...
Table of Contents | ||
---|---|---|
|
Download
You can download a ready-to-use DTP container image from Docker Hub: https://hub.docker.com/r/parasoft/dtp. If you intend on deploying Extension Designer, download the image with Extension Designer.
...
- Certain conditions must be met for the machineId to remain the same when new containers are started. Those conditions are:
- The container must be created and started with the root user.
- The Docker socket must be mounted.
- The Docker volume "parasoft-volume" created previously must be mounted.
- DTP_DATA_DIR:/usr/local/parasoft/data
- Mount persistent volume at DTP_DATA_DIR.
An example of starting DTP with these considerations is shown below. If you are deploying Extension Designer, see Starting Extension Designer below for additional commands you might need to include.You can modify JAVA_CONFIG_ARGS and JAVA_DC_CONFIG_ARGS options via environment variable options passed to the DTP docker container. For example:
Code Block | ||
---|---|---|
| ||
-e JAVA_CONFIG_ARGS="-Dcom.parasoft.sdm.storage.managers.admin.enable.delete.project.data=true" -e JAVA_DC_CONFIG_ARGS="-Dcom.parasoft.sdm.dc.traffic.max.length=250000" |
An example of starting DTP with these considerations is shown below. If you are deploying Extension Designer, see Starting Extension Designer below for additional commands you might need to include.
Code Block | ||
---|---|---|
| ||
docker run --name dtp -p 8080:8080 -p 8082:8082 -p 8443:8443 --user root:root -v /var/docker run --name dtp -p 8080:8080 -p 8082:8082 -p 8443:8443 --user root:root -v /var/run/docker.sock:/var/run/docker.sock -v parasoft-volume:/mnt/parasoft -v DTP_DATA_DIR:/usr/local/parasoft/data -d DTP_DOCKER_IMAGE |
...
The DTP deployment is now complete and DTP should be accessible via browser now.
Deploying DTP in Kubernetes
To deploy DTP in Kubernetes, follow the process outlined below.
Note |
---|
Deploying multiple DTP servers in Kubernetes is not supported with this version. Support is limited to a single instance of DTP running in a Kubernetes cluster. |
Prerequisites
First, you will need a Kubernetes cluster. After starting the cluster, create the accounts and namespaces for the DTP pod and related resources. An example of a yaml file that might be used to for this purpose is shown below.
Configuring Tomcat Settings, Keystore, and Truststore
If you need to configure Tomcat settings, keystore, and truststore, there are many ways to do so. Because these files are persisted in the container and not in a mounted persistent storage, configuration changes will not be automatically applied when you start a new container. Below are a couple ways you can ensure configuration changes are applied to new containers.
The easiest way to configure ports and keystores is to use a reverse proxy. This eliminates the need to make changes to the default Tomcat settings and keystore in the container.
In lieu of using a reverse proxy, you can save the configuration files to a persistent storage and mount them when starting the container. First, note the locations of these files in the docker container:
- server.xml - /usr/local/parasoft/dtp/tomcat/conf/server.xml
- keystore - /usr/local/parasoft/dtp/tomcat/conf/.keystore
- truststore - /usr/local/parasoft/dtp/jre/lib/security/cacerts
Then, save these files to your persistent storage and mount them when starting the container by adding the following arguments:
-v /<persistent_storage>/.keystore:/usr/local/parasoft/dtp/tomcat/conf/.keystore
-v /<persistent_storage>/server.xml:/usr/local/parasoft/dtp/tomcat/conf/server.xml
-v /<persistent_storage>/cacerts:/usr/local/parasoft/dtp/jre/lib/security/cacerts
Deploying DTP in Kubernetes
To deploy DTP in Kubernetes, follow the process outlined below.
Note |
---|
Deploying multiple DTP servers in Kubernetes is not supported with this version. Support is limited to a single instance of DTP running in a Kubernetes cluster. |
Prerequisites
First, you will need a Kubernetes cluster. After starting the cluster, create the namespace, service account, and permissions required by the DTP pod and related resources. An example of a yaml file that might be used to for this purpose is shown below.
Code Block | ||||
---|---|---|---|---|
| ||||
apiVersion: v1
kind: Namespace | ||||
Code Block | ||||
| ||||
apiVersion: v1 kind: Namespace metadata: name: parasoft-namespace --- # Stable access for clients to license server kind: Service apiVersion: v1 metadata: name: parasoft-service namespace: parasoft-namespace spec: selector: tag: parasoft-service ports: - name: https port: 443 protocol: TCP --- apiVersion: v1 kind: ServiceAccount metadata: name: parasoft-account namespace: parasoft-namespace --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: parasoft-namespace-role namespace: parasoft-namespace rules: - apiGroups: - "*" # Stable resources: access for - "*" verbs: - "*" ---clients to license server kind: Service apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: parasoft-read-role rules: - apiGroupsservice namespace: parasoft-namespace spec: selector: - "" tag: parasoft-service resourcesports: - nodesname: https - namespaces verbs: -port: get443 - read -protocol: listTCP --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBindingServiceAccount metadata: name: parasoft-read-bindaccount namespace: parasoft-namespace roleRef: apiGroup--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleRole metadata: name: parasoft-readnamespace-role subjects namespace: parasoft-namespace rules: - kindapiGroups: ServiceAccount - "*" nameresources: parasoft-account - "*" namespaceverbs: parasoft-namespace "*" --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBindingRoleBinding metadata: name: parasoft-namespace-bind namespace: parasoft-namespace roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRoleRole name: parasoft-namespace-role subjects: - kind: ServiceAccount name: parasoft-account namespace: parasoft-namespace |
Use your yaml file to create those accounts and namespaces before creating the DTP environmentthe required namespace, service account, and permissions before creating the DTP environment:
Code Block | ||
---|---|---|
| ||
kubectl create -f parasoft-permissions.yaml |
You should see something similar to the output below in your console:
Code Block | ||
---|---|---|
| ||
kubectl create -f parasoft-permissions.yamlnamespace/parasoft-namespace created service/parasoft-service created serviceaccount/parasoft-account created role.rbac.authorization.k8s.io/parasoft-namespace-role created rolebinding.rbac.authorization.k8s.io/parasoft-namespace-bind created |
Warning |
---|
The "parasoft-namespace" namespace defined in the provided configuration is required and we recommend using the "parasoft-permissions.yaml" as it is documented. The service account used by the DTP Pod requires access to the "parasoft-namespace" namespace, therefore if you choose to create a custom permissions configuration that has different names for the resources defined in the provided permissions configuration, then a namespace with the name "parasoft-namespace" must also be created. If this namespace requirement is not met, DTP will treat any license installed as invalid. |
...