Skip to content

Build and Deploy StackV Containers : Complete Guide

Jump to bottom
xi-yang edited this page May 31, 2017 · 1 revision

Install and run Docker

  1. Install docker

yum install -y docker

  1. Start docker service

systemctl enable docker && systemctl start docker

Deploy Wildfly Container from Docker Hub image

  1. Pull StackV image

docker pull mail2xiyang/stackv

  1. Run StackV container

docker run -p8443:8443 -p 8080:8080 -d -t -e KEYCLOAK=k152.maxgigapop.net mail2xiyang/stackv

Note: -e KEYCLOAK provides the env variable to point to designated Keycloak SSO server.

Note: Use -p 127.0.0.1::8080 to bind the HTTP port to localhost so external users can only access via HTTPS port: 8443.

Note: Use -p 127.0.0.1::9990 -p 9993:9993 or -p 9090:9990 -p 9993:9993 to export HTTPS (and HTTP) ports of management console.

Tweaks at run

  1. Run with provided SSL keystore for Wildfly

docker run -p8443:8443 -p 8080:8080 -d -t -e KEYSTORE=/config/wildfly.jks -v /host/path:/config mail2xiyang/stackv

Note: -e KEYSTORE provides the env variable to point to the keystore file that serves the SSL key/cert for your Wildfly/StackV server.

Note: Suppose your store the provided keystore file at /host/path/wildfly.jks. The docker run -v /host/path:/config option binds the /host/path/ to the /config/ path inside the container so that /config/wildfly.jks becomes available for the deployment. (In case selinux causes permission issue, run chcon -Rt svirt_sandbox_file_t /host/path)

  1. Trust a specific SSL CA cert for Keycloak

docker run -p8443:8443 -p 8080:8080 -d -t -e TRUSTCERT=/config/keycloak-export.crt -v /host/path:/config mail2xiyang/stackv

Note: -e TRUSTCERT provides the env variable to point to SSL CA cert of the Keycloak server for your StackV in case the Keycloak SSL cert has an uncommon CA or is self-signed.

Note: Suppose the provided CA cert file is at /host/path/keycloak-export.crt. The docker run -v /host/path:/config option binds the /host/path/ to the /config/ path inside the container so that /config/keycloak-export.crt becomes available for the deployment.

  1. Peek into the running container

docker ps

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS              PORTS                              NAMES
cdd2bba853c7        mail2xiyang/stackv:latest   "/bin/bash /bin/entry"   10 minutes ago      Up 10 minutes       8080/tcp, 0.0.0.0:8443->8443/tcp   hungry_booth

docker exec -it cdd2bba853c7 bash

  1. Run admin scripts

restart-persist.sh is a script to restart wildfly service without 'drop-and-create' of rainsdb. In other words, StackV databases will be persisted through the restart. This is useful for applying some manual configuration changes and restart while keeping all past and current operation states.

Run from host docker exec cdd2bba853c7 restart-persist.sh

To add an admin user for management console, run from inside the container

/opt/jboss/wildfly/bin/add-user.sh

You may also add admin user when starting the container by passing env variables -e ADMIN_USER=admin -e ADMIN_PASSWORD=password.

  1. Persist database to host

The below example run will start docker that binds internal mysql database volume /var/lib/mysql to host path /data/mysql. This will persist the database beyond life-cycle of a single stackv container.

docker run -p443:8443 -d -t -e KEYCLOAK=k153.maxgigapop.net -e KEYSTORE=/config/wildfly.jks -v /data/wildfly:/config -v /data/mysql:/var/lib/mysql --name stackv -d -t stackv

Note: use docker run -e PERSISTED=true to keep StackV databases from previous container run(s).
Note: /data/wildfly must permit write by uid=27 (mysql).

Instead of Docker Hub, build your StackV image from source

  1. Get StackV source (use M8 branch for now)

cd $STACKV_HOME

  1. Build maven project with 'deploy-nuke' profile

mvn clean install -DskipTests -Pdeploy-nuke

  1. Build StackV image to local repository

docker build -f ./StackV-ear/src/main/docker/Dockerfile -t stackv .

  1. Run StackV container

docker run -p8443:8443 -p 8080:8080 -d -t -e KEYCLOAK=k152.maxgigapop.net stackv

Deploy Keycloak Container from Docker Hub image

  1. Pull StackV image

docker pull mail2xiyang/keycloak

  1. Run StackV container

docker run -p8543:8543 -d -t mail2xiyang/keycloak

Note: Use provided SSL keystore via -e KEYSTORE=/config/keycalok.jks -v /host/path:/config option. (In case selinux causes permission issue, run chcon -Rt svirt_sandbox_file_t /host/path) ) Note: To add a keycloak admin user, run either from host or inside the container

docker exec 9472dbebe2d3 add-user.sh -u admin -p password
docker exec 9472dbebe2d3 restart-keycloak.sh

You may also add admin user when starting the container by passing env variables to docker run

-e ADMIN_USER=admin -e ADMIN_PASSWORD=password.

Instead of Docker Hub, build your StackV image from source

  1. Get StackV source (use M8 branch for now)

cd $STACKV_HOME/StackV-ear/src/main/docker/Keycloak

  1. Build StackV image to local repository

docker build -f Dockerfile -t keycloak .

Clone this wiki locally