This repository contains the Puppet Module for installing and configuring WSO2 Data Services Server on various environments. It supports multiple versions of WSO2 Data Services Server. Configuration data is managed using Hiera. Hiera provides a mechanism for separating configuration data from Puppet scripts and managing them in a separate set of YAML files in a hierarchical manner.
- Debian 6 or higher
- Ubuntu 12.04 or higher
- Puppet 2.7, 3 or newer
Follow the steps mentioned in the wiki to setup a development environment and update/create new puppet modules.
Copy the following files to their corresponding locations.
- WSO2 Data Services Server distribution (3.5.0) to
<PUPPET_HOME>/modules/wso2dss/files
- JDK 1.7_80 distribution to
<PUPPET_HOME>/modules/wso2base/files
No changes to Hiera data are required to run the default
profile. Copy the above mentioned files to their corresponding locations and apply the Puppet Modules.
No changes to Hiera data are required to run the distributed deployment (manager
, worker
) of WSO2 Data Services Server, other than pointing to the correct resources such as the deployment synchronization and remote DB instances.
-
If the Clustering Membership Scheme is
WKA
, add the Well Known Address list.Ex:
wso2::clustering : enabled: true local_member_host: "%{::ipaddress}" local_member_port: 4000 membership_scheme: wka sub_domain: mgt wka: members: - hostname: 192.168.100.73 port: 4000 - hostname: 192.168.100.74 port: 4000
-
Add external databases to master datasources
Ex:
wso2::master_datasources: wso2_config_db: name: WSO2_CONFIG_DB description: The datasource used for config registry driver_class_name: "%{hiera('wso2::datasources::mysql::driver_class_name')}" url: jdbc:mysql://192.168.100.1:3306/WSO2_CONFIG_DB?autoReconnect=true username: "%{hiera('wso2::datasources::mysql::username')}" password: "%{hiera('wso2::datasources::mysql::password')}" jndi_config: jdbc/WSO2_CONFIG_DB max_active: "%{hiera('wso2::datasources::common::max_active')}" max_wait: "%{hiera('wso2::datasources::common::max_wait')}" test_on_borrow: "%{hiera('wso2::datasources::common::test_on_borrow')}" default_auto_commit: "%{hiera('wso2::datasources::common::default_auto_commit')}" validation_query: "%{hiera('wso2::datasources::mysql::validation_query')}" validation_interval: "%{hiera('wso2::datasources::common::validation_interval')}"
-
Configure registry mounting
Ex:
wso2_config_db: path: /_system/config target_path: /_system/config/dss read_only: false registry_root: / enable_cache: true wso2_gov_db: path: /_system/governance target_path: /_system/governance read_only: false registry_root: / enable_cache: true
-
Configure deployment synchronization
Ex:
wso2::dep_sync: enabled: true auto_checkout: true auto_commit: true repository_type: svn svn: url: http://svnrepo.example.com/repos/ user: username password: password append_tenant_id: true
WSO2 Carbon products may contain sensitive information such as passwords in configuration files. WSO2 Secure Vault provides a solution for securing such information.
Please note that WSO2 Data Services Server 3.5.0 pack doesn't have the Cipher Tool feature installed. If you need to apply Secure Vault, either use Cipher Tool Feature installed DSS pack or install it via puppet by following below steps.
Create a directory named
lib
underfiles/configs
and add theorg.wso2.ciphertool-1.0.0-wso2v3.jar
file to files/configs/lib and add below entries to default.yaml file.wso2::directory_list: - lib wso2::file_list: - lib/org.wso2.ciphertool-1.0.0-wso2v3.jarciphertool.sh, cipher-text.properties and cipher-tool.properties files are added as templates to DSS puppet module.
Uncomment and modify the below changes in Hiera file to apply Secure Vault.
-
Enable Secure Vault
wso2::enable_secure_vault: true
-
Add Secure Vault configurations as below
wso2::secure_vault_configs: <secure_vault_config_name>: secret_alias: <secret_alias> secret_alias_value: <secret_alias_value> password: <password>
Ex:
wso2::secure_vault_configs: key_store_password: secret_alias: Carbon.Security.KeyStore.Password secret_alias_value: repository/conf/carbon.xml//Server/Security/KeyStore/Password,false password: wso2carbon
-
Add Cipher Tool configuration file templates to
template_list
wso2::template_list: - repository/conf/security/cipher-text.properties - repository/conf/security/cipher-tool.properties - bin/ciphertool.sh
Please add the
password-tmp
template also totemplate_list
if thevm_type
is notdocker
when you are running the server indefault
platform.
WSO2 Puppet Module ships Hiera data required to deploy WSO2 Data Services Server on Kubernetes. For more information refer to the documentation on deploying WSO2 products on Kubernetes using WSO2 Puppet Modules.