Loading docker-compose.yml +4 −4 Original line number Diff line number Diff line Loading @@ -69,8 +69,8 @@ services: - "8080" - "8443" ports: - "8080:8080" - "8443:8443" - "8084:8080" - "8447:8443" networks: - default - dbnetwork Loading Loading @@ -114,8 +114,8 @@ services: volumes_from: - esgf-config ports: - "8084:8080" - "8447:8443" - "8085:8080" - "8448:8443" depends_on: - esgf-postgres Loading docker-stack.yml +49 −6 Original line number Diff line number Diff line Loading @@ -48,8 +48,8 @@ secrets: file: $ESGF_CONFIG/httpd/certs/cachain.pem httpd_esgf-ca-bundle_crt: file: $ESGF_CONFIG/httpd/certs/esgf-ca-bundle.crt httpd_esgf-ca-bundle_crt-orig: file: $ESGF_CONFIG/httpd/certs/esgf-ca-bundle.crt-orig #httpd_esgf-ca-bundle_crt-orig: # file: $ESGF_CONFIG/httpd/certs/esgf-ca-bundle.crt-orig httpd_hostcert_pem: file: $ESGF_CONFIG/httpd/certs/hostcert.pem httpd_hostcert_pkcs12: Loading Loading @@ -107,8 +107,8 @@ services: target: /etc/certs/cachain.pem - source: httpd_esgf-ca-bundle_crt target: /etc/certs/esgf-ca-bundle.crt - source: httpd_esgf-ca-bundle_crt-orig target: /etc/certs/esgf-ca-bundle.crt-orig #- source: httpd_esgf-ca-bundle_crt-orig # target: /etc/certs/esgf-ca-bundle.crt-orig - source: httpd_hostcert_pem target: /etc/certs/hostcert.pem - source: httpd_hostcert_pkcs12 Loading Loading @@ -243,6 +243,7 @@ services: mode: 0600 volumes: - tds_data:/esg/content/thredds - $ESGF_DATA_DIR:/esg/data environment: - ESGF_HOSTNAME depends_on: Loading @@ -252,6 +253,48 @@ services: placement: constraints: [node.labels.esgf_data_node == true] esgf-publisher: image: ${ESGF_IMAGES_HUB-esgfhub}/esgf-publisher:${ESGF_VERSION-latest} networks: - default - dbnetwork volumes: - tds_data:/esg/content/thredds - $ESGF_DATA_DIR:/esg/data secrets: - source: esgf_config_files target: /root/archives/esgf_config.tar.xz mode: 0600 environment: - SSL_CERT_DIR=/etc/grid-security/certificates #- SSL_CERT_FILE=/etc/certs/esgf-ca-bundle.crt - ESGF_HOSTNAME depends_on: - esgf-postgres deploy: replicas: 1 placement: constraints: [node.labels.esgf_data_node == true] esgf-dashboard: image: ${ESGF_IMAGES_HUB-esgfhub}/esgf-dashboard:${ESGF_VERSION-latest} networks: - default - dbnetwork secrets: - source: esgf_config_files target: /root/archives/esgf_config.tar.xz mode: 0600 ports: - "8085:8080" - "8448:8443" depends_on: - esgf-postgres deploy: replicas: 1 placement: constraints: [node.labels.esgf_data_node == true] # note: this service must run on the same host as the httpd front-end # so they can share data in the volume 'esgf_auth_install' esgf-auth: Loading @@ -274,8 +317,8 @@ services: target: /etc/certs/cachain.pem - source: httpd_esgf-ca-bundle_crt target: /etc/certs/esgf-ca-bundle.crt - source: httpd_esgf-ca-bundle_crt-orig target: /etc/certs/esgf-ca-bundle.crt-orig #- source: httpd_esgf-ca-bundle_crt-orig # target: /etc/certs/esgf-ca-bundle.crt-orig - source: httpd_hostcert_pem target: /etc/certs/hostcert.pem - source: httpd_hostcert_pkcs12 Loading tomcat/conf/setenv.sh +1 −1 Original line number Diff line number Diff line Loading @@ -5,4 +5,4 @@ export JAVA_OPTS="-Dtds.content.root.path=/esg/content" #export JAVA_OPTS="-Djavax.net.debug=ssl -Dtds.content.root.path=/esg/content" #export CATALINA_OPTS="-Xmx2048m -server -Xms1024m -XX:MaxPermSize=512m -Dsun.security.ssl.allowUnsafeRenegotiation=false -Djavax.net.ssl.trustStore='/esg/config/tomcat/esg-truststore.ts' -Djavax.net.ssl.trustStorePassword='changeit'" # IMPORTANT : when running on single host, Tomcat will be killed if it exceeds the memory limits export CATALINA_OPTS="-Xmx512m -server -Xms512m -XX:MaxPermSize=512m -Dsun.security.ssl.allowUnsafeRenegotiation=false -Djavax.net.ssl.trustStore='/esg/config/tomcat/esg-truststore.ts' -Djavax.net.ssl.trustStorePassword='changeit'" export CATALINA_OPTS="-Xmx256m -server -Xms256m -XX:MaxPermSize=256m -Dsun.security.ssl.allowUnsafeRenegotiation=false -Djavax.net.ssl.trustStore='/esg/config/tomcat/esg-truststore.ts' -Djavax.net.ssl.trustStorePassword='changeit'" Loading
docker-compose.yml +4 −4 Original line number Diff line number Diff line Loading @@ -69,8 +69,8 @@ services: - "8080" - "8443" ports: - "8080:8080" - "8443:8443" - "8084:8080" - "8447:8443" networks: - default - dbnetwork Loading Loading @@ -114,8 +114,8 @@ services: volumes_from: - esgf-config ports: - "8084:8080" - "8447:8443" - "8085:8080" - "8448:8443" depends_on: - esgf-postgres Loading
docker-stack.yml +49 −6 Original line number Diff line number Diff line Loading @@ -48,8 +48,8 @@ secrets: file: $ESGF_CONFIG/httpd/certs/cachain.pem httpd_esgf-ca-bundle_crt: file: $ESGF_CONFIG/httpd/certs/esgf-ca-bundle.crt httpd_esgf-ca-bundle_crt-orig: file: $ESGF_CONFIG/httpd/certs/esgf-ca-bundle.crt-orig #httpd_esgf-ca-bundle_crt-orig: # file: $ESGF_CONFIG/httpd/certs/esgf-ca-bundle.crt-orig httpd_hostcert_pem: file: $ESGF_CONFIG/httpd/certs/hostcert.pem httpd_hostcert_pkcs12: Loading Loading @@ -107,8 +107,8 @@ services: target: /etc/certs/cachain.pem - source: httpd_esgf-ca-bundle_crt target: /etc/certs/esgf-ca-bundle.crt - source: httpd_esgf-ca-bundle_crt-orig target: /etc/certs/esgf-ca-bundle.crt-orig #- source: httpd_esgf-ca-bundle_crt-orig # target: /etc/certs/esgf-ca-bundle.crt-orig - source: httpd_hostcert_pem target: /etc/certs/hostcert.pem - source: httpd_hostcert_pkcs12 Loading Loading @@ -243,6 +243,7 @@ services: mode: 0600 volumes: - tds_data:/esg/content/thredds - $ESGF_DATA_DIR:/esg/data environment: - ESGF_HOSTNAME depends_on: Loading @@ -252,6 +253,48 @@ services: placement: constraints: [node.labels.esgf_data_node == true] esgf-publisher: image: ${ESGF_IMAGES_HUB-esgfhub}/esgf-publisher:${ESGF_VERSION-latest} networks: - default - dbnetwork volumes: - tds_data:/esg/content/thredds - $ESGF_DATA_DIR:/esg/data secrets: - source: esgf_config_files target: /root/archives/esgf_config.tar.xz mode: 0600 environment: - SSL_CERT_DIR=/etc/grid-security/certificates #- SSL_CERT_FILE=/etc/certs/esgf-ca-bundle.crt - ESGF_HOSTNAME depends_on: - esgf-postgres deploy: replicas: 1 placement: constraints: [node.labels.esgf_data_node == true] esgf-dashboard: image: ${ESGF_IMAGES_HUB-esgfhub}/esgf-dashboard:${ESGF_VERSION-latest} networks: - default - dbnetwork secrets: - source: esgf_config_files target: /root/archives/esgf_config.tar.xz mode: 0600 ports: - "8085:8080" - "8448:8443" depends_on: - esgf-postgres deploy: replicas: 1 placement: constraints: [node.labels.esgf_data_node == true] # note: this service must run on the same host as the httpd front-end # so they can share data in the volume 'esgf_auth_install' esgf-auth: Loading @@ -274,8 +317,8 @@ services: target: /etc/certs/cachain.pem - source: httpd_esgf-ca-bundle_crt target: /etc/certs/esgf-ca-bundle.crt - source: httpd_esgf-ca-bundle_crt-orig target: /etc/certs/esgf-ca-bundle.crt-orig #- source: httpd_esgf-ca-bundle_crt-orig # target: /etc/certs/esgf-ca-bundle.crt-orig - source: httpd_hostcert_pem target: /etc/certs/hostcert.pem - source: httpd_hostcert_pkcs12 Loading
tomcat/conf/setenv.sh +1 −1 Original line number Diff line number Diff line Loading @@ -5,4 +5,4 @@ export JAVA_OPTS="-Dtds.content.root.path=/esg/content" #export JAVA_OPTS="-Djavax.net.debug=ssl -Dtds.content.root.path=/esg/content" #export CATALINA_OPTS="-Xmx2048m -server -Xms1024m -XX:MaxPermSize=512m -Dsun.security.ssl.allowUnsafeRenegotiation=false -Djavax.net.ssl.trustStore='/esg/config/tomcat/esg-truststore.ts' -Djavax.net.ssl.trustStorePassword='changeit'" # IMPORTANT : when running on single host, Tomcat will be killed if it exceeds the memory limits export CATALINA_OPTS="-Xmx512m -server -Xms512m -XX:MaxPermSize=512m -Dsun.security.ssl.allowUnsafeRenegotiation=false -Djavax.net.ssl.trustStore='/esg/config/tomcat/esg-truststore.ts' -Djavax.net.ssl.trustStorePassword='changeit'" export CATALINA_OPTS="-Xmx256m -server -Xms256m -XX:MaxPermSize=256m -Dsun.security.ssl.allowUnsafeRenegotiation=false -Djavax.net.ssl.trustStore='/esg/config/tomcat/esg-truststore.ts' -Djavax.net.ssl.trustStorePassword='changeit'"
