Guide to preparing dcServer for a production environment
If you have not already done so, review the Quick Start guide to become familiar with the installation of dcServer.
dcServer is designed to run in an AWS IaaS environment. It will not fully function in other cloud environments.
EC2 Instance
OS and Instance
Login to your AWS account and go to the EC2 dashboard. Pick the region you wish to run in (Ohio, N. Virginia, Oregon, etc). Launch an instance.
- use the name of your deployment for the server name
- use Amazon Linux 2 (64 bit), which is the default.
- select an Instance Type. Some options to consider: m5a.large or m5n.large for x86. m6g.medium, m6g.large, or t4g.small for Arm. If this is truly just a test and not a real production server then even t4g.micro or t4g.nano may do.
If you are unsure where to start, and this is a real production web site, then I suggest using 64 Arm instead of 64 x86 (under OS) and using m6g.medium for the Instance type. m6g.medium is a very solid value (price for performance) and can serve moderate or small websites fine.
If you are restoring a down server, pick the same OS and instance type the old server had.
Key pair
TODO
If you are restoring a down server, or if another dcServer has been installed on this AWS account, then a key pair should already be available. Use it. For example, at designCraft we use a pair called “dca-servers” which applies to all of our servers.
Network Settings
TODO
If you are restoring a down server, or if another dcServer has been installed on this AWS account (and region), then a security group should already be available. Use it by clicking Edit, “Select existing security group” and then selecting the security group previously used or used by the other dcServers.
Storage
There should be an 8 GB root volume. We recommend using a second volume for the server. If the site is modest in size then 20 GB should be fine. Select “No” for “Delete on termination” and your preference for Encrypted - I suggest No because dcServer is designed to store sensitive data encrypted anyway.
If you are restoring a down server, make the second volume as big as the old one was. Restore from the latest Snapshot from the old server. (or in some cases just steal the old disk from the old server - TODO)
Volume Type can be GP2 or GP3 - it is very rare that you'd find any real difference in performance with modest sized websites.
Start
Run the server after completing all the settings above.
Connecting
Look for your server in the Instances listing of EC2, it should have your deployment name. Select it and look for the Public IPv4 address. Copy that and put it into your DNS record for this deployment. For example we have a DNS record kipo.designcraftadvertising.com that pairs with a test server. Even if the website is for another company, we routinely also maintain our own DNS record for the server (for the deployment).
If you are restoring a down server, you will edit existing DNS records instead of adding new records. In some cases the old server used an Elastic IP, in which case you'll switch to that instead of editing DNS records - TODO more on Elastic IP.
For new servers add an entry to your SSH config file -
~/.shh/config
. For example:
Host kipo
Hostname kipo.designcraftadvertising.com
User ec2-user
PubKeyAuthentication yes
IdentityFile ~/.ssh/dca_servers
ServerAliveInterval 60
Use a Host (nickname) that suits your deployment - often the same as the deployment name. For Hostname use the DNS record you just added.
You are now ready to connect. From your Linux command line:
$ ssh kipo
Using your Host instead. Accept the fingerprint. You should now be logged into your new server.
If updates to your server have been detected, you'll receive the following message:
Run "sudo yum update" to apply all updates.
It is strongly advised you run the command
sudo yum update
before continuing.
Server Set Up
(assuming you are still logged into the new server, see above)
There is no need to run the server updates, though you may see a prompt. You may wish to check your disk names though.
$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
nvme0n1 259:0 0 8G 0 disk
├─nvme0n1p1 259:2 0 8G 0 part /
└─nvme0n1p128 259:3 0 10M 0 part /boot/efi
nvme1n1 259:1 0 20G 0 disk
Your output should look similar. It is the larger disk name that you need to verify. It will likely be
nvme1n1
but be sure.
Now back on your local machine run your deployment. For example:
$ ./foreground.sh kipo 00100
You should be in the Hub Utilities menu (unless running the dCA command line, in which case select option 20 to get into the Hub Utilities).
-----------------------------------------------
Hub General Utils
-----------------------------------------------
0) Exit
1) dcDatabase Utils
2) Local Utilities
3) Crypto Utilities
100) dcScript GUI Debugger
101) dcScript Run Script
Select option 2
-----------------------------------------------
Node 00100 Utility Menu
-----------------------------------------------
0) Exit
1) Encrypt Setting
2) Hash Setting
3) Hash Password Setting
4) System Status
5) Backup Server
6) File ReIndex Vaults
7) File ReIndex Site Vaults
10) Production Server Set Up
11) Production Bundle dcServer
100) Enter Script Debugger
Select option 10
Which deployment to check?
Enter the deployment name, for example
kipo
.
Disk name (enter to default to 'nvme1n1'):
Accept default unless you got another disk name above, if so then enter that instead. The server will now be configured for you:
20220515T152444400Z 000000000000008 M03 Checking for software updates
20220515T152502365Z 000000000000008 M03 Preparing disk: nvme1n1 - /dcserver
20220515T152505264Z 000000000000008 M03 Check disk is present: nvme1n1
20220515T152505562Z 000000000000008 M03 Disk is present
20220515T152509042Z 000000000000008 M03 Check that disk is initialized: nvme1n1
20220515T152509336Z 000000000000008 M03 Disk is not initialized
20220515T152513056Z 000000000000008 M03 Init disk: nvme1n1
20220515T152543019Z 000000000000008 M03 Disk is initialized
20220515T152548737Z 000000000000008 M03 Check that disk is initialized: nvme1n1
20220515T152552174Z 000000000000008 M03 Disk is initialized
20220515T152558700Z 000000000000008 M03 Check path exists: /dcserver
20220515T152602010Z 000000000000008 M03 Path is not present
20220515T152605887Z 000000000000008 M03 Creating path: /dcserver
20220515T152606184Z 000000000000008 M03 Path is created
20220515T152606186Z 000000000000008 M03 Check path exists: /dcserver
20220515T152606482Z 000000000000008 M03 Path is present
20220515T152613421Z 000000000000008 M03 Check that disk is mounted: nvme1n1 - /dcserver
20220515T152621807Z 000000000000008 M03 Disk is not mounted
20220515T152625881Z 000000000000008 M03 Mounting disk nvme1n1 with /dcserver
20220515T152626181Z 000000000000008 M03 Disk mounted
20220515T152626184Z 000000000000008 M03 Setting path ownership: /dcserver
20220515T152626482Z 000000000000008 M03 Ownership is set
20220515T152626484Z 000000000000008 M03 Check that disk is mounted: nvme1n1 - /dcserver
20220515T152626784Z 000000000000008 M03 Disk is mounted
20220515T152628300Z 000000000000008 M03 Finished disk prep.
20220515T152632518Z 000000000000008 M03 Check package installed: htop
20220515T152633315Z 000000000000008 M03 Package is not present
20220515T152633317Z 000000000000008 M03 Install package: htop
20220515T152634869Z 000000000000008 M03 Package is installed
20220515T152634869Z 000000000000008 M03 Check package installed: htop
20220515T152640420Z 000000000000008 M03 Package is present
20220515T152642553Z 000000000000008 M03 Check package installed: java-11-amazon-corretto-headless
20220515T152643346Z 000000000000008 M03 Package is not present
20220515T152643347Z 000000000000008 M03 Install package: java-11-amazon-corretto-headless
20220515T152700964Z 000000000000008 M03 Package is installed
20220515T152700966Z 000000000000008 M03 Check package installed: java-11-amazon-corretto-headless
20220515T152706515Z 000000000000008 M03 Package is present
20220515T152710401Z 000000000000008 M03 Check web ports: 8080 - 8443
20220515T152710706Z 000000000000008 M03 Insecure is not present, adding
20220515T152711005Z 000000000000008 M03 Insecure added
20220515T152711006Z 000000000000008 M03 Secure is not present, adding
20220515T152711306Z 000000000000008 M03 Secure added
20220515T153438047Z 000000000000008 M03 Check web server vars: kipo - 99999
20220515T153438346Z 000000000000008 M03 JAVA_HOME is not present, adding
20220515T153438643Z 000000000000008 M03 JAVA_HOME added
20220515T153438644Z 000000000000008 M03 DC_NAME is not present, adding
20220515T153438940Z 000000000000008 M03 DC_NAME added
20220515T153438941Z 000000000000008 M03 DC_DEPLOYMENT is not present, adding
20220515T153439241Z 000000000000008 M03 DC_DEPLOYMENT added
20220515T153439243Z 000000000000008 M03 DC_NODE is not present, adding
20220515T153439543Z 000000000000008 M03 DC_NODE added
20220515T153439544Z 000000000000008 M03 DC_USER is not present, adding
20220515T153439846Z 000000000000008 M03 DC_USER added
The server is now ready for the dcServer software and your websites to be loaded.
Exit the remote connection to the new server, if you are still logged in, and reconnect.
$ ssh kipo
Just to be be sure, run this:
$ echo $DC_NODE
99999
The output (e.g. 99999) should be the node id of your deployment. If unsure, check your
matrix.xml
file and look for the
Node
in your
Deployment
- it should match that
Id
attribute.
dcServer Install
Unless you are doing a restore (reusing a disk or using a snapshot) you'll need to copy certain files to the server. From the same Utility Menu as in the step above select option 11 (Production Bundle dcServer).
Which deployment to bundle?
Enter the deployment alias, for example
kipo
.
Which node to bundle?
Enter the node id, for example
99999
.
out: after
Now from the command line in you local dcServer directory, go into the
temp
subdirectory.
$ cd temp
Connect to the new production server:
$ sftp kipo
Once connected, switch directories on the remote server.
sftp> cd /dcserver
Check that software is present - it should be a clean disk.
sftp> ls
lost+found
Upload the first file:
sftp> put dcserver-bundle.tgz
Uploading dcserver-bundle.tgz to /dcserver/dcserver-bundle.tgz
dcserver-bundle.tgz 100% 318MB 1.3MB/s 03:58
Upload the second file:
sftp> put dcserver-ext.tgz
Uploading dcserver-ext.tgz to /dcserver/dcserver-ext.tgz
dcserver-ext.tgz 100% 8608KB 1.3MB/s 00:06
Exit SFTP.
sftp> quit
Now SSH to the remote server:
$ ssh kipo
Change directory to
/dcserver
$ cd /dcserver
Extract the two bundles you uploaded:
$ tar -zxf dcserver-bundle.tgz
$ tar -zxf dcserver-ext.tgz -C lib
And then remove them.
$ rm dcserver-bundle.tgz
$ rm dcserver-ext.tgz
Initialize the production database:
$ ./foreground.sh kipo 99999 init-node
dcServer starting
20220424T120424561Z 000000000000000 M03 |OpId|00100-20220424T120424258Z-000000000000000| New operation context
Start local hub loader work
20220424T120424866Z 000000000000000 M03 Loading hub resources
20220424T120425248Z 000000000000000 M03 Hub resources loaded
20220424T120425462Z 000000000000000 B |Origin|hub:|Op|Start|
20220424T120425463Z 000000000000000 M03 Hub deployment: kipo
20220424T120425464Z 000000000000000 M03 Hub role: init-node
20220424T120425465Z 000000000000000 M03 Hub id: 99999
20220424T120425466Z 000000000000000 M03 Is hub production: false
20220424T120425466Z 000000000000000 M03 Java version: 11.0.4
20220424T120425467Z 000000000000000 M03 Java vendor: Amazon.com Inc.
20220424T120425468Z 000000000000000 M03 Java vm: OpenJDK 64-Bit Server VM
20220424T120425516Z 000000000000000 M03 /dev/epoll: yes
20220424T120425754Z 000000000000000 M03 OpenSSL: yes (BoringSSL, 269488255))
20220424T120425768Z 000000000000000 M03 |OpId|00100-20220424T120424258Z-000000000000001| New operation context
20220424T120425772Z 000000000000000 M03 |OpId|00100-20220424T120424258Z-000000000000002| New operation context
20220424T120425797Z 000000000000000 M03 |OpId|00100-20220424T120424258Z-000000000000003| New operation context
20220424T120425799Z 000000000000000 M03 Hub entered Booted state
20220424T120425799Z 000000000000000 B |Origin|hub:|Op|Run|
20220424T120425800Z 000000000000000 M03 Hub entered Running state
20220424T120425800Z 000000000000000 M03 |OpId|00100-20220424T120424258Z-000000000000004| New operation context
20220424T120425809Z 000000000000004 M03 |SessId|00100_u7l140a07p2rnu05beq7frjbgj| Session registered
Password:
*
[enter plain *]
-----------------------------------------------
Node Initialization
-----------------------------------------------
You could lose your node setup (database) by doing this command.
Are you sure you want to continue (y/n)?
y
Initialize Root Tenant
Global Root Password (required):
[enter a new password]
Root User Email (required):
[enter your email]
Node:
99999
20220424T120446279Z 000000000000004 M03 dcDatabase Started
Root added
20220424T120446419Z 000000000000004 M03 dcDatabase Stopped
Database configured, root tenant added.
20220424T120446420Z 000000000000004 M03 Ending session: 00100_u7l140a07p2rnu05beq7frjbgj
20220424T120446420Z 000000000000004 M03 Stopping Application Server
20220424T120446426Z 000000000000004 M03 |OpId|00100-20220424T120424258Z-000000000000005| New operation context
20220424T120446428Z 000000000000005 M03 Hub entered Stopping state
20220424T120446428Z 000000000000005 M03 Hub entered Stopping state
20220424T120446429Z 000000000000005 B |Origin|hub:|Op|Stop|
20220424T120446429Z 000000000000005 M03 Stopping hub
20220424T120446434Z 000000000000005 M03 Hub stopped
20220424T120446435Z 000000000000005 M03 Hub entered Stopped state
20220424T120446436Z 000000000000004 M03 Application hub shutdown started
20220424T120446439Z 000000000000004 M03 Application hub shutdown completed
Now add the tenant (all tenants):
$ ./foreground.sh kipo 99999
dcServer starting
20220424T120704248Z 000000000000000 M03 |OpId|00100-20220424T120703951Z-000000000000000| New operation context
Start local hub loader work
20220424T120704545Z 000000000000000 M03 Loading hub resources
20220424T120704942Z 000000000000000 M03 Hub resources loaded
20220424T120705181Z 000000000000000 B |Origin|hub:|Op|Start|
20220424T120705182Z 000000000000000 M03 Hub deployment: kipo
20220424T120705183Z 000000000000000 M03 Hub role: server
20220424T120705184Z 000000000000000 M03 Hub id: 99999
20220424T120705184Z 000000000000000 M03 Is hub production: false
20220424T120705185Z 000000000000000 M03 Java version: 11.0.4
20220424T120705186Z 000000000000000 M03 Java vendor: Amazon.com Inc.
20220424T120705186Z 000000000000000 M03 Java vm: OpenJDK 64-Bit Server VM
20220424T120705242Z 000000000000000 M03 /dev/epoll: yes
20220424T120705482Z 000000000000000 M03 OpenSSL: yes (BoringSSL, 269488255))
20220424T120705509Z 000000000000000 M03 |OpId|00100-20220424T120703951Z-000000000000001| New operation context
20220424T120705514Z 000000000000000 M03 |OpId|00100-20220424T120703951Z-000000000000002| New operation context
20220424T120705645Z 000000000000000 M03 dcDatabase Started
20220424T120705659Z 000000000000000 M03 dcDatabase Service Started
20220424T120705665Z 000000000000000 M03 |OpId|00100-20220424T120703951Z-000000000000003| New operation context
20220424T120705671Z 000000000000000 M03 |OpId|00100-20220424T120703951Z-000000000000004| New operation context
20220424T120705674Z 000000000000000 M03 Hub entered Booted state
20220424T120705675Z 000000000000000 B |Origin|hub:|Op|Run|
20220424T120705676Z 000000000000000 M03 Hub entered Running state
20220424T120705815Z 000000000000000 M03 Web Server listening - now listening for HTTP on TCP port 8443
20220424T120705817Z 000000000000000 M03 Web Server listening - now listening for HTTP on TCP port 8080
20220424T120705817Z 000000000000000 M03 |OpId|00100-20220424T120703951Z-000000000000005| New operation context
20220424T120705826Z 000000000000005 M03 |SessId|00100_m98bcj8uu4eq50gcobino4gs70| Session registered
Password:
your password
If using the dCA command prompt use option 13. If using the basic command prompt use option 1:
-----------------------------------------------
Hub General Utils
-----------------------------------------------
0) Exit
1) dcDatabase Utils
2) Local Utilities
3) Crypto Utilities
100) dcScript GUI Debugger
101) dcScript Run Script
1
And then option 10:
-----------------------------------------------
Hub 99999 DB Utility Menu
-----------------------------------------------
0) Exit
1) Database Dump
2) Create Database
3) Initialize Root Tenant (create db if not present)
4) Backup Database
5) Database Backup Info
6) Restore Database
7) Compact Database - TODO
8) Mess Database
9) Re-index dcTables
10) Add Tenant
10
Tenant Alias:
kipo
Add Tenant Messages:
[
]
Add Tenant Response:
[empty]
tenant added to db, restart server to activate
-----------------------------------------------
Hub 99999 DB Utility Menu
-----------------------------------------------
0) Exit
1) Database Dump
2) Create Database
3) Initialize Root Tenant (create db if not present)
4) Backup Database
5) Database Backup Info
6) Restore Database
7) Compact Database - TODO
8) Mess Database
9) Re-index dcTables
10) Add Tenant
Repeat option 10 (or 13 if dCA command line) for each tenant in the deployment. Then exit:
0
-----------------------------------------------
Hub General Utils
-----------------------------------------------
0) Exit
1) dcDatabase Utils
2) Local Utilities
3) Crypto Utilities
100) dcScript GUI Debugger
101) dcScript Run Script
0
20220424T120739449Z 000000000000005 M03 Ending session: 00100_m98bcj8uu4eq50gcobino4gs70
20220424T120739450Z 000000000000005 M03 Stopping Application Server
20220424T120739461Z 000000000000005 M03 |OpId|00100-20220424T120703951Z-000000000000006| New operation context
20220424T120739463Z 000000000000006 M03 Hub entered Stopping state
20220424T120739465Z 000000000000006 M03 Web Server unbound
20220424T120739466Z 000000000000006 M03 Web Server unbound
20220424T120739466Z 000000000000006 M03 Hub entered Stopping state
20220424T120739466Z 000000000000006 B |Origin|hub:|Op|Stop|
20220424T120739467Z 000000000000006 M03 Stopping hub
20220424T120739469Z 000000000000006 M03 dcDatabase Stopped
20220424T120741490Z 000000000000006 M03 Hub stopped
20220424T120741490Z 000000000000006 M03 Hub entered Stopped state
20220424T120741491Z 000000000000005 M03 Application hub shutdown started
20220424T120741496Z 000000000000005 M03 Application hub shutdown completed
Run once more:
$ ./foreground.sh kipo 99999
...etc...
Look for any error messages. If none then try loading the site in your web browser. For example: http://kipo.designcraftadvertising.com
If it loads then you are ready to run the server properly. Enter
0
to stop and then run it like so:
./server.sh startup
Check that the website still loads, if so you have launched a production website.
CMS Sync
TODO - SETUP “sync” file