Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

7980 enhanced dsd #8915

Merged
merged 17 commits into from
Jan 24, 2023
Merged

7980 enhanced dsd #8915

merged 17 commits into from
Jan 24, 2023

Conversation

poikilotherm
Copy link
Contributor

@poikilotherm poikilotherm commented Aug 11, 2022

What this PR does / why we need it:
Create real defaults for the database connection, enable configuring advanced settings, add docs.

Which issue(s) this PR closes:

Closes #7980

Special notes for your reviewer:

Suggestions on how to test this:

  1. Remove the properties from domain.xml. Should still work (if you had used the defaults in there)
  2. Try setting the JDBC logging to enabled via system property: asadmin create-system-properties "dataverse.db.log-jdbc-calls=true"

Does this PR introduce a user interface change? If mockups are available, please link/include them here:
Nope.

Is there a release notes update needed for this change?:
🔋 included.

Additional documentation:
None.

…IG. IQSS#7980

Previously, with Dataverse software 5.3, the option to configure
the database connection has been moved into the codebase. Admins
can set details via MicroProfile Config.

With updating to Payara 5.2021.4, we can provide default values
for the connection details. Before, this had been tried with adding
them to META-INF/microprofile-config.properties. However, this is
not possible due to the timing of resource creation in the application
server vs. reading the properties file.

IQSS#7980
As requested by @pdurbin, the long list was quite overwhelming.
It's now damped down to 12 options in 3 subsubsections of the docs.
The avoid hacky parameter additions via the database name,
this commit adds support for adding parameters to the
JDBC URL. It defaults to empty (no parameters).
With the addition of the advanced (but proprietary, Payara-only) settings
for database connection monitoring, the non-present default for connection
validation triggered unnecessary log clutter. Adding an empty default
makes these go away and is inline with the default of Payara.
@coveralls
Copy link

coveralls commented Aug 11, 2022

Coverage Status

Coverage: 19.997%. Remained the same when pulling 8106ddf on poikilotherm:7980-enhanced-dsd into f63f0e8 on IQSS:develop.

@mreekie
Copy link

mreekie commented Jan 4, 2023

sizing: Waiting on Oliver input. He is out today.

@mreekie
Copy link

mreekie commented Jan 5, 2023

Phil is going to talk with Oliver to see if this can be lowered in priority in the community column

@pdurbin pdurbin self-assigned this Jan 5, 2023
@poikilotherm
Copy link
Contributor Author

poikilotherm commented Jan 6, 2023

I've just merged latest develop. This is a more or less trivial change, as there isn't much to test. The functionality is provided by Payara, so IMHO there is no point in testing that. One might test setting a setting, but at this point IMHO we should be confident enough that Payara handles these variable replacements well.

That said, yes, it may move down the column. I have no urgent business requiring this ATM.

@pdurbin
Copy link
Member

pdurbin commented Jan 6, 2023

That said, yes, it may move down the column. I have no urgent business requiring this ATM.

You know what? Based on comments by @landreev and @donsizemore in the issue regarding the usefulness of sslmode=require I'm fine with keeping this where it is priority-wise. I'll throw a 3 on it for size. I hope that's big enough.

By the way, there's a failing test but I suspect it's unrelated:

java.lang.AssertionError: 
Expected status code <200> doesn't match actual status code <403>.

	at edu.harvard.iq.dataverse.api.FilesIT.test_008_ReplaceFileAlreadyDeleted(FilesIT.java:846)

@pdurbin pdurbin added the User Role: Sysadmin Installs, upgrades, and configures the system, connects via ssh label Jan 6, 2023
@pdurbin pdurbin added the Size: 3 A percentage of a sprint. 2.1 hours. label Jan 6, 2023
@pdurbin pdurbin removed their assignment Jan 6, 2023
@mreekie
Copy link

mreekie commented Jan 9, 2023

Pdurbin reviewed and sized. Moving to sprint ready column.

Copy link
Member

@pdurbin pdurbin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.

The most immediate real world use case for this PR seems to be sslmode=require (see the issue this PR closes) so I mentioned this in the docs.

I did some cursory testing but didn't test the new default database name and user (both "dataverse") though I left a comment about how we could probably test this.

I love the new rst table format, by the way. Seems much easier than keeping the correct number of spaces here or there!

@@ -263,6 +263,153 @@ As for the "Remote only" authentication mode, it means that:
- ``:DefaultAuthProvider`` has been set to use the desired authentication provider
- The "builtin" authentication provider has been disabled (:ref:`api-toggle-auth-provider`). Note that disabling the "builtin" authentication provider means that the API endpoint for converting an account from a remote auth provider will not work. Converting directly from one remote authentication provider to another (i.e. from GitHub to Google) is not supported. Conversion from remote is always to "builtin". Then the user initiates a conversion from "builtin" to remote. Note that longer term, the plan is to permit multiple login options to the same Dataverse installation account per https://github.com/IQSS/dataverse/issues/3487 (so all this talk of conversion will be moot) but for now users can only use a single login option, as explained in the :doc:`/user/account` section of the User Guide. In short, "remote only" might work for you if you only plan to use a single remote authentication provider such that no conversion between remote authentication providers will be necessary.



Database Persistence
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The docs are great but I wonder if they should be moved to "Advanced Installation" because the default database setup works fine and the list of steps before "going live" is getting longer and longer. We can defer this doc change for now. I created a dedicated issue for later:

* - dataverse.db.parameters
- Connection parameters, see `Postgres JDBC docs <https://jdbc.postgresql.org/documentation/head/connect.html>`_
Note: you don't need to provide the initial "?".
- *Empty string*
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried putting the following in domain.xml...

<jvm-options>-Ddataverse.db.parameters=sslmode=require</jvm-options>

... and it seems to have worked. Dataverse failed to deploy and I get errors like this in server.log:

Connection could not be allocated because: The server does not support SSL.

Error in allocating a connection. Cause: Connection could not be allocated because: The server does not support SSL.

Exception while invoking class org.glassfish.ejb.startup.EjbApplication start method
javax.ejb.EJBException: javax.ejb.CreateException: Initialization failed for Singleton StartupFlywayMigrator
...
Caused by: org.flywaydb.core.internal.exception.FlywaySqlException: Unable to obtain connection from database: Error in allocating a connection. Cause: Connection could not be allocated because: The server does not support SSL.

SQL State : null
Error Code : 0
Message : Error in allocating a connection. Cause: Connection could not be allocated because: The server does not support SSL.

Comment on lines +309 to +321
* - dataverse.db.user
- The PostgreSQL user name to connect with.
- | ``dataverse``
| (installer sets to ``dvnapp``)
* - dataverse.db.password
- The PostgreSQL users password to connect with.

**Please note the safety advisory above.**
- *No default*
* - dataverse.db.name
- The PostgreSQL database name to use for the Dataverse installation.
- | ``dataverse``
| (installer sets to ``dvndb``)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure how to see that the default database user and database are "dataverse".

To deploy this branch I used scripts/dev/dev-rebuild.sh which has the names the installer uses hard coded:

DB_NAME=dvndb
DB_USER=dvnapp

I guess I could try changing that script to this...

DB_NAME=dataverse
DB_USER=dataverse

... and then deleting these lines from domain.xml:

  <system-property name="dataverse.db.user" value="dvnapp"></system-property>
  <system-property name="dataverse.db.name" value="dvndb"></system-property>

That is, without these system properties configured, it sounds like the default database user and database name will be "dataverse".

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. Sorry, but for container environments it really is common practice to use the application name for the database name. As the installer sets this explicitly for any installation out there, folks should be fine.

@pdurbin pdurbin removed their assignment Jan 17, 2023
@kcondon kcondon self-assigned this Jan 23, 2023
@kcondon
Copy link
Contributor

kcondon commented Jan 23, 2023

@poikilotherm Can you refresh from develop? Getting flyway errors on deployment. Thanks!

@pdurbin
Copy link
Member

pdurbin commented Jan 23, 2023

@kcondon done! Refreshed! Ahhh.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Size: 3 A percentage of a sprint. 2.1 hours. User Role: Sysadmin Installs, upgrades, and configures the system, connects via ssh
Projects
Status: No status
Status: Ready
Development

Successfully merging this pull request may close these issues.

DB connection: defaults and more options
5 participants