User Tools

Site Tools


soft:server-installation

Installation

This document gives step-by-step Controller installation details which may also be useful for troubleshooting. If you are only interested in installing the Controller, you may prefer having a look at installation in Community-Lab/CONFINE administrator's guide, which uses the deploy-controller.sh script to automate tasks.


Reference platform: Debian 7.0 wheezy, Python 2.7 and Django 1.6.10
The current state is beta, recommended only for testing and development

1. Quick Install

Confine-controller ships with a set of management commands for automating some of the installation steps.

These commands are meant to be run within a clean Debian-like distribution, you should be specially careful while following this guide on a customized system.

Confine-controller can be installed in any Linux system, however it is strongly recommended to chose the reference platform for your deployment.

  1. Create a system user for running the server:
    sudo adduser confine
    # not required but it will be very handy
    sudo adduser confine sudo
    su confine
  2. Install confine-controller's source code:
    sudo apt-get install python-pip
    sudo easy_install --upgrade pip  # work around issue #689
    sudo pip install confine-controller
  3. Install requirements:
    sudo apt-get install libjpeg-dev libfreetype6-dev  # work around issue #688
    sudo controller-admin.sh install_requirements
  4. Create a new instance:
    cd ~confine
    controller-admin.sh clone <project_name> # ie: communitylab, confine ...
    cd <project_name>
  5. Create and configure a Postgres database:
    sudo python manage.py setuppostgres --db_user confine --db_password <password> --db_name <project_name>
    python manage.py syncdb
    python manage.py migrate
  6. Create a testbed administrator:
    python manage.py createsuperuser
  7. Configure celeryd:
    sudo python manage.py setupceleryd --username confine
  8. Configure the management network (and tinc daemon). You may use any public /48 IPv6 prefix (even 6to4, see Addressing in CONFINE) or generate a random ULA one (e.g. here or here), but the resulting prefix should be unique to your testbed:
    sudo python manage.py setuptincd --mgmt_prefix <ipv6_prefix::/48>
    sudo service tinc restart
    python manage.py updatetincd
    python manage.py setuppki

    Add the following lines to the stanza of your main network interface (usually eth0) in /etc/network/interfaces to ensure that the management address (your IPv6 prefix with ::2 at the end) is ready when services bound to it start:

    # Ensure that the management address is present early on boot.
    up ip addr add ADDRESS dev $IFACE
    up while [ "$(ip -6 addr show tentative)" ]; do sleep 1; done
  9. Configure the web server:
    python manage.py collectstatic --noinput
    1. Nginx + uWSGI (recommended):
      sudo apt-get install nginx uwsgi uwsgi-plugin-python
      sudo python manage.py setupnginx
      sudo rm -f /etc/nginx/sites-enabled/default  # work around issue #687
      sudo service nginx restart
    2. Apache2 (legacy):
      sudo apt-get install apache2 libapache2-mod-wsgi
      sudo python manage.py setupapache
  10. Configure firmware generation:
    python manage.py createmaintenancekey
    sudo python manage.py setupfirmware
    # python manage.py loaddata firmwareconfig # No longer necessary since version 0.11.1
    python manage.py syncfirmwareplugins
  11. Configure local monitoring system (only available in dev)
    python manage.py setuplocalmonitor
  12. Apply changes
    sudo python manage.py restartservices

2. Upgrade

To upgrade your controller installation to the last release you can use upgradecontroller management command. Before rolling the upgrade it is strongly recommended to check the release notes.

sudo python manage.py upgradecontroller

Current in development version (master branch) can be installed by

sudo python manage.py upgradecontroller --controller_version dev

Additionally the following command can be used in order to determine the currently installed version:

python manage.py controllerversion

If instead of the latest release of the development version you want to upgrade from a local package or source checkout, instead of using upgradecontroller you can:

  1. Get the currently installed controller version (OLD_VERSION) with python manage.py controllerversion.
  2. Proceed to install the new version normally, e.g. using sudo pip install PACKAGE_OR_CHECKOUT (or creating a pth file for local development as explained below).
  3. Upgrade the environment and installation with sudo python manage.py postupgradecontroller --from=OLD_VERSION.

3. Development and Testing Setup

If you are planing to do some serious development or testing you really should be doing it under the following setup

  1. Install the vct container as described here
  2. Remove existing confine-controller egg and install it from the repository
    sudo rm -r /usr/local/lib/python2.7/dist-packages/controller
    su - vct
    git clone gitosis@git.confine-project.eu:confine/controller.git ~vct/confine-controller
    echo ~vct/confine-controller/ | sudo tee /usr/local/lib/python2.7/dist-packages/controller.pth
  3. Install missing requirements
    sudo ~vct/confine-controller/controller/bin/controller-admin.sh install_requirements
  4. You can place your custom settings under ~vct/confine-dist/utils/vct/server/server/local_settings.py for example
  5. Don't forget to apply all the changes
    cd ~vct/confine-dist/utils/vct/server/
    sudo python manage.py restartservices
  6. And use Django's development server as usual
    python manage.py runserver 0.0.0.0:8888
  7. A convenient practice can be mounting ~vct on your host machine so you can code with your favorite IDE, sshfs can be used for that
    # On your host
    mkdir ~<user>/vct
    sshfs vct@<container-ip>: ~<user>/vct

4. Last Configuration Steps

Once you have finished the server installation some extra configurations are required:

  1. Configure maintenance tasks like cleaning orphan files (see administrator's guide).
soft/server-installation.txt · Last modified: 2015/08/24 13:01 by ivilata