saltstack-formulas / sun-java-formula Goto Github PK

View Code? Open in Web Editor NEW

24.0 39.0 113.0 97 KB

Flexible provisioning for JDK and JRE tarballs

Home Page: http://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html

License: Other

Shell 0.47% SaltStack 99.53%

sun-java-formula's Introduction

sun-java

Formula to set up and configure Java JREs and JDKs from a tarball archive sourced via URL.

Note

See the full Salt Formulas installation and usage instructions.

Available states

`sun-java`

Downloads the tarball from the java:source_url configured as either a pillar or grain and will not do anything if source_url is omitted. Then unpacks the archive into java:prefix (defaults to /usr/share/java). Will use the alternatives system to link the installation to java_home. Please see the pillar.example for configuration.

`sun-java.jce`

Downloads and installs the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. Will include/extend the sun-java state.

`sun-java.env`

An addition to allow easy use - places a java profile in /etc/profile.d - this way JAVA_HOME and the PATH are set correctly for all system users.

sun-java.cacert ----------------

An addition to allow install own CA certificates in defined keystore. If no keystore is defined, default in $JAVA_HOME/jre/lib/security/cacerts will be used. If default password for castore has been changed, provide new in pillars. CA certificates will only be installed if not already in keystore file.

Verified on Linux and MacOS.

sun-java-formula's People

Contributors

Stargazers

Watchers

Forkers

gspe bossjones jerryjung shift oreh-formula trevorriles westurner tcotav johnswanson flugel-it brandentimm lashou mutagendev padelt kitplummer ebu cloud-ee spillmantech bradthurber vinylplz mrmarvin packetloop gsyt mauricecarey tronpaul edouardb sroegner librato blbradley yakneens kconor mrjacek jackscott craftypenguins khuongdp ezra-quemuel fairfax-newsnow stefanius das-10 elmarcoh zanui mcdan gadventures jasonsupena heystaks preoctopus cgeroux docurated manikantag mulesoft-ops karlkode netmanagers msonawane 978inc jwebbintx supershabam jolson7168 ylitormatech viswind gdhagger lookingcloudy greenchef noelvillador n1ywb richerve appcoach aryantaheri bkett asakhnov locasoft mluczak seedickcode irisbricks psmiraglia onestic lokimac jzacharie kiswe varundmishra enetconnect hackerwin7 upswell porunov zizkebab perceptyx alexfrosa suquant marcocaberletti freenetdigital alkivi-sas getprodigy perlchild sysadmws microfocus pauldalewilliams superplan2017 fhe3 daveneeley maxprofsmax exosite

sun-java-formula's Issues

Alternative for java-home not installed: failed to read link /usr/java/default: No such file or directory

I am trying to run this formula on a fresh CentOS 7.3 Minimal. I am kind of confused about /usr/java/default. The problem is that my pillar file is identical to pillar file in this formula.

Pillar data (I.e. salt '192.168.0.106' pillar.data) shows that:

java_home:
        /usr/lib/java

Why does it try to read link /usr/java/default?

Here is the full output:

192.168.0.106:
----------
          ID: java-install-dir
    Function: file.directory
        Name: /usr/share/java
      Result: True
     Comment: Directory /usr/share/java is in the correct state
              Directory /usr/share/java updated
     Started: 01:34:39.409504
    Duration: 0.679 ms
     Changes:   
----------
          ID: sun-java-remove-prev-archive
    Function: file.absent
        Name: /usr/share/java/jdk-8u144-linux-x64.tar.gz
      Result: True
     Comment: File /usr/share/java/jdk-8u144-linux-x64.tar.gz is not present
     Started: 01:34:39.410503
    Duration: 0.285 ms
     Changes:   
----------
          ID: download-jdk-archive
    Function: cmd.run
        Name: curl -b oraclelicense=accept-securebackup-cookie -L -s -o '/usr/share/java/jdk-8u144-linux-x64.tar.gz' 'http://download.oracle.com/otn-pub/java/jdk/8u144-b01/090f390dda5b47b9b721c7dfaa008135/jdk-8u144-linux-x64.tar.gz'
      Result: True
     Comment: unless execution succeeded
     Started: 01:34:39.411421
    Duration: 8.361 ms
     Changes:   
----------
          ID: check-jdk-archive
    Function: module.run
        Name: file.check_hash
      Result: True
     Comment: State was not run because none of the onchanges reqs changed
     Changes:   
----------
          ID: unpack-jdk-archive
    Function: archive.extracted
        Name: /usr/share/java
      Result: True
     Comment: State was not run because none of the onchanges reqs changed
     Changes:   
----------
          ID: update-javahome-symlink
    Function: file.symlink
        Name: /usr/lib/java
      Result: True
     Comment: Symlink /usr/lib/java is present and owned by root:root
     Started: 01:34:39.421666
    Duration: 21.213 ms
     Changes:   
----------
          ID: remove-jdk-archive
    Function: file.absent
        Name: /usr/share/java/jdk-8u144-linux-x64.tar.gz
      Result: True
     Comment: File /usr/share/java/jdk-8u144-linux-x64.tar.gz is not present
     Started: 01:34:39.443101
    Duration: 0.337 ms
     Changes:   
----------
          ID: sun-java-jce-unzip
    Function: pkg.installed
        Name: unzip
      Result: True
     Comment: All specified packages are already installed
     Started: 01:34:39.848616
    Duration: 356.824 ms
     Changes:   
----------
          ID: sun-java-remove-old-jce-archive
    Function: file.absent
        Name: /usr/share/java/jdk1.8.0_144/jre/lib/security/UnlimitedJCEPolicy.zip
      Result: True
     Comment: File /usr/share/java/jdk1.8.0_144/jre/lib/security/UnlimitedJCEPolicy.zip is not present
     Started: 01:34:40.205840
    Duration: 0.333 ms
     Changes:   
----------
          ID: download-jce-archive
    Function: cmd.run
        Name: curl -b oraclelicense=accept-securebackup-cookie -L -s -o '/usr/share/java/jdk1.8.0_144/jre/lib/security/UnlimitedJCEPolicy.zip' 'http://download.oracle.com/otn-pub/java/jce/8/jce_policy-8.zip'
      Result: True
     Comment: onlyif execution failed
     Started: 01:34:40.206478
    Duration: 4.739 ms
     Changes:   
----------
          ID: check-jce-archive
    Function: module.run
        Name: file.check_hash
      Result: True
     Comment: State was not run because none of the onchanges reqs changed
     Changes:   
----------
          ID: backup-non-jce-jar
    Function: cmd.run
        Name: mv US_export_policy.jar US_export_policy.jar.nonjce; mv local_policy.jar local_policy.jar.nonjce;
      Result: True
     Comment: /usr/share/java/jdk1.8.0_144/jre/lib/security/US_export_policy.jar.nonjce exists
     Started: 01:34:40.211862
    Duration: 0.357 ms
     Changes:   
----------
          ID: unpack-jce-archive
    Function: cmd.run
        Name: unzip -j -o /usr/share/java/jdk1.8.0_144/jre/lib/security/UnlimitedJCEPolicy.zip
      Result: True
     Comment: /usr/share/java/jdk1.8.0_144/jre/lib/security/US_export_policy.jar exists
     Started: 01:34:40.212744
    Duration: 0.294 ms
     Changes:   
----------
          ID: remove-jce-archive
    Function: file.absent
        Name: /usr/share/java/jdk1.8.0_144/jre/lib/security/UnlimitedJCEPolicy.zip
      Result: True
     Comment: File /usr/share/java/jdk1.8.0_144/jre/lib/security/UnlimitedJCEPolicy.zip is not present
     Started: 01:34:40.213391
    Duration: 0.286 ms
     Changes:   
----------
          ID: jdk-config
    Function: file.managed
        Name: /etc/profile.d/java.sh
      Result: True
     Comment: File /etc/profile.d/java.sh is in the correct state
     Started: 01:34:40.213749
    Duration: 13.337 ms
     Changes:   
----------
          ID: javahome-alt-install
    Function: alternatives.install
        Name: java-home
      Result: False
     Comment: Alternative for java-home not installed: failed to read link /usr/java/default: No such file or directory
              the primary link for java-home must be /usr/java/default
     Started: 01:34:40.227477
    Duration: 5.392 ms
     Changes:   
----------
          ID: javahome-alt-set
    Function: alternatives.set
        Name: java-home
      Result: False
     Comment: One or more requisite failed: sun-java.env.javahome-alt-install
     Changes:   
----------
          ID: java-alt-install
    Function: alternatives.install
        Name: java
      Result: False
     Comment: One or more requisite failed: sun-java.env.javahome-alt-set
     Changes:   
----------
          ID: java-alt-set
    Function: alternatives.set
        Name: java
      Result: False
     Comment: One or more requisite failed: sun-java.env.java-alt-install
     Changes:   
----------
          ID: javac-alt-install
    Function: alternatives.install
        Name: javac
      Result: False
     Comment: One or more requisite failed: sun-java.env.java-alt-set
     Changes:   
----------
          ID: javac-alt-set
    Function: alternatives.set
        Name: javac
      Result: False
     Comment: One or more requisite failed: sun-java.env.javac-alt-install
     Changes:   

Summary for 192.168.0.106
-------------
Succeeded: 15
Failed:     6
-------------
Total states run:     21
Total run time:  412.437 ms

Any ideas?

Downloading Java Fails

I'm on Ubuntu 16.04 and when this formula runs does not download the full file, but it does exit 0

https://github.com/saltstack-formulas/sun-java-formula/blob/master/sun-java/init.sls#L27

eg curl -L -s -o '/usr/share/java/jdk-8u144-linux-x64.tar.gz' 'http://download.oracle.com/otn-pub/java/jdk/8u144-b01/090f390dda5b47b9b721c7dfaa008135/jdk-8u144-linux-x64.tar.gz'

This causes the untar/gzip to fail. I was able to successfully download the file via:

wget --no-cookies --no-check-certificate --header "Cookie: oraclelicense=a" http://download.oracle.com/otn-pub/java/jdk/8u144-b01/090f390dda5b47b9b721c7dfaa008135/jdk-8u144-linux-x64.tar.gz --2017-08-03 22:41:59-- http://download.oracle.com/otn-pub/java/jdk/8u144-b01/090f390dda5b47b9b721c7dfaa008135/jdk-8u144-linux-x64.tar.gz

Does anyone know a curl command that will work (ie accept the license)? Figured that would be a simpler tweak, but if not I can refactor to use wget

enable Travis CI, setup test suite, and pass it

@whiteinge Care to oblige? Thanks!

[BUG] sun-java.jce - archive_file is undefined

Your setup

Formula commit hash / release tag

Master

Versions reports (master & minion)

Salt Version:
           Salt: 3000
 
Dependency Versions:
           cffi: 1.13.2
       cherrypy: Not Installed
       dateutil: Not Installed
      docker-py: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
         Jinja2: 2.10.3
        libgit2: 0.28.4
       M2Crypto: 0.35.2
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.6.2
   mysql-python: Not Installed
      pycparser: 2.19
       pycrypto: 2.6.1
   pycryptodome: Not Installed
         pygit2: 0.28.2
         Python: 3.7.7 (default, Mar 10 2020, 15:43:03)
   python-gnupg: Not Installed
         PyYAML: 3.13
          PyZMQ: 18.1.1
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.5.3
            ZMQ: 4.3.2
 
System Versions:
           dist:   
         locale: UTF-8
        machine: x86_64
        release: 18.7.0
         system: Darwin
        version: 10.14.6 x86_64

Pillar / config used

java:
  java_home: /usr/local/lib/java
  jre_lib_sec: /usr/local/lib/java/jre/lib/security/policy/
  uri: http://example.com/downloads/java/

  release: '8'
  major: '0'
  minor: '102'
  build: ''       #because we are not using oracle otn url
  dirhash: ''     #because we are not using oracle otn url

      {%- if grains.os == 'MacOS' %}
  source_url: http://example..com/downloads/java/jdk/8u102/jdk-8u102-macosx-x64.dmg
  source_hash: 'md5=9652fdf0b3387f1897369c7ec642f546'
      {%- elif grains.kernel == 'Linux' %}
  source_url: http://example.com/downloads/java/jdk/8u102/jdk-8u102-linux-x64.tar.gz
  source_hash: 'md5=bac58dcec9bb85859810a2a6acba740b'

  linux:
    #Increase priority for every version installed
    altpriority: {{ range(1, 9100000) | random }}
      {%- endif %}
  jce_url: http://download.oracle.com/otn-pub/java/jce/8/jce_policy-8.zip
  dl:
    retries: 2
    interval: 60

Bug details

Describe the bug

Getting error on MacOS-

[CRITICAL] Rendering SLS 'base:sun-java.jce' failed: Jinja variable 'archive_file' is undefined

Steps to reproduce the bug

Expected behaviour

Attempts to fix the bug

I'm investigating now.

Additional context

issues running formula

I was getting the following error running this updated formula.

Requisite declaration download-jdk-archive in SLS sun-java is not formed as a single key dictionary

changing the following block from

check-jdk-archive:
  module.run:
    - name: file.check_hash
    - path: {{ archive_file }}
    - file_hash: {{ java.source_hash }}
    - onchanges:
      - download-jdk-archive
    - require_in:
      - archive: unpack-jdk-archive

check-jdk-archive:
  module.run:
    - name: file.check_hash
    - path: {{ archive_file }}
    - file_hash: {{ java.source_hash }}
    - onchanges:
      - cmd: download-jdk-archive
    - require_in:
      - archive: unpack-jdk-archive

basically added the correct type of requisite (- cmd: download-jdk-archive)

java jdk install warnings

Saw this one when provisioning this morning. In the unpack-jdk-tarball section.

              ----------
                        ID: unpack-jdk-tarball
                  Function: archive.extracted
                      Name: /usr/share/java
                    Result: True
                   Comment: file:///usr/share/java/jdk-7u80-linux-x64.tar.gz extracted in /usr/share/java/
                   Started: 13:41:06.197343
                  Duration: 8217.83 ms
                   Changes:   
                            ----------
                            directories_created:
                                - /usr/share/java/
                                - /usr/share/java/jdk1.7.0_80
                            extracted_files:
                                - jdk1.7.0_80
                                - jdk1.7.0_80/LICENSE
                                - jdk1.7.0_80/release
                                - jdk1.7.0_80/jre
                                - jdk1.7.0_80/jre/LICENSE
                                - jdk1.7.0_80/jre/Welcome.html
                                - jdk1.7.0_80/jre/plugin

                                <SNIP>
                  Warnings: 'group', 'options' and 'user' are invalid keyword arguments for
                            'archive.extracted'. If you were trying to pass additional data to
                            be used in a template context, please populate 'context' with
                            'key: value' pairs. Your approach will work until Salt Carbon is
                            out. Please update your state files.

Work like a charm on CentOS 7

Tested for both 1.8 and 1.7 (please edit sha256sum at default_source_hash and default_jce_hash)

RFE: Jconsole and jvisualvm alternatives

The jconsole and jvisualvm are JDK package tools for profiling memory trends, generating heap-dumps, monitoring GC, visualizing memory leaks, etc. Local or remote credential / keystore authentication is supported. In short these utilities are handy for Java developer and SRE staff supporting business critical java services.

We should consider including jconsole and jvisualvm install/set alternatives states.

This issue is to track any related discussion.

Using this to install cassandra

Has anyone had success using this formula and then installing cassandra? I've been trying to install both sun's java and cassandra 2.2.4 using salt, and am using the cassandra formula at https://github.com/whisklabs/salt-cassandra-formula. I'm able to run this formula, and verify that when I log in, I can run java, but when the cassandra formula runs, the package fails with the error: Cassandra 2.0 and later require Java 7u25 or later. However, I can sudo run cassandra in standalone mode. but I can't start the cassandra service.

http://stackoverflow.com/questions/24190063/cassandra-2-complaining-about-java-7-when-i-have-java-7-installed suggests that perhaps the java formula needs to call set-alternatives --set in addition to calling --install in order to make java available to root.

Does that sound right, or does anyone have a better way to install cassandra with salt on an ubuntu 14 box?

Unable to list contents of /var/cache/salt/minion/files/base/_usr_share_java_jdk-8u112-linux-x64.tar.gz

Hello,

I can't install Java 8 properly with this formula.

Here is the failed state:

----------
          ID: unpack-jdk-tarball
    Function: archive.extracted
        Name: /usr/share/java
      Result: False
     Comment: Unable to list contents of /var/cache/salt/minion/files/base/_usr_share_java_jdk-8u112-linux-x64.tar.gz. If this is an XZ-compressed tar archive, install XZ Utils to enable listing its contents. If it is compressed using something other than XZ, it may be necessary to specify CLI options to decompress the archive. See the documentation for details. Additional info follows:          
                                                                                                                                     
              archive location:                                                                                                      
                  /var/cache/salt/minion/files/base/_usr_share_java_jdk-8u112-linux-x64.tar.gz                                       
                                                                                                                                     
              If the source archive is a tar archive compressed using a compression type not natively supported by the tar command, then setting the 'list_options' argument may allow the contents to be listed. Otherwise, if Salt is unable to determine the files/directories in the archive, the following workaround(s) would need to be used for this state to proceed (assuming the source file is a valid tar archive):                                                                                                                    
                                                                                                                                     
              - Ownership cannot be managed without setting 'enforce_ownership_on'.                                                  
     Started: 11:20:00.855186
    Duration: 300.165 ms
     Changes:   
    Warnings: The 'tar_options' argument has been deprecated, please use
              'options' instead.
----------
          ID: create-java-home
    Function: alternatives.install
        Name: java-home
      Result: False
     Comment: One or more requisite failed: sun-java.unpack-jdk-tarball
     Changes:

Here is my pillar data:

java_home: /usr/lib/java
java:
  source_url: http://download.oracle.com/otn-pub/java/jdk/8u112-b15/jdk-8u112-linux-x64.tar.gz
  jce_url: http://download.oracle.com/otn-pub/java/jce/8/jce_policy-8.zip
  version_name: jdk-linux-server-x64-8u112
  prefix: /usr/share/java
  dl_opts: -L

# java:version_name is the name of the top-level directory inside the tarball
# java:prefix is where the tarball is unpacked into - prefix/version_name being
#             the location of the jdk
# java:dl_opts - cli args to cURL

What am I doing wrong?

Sincerely,
Alexandr

Download retries pillar solution

Sometimes download failure causes complete formula failure and headaches.

          ID: download-jdk-archive
    Function: cmd.run
        Name: curl -b oraclelicense=accept-securebackup-cookie -L -s -o '/usr/share/java/jdk-8u144-linux-x64.tar.gz' 'http://download.oracle.com/otn-pub/java/jdk/8u144-b01/090f390dda5b47b9b721c7dfaa008135/jdk-8u144-linux-x64.tar.gz'
      Result: False
     Comment: Command "curl -b oraclelicense=accept-securebackup-cookie -L -s -o '/usr/share/java/jdk-8u144-linux-x64.tar.gz' 'http://download.oracle.com/otn-pub/java/jdk/8u144-b01/090f390dda5b47b9b721c7dfaa008135/jdk-8u144-linux-x64.tar.gz'" run
     Started: 08:58:35.054559
    Duration: 1236334.473 ms
     Changes:  
              ----------
              pid:
                  7232
              retcode:
                  18             <====  PARTIAL DOWNLOAD COMPLETED
              stderr:
              stdout:

Possible Solution
The best solution is configuring retry via pillars. Two approaches are possible.

Low level solution. Does this work?

pillar.example:

java:
  dl_opts: -b oraclelicense=accept-securebackup-cookie -L -s --connect-timeout 5  --max-time 10 --retry 5 --retry-delay 0 --retry-max-time 40

Salt retry option (https://docs.saltstack.com/en/latest/ref/states/requisites.html#retrying-states)

init.sls

    {% if grains['saltversioninfo'] >= [2017, 7, 0] %}
    - retry:
        attempts: {{ java.dl_retries }}
        interval: {{ java.dl_interval }}
    {% endif %}

pillar.example

java:
  ...
  dl_opts: -b oraclelicense=accept-securebackup-cookie -L -s
  dl_retries: 3
  dl_interval: 60

alternatives fail on java-home when installing jdk after jre after jdk .. etc

Regression test of following user cases shakes an issue-

UC1: pillars specify installing a JDK (or JRE) version n
UC2: pillars specify installing a JRE (or JDK) version n

The state "javahome-alt-install" will fail when UC2 follows UC1. The failed command is probably:

sudo alternatives --install /usr/lib/java java-home /usr/share/java/jdk1.8.0_144 301800111

if download fails, retry is skipped due to 'unless'

Here is limitation of salt state retries feature.

During 1st attempt the archive file gets created on filesystem (if unless not triggered)

During 2nd attempt the archive file exists on filesystem so "unless triggers".

sun-java-formula/sun-java/init.sls

Lines 22 to 30 in 38ad28a

    
               - unless: test -f {{ archive_file }} 
        
               - require: 
        
                 - file: java-install-dir 
        
               {% if grains['saltversioninfo'] >= [2017, 7, 0] %} 
        
               - retry: 
        
                   attempts: 3 
        
                   interval: 60 
        
                   until: True 
        
                   splay: 10

I think this situation cannot be resolved. Maybe there is some option missing on this state?

A solution maybe deleting archive file from filesystem if subsequent hashsum check state fails.

Oracle appear to have changed the packages but not updated the hashes

$ curl -b oraclelicense=accept-securebackup-cookie -Ls 'http://download.oracle.com/otn-pub/java/jdk/8u1
81-b13/96a7b8442fe848ef90c96a2fad6ed6d1/jdk-8u181-linux-x64.tar.gz' | sha256sum
d97f0f402bd65a9c26aa266246b0894c8d6762e82373377641ca779c46406299  -

However, https://www.oracle.com/webfolder/s/digest/8u181checksum.html says it should be
0b26c7fcfad20029e6e0989e678efcd4a81f0fe502a478b4972215533867de1b

Link in README is broken

The link:

Salt Formulas installation and usage instructions

Unable to install java_jce due to backup-non-jce-jar state

Hey there, thanks for this formula! :) java is a pita to install with all their licenses to accept. Anyway, I gave this nice formula a try on debian and I was able to install jdk, but I failed to install jce.

Here's the result:

local:
----------
          ID: java-install-dir
    Function: file.directory
        Name: /usr/share/java
      Result: True
     Comment: Directory /usr/share/java is in the correct state
     Started: 01:59:49.272867
    Duration: 14.348 ms
     Changes:   
----------
          ID: download-jdk-tarball
    Function: cmd.run
        Name: curl -b oraclelicense=accept-securebackup-cookie -L -o '/usr/share/java/jre-7u79-linux-x64.tar.gz' 'http://download.oracle.com/otn-pub/java/jdk/7u79-b15/jre-7u79-linux-x64.tar.gz'
      Result: True
     Comment: unless execution succeeded
     Started: 01:59:49.294047
    Duration: 6.903 ms
     Changes:   
----------
          ID: unpack-jdk-tarball
    Function: archive.extracted
        Name: /usr/share/java
      Result: True
     Comment: State was not run because none of the onchanges reqs changed
     Started: 
    Duration: 
     Changes:   
----------
          ID: create-java-home
    Function: alternatives.install
        Name: java-home
      Result: True
     Comment: onlyif execution failed
     Started: 01:59:49.322211
    Duration: 584.66 ms
     Changes:   
----------
          ID: update-java-home-symlink
    Function: file.symlink
        Name: /usr/lib/java
      Result: True
     Comment: Symlink /usr/lib/java is present and owned by root:root
     Started: 01:59:49.907163
    Duration: 1.047 ms
     Changes:   
----------
          ID: remove-jdk-tarball
    Function: file.absent
        Name: /usr/share/java/jre-7u79-linux-x64.tar.gz
      Result: True
     Comment: File /usr/share/java/jre-7u79-linux-x64.tar.gz is not present
     Started: 01:59:49.908283
    Duration: 0.253 ms
     Changes:   
----------
          ID: jdk-config
    Function: file.managed
        Name: /etc/profile.d/java.sh
      Result: True
     Comment: File /etc/profile.d/java.sh is in the correct state
     Started: 01:59:49.908601
    Duration: 88.852 ms
     Changes:   
----------
          ID: unzip
    Function: pkg.installed
      Result: True
     Comment: Package unzip is already installed
     Started: 01:59:49.999915
    Duration: 264.049 ms
     Changes:   
----------
          ID: download-jce-zip
    Function: cmd.run
        Name: curl -b oraclelicense=accept-securebackup-cookie -L -o 'UnlimitedJCEPolicy.zip' 'http://download.oracle.com/otn-pub/java/jce/7/UnlimitedJCEPolicyJDK7.zip'
      Result: False
     Comment: Desired working directory "/usr/share/java/jdk1.7.0_79/jre/lib/security" is not available
     Started: 01:59:50.264177
    Duration: 0.984 ms
     Changes:   
----------
          ID: backup-non-jce-jar
    Function: cmd.run
        Name: mv US_export_policy.jar US_export_policy.jar.nonjce; mv local_policy.jar local_policy.jar.nonjce;
      Result: False
     Comment: Desired working directory "/usr/share/java/jdk1.7.0_79/jre/lib/security" is not available
     Started: 01:59:50.265313
    Duration: 0.504 ms
     Changes:   
----------
          ID: unpack-jce-zip
    Function: cmd.run
        Name: unzip -j UnlimitedJCEPolicy.zip
      Result: False
     Comment: One or more requisite failed: sun-java.jce.download-jce-zip, sun-java.jce.backup-non-jce-jar
     Started: 
    Duration: 
     Changes:   

Summary for local
------------
Succeeded: 8
Failed:    3
------------

That was on first try, According to error message, I tried to create the directory first just in case:

sudo mkdir -p /usr/share/java/jdk1.7.0_79/jre/lib/security

and ran again:

[ERROR   ] Command 'mv US_export_policy.jar US_export_policy.jar.nonjce; mv local_policy.jar local_policy.jar.nonjce;' failed with return code: 1
[ERROR   ] stderr: mv: cannot stat 'US_export_policy.jar': No such file or directory
mv: cannot stat 'local_policy.jar': No such file or directory
[ERROR   ] retcode: 1
[ERROR   ] {'pid': 2948, 'retcode': 1, 'stderr': "mv: cannot stat 'US_export_policy.jar': No such file or directory\nmv: cannot stat 'local_policy.jar': No such file or directory", 'stdout': ''}
local:
----------
          ID: java-install-dir
    Function: file.directory
        Name: /usr/share/java
      Result: True
     Comment: Directory /usr/share/java is in the correct state
     Started: 02:00:04.045118
    Duration: 3.659 ms
     Changes:   
----------
          ID: download-jdk-tarball
    Function: cmd.run
        Name: curl -b oraclelicense=accept-securebackup-cookie -L -o '/usr/share/java/jre-7u79-linux-x64.tar.gz' 'http://download.oracle.com/otn-pub/java/jdk/7u79-b15/jre-7u79-linux-x64.tar.gz'
      Result: True
     Comment: unless execution succeeded
     Started: 02:00:04.049377
    Duration: 7.537 ms
     Changes:   
----------
          ID: unpack-jdk-tarball
    Function: archive.extracted
        Name: /usr/share/java
      Result: True
     Comment: State was not run because none of the onchanges reqs changed
     Started: 
    Duration: 
     Changes:   
----------
          ID: create-java-home
    Function: alternatives.install
        Name: java-home
      Result: True
     Comment: onlyif execution failed
     Started: 02:00:04.079487
    Duration: 578.633 ms
     Changes:   
----------
          ID: update-java-home-symlink
    Function: file.symlink
        Name: /usr/lib/java
      Result: True
     Comment: Symlink /usr/lib/java is present and owned by root:root
     Started: 02:00:04.658254
    Duration: 1.004 ms
     Changes:   
----------
          ID: remove-jdk-tarball
    Function: file.absent
        Name: /usr/share/java/jre-7u79-linux-x64.tar.gz
      Result: True
     Comment: File /usr/share/java/jre-7u79-linux-x64.tar.gz is not present
     Started: 02:00:04.659329
    Duration: 0.294 ms
     Changes:   
----------
          ID: jdk-config
    Function: file.managed
        Name: /etc/profile.d/java.sh
      Result: True
     Comment: File /etc/profile.d/java.sh is in the correct state
     Started: 02:00:04.659690
    Duration: 85.992 ms
     Changes:   
----------
          ID: unzip
    Function: pkg.installed
      Result: True
     Comment: Package unzip is already installed
     Started: 02:00:04.748014
    Duration: 254.108 ms
     Changes:   
----------
          ID: download-jce-zip
    Function: cmd.run
        Name: curl -b oraclelicense=accept-securebackup-cookie -L -o 'UnlimitedJCEPolicy.zip' 'http://download.oracle.com/otn-pub/java/jce/7/UnlimitedJCEPolicyJDK7.zip'
      Result: True
     Comment: Command "curl -b oraclelicense=accept-securebackup-cookie -L -o 'UnlimitedJCEPolicy.zip' 'http://download.oracle.com/otn-pub/java/jce/7/UnlimitedJCEPolicyJDK7.zip'" run
     Started: 02:00:05.002333
    Duration: 1337.653 ms
     Changes:   
              ----------
              pid:
                  2945
              retcode:
                  0
              stderr:
                    % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                                   Dload  Upload   Total   Spent    Left  Speed

                    0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
                    0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
                    0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

                  100   294  100   294    0     0    486      0 --:--:-- --:--:-- --:--:--   486

                  100   449  100   449    0     0    557      0 --:--:-- --:--:-- --:--:--   557

                   97  7426   97  7240    0     0   6002      0  0:00:01  0:00:01 --:--:--  6002
                  100  7426  100  7426    0     0   5978      0  0:00:01  0:00:01 --:--:--  5314
              stdout:
----------
          ID: backup-non-jce-jar
    Function: cmd.run
        Name: mv US_export_policy.jar US_export_policy.jar.nonjce; mv local_policy.jar local_policy.jar.nonjce;
      Result: False
     Comment: Command "mv US_export_policy.jar US_export_policy.jar.nonjce; mv local_policy.jar local_policy.jar.nonjce;" run
     Started: 02:00:06.340156
    Duration: 32.528 ms
     Changes:   
              ----------
              pid:
                  2948
              retcode:
                  1
              stderr:
                  mv: cannot stat 'US_export_policy.jar': No such file or directory
                  mv: cannot stat 'local_policy.jar': No such file or directory
              stdout:
----------
          ID: unpack-jce-zip
    Function: cmd.run
        Name: unzip -j UnlimitedJCEPolicy.zip
      Result: False
     Comment: One or more requisite failed: sun-java.jce.backup-non-jce-jar
     Started: 
    Duration: 
     Changes:

Here's my pillar:

java_home: /usr/lib/java
java:
  source_url: http://download.oracle.com/otn-pub/java/jdk/7u79-b15/jre-7u79-linux-x64.tar.gz
  jce_url: http://download.oracle.com/otn-pub/java/jce/7/UnlimitedJCEPolicyJDK7.zip
  version_name: jdk1.7.0_79
  prefix: /usr/share/java
  dl_opts: -b oraclelicense=accept-securebackup-cookie -L

Warnings: The 'tar_options' argument has been deprecated, please use 'options' instead.

Minor issue

Warnings:
The 'tar_options' argument has been deprecated, please use 'options' instead. Name: /usr/share/java - Function: archive.extracted - Result: Changed Started: - 15:56:33.864308 Duration: 8590.195 ms

Just to let you know this, it will need to be updated one day ;)
https://github.com/saltstack-formulas/sun-java-formula/blob/master/sun-java/init.sls#L32

https://docs.saltstack.com/en/latest/ref/states/all/salt.states.archive.html#salt.states.archive.extracted

New in version 2016.11.0: The tar_options and zip_options parameters have been deprecated in favor of a single argument name.

JDK version pillars are ignored by formula

The version_name and source_hash pillar values are ignored by the sun-java.init state. Conversely both pillars are respected by the sun-java.env state. This generates a confusing and unexpected JDK configuration on the target system as illustrated below (wrong version, broken symlink, successful formula?).

Pillars

java:
   dl_opts: -b oraclelicense=accept-securebackup-cookie -L -s
  version_name: jdk1.8.0_144
  source_hash: sha256=e8a341ce566f32c3d06f6d0f0eeea9a0f434f538d22af949ae58bc86f2eeaae4

Causes the following

----------
          ID: sun-java-remove-prev-archive
    Function: file.absent
        Name: /usr/share/java/jdk-8u152-linux-x64.tar.gz
      Result: True
     Comment: File /usr/share/java/jdk-8u152-linux-x64.tar.gz is not present
     Started: 14:07:10.233881
    Duration: 0.384 ms
     Changes:   
----------
          ID: download-jdk-archive
    Function: cmd.run
        Name: curl -b oraclelicense=accept-securebackup-cookie -L -s -o '/usr/share/java/jdk-8u152-linux-x64.tar.gz' 'http://download.oracle.com/otn-pub/java/jdk/8u152-b16/aa0333dd3019491ca4f6ddbe78cdb6d0/jdk-8u152-linux-x64.tar.gz'
      Result: True
     Comment: Command "curl -b oraclelicense=accept-securebackup-cookie -L -s -o '/usr/share/java/jdk-8u152-linux-x64.tar.gz' 'http://download.oracle.com/otn-pub/java/jdk/8u152-b16/aa0333dd3019491ca4f6ddbe78cdb6d0/jdk-8u152-linux-x64.tar.gz'" run
     Started: 14:07:10.235037
    Duration: 226154.022 ms
     Changes:   
              ----------
              pid:
                  8164
              retcode:
                  0
              stderr:
              stdout:
----------
          ID: check-jdk-archive
    Function: module.run
        Name: file.check_hash
      Result: True
     Comment: Module function file.check_hash executed
     Started: 14:11:31.165337
    Duration: 518.446 ms
     Changes:   
              ----------
              ret:
                  True
----------
          ID: update-javahome-symlink
    Function: file.symlink
        Name: /usr/lib/java
      Result: True
     Comment: Created new symlink /usr/lib/java -> /usr/share/java/jdk1.8.0_144
     Started: 14:11:34.914458
    Duration: 5.356 ms
     Changes:   
              ----------
              new:
                  /usr/lib/java
----------
          ID: remove-jdk-archive
    Function: file.absent
        Name: /usr/share/java/jdk-8u152-linux-x64.tar.gz
      Result: True
     Comment: Removed file /usr/share/java/jdk-8u152-linux-x64.tar.gz
     Started: 14:11:34.919985
    Duration: 13.868 ms
     Changes:   
              ----------
              removed:
                  /usr/share/java/jdk-8u152-linux-x64.tar.gz
----------
          ID: javahome-link
    Function: file.symlink
        Name: /usr/lib/java
      Result: True
     Comment: Symlink /usr/lib/java is present and owned by root:root
     Started: 14:11:34.938496
    Duration: 0.879 ms
     Changes:   
----------
          ID: java-link
    Function: file.symlink
        Name: /usr/bin/java
      Result: True
     Comment: Created new symlink /usr/bin/java -> /usr/share/java/jdk1.8.0_144/bin/java
     Started: 14:11:34.939632
    Duration: 17.98 ms
     Changes:   
              ----------
              new:
                  /usr/bin/java

Fedora 25/26 Packaging owns /usr/lib/java/

In Fedora 26 this formula installation is broken - to be investigated.

Analysis from @vutny

This is a Fedora supplied package which just creates empty directories, nothing else: javapackages-tools ... This package provides macros and scripts to support Java packaging. I assume this has nothing to do with OpenJDK upstream distribution. And dnf upgrades will work just fine. I think the best approach would be to try to remove /usr/lib/java empty directory. If it exists and not empty, further states should fail, because there's something very custom on a target system.In such case we have corresponding configuration options available to be set by user explicitly in Pillar or Grains.

-- also noting ---In Fedora 26 the package apache-commons-daemon drops two files into /usr/lib/java/ as part of default workstation installation so handling via salt becomes tricky.

The preferred behaviour is a default formula working by default on main distros without pre-config.

JCE installation is not possible

JCE install fails. Setting jre_lib_sec pillar has no effect either.

/usr/local/lib/java/jre/lib/security/policy/unlimited/
/usr/local/lib/java/jre/lib/security/policy/limited/

    Function: cmd.run
        Name: mv US_export_policy.jar US_export_policy.jar.nonjce; mv local_policy.jar local_policy.jar.nonjce;
      Result: False
     Comment: Command "mv US_export_policy.jar US_export_policy.jar.nonjce; mv local_policy.jar local_policy.jar.nonjce;" run
     Started: 13:12:57.756162
    Duration: 20.765 ms
     Changes:
              ----------
              pid:
                  5622
              retcode:
                  1
              stderr:
                  mv: cannot stat 'US_export_policy.jar': No such file or directory
                  mv: cannot stat 'local_policy.jar': No such file or directory
              stdout:
----------
          ID: unpack-jce-archive
    Function: cmd.run
        Name: unzip -j -o /usr/share/java/jdk1.8.0_162/jre/lib/security/UnlimitedJCEPolicy.zip
      Result: False
     Comment: One or more requisite failed: sun-java.jce.backup-non-jce-jar
     Changes:
----------
          ID: remove-jce-archive
    Function: file.absent
        Name: /usr/share/java/jdk1.8.0_162/jre/lib/security/UnlimitedJCEPolicy.zip
      Result: False
     Comment: One or more requisite failed: sun-java.jce.unpack-jce-archive
     Changes:

Is the formula or download slow?

Probably not an issue with the formula mainly looking for feedback.

I have been using this state for a while and i have found some randomness on the installation time. At the begging i was blaming oracle servers but i don't think that is the case.

If I copy the command that is executed from the salt logs (curl -b oraclelicense=accept-securebackup-cookie -L 'http://download.oracle.com/otn-pub/java/jdk/7u67-b01/jdk-7u67-linux-x64.tar.gz' | tar xz --no-same-owner) and i execute the command from the command line its done between 20 seconds and 1 minute.

Now, if i try to do it on salt state (by calling state.highstate) it might take more than 20 minutes, or even more!

I have done the experiment a couple of times and every time it i get the same results, fast from the command line, slow form salt.

I do testing of the states on a vagrant-box, can this be the reason? other downloads (pyenv, anaconda python distribution, zookeeper and more) are usually fine, relative to its size of course, its the java download that is sometimes taking a long time, sometimes its fast but that is maybe 1 in 10 tries.

Has anyone seen this?

Tidyup Sun-Java.env scope for Windows/MacOS

The sun-java.env state is not valid for Windows.

And Debian Alternatives are not valid for Windows, Archlinux and MacOS.

java.sh sets java bin before path and breaks apt

Due to Java having a "apt" binary and the "java.sh" has the following:

export PATH=$JAVA_HOME/bin:$PATH

Reversing the order fixes the problem.

alternatives states fail on javac when installing JRE

If pillars specify installing a JRE instead of a JDK, there will not be "javac" commands, by choice.

Trying to install alternatives for javac should be conditional if installing a JDK.

`

      ID: javac-alt-install
Function: alternatives.install
    Name: javac
  Result: False
 Comment: Alternative for javac not installed: update-alternatives: error: alternative path /usr/share/java/jre1.8.0_144/bin/javac doesn't exist
 Started: 05:48:29.597607
Duration: 6.378 ms
 Changes:

      ID: javac-alt-set
Function: alternatives.set
    Name: javac
  Result: False
 Comment: One or more requisite failed: sun-java.env.javac-alt-install
 Changes:

	- unless: test -f {{ archive_file }}
	- require:
	- file: java-install-dir
	{% if grains['saltversioninfo'] >= [2017, 7, 0] %}
	- retry:
	attempts: 3
	interval: 60
	until: True
	splay: 10

saltstack-formulas / sun-java-formula Goto Github PK

sun-java-formula's Introduction

sun-java

Available states

sun-java

sun-java.jce

sun-java.env

sun-java-formula's People

Contributors

Stargazers

Watchers

Forkers

sun-java-formula's Issues

Your setup

Formula commit hash / release tag

Versions reports (master & minion)

Pillar / config used

Bug details

Describe the bug

Steps to reproduce the bug

Expected behaviour

Attempts to fix the bug

Additional context

`

Recommend Projects

Recommend Topics

Recommend Org

`sun-java`

`sun-java.jce`

`sun-java.env`