Moving to use IDM in a two-node cluster rather than a stand-alone server, for HA

author: jakefeasel <jfeasel@gmail.com> 2015-04-19 11:02:35 -0700
committer: jakefeasel <jfeasel@gmail.com> 2015-04-19 11:02:35 -0700
commit: 0e39bc2713b6e1674582084315d699666f74ae06 (patch)
tree: 5496d2eadab9f75d0dca65385fccf43cba5c5594
parent: c1849540c23d53ce88313f512ef83df647e1da33 (diff)
download: sqlfiddle2-0e39bc2713b6e1674582084315d699666f74ae06.zip
sqlfiddle2-0e39bc2713b6e1674582084315d699666f74ae06.tar.gz
sqlfiddle2-0e39bc2713b6e1674582084315d699666f74ae06.tar.bz2
10 files changed, 233 insertions, 82 deletions
diff --git a/Vagrantfile b/Vagrantfile
index 407469f..ce682cc 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -125,11 +125,36 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
 
     idm.vm.provider "virtualbox" do |v, override|
       v.memory = 1024
+      override.vm.provision :shell, path: "vagrant_scripts/idm_startup.sh", run: "always"
     end
 
-    idm.vm.provision "shell", path: "vagrant_scripts/idm_bootstrap.sh"
-    idm.vm.provision "shell", path: "vagrant_scripts/idm_startup.sh", run: "always"
+    idm.vm.provision :shell, path: "vagrant_scripts/idm_prep.sh"
+    idm.vm.provision :shell, path: "vagrant_scripts/idm_build.sh"
+    idm.vm.provision :shell, :inline => "cp /vagrant/src/main/resources/conf/boot/boot.node1.properties /vagrant/target/sqlfiddle/conf/boot/boot.properties"
+    idm.vm.provision :shell, :inline => "cp /vagrant/target/sqlfiddle/bin/openidm /etc/init.d"
 
+  end
+
+  config.vm.define "idm2", autostart: false do |idm2|
+
+    idm2.vm.box = "ubuntu/trusty64"
+    idm2.vm.network "private_network", ip: "10.0.0.24"
+    idm2.vm.network "forwarded_port", guest: 8080, host: 28080
+
+    idm2.vm.provider "aws" do |aws, override|
+      aws.private_ip_address = "10.0.0.24"
+      override.vm.provision :shell, :path => "vagrant_scripts/idm_aws.sh"
+    end
+
+    idm2.vm.provider "virtualbox" do |v, override|
+      v.memory = 1024
+      idm2.vm.provision :shell, path: "vagrant_scripts/idm_startup.sh", run: "always"
+      override.vm.synced_folder ".", "/vagrant", type: "rsync", rsync__exclude: ".git/"
+    end
+
+    idm2.vm.provision :shell, path: "vagrant_scripts/idm_prep.sh"
+    idm2.vm.provision :shell, :inline => "cp /vagrant/src/main/resources/conf/boot/boot.node2.properties /vagrant/target/sqlfiddle/conf/boot/boot.properties"
+    idm2.vm.provision :shell, :inline => "cp /vagrant/target/sqlfiddle/bin/openidm /etc/init.d"
 
   end
 
diff --git a/src/main/assembly/zip.xml b/src/main/assembly/zip.xml
index bee961b..b044598 100644
--- a/src/main/assembly/zip.xml
+++ b/src/main/assembly/zip.xml
@@ -13,6 +13,7 @@
             <fileMode>0640</fileMode>
             <excludes>
                 <exclude>varnish/*</exclude>
+                <exclude>conf/boot/*</exclude>
             </excludes>
         </fileSet>
         <fileSet>
diff --git a/src/main/resources/conf/boot/boot.node1.properties b/src/main/resources/conf/boot/boot.node1.properties
new file mode 100644
index 0000000..aa68708
--- /dev/null
+++ b/src/main/resources/conf/boot/boot.node1.properties
@@ -0,0 +1,36 @@
+openidm.port.http=8080
+openidm.port.https=8443
+openidm.port.mutualauth=8444
+
+openidm.https.keystore.cert.alias=openidm-localhost
+
+openidm.keystore.type=JCEKS
+openidm.truststore.type=JKS
+openidm.keystore.provider=
+openidm.keystore.location=security/keystore.jceks
+openidm.truststore.location=security/truststore
+
+# Keystore password, adjust to match your keystore and protect this file
+openidm.keystore.password=changeit
+openidm.truststore.password=changeit
+
+# Optionally use the crypto bundle to obfuscate the password and set one of these:
+#openidm.keystore.password=OBF: 
+#openidm.keystore.password=CRYPT:
+
+# key in keystore to handle config encryption
+openidm.config.crypto.alias=openidm-sym-default
+#openidm.script.javascript.debug=transport=socket,suspend=y,address=9888,trace=true
+#openidm.script.javascript.sources=/Eclipse/workspace/External JavaScript Source/
+
+# policy enforcement enable/disable
+openidm.policy.enforcement.enabled=true
+
+# node id if clustered; each node in a cluster must have a unique node id
+openidm.node.id=node1
+
+# valid instance types for node include standalone, clustered-first, and clustered-additional
+openidm.instance.type=clustered-first
+
+# enables the execution of persistent schedulers
+openidm.scheduler.execute.persistent.schedules=true
+\ No newline at end of file
diff --git a/src/main/resources/conf/boot/boot.node2.properties b/src/main/resources/conf/boot/boot.node2.properties
new file mode 100644
index 0000000..0d13409
--- /dev/null
+++ b/src/main/resources/conf/boot/boot.node2.properties
@@ -0,0 +1,36 @@
+openidm.port.http=8080
+openidm.port.https=8443
+openidm.port.mutualauth=8444
+
+openidm.https.keystore.cert.alias=openidm-localhost
+
+openidm.keystore.type=JCEKS
+openidm.truststore.type=JKS
+openidm.keystore.provider=
+openidm.keystore.location=security/keystore.jceks
+openidm.truststore.location=security/truststore
+
+# Keystore password, adjust to match your keystore and protect this file
+openidm.keystore.password=changeit
+openidm.truststore.password=changeit
+
+# Optionally use the crypto bundle to obfuscate the password and set one of these:
+#openidm.keystore.password=OBF: 
+#openidm.keystore.password=CRYPT:
+
+# key in keystore to handle config encryption
+openidm.config.crypto.alias=openidm-sym-default
+#openidm.script.javascript.debug=transport=socket,suspend=y,address=9888,trace=true
+#openidm.script.javascript.sources=/Eclipse/workspace/External JavaScript Source/
+
+# policy enforcement enable/disable
+openidm.policy.enforcement.enabled=true
+
+# node id if clustered; each node in a cluster must have a unique node id
+openidm.node.id=node2
+
+# valid instance types for node include standalone, clustered-first, and clustered-additional
+openidm.instance.type=clustered-additional
+
+# enables the execution of persistent schedulers
+openidm.scheduler.execute.persistent.schedules=false
+\ No newline at end of file
diff --git a/src/main/resources/conf/cluster.json b/src/main/resources/conf/cluster.json
deleted file mode 100755
index c06659f..0000000
--- a/src/main/resources/conf/cluster.json
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-    "enabled": false,
-    "instanceId" : "&{openidm.node.id}",
-    "instanceTimeout" : "30000",
-    "instanceRecoveryTimeout" : "30000",
-    "instanceCheckInInterval" : "5000",
-    "instanceCheckInOffset" : "0"
-}
-\ No newline at end of file
diff --git a/src/main/resources/db/openidm/openidm.pgsql b/src/main/resources/db/openidm/openidm.pgsql
index fb3470c..5060cea 100755
--- a/src/main/resources/db/openidm/openidm.pgsql
+++ b/src/main/resources/db/openidm/openidm.pgsql
@@ -2,7 +2,7 @@
 CREATE SCHEMA openidm AUTHORIZATION openidm;
 
 -- -----------------------------------------------------
--- Table openidm.auditactivity
+-- Table openidm.objecttpyes
 -- -----------------------------------------------------
 
 CREATE TABLE openidm.objecttypes (
@@ -107,7 +107,7 @@ CREATE INDEX fk_configobjects_objecttypes ON openidm.configobjects (objecttypes_
 CREATE TABLE openidm.configobjectproperties (
   configobjects_id BIGINT NOT NULL,
   propkey VARCHAR(255) NOT NULL,
-  proptype VARCHAR(32) DEFAULT NULL,
+  proptype VARCHAR(255) DEFAULT NULL,
   propvalue TEXT,
   CONSTRAINT fk_configobjectproperties_configobjects FOREIGN KEY (configobjects_id) REFERENCES openidm.configobjects (id) ON DELETE CASCADE ON UPDATE NO ACTION
 );
@@ -129,9 +129,32 @@ CREATE TABLE openidm.links (
   PRIMARY KEY (objectid)
 );
 
-CREATE INDEX idx_links_first ON openidm.links (linktype, firstid);
-CREATE INDEX idx_links_second ON openidm.links (linktype, secondid);
+CREATE UNIQUE INDEX idx_links_first ON openidm.links (linktype, firstid);
+CREATE UNIQUE INDEX idx_links_second ON openidm.links (linktype, secondid);
+
+
+-- -----------------------------------------------------
+-- Table openidm.security
+-- -----------------------------------------------------
+
+CREATE TABLE openidm.security (
+  objectid VARCHAR(38) NOT NULL,
+  rev VARCHAR(38) NOT NULL,
+  storestring TEXT,
+  PRIMARY KEY (objectid)
+);
+
+
+-- -----------------------------------------------------
+-- Table openidm.securitykeys
+-- -----------------------------------------------------
 
+CREATE TABLE openidm.securitykeys (
+  objectid VARCHAR(38) NOT NULL,
+  rev VARCHAR(38) NOT NULL,
+  keypair TEXT,
+  PRIMARY KEY (objectid)
+);
 
 -- -----------------------------------------------------
 -- Table openidm.auditaccess
@@ -145,6 +168,7 @@ CREATE TABLE openidm.auditaccess (
   principal TEXT,
   roles VARCHAR(1024) DEFAULT NULL,
   status VARCHAR(7) DEFAULT NULL,
+  userid VARCHAR(24) DEFAULT NULL ,
   PRIMARY KEY (objectid)
 );
 
@@ -185,6 +209,7 @@ CREATE TABLE openidm.auditrecon (
   entrytype VARCHAR(7) DEFAULT NULL,
   rootactionid VARCHAR(511) DEFAULT NULL,
   reconid VARCHAR(36) DEFAULT NULL,
+  reconaction VARCHAR(36) DEFAULT NULL,
   reconciling VARCHAR(12) DEFAULT NULL,
   sourceobjectid VARCHAR(511) DEFAULT NULL,
   targetobjectid VARCHAR(511) DEFAULT NULL,
@@ -196,7 +221,29 @@ CREATE TABLE openidm.auditrecon (
   message TEXT,
   actionid VARCHAR(255) DEFAULT NULL,
   exceptiondetail TEXT,
-  mapping TEXT,
+  mapping VARCHAR(511) DEFAULT NULL,
+  messagedetail TEXT,
+  PRIMARY KEY (objectid)
+);
+
+
+-- -----------------------------------------------------
+-- Table openidm.auditsync
+-- -----------------------------------------------------
+
+CREATE TABLE openidm.auditsync (
+  objectid VARCHAR(38) NOT NULL,
+  rootactionid VARCHAR(511) DEFAULT NULL,
+  sourceobjectid VARCHAR(511) DEFAULT NULL,
+  targetobjectid VARCHAR(511) DEFAULT NULL,
+  activitydate VARCHAR(29) DEFAULT NULL,
+  situation VARCHAR(24) DEFAULT NULL,
+  activity VARCHAR(24) DEFAULT NULL,
+  status VARCHAR(7) DEFAULT NULL,
+  message TEXT,
+  actionid VARCHAR(255) DEFAULT NULL,
+  exceptiondetail TEXT,
+  mapping VARCHAR(511) DEFAULT NULL,
   messagedetail TEXT,
   PRIMARY KEY (objectid)
 );
@@ -286,4 +333,7 @@ START TRANSACTION;
 INSERT INTO openidm.internaluser (objectid, rev, pwd, roles) VALUES ('openidm-admin', '0', 'openidm-admin', 'openidm-admin,openidm-authorized');
 INSERT INTO openidm.internaluser (objectid, rev, pwd, roles) VALUES ('anonymous', '0', 'anonymous', 'openidm-reg');
 
-COMMIT;
-\ No newline at end of file
+COMMIT;
+
+CREATE INDEX idx_json_clusterobjects_timestamp ON openidm.clusterobjects ( json_extract_path_text(fullobject, 'timestamp') );
+CREATE INDEX idx_json_clusterobjects_state ON openidm.clusterobjects ( json_extract_path_text(fullobject, 'state') );
diff --git a/vagrant_scripts/idm_aws.sh b/vagrant_scripts/idm_aws.sh
index 957c95f..5a0c0ab 100755
--- a/vagrant_scripts/idm_aws.sh
+++ b/vagrant_scripts/idm_aws.sh
@@ -1,4 +1,9 @@
 #!/bin/bash
+
+grunt sync less requirejs
+update-rc.d openidm defaults
+service varnish restart
+
 if [ -d "./openvpn" ]
 then
 
@@ -13,4 +18,6 @@ then
     echo "192.168.199.7   POSTGRESQL91_HOST" >> /etc/hosts
     service openvpn restart
 
-fi
-\ No newline at end of file
+fi
+
+service openidm start
+\ No newline at end of file
diff --git a/vagrant_scripts/idm_bootstrap.sh b/vagrant_scripts/idm_bootstrap.sh
deleted file mode 100755
index 2cc5481..0000000
--- a/vagrant_scripts/idm_bootstrap.sh
+++ /dev/null
@@ -1,65 +0,0 @@
-#!/bin/bash
-
-# create a 512mb swapfile
-dd if=/dev/zero of=/swapfile1 bs=1024 count=524288
-chown root:root /swapfile1
-chmod 0600 /swapfile1
-mkswap /swapfile1
-swapon /swapfile1
-echo "/swapfile1 none swap sw 0 0" >> /etc/fstab
-
-
-export OPENIDM_OPTS="-Xms1024m -Xmx1280m"
-export JAVA_OPTS="-Dcom.sun.management.jmxremote \
--Dcom.sun.management.jmxremote.port=9010 \
--Dcom.sun.management.jmxremote.local.only=true \
--Dcom.sun.management.jmxremote.authenticate=false \
--Dcom.sun.management.jmxremote.ssl=false"
-
-echo "export OPENIDM_OPTS=\"${OPENIDM_OPTS}\"" >> /etc/profile
-echo "export JAVA_OPTS=\"${JAVA_OPTS}\"" >> /etc/profile
-
-apt-get --yes update
-apt-get --yes upgrade
-
-echo "10.0.0.14 openidm" >> /etc/hosts
-echo "10.0.0.16 OPENIDM_REPO_HOST" >> /etc/hosts
-echo "10.0.0.16 SQLFIDDLE_HOST" >> /etc/hosts
-echo "10.0.0.16 POSTGRESQL93_HOST" >> /etc/hosts
-echo "10.0.0.15 MYSQL56_HOST" >> /etc/hosts
-echo "10.0.0.17 ORACLE11G_HOST" >> /etc/hosts
-echo "10.0.0.17 SQLSERVER2014_HOST" >> /etc/hosts
-echo "10.0.0.18 MYSQL55_HOST" >> /etc/hosts
-
-apt-get --yes --force-yes install openjdk-7-jdk maven npm varnish
-cp /vagrant/src/main/resources/varnish/default.vcl /etc/varnish
-cp /vagrant/src/main/resources/varnish/default_varnish /etc/default/varnish
-ln -s /usr/bin/nodejs /usr/bin/node
-npm install -g grunt-cli
-
-cd ~
-wget -q http://dl.dropbox.com/u/2590603/bnd/biz.aQute.bnd.jar
-
-# OSGi wrap the jTDS driver for SQL Server
-wget -q http://central.maven.org/maven2/net/sourceforge/jtds/jtds/1.3.1/jtds-1.3.1.jar
-java -jar ~/biz.aQute.bnd.jar wrap -properties /vagrant/vagrant_scripts/jtds.bnd ./jtds-1.3.1.jar
-mv /vagrant/vagrant_scripts/jtds-1.3.1.bar ~/jtds-1.3.1.jar
-mvn install:install-file -DgroupId=net.sourceforge.jtds -DartifactId=jtds -Dversion=1.3.1 -Dpackaging=jar -Dfile=./jtds-1.3.1.jar
-
-# If you want to enable Oracle support, manually download ojdbc6.jar and put it in the root folder (up one level from here)
-# Download it from here: http://www.oracle.com/technetwork/database/enterprise-edition/jdbc-112010-090769.html
-# Afterwards, uncomment the dependency in ../pom.xml
-if [ -e "/vagrant/ojdbc6.jar" ]
-then
-    java -jar ~/biz.aQute.bnd.jar wrap -properties /vagrant/vagrant_scripts/ojdbc6.bnd /vagrant/ojdbc6.jar
-    mv /vagrant/vagrant_scripts/ojdbc6.bar ojdbc6.jar
-    mvn install:install-file -DgroupId=com.oracle -DartifactId=ojdbc6 -Dversion=11.2.0.4 -Dpackaging=jar -Dfile=./ojdbc6.jar
-fi
-
-
-cd /vagrant
-mvn clean install
-npm install
-cd target/sqlfiddle/bin
-./create-openidm-rc.sh
-cp openidm /etc/init.d
diff --git a/vagrant_scripts/idm_build.sh b/vagrant_scripts/idm_build.sh
new file mode 100755
index 0000000..21aa1cb
--- /dev/null
+++ b/vagrant_scripts/idm_build.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+apt-get --yes --force-yes install maven npm
+
+ln -s /usr/bin/nodejs /usr/bin/node
+npm install -g grunt-cli
+
+cd ~
+wget -q http://dl.dropbox.com/u/2590603/bnd/biz.aQute.bnd.jar
+
+# OSGi wrap the jTDS driver for SQL Server
+wget -q http://central.maven.org/maven2/net/sourceforge/jtds/jtds/1.3.1/jtds-1.3.1.jar
+java -jar ~/biz.aQute.bnd.jar wrap -properties /vagrant/vagrant_scripts/jtds.bnd ./jtds-1.3.1.jar
+mv /vagrant/vagrant_scripts/jtds-1.3.1.bar ~/jtds-1.3.1.jar
+mvn install:install-file -DgroupId=net.sourceforge.jtds -DartifactId=jtds -Dversion=1.3.1 -Dpackaging=jar -Dfile=./jtds-1.3.1.jar
+
+# If you want to enable Oracle support, manually download ojdbc6.jar and put it in the root folder (up one level from here)
+# Download it from here: http://www.oracle.com/technetwork/database/enterprise-edition/jdbc-112010-090769.html
+# Afterwards, uncomment the dependency in ../pom.xml
+if [ -e "/vagrant/ojdbc6.jar" ]
+then
+    java -jar ~/biz.aQute.bnd.jar wrap -properties /vagrant/vagrant_scripts/ojdbc6.bnd /vagrant/ojdbc6.jar
+    mv /vagrant/vagrant_scripts/ojdbc6.bar ojdbc6.jar
+    mvn install:install-file -DgroupId=com.oracle -DartifactId=ojdbc6 -Dversion=11.2.0.4 -Dpackaging=jar -Dfile=./ojdbc6.jar
+fi
+
+
+cd /vagrant
+mvn clean install
+npm install
+cd target/sqlfiddle/bin
+./create-openidm-rc.sh
+\ No newline at end of file
diff --git a/vagrant_scripts/idm_prep.sh b/vagrant_scripts/idm_prep.sh
new file mode 100644
index 0000000..4e5aa7c
--- /dev/null
+++ b/vagrant_scripts/idm_prep.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# create a 512mb swapfile
+dd if=/dev/zero of=/swapfile1 bs=1024 count=524288
+chown root:root /swapfile1
+chmod 0600 /swapfile1
+mkswap /swapfile1
+swapon /swapfile1
+echo "/swapfile1 none swap sw 0 0" >> /etc/fstab
+
+
+export OPENIDM_OPTS="-Xms1024m -Xmx1280m"
+export JAVA_OPTS="-Dcom.sun.management.jmxremote \
+-Dcom.sun.management.jmxremote.port=9010 \
+-Dcom.sun.management.jmxremote.local.only=true \
+-Dcom.sun.management.jmxremote.authenticate=false \
+-Dcom.sun.management.jmxremote.ssl=false"
+
+echo "export OPENIDM_OPTS=\"${OPENIDM_OPTS}\"" >> /etc/profile
+echo "export JAVA_OPTS=\"${JAVA_OPTS}\"" >> /etc/profile
+
+echo "10.0.0.14 openidm" >> /etc/hosts
+echo "10.0.0.16 OPENIDM_REPO_HOST" >> /etc/hosts
+echo "10.0.0.16 SQLFIDDLE_HOST" >> /etc/hosts
+echo "10.0.0.16 POSTGRESQL93_HOST" >> /etc/hosts
+echo "10.0.0.15 MYSQL56_HOST" >> /etc/hosts
+echo "10.0.0.17 ORACLE11G_HOST" >> /etc/hosts
+echo "10.0.0.17 SQLSERVER2014_HOST" >> /etc/hosts
+echo "10.0.0.18 MYSQL55_HOST" >> /etc/hosts
+
+apt-get --yes update
+apt-get --yes upgrade
+
+apt-get --yes --force-yes install openjdk-7-jdk varnish
+
+cp /vagrant/src/main/resources/varnish/default.vcl /etc/varnish
+cp /vagrant/src/main/resources/varnish/default_varnish /etc/default/varnish
author	jakefeasel <jfeasel@gmail.com>	2015-04-19 11:02:35 -0700
committer	jakefeasel <jfeasel@gmail.com>	2015-04-19 11:02:35 -0700
commit	0e39bc2713b6e1674582084315d699666f74ae06 (patch)
tree	5496d2eadab9f75d0dca65385fccf43cba5c5594
parent	c1849540c23d53ce88313f512ef83df647e1da33 (diff)
download	sqlfiddle2-0e39bc2713b6e1674582084315d699666f74ae06.zip sqlfiddle2-0e39bc2713b6e1674582084315d699666f74ae06.tar.gz sqlfiddle2-0e39bc2713b6e1674582084315d699666f74ae06.tar.bz2