Page Contents

OMERO

Downloads
Feature List
Licensing

Previous topic

OMERO.server installation on CentOS 7 and Ice 3.5

Next topic

OMERO.server installation on Ubuntu 14.04 and Ice 3.5

This Page

Note

This documentation is for OMERO 5.2. This version is now in maintenance mode and will only be updated in the event of critical bugs or security concerns. OMERO 5.3 is expected before the end of 2016.

OMERO.server installation on CentOS 7 and Ice 3.6

This is an example walkthrough for installing OMERO on CentOS 7, using a dedicated system user, and should be read in conjunction with OMERO.web deployment. You can use this as a guide for setting up your own test server. For production use you should also read the pages listed under Optimizing Server Configuration.

These instructions assume your Linux distribution is configured with a UTF-8 locale (this is normally the default).

For convenience in this walkthrough the main OMERO configuration options have been defined as environment variables. When following this walkthrough you can either use your own values, or alternatively source the following file:

OMERO_DB_USER=db_user
OMERO_DB_PASS=db_password
OMERO_DB_NAME=omero_database
OMERO_ROOT_PASS=omero_root_password
OMERO_DATA_DIR=/OMERO

OMERO_WEB_PORT=80

export OMERO_DB_USER OMERO_DB_PASS OMERO_DB_NAME OMERO_ROOT_PASS OMERO_DATA_DIR OMERO_WEB_PORT

export PGPASSWORD="$OMERO_DB_PASS"

settings.env

Installing prerequisites

The following steps are run as root.

Install Java 1.8, Ice 3.6 and PostgreSQL 9.4:

To install Java 1.8 and other dependencies:

yum -y install epel-release

# installed for convenience
yum -y install unzip wget

# install Java
yum -y install java-1.8.0-openjdk

# install dependencies

yum -y install \
	python-pip python-devel python-virtualenv \
	numpy scipy python-matplotlib python-tables

yum -y install \
	zlib-devel \
	libjpeg-devel \
	gcc
pip install --upgrade pip

pip install -r `dirname $0`/requirements.txt

To install Ice 3.6:

cd /etc/yum.repos.d
wget https://zeroc.com/download/rpm/zeroc-ice-el7.repo

yum -y install gcc-c++
yum -y install libdb-utils
yum -y install openssl-devel bzip2-devel expat-devel

yum -y install ice-all-runtime ice-all-devel

pip install "zeroc-ice>3.5,<3.7"

To install PostgreSQL 9.4:

# install Postgres
# Postgres, reconfigure to allow TCP connections
yum -y install http://yum.postgresql.org/9.4/redhat/rhel-7-x86_64/pgdg-centos94-9.4-2.noarch.rpm
yum -y install postgresql94-server postgresql94

PGSETUP_INITDB_OPTIONS=--encoding=UTF8 /usr/pgsql-9.4/bin/postgresql94-setup initdb

sed -i.bak -re 's/^(host.*)ident/\1md5/' /var/lib/pgsql/9.4/data/pg_hba.conf
systemctl start postgresql-9.4.service

systemctl enable postgresql-9.4.service

See requirements.txt

Create an omero system user, and a directory for the OMERO repository:

useradd -m omero
chmod a+X ~omero

mkdir -p "$OMERO_DATA_DIR"
chown omero "$OMERO_DATA_DIR"

Create a database user and initialize a new database for OMERO:

echo "CREATE USER $OMERO_DB_USER PASSWORD '$OMERO_DB_PASS'" | \
    su - postgres -c psql
su - postgres -c "createdb -E UTF8 -O '$OMERO_DB_USER' '$OMERO_DB_NAME'"

psql -P pager=off -h localhost -U "$OMERO_DB_USER" -l

Installing OMERO.server

The following steps are run as the omero system user.

Download, unzip and configure OMERO. The rest of this walkthrough assumes the OMERO.server is installed into the home directory of the omero system user.

Note that this script requires the same environment variables that were set earlier in settings.env, so you may need to copy and/or source this file as the omero user.

You will need to install the server corresponding to your Ice version.

Install server-ice36.zip:

cd ~omero
SERVER=http://downloads.openmicroscopy.org/latest/omero5.2/server-ice36.zip
wget $SERVER -O OMERO.server-ice36.zip
unzip -q OMERO.server*

Configure:

ln -s OMERO.server-*/ OMERO.server
OMERO.server/bin/omero config set omero.data.dir "$OMERO_DATA_DIR"
OMERO.server/bin/omero config set omero.db.name "$OMERO_DB_NAME"
OMERO.server/bin/omero config set omero.db.user "$OMERO_DB_USER"
OMERO.server/bin/omero config set omero.db.pass "$OMERO_DB_PASS"
OMERO.server/bin/omero db script -f OMERO.server/db.sql --password "$OMERO_ROOT_PASS"
psql -h localhost -U "$OMERO_DB_USER" "$OMERO_DB_NAME" < OMERO.server/db.sql

Installing a web server

To Deploy OMERO.web, you can use either Nginx or Apache. Follow the steps to install your chosen web server.

Nginx

See also OMERO.web Nginx and Gunicorn deployment (Unix/Linux).

The following steps are run as root.

Install Nginx 1.8, copy the Nginx OMERO configuration file into the Nginx configuration directory, and disable the default configuration:

# The following is only required to install
# latest stable version of nginx
# Default will be 1.6.3 if not set
cat << EOF > /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/
gpgcheck=0
enabled=1
EOF

#install nginx
yum -y install nginx

pip install -r ~omero/OMERO.server/share/web/requirements-py27-nginx.txt

# set up as the omero user.
su - omero -c "bash -eux setup_omero_nginx.sh"

sed -i.bak -re 's/( default_server.*)/; #\1/' /etc/nginx/nginx.conf
mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.disabled
cp ~omero/OMERO.server/nginx.conf.tmp /etc/nginx/conf.d/omero-web.conf

systemctl enable nginx

systemctl start nginx

Apache

See also OMERO.web Apache and mod_wsgi deployment (Unix/Linux).

As the omero system user, configure OMERO.web:

OMERO.server/bin/omero config set omero.web.application_server wsgi
OMERO.server/bin/omero web config apache24 --http "$OMERO_WEB_PORT" > OMERO.server/apache.conf.tmp
OMERO.server/bin/omero web syncmedia

The following steps are run as root.

Install Apache 2.4 and copy the Apache OMERO configuration file into the Apache configuration directory:

yum -y install httpd mod_wsgi

# Install OMERO.web requirements
pip install -r ~omero/OMERO.server/share/web/requirements-py27-apache.txt

cp ~omero/OMERO.server/apache.conf.tmp /etc/httpd/conf.d/omero-web.conf

rm -rf /run/httpd/* /tmp/httpd*

systemctl enable httpd.service

systemctl start httpd

Running OMERO

The following steps are run as the omero system user.

OMERO should now be set up. To start the server run:

OMERO.server/bin/omero admin start

If you deploy with Nginx, to start the OMERO.web client run:

OMERO.server/bin/omero web start

The last command is not necessary if you deploy with Apache.

Nginx or Apache should already be running so you should be able to log in as the OMERO root user by going to http://localhost/ in your web browser. Please read the SELinux section below.

In addition some example systemd.service scripts are available should you wish to start OMERO and OMERO.web automatically:

cp omero-systemd.service /etc/systemd/system/omero.service

cp omero-web-systemd.service /etc/systemd/system/omero-web.service

systemctl daemon-reload

systemctl enable omero.service
systemctl enable omero-web.service

Securing OMERO

The following steps are run as root.

If multiple users have access to the machine running OMERO you should restrict access to OMERO.server’s configuration and runtime directories, and optionally the OMERO data directory:

chmod go-rwx ~omero/OMERO.server/etc ~omero/OMERO.server/var

# Optionally restrict access to the OMERO data directory
#chmod go-rwx "$OMERO_DATA_DIR"

Regular tasks

The following steps are run as root.

The default OMERO.web session handler uses temporary files to store sessions which should be deleted at regular intervals, for instance by creating a cron job:

OMERO_USER=omero
OMERO_SERVER=/home/omero/OMERO.server
su - ${OMERO_USER} -c "${OMERO_SERVER}/bin/omero web clearsessions"

Copy this script into the appropriate location:

cp omero-web-cron /etc/cron.daily/omero-web
chmod a+x /etc/cron.daily/omero-web

SELinux

The following steps are run as root.

If you are running a system with SELinux enabled and are unable to access OMERO.web you may need to adjust the security policy:

if [ $(getenforce) != Disabled ]; then
    yum -y install policycoreutils-python
    setsebool -P httpd_read_user_content 1
    setsebool -P httpd_enable_homedirs 1
    semanage port -a -t http_port_t -p tcp 4080
fi