Feature/consonance cleanup (#128)

* Refactor container-admin docker image

* Resolve work with develop

* Consonance cleanup

* cleanup creation of postgres user
* use docker-compose v2 syntax
* properly split out webservice and use non-superuser for client

* Hook up Consonance user properly

* Update readme

* Support 'exit' and running again to re-enter

* Update readme

* Add bootstrap script in progress (needs json to properties file)

* Continue work on bootstrap script and mustache templating

* Updates

* Fix variable references

* Extend timeouts

* Pin the version of mustache

* the version that comes with ubuntu 14.04 will not work
wget and install it manually if not on 16.04

* Start webservice before daemons

* Add sudo and less for troubleshooting

* Make sure container does not exit

* Need to be able to restart daemons

* Split out daemons to control order of start up

* Need ansible 2.0 compatible playbook

* Typo

* Update README.md

* Setup templates for ip address

* Update README.md

* Need versioned version of bamstats

* Update README.md

Author: denis-yuen

container-admin/Dockerfile

@@ -0,0 +1,63 @@
+FROM ubuntu:16.04
+
+# Update the APT cache
+# prepare for Java download
+RUN apt-get update \
+    && apt-get upgrade -y \
+    && apt-get install -y \
+    python-software-properties \
+    software-properties-common \
+    tree \
+    vim \
+    sudo \
+    less \
+    telnet \
+    postgresql-client \
+    && apt-get clean
+
+# grab oracle java (auto accept licence)
+RUN add-apt-repository -y ppa:webupd8team/java \
+    && apt-get update \
+    && echo oracle-java8-installer shared/accepted-oracle-license-v1-1 select true | /usr/bin/debconf-set-selections \
+    && apt-get install -y oracle-java8-installer
+
+# install Consonance services
+ENV consonance_version=2.0-alpha.9
+
+RUN wget --no-verbose https://seqwaremaven.oicr.on.ca/artifactory/seqware-release/io/consonance/consonance-arch/${consonance_version}/consonance-arch-${consonance_version}.jar 
+
+RUN useradd -ms /bin/bash ubuntu 
+# the web and Consonance config
+WORKDIR /home/ubuntu
+
+# install dockerize 
+ENV DOCKERIZE_VERSION v0.2.0
+
+RUN wget --no-verbose https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
+    && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz
+
+
+# TODO: make sure you create these from the .template files and customize them
+RUN mkdir -p /home/ubuntu/.youxia /home/ubuntu/.consonance /home/ubuntu/.consonance/self-installs /home/ubuntu/.ssh /home/ubuntu/bin
+COPY config /home/ubuntu/.consonance/config
+COPY key.pem /home/ubuntu/.ssh/key.pem
+COPY init_client.sh /home/ubuntu/init_client.sh
+
+RUN chmod 600 /home/ubuntu/.ssh/key.pem 
+RUN chmod a+wrx /home/ubuntu/init_client.sh
+RUN chown -R ubuntu /home/ubuntu
+USER ubuntu
+RUN echo "postgres:5432:*:*:postgres" > /home/ubuntu/.pgpass && chmod 600 /home/ubuntu/.pgpass
+
+
+# for youxia and the consonance command line on the main box 
+RUN wget --no-verbose https://github.com/Consonance/consonance/releases/download/${consonance_version}/consonance && mv consonance /home/ubuntu/bin && chmod a+x /home/ubuntu/bin/consonance
+RUN wget --no-verbose --no-check-certificate http://seqwaremaven.oicr.on.ca/artifactory/seqware-release/io/consonance/consonance-client/${consonance_version}/consonance-client-${consonance_version}.jar && mv consonance-client-${consonance_version}.jar /home/ubuntu/.consonance/self-installs/
+
+# now get a sample CWL and test JSON
+RUN wget --no-verbose https://raw.githubusercontent.com/CancerCollaboratory/dockstore-tool-bamstats/1.25-6_1.0/Dockstore.cwl
+RUN wget --no-verbose https://raw.githubusercontent.com/CancerCollaboratory/dockstore-tool-bamstats/1.25-6_1.0/sample_configs.json
+
+ENV PATH="/home/ubuntu/bin:${PATH}"
+
+CMD ["dockerize", "-wait", "tcp://webservice:8080", "-timeout", "60s", "/home/ubuntu/init_client.sh"]

container-admin/Dockerfile_client

@@ -0,0 +1,41 @@
+FROM ubuntu:16.04
+
+# Update the APT cache
+# prepare for Java download
+RUN apt-get update \
+    && apt-get upgrade -y \
+    && apt-get install -y \
+    python-software-properties \
+    software-properties-common \
+    telnet \
+    && apt-get clean
+
+# grab oracle java (auto accept licence)
+RUN add-apt-repository -y ppa:webupd8team/java \
+    && apt-get update \
+    && echo oracle-java8-installer shared/accepted-oracle-license-v1-1 select true | /usr/bin/debconf-set-selections \
+    && apt-get install -y oracle-java8-installer
+
+# install Consonance services
+ENV consonance_version=2.0-alpha.9
+
+RUN wget --no-verbose https://seqwaremaven.oicr.on.ca/artifactory/seqware-release/io/consonance/consonance-arch/${consonance_version}/consonance-arch-${consonance_version}.jar
+
+# install dockerize 
+ENV DOCKERIZE_VERSION v0.2.0
+
+RUN wget --no-verbose https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
+    && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz
+
+COPY config .
+ADD init_coordinator.sh .
+
+
+RUN chmod u+x init_coordinator.sh
+COPY config /root/.consonance/config
+RUN mkdir /consonance_logs && chmod a+rx /consonance_logs
+
+
+# TODO: 1) update the above to have my AWS creds in it and 2) create the admin user in postgres db
+# Waiting for postgres and rabbitmq services 
+CMD ["dockerize", "-wait", "tcp://webservice:8080", "-timeout", "60s", "./init_coordinator.sh"]

container-admin/Dockerfile_coordinator

@@ -0,0 +1,60 @@
+FROM ubuntu:16.04
+
+# Update the APT cache
+# prepare for Java download
+RUN apt-get update \
+    && apt-get upgrade -y \
+    && apt-get install -y \
+    python-software-properties \
+    software-properties-common \
+    git \
+    telnet \
+    && apt-get clean
+
+RUN apt-get install software-properties-common \
+    && apt-add-repository ppa:ansible/ansible \
+    && apt-get update \ 
+    && apt-get install -y ansible
+
+# grab oracle java (auto accept licence)
+RUN add-apt-repository -y ppa:webupd8team/java \
+    && apt-get update \
+    && echo oracle-java8-installer shared/accepted-oracle-license-v1-1 select true | /usr/bin/debconf-set-selections \
+    && apt-get install -y oracle-java8-installer
+
+# install Consonance services
+ENV consonance_version=2.0-alpha.9
+
+RUN wget --no-verbose https://seqwaremaven.oicr.on.ca/artifactory/seqware-release/io/consonance/consonance-arch/${consonance_version}/consonance-arch-${consonance_version}.jar
+
+# install dockerize 
+ENV DOCKERIZE_VERSION v0.2.0
+
+RUN wget --no-verbose https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
+    && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz
+
+# the web and Consonance config
+COPY config .
+ADD init_provisioner.sh .
+
+RUN git clone https://github.com/ICGC-TCGA-PanCancer/container-host-bag.git  /container-host-bag
+# we need the branch that is compatible with Ansible 2
+RUN (cd /container-host-bag && git checkout develop_2)
+
+RUN chmod u+x init_provisioner.sh
+# TODO: make sure you create these from the .template files and customize them
+RUN mkdir -p /root/.youxia /root/.consonance /root/.consonance/self-installs /root/.ssh
+COPY youxia_config /root/.youxia/config
+COPY config /root/.consonance/config
+COPY key.pem /root/.ssh/key.pem
+RUN chmod 600 /root/.ssh/key.pem
+COPY aws.config /root/.aws/config
+RUN mkdir /consonance_logs && chmod a+rx /consonance_logs
+
+# the Ansible-based setup
+COPY bag_params.json /container-host-bag/example_params.json
+COPY example_tags.json /container-host-bag/example_tags.json
+
+# TODO: 1) update the above to have my AWS creds in it and 2) create the admin user in postgres db
+# Waiting for postgres and rabbitmq services 
+CMD ["dockerize", "-wait", "tcp://webservice:8080", "-timeout", "60s", "./init_provisioner.sh"]

container-admin/Dockerfile_provisioner

@@ -0,0 +1,42 @@
+FROM ubuntu:16.04
+
+# Update the APT cache
+# prepare for Java download
+RUN apt-get update \
+    && apt-get upgrade -y \
+    && apt-get install -y \
+    python-software-properties \
+    software-properties-common \
+    telnet \
+    && apt-get clean
+
+# grab oracle java (auto accept licence)
+RUN add-apt-repository -y ppa:webupd8team/java \
+    && apt-get update \
+    && echo oracle-java8-installer shared/accepted-oracle-license-v1-1 select true | /usr/bin/debconf-set-selections \
+    && apt-get install -y oracle-java8-installer
+
+# install Consonance services
+ENV consonance_version=2.0-alpha.9
+
+RUN wget --no-verbose https://seqwaremaven.oicr.on.ca/artifactory/seqware-release/io/consonance/consonance-webservice/${consonance_version}/consonance-webservice-${consonance_version}.jar
+
+# install dockerize 
+ENV DOCKERIZE_VERSION v0.2.0
+
+RUN wget --no-verbose https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \
+    && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz
+
+# the web and Consonance config
+COPY config .
+COPY web.yml .
+ADD init_webservice.sh .
+
+RUN chmod u+x init_webservice.sh
+# TODO: make sure you create these from the .template files and customize them
+COPY config /root/.consonance/config
+RUN mkdir /consonance_logs && chmod a+rx /consonance_logs
+
+# TODO: 1) update the above to have my AWS creds in it and 2) create the admin user in postgres db
+# Waiting for postgres and rabbitmq services 
+CMD ["dockerize", "-wait", "tcp://postgres:5432", "-wait", "tcp://rabbitmq:5672", "-timeout", "60s", "./init_webservice.sh"]

container-admin/Dockerfile_webservice

@@ -1,6 +1,6 @@
 ## Prereqs
 
-Install [docker-compose](https://docs.docker.com/compose/install/) on a Ubuntu 14.04+ VM and it's dependencies.
+Install [docker-compose](https://docs.docker.com/compose/install/) on a Ubuntu 16.04+ VM and it's dependencies.
 
 **NOTE:** this isn't production ready, there is some manual config you need to do. Read all the directions below before running.
 
@@ -10,72 +10,35 @@ Install [docker-compose](https://docs.docker.com/compose/install/) on a Ubuntu 1
 
 To run the webservice and command-line tools (still a work in progress, the ip address for swagger and other app level issues persist)
 
-    docker-compose build
-    docker-compose up
+    bash install_bootstrap
 
-**NOTE:** this `docker-compose up` currently isn't working since you need to do some manual configuration before you can start the daemons. See the next section.
+You can exit and re-enter via:
+
+    exit
+    docker-compose run client
+
+**NOTE:** The Bash install_bootstrap script depends on Ubuntu 16.04 but sets up the templates required to run `docker-compose up` if needed. 
 
 ## Developing
 
-Create these files from templates:
+The following files are created from templates by the install script:
 
 * youxia_config -> need to update aws key and various settings
 * config -> not much to do
 * key.pem -> need your AWS SSH key
 * aws.config -> need your AWS API keys
 * *the above files won’t be checked in due to the .gitignore policy*
 
-Build with
-
-    docker-compose build
-
-Start with
-
-    docker-compose run admin bash
-
-Now, inside the admin container you just launched:
-
-Start the webservice in the container
-
-    nohup java -jar consonance-webservice-*.jar server web.yml &> web.log &
-
-You need to create the database, password is postgres (unless you changed it)
-
-    psql -h postgres -U postgres -W postgres
-    > insert into consonance_user(user_id, admin, hashed_password, name) VALUES (1,true,'8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918','admin@admin.com');
-
-Customize `/container-host-bag/example_params.json`, specifically, you need to add your aws keys.  You might also want to customize `/container-host-bag/example_tags.json`.
-
-Start the two daemons
-
-    nohup java -cp consonance-arch-*.jar io.consonance.arch.coordinator.Coordinator --config config --endless &> coordinator.log &
-    nohup java -cp consonance-arch-*.jar io.consonance.arch.containerProvisioner.ContainerProvisionerThreads --config config --endless &> provisioner.log &
-
 Now, you should have your webservice running on port 8080, you can monitor rabbitmq on port 15672.
 
 You are now ready to submit some work (from within the admin docker container).
 
-    # get a sample CWL and JSON param file
-    wget https://raw.githubusercontent.com/briandoconnor/dockstore-tool-bamstats/develop/Dockstore.cwl
-    wget https://raw.githubusercontent.com/briandoconnor/dockstore-tool-bamstats/develop/sample_configs.json
-    export CONSONANCE_ROOT=1
-    consonance run  --flavour m1.xlarge \
-        --image-descriptor Dockstore.cwl \
-        --run-descriptor sample_configs.json
-
-    #    --extra-file /root/.aws/config=/home/ubuntu/.aws/config=false
-
-
-TODO: there's some sort of problem with the admin user getting wiped, need to disable in web.yml
-
-TODO: I need a /root/.aws/config file after all -- DONE
-
-TODO: chmod the key.pem -- DONE
-
-TODO: note about security group ssh to itself
+    consonance run  --flavour m1.xlarge --image-descriptor Dockstore.cwl --run-descriptor sample_configs.json
+    
+Note that you will also need to configure your security group to allow for SSH access between nodes in the security group on public IP addresses.
 
 TODO: how to get Youxia to launch m1.xlarge and have it attach all 4 ephemerial drives, only 1 is attached -- WORKED AROUND
 
-TODO: the ecryptfs setup is using a hard-coded password for now, see lvm/tasks/mount.yml
+NOTE: We make the simplfying assumption that the ip address at eth0 of the launcher is reachable from the children. If it is different (i.e. a public ip address is preferred, modify sample_params.json in /container-host-bag in the provisioner container before launching jobs)
 
-TODO: need to download the latest CLI and depenencies for Dockstore and then write an updated launcher that uses it instead of the CWL launcher from an older release
+Take a look at `/consonance_logs` for daemon and webservice logs in any container

container-admin/README.md

@@ -1,4 +1,4 @@
 [default]
-aws_secret_access_key = FILLMEIN
-aws_access_key_id = FILLMEIN
+aws_secret_access_key = {{ AWS_SECRET_ACCESS_KEY }}
+aws_access_key_id = {{ AWS_ACCESS_KEY_ID }} 
 region = us-east-1

container-admin/aws.config.template

@@ -1,22 +1,22 @@
 {
   "SENSU_SERVER_IP_ADDRESS": "localhost",
   "FLEET_NAME": "fleet_name",
-  "aws_key": "FOOBAR",
-  "aws_secret_key": "FOOBAR",
+  "aws_key": "{{ AWS_ACCESS_KEY_ID }}",
+  "aws_secret_key": "{{ AWS_SECRET_ACCESS_KEY }}",
   "seqware_version": "1.1.1",
   "workflow_name": "HelloWorld",
   "workflows": [
     "Workflow_Bundle_HelloWorld_1.0-SNAPSHOT_SeqWare_1.1.0"
   ],
   "install_workflow": "false",
   "test_workflows": "true",
-  "queueHost": "localhost",
+  "queueHost": "{{ LAUNCHER_IP_ADDRESS }}",
   "queueName": "consonance_arch",
   "queueUser": "guest",
   "queuePassword": "guest",
   "lvm_device_whitelist": "/dev/xvdb",
   "single_node_lvm": true,
-  "consonance_arch_version": "2.0-alpha.6",
+  "consonance_arch_version": "2.0-alpha.9",
   "seqware_engine": "whitestar",
   "seqware_use_custom_settings": false,
   "azure": false