datadavev
commented
3 years ago Apache 2.4.48 is available from the PPA at https://launchpad.net/~ondrej/+archive/ubuntu/apache2
It is added by:
sudo add-apt-repository ppa:ondrej/apache2
sudo apt updateProcedure for update is basically:
- set DNS for search to other search instance
- upgrade apache
- verify operation
- switch DNS back
- update other search instance
After adding the PPA for apache, upgrade of apache went smoothly. However test reported:
$ sudo apache2ctl -v
Server version: Apache/2.4.48 (Ubuntu)
Server built: 2021-06-08T07:06:36
$ sudo apache2ctl -t
[Thu Jun 17 18:54:02.227047 2021] [proxy:warn] [pid 19721:tid 140686635940800] AH10249: ProxyPass/<Proxy> and ProxyPassMatch/<ProxyMatch> can't be used altogether with the same worker name (https://cn.dataone.org/); ignoring ProxyPassThe search UI operated as expected when accessing search-ucsb-1.dataone.org however, the UI reported an error after switching DNS for search.dataone.org back to search-ucsb-1:
Error details: // The path to your configuration file for MetacatUI. This can be any web-accessible location. var appConfigPath = "/js/themes/dataone/config.js";Determined this error was a consequence of the ProxyPass warning preventing connection by the client to the CN. The ProxyPass statements were adjusted to:
ProxyPassMatch "^/cn/v1/(.*)" "https://cn.dataone.org/cn/v1/$1"
ProxyPassReverse "/cn/v1/" "https://cn.dataone.org/cn/v1/"
ProxyPassMatch "^/cn/v2/(.*)" "https://cn.dataone.org/cn/v2/$1"
ProxyPassReverse "/cn/v2/" "https://cn.dataone.org/cn/v2/"After restarting apache, the UI operated as expected.
Note: Minor issue to follow up on - the multiple ProxyPassMatch can likely be merged to a single, why were they explicitly separate originally?
The latest version of apache available through Ubuntu channels is 2.4.29 which although is stables and receives backports for security, triggers notification from UCSB scanners.
This issue documents the upgrade of apache on search.dataone.org to use the latest apache release, currently 2.4.48.