- Creating a RAMADDA VM on Jetstream
- Create a RAMADDA VM on Jetstream
- Clone the science-gateway Repository
- Start RAMADDA With Docker and docker-compose
- /repository Directory
- Create RAMADDA default password
- RAMADDA log Directories
- LDM Data Directory from idd-archiver Via NFS
- HTTPS and SSL Certificate
- Ensure /repository and /data Availability Upon Machine Restart
- Port 80
- docker-compose.yml
- SSL
- Start RAMADDA
- Navigate to RAMADDA
- Access RAMADDA with the Unidata IDV
Create an m1.medium VM with the Jetstream OpenStack API. Create and attach a 100GB /repository volume to that VM. Work with Unidata system administrator staff to have this VM's IP address resolve to ramadda.scigw.unidata.ucar.edu.
We will be making heavy use of the Unidata/science-gateway git repository.
git clone https://github.com/Unidata/science-gatewayWith the help of Docker and docker-compose, starting a VM with the RAMADDA content management system should be fairly easy. There are a few directories you will need to map from outside to within the container. See here to install Docker and docker-compose.
The /repository directory should be a fairly beefy data volume (e.g., 100 GBs) or however much data you anticipate your RAMADDA users will consume. See here if creating data volumes via the JetStream OpenStack API.
When starting RAMADDA for the first time, you must have a password.properties file in the RAMADDA home directory which is /repository/. See RAMADDA documentation for more details on setting up RAMADDA. Here is a pw.properties file to get you going. Change password below to something more secure!
# Create RAMADDA default password
echo ramadda.install.password=changeme! | tee --append \
/repository/pw.properties > /dev/nullYou will need an Apache Tomcat and RAMADDA log directories:
mkdir -p /logs/ramadda-tomcat/
mkdir -p /logs/ramadda/If you plan on employing the server-side view capability of RAMADDA which is quite useful for monitoring your LDM data feeds, you will have to make that directory (e.g., /data/ldm/) available to the RAMADDA VM and Docker container. In our present configuration, that directory is on the idd-archiver machine so you need to mount it via NFS on the 10.0. network. For example, if idd-archiver is at 10.0.0.4:
# create the NFS mount point
sudo mkdir -p /data
sudo mount 10.0.0.4:/data /dataSee the parent Tomcat container for instructions on HTTPS.
Ensure the /repository volume availability upon machine restart.
sudo echo UUID=2c571c6b-c190-49bb-b13f-392e984a4f7e /repository ext4 defaults 1 1 | tee --append /etc/fstab > /dev/nullIn addition, you will want to ensure the NFS /data volume is also available with the help of fstab.
sudo echo 10.0.0.4:/data /data nfs rsize=32768,wsize=32768,timeo=14,intr | tee --append /etc/fstab > /dev/nullOpen ports 80 and 443 on the RAMADDA VM via OpenStack. Port 80 and 443 requests will be forwarded to 8080 and 8443 inside the RAMADDA Docker container, respectively.
Based on the directory set we have defined, the docker-compose.yml file will look something like:
version: '3'
services:
ramadda:
image: unidata/ramadda-docker:latest
container_name: ramadda
# restart: always
ports:
- "80:8080"
- "443:8443"
- "8443:8443"
volumes:
- /repository/:/data/repository/
- /data/ldm/:/data/ldm/
- /logs/ramadda-tomcat/:/usr/local/tomcat/logs/
- /logs/ramadda/:/data/repository/logs/
- ./files/index.jsp:/usr/local/tomcat/webapps/ROOT/index.jsp
# Everything below is required for https
- ./files/server.xml:/usr/local/tomcat/conf/server.xml
- ./files/web.xml:/usr/local/tomcat/conf/web.xml
- ./files/keystore.jks:/usr/local/tomcat/conf/keystore.jks
- ./files/repository.properties:/usr/local/tomcat/conf/repository.properties
env_file:
- "compose.env"You can provide additional RAMADDA parameterization via the compose.env file referenced in the docker-compose.yml file.
# See https://github.com/Unidata/tomcat-docker#configurable-tomcat-uid-and-gid
TOMCAT_USER_ID=1000
TOMCAT_GROUP_ID=1000We are moving towards an HTTPS only world. As such, you'll want to run a RAMADDA production server on HTTPS. Once RAMADDA is running, you'll want to configure RAMADDA for SSL via the administrative account. There is documentation about this topic here. The main thing appears to be the Admin → Settings → Site and Contact Information, ensure "Force all connections to be secure" is checked. The repository.properties file that is referenced in the docker-compose.yml should be configured properly for SSL.
Once you have done the work of setting up RAMADDA related directories in the way you like,
docker-compose up -dto start RAMADDA.
In a web browser, navigate to https://ramadda.scigw.unidata.ucar.edu/repository. If this is the first time you are accessing RAMADDA, RAMADDA will guide you through a server configuration workflow. You will be prompted for the repository password you defined earlier.
RAMADDA has good integration with the Unidata Integrated Data Viewer (IDV) and the two technologies work well together.
IDV users may wish to install the RAMADDA IDV plugin to publish IDV bundles to RAMADDA.
RAMADDA also has access to the LDM /data/ directory so you may want to set up server-side view of this part of the file system. This is a two step process where administrators go to the Admin, Access, File Access menu item and lists the allowed directories they potentially wish to expose via RAMADDA. Second, the users are now capable of creating a "Server Side" Files with the usual RAMADDA entry creation mechanisms.
Finally, you can enter this catalog URL in the IDV dashboard to examine data holdings shared bundles, etc. on RAMADDA. For example, https://ramadda.scigw.unidata.ucar.edu/repository?output=thredds.catalog.