This document tells how to install the Early Detection Research Network (EDRN) public portal and knowledge environment, or more simply, the "EDRN portal", version 4.2. Preparation and installation takes two hours.


Before installing the EDRN site, you'll need to prepare the host and gather some information. This installation assumes the following:

  • You're installing this software on the same host that currently runs EDRN portal version 4.1.
  • The Unix account running the EDRN portal, "edrn", won't be changing.
  • The current EDRN installation directory is available for reading. If it's not, copy one over from some other host.
  • You're installing this software in a new directory, not overwriting the current EDRN installation directory.
  • The Apache HTTPD configuration may be updated as needed to reverse-proxy to this, the new EDRN software installation.

Once the deployment process is complete, this software will become the new EDRN portal software. The old directory with version 4.1 may then be removed.

This software has dependencies on several external packages, however these should already be installed as they were also required for version 4.1. As a reminder, these are the dependencies:

  • Python 2.4 or later plus development environment (Python.h headers, etc.).
  • C/C++ compiler and "make" (to build additional software)
  • JPEG 6B development libraries
  • OpenSSL development libraries
  • wvWare tools
  • PDF-to-HTML tools
  • SASL
  • OpenLDAP
  • Varnish

Check and install these dependencies using your system provided tools (such as Pirut, Aptitude, etc.) or by building and installing from source.

You'll also need a private key and public certificate for HTTPS access to the website.

Deploying the EDRN Portal

To deploy this version of the EDRN portal, perform the following steps:

  1. Cancel the current system services (log rotation, cron jobs) for the old version 4.1 of the portal.
  2. Run the deploy script for the new portal, version 4.2.
  3. Stop the old portal 4.1 and update its init.d startup script for the new version 4.2.
  4. Start the new version 4.2 processes.
  5. Adjust the Apache HTTP reverse proxy configuration and install the SSL certificates.
  6. Make the site.cfg file readable only by user "edrn".
  7. Install the log rotation and cron jobs for the new version 4.2 portal.

The rest of this document details the above steps.

Canceling the Current System Services

The old version of the EDRN portal currently running takes advantage of a few operating system services, including log file rotation and periodic cron jobs. These need to be canceled. To do so, remove the following files/symlinks:

  • /etc/cron.daily/edrn (might be named "backup" or "edrn-backup")
  • /etc/cron.weekly/edrn (might be named "edrn-maint")
  • /etc/cron.monthly/edrn (might be named "zeopack" or "edrn-pack")
  • /etc/logrotate.d/edrn (might be named "edrn-portal")

Running the Deploy Script

Deploying the new version of the EDRN portal is easier than ever before. To do so:

  1. Extract the software archive:

    tar xjf edrn-portal-VERSION.tar.bz2

    Replace VERSION with the version number being deployed. Do not extract the file over an existing installation directory; as a sibling directory, or elsewhere, is fine. Do so as the EDRN user "edrn".

  2. Change the current working directory to the newly extracted directory, which from here on out we'll call $INSTALL_DIR:

    cd edrn-portal-VERSION
  3. Run the deployment script:

    ./ --existing-install=OLDPORTAL PUBLIC-HOSTNAME

    Replace OLDPORTAL with the path to the old, currently running EDRN portal. Replace PUBLIC-HOSTNAME with either "" (production), "" (test), or "" (development). For example:

    ./ --existing-install=/home/edrn/4.1-FINAL

The deployment script will check dependencies and system configuration, download the EDRN portal software and its related packages, configure them, copy the old content database, upgrade it, and prepare everything automatically.

You must have a copy of the old version 4.1 of the portal with all of its content intact. If you don't, tar up its installation directory from wherever it's currently running on and bring it over!

The deployment script will also create a detailed log file, deploy.log, with lots of information that can be helpful if anything goes wrong. You won't need to redirect or save the console output of the command at all.

For finer control over what the deployment script does, you can specify additional command-line arguments. Run ./ --help for a list of options.

If the script fails to run, try running it with the Python interpreter; i.e.:

/usr/bin/python ./ --existing-install=/home/edrn/4.1-FINAL

All of the steps that the script carries out can take an enormous amount of time. If you're fond of food, now would be a great time to take a lunch break; be sure to get cocktails, appetizers, a bottle of wine, dessert, and coffee. Yes, it's going to be that long.

Deployment Options

There's one required "argument": the public hostname of the website. There is also only one required command-line "option" for the deployment script, --existing-install.

All of the rest are optional. The full set of command-line options you can provide to the script includes:

This option is required. Tells the deployment script to use the old, existing installation of the EDRN portal software in the directory EXISTING_INSTALL.
Username to use for the process Supervisor (default "supervisor")
Password for Supervisor (will be generated if not given)
-z ZOPE_USER, --zope-user=ZOPE_USER
Username for the Zope appserver (default "edrn-admin")
Password for the Zope appserver (will be generated if not given)

The remaining options control the TCP ports on which the various processes that comprise the EDRN portal listen. You can specify a base port number (and each process listens on a port number offset from the base), and/or individual port numbers.

Base port (procs get base +1,+2,..., default 6310)
Cache control port (default base+1)
Cache port (default base+2)
Supervisor port (default base+3)
ZEO monitor port (default base+4)
--zeo-port=NUM ZEO database port (default base+5)
Zope debug port (default base+6)
Zope appserver 1 (default base+7)
Zope appserver 2 (default base+8)

Shutting Down the Old One and Starting the New One

Shut down the old EDRN 4.1 site by running the rc script as follows:

sudo /etc/init.d/edrn-supervisor stop

Adjust the path to the rc script as necessary. Then, edit the script and replace paths to the 4.1 version with the 4.2 version. Finally, start the new version:

sudo /etc/init.d/edrn-supervisor start

At this point, you can run $INSTALL_DIR/bin/supervisorctl to ensure the various processes that provide the EDRN site are OK. All of the following processes should be listed as running:

Process ID Description
cache Varnish reverse proxy caching engine
instance1 First Zope application server
instance2 Second Zope application server
zeo Zope Enterprise Objects database server

You can check that the site is active by fetching the following URLs (adjusting port numbers as needed):

You should get an identical web page from all three URLs.

Onto Apache...

Front End Web Server

The Apache HTTPD web server must now be configured. First, install the SSL certificate and private key:

  • Put the public certificate in $INSTALL_DIR/etc/server.crt
  • Put the private key in $INSTALL_DIR/etc/server.key

For convenience, ensure there is no passphrase on the private key.

The script generated two Apache HTTPD configuration files:

  • $INSTALL_DIR/ops/apache-httpd.conf
  • $INSTALL_DIR/ops/apache-httpd-ssl.conf

Remove any previous configurations for version 4.1 and install these files in the appropriate locations for version 4.2. Then, restart Apache HTTPD.

You should then be able to visit these URLs:

Replace PUBLIC-HOSTNAME with the command-line argument given to the script.

Protecting the site.cfg file

Make sure site.cfg is readable only by user "edrn":

chmod 600 site.cfg

Hooking into the Operating System

The EDRN site relies on services provided by the Unix operating system for its operation. Specifically, it needs help from Unix ...

  • Via cron, to run periodic maintenance
  • Via logrotate, to trim and archive log files

Cron Jobs

The EDRN site relies on the Unix cron scheduler for periodic tasks. These tasks include:

  • Daily database backups
  • Weekly restarts and snapshots
  • Monthly database packing

To set up the cron jobs, do the following:

  1. Install $INSTALL_DIR/bin/backup as /etc/cron.daily/edrn-backup.

  2. Install $INSTALL_DIR/bin/zeopack as /etc/cron.monthly/edrn-pack.

  3. Create a script /etc/cron.daily/edrn-maint with the following contents (substituting the appropriate value for $INSTALL_DIR):

    day=`/bin/date '+%w'`
    if [ $day == 0 ]; then
    /usr/bin/find $INSTALL_DIR/var/snapshotbackups -type f -print0 | /usr/bin/xargs -0 /bin/chmod 644
    /usr/bin/find $INSTALL_DIR/var/blobstorage -type f -print0 | /usr/bin/xargs -0 /bin/chmod 644
    /usr/bin/find $INSTALL_DIR/var/blobstorage -type d -print0 | /usr/bin/xargs -0 /bin/chmod 755
    $INSTALL_DIR/bin/supervisorctl restart instance2 ;;
    $INSTALL_DIR/bin/supervisorctl restart instance1 ;;
    exit 0
  4. Make the script executable: sudo chmod 755 /etc/cron.daily/edrn-maint

Log Rotation

During the buildout, a configuration file compatible with logrotate was generated and placed in ops/logrotate.conf. Install this file:

install -o root -g root -m 644 $INSTALL_DIR/ops/logrotate.conf /etc/logrotate.d/edrn-portal

Security Scans

Before unleashing IBM Rational AppScan or other web application scanning technology on the site, you should make a backup of the content and settings databases with a command similar to:

tar cjf backup.tar.bz2 $INSTALL_DIR/var/blobstorage $INSTALL_DIR/var/filestorage

This backup can be made while the site is running.

Note that the scan should be configured to avoid certain URLs:

  • Any URL that contains "selectViewTemplate"
  • Any URL that ends with "@@manage-viewlets"
  • Any URL that contains "@@faceted_settings"
  • Any URL that ends with "object_cut"
  • Any URL that ends with "delete_confirmation"
  • Any URL that contains "@@faceted_subtyper"
  • Any URL that contains "@@faceted_layout"
  • Any URL that ends with "@@skins-controlpanel"
  • Any URL that ends with "@@usergroup-userprefs"
  • Any URL that contains "folder_listing".

Also, it should not click certain form controls:

  • Any input type of "submit" with value "folder_cut:method"
  • Any input type of "submit" with value "folder_delete:method"

Updating DNS

The last step in deploying the EDRN site is to update your domain name servers, or DNS. Set the CNAME for the PUBLIC-HOSTNAME appropriately.

Questions, Bug Reports, and Help

For feedback about this product, please visit the feedback page at