Dockerfile for eagle-i Docker image
This is a work in progress to make a docker image for running a node to participate in the eagle-i network. Technical Documentation for eagle-i. It should not be relied upon for production use!
4.0.0,latest- Master branch, current stable release3.7.2- Previous eagle-i build3.5.0- Earlier eagle-i build
This Docker image is built to provide a self-contained eagle-i node. To be functional, you will need at a minimum an SSL certificate stored and mounted in /etc/ssl/private, a pair named eagle-i.crt and eagle-i.key.
TODO: This does not fully provision all components of eagle-i.
Currently working:
- Main repository
Installed, but base configuration not complete:
- Sparqler
- Sweet
- Institution
- Help
This image is built upon the tomcat:7 docker image, which is currently built on debian:jessie.
This image is meant to provide all the runtime application environment to run the eagle-i node, with Tomcat configured to provide SSL and web interfaces, without requiring a proxy. It uses the APR configuration for SSL, which should be capable of production use.
The image is built with an EAGLE_I_HOME volume for data to be mounted at /opt/eaglei, and exposes ports 8080 and 8443 for http and https connections, and should also be started with an ssl certificate inside /etc/ssl.
Important note! Before starting this image with an existing eaglei repository, make a full backup! We recommend mounting a copy of your eagle_i_home!
This image updates the contents of $REPO_HOME with the new eagle-i zip file, and datamanagement tools, so that the repository may be quickly upgraded.
- Put an ssl certificate (or a symlink) in /etc/ssl/private/eagle-i.crt and a corresponding key in /etc/ssl/private/eagle-i.key
- Make a copy of your eagle-i home directory (e.g. cp -a /opt/eaglei /opt/eaglei_data) so you can go back to your previous config if necessary
- Stop existing servers that are providing web access for previous versions
- docker run -p 80:8080 -p 443:8443 -v /etc/ssl:/etc/ssl -v /opt/eaglei_data:/opt/eaglei -d freelock/eaglei
Start with an existing instance. After the new container is created, the new versions of scripts will be in $REPO_HOME/etc, along with the corresponding eagle-i-datatools-datamanagement.jar. The upgrade script is not yet run.
- Get a shell inside the container: docker exec -ti eaglei /bin/bash
- cd repo/etc
- bash upgrade.sh adminuser mypassword https://public.repo.url
- (if data migration is necessary) bash data-migration.sh -u adminuser -p mypassword -r https://public.repo.url
We recommend using a Docker data container pattern -- one container for your data, and a second one for the running eagle-i node. This allows you to easily destroy the running container as often as necessary, while preserving your data.
- Set up SSL as in #1 above
- Create a data container: docker run --name eaglei_data freelock/eaglei /bin/true
- Create the main runtime container linked to the data container:
docker run --volumes-from eaglei_data \ -p 80:8080 -p 443:8443 \ -v /etc/ssl:/etc/ssl \ -e ADMIN_USERNAME=admin \ -e ADMIN_PASSWORD=password \ -e SPARQLER_USERNAME=sparqler \ -e SPARQLER_PASSWORD=password \ freelock/eaglei
... set environment variables as appropriate, and watch the output to make sure everything succeeds in the configuration steps, which will take several minutes.
TODO: Finish the configuration scripts, this does not yet make a fully running node.
We recommend using the previous steps to set up the eagle-i repo, but not running that container in production. Once the data container is set up with everything desired, stop/remove the runtime container, and create a new one as follows:
docker run --volumes-from eaglei_data \ -p 80:8080 -p 443:8443 \ -v /etc/ssl:/etc/ssl \ -d --restart always \ --name eaglei freelock/eaglei
The eaglei image uses several environment variables which are easy to miss. While none of the variables are required, they may significantly aid you in creating a new eagle-i repository.
Pull requests for this repo are welcomed!
Internal container path to the eagle-i repository. Only change if your repo is at a different location inside your eagle_i_home than the default -- otherwise mount your repository using the -v flag at docker run.
Internal home path. Strongly recommend using -v to mount a different path if desired, and leave this as the default.
Only change if your sparqler home is a different path inside the eagle-i home.
Main eagle-i Administrative username/password. If there is no configuration.properties in the ${REPO_HOME}, these credentials will be inserted into the repository. Otherwise they get used for other administrative tasks on setup.
Username/password to create in the Sparqler app.
REPO_NAMESPACE=http://MY_SITE.data.eagle-i.org/i/
Main URL for your eagle-i node, added to configuration.properties.
Main title displayed on the website.
Main logo used on the website. Note that on container startup, files are copied from assets into the repository. So you can place your logo in /opt/eaglei/assets/images/logo.png to have this loaded.
Additional stylesheet to load specific to your site. You can use /repository/assets/styles.css to load a css file in /opt/eaglei/assets/styles.css.
POSTMASTER="admin@example.com"
"From" address for any mail sent by the site
This is set to the default Docker0 IP address, which routes mail through the host server, if that accepts it.
Mail port to use for outgoing mail.
Use SSL for outgoing mail.
Other mail environment variables can be set as in regular eaglei installations.
You can connect to a running container using:
docker exec -ti eaglei /bin/bash
... this will give you a shell inside the container where you can inspect/troubleshoot the installation.
This is how you can access the ontology upgrade scripts, run additional administrative tasks on the repository, etc.
This image is officially supported on Docker version 1.7.1.
Support for older versions is provided on a best-effort basis.
If you have any problems with or questions about this image, please file an issue on the Github project or post to the eagle-i mailing list. This is not an official eagle-i container, and is not part of the project, so support is on a "best effort" basis.
This project is sponsored by Fred Hutchinson Cancer Research Center and Freelock LLC.
You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.