Update Native Setup and Vagrant Setup

2023-02-15 19:18:45 +01:00
parent 359539ffd7
commit f49262cc1a
5 changed files with 506 additions and 435 deletions
--- a/25
+++ b/25
@ -4,16 +4,37 @@
 # vi: set ft=ruby :
 Vagrant.configure(2) do |config|
-  config.vm.box = 'ubuntu/focal64'
+  config.vm.box = 'ubuntu/jammy64'
  config.vm.provider 'virtualbox' do |v|
    v.memory = 4096
    v.cpus = 4
  end
  # CodeOcean Rails app
  config.vm.network 'forwarded_port',
    host_ip: ENV.fetch('LISTEN_ADDRESS', '127.0.0.1'),
    host: 7000,
    guest: 7000
  # Webpack Dev Server
  config.vm.network 'forwarded_port',
    host_ip: ENV.fetch('LISTEN_ADDRESS', '127.0.0.1'),
    host: 3035,
    guest: 3035
  # Poseidon
  config.vm.network 'forwarded_port',
    host_ip: ENV.fetch('LISTEN_ADDRESS', '127.0.0.1'),
    host: 7200,
    guest: 7200
  # Nomad UI
  config.vm.network 'forwarded_port',
    host_ip: ENV.fetch('LISTEN_ADDRESS', '127.0.0.1'),
    host: 4646,
    guest: 4646
  config.vm.synced_folder '.', '/home/vagrant/codeocean'
-  config.vm.synced_folder '../dockercontainerpool', '/home/vagrant/dockercontainerpool'
+  config.vm.synced_folder '../poseidon', '/home/vagrant/poseidon'
  config.vm.provision 'shell', path: 'provision/provision.vagrant.sh', privileged: false
 end
--- a/docs/LOCAL_SETUP.md
+++ b/docs/LOCAL_SETUP.md
@ -1,47 +1,205 @@
-# Local Setup
+# Local Setup CodeOcean with Poseidon
-For security reasons the Vagrant setup is recommended. But the native setup provides best performance and less technical issues. Please see below for some details.
+CodeOcean is built as a micro service architecture and requires multiple components to work. Besides the main CodeOcean web application with a PostgreSQL database, a custom-developed Go service called [Poseidon](https://github.com/openHPI/poseidon) is required to allow code execution. Poseidon manages so-called Runners, which are responsible for running learners code. It is executed in (Docker) containers managed through Nomad. The following document will guide you through the setup of CodeOcean with all aforementioned components.
-## Vagrant
+We recommend using the **native setup** as described below. We also prepared a setup with Vagrant using a virtual machine as [described in this guide](./LOCAL_SETUP_VAGRANT.md). However, the Vagrant setup might be outdated and is not actively maintained (PRs are welcome though!)
-### Install prerequisites
+## Native setup for CodeOcean
- [Install Vagrant](https://www.vagrantup.com/docs/installation)
+Follow these steps to set up CodeOcean on macOS or Linux for development purposes:
 - [Install VirtualBox](https://www.virtualbox.org/wiki/Downloads)
-### Clone repositories
+### Install required dependencies:
-The following two repositories have to be cloned in the same directory:
+**macOS:**
-
+```shell
- [CodeOcean](https://github.com/openHPI/codeocean)
+brew install geckodriver icu4c
- [DockerContainerPool](https://github.com/openHPI/dockercontainerpool)
+brew install --cask firefox 
 Vagrant assumes that these repositories are completely clean. For example, Vagrant will setup all configuration files in `config` (in both repositories) based on the examples provided in the same directory. Therefore it is **important** that these configuration files do not exist before running vagrant up. It is recommended to have a freshly cloned repository but you can also try to remove untracked files by running `git clean -xf` in both repositories.
 ### Create and start VM
 - Switch to the `codeocean` directory
 - Run `vagrant up`
 - If this command fails please try the following:
  - Run `vagrant destroy -f` to remove the broken VM
  - Make sure that both repositories are freshly cloned, for example by deleting and cloning them again
  - Retry to execute `vagrant up`
 - The VM pulls only one docker image: [`openhpi/co_execenv_python:3.8`](https://hub.docker.com/layers/openhpi/co_execenv_python/3.8/images/sha256-b048f61d490d1b202016dc3bdf99a5169ec998109ae9bbae441c94bdec18e3d0)
 ### Start server
 You can [configure vagrant as remote interpreter in RubyMine](https://www.jetbrains.com/help/ruby/configuring-language-interpreter.html#add_remote_ruby_interpreter) and start the rails server via RubyMine or you can start it manually from the command line:
 ```bash
 vagrant ssh
 cd /home/vagrant/dockercontainerpool
 rails s -p 7100
 # using another ssh session
 cd /home/vagrant/codeocean
 rails s -p 7000 -b 0.0.0.0
 ```
 **Linux:**
 ```shell
 sudo apt-get update
 sudo apt-get -y install git ca-certificates curl libpq-dev libicu-dev
 ```
 ### Install PostgreSQL 15:
 **macOS:**
 ```shell
 brew install postgresql@15
 brew services start postgresql@15 
 ```
 **Linux:**
 ```shell
 curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/apt.postgresql.org.gpg >/dev/null
 echo "deb [arch=$(dpkg --print-architecture)] http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" | sudo tee /etc/apt/sources.list.d/pgdg.list
 sudo apt-get update && sudo apt-get -y install postgresql-15 postgresql-client-15
 sudo -u postgres createuser $(whoami) -ed
 ```
 **Check with:**
 ```shell
 pg_isready
 ```
 ### Install RVM:
 We recommend using the [Ruby Version Manager (RVM)](https://www.rvm.io) to install Ruby.
 ```shell
 gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
 curl -sSL https://get.rvm.io | bash -s stable
 source ~/.rvm/scripts/rvm
 ```
 **Linux:**  
 Ensure that your Terminal is set up to launch a login shell. You may check your current shell with the following commands:
 ```shell
 shopt -q login_shell && echo 'Login shell' || echo 'Not login shell'
 ```
 If you are not in a login shell, RVM will not work as expected. Follow the [RVM guide on gnome-terminal](https://rvm.io/integration/gnome-terminal) to change your terminal settings.
 **Check with:**
 ```shell
 rvm -v
 ```
 ### Install NVM:
 We recommend using the [Node Version Manager (NVM)](https://github.com/creationix/nvm) to install Node.
 **macOS:**
 ```shell
 brew install nvm
 mkdir ~/.nvm
 ```
 Add the following lines to your profile. (e.g., `~/.zshrc`):
 ```shell
 # NVM
 export NVM_DIR="$HOME/.nvm"
 [ -s "$(brew --prefix nvm)/nvm.sh" ] && \. "$(brew --prefix nvm)/nvm.sh"  # This loads nvm
 [ -s "$(brew --prefix nvm)/etc/bash_completion.d/nvm" ] && \. "$(brew --prefix nvm)/etc/bash_completion.d/nvm"  # This loads nvm bash_completion
 ```
 **Linux:**
 ```shell
 curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/master/install.sh | bash
 ```
 **Check with:**
 ```shell
 nvm -v
 ```
 ### Install NodeJS 18 and Yarn:
 Reload your shell (e.g., by closing and reopening the terminal) and continue with installing Node:
 ```shell
 nvm install lts/hydrogen
 corepack enable 
 ```
 **Check with:**
 ```shell
 node -v
 yarn -v
 ```
 ### Clone the repository:
 You may either clone the repository via SSH (recommended) or HTTPS (hassle-free for read operations). If you haven't set up GitHub with your SSH key, you might follow [their official guide](https://docs.github.com/en/authentication/connecting-to-github-with-ssh).
 **SSH (recommended, requires initial setup):**
 ```shell
 git clone git@github.com:openHPI/codeocean.git
 ```
 **HTTPS (easier for read operations):**
 ```shell
 git clone https://github.com/openHPI/codeocean.git
 ```
 ### Switch current working directory
 This guide focusses on CodeOcean, as checked out in the previous step. Therefore, we are switching the working directory in the following. For Poseidon, please follow the [dedicated setup guide for Poseidon](https://github.com/openHPI/poseidon/blob/main/docs/development.md).
 ```shell
 cd codeocean
 ```
 ### Install Ruby:
 ```shell
 rvm install $(cat .ruby-version)
 ```
 **Check with:**
 ```shell
 ruby -v
 ```
 ### Create all necessary config files:
 First, copy our templates:
 ```shell
 for f in action_mailer.yml code_ocean.yml content_security_policy.yml database.yml docker.yml.erb mnemosyne.yml secrets.yml
 do
  if [ ! -f config/$f ]
  then
    cp config/$f.example config/$f
  fi
 done
 ```
 Then, you should check all config files manually and adjust settings where necessary for your environment.
 ### Install required project libraries
 ```shell
 bundle install
 yarn install
 ```
 ### Initialize the database
 The following command will create a database for the development and test environments, setup tables, and load seed data.
 ```shell
 rake db:setup
 ```
 ### Start CodeOcean
 For the development environment, two server processes are required: the Rails server for the main application and a Webpack server providing JavaScript and CSS assets.
 1. Webpack dev server:
 This project uses [shakapacker](https://github.com/shakacode/shakapacker) to integrate Webpack with Rails to deliver Frontend assets. During development, the `webpack-dev-server` automatically launches together with the Rails server if not specified otherwise. In case of missing JavaScript or stylesheets and for Hot Module Reloading in the browser, you might want to start the `webpack-dev-server` manually *before starting Rails*:
  ```shell
  yarn run webpack-dev-server
  ```
 This will launch a dedicated server on port 3035 (default setting) and allow incoming WebSocket connections from your browser.
 2. Rails application:
  ```shell
  bundle exec rails server
  ```
 This will launch the CodeOcean web application server on port 7000 (default setting) and allow incoming connections from your browser.
 **Check with:**  
 Open your web browser at <http://localhost:7000>
 The default credentials for the internal users are the following:
 - Administrator:  
@ -54,276 +212,140 @@ The default credentials for the internal users are the following:
  email: `learner@example.org`  
  password: `learner`
-Additional internal users can be created using the web interface. In development, the activation mail is printed to the console. Use the activation link found in that mail to set a password for a new user.
+Additional internal users can be created using the web interface. In development, the activation mail is automatically opened in your default browser. Use the activation link found in that mail to set a password for a new user.
-#### Metrics
+#### Execution Environments
-For exporting metrics, start the prometeus exporter by running
+Every exercise is executed in an execution environment which is based on a docker image. In order to install a new image, have a look at the container images of the openHPI team on [GitHub](https://github.com/openHPI/dockerfiles) or [DockerHub](https://hub.docker.com/u/openhpi). You may change execution environments by signing in to your running CodeOcean server as an administrator and select `Execution Environments` from the `Administration` dropdown. The `Docker Container Pool Size` should be greater than 0 for every execution environment you want to use. Please refer to the Poseidon documentation for more information on the [requirements of Docker images](https://github.com/openHPI/poseidon/blob/main/docs/configuration.md#supported-docker-images).
-```bash
+#### Metrics (optional)
 For exporting metrics, enable the Prometheus exporter in `config/code_ocean.yml` and start an additional server *before starting Rails*:
 ```shell
 bundle exec prometheus_exporter
 ```
-in the CodeOcean folder before starting CodeOcean.
+## Native Setup for Nomad
-## Execution Environments
+As detailed earlier, this guide focusses on CodeOcean. Nevertheless, the following provides a short overview of the most important steps to get started with Nomad (as required for Poseidon). Please refer to the [full setup guide](https://github.com/openHPI/poseidon/blob/main/docs/development.md) for more details.
-Every exercise is executed in an execution environment which is based on a docker image. In order to install a new image, have a look at the container of the openHPI team on [DockerHub](https://hub.docker.com/u/openhpi). For example you can add an [image for ruby](https://hub.docker.com/layers/openhpi/co_execenv_ruby/latest/images/sha256-70f597320567678bf8d0146d93fb1bd98457abe61c3b642e832d4e4fbe7f4526) by executing `docker pull openhpi/co_execenv_ruby:latest`.  
+### Install Nomad
 After that make sure to configure the corresponding execution environment for the docker images you want to use in your CodeOcean instance. Therefore sign in on your running CodeOcean server as an administrator and select `Execution Environments` from the `Administration` dropdown. The `Docker Container Pool Size` should be greater than 0 for every execution environment you want to use.
-## Webpack
+**macOS:**
-
+```shell
-This project uses `webpacker` to integrate Webpack with Rails to deliver Frontend assets. During development, the `webpack-dev-server` automatically launches together with the Rails server if not specified otherwise. In case of missing JavaScript or stylesheets or for hot reloading in the browser, you might want to start the `webpack-dev-server` manually *before starting Rails*:
+brew tap hashicorp/tap
-
+brew install hashicorp/tap/nomad
-```shell script
+brew services start nomad
 ./bin/webpacker-dev-server
 ```
-This will launch a dedicated server on port 3035 (default setting) and allow incoming WebSocket connections from your browser.
+**Linux:**
-
+```shell
-## Native setup (for Ubuntu)
+wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg >/dev/null
-
+echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
-Install all necessary dependencies:
+sudo apt-get update && sudo apt-get -y install nomad
-
+sudo systemctl start nomad
 ```bash
 sudo apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common firefox firefox-geckodriver libpq-dev libicu-dev
 ```
-### PostgreSQL
+**Check with:**  
 Open your web browser at <http://localhost:4646>
-```bash
+### Enable Memory Oversubscription for Nomad
-curl -sSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
+
-echo "deb https://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" | sudo tee /etc/apt/sources.list.d/pgdg.list
+```shell
-sudo apt update && sudo apt install postgresql-client postgresql
+curl -X POST -d '{"SchedulerAlgorithm": "spread", "MemoryOversubscriptionEnabled": true}' http://localhost:4646/v1/operator/scheduler/configuration 
 ```
- The installation should automatically start and enable the systemd service `postgresql` and create the user `postgres`
+### Install Docker
 - Check the systemd service with `systemctl status postgresql`
 - open `/etc/postgresql/13/main/pg_hba.conf` and replace all lines after the line starting with `# TYPE` with the following lines:
-  ```text
+**macOS:**
-  # code_ocean: drop access control
+```shell
-  local all all trust
+brew install --cask docker
-  host  all all 127.0.0.1/32 trust
+open /Applications/Docker.app
  host  all all ::1/128 trust
 ```
- Restart postgresql with `systemctl restart postgresql`
+**Linux:**
-
+```shell
-### Node
+curl -fsSL https://get.docker.com | sudo sh
 ```bash
 curl -sSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | sudo apt-key add -
 echo "deb https://deb.nodesource.com/node_14.x $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/nodesource.list
 echo "deb-src https://deb.nodesource.com/node_14.x $(lsb_release -cs) main" | sudo tee -a /etc/apt/sources.list.d/nodesource.list
 sudo apt update && sudo apt install nodejs
 ```
-Check the installation with `node -v`
+**Check with:**
-
+```shell
-### Yarn
+docker -v
 ```bash
 curl -sSL https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
 echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
 sudo apt update && sudo apt install yarn
 ```
-Check the installation with `yarn -v`
+## Native Setup for Poseidon
-### Docker
+As detailed earlier, this guide focusses on CodeOcean. Nevertheless, the following provides a short overview of the most important steps to get started with Poseidon. Please refer to the [full setup guide](https://github.com/openHPI/poseidon/blob/main/docs/development.md) for more details.
-```bash
+### Install Go
-curl -sSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+
-sudo add-apt-repository \
+**macOS:**
-   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
+```shell
-   $(lsb_release -cs) \
+brew install golang
   stable"
 sudo apt update && sudo apt install docker-ce docker-ce-cli containerd.io
 ```
- Add the following lines to the docker configuration to make the Docker daemon listen on incoming connections on port 2376. Use `sudo systemctl edit docker.service` to add or edit an overwrite file to make the changes [upgrade-safe](https://serverfault.com/questions/840996/modify-systemd-unit-file-without-altering-upstream-unit-file):
+**Linux:**
-
+```shell
-  ```text
+gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 52B59B1571A79DBC054901C0F6BC817356A3D45E
-    [Service]
+gpg --export 52B59B1571A79DBC054901C0F6BC817356A3D45E | sudo tee /usr/share/keyrings/golang-backports.gpg >/dev/null
-    ExecStart=
+echo "deb [signed-by=/usr/share/keyrings/golang-backports.gpg] https://ppa.launchpadcontent.net/longsleep/golang-backports/ubuntu $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/golang.list
-    ExecStart=/usr/bin/dockerd -H fd:// -H tcp://127.0.0.1:2376
+sudo apt-get update && sudo apt-get -y install golang
 ```
- Add the following option to `/etc/docker/daemon.json` (or create the file if it does not exist yet):
+**Check with:**
-
+```shell
-  ```text
+go version
  {
        "userns-remap": "default"
  }
 ```
- Reload the service with `systemctl daemon-reload` and `systemctl restart docker`
+### Clone the repository:
 - Using `sudo lsof -Pi` you should see dockerd running on port 2376
 - Add yourself to the docker group:
  - WARNING: your user will have [root access without providing a password](https://medium.com/@Affix/privilege-escallation-with-docker-56dc682a6e17)
  - Execute: `sudo usermod -aG docker ${USER}`
  - Logout and login again
 - Check the docker installation with `docker run hello-world` (without root privileges)
 - Get the latest version of the execution environment you want to use with `docker pull`
-### RVM and Ruby
+You may either clone the repository via SSH (recommended) or HTTPS (hassle-free for read operations). If you haven't set up GitHub with your SSH key, you might follow [their official guide](https://docs.github.com/en/authentication/connecting-to-github-with-ssh).
-```bash
+**SSH (recommended, requires initial setup):**
-curl -sSL https://rvm.io/mpapis.asc | gpg --import -
+```shell
-curl -sSL https://rvm.io/pkuczynski.asc | gpg --import -
+git clone git@github.com:openHPI/poseidon.git
 curl -sSL https://get.rvm.io | bash -s stable
 source "$HOME/.profile"
 ```
- `type rvm | head -n 1` should return `rvm is a function` now
+**HTTPS (easier for read operations):**
- Install ruby with `rvm install 2.7.2`
+```shell
- Select the installed ruby version with `rvm use 2.7.2 --default`
+git clone https://github.com/openHPI/poseidon.git
 - Check the installed version with `rvm list` or `ruby -v`
 - Install [bundler](https://github.com/rubygems/bundler#installation-and-usage) with `gem install bundler`
 ### Configure CodeOcean
 - Clone this repository and cd into it:
  ```bash
  git clone https://github.com/openHPI/codeocean.git
  cd codeocean
 ```
- Create all necessary config files:
+### Switch current working directory
-  ```bash
+```shell
-  for f in action_mailer.yml database.yml secrets.yml code_ocean.yml docker.yml.erb mnemosyne.yml content_security_policy.yml
+cd poseidon
  do
    if [ ! -f config/$f ]
    then
      cp config/$f.example config/$f
    fi
  done
 ```
- Install all dependencies:
+### Install required project libraries
-  ```bash
+```shell
-  bundle install
+make bootstrap
  yarn install
 ```
- Setup the local database:
+### Build the binary
-  ```bash
+```shell
-  export RAILS_ENV=development
+make build
  rake db:create
  rake db:schema:load
  rake db:migrate
  rake db:seed
 ```
-### Start CodeOcean
+### Create the config file:
- Start CodeOcean by executing `rails s` in the project root
+First, copy our templates:
 - Open `localhost:7000` in your browser
 - You can login as administrator with the user `admin@example.org` and the password `admin`
-## Native setup (for macOS)
+```shell
 cp configuration.example.yaml configuration.yaml
 ```
- Clone this repository:
+Then, you should check the config file manually and adjust settings where necessary for your environment.
  ```shell script
  git clone git@github.com:openHPI/codeocean.git
  ```
 - Install PostgreSQL, start it and create a generic postgres user:
  ```shell script
  brew install postgresql
  brew services start postgresql
  createuser -s -r postgres
  ```
 - Install [NVM](https://github.com/creationix/nvm) and node:
  ```shell script
  brew install nvm
  mkdir ~/.nvm
  nvm install --lts
  ```
 - Add the following lines to your profile. (e.g., `~/.zshrc`):
  ```shell script
  # NVM
  export NVM_DIR=~/.nvm
  source $(brew --prefix nvm)/nvm.sh
  ```
 - Install yarn:
  ```shell script
  brew install yarn --ignore-dependencies
  ```
 - Install docker:
  ```shell script
  brew install docker
  open /Applications/Docker.app/
  ```
 - Install icu4c for detecting character encodings
  ```shell script
  brew install icu4c
  ```
 - Install nginx and adopt its config to forward requests to the **RAW** docker UNIX socket (see [this issue](https://github.com/docker/for-mac/issues/1662) for more details). Only required for macOS!
  ```shell script
  brew install nginx
  ```
  Edit `/usr/local/etc/nginx/nginx.conf`:
  1. Change the default port `8080` to `2376` (around line 36).
  2. Replace the `location /` with the following and (!) replace `<yourname>` with the output of `whoami`:
  ```editorconfig
  location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $host;
    proxy_set_header X-NginX-Proxy true;
-    proxy_pass http://unix:/Users/<yourname>/Library/Containers/com.docker.docker/Data/docker.raw.sock;
+### Run Poseidon
    proxy_redirect off;
-    proxy_http_version 1.1;
+```shell
-    proxy_set_header Upgrade $http_upgrade;
+./poseidon
    proxy_set_header Connection "upgrade";
  }
  ```
  Now, start nginx:
  ```shell script
  brew services start nginx
  ```
 - Install RVM and bundler:
  ```shell script
  gpg2 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
  curl -sSL https://get.rvm.io | bash -s stable --rails
  gem install bundler
  ```
 - Install geckodriver and Firefox for Selenium:
  ```shell script
  brew install geckodriver
  brew cask install firefox
  ```
 - Get a local copy of the config files and verify the settings:
  ```shell script
  for f in action_mailer.yml database.yml secrets.yml code_ocean.yml docker.yml.erb mnemosyne.yml content_security_policy.yml
  do
    if [ ! -f config/$f ]
    then
      cp config/$f.example config/$f
    fi
  done
  ```
 - Install gems and yarn files:
  ```shell script
  bundle install
  yarn install
  ```
 - Setup your database:
  ```shell script
  rake db:create
  rake db:schema:load
  rake db:migrate
  rake db:seed
  ```
 - Start the server:
  ```shell script
  rails s
 ```
 ### Synchronize execution environments
 As part of the CodeOcean setup, some execution environments have been stored in the database. However, these haven't been yet synchronized with Poseidon yet. Therefore, please take care to synchronize environments through the user interface. To do so, open <http://localhost:7000/execution_environments> and click the "Synchronize all" button.
--- a/docs/LOCAL_SETUP_VAGRANT.md
+++ b/docs/LOCAL_SETUP_VAGRANT.md
@ -0,0 +1,131 @@
 # Vagrant setup
 With the Vagrant-based setup, you won't need to (manually) install CodeOcean and Poseidon including their dependencies on your local instance. Instead, a virtual machine containing all requirements will be configure
 ## Install VirtualBox
 **macOS:**
 ```shell
 brew install --cask virtualbox
 ```
 **Linux:**
 ```shell
 wget -O- https://www.virtualbox.org/download/oracle_vbox_2016.asc | gpg --dearmor | sudo tee /usr/share/keyrings/oracle-virtualbox-2016.gpg >/dev/null
 echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/oracle-virtualbox-2016.gpg] https://download.virtualbox.org/virtualbox/debian $(lsb_release -cs) contrib" | sudo tee /etc/apt/sources.list.d/hashicorp.list
 sudo apt-get update && sudo apt-get -y install virtualbox-7.0
 ```
 **Check with:**
 ```shell
 vboxmanage --version
 ```
 ## Install Vagrant
 **macOS:**
 ```shell
 brew tap hashicorp/tap
 brew install hashicorp/tap/hashicorp-vagrant
 ```
 **Linux:**
 ```shell
 wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg >/dev/null
 echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
 sudo apt-get update && sudo apt-get -y install vagrant
 ```
 **Check with:**
 ```shell
 vagrant -v
 ```
 ## Clone repositories
 The following two repositories have to be cloned in the same directory. You may either clone the repository via SSH (recommended) or HTTPS (hassle-free for read operations). If you haven't set up GitHub with your SSH key, you might follow [their official guide](https://docs.github.com/en/authentication/connecting-to-github-with-ssh).
 **SSH (recommended, requires initial setup):**
 ```shell
 git clone git@github.com:openHPI/codeocean.git
 git clone git@github.com:openHPI/poseidon.git
 ```
 **HTTPS (easier for read operations):**
 ```shell
 git clone https://github.com/openHPI/codeocean.git
 git clone https://github.com/openHPI/poseidon.git
 ```
 Vagrant assumes that these repositories are completely clean. For example, Vagrant will setup all configuration files in `config` (in both repositories) based on the examples provided in the same directory. Therefore it is **important** that these configuration files do not exist before running `vagrant up`. It is recommended to have a freshly cloned repository but you can also try to remove untracked files by running `git clean -xf` in both repositories.
 ## Switch current working directory
 ```shell
 cd codeocean
 ```
 ## Start the virtual machine
 ```shell
 vagrant up
 ```
 During the first start, Vagrant will run a provision script and automatically set up all required dependencies. Therefore, the first launch will take a few minutes.
 ## Start CodeOcean and Poseidon
 For the development environment with Vagrant, three server processes are required: the Rails server for the main application, a Webpack server providing JavaScript and CSS assets and Poseidon to manage runners. As those processes will be run in the virtual machine, you always need to connect to the VM with `vagrant ssh`.
 1. Webpack dev server:
 This project uses [shakapacker](https://github.com/shakacode/shakapacker) to integrate Webpack with Rails to deliver Frontend assets. During development, the `webpack-dev-server` automatically launches together with the Rails server if not specified otherwise. In case of missing JavaScript or stylesheets and for Hot Module Reloading in the browser, you might want to start the `webpack-dev-server` manually *before starting Rails*:
  ```shell
  vagrant ssh
  cd codeocean
  yarn run webpack-dev-server
  ```
 This will launch a dedicated server on port 3035 (default setting) and allow incoming WebSocket connections from your browser.
 2. Rails application:
  ```shell
  vagrant ssh
  cd codeocean
  bundle exec rails server --port 7000 --binding 0.0.0.0
  ```
 This will launch the CodeOcean web application server on port 7000 (default setting) for all interfaces (`0.0.0.0`) and allow incoming connections from your browser. Listening on all interfaces is required, so that you can connect from your VM-external browser to the Rails server.
 **Check with:**  
 Open your web browser at <http://localhost:7000>. Vagrant will redirect requests to your `localhost` automatically to the virtual machine.
 The default credentials for the internal users are the following:
 - Administrator:  
  email: `admin@example.org`  
  password: `admin`
 - Teacher:  
  email: `teacher@example.org`  
  password: `teacher`
 - Learner:  
  email: `learner@example.org`  
  password: `learner`
 Additional internal users can be created using the web interface. In development, the activation mail is printed to the console. Use the activation link found in that mail to set a password for a new user.
 ### Execution Environments
 Every exercise is executed in an execution environment which is based on a docker image. In order to install a new image, have a look at the container images of the openHPI team on [GitHub](https://github.com/openHPI/dockerfiles) or [DockerHub](https://hub.docker.com/u/openhpi). You may change execution environments by signing in to your running CodeOcean server as an administrator and select `Execution Environments` from the `Administration` dropdown. The `Docker Container Pool Size` should be greater than 0 for every execution environment you want to use. Please refer to the Poseidon documentation for more information on the [requirements of Docker images](https://github.com/openHPI/poseidon/blob/main/docs/configuration.md#supported-docker-images).
 ### Metrics (optional)
 For exporting metrics, enable the Prometheus exporter in `config/code_ocean.yml` and start an additional server *before starting Rails*:
 ```shell
 vagrant ssh
 cd codeocean
 bundle exec prometheus_exporter
 ```
--- a/provision/code_ocean.vagrant.yml
+++ b/provision/code_ocean.vagrant.yml
@ -1,73 +0,0 @@
 default: &default
  flowr:
    # When enabled, flowr can assist learners with related search results from
    # StackOverflow.com regarding exceptions that occurred during code execution.
    # The search is initiated through the learners' browser and displayed in the output pane.
    enabled: false
    # The number of search results to be displayed
    answers_per_query: 3
  code_pilot:
    # When enabled, CodePilot can be used by learners to request individual help by a tutor
    # through a video conferencing system. Optionally, it also provides access to recordings
    # of previous sessions. Support for CodePilot is currently in beta.
    enabled: false
    # The root URL of CodePilot
    url: //localhost:3000
  codeharbor:
    # When enabled, CodeHarbor is integrated in the teachers' view and allows importing
    # and exporting exercises from CodeOcean using the ProFormA XML format to CodeHarbor.
    enabled: false
    # The root URL of CodeHarbor
    url: https://codeharbor.openhpi.de
  codeocean_events:
    # When enabled, learner-specific events within the editor are stored and can be used
    # as part of learning analytics. This setting enables the JavaScript event handlers.
    enabled: false
  prometheus_exporter:
    # When enabled, a dedicated endpoint using the Prometheus format is offered and might
    # be used by a Prometheus-compatible monitoring system. Exported metrics include absolute
    # counters of all relations with specific support for Request-for-Comments.
    enabled: false
  runner_management:
    # When enabled, CodeOcean delegates the handling and management of (containerized) runners
    # to a dedicated runner management. Otherwise, code executions are performed locally using
    # Docker and without pre-warming support (one container per execution).
    enabled: true
    # The strategy to use. Possible values are: poseidon, docker_container_pool
    strategy: docker_container_pool
    # The root URL of the runner management to use
    # If a hostname is specified and the target host is reachable via IPv6, the WebSocket
    # connection might not use the IPv6-to-IPv4 fallback but rather fail unexpectedly.
    url: http://127.0.0.1:7100
    # The root certificate authority to trust for TLS connections to the runner management (Poseidon only)
    # ca_file: /example/certificates/ca.crt
    # The authorization token for connections to the runner management (Poseidon only)
    # If TLS support is not enabled, this token is transmitted in clear text!
    # token: SECRET
    # The maximum time in seconds a runner may idle at the runner management before it is removed.
    # Each begin of an interaction with the runner resets this time. Thus, this value should
    # be truly greater than any permitted execution time of an execution environment.
    unused_runner_expiration_time: 180
 development:
  <<: *default
  flowr:
    enabled: true
  codeharbor:
    enabled: true
 production:
  <<: *default
  prometheus_exporter:
    enabled: true
 test:
  <<: *default
--- a/provision/provision.vagrant.sh
+++ b/provision/provision.vagrant.sh
@ -1,14 +1,17 @@
-#!/bin/bash
+#!/usr/bin/env bash
 cd /home/vagrant/codeocean
 ######## VERSION INFORMATION ########
-postgres_version=14
+postgres_version=15
-node_version=14
+node_version=lts/hydrogen
-ruby_version=2.7.6
+ruby_version=$(cat .ruby-version)
 ########## INSTALL SCRIPT ###########
 DISTRO="$(lsb_release -cs)"
 ARCH=$(dpkg --print-architecture)
 ########## INSTALL SCRIPT ###########
 # Disable any optimizations for comparing checksums.
 # Otherwise, a hash collision might prevent apt to work correctly
@ -16,83 +19,40 @@ DISTRO="$(lsb_release -cs)"
 sudo mkdir -p /etc/gcrypt
 echo all | sudo tee /etc/gcrypt/hwf.deny
 # Always set language to English
 sudo locale-gen en_US en_US.UTF-8
 # Prerequisites
 sudo apt -qq update
-sudo apt -qq -y install apt-transport-https ca-certificates curl gnupg-agent software-properties-common firefox firefox-geckodriver libpq-dev libicu-dev acl
+sudo apt -qq -y install ca-certificates curl libpq-dev libicu-dev
 sudo apt -qq -y upgrade
 # PostgreSQL
-curl -sSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
+curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/apt.postgresql.org.gpg >/dev/null
-echo "deb https://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" | sudo tee /etc/apt/sources.list.d/pgdg.list
+echo "deb [arch=$ARCH] http://apt.postgresql.org/pub/repos/apt $DISTRO-pgdg main" | sudo tee /etc/apt/sources.list.d/pgdg.list
-sudo apt -qq update && sudo apt -qq install -y postgresql-client-$postgres_version postgresql-$postgres_version
+sudo apt-get update && sudo apt-get -y install postgresql-$postgres_version postgresql-client-$postgres_version
-
+sudo -u postgres createuser $(whoami) -ed
 sudo sed -i "/# TYPE/q" /etc/postgresql/$postgres_version/main/pg_hba.conf
 sudo tee -a /etc/postgresql/$postgres_version/main/pg_hba.conf <<EOF
 # code_ocean: drop access control
 local all all trust
 host  all all 127.0.0.1/32 trust
 host  all all ::1/128 trust
 EOF
 sudo systemctl restart postgresql
 # Install node
 curl -sSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | sudo apt-key add -
 echo "deb https://deb.nodesource.com/node_$node_version.x $DISTRO main" | sudo tee /etc/apt/sources.list.d/nodesource.list
 echo "deb-src https://deb.nodesource.com/node_$node_version.x $DISTRO main" | sudo tee -a /etc/apt/sources.list.d/nodesource.list
 sudo apt -qq update && sudo apt -qq install -y nodejs
 # yarn
 curl -sSL https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
 echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
 sudo apt -qq update && sudo apt -qq install -y yarn
 # Docker
 curl -sSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
 sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $DISTRO \
   stable"
 sudo apt -qq update && sudo apt -qq -y install docker-ce docker-ce-cli containerd.io
 sudo usermod -aG docker ${USER}
 sudo tee -a /etc/docker/daemon.json <<EOF
 {
        "userns-remap": "default"
 }
 EOF
 sudo mkdir -p /etc/systemd/system/docker.service.d/
 sudo tee -a /etc/systemd/system/docker.service.d/override.conf <<EOF
 [Service]
 # Empty line is required
 ExecStart=
 ExecStart=/usr/bin/dockerd -H fd:// -H tcp://127.0.0.1:2376
 EOF
 sudo systemctl daemon-reload
 sudo systemctl restart docker
 # Pull example docker image
 sudo docker pull openhpi/co_execenv_python:3.8
 # RVM
-curl -sSL https://rvm.io/mpapis.asc | gpg --import -
+gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
 curl -sSL https://rvm.io/pkuczynski.asc | gpg --import -
 curl -sSL https://get.rvm.io | bash -s stable
-source "/home/vagrant/.profile"
+source ~/.rvm/scripts/rvm
-# ruby
+# Install NodeJS (without NVM)
 curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/master/install.sh | bash
 source ~/.nvm/nvm.sh
 nvm install $node_version
 # Enable Yarn
 corepack enable
 # Install Ruby
 rvm install $ruby_version
 rvm use $ruby_version --default
 # bundler
 gem install bundler
 ######## CODEOCEAN INSTALL ##########
 cd /home/vagrant/codeocean
-# config
+# Prepare config
-for f in action_mailer.yml database.yml secrets.yml docker.yml.erb mnemosyne.yml content_security_policy.yml
+for f in action_mailer.yml code_ocean.yml content_security_policy.yml database.yml docker.yml.erb mnemosyne.yml secrets.yml
 do
  if [ ! -f config/$f ]
  then
@ -100,29 +60,39 @@ do
  fi
 done
-# We want to use a preconfigured code_ocean.yml file which is using the DockerContainerPool
+# Install dependencies
 if [ ! -f config/code_ocean.yml ]
 then
  cp provision/code_ocean.vagrant.yml config/code_ocean.yml
 fi
 # install dependencies
 bundle install
 yarn install
-# create database
+# Initialize database
-export RAILS_ENV=development
+rake db:setup
 rake db:create
 rake db:schema:load
 rake db:migrate
 rake db:seed
-# Always set language to English
+######## NOMAD INSTALL ########
 sudo locale-gen en_US en_US.UTF-8
-# Set ACL to ensure access to files created by Docker
+# Install Nomad
-mkdir -p tmp/files
+wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg >/dev/null
-setfacl -Rdm user:codeocean:rwx tmp/files
+echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
 sudo apt update && sudo apt-get -y install nomad
 sudo systemctl enable nomad
 sudo systemctl start nomad
-#### DOCKERCONTAINERPOOL INSTALL ####
+# Enable Memory Oversubscription
-../dockercontainerpool/provision.sh
+until curl -s --fail http://localhost:4646/v1/agent/health ; do sleep 1; done
 curl -X POST -d '{"SchedulerAlgorithm": "spread", "MemoryOversubscriptionEnabled": true}' http://localhost:4646/v1/operator/scheduler/configuration
 # Install Docker
 curl -fsSL https://get.docker.com | sudo sh
 ######## POSEIDON INSTALL ########
 # Install Golang
 gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 52B59B1571A79DBC054901C0F6BC817356A3D45E
 gpg --export 52B59B1571A79DBC054901C0F6BC817356A3D45E | sudo tee /usr/share/keyrings/golang-backports.gpg >/dev/null
 echo "deb [signed-by=/usr/share/keyrings/golang-backports.gpg] https://ppa.launchpadcontent.net/longsleep/golang-backports/ubuntu $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/golang.list
 sudo apt-get update && sudo apt-get -y install golang
 # Install Poseidon
 cd ../poseidon
 cp configuration.example.yaml configuration.yaml
 make bootstrap
 make build