Task #8481
MNDeployment #8186: ESS-DIVE, including CDIAC
Story #8479: ESSDIVE: Testing & Development
ESSDIVE: Develop or Implement MN Software
100%
Description
Change node's primary MNDeployment ticket status to Testing.
Identity Management:
- Confirm what nodeID will be used.
- Register NCEAS LDAP (https://identity.nceas.ucsb.edu/) because cert download auth is maintained by separate system.
- Use Use cilogon to generate a DataONE LDAP account by logging into DataONE test env. (Sign-in link at https://search-stage.test.dataone.org)
DataONE Certificate:
- Request in #CI for a sandbox or stage D1 certificate generated available to NCEAS uid.
- Cert/key downloaded by node operator.
For a custom implementation of DataONE APIs as new service:
- MN implements full scope of Member Node APIs.
- API methods systematically verified by D1 tech lead.
- Passes web tester checks (http://mncheck.test.dataone.org:8080)
For a DataONE Software Stack
- Install software, SSL cert, and DataONE cert per installation instructions.
- If using LE cert, schedule cron for renewal.
- Configure software as appropriate (baseURL, Node Contact Subject, replication, etc).
For a SlenderNode:
- Develop adapter.
- Fully test movement of data from source system to target MN software.
- Install on MN web server and schedule cron job. Verify cron is running as expected.
For both:
* Verify system metadata of test records. Ensure correct node URI value in auth/orig MN.
* Verify node description document. Ensure that Contact Subject is set to the DataONE LDAP identity string.
History
#1 Updated by Chris Jones almost 6 years ago
- % Done changed from 0 to 30
- Assignee set to Chris Jones
- Status changed from New to In Progress
The ESS-DIVE repository will use
urn:node:mnTestESS_DIVEfor their test repositorynodeId, andurn:node:ESS_DIVEfor their production repositorynodeId.Valerie Hendrix (one of the node operators at LBL) has registered her
vchendrixaccount in the DataONE LDAP directory at NCEAS, and has logged into the Stage and Production systems using her ORCID ID, so is now registered in the DataONE Account Registry.We have generated a client side certificate in the test environment for
urn:node:mnTestESS_DIVE, and Val has downloaded it.ESS-DIVE is using the Metacat stack, so no custom implementation of the DataONE API is needed.
Metacat is installed and running at the following two baseUrls (test and production):
SSL is configured using a high availability SSL-offload server at LBL, so it is not a standard Apache SSL configuration. This is handled and maintained by Cory Snavely at LBL, and is working as expected.
We have run the web tester Tier 1 checks against the
data-dev.ess-dive.lbl.govrepository, and many checks have failed. We've found that this is due to the MNWebTester certificates being expired on the mncheck.test.dataone.org machine. Dave has generated new testing certificates, and Chris will install them so the web tester works again.
#2 Updated by Chris Jones over 5 years ago
- % Done changed from 30 to 100
- Status changed from In Progress to Closed
The ESS-DIVE operates as a standard Metacat install, and is responding to DataONE API calls as expected. I've reviewed the node document, and the name and description look good - appropriate length and detail. The services are configured appropriately, and is turned off as a replication target.
I've reviewed a good cross section of system metadata documents. They are configured correctly with the originMemberNode and authoritativeMemberNode fields set to urn:node:ESS_DIVE. The unique list of all formatId values are within out object format list values. I testing we had two SVG files with incorrect formatId values (missing + sign, but this was not an issue in the production node.
