Deployed Stacks

We now have the following CNAMEs for Synapse in the sagebase.org domain:

synapse.sagebase.org – for the demo version of the web app (Sprint 3) -> synapse-sagebase-org.elasticbeanstalk.com
repositoryservice.sagebase.org – for the demo version of the repo' svcs (Sprint 3) -> repositoryservicea.elasticbeanstalk.com

synapse-alpha.sagebase.org – for the web app (Sprint 4) -> prod-synapseweb.elasticbeanstalk.com
reposvc-alpha.sagebase.org – for the repo svcs (Sprint 4) -> prod-reposervice.elasticbeanstalk.com
auth-alpha.sagebase.org – for the auth svcs (Sprint 4) -> prod-auth.elasticbeanstalk.com

We have two Crowd instances, one for production and one for development/testing:

crowd-dev.sagebase.org – for the dev/test Crowd instance, the default for our code base (-> elastic IP 50.17.192.58)
crowd.sagebase.org – for the production Crowd instance, specified in Synpase via a system property, as documented on Synapse Deployment (-> elastic IP 50.17.212.74)

Current Beanstalk Resources LAST UPDATED: 20Jun2011

CNAME	Beanstalk Name	Beanstalk URL	war file version	Database	Service group
synapse-alpha.sagebase.org	Prod-SynapseWeb		prod-synapseweb.elasticbeanstalk.com	SynapseWebAlpha_0.4_16June_svn3014		prod
reposvc-alpha.sagebase.org	Prod-RepoService	prod-reposervice.elasticbeanstalk.com	SynapseRepoService_0.4_14June2011		prod
auth-alpha.sagebase.org	Prod-Auth	prod-auth.elasticbeanstalk.com	Prod-AuthVersion		prod
n/a	Staging-Auth				staging
n/a	Staging-SynapseWeb				staging
n/a	Staging-RepoService				staging

Synapse Deployment Instructions

Get the built artifacts from Artifactory

You should not be deploying anything you built yourself on your local machine. Only deploy builds generated by Bamboo and stored in Artifactory.

Create Beanstalk Environments (Skip this section if using existing Environments.)

log in to AWS

http://aws.amazon.com/console/

as platform@sagebase.org (get the password frome someone in the Platform department).

Click "Launch New Environment"

set environment name, e.g. "Prod-Auth"

choose or upload an "application version" (which is a WAR file)

Default AMI (32 bit Linux server running Tomcat v 7)

Instance type: t1.micro

Key Pair: PlatformKeyPairEast

email: platform@sagebase.org

Create two more, so that there is one for Auth services, one for Repo services, and one for SynapseWeb

Create Host Name

Sign in to GoDaddy, select sagebase.org, and launch Domain Manager.

Create synapse-prod (.sagebase.org) and point it to prod-synapseweb.elasticbeanstalk.com

Ditto for auth-prod and reposvc-prod

Create MySQL database

If necessary, create a new schema in the AWS RDS, e.g. using MySQL Workbench.

The schema name, for example, might be 'prodRepositoryDb'

Configure Environments

For the authentication service:

Click on 'edit configuration' in the Beanstalk UI.

For 'HTTPS Listener port' choose '443'.

For 'SSL Cert' choose arn:aws:iam::325565585839:server-certificate/SynapseCert

Click on 'container.' In the JVM Command Line Options, put

-Dorg.sagebionetworks.stack=alpha -Dorg.sagebionetworks.stackEncryptionKey=<<encryption key>>

where <<encryption key>> is found on our unix system in

work/platform/PasswordsAndCredentials/platformPropertyEncryptionKey.txt

For a non-production deployment:

-DACCEPT_ALL_CERTS=true -Dorg.sagebionetworks.stack=staging -Dorg.sagebionetworks.stackEncryptionKey=integration-test-only-encryption-key

For the Repo service:

For 'HTTPS Listener port' choose '443'.

For 'SSL Cert' choose arn:aws:iam::325565585839:server-certificate/SynapseCert

Click on 'container' and enter the following:

AWS_ACCESS_KEY_ID: <<the appropriate key ID>>
AWS_SECRET_KEY: <<the appropriate secret key>>
JDBC_CONNECTION_STRING: jdbc:mysql://repo.c5sxx7pot9i8.us-east-1.rds.amazonaws.com/prodRepositoryDb

where 'prodRepositoryDb' is replaced by the schema name chosen above.
PARAM1: <<user in the DB schema>>
PARAM2: <<user password>>

Click on 'container.' In the JVM Command Line Options, put

-Dorg.sagebionetworks.stack=alpha -Dorg.sagebionetworks.stackEncryptionKey=<<encryption key>>

where <<encryption key>> is found on our unix system in

work/platform/PasswordsAndCredentials/platformPropertyEncryptionKey.txt

For a non-production deployment:

-DACCEPT_ALL_CERTS=true -Dorg.sagebionetworks.stack=staging -Dorg.sagebionetworks.stackEncryptionKey=integration-test-only-encryption-key

For the Synapse Web Application:

For 'HTTPS Listener port' choose '443'.

For 'SSL Cert' choose arn:aws:iam::325565585839:server-certificate/SynapseCert

Set up Crowd

If necessary, the instructions are here:

http://sagebionetworks.jira.com/wiki/display/PLFM/Setting+Up+Production+Crowd

Restarting Crowd

If the server goes down:

To check if Crowd is up, in web browser go to
https://crowd.sagebase.org:8443/crowd
You should see Crowd log-in page. If not then ssh in to crowd.sagebase.org as ec2-user, using the standard key for 'platform' owned ec2 instances, PlatformKeyPairEast

At the unix prompt:
ps -a

Should show one java process, if not
/usr/local/atlassian-crowd-2.2.7/start_crowd.sh

Now verify that the log-in page appears in your web browser.

The above instructions apply to 'crowd-dev.sagebase.org' as well as 'crowd.sagebase.org'.

How to run the Data Loader

On one of the local servers, goto /work/platform/DatasetMetadataLoader and execute the following:

# Make sure you have the latest version
svn up
# Execute the loader
# Replace <repo_instance> and <auth_instance> by the repository and authentication instances.
# Either make sure that demouser@sagebase.org is a Synapse administrator on crowd, or replace it by a Synapse administrator account
python datasetCsvLoader.py -d ./AllDatasets.csv -l ./AllDatasetLayerLocations.csv -e http://<repo_instance>/repo/v1 -a http://<auth_instance>/auth/v1 -m /work/platform/DatasetMetadataLoader/platform.md5sums.csv -u demouser@sagebase.org -p demouser-pw

Verify Deployment

To verify deployment, run top-level queries against the repository instances from an authenticated account.

TODO: Add queries and expected counts returned.