This topic provides high-level information about deploying DTP to Docker. In this section:
Download
You can download a ready-to-use DTP container image from Docker Hub: https://hub.docker.com/r/parasoft/dtp. If you intend on deploying Extension Designer, download the image with Extension Designer.
Architecture Considerations
A DTP deployment consists of the following parts:
- Database for storing code analysis, coverage, test execution, and other data sent to DTP
- DTP data directory (<DTP_DATA>) that contains configuration files, extensions, and other dynamic components that determine how DTP runs
- DTP application directory (<DTP_INSTALL>) that contains the core applications, such as Report Center, Data Collector, etc.
Whether deploying to traditional or containerized environment, the database is typically installed on a different server or machine than where DTP is installed and is covered by a separate security or high-availability procedure.
The DTP data directory, however, should be installed in a location where the data can persist outside of the image so that it can be mounted to the container as necessary. Doing so enables you to quickly connect the data directory to new images of the DTP application directory in the event that there is a problem that requires a new instance of DTP to be deployed. Any clones created from the containerized deployment will have different machine IDs and will require a separate license.
On Windows, the data directory is always located in the %ProgramData%\Parasoft\DTP directory. The Linux installer prompts you to specify a location for the data directory. In both cases, you need to ensure that the directory can be decoupled from an old instance and accessible to the new instance. Refer to the documentation for your environment vendor for instructions on how to mount persistent storage directories to your container or cloud-deployed VM.
Requirements
Your container images must meet the same requirements specified in the Requirements section. Refer to the Docker or cloud environment vendor documentation for information on configuring images or VMs that meet DTP's requirements.
Deployment Process
There is no difference between installing DTP on a containerized and a static system. Refer to the New DTP Installations section for information about the installation process. Refer to the documentation for your cloud environment vendor for information about configuring server instances.
Pushing Containers to Cloud Environments
You can deploy containerized instances of DTP to dynamic infrastructure, such as Amazon AWS or Microsoft Azure, which enables you to alleviate management overhead associated with maintaining your own host environment. Refer to the documentation for your cloud environment for additional information.
Deploying DTP in Docker
To deploy DTP in Docker, follow the process outlined below.
Create a Docker volume and start DTP
First, you need to create a Docker volume called "parasoft-volume" as shown below.
docker volume create parasoft-volume
Then start DTP. Please note the following:
- Certain conditions must be met for the machineId to remain the same when new containers are started. Those conditions are:
- The container must be created and started with the root user.
- The Docker socket must be mounted.
- The Docker volume "parasoft-volume" created previously must be mounted.
- DTP_DATA_DIR:/usr/local/parasoft/data
- Mount persistent volume at DTP_DATA_DIR.
An example of starting DTP with these considerations is shown below. If you are deploying Extension Designer, see Starting Extension Designer below for additional commands you might need to include.
docker run --name dtp -p 8080:8080 -p 8082:8082 -p 8443:8443 --user root:root -v /var/run/docker.sock:/var/run/docker.sock -v parasoft-volume:/mnt/parasoft -v DTP_DATA_DIR:/usr/local/parasoft/data -d DTP_DOCKER_IMAGE
Starting Extension Designer
If you are deploying Extension Designer, add the following port to the Docker run command above:
-p 8314:8314
Once the container is started, you will need to modify the reverse proxy settings in the Extension Designer UI to have the correct hostname. Extension Designer does not assume the Docker container ID is the hostname, so without this modification the application may malfunction. In addition, if you have published non-default ports for DTP and/or Extension Designer (for example, -p 8400:8314), then these ports will need to be reflected in the reverse proxy settings as well.
Note that, while modifying the reverse proxy settings is the recommended configuration option, if all default ports are used for DTP and Extension Designer it is possible to avoid having to configure reverse proxy settings and pass in the hostname when running the container for the first time. Keep in mind that the hostname flag is only available with the docker run command.
Example:
--hostname foobar.example.com
If you are using a remote MongoDB database, you should configure the necessary environment variables using the -e flag when starting the Docker container.
Example:
-e DEP_USE_REMOTE_DB=true -e DEP_DB_HOSTNAME=mongo-db -e DEP_DB_PORT=27017
Set up DTP to connect to your database
After starting the DTP container, initialize DTP_DATA_DIR directory to connect to your database.
cd DTP_DATA_DIR/lib/thirdparty/
Then download the correct connector driver for your database. Note that "sudo" needs to be used any time volume data is modified externally since it is owned by the root user. An example of downloading the MySQL connector driver is shown below.
sudo wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.28/mysql-connector-java-8.0.28.jar
As sudo, modify DTP_DATA_DIR/conf/PSTRootConfig.xml to point to the database server. By default, it points to a localhost URL for MySQL.
Initialize the DTP database. An example using MySQL is shown below.
docker exec dtp cat dtp/grs/db/dtp/mysql/create.sql | docker exec -i mysql mysql -uroot -proot
Restart the DTP container
Once the changes are completed, restart the DTP container for them to take effect.
docker container restart dtp
The DTP deployment is now complete and DTP should be accessible via browser now.
Deploying DTP in Kubernetes
To deploy DTP in Kubernetes, follow the process outlined below.
Deploying multiple DTP servers in Kubernetes is not supported with this version. Support is limited to a single instance of DTP running in a Kubernetes cluster.
Prerequisites
First, you will need a Kubernetes cluster. After starting the cluster, create the accounts and namespaces for the DTP pod and related resources. An example of a yaml file that might be used to for this purpose is shown below.
apiVersion: v1
kind: Namespace
metadata:
name: parasoft-namespace
---
# Stable access for clients to license server
kind: Service
apiVersion: v1
metadata:
name: parasoft-service
namespace: parasoft-namespace
spec:
selector:
tag: parasoft-service
ports:
- name: https
port: 443
protocol: TCP
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: parasoft-account
namespace: parasoft-namespace
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: parasoft-namespace-role
namespace: parasoft-namespace
rules:
- apiGroups:
- "*"
resources:
- "*"
verbs:
- "*"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: parasoft-read-role
rules:
- apiGroups:
- ""
resources:
- nodes
- namespaces
verbs:
- get
- read
- list
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: parasoft-read-bind
namespace: parasoft-namespace
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: parasoft-read-role
subjects:
- kind: ServiceAccount
name: parasoft-account
namespace: parasoft-namespace
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: parasoft-namespace-bind
namespace: parasoft-namespace
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: parasoft-namespace-role
subjects:
- kind: ServiceAccount
name: parasoft-account
namespace: parasoft-namespace
Use your yaml file to create those accounts and namespaces before creating the DTP environment:
kubectl create -f parasoft-permissions.yaml
The "parasoft-namespace" namespace defined in the provided configuration is required and we recommend using the "parasoft-permissions.yaml" as it is documented. The service account used by the DTP Pod requires access to the "parasoft-namespace" namespace, therefore if you choose to create a custom permissions configuration that has different names for the resources defined in the provided permissions configuration, then a namespace with the name "parasoft-namespace" must also be created. If this namespace requirement is not met, DTP will treat any license installed as invalid.
DTP Setup
To set up DTP, create a yaml file that defines a secret (optional), volume, pod, internal-access service, and external-access service (optional). The secret is used to pull the DTP image from the repository. The pod is set up to run the DTP server and Data Collector in separate containers. Each container is configured with a volume to persist data and a liveness probe, which is the Kubernetes equivalent of a Docker Healthcheck. The internal-access service exposes the DTP pod to other pods, allowing them to communicate via the service name instead of an explicit IP address. The external-access service makes DTP and Data Collector accessible via external clients by allocating ports in the node and mapping them to ports in the pod. An example yaml file that might be used for this purpose is shown below. In the example, an NFS volume is used, but this is not required; use whatever volume type fits your needs.
apiVersion: v1
kind: Pod
metadata:
name: dtp
namespace: parasoft-namespace
labels:
app: DTP
spec:
volumes:
- name: dtp-data
nfs:
server: NFS_SERVER_HOST
path: /dtp/
containers:
- name: dtp-server
image: DTP_DOCKER_IMAGE
args: ["--run", "dtp"]
imagePullPolicy: Always
ports:
- name: "http-server"
containerPort: 8080
- name: "https-server"
containerPort: 8443
volumeMounts:
- mountPath: "/usr/local/parasoft/data"
name: dtp-data
livenessProbe:
exec:
command:
- healthcheck.sh
- --verify
- dtp
initialDelaySeconds: 120
periodSeconds: 30
failureThreshold: 20
- name: data-collector
image: DTP_DOCKER_IMAGE
args: ["--run", "datacollector", "--no-copy-data"]
imagePullPolicy: Always
ports:
- containerPort: 8082
volumeMounts:
- mountPath: "/usr/local/parasoft/data"
name: dtp-data
livenessProbe:
exec:
command:
- healthcheck.sh
- --verify
- datacollector
initialDelaySeconds: 30
periodSeconds: 10
failureThreshold: 5
# Uncomment section below if using DTP with Extension Designer
# - name: extension-designer
# image: DTP_DOCKER_IMAGE
# args: ["--run", "dtpservices"]
# imagePullPolicy: Always
# ports:
# - containerPort: 8314
# volumeMounts:
# - mountPath: "/usr/local/parasoft/data"
# name: dtp-data
# livenessProbe:
# exec:
# command:
# - healthcheck.sh
# - --verify
# - dtpservices
# initialDelaySeconds: 30
# periodSeconds: 10
# failureThreshold: 5
# Uncomment section below if using Extension Designer with an external MongoDB
# env:
# - name: DEP_USE_REMOTE_DB
# value: "true"
# - name: DEP_DB_HOSTNAME
# value: "mongodb-hostname" # Put your mongodb hostname here
# - name: DEP_DB_PORT
# value: "27017"
restartPolicy: Always
serviceAccountName: parasoft-account
imagePullSecrets:
- name: YOUR_SECRET
---
apiVersion: v1
kind: Service
metadata:
name: dtp
namespace: parasoft-namespace
spec:
selector:
app: DTP
ports:
- name: "http-server"
protocol: TCP
port: 8080
targetPort: 8080
- name: "data-collector"
protocol: TCP
port: 8082
targetPort: 8082
- name: "https-server"
protocol: TCP
port: 8443
targetPort: 8443
# Uncomment section below if using DTP with Extension Designer
# - name: "extension-designer"
# protocol: TCP
# port: 8314
# targetPort: 8314
---
apiVersion: v1
kind: Service
metadata:
name: dtp-external
namespace: parasoft-namespace
spec:
type: NodePort
selector:
app: DTP
ports:
- port: 8080
name: HTTP_PORT_NAME
nodePort: XXXXX
- port: 8082
name: DC_PORT_NAME
nodePort: XXXXX
- port: 8443
name: HTTPS_PORT_NAME
nodePort: XXXXX
# Uncomment section below if using DTP with Extension Designer
# - port: 8314
# name: EXTENSION_DESIGNER_PORT_NAME
# nodePort: XXXXX
# SERVICE CONFIG NOTES:
# 'name' can be whatever you want
# 'nodePort' must be between 30000-32768
# 'spec.selector' must match 'metadata.labels' in pod config
Create the DTP environment
Prepare the volume mount location on your cluster. By default, the image runs as the "parasoft" user with a UID of 1000 and GID of 1000. Prepare the volume such that this user has read and write access to it.
Then create the DTP environment defined in the DTP setup yaml file created previously:
kubectl create -f parasoft-dtp.yaml
This will initialize the contents of the persistent volume, however, additional setup is required for the DTP and Data Collector containers to run correctly.
Setup DTP to connect to your database
Download and install the relevant JDBC driver in the persistent volume that is mounted to the DTP data directory.
DTP_DATA_DIR/lib/thirdparty/
Initialize the DTP database. For MySQL databases that exist in the same cluster:
kubectl exec dtp -c dtp-server -- cat dtp/grs/db/dtp/mysql/create.sql | kubectl exec -i <mysql pod name> -- mysql -u<username> -p<password>
Configure the database URL in the "<dtp-db-connection>" section of the PSTRootConfig.xml file. This file exists in the persistent volume that is mounted to the DTP data directory.
DTP_DATA_DIR/conf/PSTRootConfig.xml
Recreate the DTP environment
At this point the DTP environment is fully configured. In order for the changes to take effect, the containers must be restarted. To do this, simply destroy the environment:
kubectl delete -f parasoft-dtp.yaml
Then recreate it using the same command from Create the DTP environment.
If you are using DTP with Extension Designer, after you have completed the initial setup you will need to update the Reverse Proxy settings in Extension Designer to reflect the expected hostname and the exposed ports for accessing DTP and Extension Designer.
