-
Notifications
You must be signed in to change notification settings - Fork 3
DataNode Setup with Docker (Mac or Linux)
konstjar edited this page Aug 24, 2022
·
8 revisions
- Installed Docker
-
sudopermissions
ARACHNE DataNode supports several authentication methods in Standalone mode using Authenticator library:
- LDAP
- Active Directory
- Google Cloud Platform
- REST API
- Database Query
Configuration example below provides idea how to configure authentication with Active Directory.
Docker containers will communicate with each other in Docker network. Thus, we will create one:
docker network create arachnenetwork
To keep DataNode system database on host machine we will create several Docker volumes:
docker volume create --name=datanode_postgresql_var_lib
docker volume create --name=datanode_postgresql_var_log
docker volume create --name=datanode_postgresql_etc
docker volume create --name=datanode_files
- Create directory
sudo mkdir /opt/datanode
- Create file:
sudo vi /opt/datanode/datanode.env
- Populate the file with the following content:
datanode_runMode=STANDALONE
datanode.baseURL=http://localhost
datanode.port=80
server.ssl.enabled=false
ACHILES_STARTUP=0
jasypt.encryptor.password=arachne
jasypt.encryptor.algorythm=PBEWITHMD5ANDDES
docker.host=unix:///var/run/docker.sock
datanode.healthcheck.period=600000
datasource.healthcheck.period=600000
# Execution Engine Parameters
executionEngine.protocol=https
executionEngine.host=execution-engine
executionEngine.port=8888
executionEngine.analysisUri=/api/v1/analyze
# Active Directory Settings Example
security_method=ad
authenticator.user.registrationStrategy=CREATE_IF_NOT_EXISTS
authenticator.methods.ad.service=org.ohdsi.authenticator.service.directory.ad.AdAuthService
authenticator.methods.ad.config.baseDn=DC=example,DC=com
# Both formats works for AD either sAMAccountName (with or w/o domainSuffix) and distingueshedName
authenticator.methods.ad.config.userDn=<AD_SERVICE_ACCOUNT_USERNAME>
authenticator.methods.ad.config.password=<AD_SERVICE_ACCOUNT_PASSWORD>
authenticator.methods.ad.config.domainSuffix=<example.com>
authenticator.methods.ad.config.url=<ldap://pdc.example.com:389>
authenticator.methods.ad.config.searchFilter=(&(userPrincipalName={0})(memberOf=CN=Users,DC=example,DC=com)
authenticator.methods.ad.config.ignorePartialResultException=true
authenticator.methods.ad.config.fieldsToExtract.firstName=givenName
authenticator.methods.ad.config.fieldsToExtract.lastName=sn
tmp.location-on-host=/tmp
datanode.httpClient.connectTimeout=120
datanode.httpClient.writeTimeout=600
datanode.httpClient.readTimeout=600
security.jwt.token.secretKey=${datanode.jwt.secret}
security.jwt.token.validityInSeconds=${datanode.jwt.expiration}
Edit properties and save file.
Pull Docker image:
docker pull odysseusinc/arachne-datanode-ce:1.19.1
Create container with the following command:
docker create --name datanode \
--restart=always \
--network="arachnenetwork" \
-p 127.0.0.1:80:8880 \
-v datanode_postgresql_var_lib:/var/lib/postgresql \
-v datanode_postgresql_var_log:/var/log/postgresql \
-v datanode_postgresql_etc:/etc/postgresql \
-v datanode_files:/var/arachne/files \
-v /tmp:/tmp \
-v /var/run/docker.sock:/var/run/docker.sock \
--env-file /opt/datanode/datanode.env \
odysseusinc/arachne-datanode-ce:1.19.1
And start container:
docker start datanode
Pull Docker image:
docker pull odysseusinc/execution_engine:1.19.1
Create Docker container:
docker create \
--name execution-engine \
--privileged \
--restart=always \
--network="arachnenetwork" \
-p 127.0.0.1:8888:8888 \
-v /tmp:/tmp \
-e "server.servlet.session.timeout=600s" \
odysseusinc/execution_engine:1.19.1
And start container:
docker start execution-engine
After both applications are installed you can access users web interface:
http://localhost
Open ARACHNE DataNode URL in browsers and login with your AD account.