
-import org.apache.airavata.helix.workflow.WorkflowOperator;
-import org.apache.helix.manager.zk.ZKHelixAdmin;
-import org.apache.helix.manager.zk.ZNRecordSerializer;
-import org.apache.helix.manager.zk.ZkClient;
-import org.apache.helix.model.InstanceConfig;
-import org.apache.helix.task.TaskState;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.Collections;
-import java.util.UUID;
-
-public class HelixParticipantMonitor implements PlatformMonitor {
-
- private final static Logger logger = LoggerFactory.getLogger(HelixParticipantMonitor.class);
-
- private String helixClusterName = ServerSettings.getSetting("helix.cluster.name");
- private String instanceName = ServerSettings.getSetting("helix.participant.name");
- private String zkConnectionString = ServerSettings.getZookeeperConnection();
- private WorkflowOperator operator;
-
- public HelixParticipantMonitor() throws Exception {
- operator = new WorkflowOperator(helixClusterName, "mock-wf-operator", zkConnectionString);
- }
-
- public void monitor(ErrorNotifier notifier) {
-
- logger.info("Monitoring Participant started");
-
- PlatformMonitorError monitorError = checkConnectivity();
- if (monitorError != null) notifier.sendNotification(monitorError);
- monitorError = checkMockWorkflow();
- if (monitorError != null) notifier.sendNotification(monitorError);
-
- logger.info("Monitoring Participant finished");
-
- }
-
- private PlatformMonitorError checkConnectivity() {
- ZkClient zkclient = null;
- try {
- zkclient = new ZkClient(zkConnectionString, ZkClient.DEFAULT_SESSION_TIMEOUT,
- ZkClient.DEFAULT_CONNECTION_TIMEOUT, new ZNRecordSerializer());
- ZKHelixAdmin admin = new ZKHelixAdmin(zkclient);
-
- InstanceConfig instanceConfig = admin.getInstanceConfig(helixClusterName, instanceName);
-
- String result = new String(instanceConfig.serialize(new ZNRecordSerializer()));
-
- int startPoint = result.indexOf("HELIX_ENABLED");
- int endPoint = result.indexOf("\n", startPoint);
- String enabledStr = result.substring(startPoint, endPoint);
- if (enabledStr.contains("false")) {
- PlatformMonitorError monitorError = new PlatformMonitorError();
- monitorError.setReason("Helix participant " + instanceName + " is not active");
- monitorError.setCategory("Participant");
- monitorError.setErrorCode("P001");
- return monitorError;
- }
- } catch (Exception e) {
- PlatformMonitorError monitorError = new PlatformMonitorError();
- monitorError.setError(e);
- monitorError.setReason("Failed to fetch Helix participant " + instanceName + " information");
- monitorError.setCategory("Participant");
- monitorError.setErrorCode("P002");
- return monitorError;
- } finally {
- if (zkclient != null) {
- zkclient.close();
- }
- }
- return null;
- }
-
- private PlatformMonitorError checkMockWorkflow() {
- MockTask mockTask = new MockTask();
- mockTask.setTaskId("Mock-" + UUID.randomUUID().toString());
- try {
- String workflow = operator.launchWorkflow(UUID.randomUUID().toString(), Collections.singletonList(mockTask), true, false);
- /*TaskState state = operator.pollForWorkflowCompletion(workflow, Long.parseLong(ServerSettings.getSetting("platform_mock_workflow_timeout_ms")));
- if (state != TaskState.COMPLETED) {
- PlatformMonitorError monitorError = new PlatformMonitorError();
- monitorError.setReason("Mock workflow failed to execute with status " + state.name() + ". " +
- "Check whether Helix cluster is working properly");
- monitorError.setCategory("Participant");
- monitorError.setErrorCode("P003");
- return monitorError;
- }*/
- } catch (Exception e) {
- PlatformMonitorError monitorError = new PlatformMonitorError();
- monitorError.setError(e);
- monitorError.setReason("Failed to launch mock workflow on helix cluster " + helixClusterName + ". " +
- "Check whether Helix cluster is working properly including the availability of Controller and Participant");
- monitorError.setCategory("Participant");
- monitorError.setErrorCode("P004");
- return monitorError;
- }
- return null;
- }
-}
\ No newline at end of file
diff --git a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/ZookeeperMonitor.java b/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/ZookeeperMonitor.java
deleted file mode 100644
index c21ec90..0000000
--- a/modules/airavata-helix/platform-monitor/src/main/java/org/apache/airavata/helix/cluster/monitoring/agents/ZookeeperMonitor.java
+++ /dev/null
@@ -1,47 +0,0 @@
-package org.apache.airavata.helix.cluster.monitoring.agents;
-
-import org.apache.airavata.common.exception.ApplicationSettingsException;
-import org.apache.airavata.common.utils.ServerSettings;
-import org.apache.airavata.helix.cluster.monitoring.ErrorNotifier;
-import org.apache.airavata.helix.cluster.monitoring.PlatformMonitor;
-import org.apache.airavata.helix.cluster.monitoring.PlatformMonitorError;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.net.Socket;
-
-public class ZookeeperMonitor implements PlatformMonitor {
-
- private final static Logger logger = LoggerFactory.getLogger(ZookeeperMonitor.class);
-
- private String zkConnection = ServerSettings.getZookeeperConnection();
-
- public ZookeeperMonitor() throws ApplicationSettingsException {
- }
-
- public void monitor(ErrorNotifier notifier) {
-
- logger.info("Monitoring Zookeeper started");
-
- Socket s = null;
-
- try {
- s = new Socket(zkConnection.split(":")[0], Integer.parseInt(zkConnection.split(":")[1]));
- } catch (IOException e) {
- PlatformMonitorError monitorError = new PlatformMonitorError();
- monitorError.setError(e);
- monitorError.setReason("Could not establish a connection with Zookeeper " + zkConnection);
- monitorError.setCategory("Zookeeper");
- monitorError.setCategory("ZK001");
- notifier.sendNotification(monitorError);
- } finally {
- if(s != null)
- try {s.close();}
- catch(Exception ignored){}
- }
-
- logger.info("Monitoring Zookeeper finished");
-
- }
-}
\ No newline at end of file
diff --git a/modules/airavata-helix/platform-monitor/src/main/resources/airavata-server.properties b/modules/airavata-helix/platform-monitor/src/main/resources/airavata-server.properties
deleted file mode 100644
index afd4ecc..0000000
--- a/modules/airavata-helix/platform-monitor/src/main/resources/airavata-server.properties
+++ /dev/null
@@ -1,13 +0,0 @@
-api.server.host=149.165.170.103
-api.server.port=9930
-database.host=149.165.171.12
-database.port=3306
-helix.cluster.name=AiravataDemoCluster
-helix.participant.name=helixparticipant
-zookeeper.server.connection=149.165.170.103:2181
-sender.email.account=CHANGE_ME
-sender.email.password=CHANGE_ME
-target.email.accounts=dimuthu.upeksha2@gmail.com,dwannipu@iu.edu
-platform.name=Testing Environment
-platform_monitor_interval_minutes=10
-platform_mock_workflow_timeout_ms=300000
\ No newline at end of file
diff --git a/modules/airavata-helix/platform-monitor/src/main/resources/logback.xml b/modules/airavata-helix/platform-monitor/src/main/resources/logback.xml
deleted file mode 100644
index e1a1b2e..0000000
--- a/modules/airavata-helix/platform-monitor/src/main/resources/logback.xml
+++ /dev/null
@@ -1,53 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
-
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
-
--->
-<configuration>
-
- <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>%d [%t] %-5p %c{30} %m [%X]%n</pattern>
- </encoder>
- </appender>
-
- <appender name="LOGFILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <File>../logs/airavata.log</File>
- <Append>true</Append>
- <encoder>
- <pattern>%d [%t] %-5p %c{30} %m [%X]%n</pattern>
- </encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>../logs/airavata.log.%d{yyyy-MM-dd}</fileNamePattern>
- <maxHistory>30</maxHistory>
- <totalSizeCap>1GB</totalSizeCap>
- </rollingPolicy>
- </appender>
-
- <logger name="ch.qos.logback" level="WARN"/>
- <logger name="org.apache.helix" level="WARN"/>
- <logger name="org.apache.zookeeper" level="ERROR"/>
- <logger name="org.apache.airavata" level="INFO"/>
- <logger name="org.hibernate" level="ERROR"/>
- <root level="INFO">
- <appender-ref ref="CONSOLE"/>
- <appender-ref ref="LOGFILE"/>
- </root>
-</configuration>
\ No newline at end of file
diff --git a/modules/airavata-helix/pom.xml b/modules/airavata-helix/pom.xml
index b878d2e..5449e8c 100644
--- a/modules/airavata-helix/pom.xml
+++ b/modules/airavata-helix/pom.xml
@@ -40,7 +40,6 @@
<module>task-core</module>
<module>workflow-impl</module>
<module>helix-spectator</module>
- <module>platform-monitor</module>
</modules>
</project>
diff --git a/modules/airavata-helix/task-core/pom.xml b/modules/airavata-helix/task-core/pom.xml
index e4745bf..23c7cde 100644
--- a/modules/airavata-helix/task-core/pom.xml
+++ b/modules/airavata-helix/task-core/pom.xml
@@ -47,6 +47,11 @@
<artifactId>sshj-agent</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.airavata</groupId>
+ <artifactId>platform-monitoring</artifactId>
+ <version>${project.version}</version>
+ </dependency>
</dependencies>
<!--<build>
diff --git a/modules/airavata-helix/task-core/src/main/java/org/apache/airavata/helix/core/AbstractTask.java b/modules/airavata-helix/task-core/src/main/java/org/apache/airavata/helix/core/AbstractTask.java
index 0683957..a1bea5c 100644
--- a/modules/airavata-helix/task-core/src/main/java/org/apache/airavata/helix/core/AbstractTask.java
+++ b/modules/airavata-helix/task-core/src/main/java/org/apache/airavata/helix/core/AbstractTask.java
@@ -27,6 +27,8 @@
import org.apache.airavata.helix.task.api.TaskHelper;
import org.apache.airavata.helix.task.api.annotation.TaskOutPort;
import org.apache.airavata.helix.task.api.annotation.TaskParam;
+import org.apache.airavata.patform.monitoring.CountMonitor;
+import org.apache.airavata.patform.monitoring.GaugeMonitor;
import org.apache.curator.RetryPolicy;
import org.apache.curator.framework.CuratorFramework;
import org.apache.curator.framework.CuratorFrameworkFactory;
@@ -48,6 +50,11 @@
public abstract class AbstractTask extends UserContentStore implements Task {
private final static Logger logger = LoggerFactory.getLogger(AbstractTask.class);
+ private final static CountMonitor taskInitCounter = new CountMonitor("task_init_count");
+ private final static GaugeMonitor taskRunGauge = new GaugeMonitor("task_run_gauge");
+ private final static CountMonitor taskCancelCounter = new CountMonitor("task_cancel_count");
+ private final static CountMonitor taskFailCounter = new CountMonitor("task_fail_count");
+ private final static CountMonitor taskCompleteCounter = new CountMonitor("task_complete_count");
private static final String NEXT_JOB = "next-job";
private static final String WORKFLOW_STARTED = "workflow-started";
@@ -71,9 +78,11 @@
public void init(HelixManager manager, String workflowName, String jobName, String taskName) {
super.init(manager, workflowName, jobName, taskName);
try {
+ taskInitCounter.inc();
TaskUtil.deserializeTaskData(this, this.callbackContext.getTaskConfig().getConfigMap());
} catch (Exception e) {
- e.printStackTrace();
+ taskFailCounter.inc();
+ logger.error("Deserialization of task parameters failed", e);
}
if (participant != null) {
participant.registerRunningTask(this);
@@ -85,6 +94,7 @@
@Override
public final TaskResult run() {
try {
+ taskRunGauge.inc();
boolean isThisNextJob = getUserContent(WORKFLOW_STARTED, Scope.WORKFLOW) == null ||
this.callbackContext.getJobConfig().getJobId()
.equals(this.callbackContext.getJobConfig().getWorkflow() + "_" + getUserContent(NEXT_JOB, Scope.WORKFLOW));
@@ -102,6 +112,8 @@
@Override
public final void cancel() {
try {
+ taskRunGauge.dec();
+ taskCancelCounter.inc();
logger.info("Cancelling task " + taskId);
onCancel();
} finally {
@@ -118,12 +130,16 @@
public abstract void onCancel();
protected TaskResult onSuccess(String message) {
+ taskRunGauge.dec();
+ taskCompleteCounter.inc();
String successMessage = "Task " + getTaskId() + " completed." + (message != null ? " Message : " + message : "");
logger.info(successMessage);
return nextTask.invoke(new TaskResult(TaskResult.Status.COMPLETED, message));
}
protected TaskResult onFail(String reason, boolean fatal) {
+ taskRunGauge.dec();
+ taskFailCounter.inc();
return new TaskResult(fatal ? TaskResult.Status.FATAL_FAILED : TaskResult.Status.FAILED, reason);
}
diff --git a/modules/commons/src/main/java/org/apache/airavata/common/utils/ApplicationSettings.java b/modules/commons/src/main/java/org/apache/airavata/common/utils/ApplicationSettings.java
index f78b196..7d7133c 100644
--- a/modules/commons/src/main/java/org/apache/airavata/common/utils/ApplicationSettings.java
+++ b/modules/commons/src/main/java/org/apache/airavata/common/utils/ApplicationSettings.java
@@ -20,6 +20,7 @@
package org.apache.airavata.common.utils;
import org.apache.airavata.common.exception.ApplicationSettingsException;
+import org.apache.commons.lang3.BooleanUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -324,18 +325,55 @@
public static String getSetting(String key, String defaultValue) {
return getInstance().getSettingImpl(key,defaultValue);
-
}
public static void setSetting(String key, String value) throws ApplicationSettingsException{
- getInstance().properties.setProperty(key, value);
- getInstance().saveProperties();
+ getInstance().properties.setProperty(key, value);
+ getInstance().saveProperties();
}
-
+
+
+ public static int getIntSetting(String key) throws ApplicationSettingsException {
+ String val = getInstance().getSettingImpl(key);
+ try {
+ return Integer.parseInt(val);
+ } catch (NumberFormatException e) {
+ throw new ApplicationSettingsException("Value can not be parsed to int", e);
+ }
+ }
+
+ public static boolean getBooleanSetting(String key) throws ApplicationSettingsException {
+ String val = getInstance().getSettingImpl(key);
+ return Optional.ofNullable(BooleanUtils.toBooleanObject(val))
+ .orElseThrow(() -> new ApplicationSettingsException("Value can not be parsed to Boolean"));
+ }
+
+ public static long getLongSetting(String key) throws ApplicationSettingsException {
+ String val = getInstance().getSettingImpl(key);
+ try {
+ return Long.parseLong(val);
+ } catch (NumberFormatException e) {
+ throw new ApplicationSettingsException("Value can not be parsed to long", e);
+ }
+ }
+
+ public static double getDoubleSetting(String key) throws ApplicationSettingsException {
+ String val = getInstance().getSettingImpl(key);
+ try {
+ return Double.parseDouble(val);
+ } catch (NumberFormatException e) {
+ throw new ApplicationSettingsException("Value can not be parsed to double", e);
+ }
+ }
+
public static boolean isSettingDefined(String key) throws ApplicationSettingsException{
return getInstance().properties.containsKey(key);
}
+ public static boolean isTrustStorePathDefined() throws ApplicationSettingsException {
+ return ApplicationSettings.isSettingDefined(TRUST_STORE_PATH);
+ }
+
public static String getTrustStorePath() throws ApplicationSettingsException {
return getSetting(TRUST_STORE_PATH);
}
diff --git a/modules/configuration/server/src/main/resources/airavata-server.properties b/modules/configuration/server/src/main/resources/airavata-server.properties
index ec18c3f..7800d19 100644
--- a/modules/configuration/server/src/main/resources/airavata-server.properties
+++ b/modules/configuration/server/src/main/resources/airavata-server.properties
@@ -311,8 +311,8 @@
keystore.path=airavata.jks
keystore.password=airavata
#### trust store configuration ####
-trust.store=client_truststore.jks
-trust.store.password=airavata
+# trust.store=client_truststore.jks
+# trust.store.password=airavata
#### remote authorization server url ####
remote.oauth.authorization.server=https://idp.scigap.org:9443/services/
#### xacml based authorization policy ####
diff --git a/modules/distribution/pom.xml b/modules/distribution/pom.xml
index 706f0a3..d305d3f 100644
--- a/modules/distribution/pom.xml
+++ b/modules/distribution/pom.xml
@@ -577,21 +577,6 @@
</configuration>
</execution>
<execution>
- <id>platform-monitor-distribution-package</id>
- <phase>package</phase>
- <goals>
- <goal>single</goal>
- </goals>
- <configuration>
- <tarLongFileMode>posix</tarLongFileMode>
- <finalName>${platform.monitor.dist.name}</finalName>
- <descriptors>
- <descriptor>src/main/assembly/platform-monitor-bin-assembly.xml</descriptor>
- </descriptors>
- <attach>false</attach>
- </configuration>
- </execution>
- <execution>
<id>email-monitor-distribution-package</id>
<phase>package</phase>
<goals>
@@ -637,7 +622,6 @@
<pre.wm.dist.name>apache-airavata-pre-wm-${project.version}</pre.wm.dist.name>
<post.wm.dist.name>apache-airavata-post-wm-${project.version}</post.wm.dist.name>
<parser.wm.dist.name>apache-airavata-parser-wm-${project.version}</parser.wm.dist.name>
- <platform.monitor.dist.name>apache-airavata-platform-monitor-${project.version}</platform.monitor.dist.name>
<email.monitor.dist.name>apache-airavata-email-monitor-${project.version}</email.monitor.dist.name>
<realtime.monitor.dist.name>apache-airavata-realtime-monitor-${project.version}</realtime.monitor.dist.name>
</properties>
diff --git a/modules/distribution/src/main/assembly/controller-bin-assembly.xml b/modules/distribution/src/main/assembly/controller-bin-assembly.xml
index 1c325a1..893499a 100644
--- a/modules/distribution/src/main/assembly/controller-bin-assembly.xml
+++ b/modules/distribution/src/main/assembly/controller-bin-assembly.xml
@@ -159,6 +159,12 @@
<include>org.apache.zookeeper:zookeeper:jar</include>
<include>org.apache.commons:commons-pool2:jar</include>
<include>org.json:json:jar</include>
+
+ <include>org.apache.airavata:platform-monitoring:jar</include>
+ <include>io.prometheus:simpleclient:jar</include>
+ <include>io.prometheus:simpleclient_httpserver:jar</include>
+ <include>io.prometheus:simpleclient_common:jar</include>
+ <include>org.apache.commons:commons-lang3</include>
</includes>
<excludes>
<exclude>mysql:mysql-connector-java:jar</exclude>
diff --git a/modules/distribution/src/main/assembly/email-monitor-bin-assembly.xml b/modules/distribution/src/main/assembly/email-monitor-bin-assembly.xml
index ae976f2..ca5ba28 100644
--- a/modules/distribution/src/main/assembly/email-monitor-bin-assembly.xml
+++ b/modules/distribution/src/main/assembly/email-monitor-bin-assembly.xml
@@ -120,6 +120,12 @@
<include>net.logstash.logback:logstash-logback-encoder:jar</include>
<include>org.apache.commons:commons-pool2:jar</include>
<include>org.json:json:jar</include>
+
+ <include>org.apache.airavata:platform-monitoring:jar</include>
+ <include>io.prometheus:simpleclient:jar</include>
+ <include>io.prometheus:simpleclient_httpserver:jar</include>
+ <include>io.prometheus:simpleclient_common:jar</include>
+ <include>org.apache.commons:commons-lang3</include>
</includes>
</dependencySet>
</dependencySets>
diff --git a/modules/distribution/src/main/assembly/parser-wm-bin-assembly.xml b/modules/distribution/src/main/assembly/parser-wm-bin-assembly.xml
index 511c998..07519e8 100644
--- a/modules/distribution/src/main/assembly/parser-wm-bin-assembly.xml
+++ b/modules/distribution/src/main/assembly/parser-wm-bin-assembly.xml
@@ -160,6 +160,12 @@
<include>com.github.docker-java:docker-java:jar</include>
<include>org.apache.commons:commons-pool2:jar</include>
<include>org.json:json:jar</include>
+
+ <include>org.apache.airavata:platform-monitoring:jar</include>
+ <include>io.prometheus:simpleclient:jar</include>
+ <include>io.prometheus:simpleclient_httpserver:jar</include>
+ <include>io.prometheus:simpleclient_common:jar</include>
+ <include>org.apache.commons:commons-lang3</include>
</includes>
<excludes>
<exclude>mysql:mysql-connector-java:jar</exclude>
diff --git a/modules/distribution/src/main/assembly/participant-bin-assembly.xml b/modules/distribution/src/main/assembly/participant-bin-assembly.xml
index a20e6ee..ab74c39 100644
--- a/modules/distribution/src/main/assembly/participant-bin-assembly.xml
+++ b/modules/distribution/src/main/assembly/participant-bin-assembly.xml
@@ -210,6 +210,12 @@
<include>org.apache.commons:commons-pool2:jar</include>
<include>org.json:json:jar</include>
+
+ <include>org.apache.airavata:platform-monitoring:jar</include>
+ <include>io.prometheus:simpleclient:jar</include>
+ <include>io.prometheus:simpleclient_httpserver:jar</include>
+ <include>io.prometheus:simpleclient_common:jar</include>
+ <include>org.apache.commons:commons-lang3</include>
</includes>
<excludes>
<exclude>mysql:mysql-connector-java:jar</exclude>
diff --git a/modules/distribution/src/main/assembly/platform-monitor-bin-assembly.xml b/modules/distribution/src/main/assembly/platform-monitor-bin-assembly.xml
deleted file mode 100644
index a898c13..0000000
--- a/modules/distribution/src/main/assembly/platform-monitor-bin-assembly.xml
+++ /dev/null
@@ -1,170 +0,0 @@
-<!--
-
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
-
--->
-<!DOCTYPE assembly [
- <!ELEMENT assembly (id|includeBaseDirectory|baseDirectory|formats|fileSets|dependencySets)*>
- <!ELEMENT id (#PCDATA)>
- <!ELEMENT includeBaseDirectory (#PCDATA)>
- <!ELEMENT baseDirectory (#PCDATA)>
- <!ELEMENT formats (format)*>
- <!ELEMENT format (#PCDATA)>
- <!ELEMENT fileSets (fileSet)*>
- <!ELEMENT fileSet (directory|outputDirectory|fileMode|includes)*>
- <!ELEMENT directory (#PCDATA)>
- <!ELEMENT outputDirectory (#PCDATA)>
- <!ELEMENT includes (include)*>
- <!ELEMENT include (#PCDATA)>
- <!ELEMENT dependencySets (dependencySet)*>
- <!ELEMENT dependencySet (outputDirectory|outputFileNameMapping|includes)*>
- ]>
-<assembly>
- <id>bin</id>
- <includeBaseDirectory>true</includeBaseDirectory>
- <baseDirectory>${platform.monitor.dist.name}</baseDirectory>
- <formats>
- <format>tar.gz</format>
- <format>zip</format>
- </formats>
-
- <fileSets>
- <fileSet>
- <directory>src/main/resources/platform-monitor/bin</directory>
- <outputDirectory>bin</outputDirectory>
- <fileMode>777</fileMode>
- <includes>
- <include>*.sh</include>
- </includes>
- </fileSet>
- <fileSet>
- <directory>src/main/resources/platform-monitor/conf</directory>
- <outputDirectory>conf</outputDirectory>
- <includes>
- <include>airavata-server.properties</include>
- <include>logback.xml</include>
- </includes>
- </fileSet>
- <fileSet>
- <directory>./</directory>
- <outputDirectory>logs</outputDirectory>
- <excludes>
- <exclude>*/**</exclude>
- </excludes>
- </fileSet>
- </fileSets>
-
- <dependencySets>
- <dependencySet>
- <useProjectArtifact>false</useProjectArtifact>
- <outputDirectory>lib</outputDirectory>
- <includes>
- <include>javax.activation:activation:jar</include>
- <include>org.apache.airavata:airavata-base-api:jar</include>
- <include>org.apache.airavata:agent-api:jar</include>
- <include>org.apache.airavata:airavata-commons:jar</include>
- <include>org.apache.airavata:airavata-credential-store-stubs:jar</include>
- <include>org.apache.airavata:airavata-data-models:jar</include>
- <include>org.apache.airavata:airavata-messaging-core:jar</include>
- <include>org.apache.airavata:airavata-registry-core:jar</include>
- <include>org.apache.airavata:airavata-registry-cpi:jar</include>
- <include>org.apache.airavata:airavata-server-configuration:jar</include>
- <include>com.rabbitmq:amqp-client:jar</include>
- <include>asm:asm:jar</include>
- <include>org.bouncycastle:bcpkix-jdk15on:jar</include>
- <include>org.bouncycastle:bcprov-jdk15on:jar</include>
- <include>commons-cli:commons-cli:jar</include>
- <include>commons-codec:commons-codec:jar</include>
- <include>commons-collections:commons-collections:jar</include>
- <include>commons-dbcp:commons-dbcp:jar</include>
- <include>commons-io:commons-io:jar</include>
- <include>commons-lang:commons-lang:jar</include>
- <include>commons-logging:commons-logging:jar</include>
- <include>org.apache.commons:commons-math:jar</include>
- <include>commons-pool:commons-pool:jar</include>
- <include>org.apache.curator:curator-client:jar</include>
- <include>org.apache.curator:curator-framework:jar</include>
- <include>org.apache.derby:derby:jar</include>
- <include>org.apache.derby:derbyclient:jar</include>
- <include>org.apache.derby:derbynet:jar</include>
- <include>org.apache.derby:derbytools:jar</include>
- <include>net.i2p.crypto:eddsa:jar</include>
- <include>org.apache.geronimo.specs:geronimo-jms_1.1_spec:jar</include>
- <include>org.apache.geronimo.specs:geronimo-jpa_2.0_spec:jar</include>
- <include>org.apache.geronimo.specs:geronimo-jta_1.1_spec:jar</include>
- <include>org.codehaus.groovy:groovy:jar</include>
- <include>org.codehaus.groovy:groovy-templates:jar</include>
- <include>org.codehaus.groovy:groovy-xml:jar</include>
- <include>com.google.code.gson:gson:jar</include>
- <include>com.google.guava:guava:jar</include>
- <include>org.hamcrest:hamcrest-core:jar</include>
- <include>org.apache.helix:helix-core:jar</include>
- <include>org.apache.airavata:helix-spectator:jar</include>
- <include>org.apache.httpcomponents:httpclient:jar</include>
- <include>org.apache.httpcomponents:httpcore:jar</include>
- <include>com.fasterxml.jackson.core:jackson-annotations:jar</include>
- <include>com.fasterxml.jackson.core:jackson-core:jar</include>
- <include>org.codehaus.jackson:jackson-core-asl:jar</include>
- <include>com.fasterxml.jackson.core:jackson-databind:jar</include>
- <include>org.codehaus.jackson:jackson-mapper-asl:jar</include>
- <include>jakarta-regexp:jakarta-regexp:jar</include>
- <include>jline:jline:jar</include>
- <include>org.apache.airavata:job-monitor-api:jar</include>
- <include>junit:junit:jar</include>
- <include>com.jcraft:jzlib:jar</include>
- <include>org.apache.kafka:kafka-clients:jar</include>
- <include>org.apache.thrift:libthrift:jar</include>
- <include>org.slf4j:log4j-over-slf4j:jar</include>
- <include>ch.qos.logback:logback-classic:jar</include>
- <include>ch.qos.logback:logback-core:jar</include>
- <include>com.github.danielwegener:logback-kafka-appender:jar</include>
- <include>net.logstash.logback:logstash-logback-encoder:jar</include>
- <include>org.lz4:lz4-java:jar</include>
- <include>javax.mail:mail:jar</include>
- <include>io.dropwizard.metrics:metrics-core:jar</include>
- <include>org.jboss.netty:netty:jar</include>
- <include>org.apache.openjpa:openjpa:jar</include>
- <include>org.apache.airavata:platform-monitor:jar</include>
- <include>org.apache.airavata:registry-api-service:jar</include>
- <include>org.apache.airavata:registry-api-stubs:jar</include>
- <include>net.sourceforge.serp:serp:jar</include>
- <include>org.slf4j:slf4j-api:jar</include>
- <include>org.yaml:snakeyaml:jar</include>
- <include>org.xerial.snappy:snappy-java:jar</include>
- <include>org.apache.airavata:ssh-agent:jar</include>
- <include>com.hierynomus:sshj:jar</include>
- <include>org.apache.airavata:sshj-agent:jar</include>
- <include>org.apache.airavata:task-api:jar</include>
- <include>org.apache.airavata:task-core:jar</include>
- <include>org.apache.tomcat.embed:tomcat-embed-core:jar</include>
- <include>org.apache.airavata:workflow-impl:jar</include>
- <include>org.ogce:xpp3:jar</include>
- <include>org.ogce:xpp5:jar</include>
- <include>com.101tec:zkclient:jar</include>
- <include>org.apache.zookeeper:zookeeper:jar</include>
- <include>org.apache.commons:commons-pool2:jar</include>
- <include>org.json:json:jar</include>
- </includes>
- <excludes>
- <exclude>mysql:mysql-connector-java:jar</exclude>
- <exclude>log4j:log4j:jar</exclude>
- </excludes>
- </dependencySet>
- </dependencySets>
-
-</assembly>
diff --git a/modules/distribution/src/main/assembly/post-wm-bin-assembly.xml b/modules/distribution/src/main/assembly/post-wm-bin-assembly.xml
index 3d46ec6..860261e 100644
--- a/modules/distribution/src/main/assembly/post-wm-bin-assembly.xml
+++ b/modules/distribution/src/main/assembly/post-wm-bin-assembly.xml
@@ -164,6 +164,12 @@
<include>org.apache.airavata:airavata-security:jar</include>
<include>org.apache.commons:commons-pool2:jar</include>
<include>org.json:json:jar</include>
+
+ <include>org.apache.airavata:platform-monitoring:jar</include>
+ <include>io.prometheus:simpleclient:jar</include>
+ <include>io.prometheus:simpleclient_httpserver:jar</include>
+ <include>io.prometheus:simpleclient_common:jar</include>
+ <include>org.apache.commons:commons-lang3</include>
</includes>
<excludes>
<exclude>mysql:mysql-connector-java:jar</exclude>
diff --git a/modules/distribution/src/main/assembly/pre-wm-bin-assembly.xml b/modules/distribution/src/main/assembly/pre-wm-bin-assembly.xml
index 2b26851..fe47ad2 100644
--- a/modules/distribution/src/main/assembly/pre-wm-bin-assembly.xml
+++ b/modules/distribution/src/main/assembly/pre-wm-bin-assembly.xml
@@ -164,6 +164,11 @@
<include>org.apache.airavata:airavata-security:jar</include>
<include>org.apache.commons:commons-pool2:jar</include>
<include>org.json:json:jar</include>
+ <include>org.apache.airavata:platform-monitoring:jar</include>
+ <include>io.prometheus:simpleclient:jar</include>
+ <include>io.prometheus:simpleclient_httpserver:jar</include>
+ <include>io.prometheus:simpleclient_common:jar</include>
+ <include>org.apache.commons:commons-lang3</include>
</includes>
<excludes>
<exclude>mysql:mysql-connector-java:jar</exclude>
diff --git a/modules/distribution/src/main/assembly/realtime-monitor-bin-assembly.xml b/modules/distribution/src/main/assembly/realtime-monitor-bin-assembly.xml
index e1caef9..e12dffe 100644
--- a/modules/distribution/src/main/assembly/realtime-monitor-bin-assembly.xml
+++ b/modules/distribution/src/main/assembly/realtime-monitor-bin-assembly.xml
@@ -116,6 +116,12 @@
<include>org.apache.commons:commons-pool2:jar</include>
<include>org.json:json:jar</include>
+
+ <include>org.apache.airavata:platform-monitoring:jar</include>
+ <include>io.prometheus:simpleclient:jar</include>
+ <include>io.prometheus:simpleclient_httpserver:jar</include>
+ <include>io.prometheus:simpleclient_common:jar</include>
+ <include>org.apache.commons:commons-lang3</include>
</includes>
</dependencySet>
</dependencySets>
diff --git a/modules/distribution/src/main/resources/parser-wm/conf/airavata-server.properties b/modules/distribution/src/main/resources/parser-wm/conf/airavata-server.properties
index 4131aa1..7b2d975 100644
--- a/modules/distribution/src/main/resources/parser-wm/conf/airavata-server.properties
+++ b/modules/distribution/src/main/resources/parser-wm/conf/airavata-server.properties
@@ -59,3 +59,7 @@
kafka.parser.topic=CHANGE_ME
parser.storage.resource.id=CHANGE_ME
kafka.parsing.broker.publisher.id=CHANGE_ME
+
+parser.workflow.manager.monitoring.enabled=true
+parser.workflow.manager.monitoring.host=localhost
+parser.workflow.manager.monitoring.port=9095
\ No newline at end of file
diff --git a/modules/distribution/src/main/resources/participant/conf/airavata-server.properties b/modules/distribution/src/main/resources/participant/conf/airavata-server.properties
index 98fdaba..e034860 100644
--- a/modules/distribution/src/main/resources/participant/conf/airavata-server.properties
+++ b/modules/distribution/src/main/resources/participant/conf/airavata-server.properties
@@ -70,4 +70,8 @@
kafka.parsing.broker.url=CHANGE_ME
kafka.parser.broker.consumer.group=CHANGE_ME
kafka.parser.topic=CHANGE_ME
-parser.storage.resource.id=CHANGE_ME
\ No newline at end of file
+parser.storage.resource.id=CHANGE_ME
+
+participant.monitoring.enabled=true
+participant.monitoring.host=localhost
+participant.monitoring.port=9096
\ No newline at end of file
diff --git a/modules/distribution/src/main/resources/platform-monitor/bin/platform-monitor-daemon.sh b/modules/distribution/src/main/resources/platform-monitor/bin/platform-monitor-daemon.sh
deleted file mode 100644
index dbeb9ef..0000000
--- a/modules/distribution/src/main/resources/platform-monitor/bin/platform-monitor-daemon.sh
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/usr/bin/env bash
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-. `dirname $0`/setenv.sh
-# Capture user's working dir before changing directory
-CWD="$PWD"
-cd ${AIRAVATA_HOME}/bin
-LOGO_FILE="logo.txt"
-
-JAVA_OPTS="-Dairavata.config.dir=${AIRAVATA_HOME}/conf -Dairavata.home=${AIRAVATA_HOME} -Dlogback.configurationFile=file:${AIRAVATA_HOME}/conf/logback.xml"
-AIRAVATA_COMMAND=""
-EXTRA_ARGS=""
-SERVERS=""
-LOGO=true
-IS_SUBSET=false
-SUBSET=""
-DEFAULT_LOG_FILE="${AIRAVATA_HOME}/logs/airavata-daemon.out"
-LOG_FILE=$DEFAULT_LOG_FILE
-
-SERVICE_NAME="Platform Monitor"
-PID_PATH_NAME="${AIRAVATA_HOME}/bin/service-pid"
-
-case $1 in
- start)
- echo "Starting $SERVICE_NAME ..."
- if [ ! -f $PID_PATH_NAME ]; then
- nohup java ${JAVA_OPTS} -classpath "${AIRAVATA_CLASSPATH}" \
- org.apache.airavata.helix.cluster.monitoring.MainMonitor ${AIRAVATA_COMMAND} $* > $LOG_FILE 2>&1 &
- echo $! > $PID_PATH_NAME
- echo "$SERVICE_NAME started ..."
- else
- echo "$SERVICE_NAME is already running ..."
- fi
- ;;
- stop)
- if [ -f $PID_PATH_NAME ]; then
- PID=$(cat $PID_PATH_NAME);
- echo "$SERVICE_NAME stoping ..."
- kill $PID;
- RETRY=0
- while kill -0 $PID 2> /dev/null; do
- echo "Waiting for the process $PID to be stopped"
- RETRY=`expr ${RETRY} + 1`
- if [ "${RETRY}" -gt "20" ]
- then
- echo "Forcefully killing the process as it is not responding ..."
- kill -9 $PID
- fi
- sleep 1
- done
- echo "$SERVICE_NAME stopped ..."
- rm $PID_PATH_NAME
- else
- echo "$SERVICE_NAME is not running ..."
- fi
- ;;
- restart)
- if [ -f $PID_PATH_NAME ]; then
- PID=$(cat $PID_PATH_NAME);
- echo "$SERVICE_NAME stopping ...";
- kill $PID;
- RETRY=0
- while kill -0 $PID 2> /dev/null; do
- echo "Waiting for the process $PID to be stopped"
- RETRY=`expr ${RETRY} + 1`
- if [ "${RETRY}" -gt "20" ]
- then
- echo "Forcefully killing the process as it is not responding ..."
- kill -9 $PID
- fi
- sleep 1
- done
- echo "$SERVICE_NAME stopped ...";
- rm $PID_PATH_NAME
- echo "$SERVICE_NAME starting ..."
- nohup java ${JAVA_OPTS} -classpath "${AIRAVATA_CLASSPATH}" \
- org.apache.airavata.helix.cluster.monitoring.MainMonitor ${AIRAVATA_COMMAND} $* > $LOG_FILE 2>&1 &
- echo $! > $PID_PATH_NAME
- echo "$SERVICE_NAME started ..."
- else
- echo "$SERVICE_NAME is not running ..."
- fi
- ;;
- -h)
- echo "Usage: platform-monitor-daemon.sh"
-
- echo "command options:"
- echo " start Start server in daemon mode"
- echo " stop Stop server running in daemon mode"
- echo " restart Restart server in daemon mode"
- echo " -log <LOG_FILE> Where to redirect stdout/stderr (defaults to $DEFAULT_LOG_FILE)"
- echo " -h Display this help and exit"
- shift
- exit 0
- ;;
-esac
-
diff --git a/modules/distribution/src/main/resources/platform-monitor/bin/platform-monitor.sh b/modules/distribution/src/main/resources/platform-monitor/bin/platform-monitor.sh
deleted file mode 100644
index 263f88e..0000000
--- a/modules/distribution/src/main/resources/platform-monitor/bin/platform-monitor.sh
+++ /dev/null
@@ -1,71 +0,0 @@
-#!/usr/bin/env bash
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-. `dirname $0`/setenv.sh
-# Capture user's working dir before changing directory
-CWD="$PWD"
-cd ${AIRAVATA_HOME}/bin
-LOGO_FILE="logo.txt"
-
-JAVA_OPTS="-Dairavata.config.dir=${AIRAVATA_HOME}/conf -Dairavata.home=${AIRAVATA_HOME} -Dlogback.configurationFile=file:${AIRAVATA_HOME}/conf/logback.xml"
-AIRAVATA_COMMAND=""
-EXTRA_ARGS=""
-SERVERS=""
-IS_SUBSET=false
-SUBSET=""
-DEFAULT_LOG_FILE="${AIRAVATA_HOME}/logs/airavata.out"
-LOG_FILE=$DEFAULT_LOG_FILE
-
-# parse command arguments
-for var in "$@"
-do
- case ${var} in
- -xdebug)
- AIRAVATA_COMMAND="${AIRAVATA_COMMAND}"
- JAVA_OPTS="$JAVA_OPTS -Xdebug -Xnoagent -Xrunjdwp:transport=dt_socket,server=y,address=*:8000"
- shift
- ;;
- -log)
- shift
- LOG_FILE="$1"
- shift
- # If relative path, expand to absolute path using the user's $CWD
- if [ -z "`echo "$LOG_FILE" | egrep "^/"`" ]; then
- LOG_FILE="${CWD}/${LOG_FILE}"
- fi
- ;;
- -h)
- echo "Usage: platform-monitor.sh"
-
- echo "command options:"
- echo " -xdebug Start Platform Monitor JPDA debugger"
- echo " -h Display this help and exit"
- shift
- exit 0
- ;;
- *)
- EXTRA_ARGS="${EXTRA_ARGS} ${var}"
- shift
- ;;
- esac
-done
-
-java ${JAVA_OPTS} -classpath "${AIRAVATA_CLASSPATH}" \
- org.apache.airavata.helix.cluster.monitoring.MainMonitor ${AIRAVATA_COMMAND} $*
-
diff --git a/modules/distribution/src/main/resources/platform-monitor/bin/setenv.sh b/modules/distribution/src/main/resources/platform-monitor/bin/setenv.sh
deleted file mode 100755
index 9e894e1..0000000
--- a/modules/distribution/src/main/resources/platform-monitor/bin/setenv.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/bin/sh
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# resolve links - $0 may be a softlink
-PRG="$0"
-
-while [ -h "$PRG" ]; do
- ls=`ls -ld "$PRG"`
- link=`expr "$ls" : '.*-> \(.*\)$'`
- if expr "$link" : '.*/.*' > /dev/null; then
- PRG="$link"
- else
- PRG=`dirname "$PRG"`/"$link"
- fi
-done
-
-PRGDIR=`dirname "$PRG"`
-
-# Only set AIRAVATA_HOME if not already set
-[ -z "$AIRAVATA_HOME" ] && AIRAVATA_HOME=`cd "$PRGDIR/.." ; pwd`
-
-AIRAVATA_CLASSPATH=""
-
-for f in "$AIRAVATA_HOME"/lib/*.jar
-do
- AIRAVATA_CLASSPATH="$AIRAVATA_CLASSPATH":$f
-done
-
-export AIRAVATA_HOME
-export AIRAVATA_CLASSPATH
diff --git a/modules/distribution/src/main/resources/platform-monitor/conf/airavata-server.properties b/modules/distribution/src/main/resources/platform-monitor/conf/airavata-server.properties
deleted file mode 100644
index 1cd0bd0..0000000
--- a/modules/distribution/src/main/resources/platform-monitor/conf/airavata-server.properties
+++ /dev/null
@@ -1,35 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-
-###########################################################################
-# Platform Monitor configurations
-###########################################################################
-
-api.server.host=CHANGE_ME
-api.server.port=CHANGE_ME
-database.host=CHANGE_ME
-database.port=CHANGE_ME
-helix.cluster.name=CHANGE_ME
-helix.participant.name=CHANGE_ME
-zookeeper.server.connection=CHANGE_ME
-sender.email.account=CHANGE_ME
-sender.email.password=CHANGE_ME
-target.email.accounts=CHANGE_ME
-platform.name=CHANGE_ME
-platform_monitor_interval_minutes=CHANGE_ME
-platform_mock_workflow_timeout_ms=CHANGE_ME
\ No newline at end of file
diff --git a/modules/distribution/src/main/resources/platform-monitor/conf/logback.xml b/modules/distribution/src/main/resources/platform-monitor/conf/logback.xml
deleted file mode 100644
index ef38b65..0000000
--- a/modules/distribution/src/main/resources/platform-monitor/conf/logback.xml
+++ /dev/null
@@ -1,53 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
-
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
-
--->
-<configuration>
-
- <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>%d [%t] %-5p %c{30} %X - %m%n</pattern>
- </encoder>
- </appender>
-
- <appender name="LOGFILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <File>../logs/airavata.log</File>
- <Append>true</Append>
- <encoder>
- <pattern>%d [%t] %-5p %c{30} %X - %m%n</pattern>
- </encoder>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>../logs/airavata.log.%d{yyyy-MM-dd}</fileNamePattern>
- <maxHistory>30</maxHistory>
- <totalSizeCap>1GB</totalSizeCap>
- </rollingPolicy>
- </appender>
-
- <logger name="ch.qos.logback" level="WARN"/>
- <logger name="org.apache.helix" level="WARN"/>
- <logger name="org.apache.zookeeper" level="ERROR"/>
- <logger name="org.apache.airavata" level="INFO"/>
- <logger name="org.hibernate" level="ERROR"/>
- <root level="INFO">
- <appender-ref ref="CONSOLE"/>
- <appender-ref ref="LOGFILE"/>
- </root>
-</configuration>
diff --git a/modules/distribution/src/main/resources/post-wm/conf/airavata-server.properties b/modules/distribution/src/main/resources/post-wm/conf/airavata-server.properties
index fc280ea..849860f 100644
--- a/modules/distribution/src/main/resources/post-wm/conf/airavata-server.properties
+++ b/modules/distribution/src/main/resources/post-wm/conf/airavata-server.properties
@@ -51,4 +51,8 @@
# Zookeeper Server Configuration
###########################################################################
zookeeper.server.connection=192.168.99.103:2181
-zookeeper.timeout=30000
\ No newline at end of file
+zookeeper.timeout=30000
+
+post.workflow.manager.monitoring.enabled=true
+post.workflow.manager.monitoring.host=localhost
+post.workflow.manager.monitoring.port=9094
\ No newline at end of file
diff --git a/modules/distribution/src/main/resources/pre-wm/conf/airavata-server.properties b/modules/distribution/src/main/resources/pre-wm/conf/airavata-server.properties
index e494e6f..2eca988 100644
--- a/modules/distribution/src/main/resources/pre-wm/conf/airavata-server.properties
+++ b/modules/distribution/src/main/resources/pre-wm/conf/airavata-server.properties
@@ -48,4 +48,8 @@
# Zookeeper Server Configuration
###########################################################################
zookeeper.server.connection=192.168.99.103:2181
-zookeeper.timeout=30000
\ No newline at end of file
+zookeeper.timeout=30000
+
+pre.workflow.manager.monitoring.enabled=true
+pre.workflow.manager.monitoring.host=localhost
+pre.workflow.manager.monitoring.port=9093
\ No newline at end of file
diff --git a/modules/platform-monitoring/pom.xml b/modules/platform-monitoring/pom.xml
new file mode 100644
index 0000000..7380088
--- /dev/null
+++ b/modules/platform-monitoring/pom.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <parent>
+ <artifactId>airavata</artifactId>
+ <groupId>org.apache.airavata</groupId>
+ <version>0.20-SNAPSHOT</version>
+ <relativePath>../../pom.xml</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+
+ <artifactId>platform-monitoring</artifactId>
+
+
+ <dependencies>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>log4j-over-slf4j</artifactId>
+ <version>1.7.25</version>
+ </dependency>
+ <!-- The client -->
+ <dependency>
+ <groupId>io.prometheus</groupId>
+ <artifactId>simpleclient</artifactId>
+ <version>0.9.0</version>
+ </dependency>
+ <!-- Hotspot JVM metrics-->
+ <dependency>
+ <groupId>io.prometheus</groupId>
+ <artifactId>simpleclient_hotspot</artifactId>
+ <version>0.9.0</version>
+ </dependency>
+ <!-- Exposition HTTPServer-->
+ <dependency>
+ <groupId>io.prometheus</groupId>
+ <artifactId>simpleclient_httpserver</artifactId>
+ <version>0.9.0</version>
+ </dependency>
+ <!-- Pushgateway exposition-->
+ <dependency>
+ <groupId>io.prometheus</groupId>
+ <artifactId>simpleclient_pushgateway</artifactId>
+ <version>0.9.0</version>
+ </dependency>
+ </dependencies>
+</project>
\ No newline at end of file
diff --git a/modules/platform-monitoring/src/main/java/org/apache/airavata/patform/monitoring/CountMonitor.java b/modules/platform-monitoring/src/main/java/org/apache/airavata/patform/monitoring/CountMonitor.java
new file mode 100644
index 0000000..eca6520
--- /dev/null
+++ b/modules/platform-monitoring/src/main/java/org/apache/airavata/patform/monitoring/CountMonitor.java
@@ -0,0 +1,51 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+ package org.apache.airavata.patform.monitoring;
+
+import io.prometheus.client.Counter;
+
+public class CountMonitor {
+
+ private Counter counter;
+
+ public CountMonitor(String monitorName) {
+ counter = Counter.build().name(monitorName).help(monitorName).register();
+ }
+
+ public CountMonitor(String monitorName, String... labelNames) {
+ counter = Counter.build().name(monitorName).help(monitorName).labelNames(labelNames).register();
+ }
+
+ public void inc() {
+ counter.inc();
+ }
+
+ public void inc(String... labelValues) {
+ counter.labels(labelValues).inc();
+ }
+
+ public void inc(double amount) {
+ counter.inc(amount);
+ }
+
+ public void inc(double amount, String... labelValues) {
+ counter.labels(labelValues).inc(amount);
+ }
+}
diff --git a/modules/platform-monitoring/src/main/java/org/apache/airavata/patform/monitoring/GaugeMonitor.java b/modules/platform-monitoring/src/main/java/org/apache/airavata/patform/monitoring/GaugeMonitor.java
new file mode 100644
index 0000000..706f5cf
--- /dev/null
+++ b/modules/platform-monitoring/src/main/java/org/apache/airavata/patform/monitoring/GaugeMonitor.java
@@ -0,0 +1,48 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+ package org.apache.airavata.patform.monitoring;
+
+import io.prometheus.client.Gauge;
+
+public class GaugeMonitor {
+
+ private Gauge gauge;
+
+ public GaugeMonitor(String monitorName) {
+ gauge = Gauge.build().name(monitorName).help(monitorName).register();
+ }
+
+ public void inc() {
+ gauge.inc();
+ }
+
+ public void inc(double amount) {
+ gauge.inc(amount);
+ }
+
+ public void dec() {
+ gauge.dec();
+ }
+
+ public void dec(double amount) {
+ gauge.dec(amount);
+ }
+}
diff --git a/modules/platform-monitoring/src/main/java/org/apache/airavata/patform/monitoring/MonitoringServer.java b/modules/platform-monitoring/src/main/java/org/apache/airavata/patform/monitoring/MonitoringServer.java
new file mode 100644
index 0000000..7949a4e
--- /dev/null
+++ b/modules/platform-monitoring/src/main/java/org/apache/airavata/patform/monitoring/MonitoringServer.java
@@ -0,0 +1,57 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+ package org.apache.airavata.patform.monitoring;
+
+import io.prometheus.client.exporter.HTTPServer;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+
+public class MonitoringServer {
+
+ private final static Logger logger = LoggerFactory.getLogger(MonitoringServer.class);
+
+ private String host;
+ private int port;
+ private HTTPServer httpServer;
+
+ public MonitoringServer(String host, int port) {
+ this.host = host;
+ this.port = port;
+ }
+
+ public void start() throws IOException {
+ try {
+ logger.info("Starting the monitoring server");
+ httpServer = new HTTPServer(host, port, true);
+ } catch (IOException e) {
+ logger.error("Failed to start the monitoring server on host {} na port {}", host, port, e);
+ }
+ }
+
+ public void stop() {
+ if (httpServer != null) {
+ logger.info("Stopping the monitor server");
+ httpServer.stop();
+ }
+ }
+}
diff --git a/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/repositories/expcatalog/ExperimentSummaryRepository.java b/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/repositories/expcatalog/ExperimentSummaryRepository.java
index 69c4dc3..5db3792 100644
--- a/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/repositories/expcatalog/ExperimentSummaryRepository.java
+++ b/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/repositories/expcatalog/ExperimentSummaryRepository.java
@@ -103,11 +103,11 @@
query += "ES.executionId LIKE :" + DBConstants.Experiment.EXECUTION_ID + " AND ";
}
- if (filters.get(DBConstants.ExperimentStatus.STATE) != null) {
+ if (filters.get(DBConstants.ExperimentSummary.EXPERIMENT_STATUS) != null) {
logger.debug("Filter Experiments by State");
- String state = ExperimentState.valueOf(filters.get(DBConstants.ExperimentStatus.STATE)).toString();
- queryParameters.put(DBConstants.ExperimentStatus.STATE, state);
- query += "ES.experimentStatus LIKE :" + DBConstants.ExperimentStatus.STATE + " AND ";
+ String state = ExperimentState.valueOf(filters.get(DBConstants.ExperimentSummary.EXPERIMENT_STATUS)).toString();
+ queryParameters.put(DBConstants.ExperimentSummary.EXPERIMENT_STATUS, state);
+ query += "ES.experimentStatus LIKE :" + DBConstants.ExperimentSummary.EXPERIMENT_STATUS + " AND ";
}
if (filters.get(DBConstants.ExperimentSummary.FROM_DATE) != null
@@ -260,8 +260,8 @@
if (experimentState != null) {
logger.debug("Filter Experiments by Experiment State");
- queryParameters.put(DBConstants.Experiment.EXPERIMENT_STATE, experimentState);
- query += "ES.experimentStatus LIKE :" + DBConstants.Experiment.EXPERIMENT_STATE + " AND ";
+ queryParameters.put(DBConstants.ExperimentSummary.EXPERIMENT_STATUS, experimentState);
+ query += "ES.experimentStatus LIKE :" + DBConstants.ExperimentSummary.EXPERIMENT_STATUS + " AND ";
}
if (gatewayId != null) {
diff --git a/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/utils/DBConstants.java b/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/utils/DBConstants.java
index b5e887f..dd3abd8 100644
--- a/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/utils/DBConstants.java
+++ b/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/utils/DBConstants.java
@@ -116,7 +116,6 @@
public static final String CREATION_TIME = "creationTime";
public static final String RESOURCE_HOST_ID = "resourceHostId";
public static final String ACCESSIBLE_EXPERIMENT_IDS = "accessibleExperimentIds";
- public static final String EXPERIMENT_STATE = "experimentState";
}
public final class ExperimentStatus {
@@ -140,6 +139,7 @@
}
public static class ExperimentSummary {
+ public static final String EXPERIMENT_STATUS = "experimentStatus";
public static final String FROM_DATE = "fromDate";
public static final String TO_DATE = "toDate";
}
diff --git a/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/utils/QueryConstants.java b/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/utils/QueryConstants.java
index a2c1737..63f1b03 100644
--- a/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/utils/QueryConstants.java
+++ b/modules/registry/registry-core/src/main/java/org/apache/airavata/registry/core/utils/QueryConstants.java
@@ -131,7 +131,7 @@
"WHERE E.gatewayId LIKE :" + DBConstants.Experiment.GATEWAY_ID;
String GET_PROCESS_FOR_EXPERIMENT_ID = "SELECT P FROM " + ProcessEntity.class.getSimpleName() + " P " +
- "WHERE P.experimentId LIKE :" + DBConstants.Process.EXPERIMENT_ID;
+ "WHERE P.experimentId = :" + DBConstants.Process.EXPERIMENT_ID;
String GET_TASK_FOR_PARENT_PROCESS_ID = "SELECT T FROM " + TaskEntity.class.getSimpleName() + " T " +
"WHERE T.parentProcessId LIKE :" + DBConstants.Task.PARENT_PROCESS_ID;
diff --git a/modules/registry/registry-core/src/test/java/org/apache/airavata/registry/core/repositories/expcatalog/ExperimentSummaryRepositoryTest.java b/modules/registry/registry-core/src/test/java/org/apache/airavata/registry/core/repositories/expcatalog/ExperimentSummaryRepositoryTest.java
index 0d3e6f4..1b0c415 100644
--- a/modules/registry/registry-core/src/test/java/org/apache/airavata/registry/core/repositories/expcatalog/ExperimentSummaryRepositoryTest.java
+++ b/modules/registry/registry-core/src/test/java/org/apache/airavata/registry/core/repositories/expcatalog/ExperimentSummaryRepositoryTest.java
@@ -207,6 +207,24 @@
assertTrue(experimentStatistics.getCreatedExperimentCount() == 1);
assertTrue(experimentStatistics.getRunningExperimentCount() == 1);
+ // Test searchAllAccessibleExperiments with status filtering
+ // Only CREATED status
+ filters = new HashMap<>();
+ filters.put(DBConstants.Experiment.GATEWAY_ID, gatewayId);
+ filters.put(DBConstants.ExperimentSummary.EXPERIMENT_STATUS, ExperimentState.CREATED.name());
+ experimentSummaryModelList = experimentSummaryRepository.searchAllAccessibleExperiments(
+ allExperimentIds, filters, -1, 0,
+ DBConstants.Experiment.CREATION_TIME, ResultOrderType.ASC);
+ assertEquals("should return only one CREATED exp", 1, experimentSummaryModelList.size());
+ assertEquals(experimentIdOne, experimentSummaryModelList.get(0).getExperimentId());
+ // Only EXECUTING status
+ filters.put(DBConstants.ExperimentSummary.EXPERIMENT_STATUS, ExperimentState.EXECUTING.name());
+ experimentSummaryModelList = experimentSummaryRepository.searchAllAccessibleExperiments(
+ allExperimentIds, filters, -1, 0,
+ DBConstants.Experiment.CREATION_TIME, ResultOrderType.ASC);
+ assertEquals("should return only one EXECUTING exp", 1, experimentSummaryModelList.size());
+ assertEquals(experimentIdTwo, experimentSummaryModelList.get(0).getExperimentId());
+
// Experiment 2 is EXECUTING and should be the only one returned
experimentStatistics = experimentSummaryRepository.getAccessibleExperimentStatistics(Collections.singletonList(experimentIdTwo), filters);
assertTrue(experimentStatistics.getAllExperimentCount() == 1);
diff --git a/modules/registry/release-migration-scripts/0.18-0.19/DeltaScripts/appCatalog_schema_delta.sql b/modules/registry/release-migration-scripts/0.18-0.19/DeltaScripts/appCatalog_schema_delta.sql
index 1548106..846109a 100644
--- a/modules/registry/release-migration-scripts/0.18-0.19/DeltaScripts/appCatalog_schema_delta.sql
+++ b/modules/registry/release-migration-scripts/0.18-0.19/DeltaScripts/appCatalog_schema_delta.sql
@@ -482,6 +482,7 @@
-- AIRAVATA-3268: add overrideFilename to APPLICATION_INPUT
ALTER TABLE APPLICATION_INPUT ADD COLUMN IF NOT EXISTS OVERRIDE_FILENAME VARCHAR(255);
update APPLICATION_INPUT set OVERRIDE_FILENAME = INPUT_VALUE where OVERRIDE_FILENAME is null and DATA_TYPE = 'URI' and INPUT_VALUE is not null and INPUT_VALUE != '';
+update APPLICATION_INPUT set INPUT_VALUE = NULL where OVERRIDE_FILENAME is not null and OVERRIDE_FILENAME != '' and DATA_TYPE = 'URI' and (INPUT_VALUE is not null or INPUT_VALUE = '');
-- AIRAVATA-3126
CREATE TABLE IF NOT EXISTS COMPUTE_RESOURCE_RESERVATION -- ComputeResourceReservationEntity
diff --git a/modules/server/src/main/java/org/apache/airavata/server/ServerMain.java b/modules/server/src/main/java/org/apache/airavata/server/ServerMain.java
index d2369fb..7d281ca 100644
--- a/modules/server/src/main/java/org/apache/airavata/server/ServerMain.java
+++ b/modules/server/src/main/java/org/apache/airavata/server/ServerMain.java
@@ -27,6 +27,7 @@
import org.apache.airavata.common.utils.ApplicationSettings.ShutdownStrategy;
import org.apache.airavata.common.utils.IServer.ServerStatus;
import org.apache.airavata.common.utils.StringUtil.CommandLineParameters;
+import org.apache.airavata.patform.monitoring.MonitoringServer;
import org.apache.commons.cli.ParseException;
import org.apache.zookeeper.server.ServerCnxnFactory;
import org.slf4j.ILoggerFactory;
@@ -173,6 +174,15 @@
ServerSettings.mergeSettingsCommandLineArgs(args);
ServerSettings.setServerRoles(ApplicationSettings.getSetting(SERVERS_KEY, "all").split(","));
+ if (ServerSettings.getBooleanSetting("api.server.monitoring.enabled")) {
+ MonitoringServer monitoringServer = new MonitoringServer(
+ ServerSettings.getSetting("api.server.monitoring.host"),
+ ServerSettings.getIntSetting("api.server.monitoring.port"));
+ monitoringServer.start();
+
+ Runtime.getRuntime().addShutdownHook(new Thread(monitoringServer::stop));
+ }
+
if (ServerSettings.isEnabledKafkaLogging()) {
final ILoggerFactory iLoggerFactory = LoggerFactory.getILoggerFactory();
if (iLoggerFactory instanceof LoggerContext) {
diff --git a/modules/sharing-registry/sharing-registry-server/src/main/java/org/apache/airavata/sharing/registry/messaging/SharingServiceDBEventHandler.java b/modules/sharing-registry/sharing-registry-server/src/main/java/org/apache/airavata/sharing/registry/messaging/SharingServiceDBEventHandler.java
index ecc6eb8..558f63f 100644
--- a/modules/sharing-registry/sharing-registry-server/src/main/java/org/apache/airavata/sharing/registry/messaging/SharingServiceDBEventHandler.java
+++ b/modules/sharing-registry/sharing-registry-server/src/main/java/org/apache/airavata/sharing/registry/messaging/SharingServiceDBEventHandler.java
@@ -244,6 +244,19 @@
log.warn("DuplicateEntryException while consuming TENANT create message, ex: " + ex.getMessage() + ", Permission Id : " + domain.getDomainId() + ":WRITE", ex);
}
+ log.info("Creating Permission Type. Id : " + domain.getDomainId()+":MANAGE_SHARING");
+ permissionType = new PermissionType();
+ permissionType.setPermissionTypeId(domain.getDomainId()+":MANAGE_SHARING");
+ permissionType.setDomainId(domain.getDomainId());
+ permissionType.setName("MANAGE_SHARING");
+ permissionType.setDescription("Manage sharing permission type");
+ try {
+ sharingRegistryClient.createPermissionType(permissionType);
+ log.debug("Permission Type created. Id : " + domain.getDomainId() + ":MANAGE_SHARING");
+ } catch (DuplicateEntryException ex) {
+ log.warn("DuplicateEntryException while consuming TENANT create message, ex: " + ex.getMessage() + ", Permission Id : " + domain.getDomainId() + ":MANAGE_SHARING", ex);
+ }
+
break;
}
diff --git a/modules/sharing-registry/sharing-registry-server/src/main/java/org/apache/airavata/sharing/registry/server/SharingRegistryServer.java b/modules/sharing-registry/sharing-registry-server/src/main/java/org/apache/airavata/sharing/registry/server/SharingRegistryServer.java
index e24196b..010e3b9 100644
--- a/modules/sharing-registry/sharing-registry-server/src/main/java/org/apache/airavata/sharing/registry/server/SharingRegistryServer.java
+++ b/modules/sharing-registry/sharing-registry-server/src/main/java/org/apache/airavata/sharing/registry/server/SharingRegistryServer.java
@@ -89,7 +89,9 @@
new TSSLTransportFactory.TSSLTransportParameters();
TLSParams.requireClientAuth(true);
TLSParams.setKeyStore(ServerSettings.getKeyStorePath(), ServerSettings.getKeyStorePassword());
- TLSParams.setTrustStore(ServerSettings.getTrustStorePath(), ServerSettings.getTrustStorePassword());
+ if (ServerSettings.isTrustStorePathDefined()) {
+ TLSParams.setTrustStore(ServerSettings.getTrustStorePath(), ServerSettings.getTrustStorePassword());
+ }
TServerSocket TLSServerTransport = TSSLTransportFactory.getServerSocket(
serverPort, ServerSettings.getTLSClientTimeout(),
InetAddress.getByName(serverHost), TLSParams);
diff --git a/pom.xml b/pom.xml
index 2e75767..5666a1f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -782,6 +782,7 @@
<module>modules/airavata-helix</module>
<module>modules/compute-account-provisioning</module>
<module>modules/job-monitor</module>
+ <module>modules/platform-monitoring</module>
<module>modules/distribution</module>
<module>tools</module>
<module>modules/ide-integration</module>
