diff --git a/docker/src/bash/generate-config.sh b/docker/src/bash/generate-config.sh index 4bdcff673f..8c05d3e996 100755 --- a/docker/src/bash/generate-config.sh +++ b/docker/src/bash/generate-config.sh @@ -49,11 +49,11 @@ function generateGenericCZConfig(){ java -jar config-exporter.jar "GENERIC-CZ" "/opt/corda/starting-node.conf" "${CONFIG_FOLDER}/node.conf" java -Djava.security.egd=file:/dev/./urandom -Dcapsule.jvm.args="${JVM_ARGS}" -jar /opt/corda/bin/corda.jar \ - initial-registration \ - --base-directory=/opt/corda \ - --config-file=/etc/corda/node.conf \ - --network-root-truststore-password=${NETWORK_TRUST_PASSWORD} \ - --network-root-truststore=${CERTIFICATES_FOLDER}/${TRUST_STORE_NAME} &&\ + --initial-registration \ + --base-directory /opt/corda \ + --config-file ${CONFIG_FOLDER}/node.conf \ + --network-root-truststore-password ${NETWORK_TRUST_PASSWORD} \ + --network-root-truststore ${CERTIFICATES_FOLDER}/${TRUST_STORE_NAME} &&\ echo "Succesfully registered with ${DOORMAN_URL}, starting corda" && \ run-corda fi diff --git a/docker/src/bash/run-corda.sh b/docker/src/bash/run-corda.sh index b2cd117619..8cfd34b1f8 100755 --- a/docker/src/bash/run-corda.sh +++ b/docker/src/bash/run-corda.sh @@ -1,10 +1,7 @@ #!/usr/bin/env bash -: ${JVM_ARGS='-XX:+UseG1GC'} - -JVM_ARGS="-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap "${JVM_ARGS} if [[ ${JVM_ARGS} == *"Xmx"* ]]; then echo "WARNING: the use of the -Xmx flag is not recommended within docker containers. Use the --memory option passed to the container to limit heap size" fi -java -Djava.security.egd=file:/dev/./urandom -Dcapsule.jvm.args="${JVM_ARGS}" -jar /opt/corda/bin/corda.jar --base-directory=/opt/corda --config-file=/etc/corda/node.conf ${CORDA_ARGS} \ No newline at end of file +java -Djava.security.egd=file:/dev/./urandom -Dcapsule.jvm.args="${JVM_ARGS}" -jar /opt/corda/bin/corda.jar --base-directory /opt/corda --config-file ${CONFIG_FOLDER}/node.conf ${CORDA_ARGS} \ No newline at end of file diff --git a/docker/src/docker/Dockerfile b/docker/src/docker/Dockerfile index 5340c68638..2100ec59f9 100644 --- a/docker/src/docker/Dockerfile +++ b/docker/src/docker/Dockerfile @@ -1,35 +1,34 @@ FROM azul/zulu-openjdk:8u192 -RUN apt-get update && apt-get -y upgrade && apt-get -y install bash curl unzip +## Add packages, clean cache, create dirs, create corda user and change ownership +RUN apt-get update && \ + apt-get -y upgrade && \ + apt-get -y install bash curl unzip && \ + rm -rf /var/lib/apt/lists/* && \ + mkdir -p /opt/corda/cordapps && \ + mkdir -p /opt/corda/persistence && \ + mkdir -p /opt/corda/certificates && \ + mkdir -p /opt/corda/drivers && \ + mkdir -p /opt/corda/logs && \ + mkdir -p /opt/corda/bin && \ + mkdir -p /opt/corda/additional-node-infos && \ + mkdir -p /etc/corda && \ + addgroup corda && \ + useradd corda -g corda -m -d /opt/corda && \ + chown -R corda:corda /opt/corda && \ + chown -R corda:corda /etc/corda -# Create dirs -RUN mkdir -p /opt/corda/cordapps -RUN mkdir -p /opt/corda/persistence -RUN mkdir -p /opt/corda/certificates -RUN mkdir -p /opt/corda/drivers -RUN mkdir -p /opt/corda/logs -RUN mkdir -p /opt/corda/bin -RUN mkdir -p /opt/corda/additional-node-infos -RUN mkdir -p /etc/corda - -# Create corda user -RUN addgroup corda && \ - useradd corda -g corda -m -d /opt/corda - -WORKDIR /opt/corda - -ENV CORDAPPS_FOLDER="/opt/corda/cordapps" -ENV PERSISTENCE_FOLDER="/opt/corda/persistence" -ENV CERTIFICATES_FOLDER="/opt/corda/certificates" -ENV DRIVERS_FOLDER="/opt/corda/drivers" -ENV CONFIG_FOLDER="/etc/corda" - -ENV MY_P2P_PORT=10200 -ENV MY_RPC_PORT=10201 -ENV MY_RPC_ADMIN_PORT=10202 - -RUN chown -R corda:corda /opt/corda -RUN chown -R corda:corda /etc/corda +ENV CORDAPPS_FOLDER="/opt/corda/cordapps" \ + PERSISTENCE_FOLDER="/opt/corda/persistence" \ + CERTIFICATES_FOLDER="/opt/corda/certificates" \ + DRIVERS_FOLDER="/opt/corda/drivers" \ + CONFIG_FOLDER="/etc/corda" \ + MY_P2P_PORT=10200 \ + MY_RPC_PORT=10201 \ + MY_RPC_ADMIN_PORT=10202 \ + PATH=$PATH:/opt/corda/bin \ + JVM_ARGS="-XX:+UseG1GC -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap " \ + CORDA_ARGS="" ##CORDAPPS FOLDER VOLUME ["/opt/corda/cordapps"] @@ -46,25 +45,18 @@ VOLUME ["/opt/corda/additional-node-infos"] ##CONFIG LOCATION VOLUME ["/etc/corda"] - ##CORDA JAR -ADD --chown=corda:corda corda.jar /opt/corda/bin/corda.jar +COPY --chown=corda:corda corda.jar /opt/corda/bin/corda.jar ##CONFIG MANIPULATOR JAR -ADD --chown=corda:corda config-exporter.jar /opt/corda/config-exporter.jar +COPY --chown=corda:corda config-exporter.jar /opt/corda/config-exporter.jar ##CONFIG GENERATOR SHELL SCRIPT -ADD --chown=corda:corda generate-config.sh /opt/corda/bin/config-generator +COPY --chown=corda:corda generate-config.sh /opt/corda/bin/config-generator ##CORDA RUN SCRIPT -ADD --chown=corda:corda run-corda.sh /opt/corda/bin/run-corda +COPY --chown=corda:corda run-corda.sh /opt/corda/bin/run-corda ##BASE CONFIG FOR GENERATOR -ADD --chown=corda:corda starting-node.conf /opt/corda/starting-node.conf -##SET EXECUTABLE PERMISSIONS -RUN chmod +x /opt/corda/bin/config-generator -RUN chmod +x /opt/corda/bin/run-corda - -ENV PATH=$PATH:/opt/corda/bin - -EXPOSE $MY_P2P_PORT -EXPOSE $MY_RPC_PORT +COPY --chown=corda:corda starting-node.conf /opt/corda/starting-node.conf USER "corda" -CMD ["run-corda"] +EXPOSE ${MY_P2P_PORT} ${MY_RPC_PORT} ${MY_RPC_ADMIN_PORT} +WORKDIR /opt/corda +CMD ["run-corda"] \ No newline at end of file diff --git a/docker/src/docker/DockerfileAL b/docker/src/docker/DockerfileAL index 34bc5311cc..b5ce21ab00 100644 --- a/docker/src/docker/DockerfileAL +++ b/docker/src/docker/DockerfileAL @@ -1,39 +1,37 @@ FROM amazonlinux:2 -RUN amazon-linux-extras enable corretto8 -RUN yum -y install java-1.8.0-amazon-corretto-devel -RUN yum -y install bash -RUN yum -y install curl -RUN yum -y install unzip +## Add packages, clean cache, create dirs, create corda user and change ownership +RUN amazon-linux-extras enable corretto8 && \ + yum -y install java-1.8.0-amazon-corretto-devel && \ + yum -y install bash && \ + yum -y install curl && \ + yum -y install unzip && \ + yum clean all && \ + rm -rf /var/cache/yum && \ + mkdir -p /opt/corda/cordapps && \ + mkdir -p /opt/corda/persistence && \ + mkdir -p /opt/corda/certificates && \ + mkdir -p /opt/corda/drivers && \ + mkdir -p /opt/corda/logs && \ + mkdir -p /opt/corda/bin && \ + mkdir -p /opt/corda/additional-node-infos && \ + mkdir -p /etc/corda && \ + groupadd corda && \ + useradd corda -g corda -m -d /opt/corda && \ + chown -R corda:corda /opt/corda && \ + chown -R corda:corda /etc/corda -# Create dirs -RUN mkdir -p /opt/corda/cordapps -RUN mkdir -p /opt/corda/persistence -RUN mkdir -p /opt/corda/certificates -RUN mkdir -p /opt/corda/drivers -RUN mkdir -p /opt/corda/logs -RUN mkdir -p /opt/corda/bin -RUN mkdir -p /opt/corda/additional-node-infos -RUN mkdir -p /etc/corda - -# Create corda user -RUN groupadd corda && \ - useradd corda -g corda -m -d /opt/corda - -WORKDIR /opt/corda - -ENV CORDAPPS_FOLDER="/opt/corda/cordapps" -ENV PERSISTENCE_FOLDER="/opt/corda/persistence" -ENV CERTIFICATES_FOLDER="/opt/corda/certificates" -ENV DRIVERS_FOLDER="/opt/corda/drivers" -ENV CONFIG_FOLDER="/etc/corda" - -ENV MY_P2P_PORT=10200 -ENV MY_RPC_PORT=10201 -ENV MY_RPC_ADMIN_PORT=10202 - -RUN chown -R corda:corda /opt/corda -RUN chown -R corda:corda /etc/corda +ENV CORDAPPS_FOLDER="/opt/corda/cordapps" \ + PERSISTENCE_FOLDER="/opt/corda/persistence" \ + CERTIFICATES_FOLDER="/opt/corda/certificates" \ + DRIVERS_FOLDER="/opt/corda/drivers" \ + CONFIG_FOLDER="/etc/corda" \ + MY_P2P_PORT=10200 \ + MY_RPC_PORT=10201 \ + MY_RPC_ADMIN_PORT=10202 \ + PATH=$PATH:/opt/corda/bin \ + JVM_ARGS="-XX:+UseG1GC -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap " \ + CORDA_ARGS="" ##CORDAPPS FOLDER VOLUME ["/opt/corda/cordapps"] @@ -50,25 +48,18 @@ VOLUME ["/opt/corda/additional-node-infos"] ##CONFIG LOCATION VOLUME ["/etc/corda"] - ##CORDA JAR -ADD --chown=corda:corda corda.jar /opt/corda/bin/corda.jar +COPY --chown=corda:corda corda.jar /opt/corda/bin/corda.jar ##CONFIG MANIPULATOR JAR -ADD --chown=corda:corda config-exporter.jar /opt/corda/config-exporter.jar +COPY --chown=corda:corda config-exporter.jar /opt/corda/config-exporter.jar ##CONFIG GENERATOR SHELL SCRIPT -ADD --chown=corda:corda generate-config.sh /opt/corda/bin/config-generator +COPY --chown=corda:corda generate-config.sh /opt/corda/bin/config-generator ##CORDA RUN SCRIPT -ADD --chown=corda:corda run-corda.sh /opt/corda/bin/run-corda +COPY --chown=corda:corda run-corda.sh /opt/corda/bin/run-corda ##BASE CONFIG FOR GENERATOR -ADD --chown=corda:corda starting-node.conf /opt/corda/starting-node.conf -##SET EXECUTABLE PERMISSIONS -RUN chmod +x /opt/corda/bin/config-generator -RUN chmod +x /opt/corda/bin/run-corda - -ENV PATH=$PATH:/opt/corda/bin - -EXPOSE $MY_P2P_PORT -EXPOSE $MY_RPC_PORT +COPY --chown=corda:corda starting-node.conf /opt/corda/starting-node.conf USER "corda" -CMD ["run-corda"] +EXPOSE ${MY_P2P_PORT} ${MY_RPC_PORT} ${MY_RPC_ADMIN_PORT} +WORKDIR /opt/corda +CMD ["run-corda"] \ No newline at end of file diff --git a/docker/test-docker.sh b/docker/test-docker.sh new file mode 100755 index 0000000000..e5b35a294c --- /dev/null +++ b/docker/test-docker.sh @@ -0,0 +1,70 @@ +#!/usr/bin/env bash +# Tests Corda docker by registering with a test doorman +# usage: ./test-docker.sh +# example: ./test-docker.sh corda/corda-corretto-4.0:RELEASE +IMAGE=${1:-corda/corda-corretto-4.0} +SALT=${RANDOM} + +# Start up test-doorman, if not already running +if [ ! "$(docker ps -q -f name=test-doorman)" ]; then + if [ "$(docker ps -aq -f status=exited -f name=test-doorman)" ]; then + echo "TEST-IMAGE-${IMAGE}: test-doorman is in a status=exited state. I will remove." + docker rm -f test-doorman + fi + echo "TEST-IMAGE-${IMAGE}: test-doorman is not running. I will start." + docker run -d --rm --name test-doorman -p 8080:8080 \ + -e NMS_MONGO_CONNECTION_STRING=embed \ + -e NMS_TLS=false \ + -e NMS_DOORMAN=true \ + -e NMS_CERTMAN=false \ + cordite/network-map +else + echo "TEST-IMAGE-${IMAGE}: test-door man is already running. I will use this instance." +fi + +# Wait for test-doorman and then download truststore +while [[ "$(curl -s -o network-root-truststore.jks -w ''%{http_code}'' http://localhost:8080/network-map/truststore)" != "200" ]]; do + echo "TEST-IMAGE-${IMAGE}: waiting 5 seconds for test-doorman to serve..." + sleep 5 +done + +# Test corda docker +echo "TEST-IMAGE-${IMAGE}: Run config-generator in corda docker with image: ${IMAGE}" +docker run -d --name corda-test-${SALT} --network=host --hostname=127.0.0.1 \ + -e MY_LEGAL_NAME="O=Test-${SALT},L=Berlin,C=DE" \ + -e MY_PUBLIC_ADDRESS="localhost" \ + -e NETWORKMAP_URL="http://localhost:8080" \ + -e DOORMAN_URL="http://localhost:8080" \ + -e NETWORK_TRUST_PASSWORD="trustpass" \ + -e MY_EMAIL_ADDRESS="cordauser@r3.com" \ + -v $(pwd)/network-root-truststore.jks:/opt/corda/certificates/network-root-truststore.jks \ + -e CORDA_ARGS="--log-to-console --no-local-shell" \ + $IMAGE config-generator --generic + +# Succesfully registered (with http://localhost:8080) +docker logs -f corda-test-${SALT} | grep -q "Succesfully registered" +if [ ! "$(docker ps -q -f name=corda-test-${SALT})" ]; then + echo "TEST-IMAGE-${IMAGE}: FAIL corda-test has exited." + docker logs corda-test-${SALT} + rm -f $(pwd)/network-root-truststore.jks + docker rm -f corda-test-${SALT} + exit 1 +else + echo "TEST-IMAGE-${IMAGE}: SUCCESS : Succesfully registered with http://localhost:8080" +fi + +# Node started up and registered +docker logs -f corda-test-${SALT} | grep -q "started up and registered in" +if [ ! "$(docker ps -q -f name=corda-test-${SALT})" ]; then + echo "TEST-IMAGE-${IMAGE}: FAIL corda-test has exited." + docker logs corda-test-${SALT} + rm -f $(pwd)/network-root-truststore.jks + docker rm -f corda-test-${SALT} + exit 1 +else + echo "TEST-IMAGE-${IMAGE}: SUCCESS : Node started up and registered" + echo "TEST-IMAGE-${IMAGE}: SUCCESS : tear down" + rm -f $(pwd)/network-root-truststore.jks + docker rm -f corda-test-${SALT} + exit 0 +fi