MNDeployment #6957
NRDC - Nevada Research Data Center
93%
Description
The NCCP, based at the University of Nevada, Reno, is a part of the Nevada EPSCoR project. They currently have about a dozen sensor sites collecting climate data, with the intent to add 1-2 sites each year for the next 2-3 years.
At present, the goal is to stand up a Tier 1 GMN exposing monthly aggregated data (immutable).
Technical POCs are Richard Kelley and Moinul Hossain.
Initial meeting notes: https://epad.dataone.org/pad/p/NCCP_and_DataONE
Subtasks
Related issues
History
#1 Updated by Laura Moyers over 9 years ago
- NodeIdentifier changed from urn:node:NCCP to urn:node:NRDC
- MN Description changed from The Nevada Climate Change Portal (NCCP) provides access to real-time and archived environmental data to enhance the ability of scientists, land managers, educators and students to analyze and graphically present environmental data observations. to The Nevada Research Data Center is dedicated to providing services and curation for project-level datasets and needs.
- Subject changed from NCCP - Nevada Climate Change Portal to NRDC - Nevada Research Data Center (was referred to as NCCP)
#3 Updated by Laura Moyers over 9 years ago
- Target version changed from Deploy by end of Y1Q3 to Deploy by end of Y1Q4
- Base URL set to http://www.sensor.nevada.edu/NRDC/
- % Done changed from 1 to 50
- Status changed from Ready to Testing
#4 Updated by Laura Moyers over 9 years ago
Eric Fritzinger (ericf@cse.unr.edu) has developed some documentation for what he needed to do on his end related to having a Windows server acting as a reverse proxy to the Linux server where they have their GMN:
Just as an addendum, and for your documentation in the future should you have any users with a similar setup (or who want a similar setup), we managed to get the reverse proxy working with https.
As you may recall, our server setup is a Windows Server 2012 IIS 8 server acting as a reverse proxy to the back-end GMN linux server. In order to get IIS 8 to work with using https on the back-end, there are a couple things that had to be done.
First, I had to update the IIS Application Request Routing module to 3.0 (I was previously using 2.0).
Secondly, I had to make sure the reverse proxy server trusted the certificate used by the target server. There are two ways to do this (the “target server” in these cases is the back-end GMN server that the reverse proxy is pointing to):
1.) Create a Certificate Root Authority server that the cluster recognizes and trusts (Windows Server OS has a Role that can be added for this purpose). Make sure the reverse proxy server recognizes the CRA as a Trusted source (explained below). Then, have the CRA issue the certificate requested by the target server and configure the target server to use that issued certificate.
2.) Create a self-signed certificate on the target server and export it. Have the IIS 8 server import the certificate as a Trusted Certificate Root Authority certificate (explained below), and it will be trusted.
To check the status of a Trusted CRA on a Windows Server OS, or to import a certificate into the TCRA:
1. Go to Start -> Run, type “mmc.exe” and click OK
2. When the console window comes up click File->Add/Remove Snap-In…
3. Add the “Certificates” module and click Next
4. Select the “Computer Account” option, click Next
5. Select the “Local Computer” option, click OK
If you expand the tree, you’ll see the “Trusted Certificate Root Authorities” folder to see all the trusted root authorities. This is where either the local Certificate Root Authority server certificate should be, or where you import the target server’s self-signed certificate (by right-clicking the folder and selecting Import from the context menu).
Option 1 is typically good for larger server clusters that will have a lot of servers behind a reverse proxy using https (which we eventually will be using). Option 2 is quick and easy. I went with Option 2 for now since I wanted to be sure it worked quickly without much hassle.
This write-up is mainly to let you all know how we got it to work (I’m not a fan of “magic”, myself =) ). Also, I wanted to make sure it was written down somewhere in case of emergency.
Take care!
~Eric
#5 Updated by Laura Moyers about 9 years ago
- Target version changed from Deploy by end of Y1Q4 to Deploy by end of Y2Q1
#6 Updated by Laura Moyers about 9 years ago
- Related to Bug #7318: Indexing failure with ObjectPath not found / Was: mnTestAEKOS PIDs fail to be indexed by Solr in cn-stage due to lack of "Object Path" for the PIDs added
#8 Updated by Mark Servilla about 9 years ago
- Related to Bug #7504: Investigate support for TLS Server Name Indication during CN-to-MN communications added
#9 Updated by Laura Moyers almost 9 years ago
- MN_Date_Online set to 2015-12-21
- Target version changed from Deploy by end of Y2Q1 to Operational
- Status changed from Testing to Operational
NRDC MN operational as of 12/21/15 but will not be formally announced until week of 4 January 2016.
#10 Updated by Laura Moyers almost 9 years ago
- Longitude changed from 119.82 to -119.82
#11 Updated by Laura Moyers over 8 years ago
- Subject changed from NRDC - Nevada Research Data Center (was referred to as NCCP) to NRDC - Nevada Research Data Center
NRDC needs to transition to Tier 4 functionality. Laura to get documentation and other information to Moinul ASAP; this needs to be accomplished before Moinul graduates.
#13 Updated by Laura Moyers over 7 years ago
Current (temporary) technical POC is Hannah Munoz, hannah.munoz92@gmail.com.
NRDC's LE cert had expired, and while sorting that out we discovered some more concerning issues. Email from Laura to Eric 8/16/17:
When looking to see how the NRDC MN is behaving, we uncovered some issues. Prepare yourself…
We see 6663 objects on the CNs. https://cn.dataone.org/cn/v2/object?nodeId=urn:node:NRDC These objects comprise the 2221 datasets that we see in DataONE search.
We see 0 objects on the MN. https://dataone.sensor.nevada.edu/mn/v2/object (This is where I freaked out a bit.)
Because DataONE doesn’t see any objects on the MN, when we try to download any object from NRDC from the search results, we get 404s. The science metadata, however, IS retrievable from the CNs from where it was sync’d previously. (Yay)The last time we really talked about NRDC was 12/12/16, which is also the Last Harvested Date (see in the node registration document https://cn.dataone.org/cn/v2/node/urn:node:NRDC). At that time, you were still running GMN v1.x. We’re thinking that something in the transition to GMN v2.0.5 has confused things a bit – perhaps a configuration change, maybe something related to settings_site.py and settings.py being combined in GMN v2. We’ll do some more investigating, but Mark has identified some things we need your help with to figure out what is going on.
- Ensure that PostgreSQL database is accessible to the GMN application
- Ensure that the OBJECT_STORE_PATH attribute is correctly set to the NRDC location for GMN data (OBJECT_STORE_PATH = '/var/local/dataone/gmn_object_store')
- Ensure the server you deployed GMN v2.0.5 to is indeed the correct server
Maybe look at your GMN and see if both the settings_site.py and settings.py files are present? If they are, maybe GMN is confused?
Eric responded the same day:
Thank you for the heads up!
I have CC’d Hannah on this since she is in charge of the DataONE server’s GMN.
We will get to the bottom of this and get everything back up and running. =)
#15 Updated by Dave Vieglais almost 7 years ago
- Sprint set to Ongoing Operational
#17 Updated by Mark Servilla over 6 years ago
- Assignee changed from Mark Servilla to Roger Dahl
#18 Updated by Dave Vieglais about 5 years ago
- Assignee changed from Roger Dahl to Amy Forrester
#19 Updated by Amy Forrester about 5 years ago
connor transitioning out of role as the admin for the NRDC and passing it onto another grad student: Andrew Munoz