Categories: Servers, Activity log, Documentation

22/06/17

Permalink 04:58:27 pm, by mholmes, 333 words, 26 views   English (CA)
Categories: Servers, R & D, Activity log, Documentation, Documentation; Mins. worked: 90

Building a vector tile server

Now that Open Layers fully supports vector layers, we're looking at the practicality of running a vector tile server for our projects. Starting from this docker example, I created a script which I can run on a standard Debian Stretch install to create a working tile server:

#!/bin/bash

#This is to be run on a standard Debian Stretch install.

#Install core stuff
apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -y install apt-transport-https curl unzip build-essential python libcairo2-dev libprotobuf-dev xvfb 

#Temporarily use a specific source for the exact nodejs version we need.
echo "deb https://deb.nodesource.com/node_4.x jessie main" >> /etc/apt/sources.list.d/nodejs.list
echo "deb-src https://deb.nodesource.com/node_4.x jessie main" >> /etc/apt/sources.list.d/nodejs.list

#Install it.
apt-get -qq update && DEBIAN_FRONTEND=noninteractive apt-get -y --allow-unauthenticated install nodejs 

#Now remove the source.
rm /etc/apt/sources.list.d/nodejs.list
apt-get clean

#Added these in order to get the npm install to run properly. 
#The problem was building canvas.
apt-get -y install libjpeg62-turbo-dev libpango1.0-dev libgif-dev g++

#Create directory for tileserver application.
mkdir -p /usr/src/app

#Get the Klokantech code for the server.
cd /usr/src/app 
curl -L https://github.com/klokantech/tileserver-gl/archive/master.zip -o master.zip
unzip master.zip 
cp -r tileserver-gl-master/* ./
rm -rf tileserver-gl-master

#Install the node stuff
npm install --production

#Set environment variable
echo NODE_ENV=\"production\" >> /etc/environment

#Create the folder for the mbtiles files (you'll need to supply these later).
mkdir /data

#In case other servers are installed and running, stop them.
systemctl stop apache2 mysql
systemctl disable apache2 mysql

echo "Now put your mbtiles files into the /data folder, and run /usr/src/app/run.sh."
#Start the tileserver on port 80.
#run.sh

This could form the basis for a VM-based tileserver for our projects, including the Confederation Debates; running a server for all of Canada is quite practical due to the efficiency of the vector format.

03/05/17

Permalink 02:34:53 pm, by Greg, 23 words, 26 views   English (CA)
Categories: Servers, Activity log; Mins. worked: 450

Building an Ubuntu package server - apt-mirror, reprepro, tftp

I'm building a new apt Frankenserver out of spare parts, and have re-documented the process from scratch. Notes are in the utilities repo.

01/05/17

Permalink 09:05:19 am, by mholmes, 77 words, 20 views   English (CA)
Categories: Servers, R & D, Activity log, Activity log, Documentation, Documentation; Mins. worked: 30

Upgrading teiJenkins java

The upgrade for Jenkins on teiJenkins was being kept back, and it turned out this was because Ubuntu 14.04 has Java 7 by default. I added a PPA for Java 8, updated the alternatives (sudo update-alternatives --config java) to point to the new one, and was then able to install Java 8. Following that, the Jenkins update went ahead. I elected to keep my existing config for Jenkins rather than overwrite. It needed a reboot for Apache to find Jenkins again.

Permalink 08:33:12 am, by mholmes, 23 words, 20 views   English (CA)
Categories: Servers, R & D, Activity log, Activity log, Documentation, Documentation; Mins. worked: 20

Extended partition on jenkins.hcmc.uvic.ca

RE provided new space to double the available drive space; followed my own instructions here to extend the partition. No problems at all.

20/04/17

Permalink 05:02:07 pm, by mholmes, 132 words, 23 views   English (CA)
Categories: Servers, R & D, Activity log, Activity log, Documentation, Documentation; Mins. worked: 90

How to deploy a new XAR on Jettys

Today I blew up a couple of the apps and had to restart them, through doing this the wrong way. When you have a new XAR to deploy:

  1. Use Chrom*, not FF.
  2. Connect over the internal URL on :8080.
  3. Upload the new package.
  4. If it goes wrong and you see an error message, the chances are the db is now set to read-only.
  5. If that happens, try shutting down the db from the web interface. If that works, restart it from /etc/init.d/jetty. If it fails, you may need to kill all the relevant processes on Peach before restarting.

With these big XARs, we may need to consider testing an alternative process where we uninstall the old XAR and then put the new one in the autodeploy folder before restarting eXist.

24/03/17

Permalink 03:11:21 pm, by mholmes, 24 words, 64 views   English (CA)
Categories: Servers, R & D, Activity log, Activity log, Documentation; Mins. worked: 60

Rebuild of eXist template

The eXist team tagged 3.1.1, so I've rebuilt our template from that tag, tested it, and pushed it to the existDeployer folder on home1t.

23/03/17

Permalink 04:07:11 pm, by mholmes, 28 words, 59 views   English (CA)
Categories: Servers, Activity log; Mins. worked: 60

Server down issue

Our MySQL server was down ("too many connections"); spent some time reporting, investigating, and fielding and responding to queries from users. In the end a restart fixed it.

20/03/17

Permalink 05:21:32 pm, by mholmes, 25 words, 76 views   English (CA)
Categories: Servers, R & D, Activity log, Activity log, Documentation, Documentation; Mins. worked: 30

eXist deployment: tested development branch

Tested a build of the dev branch with my script and deployment stuff locally; all good, and the bug with the java client is fixed.

14/03/17

Permalink 02:37:49 pm, by mholmes, 20 words, 61 views   English (CA)
Categories: Servers, Activity log, Documentation; Mins. worked: 60

eXist deployment: added some hardening

Added a new transform of webapp/WEB-INF/web.xml to hide the REST interface from the public. Tested and working.

08/03/17

Permalink 02:46:07 pm, by mholmes, 429 words, 61 views   English (CA)
Categories: Servers, R & D, Activity log, Documentation; Mins. worked: 240

Multiple eXists side-by-side on subdomains with apache

I've successfully configured my local machine for testing purposes so that eXists can be configured and run alongside each other, available individually on port 8080, and proxied through apache on port 80. The details of the eXist build and configuration are best discovered in my scripts in the repo, but the local configuration details are:

In /etc/hosts:

127.0.2.1	graves2-internal.hcmc.uvic.ca
127.0.3.1	mapoflondon6-internal.hcmc.uvic.ca
127.0.4.1	mariage6-internal.hcmc.uvic.ca

In /etc/apache2/sites-enabled/graves2.conf (one example for graves2, others analogous):

<VirtualHost 127.0.2.1:80>
	ServerAdmin webmaster@localhost
	ServerName graves2-internal.hcmc.uvic.ca
	ServerAlias graves2
	ProxyRequests Off
	<Proxy *>
		Order deny,allow
		Allow from all
	</Proxy>
	ProxyPreserveHost on
	ProxyPass / http://graves2-internal.hcmc.uvic.ca:8080/ nocanon
        ProxyPassReverse / http://graves2-internal.hcmc.uvic.ca:8080
        AllowEncodedSlashes NoDecode
</VirtualHost>

<VirtualHost [YOUR_REAL_IP_ADDRESS]:80>
	ServerAdmin webmaster@localhost
	ServerName graves2-internal.hcmc.uvic.ca
	ServerAlias graves2
	ProxyRequests Off
	<Proxy *>
		Order deny,allow
		Allow from all
	</Proxy>
	ProxyPreserveHost on
	ProxyPass / http://graves2-internal.hcmc.uvic.ca:8080/ nocanon
        ProxyPassReverse / http://graves2-internal.hcmc.uvic.ca:8080
        AllowEncodedSlashes NoDecode
</VirtualHost>

<VirtualHost 127.0.2.1:443>
        ServerAdmin webmaster@localhost
        ServerName graves2-internal.hcmc.uvic.ca
        ServerAlias test
        SSLEngine on
        SSLCertificateFile /etc/ssl/certs/spud.crt
        SSLCertificateKeyFile /etc/ssl/private/spud.key
        ProxyRequests Off
        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
        ProxyPreserveHost on
        ProxyPass / http://graves2-internal.hcmc.uvic.ca:8080/ nocanon
        ProxyPassReverse / http://graves2-internal.hcmc.uvic.ca:8080
        AllowEncodedSlashes NoDecode
</VirtualHost>

The one with an external ip address is optional, but needed if you want external hosts to be able to access the apps (based on their own hosts file being configured to point these domains at your ip). The third stanza allows HTTPS access; in fact Apache provides encryption, using the specified cert, but when it talks to eXist, it does that over an insecure local connection. If you try to have Apache from eXist's 8443 encrypted port for this, you'll get an error because eXist doesn't have a cert set up. You can still use the full :8443 port to access eXist directly over an encrypted connection. In both cases when using https, your browser will complain about a self-signed cert, of course.

With this approach, I've had Mariage, MoEML and Graves all running side-by-side on my machine. I've also finished and commented the script to roll out new eXists on Peach, and I'm waiting for RE to look it over before we actually test it. eXist 3.1 is out today and I built the latest dist from that tag.

:: Next Page >>

Maintenance

This blog is the location for all work involving software and hardware maintenance, updates, installs, etc., both routine and urgent, in the server room, the labs and the R&D rooms.

Reports

XML Feeds