-
Notifications
You must be signed in to change notification settings - Fork 2
Installation
The proof-of-concept implementation runs as a java web application on a linux server. The following instructions are intended for use on an Amazon AWS EC2 instance running an Amazon 64bit Linux AMI. They should be easy to adapt to other Linux installations. Installation on Windows servers is not supported.
The implementation requires the following components which will be installed as part of the process:
- Java 1.7 - Openjdk java 1.7.0 will be installed
- Apache Tomcat 7 - adaptation to other java application servers is possible
- nginx
Detailed instructions for EC2 allocation are out of scope for this guide. Key points to note are:
- Recommended instance sizes are m1.medium or m1.large.
- Ensure security rules for SSH, HTTP and HTTPS are enabled, for example by creating a WebAccess security group.
- Install Amazon 64bit Linux AMI:
- For m1.large - amzn-ami-pv-2012.09.1.x86_64-ebs (ami-3c5f5748)
- For m1.medium - amzn-ami-pv-2013.03.0.x86_64-ebs (ami-44939930)
The registry implementation places all of the stored data and indexes in a single place in the file system, outside of the web application itself (/var/local/registry). Installers may wish to host this area on a Elastic Block Store to simplify backup and migration to other instances.
If this is required then allocate an EBS volume and attach it to the EC2 instance. If this volume is attached at /dev/xvdf then prepare it with something like:
sudo mkfs.ext4 /dev/xvdf
sudo mkdir /mnt/ebs1
echo '/dev/xvdf /mnt/ebs1 ext4 noatime,nodiratime 0 0' | sudo tee -a /etc/fstab
sudo mount /mnt/ebs1
sudo mkdir /mnt/ebs1/registry
sudo ln -s /mnt/ebs1/registry /var/local
The registry distribution is provided via an S3 download and contains both the application war file and a configuration script to initialize a new EC2 instance. To download and unpack it use:
curl -O http://ukgovld-registry.s3.amazonaws.com/distribution/ukl-registry-0.0.1-SNAPSHOT-dist.tar.gz
tar xzvf ukl-registry-0.0.1-SNAPSHOT-dist.tar.gz
cd ukl-registry-0.0.1-SNAPSHOT/install
To install the registry implementation, along with the dependent software run:
sudo ./prepare.sh
This script is only directly suitable for use on the above AMI configurations. Other Linux systems may differ on where packages are installed and it should be reviewed before use on any other platform. The script:
- Installs nginx, configures log rotation for it and adjusts its configuration to include dynamically generated configuration files from
/var/local/registry. - Installs java 1.7 and configures it to be the default java.
- Installs Apache Tomcat 7.
- Ensures the
/var/local/registryarea is owned by the tomcat user and creates an empty/var/local/registry/uidirectory ready for bootstrapping. - Adds sudo permissions to enable both tomcat and ec2-user users to run a script which will dynamically reconfigure a running nginx instance.
- Installs the registry web app
Once the installation script completes, if successful, the process of tomcat unpacking the registry web app and it bootstraping the registry root file area can be watched using:
sudo tail -f /var/log/tomcat7/catalina.out
When the web app is running then visit the machine from a web browser to confirm that an empty registry instance has been created.
Finally verify that the installation has correctly set execute permissions on the file /var/local/registry/proxy-conf.sh. If this file is not installed and executable then the proxy configurations will fail.
For full information on how the running registry application is structured and how to configure it see Configuration.
The most likely configuration tasks after initial installation are:
- set up an administrator (and any other pre-registered users)
- configure the intended base URL
- configure any additional bootstrap registers
The safest way to do this is:
sudo service tomcat7 stop
cd /var/local/registry/
sudo rm -rf store index userstore
Modify the configuration files as discussed below then:
sudo service tomcat7 start
sudo tail -f /var/log/tomcat7/catalina.out
The last step being an optional check to verify the registry is restarting correctly.
If there is no security database present the the registry will build one, initializing it from the file /var/local/registry/config/user.ini. The installation process will have created an initial version of this file with comment lines describing the file format. To add an adminstrator then you need to add a minimum of two lines to this file, one to register the user and one to grant them suitable permissions. For example:
user https://profiles.google.com/1147194443288764760228 "Alice"
user http://localhost/anon "Any authenticated"
https://profiles.google.com/1147194443288764760228 GrantAdmin
An OpenID profile for anyone with a Google account can be obtained from their profile or Google-plus home page and copying the long number from there into the above URL pattern.
Note that the declaration of the anonymous user was created by the installation process and should be left in place.
This must be set in two places.
The software configuration is set in the file /var/local/registry/config/services.conf. Change the following line to give a suitable base URI:
registry.baseURI = http://ukgovld-registry.dnsalias.net/
In addition when a registry instance starts up with no data then an initial root register must be created. This is done by loading the file /var/local/registry/config/root-register.ttl. The minimum change is to edit the line:
@base <http://ukgovld-registry.dnsalias.net/> .
to match the configured base URI for the registry instance. It is also possible to set additional metadata on the root register at this point.
When the registry application starts up, if there is no RDF store then once the above root register has been created additional initial registers are loaded from the area /var/local/registry/boot. Each directory in the boot area corresponds to a register and should contain a metadata.ttl defining it. It may also contain sub-directories for sub-registers and other *.ttl files defining initial contents.
The installation process will have created an initial set of bootstrap registers to define the system register hierarchy, do not change these unless you are sure you know what you are doing!