- Create a THREDDS VM on Jetstream
- Create a THREDDS VM on Jetstream
- Clone the science-gateway Repository
- Start TDS With Docker and docker-compose
- TDS Configuration
- TDS log Directories
- LDM Data Directory from idd-archiver Via NFS
- HTTPS and SSL Certificate
- Ports 80, 443 and 8443
- THREDDS Data Manager (TDM)
- docker-compose.yml
- Start the TDS
- Navigate to the TDS
Create an m1.medium VM with the Jetstream OpenStack API. Work with Unidata system administrator staff to have this VM's IP address resolve to tds.scigw.unidata.ucar.edu.
We will be making heavy use of the Unidata/science-gateway git repository.
git clone https://github.com/Unidata/science-gateway ~/science-gatewayWith the help of Docker and docker-compose, starting a VM with the TDS should be fairly easy. There are a few directories you will need to map from outside to within the container. See here to install Docker and docker-compose.
mkdir -p ~/tdsconfig/
wget http://unidata-tds.s3.amazonaws.com/tdsConfig/thredds/config.zip -O ~/tdsconfig/config.zip
unzip ~/tdsconfig/config.zip -d ~/tdsconfig/Edit the ~/tdsconfig/threddsConfig.xml to supply contact and host institution by filling out the contact and hostInstitution XML elements. For example:
<contact>
<name>THREDDS Support</name>
<organization>Unidata</organization>
<email>[email protected]</email>
</contact>
<hostInstitution>
<name>Unidata</name>
<webSite>http://www.unidata.ucar.edu/</webSite>
<logoUrl>https://www.unidata.ucar.edu/software/thredds/v4.6/tds/images/unidataLogo.png</logoUrl>
<logoAltText>Unidata</logoAltText>
</hostInstitution>
You will need Apache Tomcat and TDS log directories:
mkdir -p /logs/tds-tomcat/
mkdir -p /logs/tds/The TDS will need access to the /data/ldm/ directory from idd-archiver in order to serve data. Mount it via NFS on the 10.0. network. For example, if idd-archiver is at 10.0.0.8:
# create the NFS mount point
mkdir -p /data
mount 10.0.0.8:/data /dataYou will want to ensure the NFS /data volume is available with the help of fstab.
echo 10.0.0.8:/data /data nfs rsize=32768,wsize=32768,timeo=14,intr | tee --append /etc/fstab > /dev/nullAt the very least, you will need a self-signed certificate to enable communication from the TDS. In the long run, you will want a real certifcate from a certificate authority.
In the ~/science-gateway/vms/thredds/files/ directory, generate a self-signed certificate with openssl (or better yet, obtain a real certificate from a certificate authority).
openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj \
"/C=US/ST=Colorado/L=Boulder/O=Unidata/CN=jetstream.unidata.ucar.edu" \
-keyout ~/science-gateway/vms/thredds/files/ssl.key \
-out ~/science-gateway/vms/thredds/files/ssl.crtSee the parent Tomcat container for instructions on HTTPS.
Open port 80 on the THREDDS VM via OpenStack. Port 80 requests will be forwarded to 8080 inside the THEREDDS Docker container. In addition, open ports 443 and 8443 for SSL and communication from the TDM.
The TDM is an application that works in conjunction with the TDS. It creates indexes for GRIB data as a background process, and notifies the TDS via port 8443 when data have been updated or changed. Because the TDM needs to write data, and NFS tuning concerns, in the present configuration, we have the TDM running on the idd-archiver VM.
Based on the directory set we have defined, the docker-compose.yml file that looks like:
###
# THREDDS
###
version: '3'
services:
thredds-production:
image: unidata/thredds-docker:latest
container_name: thredds
# restart: always
ports:
- "80:8080"
- "443:8443"
- "8443:8443"
volumes:
- /logs/tds-tomcat/:/usr/local/tomcat/logs/
- /logs/tds/:/usr/local/tomcat/content/thredds/logs/
- ./files/tomcat-users.xml:/usr/local/tomcat/conf/tomcat-users.xml
- ./files/tdsCat.css:/usr/local/tomcat/webapps/thredds/tdsCat.css
- ./files/folder.gif:/usr/local/tomcat/webapps/thredds/folder.gif
- ./files/index.jsp:/usr/local/tomcat/webapps/ROOT/index.jsp
- /data/:/data/
- ~/tdsconfig/:/usr/local/tomcat/content/thredds
# Everything below is required for https
- ./files/server.xml:/usr/local/tomcat/conf/server.xml
- ./files/web.xml:/usr/local/tomcat/conf/web.xml
- ./files/keystore.jks:/usr/local/tomcat/conf/keystore.jks
env_file:
- "compose${THREDDS_COMPOSE_ENV_LOCAL}.env"You can provide additional THREDDS parameterization via the compose.env file referenced in the docker-compose.yml file.
### THREDDS related environment variables
# TDS Content root
# Paremeterization of the TDS_CONTENT_ROOT_PATH is probably not needed here
# since paremeterization can already achieved through the docker-compose.yml but
# here it is anyway
TDS_CONTENT_ROOT_PATH=/usr/local/tomcat/content
# The minimum and maximum Java heap space memory to be allocated to the TDS
THREDDS_XMX_SIZE=4G
THREDDS_XMS_SIZE=4G
# See https://github.com/Unidata/tomcat-docker#configurable-tomcat-uid-and-gid
TOMCAT_USER_ID=1000
TOMCAT_GROUP_ID=1000Once you have done the work of setting up THREDDS related directories in the way you like,
docker-compose up -dto start the TDS
In a web browser, navigate to https://tds.scigw.unidata.ucar.edu/thredds/catalog.html to see if is running.