diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index e99abca44..000000000 --- a/Jenkinsfile +++ /dev/null @@ -1,122 +0,0 @@ -pipeline { - - agent any - - tools { - jdk "JDK17" - maven "MAVEN3.9" - } - - environment { - NEXUS_VERSION = "nexus3" - NEXUS_PROTOCOL = "http" - NEXUS_URL = "172.31.40.209:8081" - NEXUS_REPOSITORY = "vprofile-release" - NEXUS_REPO_ID = "vprofile-release" - NEXUS_CREDENTIAL_ID = "nexuslogin" - ARTVERSION = "${env.BUILD_ID}" - } - - stages{ - - stage('BUILD'){ - steps { - sh 'mvn clean install -DskipTests' - } - post { - success { - echo 'Now Archiving...' - archiveArtifacts artifacts: '**/target/*.war' - } - } - } - - stage('UNIT TEST'){ - steps { - sh 'mvn test' - } - } - - stage('INTEGRATION TEST'){ - steps { - sh 'mvn verify -DskipUnitTests' - } - } - - stage ('CODE ANALYSIS WITH CHECKSTYLE'){ - steps { - sh 'mvn checkstyle:checkstyle' - } - post { - success { - echo 'Generated Analysis Result' - } - } - } - - stage('CODE ANALYSIS with SONARQUBE') { - - environment { - scannerHome = tool 'sonarscanner4' - } - - steps { - withSonarQubeEnv('sonar-pro') { - sh '''${scannerHome}/bin/sonar-scanner -Dsonar.projectKey=vprofile \ - -Dsonar.projectName=vprofile-repo \ - -Dsonar.projectVersion=1.0 \ - -Dsonar.sources=src/ \ - -Dsonar.java.binaries=target/test-classes/com/visualpathit/account/controllerTest/ \ - -Dsonar.junit.reportsPath=target/surefire-reports/ \ - -Dsonar.jacoco.reportsPath=target/jacoco.exec \ - -Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml''' - } - - timeout(time: 10, unit: 'MINUTES') { - waitForQualityGate abortPipeline: true - } - } - } - - stage("Publish to Nexus Repository Manager") { - steps { - script { - pom = readMavenPom file: "pom.xml"; - filesByGlob = findFiles(glob: "target/*.${pom.packaging}"); - echo "${filesByGlob[0].name} ${filesByGlob[0].path} ${filesByGlob[0].directory} ${filesByGlob[0].length} ${filesByGlob[0].lastModified}" - artifactPath = filesByGlob[0].path; - artifactExists = fileExists artifactPath; - if(artifactExists) { - echo "*** File: ${artifactPath}, group: ${pom.groupId}, packaging: ${pom.packaging}, version ${pom.version} ARTVERSION"; - nexusArtifactUploader( - nexusVersion: NEXUS_VERSION, - protocol: NEXUS_PROTOCOL, - nexusUrl: NEXUS_URL, - groupId: pom.groupId, - version: ARTVERSION, - repository: NEXUS_REPOSITORY, - credentialsId: NEXUS_CREDENTIAL_ID, - artifacts: [ - [artifactId: pom.artifactId, - classifier: '', - file: artifactPath, - type: pom.packaging], - [artifactId: pom.artifactId, - classifier: '', - file: "pom.xml", - type: "pom"] - ] - ); - } - else { - error "*** File: ${artifactPath}, could not be found"; - } - } - } - } - - - } - - -} diff --git a/VPC.sh b/VPC.sh new file mode 100644 index 000000000..62a7b713a --- /dev/null +++ b/VPC.sh @@ -0,0 +1,202 @@ +#!/bin/bash +set -e + +# ============================================================ +# VPC ON GCP – FULLY AUTOMATED & PRODUCTION READY +# ============================================================ + +# ──────────────────────────────── +# 1. STUDENT CONFIGURATION SECTION (ONLY EDIT HERE) +# ──────────────────────────────── +PROJECT_ID="" # Your GCP project ID +REGION="us-central1" # Region for all resources +ZONE="${REGION}-a" # Zone (derived from region) + +APP_NAME="vprofile" # Application name +DOMAIN="" # Your real domain for SSL +SUBDOMAIN="vprogcp" # Final public URL: vprogcp.hkhinfotek.xyz + +MY_IP="0.0.0.0/0" # Auto-detect current public IP for bastion access +SSH_KEY="" # Your SSH public key for bastion access +DB_PASSWORD="GcpVproSqlAdmin9040" # Cloud SQL root password +# ──────────────────────────────── +# 2. CLEAN & CONSISTENT NAMING (DO NOT CHANGE) +# ──────────────────────────────── +VPC="vprofile-vpc" + +PUB_SUBNET_01="public-01" +PUB_SUBNET_02="public-02" +PRIV_SUBNET_01="private-01" +PRIV_SUBNET_02="private-02" + +ROUTER="vprofile-router" +NAT="vprofile-nat" + +BASTION="bastion" +DB="vprofile-db" +MEMCACHE="vprofile-memcache" +GOLDEN="vprofile-golden" +SNAPSHOT="vprofile-snapshot" +IMAGE="vprofile-image" + +TEMPLATE="vprofile-template" +MIG="vprofile-mig" +HEALTH_CHECK="vprofile-hc" +BACKEND="vprofile-backend" +URL_MAP="vprofile-urlmap" +HTTP_PROXY="vprofile-http-proxy" +HTTPS_PROXY="vprofile-https-proxy" +LB_IP="vprofile-lb-ip" + +HTTP_LB="vprofile-http-lb" +HTTPS_LB="vprofile-https-lb" + +PRIVATE_ZONE="vprofile-private" +PRIVATE_DNS="vprofile.internal" + +TAG_BASTION="bastion" +TAG_APP="app" + +# ============================================================ +# DEPLOYMENT BEGINS +# ============================================================ + +echo "Starting VProfile deployment in project: $PROJECT_ID" +gcloud config set project "$PROJECT_ID" --quiet + +# ──────────────────────────────────────────────────────────────── +# Enable all required GCP APIs +# ──────────────────────────────────────────────────────────────── +echo "Enabling required GCP APIs" +gcloud services enable \ + compute.googleapis.com \ + dns.googleapis.com \ + sqladmin.googleapis.com \ + sql-component.googleapis.com \ + memcache.googleapis.com \ + certificatemanager.googleapis.com \ + servicenetworking.googleapis.com \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 1. Create custom VPC +# ──────────────────────────────────────────────────────────────── +echo "Creating custom VPC network $VPC" +gcloud compute networks create "$VPC" \ + --subnet-mode=custom \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 2. Create public and private subnets +# ──────────────────────────────────────────────────────────────── +echo "Creating public subnet $PUB_SUBNET_01" +gcloud compute networks subnets create "$PUB_SUBNET_01" \ + --network="$VPC" \ + --region="$REGION" \ + --range=172.20.1.0/24 \ + --quiet + +echo "Creating public subnet $PUB_SUBNET_02" +gcloud compute networks subnets create "$PUB_SUBNET_02" \ + --network="$VPC" \ + --region="$REGION" \ + --range=172.20.2.0/24 \ + --quiet + +echo "Creating private subnet $PRIV_SUBNET_01" +gcloud compute networks subnets create "$PRIV_SUBNET_01" \ + --network="$VPC" \ + --region="$REGION" \ + --range=172.20.3.0/24 \ + --quiet + +echo "Creating private subnet $PRIV_SUBNET_02" +gcloud compute networks subnets create "$PRIV_SUBNET_02" \ + --network="$VPC" \ + --region="$REGION" \ + --range=172.20.4.0/24 \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 3. Create Cloud Router and Cloud NAT (for private subnet outbound) +# ──────────────────────────────────────────────────────────────── +echo "Creating Cloud Router $ROUTER" +gcloud compute routers create "$ROUTER" \ + --network="$VPC" \ + --region="$REGION" \ + --quiet + +echo "Creating Cloud NAT $NAT" +gcloud compute routers nats create "$NAT" \ + --router="$ROUTER" \ + --region="$REGION" \ + --auto-allocate-nat-external-ips \ + --nat-all-subnet-ip-ranges \ + --enable-logging \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 4. Firewall: Allow SSH from your IP to bastion +# ──────────────────────────────────────────────────────────────── +echo "Creating firewall rule allow-ssh-internet for bastion SSH" +gcloud compute firewall-rules create allow-ssh-internet \ + --network="$VPC" \ + --allow=tcp:22 \ + --source-ranges="$MY_IP" \ + --target-tags="$TAG_BASTION" \ + --direction=INGRESS \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 5. Firewall: Allow SSH from bastion to private app servers +# ──────────────────────────────────────────────────────────────── +echo "Creating firewall rule allow-ssh-bastion for private app SSH" +gcloud compute firewall-rules create allow-ssh-bastion \ + --network="$VPC" \ + --allow=tcp:22 \ + --source-tags="$TAG_BASTION" \ + --target-tags="$TAG_APP" \ + --direction=INGRESS \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 6. Firewall: Allow Load Balancer health checks & traffic to app (port 8080) +# ──────────────────────────────────────────────────────────────── +echo "Creating firewall rule allow-lb-to-app for LB traffic on 8080" +gcloud compute firewall-rules create allow-lb-to-app \ + --network="$VPC" \ + --allow=tcp:8080 \ + --source-ranges=130.211.0.0/22,35.191.0.0/16 \ + --target-tags="$TAG_APP" \ + --direction=INGRESS \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 7. Create bastion host startup script +# ──────────────────────────────────────────────────────────────── +echo "Creating bastion host startup script" +cat << EOF > bastion.sh +#!/bin/bash +set -e +useradd -m -s /bin/bash devops +echo "devops ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/devops +mkdir -p /home/devops/.ssh +echo "$SSH_KEY" > /home/devops/.ssh/authorized_keys +chmod 700 /home/devops/.ssh +chmod 600 /home/devops/.ssh/authorized_keys +chown -R devops:devops /home/devops/.ssh +EOF + +# ──────────────────────────────────────────────────────────────── +# 8. Launch bastion host in public subnet +# ──────────────────────────────────────────────────────────────── +echo "Launching bastion host $BASTION in public subnet" +gcloud compute instances create "$BASTION" \ + --zone="$ZONE" \ + --machine-type=e2-micro \ + --subnet="$PUB_SUBNET_01" \ + --tags="$TAG_BASTION" \ + --image-family=ubuntu-2404-lts-amd64 \ + --image-project=ubuntu-os-cloud \ + --metadata-from-file=startup-script=bastion.sh \ + --quiet diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg deleted file mode 100644 index e9c119cf3..000000000 --- a/ansible/ansible.cfg +++ /dev/null @@ -1,3 +0,0 @@ -[defaults] -host_key_checking = False -timeout = 35 diff --git a/ansible/site.yml b/ansible/site.yml deleted file mode 100644 index 59aebc9bf..000000000 --- a/ansible/site.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- import_playbook: tomcat_setup.yml -- import_playbook: vpro-app-setup.yml - -#### diff --git a/ansible/templates/application.j2 b/ansible/templates/application.j2 deleted file mode 100644 index d930446bb..000000000 --- a/ansible/templates/application.j2 +++ /dev/null @@ -1,25 +0,0 @@ -#JDBC Configutation for Database Connection -jdbc.driverClassName=com.mysql.jdbc.Driver -jdbc.url=jdbc:mysql://dbhost:3306/accounts?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull -jdbc.username=db_user -jdbc.password=db_password - -#Memcached Configuration For Active and StandBy Host -#For Active Host -memcached.active.host=127.0.0.1 -memcached.active.port=11211 -#For StandBy Host -memcached.standBy.host=127.0.0.2 -memcached.standBy.port=11211 - -#RabbitMq Configuration -rabbitmq.address=18.220.62.126 -rabbitmq.port=5672 -rabbitmq.username=test -rabbitmq.password=test - -#Elasticesearch Configuration -elasticsearch.host =192.168.1.85 -elasticsearch.port =9300 -elasticsearch.cluster=vprofile -elasticsearch.node=vprofilenode diff --git a/ansible/templates/epel6-svcfile.j2 b/ansible/templates/epel6-svcfile.j2 deleted file mode 100644 index 379d55164..000000000 --- a/ansible/templates/epel6-svcfile.j2 +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash - -### BEGIN INIT INFO -# Provides: tomcat7 -# Required-Start: $network -# Required-Stop: $network -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Start/Stop Tomcat server -### END INIT INFO - -PATH=/sbin:/bin:/usr/sbin:/usr/bin - -start() { -sh /usr/local/tomcat8/bin/startup.sh -} - -stop() { -sh /usr/local/tomcat8/bin/shutdown.sh -} - -status() { -pid=$(ps -fe | grep '/usr/local/tomcat8' | grep -v grep | tr -s " " | cut -d" " -f2) - if [ -n "$pid" ]; then - echo -e "\e[00;32mTomcat is running with pid: $pid\e[00m" - else - echo -e "\e[00;31mTomcat is not running\e[00m" - fi -} - -case $1 in -start|stop|status) $1;; -restart) stop; start;; -*) echo "Run as $0 "; exit 1;; -esac -exit 0 - - diff --git a/ansible/templates/epel7-svcfile.j2 b/ansible/templates/epel7-svcfile.j2 deleted file mode 100644 index feb317ccd..000000000 --- a/ansible/templates/epel7-svcfile.j2 +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=Tomcat -After=network.target - -[Service] -User=tomcat -WorkingDirectory=/usr/local/tomcat8 -Environment=JRE_HOME=/usr/lib/jvm/jre -Environment=JAVA_HOME=/usr/lib/jvm/jre -Environment=CATALINA_HOME=/usr/local/tomcat8 -Environment=CATALINE_BASE=/usr/local/tomcat8 -ExecStart=/usr/local/tomcat8/bin/catalina.sh run -ExecStop=/usr/local/tomcat8/bin/shutdown.sh -SyslogIdentifier=tomcat-%i - -[Install] -WantedBy=multi-user.target - diff --git a/ansible/templates/ubuntu14_15-svcfile.j2 b/ansible/templates/ubuntu14_15-svcfile.j2 deleted file mode 100644 index 379d55164..000000000 --- a/ansible/templates/ubuntu14_15-svcfile.j2 +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash - -### BEGIN INIT INFO -# Provides: tomcat7 -# Required-Start: $network -# Required-Stop: $network -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Start/Stop Tomcat server -### END INIT INFO - -PATH=/sbin:/bin:/usr/sbin:/usr/bin - -start() { -sh /usr/local/tomcat8/bin/startup.sh -} - -stop() { -sh /usr/local/tomcat8/bin/shutdown.sh -} - -status() { -pid=$(ps -fe | grep '/usr/local/tomcat8' | grep -v grep | tr -s " " | cut -d" " -f2) - if [ -n "$pid" ]; then - echo -e "\e[00;32mTomcat is running with pid: $pid\e[00m" - else - echo -e "\e[00;31mTomcat is not running\e[00m" - fi -} - -case $1 in -start|stop|status) $1;; -restart) stop; start;; -*) echo "Run as $0 "; exit 1;; -esac -exit 0 - - diff --git a/ansible/templates/ubuntu16-svcfile.j2 b/ansible/templates/ubuntu16-svcfile.j2 deleted file mode 100644 index 423b00d60..000000000 --- a/ansible/templates/ubuntu16-svcfile.j2 +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=Tomcat -After=network.target - -[Service] -User=tomcat -WorkingDirectory=/usr/local/tomcat8 -Environment=JRE_HOME=/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre -Environment=JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre -Environment=CATALINA_HOME=/usr/local/tomcat8 -Environment=CATALINE_BASE=/usr/local/tomcat8 -ExecStart=/usr/local/tomcat8/bin/catalina.sh run -ExecStop=/usr/local/tomcat8/bin/shutdown.sh -SyslogIdentifier=tomcat-%i - -[Install] -WantedBy=multi-user.target - diff --git a/ansible/tomcat_setup.yml b/ansible/tomcat_setup.yml deleted file mode 100644 index 66dff8904..000000000 --- a/ansible/tomcat_setup.yml +++ /dev/null @@ -1,113 +0,0 @@ -- name: Common tool setup on all the servers - hosts: appsrvgrp - become: yes - vars: - tom_url: https://archive.apache.org/dist/tomcat/tomcat-8/v8.5.37/bin/apache-tomcat-8.5.37.tar.gz - - tasks: - - name: Install JDK on Centos 6/7 - yum: - name: java-1.8.0-openjdk.x86_64 - state: present - when: ansible_distribution == 'CentOS' - - - name: Install JDK on Ubuntu 14/15/16/18 - apt: - name: openjdk-8-jdk - state: present - update_cache: yes - when: ansible_distribution == 'Ubuntu' - - - name: Download Tomcat Tar Ball/Binaries - get_url: - url: "{{tom_url}}" - dest: /tmp/tomcat-8.tar.gz - - - name: Add tomcat group - group: - name: tomcat - state: present - - - name: Add tomcat user - user: - name: tomcat - group: tomcat - shell: /bin/nologin - home: /usr/local/tomcat8 - - - file: - path: /tmp/tomcat8 - state: directory - - - name: Extract tomcat - unarchive: - src: /tmp/tomcat-8.tar.gz - dest: /tmp/tomcat8/ - remote_src: yes - list_files: yes - register: unarchive_info - - - debug: - msg: "{{unarchive_info.files[0].split('/')[0]}}" - - - name: Synchronize /tmp/tomcat8/tomcat_cont /usr/local/tomcat8. - synchronize: - src: "/tmp/tomcat8/{{unarchive_info.files[0].split('/')[0]}}/" - dest: /usr/local/tomcat8/ - delegate_to: "{{ inventory_hostname }}" - - - name: Change ownership of /usr/local/tomcat8 - file: - path: /usr/local/tomcat8 - owner: tomcat - group: tomcat - recurse: yes - - - name: Setup tomcat SVC file on Centos 7 - template: - src: templates/epel7-svcfile.j2 - dest: /etc/systemd/system/tomcat.service - mode: "a+x" - when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' - - - name: Setup tomcat SVC file on Centos 6 - template: - src: templates/epel6-svcfile.j2 - dest: /etc/init.d/tomcat - mode: "a+x" - when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6' - - - name: Setup tomcat SVC file on ubuntu 14/15 - template: - src: templates/ubuntu14_15-svcfile.j2 - dest: /etc/init.d/tomcat - mode: "a+x" - when: ansible_distribution == 'Ubuntu' and ansible_distribution_major_version < '16' - - - name: Setup tomcat SVC file on ubuntu 16 and 18 - template: - src: templates/ubuntu16-svcfile.j2 - dest: /etc/systemd/system/tomcat.service - mode: "a+x" - when: ansible_distribution == 'Ubuntu' and ansible_distribution_major_version >= '16' - - - name: Reload tomcat svc config in ubuntu 14/15 - command: update-rc.d tomcat defaults - when: ansible_distribution == 'Ubuntu' and ansible_distribution_major_version < '16' - - - name: Reload tomcat svc config in Centos 6 - command: chkconfig --add tomcat - when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6' - - - name: just force systemd to reread configs (2.4 and above) - systemd: - daemon_reload: yes - when: ansible_distribution_major_version > '6' or ansible_distribution_major_version > '15' - - - name: Start & Enable TOmcat 8 - service: - name: tomcat - state: started - enabled: yes - - diff --git a/ansible/vpro-app-setup.yml b/ansible/vpro-app-setup.yml deleted file mode 100644 index 0c3f5d4a5..000000000 --- a/ansible/vpro-app-setup.yml +++ /dev/null @@ -1,105 +0,0 @@ - -- name: Setup Tomcat8 & Deploy Artifact - hosts: appsrvgrp - become: yes - vars: - timestamp: "{{ansible_date_time.date}}_{{ansible_date_time.hour}}_{{ansible_date_time.minute}}" - tasks: - - name: Download latest VProfile.war from nexus - get_url: - url: "http://{{USER}}:{{PASS}}@{{nexusip}}:8081/repository/{{reponame}}/{{groupid}}/{{time}}/{{build}}/{{vprofile_version}}" - dest: "/tmp/vproapp-{{vprofile_version}}" - register: wardeploy - tags: - - deploy - - - stat: - path: /usr/local/tomcat8/webapps/ROOT - register: artifact_stat - tags: - - deploy - - - name: Stop tomcat svc - service: - name: tomcat - state: stopped - tags: - - deploy - - - name: Try Backup and Deploy - block: - - name: Archive ROOT dir with timestamp - archive: - path: /usr/local/tomcat8/webapps/ROOT - dest: "/opt/ROOT_{{timestamp}}.tgz" - when: artifact_stat.stat.exists - register: archive_info - tags: - - deploy - - - name: copy ROOT dir with old_ROOT name - shell: cp -r ROOT old_ROOT - args: - chdir: /usr/local/tomcat8/webapps/ - - - name: Delete current artifact - file: - path: "{{item}}" - state: absent - when: archive_info.changed - loop: - - /usr/local/tomcat8/webapps/ROOT - - /usr/local/tomcat8/webapps/ROOT.war - tags: - - deploy - - - name: Try deploy artifact else restore from previos old_ROOT - block: - - name: Deploy vprofile artifact - copy: - src: "/tmp/vproapp-{{vprofile_version}}" - dest: /usr/local/tomcat8/webapps/ROOT.war - remote_src: yes - register: deploy_info - tags: - - deploy - rescue: - - shell: cp -r old_ROOT ROOT - args: - chdir: /usr/local/tomcat8/webapps/ - - rescue: - - name: Start tomcat svc - service: - name: tomcat - state: started - - - name: Start tomcat svc - service: - name: tomcat - state: started - when: deploy_info.changed - tags: - - deploy - - - name: Wait until ROOT.war is extracted to ROOT directory - wait_for: - path: /usr/local/tomcat8/webapps/ROOT - tags: - - deploy - -# - name: Deploy web configuration file -# template: -# src: templates/application.j2 -# dest: /usr/local/tomcat8/webapps/ROOT/WEB-INF/classes/application.properties -# force: yes -# notify: -# - Restart Tomcat -# tags: -# - deploy - - handlers: - - name: Restart Tomcat - service: - name: tomcat - state: restarted diff --git a/backend.sh b/backend.sh new file mode 100644 index 000000000..416627c7d --- /dev/null +++ b/backend.sh @@ -0,0 +1,134 @@ +#!/bin/bash +set -e + +# ============================================================ +# VPROFILE BACKEND ON GCP +# ============================================================ + +# ──────────────────────────────── +# 1. STUDENT CONFIGURATION SECTION (ONLY EDIT HERE) +# ──────────────────────────────── +PROJECT_ID="" # Your GCP project ID +REGION="us-central1" # Region for all resources +ZONE="${REGION}-a" # Zone (derived from region) + +APP_NAME="vprofile" # Application name +DOMAIN="" # Your real domain for SSL +SUBDOMAIN="vprogcp" # Final public URL: vprogcp.hkhinfotek.xyz + +MY_IP="0.0.0.0/0" # Auto-detect current public IP for bastion access +SSH_KEY="" # Your SSH public key for bastion access +DB_PASSWORD="GcpVproSqlAdmin9040" # Cloud SQL root password + + +# ──────────────────────────────── +# 2. CLEAN & CONSISTENT NAMING (DO NOT CHANGE) +# ──────────────────────────────── +VPC="vprofile-vpc" + +PUB_SUBNET_01="public-01" +PUB_SUBNET_02="public-02" +PRIV_SUBNET_01="private-01" +PRIV_SUBNET_02="private-02" + +ROUTER="vprofile-router" +NAT="vprofile-nat" + +BASTION="bastion" +DB="vprofile-db" +MEMCACHE="vprofile-memcache" +GOLDEN="vprofile-golden" +SNAPSHOT="vprofile-snapshot" +IMAGE="vprofile-image" + +TEMPLATE="vprofile-template" +MIG="vprofile-mig" +HEALTH_CHECK="vprofile-hc" +BACKEND="vprofile-backend" +URL_MAP="vprofile-urlmap" +HTTP_PROXY="vprofile-http-proxy" +HTTPS_PROXY="vprofile-https-proxy" +LB_IP="vprofile-lb-ip" + +HTTP_LB="vprofile-http-lb" +HTTPS_LB="vprofile-https-lb" + +PRIVATE_ZONE="vprofile-private" +PRIVATE_DNS="vprofile.internal" + +TAG_BASTION="bastion" +TAG_APP="app" + + +# ──────────────────────────────────────────────────────────────── +# 9. Allocate IP range for Private Service Access (PSA) +# ──────────────────────────────────────────────────────────────── +echo "Allocating IP range for Private Service Access (PSA)" +gcloud compute addresses create google-psa-range \ + --global \ + --purpose=VPC_PEERING \ + --prefix-length=16 \ + --network="$VPC" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 10. Connect VPC to Google services (for private Cloud SQL) +# ──────────────────────────────────────────────────────────────── +echo "Connecting VPC to Google services for private Cloud SQL" +gcloud services vpc-peerings connect \ + --service=servicenetworking.googleapis.com \ + --ranges=google-psa-range \ + --network="$VPC" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 11. Create private Cloud SQL MySQL instance +# ──────────────────────────────────────────────────────────────── +echo "Creating private Cloud SQL MySQL instance $DB" +gcloud beta sql instances create "$DB" \ + --database-version=MYSQL_8_0 \ + --tier=db-f1-micro \ + --region="$REGION" \ + --no-assign-ip \ + --allocated-ip-range-name=google-psa-range \ + --network="projects/$PROJECT_ID/global/networks/$VPC" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 12. Create database and set root password +# ──────────────────────────────────────────────────────────────── +echo "Creating database 'accounts'" +gcloud sql databases create accounts --instance="$DB" --quiet + +echo "Setting root password for Cloud SQL" +gcloud sql users set-password root \ + --host=% \ + --instance="$DB" \ + --password="$DB_PASSWORD" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 13. Create private Memcached instance +# ──────────────────────────────────────────────────────────────── +echo "Creating private Memcached instance $MEMCACHE" +gcloud memcache instances create "$MEMCACHE" \ + --region="$REGION" \ + --node-count=1 \ + --node-cpu=2 \ + --node-memory=2GB \ + --authorized-network="projects/$PROJECT_ID/global/networks/$VPC" \ + --quiet + +# Extract db01 IP +echo "Extracting Cloud SQL private IP" +db01IP=$(gcloud sql instances describe $DB --project=vprofile-478802 --format="value(ipAddresses.ipAddress)") + +echo "Cloud SQL Private IP: $db01IP" + +# Intialize database. +echo "Login to bastion host and execute the following command to initialize the database:" +echo "wget https://raw.githubusercontent.com/hkhcoder/vprofile-project/refs/heads/gcp/src/main/resources/db_backup.sql" +echo "apt update && apt install mysql-client -y" +echo "mysql -h $db01IP -u root -p$DB_PASSWORD accounts < db_backup.sql" + +# ============================================================ diff --git a/frontend_1.sh b/frontend_1.sh new file mode 100644 index 000000000..c216acac4 --- /dev/null +++ b/frontend_1.sh @@ -0,0 +1,383 @@ +#!/bin/bash +set -e + +# ============================================================ +# VPROFILE FRONTEND PART 1 ON GCP +# ============================================================ + +# ──────────────────────────────── +# 1. STUDENT CONFIGURATION SECTION (ONLY EDIT HERE) +# ──────────────────────────────── +PROJECT_ID="" # Your GCP project ID +REGION="us-central1" # Region for all resources +ZONE="${REGION}-a" # Zone (derived from region) + +APP_NAME="vprofile" # Application name +DOMAIN="" # Your real domain for SSL +SUBDOMAIN="vprogcp" # Final public URL: vprogcp.hkhinfotek.xyz + +MY_IP="0.0.0.0/0" # Auto-detect current public IP for bastion access +SSH_KEY="" # Your SSH public key for bastion access +DB_PASSWORD="GcpVproSqlAdmin9040" # Cloud SQL root password +# ──────────────────────────────── +# 2. CLEAN & CONSISTENT NAMING (DO NOT CHANGE) +# ──────────────────────────────── +VPC="vprofile-vpc" + +PUB_SUBNET_01="public-01" +PUB_SUBNET_02="public-02" +PRIV_SUBNET_01="private-01" +PRIV_SUBNET_02="private-02" + +ROUTER="vprofile-router" +NAT="vprofile-nat" + +BASTION="bastion" +DB="vprofile-db" +MEMCACHE="vprofile-memcache" +GOLDEN="vprofile-golden" +SNAPSHOT="vprofile-snapshot" +IMAGE="vprofile-image" + +TEMPLATE="vprofile-template" +MIG="vprofile-mig" +HEALTH_CHECK="vprofile-hc" +BACKEND="vprofile-backend" +URL_MAP="vprofile-urlmap" +HTTP_PROXY="vprofile-http-proxy" +HTTPS_PROXY="vprofile-https-proxy" +LB_IP="vprofile-lb-ip" + +HTTP_LB="vprofile-http-lb" +HTTPS_LB="vprofile-https-lb" + +PRIVATE_ZONE="vprofile-private" +PRIVATE_DNS="vprofile.internal" + +TAG_BASTION="bastion" +TAG_APP="app" + + +# ──────────────────────────────────────────────────────────────── +# 14. Create private DNS zone for internal service discovery +# ──────────────────────────────────────────────────────────────── +echo "Creating private DNS zone for internal service discovery" +gcloud dns managed-zones create "$PRIVATE_ZONE" \ + --dns-name="$PRIVATE_DNS" \ + --networks="$VPC" \ + --visibility=private \ + --description="Private DNS for VProfile" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 15. Get private IPs of DB and Memcached +# ──────────────────────────────────────────────────────────────── +echo "Getting private IPs of DB and Memcached" +DB_IP=$(gcloud sql instances describe "$DB" --format="value(ipAddresses[0].ipAddress)") +MC_IP=$(gcloud memcache instances describe "$MEMCACHE" --region="$REGION" --format="value(memcacheNodes[0].host)") + +echo "Database IP: $DB_IP" +echo "Memcached IP: $MC_IP" +# ──────────────────────────────────────────────────────────────── +# 16. Add A records so app can resolve vprodb.vprofile.local & vpromc.vprofile.local +# ──────────────────────────────────────────────────────────────── + +# Start transaction for database A record addition +echo "Starting transaction for database A record addition" +gcloud dns record-sets transaction start \ + --zone="$PRIVATE_ZONE" \ + --project="$PROJECT_ID" + +# Add A record for database (vprodb subdomain pointing to DB IP) +echo "Adding A record for database" +gcloud dns record-sets transaction add $DB_IP \ + --name="vprodb."$PRIVATE_DNS"." \ + --type=A \ + --ttl=300 \ + --zone="$PRIVATE_ZONE" \ + --project="$PROJECT_ID" + +# Execute/commit the transaction to apply DB record +echo "Executing transaction for DB record" +gcloud dns record-sets transaction execute \ + --zone="$PRIVATE_ZONE" \ + --project="$PROJECT_ID" + +# List records to verify DB A record was added +echo "Listing records to verify DB A record" +gcloud dns record-sets list \ + --zone="$PRIVATE_ZONE" \ + --project="$PROJECT_ID" + +# Start transaction for Memcached A record addition +echo "Starting transaction for Memcached A record addition" +gcloud dns record-sets transaction start \ + --zone="$PRIVATE_ZONE" \ + --project="$PROJECT_ID" + +# Add A record for Memcached (vpromc subdomain pointing to MC IP) +echo "Adding A record for Memcached" +gcloud dns record-sets transaction add $MC_IP \ + --name="vpromc."$PRIVATE_DNS"." \ + --type=A \ + --ttl=300 \ + --zone="$PRIVATE_ZONE" \ + --project="$PROJECT_ID" + +# Execute/commit the transaction to apply MC record +echo "Executing transaction for MC record" +gcloud dns record-sets transaction execute \ + --zone="$PRIVATE_ZONE" \ + --project="$PROJECT_ID" + +# List records to verify MC A record was added +echo "Listing records to verify MC A record" +gcloud dns record-sets list \ + --zone="$PRIVATE_ZONE" \ + --project="$PROJECT_ID" +# ──────────────────────────────────────────────────────────────── +# 17. Create startup script for golden app instance +# ──────────────────────────────────────────────────────────────── +echo "Creating startup script for golden app instance" +cat << EOF > app-golden.sh +#!/bin/bash +set -e + +# Create devops user and setup SSH key +useradd -m -s /bin/bash devops +echo "devops ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/devops +mkdir -p /home/devops/.ssh +echo "$SSH_KEY" > /home/devops/.ssh/authorized_keys +chmod 700 /home/devops/.ssh +chmod 600 /home/devops/.ssh/authorized_keys +chown -R devops:devops /home/devops/.ssh + +sleep 60 +TOMURL="https://archive.apache.org/dist/tomcat/tomcat-10/v10.1.26/bin/apache-tomcat-10.1.26.tar.gz" +apt update -y +apt install -y openjdk-17-jdk openjdk-17-jdk-headless git wget unzip zip rsync + +cd /tmp/ +wget \$TOMURL -O tomcatbin.tar.gz +EXTOUT=\$(tar xzvf tomcatbin.tar.gz) +TOMDIR=\$(echo "\$EXTOUT" | cut -d '/' -f1) + +useradd --shell /bin/false --system tomcat +rsync -avzh /tmp/\$TOMDIR/ /usr/local/tomcat/ +chown -R tomcat:tomcat /usr/local/tomcat + +cat > /etc/systemd/system/tomcat.service << 'EOL' +[Unit] +Description=Apache Tomcat 10 +After=network.target + +[Service] +Type=simple +User=tomcat +Group=tomcat +Environment="JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64" +Environment="CATALINA_PID=/tmp/tomcat.pid" +Environment="CATALINA_HOME=/usr/local/tomcat" +Environment="CATALINA_BASE=/usr/local/tomcat" +ExecStart=/usr/local/tomcat/bin/catalina.sh run +ExecStop=/usr/local/tomcat/bin/catalina.sh stop 15 -force +RestartSec=10 +Restart=always + +[Install] +WantedBy=multi-user.target +EOL + +systemctl daemon-reload +systemctl enable --now tomcat + +cd /tmp/ +wget https://archive.apache.org/dist/maven/maven-3/3.9.9/binaries/apache-maven-3.9.9-bin.zip +unzip apache-maven-3.9.9-bin.zip +cp -r apache-maven-3.9.9 /usr/local/maven3.9 + +export MAVEN_OPTS="-Xmx512m" + +git clone -b gcp https://github.com/hkhcoder/vprofile-project.git +cd vprofile-project +/usr/local/maven3.9/bin/mvn install + +systemctl stop tomcat +sleep 20 +rm -rf /usr/local/tomcat/webapps/ROOT* +cp target/vprofile-v2.war /usr/local/tomcat/webapps/ROOT.war +systemctl start tomcat +sleep 20 + +ufw allow 8080/tcp || true +systemctl restart tomcat +EOF + +# ──────────────────────────────────────────────────────────────── +# 18. Launch golden instance (to build final image) +# ──────────────────────────────────────────────────────────────── +echo "Launching golden instance to build final image" +gcloud compute instances create "$GOLDEN" \ + --zone="$ZONE" \ + --machine-type=e2-small \ + --subnet="$PRIV_SUBNET_01" \ + --no-address \ + --tags="$TAG_APP" \ + --image-family=ubuntu-2404-lts-amd64 \ + --image-project=ubuntu-os-cloud \ + --metadata-from-file=startup-script=app-golden.sh \ + --quiet + +echo "Waiting 12 minutes for application build and Tomcat startup..." +sleep 720 + +# ──────────────────────────────────────────────────────────────── +# 19. Stop instance and create snapshot +# ──────────────────────────────────────────────────────────────── +echo "Stopping golden instance" +gcloud compute instances stop "$GOLDEN" --zone="$ZONE" --quiet + +echo "Creating snapshot from golden instance" +gcloud compute disks snapshot "$GOLDEN" \ + --snapshot-names="$SNAPSHOT" \ + --zone="$ZONE" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 20. Create custom image from snapshot +# ──────────────────────────────────────────────────────────────── +echo "Creating custom image from snapshot" +gcloud compute images create "$IMAGE" \ + --source-snapshot="$SNAPSHOT" \ + --storage-location="$REGION" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 21. Delete golden instance (no longer needed) +# ──────────────────────────────────────────────────────────────── +echo "Deleting golden instance" +gcloud compute instances delete "$GOLDEN" --zone="$ZONE" --quiet || true + +# ──────────────────────────────────────────────────────────────── +# 22. Create instance template from custom image +# ──────────────────────────────────────────────────────────────── +echo "Creating instance template from custom image" +gcloud compute instance-templates create "$TEMPLATE" \ + --machine-type=e2-micro \ + --image="$IMAGE" \ + --subnet="$PRIV_SUBNET_01" \ + --region="$REGION" \ + --no-address \ + --tags="$TAG_APP" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 23. Create Managed Instance Group (MIG) +# ──────────────────────────────────────────────────────────────── +echo "Creating Managed Instance Group" +gcloud compute instance-groups managed create "$MIG" \ + --zone="$ZONE" \ + --template="$TEMPLATE" \ + --size=2 \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 23a. Enable autoscaling on MIG based on CPU utilization +# ──────────────────────────────────────────────────────────────── +echo "Enabling autoscaling on MIG (min=2, max=10, target CPU=60%)" +gcloud compute instance-groups managed set-autoscaling "$MIG" \ + --zone="$ZONE" \ + --max-num-replicas=4 \ + --min-num-replicas=2 \ + --target-cpu-utilization=0.6 \ + --target-load-balancing-utilization=0.8 \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 24. Set named port so load balancer knows port 8080 = http +# ──────────────────────────────────────────────────────────────── +echo "Setting named ports for MIG" +gcloud compute instance-groups managed set-named-ports "$MIG" \ + --zone="$ZONE" \ + --named-ports=http:8080 \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 25. Create HTTP health check +# ──────────────────────────────────────────────────────────────── +echo "Creating HTTP health check" +gcloud compute health-checks create http "$HEALTH_CHECK" \ + --global \ + --port=8080 \ + --request-path=/ \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 26. Create global backend service +# ──────────────────────────────────────────────────────────────── +echo "Creating global backend service" +gcloud compute backend-services create "$BACKEND" \ + --global \ + --protocol=HTTP \ + --port-name=http \ + --health-checks="$HEALTH_CHECK" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 27. Attach MIG to backend service +# ──────────────────────────────────────────────────────────────── +echo "Attaching MIG to backend service" +gcloud compute backend-services add-backend "$BACKEND" \ + --global \ + --instance-group="$MIG" \ + --instance-group-zone="$ZONE" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 28. Create URL map (routing rules) +# ──────────────────────────────────────────────────────────────── +echo "Creating URL map" +gcloud compute url-maps create "$URL_MAP" \ + --default-service="$BACKEND" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 29. Create HTTP proxy +# ──────────────────────────────────────────────────────────────── +echo "Creating HTTP proxy" +gcloud compute target-http-proxies create "$HTTP_PROXY" \ + --url-map="$URL_MAP" \ + --quiet + + + +# ──────────────────────────────────────────────────────────────── +# 30. Reserve global static IP for load balancer +# ──────────────────────────────────────────────────────────────── +echo "Reserving global static IP for load balancer" +gcloud compute addresses create "$LB_IP" --global --quiet + +# ──────────────────────────────────────────────────────────────── +# 30.1 Create final HTTP forwarding rules +# ──────────────────────────────────────────────────────────────── + +gcloud compute forwarding-rules create "$HTTP_LB" \ + --global \ + --target-http-proxy="$HTTP_PROXY" \ + --ports=80 \ + --address="$LB_IP" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 31. Create DNS authorization for Google-managed SSL certificate +# ──────────────────────────────────────────────────────────────── +echo "Creating DNS authorization for SSL certificate" +gcloud certificate-manager dns-authorizations create auth-"$SUBDOMAIN" \ + --domain="$DOMAIN" \ + --quiet + +echo "" +echo "=== ADD THESE CNAME RECORDS TO YOUR DOMAIN REGISTRAR (GoDaddy, etc.) ===" +echo "Describing DNS authorization for CNAME records" +gcloud certificate-manager dns-authorizations describe auth-"$SUBDOMAIN" \ + --format="table(dnsResourceRecord.name,dnsResourceRecord.type,dnsResourceRecord.data)" diff --git a/frontend_2.sh b/frontend_2.sh new file mode 100644 index 000000000..949c662e0 --- /dev/null +++ b/frontend_2.sh @@ -0,0 +1,120 @@ +#!/bin/bash +set -e + +# ============================================================ +# VPROFILE BACKEND ON GCP +# ============================================================ + +# ──────────────────────────────── +# 1. STUDENT CONFIGURATION SECTION (ONLY EDIT HERE) +# ──────────────────────────────── +PROJECT_ID="" # Your GCP project ID +REGION="us-central1" # Region for all resources +ZONE="${REGION}-a" # Zone (derived from region) + +APP_NAME="vprofile" # Application name +DOMAIN="" # Your real domain for SSL +SUBDOMAIN="vprogcp" # Final public URL: vprogcp.hkhinfotek.xyz + +MY_IP="0.0.0.0/0" # Auto-detect current public IP for bastion access +SSH_KEY="" # Your SSH public key for bastion access +DB_PASSWORD="GcpVproSqlAdmin9040" # Cloud SQL root password +# ──────────────────────────────── +# 2. CLEAN & CONSISTENT NAMING (DO NOT CHANGE) +# ──────────────────────────────── +VPC="vprofile-vpc" + +PUB_SUBNET_01="public-01" +PUB_SUBNET_02="public-02" +PRIV_SUBNET_01="private-01" +PRIV_SUBNET_02="private-02" + +ROUTER="vprofile-router" +NAT="vprofile-nat" + +BASTION="bastion" +DB="vprofile-db" +MEMCACHE="vprofile-memcache" +GOLDEN="vprofile-golden" +SNAPSHOT="vprofile-snapshot" +IMAGE="vprofile-image" + +TEMPLATE="vprofile-template" +MIG="vprofile-mig" +HEALTH_CHECK="vprofile-hc" +BACKEND="vprofile-backend" +URL_MAP="vprofile-urlmap" +HTTP_PROXY="vprofile-http-proxy" +HTTPS_PROXY="vprofile-https-proxy" +LB_IP="vprofile-lb-ip" + +HTTP_LB="vprofile-http-lb" +HTTPS_LB="vprofile-https-lb" + +PRIVATE_ZONE="vprofile-private" +PRIVATE_DNS="vprofile.internal" + +TAG_BASTION="bastion" +TAG_APP="app" + +# ──────────────────────────────────────────────────────────────── +# 32. Create Google-managed wildcard SSL certificate +# ──────────────────────────────────────────────────────────────── +gcloud certificate-manager certificates create cert-"$SUBDOMAIN" \ + --domains="*.$DOMAIN" \ + --dns-authorizations=auth-"$SUBDOMAIN" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 33. Create certificate map and entry +# ──────────────────────────────────────────────────────────────── +gcloud certificate-manager maps create map-"$SUBDOMAIN" --quiet + +gcloud certificate-manager maps entries create entry-"$SUBDOMAIN" \ + --map=map-"$SUBDOMAIN" \ + --hostname="*.$DOMAIN" \ + --certificates=cert-"$SUBDOMAIN" \ + --quiet + +sleep 360 # Wait for certificate provisioning (may take several minutes) +# Check the status of the certificate +echo "Checking certificate status (this may take a few minutes)..." +gcloud certificate-manager certificates describe cert-"$SUBDOMAIN" \ + --format="table( \ + name, \ + managed.state:label=CERT_STATE, \ + managed.authorizationAttemptInfo[0].state:label=AUTH_STATE, \ + managed.authorizationAttemptInfo[0].domain:label=AUTHORIZED_DOMAIN \ + )" + +read -r "Once the certificate status is ACTIVE, press Enter to continue..." +# ──────────────────────────────────────────────────────────────── +# 34. Attach certificate map to HTTPS proxy +# ──────────────────────────────────────────────────────────────── +gcloud compute target-https-proxies create "$HTTPS_PROXY" \ + --url-map="$URL_MAP" \ + --certificate-map=map-"$SUBDOMAIN" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 35. Create final HTTPS and HTTP forwarding rules +# ──────────────────────────────────────────────────────────────── +gcloud compute forwarding-rules create "$HTTPS_LB" \ + --global \ + --target-https-proxy="$HTTPS_PROXY" \ + --ports=443 \ + --address="$LB_IP" \ + --quiet + +# ──────────────────────────────────────────────────────────────── +# 36. Get final load balancer IP +# ──────────────────────────────────────────────────────────────── +LB_IP_ADDR=$(gcloud compute addresses describe "$LB_IP" --global --format="value(address)") + +echo "Load Balancer is set up with the following details:" +echo "---------------------------------------------------" +echo "Domain Name: *.$DOMAIN" +echo "Load Balancer IP Address: $LB_IP_ADDR" +echo "You can create a DNS A record pointing your domain to this IP address." +echo "---------------------------------------------------" +echo "VProfile backend deployment completed successfully!" diff --git a/list.sh b/list.sh new file mode 100644 index 000000000..d2f38276b --- /dev/null +++ b/list.sh @@ -0,0 +1,108 @@ +#!/bin/bash + +### +# VARIABLES +### +PROJECT_ID="vprofile-478802" +REGION="us-central1" +ZONE="us-central1-a" + +VPC_NAME="vprofile-vpc" +ROUTER_NAME="vprofile-router" +SUBNET_FILTER="network:${VPC_NAME}" + +LB_IP_NAME="lb-ip" +SQL_PSA_RANGE_NAME="sql-psa-range" + +PRIVATE_DNS_ZONE="vprofile-private" +MIG_GROUP_NAME="vprofile-mig" + +### +# Always set project first +### +gcloud config set project "$PROJECT_ID" + +echo "==================================" +echo "=== Load Balancer & Certificates ==" +echo "==================================" + +gcloud compute forwarding-rules list --global +gcloud compute target-http-proxies list --global +gcloud compute target-https-proxies list --global +gcloud compute url-maps list --global +gcloud compute backend-services list --global +gcloud compute health-checks list --global + +# LB Static IP +gcloud compute addresses list --global | grep "$LB_IP_NAME" + +# Certificate Manager +gcloud certificate-manager certificates list +gcloud certificate-manager maps list +gcloud certificate-manager dns-authorizations list + + +echo "===========================" +echo "=== Compute Engine ========" +echo "===========================" + +gcloud compute instance-groups managed list +gcloud compute instance-templates list +gcloud compute instances list +gcloud compute images list | grep vprofile +gcloud compute snapshots list | grep vprofile +gcloud compute disks list + + +echo "===============================" +echo "=== Cloud SQL & Memcached ====" +echo "===============================" + +gcloud sql instances list +gcloud memcache instances list --region="$REGION" + +# SQL firewall rules +gcloud compute firewall-rules list --filter="name~sql OR name~mysql" + + +echo "============================" +echo "=== DNS Zones & Records ====" +echo "============================" + +gcloud dns managed-zones list +gcloud dns record-sets list --zone="$PRIVATE_DNS_ZONE" 2>/dev/null \ + || echo "Zone $PRIVATE_DNS_ZONE deleted or not found" + + +echo "==============================================" +echo "=== VPC, Subnets, Router, NAT, Peering =======" +echo "==============================================" + +gcloud compute networks list +gcloud compute networks subnets list --filter="$SUBNET_FILTER" 2>/dev/null \ + || echo "No subnets found for $VPC_NAME" + +gcloud compute routers list +gcloud compute routers nats list --router="$ROUTER_NAME" --region="$REGION" + +# Private Service Access (SQL) +gcloud compute addresses list --global | grep "$SQL_PSA_RANGE_NAME" + +# VPC Peering With Service Networking +gcloud services vpc-peerings list --network="$VPC_NAME" 2>/dev/null \ + || echo "No peering found for network $VPC_NAME" + + +echo "===========================" +echo "=== Firewall Rules ========" +echo "===========================" + +gcloud compute firewall-rules list --filter="name~allow-ssh OR name~allow-lb" + + +echo "===========================================" +echo "=== Enabled APIs (should be minimal) ======" +echo "===========================================" + +gcloud services list --enabled \ + | grep -E "(compute|sql|dns|memcache|certificate|servicenetworking)" diff --git a/rollback.sh b/rollback.sh new file mode 100644 index 000000000..16ffda023 --- /dev/null +++ b/rollback.sh @@ -0,0 +1,224 @@ +#!/bin/bash +set -e + +PROJECT_ID="vprofile-478802" +REGION="us-central1" +ZONE="${REGION}-a" + +VPC="vprofile-vpc" + +PUB_SUBNET_01="public-01" +PUB_SUBNET_02="public-02" +PRIV_SUBNET_01="private-01" +PRIV_SUBNET_02="private-02" + +ROUTER="vprofile-router" +NAT="vprofile-nat" + +BASTION="bastion" +DB="vprofile-db" +MEMCACHE="vprofile-memcache" + +GOLDEN="vprofile-golden" +SNAPSHOT="vprofile-snapshot" +IMAGE="vprofile-image" + +TEMPLATE="vprofile-template" +MIG="vprofile-mig" +HEALTH_CHECK="vprofile-hc" +BACKEND="vprofile-backend" +URL_MAP="vprofile-urlmap" +HTTP_PROXY="vprofile-http-proxy" +HTTPS_PROXY="vprofile-https-proxy" +LB_IP="vprofile-lb-ip" + +HTTP_LB="vprofile-http-lb" +HTTPS_LB="vprofile-https-lb" + +PRIVATE_ZONE="vprofile-private" + +SUBDOMAIN="vprogcp" +DOMAIN="hkhinfotek.xyz" + +echo "Setting project..." +gcloud config set project "$PROJECT_ID" --quiet + + +# ============================================================ +# 1. DELETE LOAD BALANCER RESOURCES +# ============================================================ + +echo "Deleting forwarding rules..." +gcloud compute forwarding-rules delete "$HTTPS_LB" --global --quiet || true +gcloud compute forwarding-rules delete "$HTTP_LB" --global --quiet || true + +echo "Deleting target proxies..." +gcloud compute target-https-proxies delete "$HTTPS_PROXY" --quiet || true +gcloud compute target-http-proxies delete "$HTTP_PROXY" --quiet || true + +echo "Deleting URL map..." +gcloud compute url-maps delete "$URL_MAP" --quiet || true + +echo "Deleting backend service..." +gcloud compute backend-services delete "$BACKEND" --global --quiet || true + +echo "Deleting health check..." +gcloud compute health-checks delete "$HEALTH_CHECK" --global --quiet || true + +echo "Releasing load balancer static IP..." +gcloud compute addresses delete "$LB_IP" --global --quiet || true + + +# ============================================================ +# 2. DELETE MANAGED INSTANCE GROUP / TEMPLATE / IMAGE +# ============================================================ + +echo "Deleting MIG..." +gcloud compute instance-groups managed delete "$MIG" --zone="$ZONE" --quiet || true + +echo "Deleting instance template..." +gcloud compute instance-templates delete "$TEMPLATE" --quiet || true + +echo "Deleting custom image..." +gcloud compute images delete "$IMAGE" --quiet || true + +echo "Deleting snapshot..." +gcloud compute snapshots delete "$SNAPSHOT" --quiet || true + + +# ============================================================ +# 3. DELETE GOLDEN INSTANCE (if exists) +# ============================================================ + +echo "Deleting golden instance..." +gcloud compute instances delete "$GOLDEN" --zone="$ZONE" --quiet || true + + +# ============================================================ +# 4. DELETE PRIVATE DNS ZONE +# ============================================================ + +echo "Deleting private DNS zone..." +cat < empty-zone.txt +EOF + +gcloud dns record-sets import empty-zone.txt --zone="$PRIVATE_ZONE" --delete-all-existing --quiet +gcloud dns record-sets list --zone="$PRIVATE_ZONE" --project="$PROJECT_ID" +gcloud dns managed-zones delete $PRIVATE_ZONE --quiet + + + +# ============================================================ +# 5. DELETE CLOUD SQL + MEMCACHE +# ============================================================ + +echo "Deleting memcache..." +gcloud memcache instances delete "$MEMCACHE" --region="$REGION" --quiet || true + +echo "Deleting SQL instance..." +gcloud sql instances delete "$DB" --quiet || true +# NEW: Poll for instance deletions (helps with immediate cleanup; max 10 min timeout) +echo "Waiting for Cloud SQL and Memcached deletions to propagate (up to 10 min)..." +for i in {1..60}; do # 60 * 10s = 10 min + if ! gcloud sql instances list --filter="name:$DB" --format="value(name)" | grep -q "$DB" && \ + ! gcloud memcache instances list --filter="name:$MEMCACHE" --region="$REGION" --format="value(name)" | grep -q "$MEMCACHE"; then + echo "Instances fully deleted." + break + fi + if [ $i -eq 60 ]; then + echo "WARNING: Timeout waiting for deletions. Continuing anyway—peering may still fail due to Cloud SQL's 4-day retention." + fi + sleep 10 +done + +# ============================================================ +# 6. DELETE BASTION HOST +# ============================================================ + +echo "Deleting bastion host..." +gcloud compute instances delete "$BASTION" --zone="$ZONE" --quiet || true + + +# ============================================================ +# 7. DELETE FIREWALL RULES +# ============================================================ + +echo "Deleting firewall rules..." +gcloud compute firewall-rules delete allow-ssh-internet --quiet || true +gcloud compute firewall-rules delete allow-ssh-bastion --quiet || true +gcloud compute firewall-rules delete allow-lb-to-app --quiet || true + + +# ============================================================ +# 8. DELETE NAT + ROUTER +# ============================================================ + +echo "Deleting NAT..." +gcloud compute routers nats delete "$NAT" \ + --router="$ROUTER" \ + --region="$REGION" \ + --quiet || true + +echo "Deleting router..." +gcloud compute routers delete "$ROUTER" \ + --region="$REGION" \ + --quiet || true + + +# ============================================================ +# 9. DELETE SUBNETS +# ============================================================ + +echo "Deleting subnets..." +gcloud compute networks subnets delete "$PUB_SUBNET_01" --region="$REGION" --quiet || true +gcloud compute networks subnets delete "$PUB_SUBNET_02" --region="$REGION" --quiet || true +gcloud compute networks subnets delete "$PRIV_SUBNET_01" --region="$REGION" --quiet || true +gcloud compute networks subnets delete "$PRIV_SUBNET_02" --region="$REGION" --quiet || true + +# ============================================================ +# 10. DELETE PRIVATE SERVICE ACCESS RANGE +# ============================================================ +echo "Deleting PSA allocated range..." +gcloud compute addresses delete google-psa-range \ + --global \ + --quiet +# ============================================================ +# 11. DELETE SSL CERT + DNS AUTH + CERT MAP +# ============================================================ + +echo "Deleting certificate map entry..." +gcloud certificate-manager maps entries delete entry-"$SUBDOMAIN" \ + --map=map-"$SUBDOMAIN" --quiet || true + +echo "Deleting certificate map..." +gcloud certificate-manager maps delete map-"$SUBDOMAIN" --quiet || true + +echo "Deleting SSL certificate..." +gcloud certificate-manager certificates delete cert-"$SUBDOMAIN" --quiet || true + +echo "Deleting DNS authorization..." +gcloud certificate-manager dns-authorizations delete auth-"$SUBDOMAIN" --quiet || true + + +#echo "Deleting VPC peering..." +#gcloud services vpc-peerings delete \ +# --service=servicenetworking.googleapis.com \ +# --network="$VPC" \ +# --quiet + + + + + +# ============================================================ +# 12. DELETE VPC +# ============================================================ + +#echo "Deleting VPC..." +#gcloud compute networks delete "$VPC" --quiet || true + + +echo "" +echo "=================================================" +echo "🔥 FULL ROLLBACK COMPLETED SUCCESSFULLY" +echo " diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index c2cd8e80a..9f10e0543 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,13 +1,14 @@ #JDBC Configutation for Database Connection jdbc.driverClassName=com.mysql.cj.jdbc.Driver -jdbc.url=jdbc:mysql://db01:3306/accounts?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull -jdbc.username=admin -jdbc.password=admin123 +jdbc.url=jdbc:mysql://vprodb.vprofile.internal:3306/accounts?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull +jdbc.username=root +jdbc.password=GcpVproSqlAdmin9040 #Memcached Configuration For Active and StandBy Host #For Active Host -memcached.active.host=mc01 +memcached.active.host=vpromc.vprofile.internal memcached.active.port=11211 + #For StandBy Host memcached.standBy.host=127.0.0.2 memcached.standBy.port=11211 diff --git a/vagrant/Automated_provisioning_MacOSM1/Vagrantfile b/vagrant/Automated_provisioning_MacOSM1/Vagrantfile deleted file mode 100644 index 351529062..000000000 --- a/vagrant/Automated_provisioning_MacOSM1/Vagrantfile +++ /dev/null @@ -1,50 +0,0 @@ -Vagrant.configure("2") do |config| - config.hostmanager.enabled = true - config.hostmanager.manage_host = true - -### DB vm #### - config.vm.define "db01" do |db01| - db01.vm.box = "bandit145/centos_stream9_arm" - db01.vm.hostname = "db01" - db01.vm.network "private_network", ip: "192.168.56.25" - db01.vm.provision "shell", path: "mysql.sh" - - end - -### Memcache vm #### - config.vm.define "mc01" do |mc01| - mc01.vm.box = "bandit145/centos_stream9_arm" - mc01.vm.hostname = "mc01" - mc01.vm.network "private_network", ip: "192.168.56.24" - mc01.vm.provision "shell", path: "memcache.sh" - end - -### RabbitMQ vm #### - config.vm.define "rmq01" do |rmq01| - rmq01.vm.box = "bandit145/centos_stream9_arm" - rmq01.vm.hostname = "rmq01" - rmq01.vm.network "private_network", ip: "192.168.56.23" - rmq01.vm.provision "shell", path: "rabbitmq.sh" - end - -### tomcat vm ### - config.vm.define "app01" do |app01| - app01.vm.box = "bandit145/centos_stream9_arm" - app01.vm.hostname = "app01" - app01.vm.network "private_network", ip: "192.168.56.22" - app01.vm.provision "shell", path: "tomcat.sh" - app01.vm.provider "vmware_desktop" do |vb| - vb.memory = "1024" - end - end - - -### Nginx VM ### - config.vm.define "web01" do |web01| - web01.vm.box = "spox/ubuntu-arm" - web01.vm.hostname = "web01" - web01.vm.network "private_network", ip: "192.168.56.21" - web01.vm.provision "shell", path: "nginx.sh" -end - -end diff --git a/vagrant/Automated_provisioning_MacOSM1/backend.sh b/vagrant/Automated_provisioning_MacOSM1/backend.sh deleted file mode 100644 index e993776bb..000000000 --- a/vagrant/Automated_provisioning_MacOSM1/backend.sh +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/bash -DATABASE_PASS='admin123' - -# MEmcache -yum install epel-release -y -yum install memcached -y -systemctl start memcached -systemctl enable memcached -systemctl status memcached -memcached -p 11211 -U 11111 -u memcached -d - -# Rabbit -yum install socat -y -yum install erlang -y -yum install wget -y -wget https://www.rabbitmq.com/releases/rabbitmq-server/v3.6.10/rabbitmq-server-3.6.10-1.el7.noarch.rpm -rpm --import https://www.rabbitmq.com/rabbitmq-release-signing-key.asc -yum update -rpm -Uvh rabbitmq-server-3.6.10-1.el7.noarch.rpm -systemctl start rabbitmq-server -systemctl enable rabbitmq-server -systemctl status rabbitmq-server -echo "[{rabbit, [{loopback_users, []}]}]." > /etc/rabbitmq/rabbitmq.config -rabbitmqctl add_user rabbit bunny -rabbitmqctl set_user_tags rabbit administrator -systemctl restart rabbitmq-server - -# Mysql -yum install mariadb-server -y - -#mysql_secure_installation -sed -i 's/^127.0.0.1/0.0.0.0/' /etc/my.cnf - -# starting & enabling mariadb-server -systemctl start mariadb -systemctl enable mariadb - -#restore the dump file for the application -mysqladmin -u root password "$DATABASE_PASS" -mysql -u root -p"$DATABASE_PASS" -e "UPDATE mysql.user SET Password=PASSWORD('$DATABASE_PASS') WHERE User='root'" -mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')" -mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.user WHERE User=''" -mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'" -mysql -u root -p"$DATABASE_PASS" -e "FLUSH PRIVILEGES" -mysql -u root -p"$DATABASE_PASS" -e "create database accounts" -mysql -u root -p"$DATABASE_PASS" -e "grant all privileges on accounts.* TO 'admin'@'localhost' identified by 'admin123'" -mysql -u root -p"$DATABASE_PASS" -e "grant all privileges on accounts.* TO 'admin'@'app01' identified by 'admin123'" -mysql -u root -p"$DATABASE_PASS" accounts < /vagrant/vprofile-repo/src/main/resources/db_backup.sql -mysql -u root -p"$DATABASE_PASS" -e "FLUSH PRIVILEGES" - -# Restart mariadb-server -systemctl restart mariadb \ No newline at end of file diff --git a/vagrant/Automated_provisioning_MacOSM1/memcache.sh b/vagrant/Automated_provisioning_MacOSM1/memcache.sh deleted file mode 100644 index 8c4a33838..000000000 --- a/vagrant/Automated_provisioning_MacOSM1/memcache.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -sudo dnf install epel-release -y -sudo dnf install memcached -y -sudo systemctl start memcached -sudo systemctl enable memcached -sudo systemctl status memcached -sed -i 's/127.0.0.1/0.0.0.0/g' /etc/sysconfig/memcached -sudo systemctl restart memcached -firewall-cmd --add-port=11211/tcp -firewall-cmd --runtime-to-permanent -firewall-cmd --add-port=11111/udp -firewall-cmd --runtime-to-permanent -sudo memcached -p 11211 -U 11111 -u memcached -d diff --git a/vagrant/Automated_provisioning_MacOSM1/mysql.sh b/vagrant/Automated_provisioning_MacOSM1/mysql.sh deleted file mode 100644 index 9beee3777..000000000 --- a/vagrant/Automated_provisioning_MacOSM1/mysql.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash -DATABASE_PASS='admin123' -sudo yum update -y -sudo yum install epel-release -y -sudo yum install git zip unzip -y -sudo yum install mariadb-server -y - - -# starting & enabling mariadb-server -sudo systemctl start mariadb -sudo systemctl enable mariadb -cd /tmp/ -git clone -b main https://github.com/hkhcoder/vprofile-project.git -#restore the dump file for the application -sudo mysqladmin -u root password "$DATABASE_PASS" -sudo mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')" -sudo mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.user WHERE User=''" -sudo mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'" -sudo mysql -u root -p"$DATABASE_PASS" -e "FLUSH PRIVILEGES" -sudo mysql -u root -p"$DATABASE_PASS" -e "create database accounts" -sudo mysql -u root -p"$DATABASE_PASS" -e "grant all privileges on accounts.* TO 'admin'@'localhost' identified by 'admin123'" -sudo mysql -u root -p"$DATABASE_PASS" -e "grant all privileges on accounts.* TO 'admin'@'%' identified by 'admin123'" -sudo mysql -u root -p"$DATABASE_PASS" accounts < /tmp/vprofile-project/src/main/resources/db_backup.sql -sudo mysql -u root -p"$DATABASE_PASS" -e "FLUSH PRIVILEGES" - -# Restart mariadb-server -sudo systemctl restart mariadb - - -#starting the firewall and allowing the mariadb to access from port no. 3306 -sudo systemctl start firewalld -sudo systemctl enable firewalld -sudo firewall-cmd --get-active-zones -sudo firewall-cmd --zone=public --add-port=3306/tcp --permanent -sudo firewall-cmd --reload -sudo systemctl restart mariadb diff --git a/vagrant/Automated_provisioning_MacOSM1/nginx.sh b/vagrant/Automated_provisioning_MacOSM1/nginx.sh deleted file mode 100644 index c5116f540..000000000 --- a/vagrant/Automated_provisioning_MacOSM1/nginx.sh +++ /dev/null @@ -1,32 +0,0 @@ -# adding repository and installing nginx -apt update -apt install nginx -y -cat < vproapp -upstream vproapp { - - server app01:8080; - -} - -server { - - listen 80; - -location / { - - proxy_pass http://vproapp; - -} - -} - -EOT - -mv vproapp /etc/nginx/sites-available/vproapp -rm -rf /etc/nginx/sites-enabled/default -ln -s /etc/nginx/sites-available/vproapp /etc/nginx/sites-enabled/vproapp - -#starting nginx service and firewall -systemctl start nginx -systemctl enable nginx -systemctl restart nginx diff --git a/vagrant/Automated_provisioning_MacOSM1/rabbitmq.sh b/vagrant/Automated_provisioning_MacOSM1/rabbitmq.sh deleted file mode 100644 index 276aa53df..000000000 --- a/vagrant/Automated_provisioning_MacOSM1/rabbitmq.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -sudo yum install epel-release -y -sudo yum update -y -sudo yum install wget -y -cd /tmp/ -dnf -y install centos-release-rabbitmq-38 - dnf --enablerepo=centos-rabbitmq-38 -y install rabbitmq-server - systemctl enable --now rabbitmq-server - firewall-cmd --add-port=5672/tcp - firewall-cmd --runtime-to-permanent -sudo systemctl start rabbitmq-server -sudo systemctl enable rabbitmq-server -sudo systemctl status rabbitmq-server -sudo sh -c 'echo "[{rabbit, [{loopback_users, []}]}]." > /etc/rabbitmq/rabbitmq.config' -sudo rabbitmqctl add_user test test -sudo rabbitmqctl set_user_tags test administrator -rabbitmqctl set_permissions -p / test ".*" ".*" ".*" -sudo systemctl restart rabbitmq-server diff --git a/vagrant/Automated_provisioning_MacOSM1/tomcat.sh b/vagrant/Automated_provisioning_MacOSM1/tomcat.sh deleted file mode 100644 index 8afa1558d..000000000 --- a/vagrant/Automated_provisioning_MacOSM1/tomcat.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash -TOMURL="https://archive.apache.org/dist/tomcat/tomcat-10/v10.1.26/bin/apache-tomcat-10.1.26.tar.gz" -dnf -y install java-17-openjdk java-17-openjdk-devel -dnf install git wget rsync unzip zip -y -cd /tmp/ -wget $TOMURL -O tomcatbin.tar.gz -EXTOUT=`tar xzvf tomcatbin.tar.gz` -TOMDIR=`echo $EXTOUT | cut -d '/' -f1` -useradd --shell /sbin/nologin tomcat -rsync -avzh /tmp/$TOMDIR/ /usr/local/tomcat/ -chown -R tomcat.tomcat /usr/local/tomcat - -rm -rf /etc/systemd/system/tomcat.service - -cat <> /etc/systemd/system/tomcat.service -[Unit] -Description=Tomcat -After=network.target - -[Service] - -User=tomcat -Group=tomcat - -WorkingDirectory=/usr/local/tomcat - -#Environment=JRE_HOME=/usr/lib/jvm/jre -Environment=JAVA_HOME=/usr/lib/jvm/jre - -Environment=CATALINA_PID=/var/tomcat/%i/run/tomcat.pid -Environment=CATALINA_HOME=/usr/local/tomcat -Environment=CATALINE_BASE=/usr/local/tomcat - -ExecStart=/usr/local/tomcat/bin/catalina.sh run -ExecStop=/usr/local/tomcat/bin/shutdown.sh - - -RestartSec=10 -Restart=always - -[Install] -WantedBy=multi-user.target - -EOT - -systemctl daemon-reload -systemctl start tomcat -systemctl enable tomcat -cd /tmp/ -wget https://archive.apache.org/dist/maven/maven-3/3.9.9/binaries/apache-maven-3.9.9-bin.zip -unzip apache-maven-3.9.9-bin.zip -cp -r apache-maven-3.9.9 /usr/local/maven3.9 -export MAVEN_OPTS="-Xmx512m" - -git clone -b local https://github.com/hkhcoder/vprofile-project.git -cd vprofile-project -/usr/local/maven3.9/bin/mvn install -systemctl stop tomcat -sleep 20 -rm -rf /usr/local/tomcat/webapps/ROOT* -cp target/vprofile-v2.war /usr/local/tomcat/webapps/ROOT.war -systemctl start tomcat -sleep 20 -systemctl stop firewalld -systemctl disable firewalld -#cp /vagrant/application.properties /usr/local/tomcat/webapps/ROOT/WEB-INF/classes/application.properties -systemctl restart tomcat diff --git a/vagrant/Automated_provisioning_MacOSM1/tomcat_ubuntu.sh b/vagrant/Automated_provisioning_MacOSM1/tomcat_ubuntu.sh deleted file mode 100644 index 762c127d3..000000000 --- a/vagrant/Automated_provisioning_MacOSM1/tomcat_ubuntu.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -sudo apt update -sudo apt upgrade -y -sudo apt install openjdk-8-jdk -y -sudo apt install tomcat8 tomcat8-admin tomcat8-docs tomcat8-common git -y diff --git a/vagrant/Automated_provisioning_WinMacIntel/Vagrantfile b/vagrant/Automated_provisioning_WinMacIntel/Vagrantfile deleted file mode 100644 index 10fb818f7..000000000 --- a/vagrant/Automated_provisioning_WinMacIntel/Vagrantfile +++ /dev/null @@ -1,64 +0,0 @@ -Vagrant.configure("2") do |config| - config.hostmanager.enabled = true - config.hostmanager.manage_host = true - -### DB vm #### - config.vm.define "db01" do |db01| - db01.vm.box = "centos/stream9" - db01.vm.hostname = "db01" - db01.vm.network "private_network", ip: "192.168.56.15" - db01.vm.provider "virtualbox" do |vb| - vb.memory = "600" - end - db01.vm.provision "shell", path: "mysql.sh" - - end - -### Memcache vm #### - config.vm.define "mc01" do |mc01| - mc01.vm.box = "centos/stream9" - mc01.vm.hostname = "mc01" - mc01.vm.network "private_network", ip: "192.168.56.14" - mc01.vm.provider "virtualbox" do |vb| - vb.memory = "600" - end - mc01.vm.provision "shell", path: "memcache.sh" - end - -### RabbitMQ vm #### - config.vm.define "rmq01" do |rmq01| - rmq01.vm.box = "centos/stream9" - rmq01.vm.hostname = "rmq01" - rmq01.vm.network "private_network", ip: "192.168.56.16" - rmq01.vm.provider "virtualbox" do |vb| - vb.memory = "600" - end - rmq01.vm.provision "shell", path: "rabbitmq.sh" - end - -### tomcat vm ### - config.vm.define "app01" do |app01| - app01.vm.box = "centos/stream9" - app01.vm.hostname = "app01" - app01.vm.network "private_network", ip: "192.168.56.12" - app01.vm.provision "shell", path: "tomcat.sh" - app01.vm.provider "virtualbox" do |vb| - vb.memory = "800" - end - end - - -### Nginx VM ### - config.vm.define "web01" do |web01| - web01.vm.box = "ubuntu/jammy64" - web01.vm.hostname = "web01" - web01.vm.network "private_network", ip: "192.168.56.11" -# web01.vm.network "public_network" - web01.vm.provider "virtualbox" do |vb| - vb.gui = true - vb.memory = "800" - end - web01.vm.provision "shell", path: "nginx.sh" -end - -end diff --git a/vagrant/Automated_provisioning_WinMacIntel/application.properties b/vagrant/Automated_provisioning_WinMacIntel/application.properties deleted file mode 100644 index 0540b942c..000000000 --- a/vagrant/Automated_provisioning_WinMacIntel/application.properties +++ /dev/null @@ -1,25 +0,0 @@ -#JDBC Configutation for Database Connection -jdbc.driverClassName=com.mysql.jdbc.Driver -jdbc.url=jdbc:mysql://db01:3306/accounts?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull -jdbc.username=admin -jdbc.password=admin123 - -#Memcached Configuration For Active and StandBy Host -#For Active Host -memcached.active.host=mc01 -memcached.active.port=11211 -#For StandBy Host -memcached.standBy.host=127.0.0.2 -memcached.standBy.port=11211 - -#RabbitMq Configuration -rabbitmq.address=rmq01 -rabbitmq.port=5672 -rabbitmq.username=test -rabbitmq.password=test - -#Elasticesearch Configuration -elasticsearch.host =192.168.1.85 -elasticsearch.port =9300 -elasticsearch.cluster=vprofile -elasticsearch.node=vprofilenode \ No newline at end of file diff --git a/vagrant/Automated_provisioning_WinMacIntel/backend.sh b/vagrant/Automated_provisioning_WinMacIntel/backend.sh deleted file mode 100644 index e993776bb..000000000 --- a/vagrant/Automated_provisioning_WinMacIntel/backend.sh +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/bash -DATABASE_PASS='admin123' - -# MEmcache -yum install epel-release -y -yum install memcached -y -systemctl start memcached -systemctl enable memcached -systemctl status memcached -memcached -p 11211 -U 11111 -u memcached -d - -# Rabbit -yum install socat -y -yum install erlang -y -yum install wget -y -wget https://www.rabbitmq.com/releases/rabbitmq-server/v3.6.10/rabbitmq-server-3.6.10-1.el7.noarch.rpm -rpm --import https://www.rabbitmq.com/rabbitmq-release-signing-key.asc -yum update -rpm -Uvh rabbitmq-server-3.6.10-1.el7.noarch.rpm -systemctl start rabbitmq-server -systemctl enable rabbitmq-server -systemctl status rabbitmq-server -echo "[{rabbit, [{loopback_users, []}]}]." > /etc/rabbitmq/rabbitmq.config -rabbitmqctl add_user rabbit bunny -rabbitmqctl set_user_tags rabbit administrator -systemctl restart rabbitmq-server - -# Mysql -yum install mariadb-server -y - -#mysql_secure_installation -sed -i 's/^127.0.0.1/0.0.0.0/' /etc/my.cnf - -# starting & enabling mariadb-server -systemctl start mariadb -systemctl enable mariadb - -#restore the dump file for the application -mysqladmin -u root password "$DATABASE_PASS" -mysql -u root -p"$DATABASE_PASS" -e "UPDATE mysql.user SET Password=PASSWORD('$DATABASE_PASS') WHERE User='root'" -mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')" -mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.user WHERE User=''" -mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'" -mysql -u root -p"$DATABASE_PASS" -e "FLUSH PRIVILEGES" -mysql -u root -p"$DATABASE_PASS" -e "create database accounts" -mysql -u root -p"$DATABASE_PASS" -e "grant all privileges on accounts.* TO 'admin'@'localhost' identified by 'admin123'" -mysql -u root -p"$DATABASE_PASS" -e "grant all privileges on accounts.* TO 'admin'@'app01' identified by 'admin123'" -mysql -u root -p"$DATABASE_PASS" accounts < /vagrant/vprofile-repo/src/main/resources/db_backup.sql -mysql -u root -p"$DATABASE_PASS" -e "FLUSH PRIVILEGES" - -# Restart mariadb-server -systemctl restart mariadb \ No newline at end of file diff --git a/vagrant/Automated_provisioning_WinMacIntel/memcache.sh b/vagrant/Automated_provisioning_WinMacIntel/memcache.sh deleted file mode 100644 index 8c4a33838..000000000 --- a/vagrant/Automated_provisioning_WinMacIntel/memcache.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -sudo dnf install epel-release -y -sudo dnf install memcached -y -sudo systemctl start memcached -sudo systemctl enable memcached -sudo systemctl status memcached -sed -i 's/127.0.0.1/0.0.0.0/g' /etc/sysconfig/memcached -sudo systemctl restart memcached -firewall-cmd --add-port=11211/tcp -firewall-cmd --runtime-to-permanent -firewall-cmd --add-port=11111/udp -firewall-cmd --runtime-to-permanent -sudo memcached -p 11211 -U 11111 -u memcached -d diff --git a/vagrant/Automated_provisioning_WinMacIntel/mysql.sh b/vagrant/Automated_provisioning_WinMacIntel/mysql.sh deleted file mode 100644 index 9beee3777..000000000 --- a/vagrant/Automated_provisioning_WinMacIntel/mysql.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash -DATABASE_PASS='admin123' -sudo yum update -y -sudo yum install epel-release -y -sudo yum install git zip unzip -y -sudo yum install mariadb-server -y - - -# starting & enabling mariadb-server -sudo systemctl start mariadb -sudo systemctl enable mariadb -cd /tmp/ -git clone -b main https://github.com/hkhcoder/vprofile-project.git -#restore the dump file for the application -sudo mysqladmin -u root password "$DATABASE_PASS" -sudo mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')" -sudo mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.user WHERE User=''" -sudo mysql -u root -p"$DATABASE_PASS" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'" -sudo mysql -u root -p"$DATABASE_PASS" -e "FLUSH PRIVILEGES" -sudo mysql -u root -p"$DATABASE_PASS" -e "create database accounts" -sudo mysql -u root -p"$DATABASE_PASS" -e "grant all privileges on accounts.* TO 'admin'@'localhost' identified by 'admin123'" -sudo mysql -u root -p"$DATABASE_PASS" -e "grant all privileges on accounts.* TO 'admin'@'%' identified by 'admin123'" -sudo mysql -u root -p"$DATABASE_PASS" accounts < /tmp/vprofile-project/src/main/resources/db_backup.sql -sudo mysql -u root -p"$DATABASE_PASS" -e "FLUSH PRIVILEGES" - -# Restart mariadb-server -sudo systemctl restart mariadb - - -#starting the firewall and allowing the mariadb to access from port no. 3306 -sudo systemctl start firewalld -sudo systemctl enable firewalld -sudo firewall-cmd --get-active-zones -sudo firewall-cmd --zone=public --add-port=3306/tcp --permanent -sudo firewall-cmd --reload -sudo systemctl restart mariadb diff --git a/vagrant/Automated_provisioning_WinMacIntel/nginx.sh b/vagrant/Automated_provisioning_WinMacIntel/nginx.sh deleted file mode 100644 index c5116f540..000000000 --- a/vagrant/Automated_provisioning_WinMacIntel/nginx.sh +++ /dev/null @@ -1,32 +0,0 @@ -# adding repository and installing nginx -apt update -apt install nginx -y -cat < vproapp -upstream vproapp { - - server app01:8080; - -} - -server { - - listen 80; - -location / { - - proxy_pass http://vproapp; - -} - -} - -EOT - -mv vproapp /etc/nginx/sites-available/vproapp -rm -rf /etc/nginx/sites-enabled/default -ln -s /etc/nginx/sites-available/vproapp /etc/nginx/sites-enabled/vproapp - -#starting nginx service and firewall -systemctl start nginx -systemctl enable nginx -systemctl restart nginx diff --git a/vagrant/Automated_provisioning_WinMacIntel/rabbitmq.sh b/vagrant/Automated_provisioning_WinMacIntel/rabbitmq.sh deleted file mode 100644 index 276aa53df..000000000 --- a/vagrant/Automated_provisioning_WinMacIntel/rabbitmq.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -sudo yum install epel-release -y -sudo yum update -y -sudo yum install wget -y -cd /tmp/ -dnf -y install centos-release-rabbitmq-38 - dnf --enablerepo=centos-rabbitmq-38 -y install rabbitmq-server - systemctl enable --now rabbitmq-server - firewall-cmd --add-port=5672/tcp - firewall-cmd --runtime-to-permanent -sudo systemctl start rabbitmq-server -sudo systemctl enable rabbitmq-server -sudo systemctl status rabbitmq-server -sudo sh -c 'echo "[{rabbit, [{loopback_users, []}]}]." > /etc/rabbitmq/rabbitmq.config' -sudo rabbitmqctl add_user test test -sudo rabbitmqctl set_user_tags test administrator -rabbitmqctl set_permissions -p / test ".*" ".*" ".*" -sudo systemctl restart rabbitmq-server diff --git a/vagrant/Automated_provisioning_WinMacIntel/tomcat.sh b/vagrant/Automated_provisioning_WinMacIntel/tomcat.sh deleted file mode 100644 index e75f3b79e..000000000 --- a/vagrant/Automated_provisioning_WinMacIntel/tomcat.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash -TOMURL="https://archive.apache.org/dist/tomcat/tomcat-10/v10.1.26/bin/apache-tomcat-10.1.26.tar.gz" -dnf -y install java-17-openjdk java-17-openjdk-devel -dnf install git wget unzip zip -y -cd /tmp/ -wget $TOMURL -O tomcatbin.tar.gz -EXTOUT=`tar xzvf tomcatbin.tar.gz` -TOMDIR=`echo $EXTOUT | cut -d '/' -f1` -useradd --shell /sbin/nologin tomcat -rsync -avzh /tmp/$TOMDIR/ /usr/local/tomcat/ -chown -R tomcat.tomcat /usr/local/tomcat - -rm -rf /etc/systemd/system/tomcat.service - -cat <> /etc/systemd/system/tomcat.service -[Unit] -Description=Tomcat -After=network.target - -[Service] - -User=tomcat -Group=tomcat - -WorkingDirectory=/usr/local/tomcat - -#Environment=JRE_HOME=/usr/lib/jvm/jre -Environment=JAVA_HOME=/usr/lib/jvm/jre - -Environment=CATALINA_PID=/var/tomcat/%i/run/tomcat.pid -Environment=CATALINA_HOME=/usr/local/tomcat -Environment=CATALINE_BASE=/usr/local/tomcat - -ExecStart=/usr/local/tomcat/bin/catalina.sh run -ExecStop=/usr/local/tomcat/bin/shutdown.sh - - -RestartSec=10 -Restart=always - -[Install] -WantedBy=multi-user.target - -EOT - -systemctl daemon-reload -systemctl start tomcat -systemctl enable tomcat -cd /tmp/ -wget https://archive.apache.org/dist/maven/maven-3/3.9.9/binaries/apache-maven-3.9.9-bin.zip -unzip apache-maven-3.9.9-bin.zip -cp -r apache-maven-3.9.9 /usr/local/maven3.9 -export MAVEN_OPTS="-Xmx512m" - -git clone -b local https://github.com/hkhcoder/vprofile-project.git -cd vprofile-project -/usr/local/maven3.9/bin/mvn install -systemctl stop tomcat -sleep 20 -rm -rf /usr/local/tomcat/webapps/ROOT* -cp target/vprofile-v2.war /usr/local/tomcat/webapps/ROOT.war -systemctl start tomcat -sleep 20 -systemctl stop firewalld -systemctl disable firewalld -#cp /vagrant/application.properties /usr/local/tomcat/webapps/ROOT/WEB-INF/classes/application.properties -systemctl restart tomcat diff --git a/vagrant/Automated_provisioning_WinMacIntel/tomcat_ubuntu.sh b/vagrant/Automated_provisioning_WinMacIntel/tomcat_ubuntu.sh deleted file mode 100644 index 762c127d3..000000000 --- a/vagrant/Automated_provisioning_WinMacIntel/tomcat_ubuntu.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -sudo apt update -sudo apt upgrade -y -sudo apt install openjdk-8-jdk -y -sudo apt install tomcat8 tomcat8-admin tomcat8-docs tomcat8-common git -y diff --git a/vagrant/Manual_provisioning_MacOSM1/Vagrantfile b/vagrant/Manual_provisioning_MacOSM1/Vagrantfile deleted file mode 100644 index 66562416a..000000000 --- a/vagrant/Manual_provisioning_MacOSM1/Vagrantfile +++ /dev/null @@ -1,63 +0,0 @@ -Vagrant.configure("2") do |config| - config.hostmanager.enabled = true - config.hostmanager.manage_host = true - -### DB vm #### - config.vm.define "db01" do |db01| - db01.vm.box = "bandit145/centos_stream9_arm" - db01.vm.hostname = "db01" - db01.vm.network "private_network", ip: "192.168.56.25" - db01.vm.provider "vmware_desktop" do |vmware| - vmware.gui = true - vmware.allowlist_verified = true - end - end - -### Memcache vm #### - config.vm.define "mc01" do |mc01| - mc01.vm.box = "bandit145/centos_stream9_arm" - mc01.vm.hostname = "mc01" - mc01.vm.network "private_network", ip: "192.168.56.24" - mc01.vm.provider "vmware_desktop" do |vmware| - vmware.gui = true - vmware.allowlist_verified = true - end - end - -### RabbitMQ vm #### - config.vm.define "rmq01" do |rmq01| - rmq01.vm.box = "bandit145/centos_stream9_arm" - rmq01.vm.hostname = "rmq01" - rmq01.vm.network "private_network", ip: "192.168.56.23" - rmq01.vm.provider "vmware_desktop" do |vmware| - vmware.gui = true - vmware.allowlist_verified = true - end - end - -### tomcat vm ### - config.vm.define "app01" do |app01| - app01.vm.box = "bandit145/centos_stream9_arm" - app01.vm.hostname = "app01" - app01.vm.network "private_network", ip: "192.168.56.22" - app01.vm.provider "vmware_desktop" do |vb| - vb.memory = "1024" - vb.gui = true - vb.allowlist_verified = true - end - end - - -### Nginx VM ### - config.vm.define "web01" do |web01| - web01.vm.box = "spox/ubuntu-arm" - web01.vm.hostname = "web01" - web01.vm.network "private_network", ip: "192.168.56.21" - web01.vm.provider "vmware_desktop" do |vmware| - vmware.gui = true - vmware.allowlist_verified = true - end - - end - -end diff --git a/vagrant/Manual_provisioning_MacOSM1/VprofileProjectSetupMacM1M2.pdf b/vagrant/Manual_provisioning_MacOSM1/VprofileProjectSetupMacM1M2.pdf deleted file mode 100644 index 9a4d8394f..000000000 Binary files a/vagrant/Manual_provisioning_MacOSM1/VprofileProjectSetupMacM1M2.pdf and /dev/null differ diff --git a/vagrant/Manual_provisioning_WinMacIntel/Vagrantfile b/vagrant/Manual_provisioning_WinMacIntel/Vagrantfile deleted file mode 100644 index f4ad3a74d..000000000 --- a/vagrant/Manual_provisioning_WinMacIntel/Vagrantfile +++ /dev/null @@ -1,58 +0,0 @@ -Vagrant.configure("2") do |config| - config.hostmanager.enabled = true - config.hostmanager.manage_host = true - -### DB vm #### - config.vm.define "db01" do |db01| - db01.vm.box = "centos/stream9" - db01.vm.hostname = "db01" - db01.vm.network "private_network", ip: "192.168.56.15" - db01.vm.provider "virtualbox" do |vb| - vb.memory = "600" - end - - end - -### Memcache vm #### - config.vm.define "mc01" do |mc01| - mc01.vm.box = "centos/stream9" - mc01.vm.hostname = "mc01" - mc01.vm.network "private_network", ip: "192.168.56.14" - mc01.vm.provider "virtualbox" do |vb| - vb.memory = "600" - end - end - -### RabbitMQ vm #### - config.vm.define "rmq01" do |rmq01| - rmq01.vm.box = "centos/stream9" - rmq01.vm.hostname = "rmq01" - rmq01.vm.network "private_network", ip: "192.168.56.13" - rmq01.vm.provider "virtualbox" do |vb| - vb.memory = "600" - end - end - -### tomcat vm ### - config.vm.define "app01" do |app01| - app01.vm.box = "centos/stream9" - app01.vm.hostname = "app01" - app01.vm.network "private_network", ip: "192.168.56.12" - app01.vm.provider "virtualbox" do |vb| - vb.memory = "800" - end - end - - -### Nginx VM ### - config.vm.define "web01" do |web01| - web01.vm.box = "ubuntu/jammy64" - web01.vm.hostname = "web01" - web01.vm.network "private_network", ip: "192.168.56.11" - web01.vm.provider "virtualbox" do |vb| - vb.gui = true - vb.memory = "800" - end -end - -end diff --git a/vagrant/Manual_provisioning_WinMacIntel/VprofileProjectSetupWindowsAndMacIntel.pdf b/vagrant/Manual_provisioning_WinMacIntel/VprofileProjectSetupWindowsAndMacIntel.pdf deleted file mode 100644 index 2b333120c..000000000 Binary files a/vagrant/Manual_provisioning_WinMacIntel/VprofileProjectSetupWindowsAndMacIntel.pdf and /dev/null differ