If you haven't read the "12 Factor App" site, I recommend you check it and review these principles to adhere when building apps for the cloud. CloudFoundry enables apps that follow these principles. OWF appears to have a fairly "flexible" configuration model to security that breaks some of these principles. In order to preserve this flexibility, I created a basic buildpack for CloudFoundry that enables OWF using Basic Login. Changes to this builpack should enable further configuration to potential OWF deployments, thus preserving some of the flexibility enabled by OWF.
The Buildpack Model
CloudFoundry uses the buildpack model to deploy applications into a "cloud" environment. This means that all apps deployed will use the same "runtime" as built by the "buildpack. I can not over emphasized how relevant this is. Suddenly, the platform has control over each "runtime" used for a given deployment. For more information on "buildpacks", please refer to the documentation.OWF Dependencies
The official documentation of OWF states that a deployment requires:- JDK 1.6 or higer
- Tomcat 7
https://github.com/albertoaflores/ozone-buildpack
Buildpack Forking
The recommended way to write a custom buildpack is to fork an existing one. As you looked at my repo, you'll find that this code is a fork of the "java" buildpack. The following is a list of the things I had to modify:Modified Open JDK to 1.7
This is a change I had to make to the config/open_jdk_jre.ymlModify Tomcat 7
This is the change I made to the config/tomcat.ymlImplement Appendix C (see Docs)
This is very important! Although it combines a number of files that you probably won't need depending on the deployment configuration of choice. The general principle here is that you can rely in the Tomcat overlay that occurs in the buildpack.At the end, the sample owf app shipped with OWF deploys without any issues (well, almost none). The code and manifest for it can be found here:
https://github.com/albertoaflores/owf-app
I'll try to make modifications to this deployment to use Jasig CAS or other implementation. Enjoy!
No comments:
Post a Comment