Project

General

Profile

NetDRMS Installation » History » Version 309

« Previous - Version 309/369 (diff) - Next » - Current version
Pablo Alingery, 10/06/2016 15:12


NetDRMS Installation

Preliminary note

In the following sections, when there is a command line :
#\ means that command is executed into root user
$\ means that command is executed into production user

Requirements

Configuring production environment

Adding user production

# adduser production
# addgroup ias
# adduser production ias

Configure /home/production/.profile

Adding environment variables

#Modif Herve.B Pablo.A 12/05/2016

PATH="/usr/local/netdrms_current/bin/linux_x86_64:$PATH" 
PATH="/usr/local/netdrms_current/scripts:$PATH" 
PATH="/usr/local/jmd/bin:$PATH" 
PATH="/usr/local/jmd/scripts:$PATH" 
#The following is not needed as installed with 'apt-get install' 
#PATH="/usr/local/pgsql/bin:$PATH" 
PATH="/usr/local/netdrms-tools/scripts:$PATH" 
#2014-12-17 Avec Herve et Pablo on pense que la ligne suivante est intutile as it is f.. install in /usr/local/lib
PATH="/usr/local/cfitsio:$PATH" 
#Done

DERBY_HOME=/usr/local/jmd/databases/derby/derbyBD
export DERBY_HOME

export CVSROOT=:pserver:anonymous@solarch.tuc.noao.edu:2401/vtarc1/vso/cvsroot

Configure /varl/lib/postgres/.profile

Add to $PATH so postgres can exeute command like initdb

#Modif Herve.B Pablo.A 19/05/2016
PATH="/usr/lib/postgresql/9.4/bin:$PATH" 

Setting privileges for SUMS_MANAGER

Please modify file /etc/sudoers so user 'production' will be able to execute 'sum_chown' that we will locate in the dir : /usr/local/bin . See below
Add to /etc/sudoers the following line :
production host=NOPASSWD:/usr/local/bin/sum_chmown

Set passwords file for db postgres

Please create file .pgpass with the following information for user 'production" so he will be able to connect without password as 'production' or 'postgres' to 2 db that we will create later ias_sdo and ias_sdo_sums.

.pgpass content :

    #hostname:5432:ias_sdo:production: 
    #hostname:5434:ias_sdo_sums:production: 
    #hostname:5432:ias_sdo:postgres: 
    #hostname:5434:ias_sdo_sums:postgres

where #hostname is the name of your server

WARNING : change hostname when migrate sdo-new to sdo

Install missing libraries

  • libreadline-dev (but already installed with postgresql)
  • libssl-dev
  • libpam0g-dev
  • libperl-dev
  • libnet-ssh-perl
  • libstring-shellquote-perl
  • libdbi-perl
  • libdbd-pg-perl

NB : Already done in Debian 8.4 Jessy

# apt-get install $library_name

where
$library_name is the name of library

Then to update path on libraries, please type :

# ldconfig

Reconfigure locale

# dpkg-reconfigure locales

select fr_FR.UTF8 UTF8 and unselect en_US.UTF-8

localedef -i en_US -f UTF-8 en_US.UTF-8

(see here : [[http://www.thomas-krenn.com/en/wiki/Perl_warning_Setting_locale_failed_in_Debian]])

Install gfortran packages

# apt-get install gfortran swig

Installation of cfitsio library

In /usr/local dir

Version 3.39 (currently on sdo : 3.24)

# wget ftp://heasarc.gsfc.nasa.gov/software/fitsio/c/cfitsio3390.tar.gz

Untar and decompression
# tar -xzvf cfitsio3390.tar.gz

Go into /usr/local and type

su - root and :

# ./configure --prefix=/usr/local
# make 
# make install

Installation des libraries libtar-dev, libcurl3-dev et libecpg-dev

apt-get install libtar libtar-dev

Note, selecting 'libcurl4-openssl-dev' instead of 'libcurl3-dev'
libcurl4-openssl-dev is already the newest version

apt-get install libcurl3-dev

apt-get install libecpg-dev

Installation of apache2 and lib perl

# apt-get install apache2

# apt-get install libjson-perl

# apt-get install libapache2-mod-perl2

Installation of postgresql

Into 'root'

apt-get install postgresql-9.4 postgresql-client-9.4 

Installation of python3

Into 'root'

apt-get install python3 

Add some modules psycopg2 (postgres connector) and pySmartDL (Download manager)

apt-get install python3-psycopg2
apt-get install python3-psycopg2

Add python3-pip for modules within python3

apt-get install python3-pip
pip3 install pySmartDL

Both python2.7 and 3.4 versions are installed on the system.
By default, the python2.7 is used.
In order to change in 3.4 by default, type :

update-alternatives --config python

Installation of sdo_scripts

Install monitoring scripts for sdo

rsync -av scripts production@sdo-new:/home/production/netdrms-tools/

NetDRMS databases

into /var/lib/postgresql (hard mount point separated, 7 disks 15000 tr/min in raid5 in order to distribute read and write)

# cd /var/lib/postgresql
# mkdir data  data_sums data_monitor
# chown -R postgres:postgres * 

Initialize 3 servers data, data_sums, data_monitor

Into postgres

# su - postgres

$ initdb --locale=C -D data -A md5 -W
(no password)

Success. You can now start the database server using:

    postgres -D data
or
    pg_ctl -D data -l logfile start

$ initdb --locale=C -D data_sums -A md5 -W
(no password)

Success. You can now start the database server using:

    postgres -D data_sums
or
    pg_ctl -D data_sums -l logfile start

$ initdb --locale=C -D data_monitor -A md5 -W
(no password)

Success. You can now start the database server using:

    postgres -D data_monitor
or
    pg_ctl -D data_monitor -l logfile start

Edition des fichiers postgresql.conf pour configurer les bons ports d'écoute :
listen_addresses = '*'
data -> port 5432
data_sums -> port 5434
data_monitor -> port 5436

Edit files data*/pg_hba.conf : replace 'md5' by 'trust'

#"local" 
local   all             all                                     trust
#"IPv4" 
host   all             all                                     trust

Tunning postgres

In file postgres.conf ( according to https://www.qwant.com/?q=Tunning+postgres+server+9.4+&client=firefox )

shared_buffer=4096MB So 1/12 of the total RAM memory available

work_mem = 24MB

maintenance_work_mem = 4096MB

wal_buffers = 16MB

checkpoint_segments = 32

checkpoint_completion_target = 0.9

random_page_cost = 1.0

effective_cache_size = 16384MB so 1/4 of the max memory

#log
logging_collector = on
log_directory = 'pg_log'
log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern,
log_truncate_on_rotation = on # If on, an existing log file with the
log_rotation_age = 1d # Automatic rotation of logfiles will
client_min_messages = error
log_min_messages = error
log_min_duration_statement = 0

log_connections = on
log_disconnections = on
log_duration = off
log_hostname = on
log_line_prefix = '%t [%p]: %u@%h - %d :'

track_counts = on
autovacuum = on

extra_float_digits = 3

Start the 3 databases :

# su - postgres
$ cd /var/lib/postgresql
$ pg_ctl -D data  start
$ pg_ctl -D data_sums start
$ pg_ctl -D data_monitor start

Create the 3 databases :

Into user 'postgres'

  • createdb --locale C -E LATIN1 -T template0 ias_sdo
  • createdb --locale C -E LATIN1 -T template0 -p 5434 ias_sdo_sums
  • createdb --locale C -E LATIN1 -T template0 -p 5436 ias_sdo_monitor

Automatic startup

Add following lines in the /etc/rc.local file :

su -l -c "/usr/lib/postgresql/9.4/bin/pg_ctl -D /var/lib/postgresql/data start" postgres
su -l -c "/usr/lib/postgresql/9.4/bin/pg_ctl -D /var/lib/postgresql/data_sums start" postgres
su -l -c "/usr/lib/postgresql/9.4/bin/pg_ctl -D /var/lib/postgresql/data_monitor start" postgres

System tuning

Current configuration :

# sysctl -a

In the following file :

# vi /etc/sysctl.conf

we change some values (default values are commented with '#')

(resources links here)

# Semaphore is a object that is used to control utilization of a particular process.
# kernel.sem = SEMMSL SEMMNS SEMOPM SEMMNI
# SEMMSL        maximum number of semaphores per array  (min 128)
# SEMMNS        maximum semaphores system-wide  
# SEMOPM        maximum operations per semop call       
# SEMMNI        maximum arrays 
#semop incresed from 32 (default value)operation to 100 (3rd value )
# kernel.sem = 250      32000   32      128
kernel.sem = 250 32000 100 128

In order to  apply changes :#This sets the  OS receive buffer size for all types of connections (default value 212992)
#net.core.rmem_default = 212992
#net.core.rmem_max = 212992
net.core.rmem_default = 33554432
net.core.rmem_max = 33554432

#This is the OS send buffer size for all types of connections (212992 default value) 
#net.core.wmem_default = 212992
#net.core.wmem_max = 212992
net.core.wmem_default = 33554432
net.core.wmem_max = 33554432

#TCP Autotuning setting. "The first value tells the kernel the minimum receive buffer for each TCP connection, and this buffer is always
# allocated to a TCP socket, even under high pressure on the system. ... The second value specified tells the kernel the default receive
# buffer allocated for each TCP socket. This value overrides the /proc/sys/net/core/rmem_default value used by other protocols. ...
# The third and last value specified in this variable specifies the maximum receive buffer that can be allocated for a TCP socket." 
#net.ipv4.tcp_rmem = 4096       87380   6291456
net.ipv4.tcp_rmem = 10240 87380 33554432

#TCP Autotuning setting. "This variable takes 3 different values which holds information on how much TCP sendbuffer memory space
# each TCP socket has to use. Every TCP socket has this much buffer space to use before the buffer is filled up. Each of the three 
#values are used under different conditions. ... The first value in this variable tells the minimum TCP send buffer space available
# for a single TCP socket. ... The second value in the variable tells us the default buffer space allowed for a single TCP socket to use. ... 
#The third value tells the kernel the maximum TCP send buffer space." 
#net.ipv4.tcp_wmem = 4096       16384   4194304
net.ipv4.tcp_wmem = 10240 87380 33554432

#Disable cache metrics so the initial conditions of the closed connections will not be saved to be used in near future connections
#net.ipv4.tcp_no_metrics_save = 0
net.ipv4.tcp_no_metrics_save = 1

# Increase number of incoming connections backlog
# net.core.netdev_max_backlog = 1000
net.core.netdev_max_backlog = 5000

# The tcp_mem variable defines how the TCP stack should behave when it comes to memory usage. ... 
#The first value specified in the tcp_mem variable tells the kernel the low threshold. 
#Below this point, the TCP stack do not bother at all about putting any pressure on the memory usage by different TCP sockets. ... 
#The second value tells the kernel at which point to start pressuring memory usage down. ... The final value tells the kernel how many
# memory pages it may use maximally
# net.ipv4.tcp_mem = 1543347    2057796 3086694
net.ipv4.tcp_mem = 786432 1048576 26777216

# local port range that is used by TCP and UDP traffic to choose the local port. You will see in the parameters of this file two numbers:
# The first number is the first local port allowed for TCP and UDP traffic on the server, the second is the last local port number.
# net.ipv4.ip_local_port_range = 32768  61000
net.ipv4.ip_local_port_range = 1024 65535

# maximum number of sockets in TIME-WAIT to be held simultaneously.
# net.ipv4.tcp_max_tw_buckets = 262144
net.ipv4.tcp_max_tw_buckets = 360000

Then we run the following command to make our change take effect:

# sysctl -p

JMD Installation

Download new JMD package build by Niles Oien 2016-04-07 following thoses actions :

cd /urs/local

[oien@spsc-nso19-12 ~]$ ftp gong2.nso.edu
Name (gong2.nso.edu:oien): anonymous
Password: <---------------- use your email as the password
ftp> cd outgoing/oien
ftp> get pablo_jmd.tar.gz
ftp> quit

Install new JMD package following thoses actions

[oien@spsc-nso19-12 ~]$ gunzip -vf pablo_jmd.tar.gz
pablo_jmd.tar.gz:      8.3% -- replaced with pablo_jmd.tar
[oien@spsc-nso19-12 ~]$ tar xf pablo_jmd.tar
[oien@spsc-nso19-12 ~]$ cd pablo_jmd
[oien@spsc-nso19-12 pablo_jmd]$ less PABLO_README.txt
cd ..
mv jmd jmd_old
mv pablo_jmd jmd 

Apache Configuration for JMD

Configure webserver to request jsoc_fetch
(following the mail from )

WARNING : change hostname when migrate sdo-new to sdo

config d 'apache2 fichier sdo-new.ias.u-psud.fr


<VirtualHost *:80>
        ServerName sdo-new.ias.u-psud.fr
        ServerAdmin pablo.alingery@ias.u-psud.fr
        #ErrorLog /var/log/apache2/error.log
        DocumentRoot /var/www

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel debug

        #CustomLog /var/log/apache2/VSO/access.log combined

        Alias /VSO/DRMS/cgi-bin/ "/home/production/netdrms-tools/scripts/cgi-bin/" 

        <Location /VSO/DRMS/cgi-bin>
                SetHandler perl-script
                PerlResponseHandler ModPerl::Registry
                PerlOptions +ParseHeaders
                Options +ExecCGI
                Order allow,deny
                Allow from all
        </Location>
</VirtualHost>

Activate the new virtualhost and disable the default one :

# a2ensite sdo-new.ias.u-psud.fr.conf
# a2dissite 000-default.conf
# service apache2 restart

Allow symlink for the cgi scripts dierctory in apache2.conf :

<Directory /home/production/netdrms-tools/scripts/>
        Options FollowSymLinks
        AllowOverride None
        Require all granted
</Directory>

# service apache2 restart

To be added futher to test cgi
Execution test cgi with URL :

make sure my $hostname=in the cgi file vso_jsoc_fetch.cgi is correct and test
http://sdo-new.ias.u-psud.fr/VSO/DRMS/cgi-bin/vso_jsoc_fetch.cgi

expected result :

{
   "wait" : 0,
   "requestid" : "",
   "data" : {},
   "method" : "url_quick",
   "size" : 0,
   "errormsg" : "Empty query",
   "protocol" : "as-is",
   "status" : 1,
   "space_ratio" : 0.1,
   "load_ratio" : 0.066875,
   "dir" : "",
   "count" : 0
}

JMD configuration

Modify the file /usr/local/jmd/cfg/JMD.cfg

Warning : when migrate production server, change sdo-new by sdo

NetDRMS tool Install

The following installed is based on : [[http://inf-redmine.ias.u-psud.fr/redmine/attachments/download/114/Netdrms_First_Install.odt]]

The sources are in : http://jsoc.stanford.edu/netdrms/dist/
Locally on sdo-new in : /home/production/sources

Symbolic link created 'netdrms_current' that corresponds to the last release
ln -s netdrms_8.11/ netdrms_current

Edit file config.local

cp config.local.template config.local

Warning WEB_DBUSER apache We think that it should value www maybe , to be checked testing the cgi
So check the cgi to figure out which user is used to connect to bd

Create 2 followings dirs :

mkdir /usr/local/netdrms_8.11/logs/SUM
mkdir /usr/local/netdrms_8.11/logs/slony

Warning config.local from line 150 =>222 Remote config to provide data, series to externals
To be checked for PLATO

Création d'un alias netdrms dans /root/.bashrc

alias netdrms='cd /usr/local/netdrms_current'

Prepare compiling

Into production profile

$ ./configure

Compilation

Creating lib64 link (lib64 does not exist on debian 8)

# cd /usr
# ln -s lib/ lib64

$ make
$ make sums

SSH-HPN install

Intallation de openssh 7.2p2 car le dernier patch hpn dispo est 7.2hpn14.V10

web site for open ssh : http://ftp2.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.2p2.tar.gz
patch hpn : https://sourceforge.net/projects/hpnssh/files/HPN-SSH%2014v10%207.2p2/openssh-7_2_P2-hpn-14.10.diff

In the dir /home/production/sources into 'root'

# tar -xzvf openssh-7.2p2.tar.gz
# cd openssh-7.2p2/
# cat ../openssh-7_2_P2-hpn-14.10.diff |patch -p1
# ./configure --prefix=/usr/local/hpn-ssh --with-pam --with-md5-passwords --without-zlib-version-check --with-tcp-wrappers
# make
# make install

Depuis sdo :

# cd /usr/local/hpn-ssh/etc/
# rsync -av *key* production@sdo-new:/home/production/

Following the link : http://vso.stanford.edu/netdrms/rmtsums.html

$ cd /home/production/
$ ssh-agent -c > ~/.ssh-agent_rs

NB : correct file ~/.ssh-agent_rs it should look like :
#!/bin/csh
export SSH_AUTH_SOCK=/tmp/ssh-9POrTXobhLR4/agent.74272;
export SSH_AGENT_PID=74273;
echo Agent pid 74273;

$ source ~/.ssh-agent_rs
$ ssh-add ~/.ssh/id_rsa

Sur sdo-new :

# mv /home/production/*key* /usr/local/hpn-ssh/etc/

We have to configure the port number to 55000

# vi ssh_config

and add :

#Port 22
Port 55000

We configure also the server hpn (even we don't use it yet)

# vi sshd_config

and add :

#Port 22
Port 55000

#PidFile /var/run/sshd.pid
PidFile /var/run/sshd.55000.pid

# allow the use of the none cipher
#NoneEnabled no
NoneEnabled yes

In order to force the use of SSH-hpn by JMD :

$ vi /usr/local/jmd/cfg/JMD.cfg

and replace the path of scp binary :

SCPCommand=/usr/local/hpn-ssh/bin/scp -o NoneSwitch=yes -o NoneEnabled=yes

Private key Public key generation

JSOC need your public key to directly connect to your netdrms server. In order to generate your RSA public/private key pair :

$ ssh-keygen -t rsa

Not necessary in our case cause we recover the ssh keys of the current server 'sdo'.

However, we have to retrieve the private key of production account on sdo-new

From sdo :

rsync -av id_rsa production@sdo-new:/home/production/.ssh/

In order to test the connection :

$ ssh jsocexp@jsocport.stanford.edu -p55000

Note : the IP of the server has to be declared to the jsoc

NetDRMS Replication Config

To prevent from deleting files

cd logs/SUM ; scp production@sdo:/usr/local/netdrms/install-config-files/sum_rm.cfg .

Create tmp dir in netdrms working directory (/usr/local/netdrms_current)

# mkdir tmp

Create config file from template

# cd base/drms/replication/etc
cp repclient.template.cfg into ias.subscribe_list.cfg 

Define node in file : /usr/local/netdrms_current/base/drms/replication/etc/ias.repclient.cfg

In our case :

node=IAS

Correction

Modification du fichier ias.repclient.cfg

Copier le template existant repclient.template.cfg dans le répertoire [netdrms_current]/base/drms/replication/etc

production@sdo3:/usr/local/netdrms_current/base/drms/replication/etc$ cp repclient.template.cfg ias.repclient.cfg

Nouveau / netdrms2.4

# Apps
kRSPerl=<path to Perl binary to use when Perl scripts are executed>

TO BE DONE BEFORE MIGRATION

configure sytem nbr de fichier ouvert en meme temps

configure sytem taille buffer

swap désactivé ? discussion Stephane et Gilles

Test ssh connection to JSOC , NSO CFA before subcription and just after name sdo-new into sdo

Modification du fichir config.local pour la souscription au jsoc

# NetDRMS users can request subdirectories from the Stanford proj directories 
# (e.g., JSOC/proj/util). These users will need to contact Stanford and obtain
# the source subdirectories desired. They will then place these subdirectories
# in the JSOC/proj directory of their NetDRMS release. To properly build 
# targets in these subdirectories, using the JSOC make system, the user needs
# to add entries to this configuration file - one entry for each subdirectory
# that contains source code to be compiled. Each entry is a space-separated pair
# of strings: the string "PROJDIR" followed by a subdirectory (of the proj 
# directory).  For example:
#
# PROJDIR     util/apps
# PROJDIR     util/libs
# 
# NOTE: It is not sufficient to list only a parent directory, like util. Source code
# in child directories will not automatically be compiled.