1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
24 "git.arvados.org/arvados.git/lib/cmd"
25 "git.arvados.org/arvados.git/sdk/go/ctxlog"
29 var Command cmd.Handler = &installCommand{}
31 const goversion = "1.17.7"
35 bundlerversion = "2.2.19"
36 singularityversion = "3.9.9"
38 geckoversion = "0.24.0"
39 gradleversion = "5.3.1"
40 nodejsversion = "v12.22.11"
41 devtestDatabasePassword = "insecure_arvados_test"
42 workbench2version = "5e020488f67b5bc919796e0dc8b0b9f3b3ff23b0"
45 type installCommand struct {
52 func (inst *installCommand) RunCommand(prog string, args []string, stdin io.Reader, stdout, stderr io.Writer) int {
53 logger := ctxlog.New(stderr, "text", "info")
54 ctx := ctxlog.Context(context.Background(), logger)
55 ctx, cancel := context.WithCancel(ctx)
61 logger.WithError(err).Info("exiting")
65 flags := flag.NewFlagSet(prog, flag.ContinueOnError)
66 flags.SetOutput(stderr)
67 versionFlag := flags.Bool("version", false, "Write version information to stdout and exit 0")
68 flags.StringVar(&inst.ClusterType, "type", "production", "cluster `type`: development, test, production, or package")
69 flags.StringVar(&inst.SourcePath, "source", "/arvados", "source tree location (required for -type=package)")
70 flags.StringVar(&inst.PackageVersion, "package-version", "0.0.0", "version string to embed in executable files")
71 flags.BoolVar(&inst.EatMyData, "eatmydata", false, "use eatmydata to speed up install")
73 if ok, code := cmd.ParseFlags(flags, prog, args, "", stderr); !ok {
75 } else if *versionFlag {
76 return cmd.Version.RunCommand(prog, args, stdin, stdout, stderr)
79 var dev, test, prod, pkg bool
80 switch inst.ClusterType {
90 err = fmt.Errorf("invalid cluster type %q (must be 'development', 'test', 'production', or 'package')", inst.ClusterType)
95 err = errors.New("production install is not yet implemented")
99 osv, err := identifyOS()
104 listdir, err := os.Open("/var/lib/apt/lists")
106 logger.Warnf("error while checking whether to run apt-get update: %s", err)
107 } else if names, _ := listdir.Readdirnames(1); len(names) == 0 {
108 // Special case for a base docker image where the
109 // package cache has been deleted and all "apt-get
110 // install" commands will fail unless we fetch repos.
111 cmd := exec.CommandContext(ctx, "apt-get", "update")
121 cmd := exec.CommandContext(ctx, "apt-get", "install", "--yes", "--no-install-recommends", "eatmydata")
122 cmd.Env = append(os.Environ(), "DEBIAN_FRONTEND=noninteractive")
131 pkgs := prodpkgs(osv)
136 "eatmydata", // install it for later steps, even if we're not using it now
140 if dev || test || pkg {
149 "default-jdk-headless",
150 "default-jre-headless",
154 "libcrypt-ssleay-perl",
174 "postgresql-contrib",
177 "python3-virtualenv",
192 pkgs = append(pkgs, "squashfs-tools") // for singularity
193 pkgs = append(pkgs, "gnupg") // for docker install recipe
196 case osv.Debian && osv.Major >= 10:
197 pkgs = append(pkgs, "libcurl4")
199 pkgs = append(pkgs, "libcurl3")
201 cmd := exec.CommandContext(ctx, "apt-get")
203 cmd = exec.CommandContext(ctx, "eatmydata", "apt-get")
205 cmd.Args = append(cmd.Args, "install", "--yes", "--no-install-recommends")
206 cmd.Args = append(cmd.Args, pkgs...)
207 cmd.Env = append(os.Environ(), "DEBIAN_FRONTEND=noninteractive")
217 if havedockerversion, err := exec.Command("docker", "--version").CombinedOutput(); err == nil {
218 logger.Printf("%s installed, assuming that version is ok", bytes.TrimSuffix(havedockerversion, []byte("\n")))
219 } else if osv.Debian {
225 codename = "bullseye"
227 err = fmt.Errorf("don't know how to install docker-ce for debian %d", osv.Major)
231 rm -f /usr/share/keyrings/docker-archive-keyring.gpg
232 curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
233 echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian/ `+codename+` stable' | \
234 tee /etc/apt/sources.list.d/docker.list
236 DEBIAN_FRONTEND=noninteractive apt-get --yes --no-install-recommends install docker-ce
242 err = fmt.Errorf("don't know how to install docker for osversion %v", osv)
247 os.Mkdir("/var/lib/arvados", 0755)
248 os.Mkdir("/var/lib/arvados/tmp", 0700)
250 os.Mkdir("/var/lib/arvados/wwwtmp", 0700)
251 u, er := user.Lookup("www-data")
253 err = fmt.Errorf("user.Lookup(%q): %w", "www-data", er)
256 uid, _ := strconv.Atoi(u.Uid)
257 gid, _ := strconv.Atoi(u.Gid)
258 err = os.Chown("/var/lib/arvados/wwwtmp", uid, gid)
263 rubyversion := "2.7.2"
264 rubymajorversion := rubyversion[:strings.LastIndex(rubyversion, ".")]
265 if haverubyversion, err := exec.Command("/var/lib/arvados/bin/ruby", "-v").CombinedOutput(); err == nil && bytes.HasPrefix(haverubyversion, []byte("ruby "+rubyversion)) {
266 logger.Print("ruby " + rubyversion + " already installed")
270 trap 'rm -r "${tmp}"' ERR EXIT
271 wget --progress=dot:giga -O- https://cache.ruby-lang.org/pub/ruby/`+rubymajorversion+`/ruby-`+rubyversion+`.tar.gz | tar -C "${tmp}" -xzf -
272 cd "${tmp}/ruby-`+rubyversion+`"
273 ./configure --disable-install-static-library --enable-shared --disable-install-doc --prefix /var/lib/arvados
276 /var/lib/arvados/bin/gem install bundler --no-document
284 if havegoversion, err := exec.Command("/usr/local/bin/go", "version").CombinedOutput(); err == nil && bytes.HasPrefix(havegoversion, []byte("go version go"+goversion+" ")) {
285 logger.Print("go " + goversion + " already installed")
289 rm -rf /var/lib/arvados/go/
290 wget --progress=dot:giga -O- https://storage.googleapis.com/golang/go`+goversion+`.linux-amd64.tar.gz | tar -C /var/lib/arvados -xzf -
291 ln -sf /var/lib/arvados/go/bin/* /usr/local/bin/
300 pjsversion := "1.9.8"
301 if havepjsversion, err := exec.Command("/usr/local/bin/phantomjs", "--version").CombinedOutput(); err == nil && string(havepjsversion) == "1.9.8\n" {
302 logger.Print("phantomjs " + pjsversion + " already installed")
305 PJS=phantomjs-`+pjsversion+`-linux-x86_64
306 wget --progress=dot:giga -O- https://cache.arvados.org/$PJS.tar.bz2 | tar -C /var/lib/arvados -xjf -
307 ln -sf /var/lib/arvados/$PJS/bin/phantomjs /usr/local/bin/
314 geckoversion := "0.24.0"
315 if havegeckoversion, err := exec.Command("/usr/local/bin/geckodriver", "--version").CombinedOutput(); err == nil && strings.Contains(string(havegeckoversion), " "+geckoversion+" ") {
316 logger.Print("geckodriver " + geckoversion + " already installed")
320 wget --progress=dot:giga -O- https://github.com/mozilla/geckodriver/releases/download/$GD/geckodriver-$GD-linux64.tar.gz | tar -C /var/lib/arvados/bin -xzf - geckodriver
321 ln -sf /var/lib/arvados/bin/geckodriver /usr/local/bin/
328 nodejsversion := "v12.22.2"
329 if havenodejsversion, err := exec.Command("/usr/local/bin/node", "--version").CombinedOutput(); err == nil && string(havenodejsversion) == nodejsversion+"\n" {
330 logger.Print("nodejs " + nodejsversion + " already installed")
333 NJS=`+nodejsversion+`
334 wget --progress=dot:giga -O- https://nodejs.org/dist/${NJS}/node-${NJS}-linux-x64.tar.xz | sudo tar -C /var/lib/arvados -xJf -
335 ln -sf /var/lib/arvados/node-${NJS}-linux-x64/bin/{node,npm} /usr/local/bin/
342 gradleversion := "5.3.1"
343 if havegradleversion, err := exec.Command("/usr/local/bin/gradle", "--version").CombinedOutput(); err == nil && strings.Contains(string(havegradleversion), "Gradle "+gradleversion+"\n") {
344 logger.Print("gradle " + gradleversion + " already installed")
348 zip=/var/lib/arvados/tmp/gradle-${G}-bin.zip
350 wget --progress=dot:giga -O${zip} https://services.gradle.org/distributions/gradle-${G}-bin.zip
351 unzip -o -d /var/lib/arvados ${zip}
352 ln -sf /var/lib/arvados/gradle-${G}/bin/gradle /usr/local/bin/
360 singularityversion := "3.7.4"
361 if havesingularityversion, err := exec.Command("/var/lib/arvados/bin/singularity", "--version").CombinedOutput(); err == nil && strings.Contains(string(havesingularityversion), singularityversion) {
362 logger.Print("singularity " + singularityversion + " already installed")
363 } else if dev || test {
365 S=`+singularityversion+`
366 tmp=/var/lib/arvados/tmp/singularity
367 trap "rm -r ${tmp}" ERR EXIT
368 cd /var/lib/arvados/tmp
369 git clone https://github.com/sylabs/singularity
372 ./mconfig --prefix=/var/lib/arvados
374 make -C ./builddir install
382 install /usr/bin/nsenter /var/lib/arvados/bin/nsenter
383 setcap "cap_sys_admin+pei cap_sys_chroot+pei" /var/lib/arvados/bin/nsenter
389 // The entry in /etc/locale.gen is "en_US.UTF-8"; once
390 // it's installed, locale -a reports it as
392 wantlocale := "en_US.UTF-8"
393 if havelocales, err := exec.Command("locale", "-a").CombinedOutput(); err == nil && bytes.Contains(havelocales, []byte(strings.Replace(wantlocale+"\n", "UTF-", "utf", 1))) {
394 logger.Print("locale " + wantlocale + " already installed")
396 err = inst.runBash(`sed -i 's/^# *\(`+wantlocale+`\)/\1/' /etc/locale.gen && locale-gen`, stdout, stderr)
411 if pgLsclusters, err2 := exec.Command("pg_lsclusters", "--no-header").CombinedOutput(); err2 != nil {
412 err = fmt.Errorf("pg_lsclusters: %s", err2)
414 } else if pgclusters := strings.Split(strings.TrimSpace(string(pgLsclusters)), "\n"); len(pgclusters) != 1 {
415 logger.Warnf("pg_lsclusters returned %d postgresql clusters -- skipping postgresql initdb/startup, hope that's ok", len(pgclusters))
416 } else if _, err = fmt.Sscanf(pgclusters[0], "%s %s %d %s %s %s %s", &pgc.Version, &pgc.Cluster, &pgc.Port, &pgc.Status, &pgc.Owner, &pgc.DataDirectory, &pgc.LogFile); err != nil {
417 err = fmt.Errorf("error parsing pg_lsclusters output: %s", err)
419 } else if pgc.Status == "online" {
420 logger.Infof("postgresql cluster %s-%s is online", pgc.Version, pgc.Cluster)
422 logger.Infof("postgresql cluster %s-%s is %s; trying to start", pgc.Version, pgc.Cluster, pgc.Status)
423 cmd := exec.Command("pg_ctlcluster", "--foreground", pgc.Version, pgc.Cluster, "start")
431 cmd.Process.Signal(syscall.SIGTERM)
432 logger.Info("sent SIGTERM; waiting for postgres to shut down")
435 err = waitPostgreSQLReady()
441 if os.Getpid() == 1 {
442 // We are the init process (presumably in a
443 // docker container) so although postgresql is
444 // installed, it's not running, and initdb
445 // might never have been run.
448 var needcoll []string
449 // If the en_US.UTF-8 locale wasn't installed when
450 // postgresql initdb ran, it needs to be added
451 // explicitly before we can use it in our test suite.
452 for _, collname := range []string{"en_US", "en_US.UTF-8"} {
453 cmd := exec.Command("sudo", "-u", "postgres", "psql", "-t", "-c", "SELECT 1 FROM pg_catalog.pg_collation WHERE collname='"+collname+"' AND collcollate IN ('en_US.UTF-8', 'en_US.utf8')")
455 out, err2 := cmd.CombinedOutput()
457 err = fmt.Errorf("error while checking postgresql collations: %s", err2)
460 if strings.Contains(string(out), "1") {
461 logger.Infof("postgresql supports collation %s", collname)
463 needcoll = append(needcoll, collname)
466 if len(needcoll) > 0 && os.Getpid() != 1 {
467 // In order for the CREATE COLLATION statement
468 // below to work, the locale must have existed
469 // when PostgreSQL started up. If we're
470 // running as init, we must have started
471 // PostgreSQL ourselves after installing the
472 // locales. Otherwise, it might need a
473 // restart, so we attempt to restart it with
475 if err = inst.runBash(`sudo systemctl restart postgresql`, stdout, stderr); err != nil {
476 logger.Warn("`systemctl restart postgresql` failed; hoping postgresql does not need to be restarted")
477 } else if err = waitPostgreSQLReady(); err != nil {
481 for _, collname := range needcoll {
482 cmd := exec.Command("sudo", "-u", "postgres", "psql", "-c", "CREATE COLLATION \""+collname+"\" (LOCALE = \"en_US.UTF-8\")")
488 err = fmt.Errorf("error adding postgresql collation %s: %s", collname, err)
493 withstuff := "WITH LOGIN SUPERUSER ENCRYPTED PASSWORD " + pq.QuoteLiteral(devtestDatabasePassword)
494 cmd := exec.Command("sudo", "-u", "postgres", "psql", "-c", "ALTER ROLE arvados "+withstuff)
496 if err := cmd.Run(); err == nil {
497 logger.Print("arvados role exists; superuser privileges added, password updated")
499 cmd := exec.Command("sudo", "-u", "postgres", "psql", "-c", "CREATE ROLE arvados "+withstuff)
511 // Install Rails apps to /var/lib/arvados/{railsapi,workbench1}/
512 for dstdir, srcdir := range map[string]string{
513 "railsapi": "services/api",
514 "workbench1": "apps/workbench",
516 fmt.Fprintf(stderr, "building %s...\n", srcdir)
517 cmd := exec.Command("rsync",
518 "-a", "--no-owner", "--no-group", "--delete-after", "--delete-excluded",
519 "--exclude", "/coverage",
522 "--exclude", "/vendor",
523 "--exclude", "/config/environments",
524 "./", "/var/lib/arvados/"+dstdir+"/")
525 cmd.Dir = filepath.Join(inst.SourcePath, srcdir)
532 for _, cmdline := range [][]string{
533 {"mkdir", "-p", "log", "tmp", ".bundle", "/var/www/.gem", "/var/www/.bundle", "/var/www/.passenger"},
534 {"touch", "log/production.log"},
535 {"chown", "-R", "--from=root", "www-data:www-data", "/var/www/.gem", "/var/www/.bundle", "/var/www/.passenger", "log", "tmp", ".bundle", "Gemfile.lock", "config.ru", "config/environment.rb"},
536 {"sudo", "-u", "www-data", "/var/lib/arvados/bin/gem", "install", "--user", "--conservative", "--no-document", "bundler:2.2.19"},
537 {"sudo", "-u", "www-data", "/var/lib/arvados/bin/bundle", "install", "--deployment", "--jobs", "8", "--path", "/var/www/.gem"},
538 {"sudo", "-u", "www-data", "/var/lib/arvados/bin/bundle", "exec", "passenger-config", "build-native-support"},
539 {"sudo", "-u", "www-data", "/var/lib/arvados/bin/bundle", "exec", "passenger-config", "install-standalone-runtime"},
541 cmd = exec.Command(cmdline[0], cmdline[1:]...)
542 cmd.Dir = "/var/lib/arvados/" + dstdir
545 fmt.Fprintf(stderr, "... %s\n", cmd.Args)
551 cmd = exec.Command("sudo", "-u", "www-data", "/var/lib/arvados/bin/bundle", "exec", "passenger-config", "validate-install")
552 cmd.Dir = "/var/lib/arvados/" + dstdir
556 if err != nil && !strings.Contains(err.Error(), "exit status 2") {
557 // Exit code 2 indicates there were warnings (like
558 // "other passenger installations have been detected",
559 // which we can't expect to avoid) but no errors.
560 // Other non-zero exit codes (1, 9) indicate errors.
565 // Install Go programs to /var/lib/arvados/bin/
566 for _, srcdir := range []string{
567 "cmd/arvados-client",
568 "cmd/arvados-server",
569 "services/arv-git-httpd",
570 "services/crunch-dispatch-local",
571 "services/crunch-dispatch-slurm",
573 "services/keep-balance",
575 "services/keepproxy",
576 "services/keepstore",
579 fmt.Fprintf(stderr, "building %s...\n", srcdir)
580 cmd := exec.Command("go", "install", "-ldflags", "-X git.arvados.org/arvados.git/lib/cmd.version="+inst.PackageVersion+" -X main.version="+inst.PackageVersion)
581 cmd.Env = append(cmd.Env, os.Environ()...)
582 cmd.Env = append(cmd.Env, "GOBIN=/var/lib/arvados/bin")
583 cmd.Dir = filepath.Join(inst.SourcePath, srcdir)
592 // Copy assets from source tree to /var/lib/arvados/share
593 cmd := exec.Command("install", "-v", "-t", "/var/lib/arvados/share", filepath.Join(inst.SourcePath, "sdk/python/tests/nginx.conf"))
605 type osversion struct {
612 func identifyOS() (osversion, error) {
614 f, err := os.Open("/etc/os-release")
620 kv := map[string]string{}
621 scanner := bufio.NewScanner(f)
623 line := strings.TrimSpace(scanner.Text())
624 if strings.HasPrefix(line, "#") {
627 toks := strings.SplitN(line, "=", 2)
629 return osv, fmt.Errorf("invalid line in /etc/os-release: %q", line)
632 v := strings.Trim(toks[1], `"`)
634 v = strings.Trim(v, `'`)
638 if err = scanner.Err(); err != nil {
649 return osv, fmt.Errorf("unsupported ID in /etc/os-release: %q", kv["ID"])
651 vstr := kv["VERSION_ID"]
652 if i := strings.Index(vstr, "."); i > 0 {
655 osv.Major, err = strconv.Atoi(vstr)
657 return osv, fmt.Errorf("incomprehensible VERSION_ID in /etc/os-release: %q", kv["VERSION_ID"])
662 func waitPostgreSQLReady() error {
663 for deadline := time.Now().Add(10 * time.Second); ; {
664 output, err := exec.Command("pg_isready").CombinedOutput()
667 } else if time.Now().After(deadline) {
668 return fmt.Errorf("timed out waiting for pg_isready (%q)", output)
670 time.Sleep(time.Second)
675 func (inst *installCommand) runBash(script string, stdout, stderr io.Writer) error {
676 cmd := exec.Command("bash", "-")
678 cmd = exec.Command("eatmydata", "bash", "-")
680 cmd.Stdin = bytes.NewBufferString("set -ex -o pipefail\n" + script)
686 func prodpkgs(osv osversion) []string {
701 if osv.Debian || osv.Ubuntu {
702 if osv.Debian && osv.Major == 8 {
703 pkgs = append(pkgs, "libgnutls-deb0-28") // sdk/cwl
704 } else if osv.Debian && osv.Major >= 10 || osv.Ubuntu && osv.Major >= 16 {
705 pkgs = append(pkgs, "python3-distutils") // sdk/cwl
709 "libcurl4-openssl-dev", // services/api
711 "libpython2.7", // services/fuse
712 "mime-support", // keep-web
713 "zlib1g-dev", // services/api
715 } else if osv.Centos {
717 "fuse-libs", // services/fuse
720 "libcurl-devel", // services/api
721 "mailcap", // keep-web
722 "postgresql-devel", // services/api
725 panic("os version not supported")
729 func ProductionDependencies() ([]string, error) {
730 osv, err := identifyOS()
734 return prodpkgs(osv), nil