Installation_of_Handle.net_server_2
This page describes the installation of the handle.net server version 7.0 on the development server, bhl-mandible (bhl-mandible.nhm.ac.uk,
157.140.72.32), a similar protocol is found in Installation_of_Handle.net_server
Documentation on the Handle.net architecture:
http://www.handle.net/documentation.html
Handle server manual:
http://www.handle.net/tech_manual/Handle_Tech_Manual_7_v1-1-22Dec10.pdf
Handle-Tool user manual:
http://www.handle.net/tech_manual/HandleTool_UserManual.pdf
1) Install Java version 5 or greater on your computer. Note: if Java is
already on your computer, type 'java -version' at the command prompt to
find out what version has been installed.
JRE is already installed:
bhl-mandible:/opt# java -version
java version "1.6.0_0"
OpenJDK Runtime Environment (build 1.6.0_0-b11)
OpenJDK 64-Bit Server VM (build 1.6.0_0-b11, mixed mode)
2) Unpack the handle system distribution into a directory on your
computer. For the rest of these instructions, we will assume this
directory is /hs/hsj-7.0/.
sudo su
cd /opt/
wget http://www.handle.net/hs-source/hsj-7.0.tar.gz
tar -xzf hsj-7.0.tar.gz
3) Choose a directory that will hold the configuration and data for
this server.
We will use a folder on the drive mounted at /mnt/nfs-demeter/
# root is not granted to write into /mnt/nfs-demeter/
bhladmin@bhl-mandible:~$ exit
# now I should be logged in as bhladmin, checking this ...
bhladmin@bhl-mandible:~$ whoami
bhladmin
bhladmin@bhl-mandible:~$ mkdir /mnt/nfs-demeter/development/handle
4) Set up and configure a new or existing server.
cd /opt/hsj-7.0/
bin/hdl-setup-server /mnt/nfs-demeter/development/handle
#### Configuration:
Will this be a regular Handle server (recommended)?: Y
Will this be a "primary" server (ie, not a mirror of another server)?(y/n) [y]: y
Through what network-accessible IP address should clients connect to this server? [157.140.72.32]:
If different, enter the IP address to which the server should bind. [157.140.72.32]:
Enter the (TCP/UDP) port number this server will listen to [2641]:
What port number will the HTTP interface be listening to? [8000]:
Would you like to log all accesses to this server?(y/n) [n]:
Each handle site has a version/serial number assigned
to it. This is so that a client can tell if a particular
site's configuration has changed since the last time it
accessed a server in the site. Every time you modify a site
(by changing an IP address, port, or adding a server, etc),
you should increment the version/serial number for that site.
Enter the version/serial number of this site [1]:
Please enter a short description of this server/site: BHL-Europe Handle Server and Resolver
Please enter the name of your organization: BHL-Europe
Please enter the name of a contact person
for BHL-Europe (optional) [(none)]: Chris Sleep
Please enter the telephone number of Chris Sleep or of BHL-Europe (optional) [(none)]:
Please enter the email address of Chris Sleep or of BHL-Europe: C.J.Sleep@nhm.ac.uk
The Handle System can communicate via UDP and/or TCP sockets.
Since UDP messages are blocked by many network firewalls, you may
want to disable UDP services if you are behind such a firewall.
Would you like to disable UDP services?(y/n) [n]: y
Generating keys for: Server Certification
The private key that is about to be generated should be stored
in an encrypted form on your computer. Encryption of the
private key requires that you choose a secret passphrase that
will need to be entered whenever the server is started.
Note: Your private key may be stored unencrypted if you so choose.
Please take all precautions to make sure that only authorized
users can read your private key.
Would you like to encrypt your private key?(y/n) [y]:
Please enter the private key passphrase for Server Certification:
Note: Your passphrase will be displayed as it is entered
1hndl4BHL-3
Generating keys for: Administration
The private key that is about to be generated should be stored
in an encrypted form on your computer. Encryption of the
private key requires that you choose a secret passphrase that
will need to be entered whenever the server is started.
Note: Your private key may be stored unencrypted if you so choose.
Please take all precautions to make sure that only authorized
users can read your private key.
Would you like to encrypt your private key?(y/n) [y]: y
Please enter the private key passphrase for Administration:
Note: Your passphrase will be displayed as it is entered
1hndl4BHL-3_adm
Generating site info record...
-------------------------------------------------------
You have finished configuring your regular (primary) Handle service.
This service now needs to be registered in the Global Handle Registry (GHR).
Go to http://hdl.handle.net/4263537/5014 to register to
become a resolution service provider and then upload
your newly created sitebndl.zip file. Please read the
instructions on this page carefully. When the handle
administrator receives your file, a prefix will be
created and you will receive notification via email.
Please send all questions to hdladmin@cnri.reston.va.us.
Thank you for your interest in CNRI's Handle System.
5) Registration of the BHL-Europe Handle Server at the Global Handle Registry
We already have a handle server registered at the Global Handle Registry (GHR) for which recieved the prefix
10706. Therefore we will move the old server to the new server as described in
http://www.handle.net/faq.html "
We're moving our handle service to new server hardware. Can you tell me what I need to do?":
- Copy the handles.jdb and nas.jdb files to the new server (assuming you don't want to have to recreate your existing handles): skipped!
- send the new sitebndl to hdladmin@cnri.reston.va.us: sent 12.05.2011 13:00
- your prefix (i.e., naming authority handle) will be updated with the new service information:
E-mail Response:
From: Jane Euler <jeuler@cnri.reston.va.us>
All set. Prefix 10706 has been updated in the Global Registry.
Let me know if you run into any problems.
Thanks
Jane Euler
CNRI - The final step will be for you to home your prefix on the new server as described in the install.txt file.: TODO
6) Edit the config.dct file.
- Replace the words "YOUR_NAMING_AUTHORITY" under "server_admins" and "replication_admins" with your naming authority/prefix
This allows anyone with the private key that matches your public key to be an Administrator for your identifier and/or resolu
tion services.
vi /mnt/nfs-demeter/development/handle/config.dct
----------------------------------------------------
"server_admins" = (
"300:0.NA/10706"
)
"replication_admins" = (
"300:0.NA/10706"
)
"max_session_time" = "86400000"
"this_server_id" = "1"
"max_auth_time" = "60000"
"backup_admins" = (
"300:0.NA/10706"
)
7)
Testing server
starting the server:
/opt/hsj-7.0/bin/hdl-server /mnt/nfs-demeter/development/handle/ &
HANDLE.NET Server Software version 7.0
"2011-05-13 11:45:05.708Z" 25 Rotating log files
Enter the passphrase for this server's authentication private key:
Note: Your passphrase will be displayed as it is entered
1hndl4BHL-3
UDP handle Request Listener:
address: /157.140.72.32
port: 2641
Starting UDP request handlers: .TCP handle Request Listener:
address: /157.140.72.32
port: 2641
Starting TCP request handlers: ....HTTP handle Request Listener:
. address: /157.140.72.32
port: 8000
Starting HTTP request handlers: ...........
...............DONE
.............
Running handle server diagnostic tests (see Handle_Tech_Manual (link above) chapter 5.4 TestTool):
bhladmin@bhl-mandible:/opt/hsj-7.0/bin$ ./hdl-testtool client 0.NA/10706
*****Begin Client Test*****
SERVER: 132.151.20.9
TCP:2641 ***PASS***
UDP:2641 ***PASS***
HTTP:8000 ***PASS***
PING [avg:null/loss:100%] ***FAIL***
SERVER: 38.100.138.131
TCP:2641 ***PASS***
UDP:2641 ***PASS***
HTTP:8000 ***PASS***
PING [avg:null/loss:100%] ***FAIL***
SERVER: 63.123.152.246
TCP:2641 ***PASS***
UDP:2641 ***PASS***
HTTP:8000 ***PASS***
PING [avg:null/loss:100%] ***FAIL***
SERVER: 132.151.1.179
TCP:2641 ***PASS***
UDP:2641 ***PASS***
HTTP:8000 ***PASS***
PING [avg:null/loss:100%] ***FAIL***
SERVER: 218.241.99.150
TCP:2641 ***PASS***
UDP:2641 ***PASS***
HTTP:8000 ***PASS***
PING [avg:null/loss:100%] ***FAIL***
SERVER: 134.76.10.100
TCP:2641 ***PASS***
UDP:2641 ***PASS***
HTTP:8000 ***PASS***
PING [avg:null/loss:100%] ***FAIL***
Although the test tool is reporting FAILURES, the test has passed. The lost ping packages are only due to the NHM network setting which seems to block ICMP packages.