Mercurial > dive4elements > gnv-client
view doc/admin-manual/installation-base.tex @ 1134:411b09d348ca
Some refactoring of 'Adding new Languages' section.
doc/trunk@1249 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author | Ingo Weinzierl <ingo.weinzierl@intevation.de> |
---|---|
date | Wed, 30 Jun 2010 08:52:49 +0000 |
parents | cbfe708b9a17 |
children | 706df18f0c01 |
line wrap: on
line source
\section{Installation and Configuration} This section describes preconditions for the entire system and an installation on a Debian 5.0.x (Lenny) for the GNV-System without an running X-Environment. Mostly, the debian package management\footnote{Further information at \url{http://www.debian.org/doc/manuals/debian-reference/ch02.en.html}} using \verb+ aptitude+ is used in this manual. If existing configurations have to be changed, the following notation will be used: \verb|+| for adding a line replacing the marked by \verb|-|. \subsection{Preconditions} \subsubsection*{System} \begin{itemize} \item Storage for the delivered software: 100 MB \item Current processor on a 32-bit Architecture (Beginning 2010)\footnote{Running on a 64-bit system should work out of the box and improve scalibility issues (not tested yet).} \item RAM: 1 GB for production as minimum.\footnote{This value depends mainly on the amount of connected users.} \item Network access to Database Backend \item RW-Access to the filesystem for logging, shapefile-export, caching \end{itemize} \subsubsection*{Database: Software and Data} The software has been developed for the following system: \begin{itemize} \item ESRI ArcSDE 9.3.1 on Oracle 10.2\footnote{The development started in ESRI ArcSDE 9.2. There are known problems with this version.} \item ArcMarineBSH, model package "Time Series and Measurements" \item ArcMarineBSH, model package " MeshFeature" \item ArcMarineBSH, model package "Marine Feature" \item ArcS57 -- International Hydrographic Organization (IHO) S-57 for ENC Data Model. - ESRI Data Models. http://support.esri.com/datamodels \item CONTIS -- Federal Maritime and Hydrographic Agency (BSH). Continental Shelf Information System -- \\ \url{http://www.bsh.de/en/Marine\_uses/Industry/CONTIS\_maps/index.jsp} \item GNV specific schema MapViewer interface -- Schema for integrating with MapViewer and their WMS services \item GNV specific schema for managing the cache -- The central dataware house is updated regulary. To keep the cache up-to-date, needs to cleaned after database updates. \end{itemize} \subsection{Operating System} {\em Hint}: Configuring of partitions, firewalls, etc. for the system is out of the scope of this documentation. \subsection{Java Environment} \subsubsection*{Installation Sun Java 6} This GNV-system is developed for Sun Java 6. Add non-free packages of the Debian distribution to the system in \verb+/etc/apt/sources.list+: \begin{lstlisting} [...] deb http://ftp.de.debian.org/debian/ lenny main non-free deb-src http://ftp.de.debian.org/debian/ lenny main deb http://security.debian.org/ lenny/updates main deb-src http://security.debian.org/ lenny/updates main [...] \end{lstlisting} Install Sun Java 6 and its dependencies by executing the following: \verb+ apt-get install sun-java6-jdk+ \subsubsection*{Install Native Components for Java6 (optional)} This step is optional but recommended\footnote{For background information, c.f. \url{http://tomcat.apache.org/tomcat-5.5-doc/apr.html}}. For a better support of the native server technologies, the package \verb+libtcnative+ can be installed. \begin{lstlisting} apt-get install libtcnative-1 cd /usr/lib/jvm/java-6-sun/jre/lib/i386/client ln -s /usr/lib/libtcnative-1.so \end{lstlisting} \subsubsection*{Configuration} To ensure that the Apache Tomcat and the GNV Artifact-Server will use Sun Java 6 exclusively, switch to the default Java version globally\footnote{This manual assumes that there are no other packages depending to another Java version.}. Use \verb+update-alternatives+ mechanism of the Debian system\footnote{Background information: {\tt man update-alternatives}}, execute: \verb+ update-alternatives --list java+ Lists all installed Java-Environments. E.g.: \begin{lstlisting} Auswahl Alternative ----------------------------------------------- 1 /usr/bin/gij-4.3 + 2 /usr/lib/jvm/java-gcj/jre/bin/java 3 /usr/lib/jvm/java-1.5.0-sun/jre/bin/java * 4 /usr/lib/jvm/java-6-sun/jre/bin/java \end{lstlisting} \verb+update-alternatives --config java+ Opens a dialog to reconfigure the java version which should be used as default. Type the Number of the the java which should be used. For the example above, type "4". \subsubsection*{Test of the Installation} Execute \verb+ java -version+ Check if a version of 1.6.0* has been set. Check: \begin{lstlisting} java version "1.6.0_12" Java(TM) SE Runtime Environment (build 1.6.0_12-b04) Java HotSpot(TM) Server VM (build 11.2-b01, mixed mode) \end{lstlisting} \subsection{Tomcat Application Server} To run the GNV-System a Apache Tomcat Server Version 5.5 is required. This section describes the steps for installing and configuring Apache Tomcat. \subsubsection*{Installation} To install the Tomcat Application-Server and its dependencies, execute: \verb+ apt-get install tomcat5.5+ \subsubsection*{Configuration} Adapt some run-time specific properties in \verb+/etc/default/tomcat5.5+: \begin{lstlisting} - #JAVA_OPTS="-Djava.awt.headless=true -Xmx128M" + JAVA_OPTS="-Djava.awt.headless=true -Xmx1024m -server" - #TOMCAT5_SECURITY=yes + TOMCAT5_SECURITY=no \end{lstlisting} {\bf Hint: As there is no Java security policy for the GNV WebClient, Java Security Management is switched off.} The Apache Tomcat is integrate with Apache WebServer just via the Apache JServ Protocoll (AJP). To secure the connection, just local connections are allowed for AJP on Tomcat\footnote{For background information, c.f. \url{http://tomcat.apache.org/tomcat-5.5-doc/connectors.html}}. Modify the \verb+ /etc/tomcat5.5/server.xml+: \begin{lstlisting} # Deactivate Standard HTTP Connector: +<!-- <Connector port="8180" maxHttpHeaderSize="8192" address="127.0.0.1" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" /> +--> - <Connector port="8009" - enableLookups="false" redirectPort="8443" protocol="AJP/1.3" /> + <Connector port="8009" + enableLookups="false" redirectPort="8443" protocol="AJP/1.3" address="127.0.0.1"/> \end{lstlisting} To activate these changes, restart Apache Tomcat: \verb+ /etc/init.d/tomcat5.5 restart+ \subsubsection*{Test of the Installation} Check if the port 8009 is opened via: \verb+ netstat -nltp | grep 8009+ A possible listing looks like this: \begin{lstlisting} tcp 0 0 127.0.0.1:8009 0.0.0.0:* LISTEN 19252/jsvc \end{lstlisting} So fare, there is no commandline client for AJP to test the connection. If there are problems, setup \verb+ mod_jk+ module in Apache WebServer and check its according log files. \subsection{Apache Webserver} This section describes the required steps for the installation and configuration of the Apache Webserver Version 2.2. Apache WebServer controls all HTTP-Connections to the outside of the system. Apache Tomcat is integrated via mod\_jk. \subsubsection*{Installation} To install the Apache Webserver you have to execute the following command: \verb+ apt-get install apache2+ To establish the connection between the Tomcat application server and Apache Webserver an additional Module "mod\_jk" has to be installed. \verb+ apt-get install libapache2-mod-jk+ \subsubsection*{Configuring mod\_jk} Edit the settings for mod\_jk in file \verb+ /etc/libapache2-mod-jk/workers.properties+. For further information, there are comments in the configuration file\footnote{Background information can be found at \\ \url{http://tomcat.apache.org/connectors-doc/generic\_howto/workers.html}}. \begin{lstlisting} - workers.java_home= /usr/lib/jvm/java-gcj/ + workers.java_home=/usr/lib/jvm/java-6-sun \end{lstlisting} In file \verb+ /etc/apache2/httpd.conf+: \begin{lstlisting} + JkWorkersFile "/etc/libapache2-mod-jk/workers.properties" + JkLogFile "/var/log/mod_jk.log" \end{lstlisting} After finishing the configuration, enable the module in Apache WebServer: \verb+ a2enmod jk+ and restart the server \verb+ /etc/init.d/apache restart+. \subsubsection*{Publish the site in Apache WebServer} Depending of the existing configuration of Apache WebServer, the following steps can differ. In this case, a vanilla configuration is assumed\footnote{Background information about Apache WebServer can be found at \url{http://httpd.apache.org/docs/2.2/}}. Disable default configuration \verb+ a2dissite default+ Adapt eMail-address for configuration in \verb+ $ARTIFACT_SERVER_HOME/install/debian/apache2/gnv+. Enable the specific site (VirtualHost) in Apache WebServer: \begin{lstlisting} cp -i $ARTIFACT_SERVER_HOME/install/debian/apache2 to /etc/apache2/sites-available # Activate site for GNV a2ensite gnv /etc/init.d/apache reload \end{lstlisting} \subsubsection*{Test of the Installation} You can test the installation by executing the following url: \verb+ curl "http://localhost/gnv/" -o test+ After a successful installation, the file {test} will contain HTML describing the startpage of the GNV WebClient. \subsection{UMN MapServer: Installation and configuration} The UMN MapServer is part of the artifact server. It is responsible for rendering shapefiles produced by the artifact-server and publish them as OGC Web Map Service. \subsubsection*{Installation} It is recommended to use a more recent version than the one in Debian Lenny. In the installation package, there is a debian package of MapServer that should be installed. In order to verify the integrity of the installation package, it is necessary to import a GPG-Key which was used to sign the packages: \begin{lstlisting} gpg --keyserver hkp://keys.gnupg.net --recv-keys EC70B1B8 gpg --export EC70B1B8 | apt-key add - \end{lstlisting} Installing the mapserver-gp and its dependencies, executing the following command: \begin{lstlisting} cd $ARTIFACT_SERVER_HOME/install/debian/umn-mapserver dpkg -i cgi-mapserver-gp_5.6.3-1~gp+1_i386.deb \end{lstlisting} Provide a possibility to integrate MapServer properly and transfer configurations to MapServer during runtime: \begin{lstlisting} cd /usr/lib/cgi-bin cp -i $ARTIFACT_SERVER_HOME/install/debian/umn-mapserver/gnv-wms . \end{lstlisting} For setting proper contact details in the WMS Capabilities response, edit the file \verb+ $ARTIFACT_SERVER_HOME/conf/maptemplates/mapfile.vm+ in the section WEB $\rightarrow$ METADATA. \subsubsection*{Test of installation} Check for a sucessful installation via: \begin{lstlisting} cd root curl \ "http://localhost/cgi-bin/gnv-wms?service=WMS&request=GetCapabilities&version=1.1.1" \ -o mapserver \end{lstlisting} For a sucessful configuration, the response document \verb+ mapserver+ contains a XML document describing the capabilities of the mapserver. \subsection{Proxy-Script: Installation and Configuration} The Proxy-Script is required to allow requests which are send by the Map-Client which is integrated in the GNV-Web-Client. This is required because of security- policies according Java-Script which load further Documents during runtime. \subsubsection{Installation} First make sure that python is installed on the operating system. Otherwise install python using the following command: \verb+ apt-get install python+ Than the script itself must be published on the server by executing the following steps: \begin{lstlisting} cd /usr/lib/cgi-bin cp -i $ARTIFACT_SERVER_HOME/install/debian/ol-proxy/proxy.cgi . \end{lstlisting} \subsubsection{Configuration} The Proxy-Script can only communicate with servers which it is allowed to. To enable the communication to the server where the UMN-Mapserver is hosted or to other Server it is necessary to edit the Proxy-Script at line 18. There you have tor replace the placeholder THISHOSTNAME with the name which will be used to reach the GNV-Web-Client. You can add further servers using the syntax which is given in the script. \subsubsection{Test of installation} It is possible to test the installation using the following command: \begin{lstlisting} curl http://localhost/cgi-bin/proxy.cgi?url=http%3A%2F%2Flocalhost \end{lstlisting} If localhost is allowed in the proxy-script the result might be this: \begin{lstlisting} <html><body><h1>It works!</h1></body></html> \end{lstlisting}