This project uses Django React/Redux Base Project from Seedstarts as a boilerplate. Please refer to their github for the complete list of technologies used.
Here are the main tools whose knowledge is useful to contribute:
Frontend
Backend
This app has a bit complicated architecture due to the nature of other systems it has to communicate.
Production/development setup uses nginx as reverse proxy and Gunicorn as an application server. Below are the steps needed to setup environment on RHEL from scratch. Instructions are based on this article How To Set Up Django with Postgres, Nginx, and Gunicorn on CentOS 7
Use these instructions to setup a new production environment from scratch. By following these instructions you will create a dedicated user wtc-console for running this application with Gunicorn, update proxy config for Nginx and setup firewall to allow traffic on port 80.
If you are using CERN managed machine then ask administrator to install latest Node version. If you are managing this machine, then follow this guide for RHEL
Go to Oracle client site and download Oracle Instant Client 12.2 Basic. Note: you will need to have Oracle account and download it to your machine.
Upload it to the server in your preferred way
Run sudo yum localinstall oracle-instantclient* --nogpgcheck
Add RabbitMQ repo according to RabbitMQ installation guide. Then run these commands:
sudo yum install rabbitmq-serversudo chkconfig rabbitmq-server onsudo /sbin/service rabbitmq-server startsudo useradd wtc-consolesudo su - wtc-consoleClone this project to wtc-console users home directory.
git clone https://github.com/CMSCompOps/wtc-console.gitcd wtc-console/Open wtc-console users .bashrc file:
vim ~/.bashrc
Add these lines to it:
export ORACLE_HOME=/usr/lib/oracle/12.2/client64
export LD_LIBRARY_PATH=$ORACLE_HOME/lib
export PATH=$PATH:$ORACLE_HOME/binAnd apply these changes:
. ~/.bashrc
pip install --upgrade pippip install virtualenvvirtualenv wtc-console-envLog out of wtc-console users session and with your user install nginx and dependencies
sudo yum install epel-releasesudo yum install nginxAdd following lines to /etc/nginx/nginx.conf as a first server entry in http section and change domain_name to the actual domain name probably in format of _nodename.cern.ch
server {
listen 80;
server_name domain_name;
location = /favicon.ico { access_log off; log_not_found off; }
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://0.0.0.0:8000;
}
}Test if configuration is valid
sudo nginx -tStart nginx and set it to run on startup
On RHEL and CentOS:
sudo systemctl start nginxsudo systemctl enable nginxOn Scientific Linux CERN:
sudo service nginx startsudo chkconfig nginx onIf when opening domain.cern.ch you see this error in /var/log/nginx/error.log:
*2 connect() to 127.0.0.1:8000 failed (13: Permission denied) while connecting to upstream, client: some_ip, server: some_domain, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8000/", host: "some_domain"Then use this command to solve it:
sudo setsebool -P httpd_can_network_connect 1It turns on httpd connections and -P makes it persistent.
sudo chown -R wtc-console:nginx /home/wtc-console/wtc-consolesudo chmod 770 /home/wtc-console/wtc-consoleAsk system administrators to include port 80 to puppet config. If puppet is not used, then you can configure firewall yourself to bypass traffic on this port with these commands:
sudo iptables -I INPUT 1 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPTsudo iptables -I OUTPUT 1 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPTsudo service iptables savesudo service iptables restartYou can see current config with sudo iptables --line -vnL or sudo less /etc/sysconfig/iptables
Copy src/djangoreactredux/settings/local_template.py setting file to src/djangoreactredux/settings/local.py and modify oracle db credentials through UNIFIED_DB and MONGODB_DATABASES to reflect your development environment. Errors and debug information concerning celery workers and oracle db configuration will not be rendered through Django, instead always check logs/celery.log for errors: grep ERROR logs/celery.log.
Modify TNS_ADMIN located at bin/start_dev.sh, at cern use: /afs/cern.ch/project/oracle/admin/.
Create prod.py in src/djangoreactredux/settings/ directory by using _prodtemplate.py settings template file and update the oracle and mongo db fields with prod values.
cp src/djangoreactredux/settings/prod_template.py src/djangoreactredux/settings/prod.pyvim src/djangoreactredux/settings/prod.pyCreate certificates for this machine and copy them to cert/ directory.
Proceed to Development on dev machine or Production deployment steps depending on the machine purpose.
Development on remote node requires to run three sessions (terminals). First one will have frontent watch running, second will have backend running. And third one is for developent with editor of your choise.
Modify src/djangoreactredux/settings/base.py to include the assigned hostname:
ALLOWED_HOSTS = ['localhost','myDevTestMachine.cern.ch']Become wtc-console user:
sudo su - wtc-consoleGo to project dir
cd wtc-consoleStart frontend resources watching:
npm install && npm run devStart Django backend and Celery workers:
./bin/start_dev.shEdit sources with an editor of you choise.
To install CERN Certification Authority and User certificates:
mkdir src/djangoreactredux/cert && cd wtc-console/src/djangoreactredux/cert
wget -c "https://cafiles.cern.ch/cafiles/certificates/CERN%20Root%20Certification%20Authority%202.crt" -O CERNRootCertificationAuthority2.crtAnd, depending on the location of your Key/Cert files:
cp ~/.globus/cert.pem crt.pem
cp ~/.globus/key.pem . The location of these files is specified via src/djangoreactredux/settings/dev.py
Become wtc-console user:
sudo su - wtc-consoleGo to project dir
cd wtc-consoleDeployment is done with one bash command. It will:
./bin/deploy_prod.sh
If for some reason application should be stoppet then use this script:
./src/bin/stop_prod.sh
It will stop Gunicorn and Celery tasks
Logs are in /home/wtc-console/wtc-console/logs
When developing a new feature create your own branch and push your changes at least daily.
Do not push directly to master. Create pull requests and assign someone to approve it. Go through your pull request your self, it helps to see if there is unwanted or commented-out code.
While working on project you might encounter situations where you want to add functionality from third parties. This is done by adding dependecies to external libraries.
Intall dependency with yarn
yarn add dependency-nameInstall dependency with pypi
pip install dependency-name