MPO-Group/MPO
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
MPO Software distribution Contents: README - this file Directories db - the database interface (python) server - the api_server and web_server (python - flask) client - the language specific apis each in their own subdirectory Certificates - for demo purposes only MPO Demo User.p12 - a demo user certificate (see directions below for installing in browser, and filesystem) mpo.psfc.mit.edu-ca.crt - file containing the public keys of the certificate authorities we are willing to accept mpo.psfc.mit.edu.crt - certificate identifying the mpo web server for https access mpo.psfc.mit.edu.key - private key for this certificate MPO-UI-SERVER.crt - A client certificate for the WEB_SERVER to identify itself to the API_SERVER MPO-UI-SERVER.key - private key for this certificate NOTE: The .key files must be chmod 640 and SVN does not do this. So after updates execute: chmod 600 *.key Scripts functions.sh - support shell functions api_server.sh - script to run the api web server using uwsgi web_server.sh - script to run the web gui server using uwsgi api_server.wsgi - scripts to be used by web_server.wsgi apache to run the web server(s) NOTE: for apache to serve these pages to safari you may need to add: SSLInsecureRenegotiation ON to the apache config file - at least for this directory. apache2-site-cfg - Sample lines to configure apache2 to serve the mpo web and api servers. These should be added to /etc/apache2/sites-available/default-ssl, or someplace equivalent on the target system. To run the api_server: ./api_server.sh This will fire up the api server listening for https on port 8443, for a different port specify the port number as the 1st argument. Available as https://localhost:8443 To run the web_server: ./web_server.sh This will fire up the web server listening for https on port 9443, for a different port specify the port number as the 1st argument. Note if your api_server is not running on localhost:8443 then specify the url for the api_server as the 2nd argument. ./web_server.sh 9999 https://localhost:8888/ Available as https://localhost:9443 To access the live apache served servers * For the mpo web pages: https://mpo.psfc.mit.edu/mpo For the api json responses https://mpo.psfc.mit.edu/api ** * note: you will need to have a certificate installed in your browser to access either of these. see the certificate directions below. ** note the api server's top route is not defined, try: https://mpo.psfc.mit.edu/api/workflow Example scripts to archive using rsync. These scripts use an ssh-key from ~/.mporsync to rsync files between user directories and an archive server. Create a password free key for use by these scripts by typing: ssh-keygen and putting .mporsync/id_rsa in for the key file name and nothing for the password. Send the public part of the key (~/.mporsync/id_rsa.pub) to jas@psfc.mit.edu and he will authorize you to write in archive. mpoarchive src-file workflow-name user-name run-number [extra-file-name-parts] mpols workflow-name user-name run-number [extra-file-name-parts] mporestore workflow-name user-name run-number [extra-file-name-parts] To example-usage: mpoarchive gyrodir gyro jas 1 - this will archive the contents of the directory gyrodir as gyro/jas/1/gyrodir in the archive on psfcstor1 mpols gyro jas 1 - This will recursively list out all the files archived in the previous step mporestore gyro jas 1 - This will restore all the files in the 1st step to the current working directory hierarchy. Server use cases: a. You want to access the api server running on mpo.psfc.mit.edu under apache but run your own ############## Demo User Certificate Directions ############## The file MPO Demo User.p12 contains a user certificate that can be used for testing the MPO API and WEB GUI. In order to use it to access either of these servers from a browser, it must be installed. The exact procedure varies depending on the browser and operating system. Windows/Linux/Chrome: 1) from the menu (upper right) choose Settings or browse to: chrome://settings/ 2) at the bottom of the page click 'Show advanced settings...' 3) under HTTPS/SSL click 'Manage certificates...' 4) A dialog will appear that will let you import this certificate. 5) the password is 'mpo demo' (without the quotes) Linux/Firefox: 1) Go to Preferences/Advanced/View Certificates 2) at the bottom of the new window click on Import 3) A dialog will appear that will let you import this certificate. 4) the password is 'mpo demo' (without the quotes) PLEASE add the recipe for your OS/Browser combination... OSX/Safari: 1) open KeyChain 2) File/Import Items Select the MPO p12 key and import it, enter password when prompted, 'mpo demo' 3) select 'My Certficates' in left pane of KeyChain 4) right click and select 'New Identify Preference' Enter the mpo website 'https://mpo.psfc.mit.edu' 5) Test by opening http://mpo.psfc.mit.edu/mpo Select 'Always Allow' for keychain access by this website 6) Done. Now Safari will identify as MPO User at this site. Follow a similar procedure if you receive a new certificate for this site Commandline with curl or for using mpo api commandline tool: 1) convert to PEM format openssl pkcs12 -in MPO\ Demo\ User.p12 -out MPO\ Demo\ User.pem -nodes 2) test api with curl curl -k --cert ./MPO\ Demo\ User.pem https://localhost:8443/v0/workflow 3) use with command line tool export MPO_AUTH=path_to_key/keyStore.pem ############## INSTALLATION and STARTUP ############# #initial setup of postgres cd <to your mpo checkout> export MPO_HOME=$PWD export PGDATA=$MPO_HOME/db/data initdb -D $PGDATA # Startup postgresql, make sure postgresql bin is in PATH shared memory can be a problem with postgres91 (93 fixes this), if so trying increasing: : sudo sysctl -w kern.sysv.shmall=65536 : sudo sysctl -w kern.sysv.shmmax=16777216 # Start database if not already running #this works postgres -D $PGDATA > logfile #but this is preferable pg_ctl start -D $PGDATA # setup database for MPO # Note Bene: on systems where postgres process is owned by postgres user, # you have to add yourself as a 'role' in postgres: # sudo su postgres # psql # psql> create user <$USER> createdb superuser; # psql> ^D createdb mpoDB # create tables psql -d mpoDB -a -f $MPO_HOME/db/create_tables.sql ## Start up all services #set host for client and other env variables #cd to mpo working directory export MPO_HOME=$PWD export MPO_VERSION=v0 export MPO_HOST=https://localhost:8443 export MPO=$MPO_HOME/client/python/mpo_arg.py alias mpo=$MPO #if you like export MPO_AUTH='~/Desktop/keyStore.pem' #p12 support to be added. requires autogeneration of pem file #or export MPO_AUTH=$MPO_HOME/'MPO Demo User.pem' #to use cert that comes with mpo export MPO_RC='path to optional resources file' # not implemented export PGDATA=$MPO_HOME/db/data #on mpo.psfc.mit.edu or any other system where postgres is already running an it is not #practical to start another postgres, then export PGDATA=/var/lib/postgresql/9.1/main #start the data server / web client postgres -D $PGDATA > logfile ./api_server.sh& ./web_server.sh & # pre wsgi ./server/python server.py & ## Reset database As database owner: > dropdb 'mpoDB' > createdb mpoDB > psql mpoDB < db/mpoDB_reference ##update reference database pg_dump mpoDB > $MPO_HOME/db/mpoDB_reference This will reset the default database to the reference DB from GA with 75 workflows that was introduced in the summer of 2013. #######Debugging When something goes wrong, here's what to do: Use -v argument for your $MPO command. It will tell you what it's posting. svn status -uv #Make sure your install has no local mods. This will also tell you if it #is up to date. Check the output of pip list and compare to the list in DEPENDENCIES # Using git on mpo project We are going to use 'git flow' as a workflow when working on MPO. What this means is: * the branch master is the current working directory ** Never work directly on master * to work on a feature, make sure you are on master and up to date: $ git status # On branch master nothing to commit (working directory clean) $ git pull origin master From github.com:MPO-Group/MPO * branch master -> FETCH_HEAD Already up-to-date. * create a branch $ git branch add-git-flow-directions * check it out $ git checkout add-git-flow-directions Switched to branch 'add-git-flow-directions' * now make whatever changes you like (like editing this README) * add the changed files git add README * commit the changes git commit -m "Added git flow to the README" * push the branch git push * create a pull request (using the github web site) on github.com select the new branch in the branch menu. Click yellow button <> Comare & pull request on next screen click 'Create pull request' * have someonelse merge your pull request using the github website ** to test someone's pull request click the 'command line instructions' next to the 'Merge Pull Request' button. git branch master git fetch origin git checkout -b add-git-flow-directions origin/add-git-flow-directions git merge master ** do whatever local testing you like. If you are happy click the green button 'Merge Pull Request' ** If you want to propose changes, then put them in a text block in the next section of the page ** If you want make changes to your local copy and push them, which effectively modifies the pull request
About
The Metadata, Provenance, and Ontology Project
Resources
Stars
Watchers
Forks
Packages 0
No packages published