OMERO.server installation on CentOS 6 with Python 2.7¶
This is an example walkthrough for installing OMERO on CentOS 6 with Python 2.7, using a dedicated system user, and should be read in conjunction with OMERO.server installation and OMERO.web administration. You can use this as a guide for setting up your own test server. For production use you should also read the pages listed under Optimizing Server Configuration.
Running OMERO on CentOS 6 has a number of special requirements which
deviate from the standard installation instructions. The instructions
below will set up Python 2.7 and Ice 3.6 on CentOS 6.
We tested the installation with Python 2.7 from IUS
and used a virtual environment
to install the various dependencies required to install an OMERO.server.
It is also possible to use SCL Python (for example
walkthrough_centos6_py27.sh)
but such solution could have potential side effects.
This guide describes how to install the recommended versions, not all the supported versions. This should be read in conjunction with Version requirements.
Warning
CentOS 6 is deprecated, CentOS 7 is preferable for new installations; see OMERO.server installation on CentOS 7.
Setting up¶
Python 2.7¶
CentOS 6 provides Python 2.6. However, OMERO.web requires Python 2.7 in order to use Django 1.8. While Django 1.6 may be used with Python 2.6, this version of Django no longer has security support. In consequence, it is necessary to upgrade to Python 2.7 in order to obtain Django security updates, which are required for a production deployment.
Ice 3.6¶
With Ice 3.6, the Python bindings are provided separately.
This allows to install the RPM packages provided by ZeroC for CentOS 6.
Then run pip install zeroc-ice to install the Ice Python bindings if
your package manager does not provide the Ice python packages.
See Using the Python Distribution
for further details.
Installing prerequisites¶
The following steps are run as root.
Install Java 1.8, Ice 3.6 and PostgreSQL 9.6:
To install Java 1.8 and other dependencies:
# epel-release will be pulled as a dependency
yum -y install https://centos6.iuscommunity.org/ius-release.rpm
# installed for convenience
yum -y install unzip wget tar bc
# install Java
yum -y install java-1.8.0-openjdk
# install dependencies
yum -y install \
python27 \
python27-devel \
python27-yaml \
python27-jinja2 \
hdf5-devel
yum -y install libjpeg-devel zlib-devel
# install pip and virtualenv using Python 2.6
yum -y install python-pip
pip install --upgrade virtualenv
#if virtualenv is not installed (unlikely)
#yum -y install python27-pip
#pip2.7 install virtualenv
# TODO: this installs a lot of unecessary packages:
yum -y groupinstall "Development Tools"
export PYTHONWARNINGS="ignore:Unverified HTTPS request"
To install Ice 3.6:
curl -sL https://zeroc.com/download/Ice/3.6/el6/zeroc-ice3.6.repo > \
/etc/yum.repos.d/zeroc-ice3.6.repo
yum -y install gcc-c++
yum -y install db53 db53-utils
yum -y install ice-all-runtime ice-all-devel
yum -y install openssl-devel bzip2-devel expat-devel
virtualenv -p /usr/bin/python2.7 /home/omero/omeroenv
set +u
source /home/omero/omeroenv/bin/activate
set -u
/home/omero/omeroenv/bin/pip2.7 install "zeroc-ice>3.5,<3.7"
deactivate
To install PostgreSQL 9.6:
# install Postgres
# Postgres, reconfigure to allow TCP connections
yum -y install http://yum.postgresql.org/9.6/redhat/rhel-6-x86_64/pgdg-centos96-9.6-3.noarch.rpm
yum -y install postgresql96-server postgresql96
service postgresql-9.6 initdb
sed -i.bak -re 's/^(host.*)ident/\1md5/' /var/lib/pgsql/9.6/data/pg_hba.conf
chkconfig postgresql-9.6 on
service postgresql-9.6 start
The remaining dependencies will be installed in a virtual environment:
# Install the OMERO dependencies in a virtual environment
# Create virtual env.
# -p only required if virtualenv has been installed with python 2.6
virtualenv -p /usr/bin/python2.7 /home/omero/omeroenv
set +u
source /home/omero/omeroenv/bin/activate
set -u
/home/omero/omeroenv/bin/pip install --upgrade pip
/home/omero/omeroenv/bin/pip2.7 install -r requirements_centos6_py27_ius.txt
deactivate
See requirements_centos6_py27_ius.txt
Create an omero system user, and a directory for the OMERO repository:
useradd -m omero
chmod a+X ~omero
mkdir -p "$OMERO_DATA_DIR"
chown omero "$OMERO_DATA_DIR"
Create a database user and initialize a new database for OMERO:
echo "CREATE USER $OMERO_DB_USER PASSWORD '$OMERO_DB_PASS'" | su - postgres -c psql
su - postgres -c "createdb -E UTF8 -O '$OMERO_DB_USER' '$OMERO_DB_NAME'"
psql -P pager=off -h localhost -U "$OMERO_DB_USER" -l
The following settings will need adding to your OMERO startup script
or to the omero user’s environment (for example in a shell startup
script). Add the absolute path to the bin directory of
the virtual environment /home/omero/omeroenv to the PATH
variable:
echo "export PATH=\"/home/omero/omeroenv/bin:$PATH\"" >> ~omero/.bashrc
These settings will enable Python 2.7, and set the necessary environment variables for Ice 3.6 to work.
Installing NGINX¶
The following steps are run as the omero system user.
cat << EOF > /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/
gpgcheck=0
enabled=1
EOF
yum -y install nginx
Install OMERO.server¶
The following steps are run as the omero system user.
Download, unzip and configure OMERO. The rest of this walkthrough assumes the OMERO.server is installed into the home directory of the omero system user.
Note that this script requires the same environment variables that were set earlier in settings.env, so you may need to copy and/or source this file as the omero user.
You will need to install the server corresponding to your Ice version.
Install server-ice36.zip:
cd ~omero
SERVER=https://downloads.openmicroscopy.org/latest/omero5/server-ice36.zip
wget $SERVER -O OMERO.server-ice36.zip
unzip -q OMERO.server*
Configure:
ln -s OMERO.server-*/ OMERO.server
OMERO.server/bin/omero config set omero.data.dir "$OMERO_DATA_DIR"
OMERO.server/bin/omero config set omero.db.name "$OMERO_DB_NAME"
OMERO.server/bin/omero config set omero.db.user "$OMERO_DB_USER"
OMERO.server/bin/omero config set omero.db.pass "$OMERO_DB_PASS"
OMERO.server/bin/omero db script -f OMERO.server/db.sql --password "$OMERO_ROOT_PASS"
psql -h localhost -U "$OMERO_DB_USER" "$OMERO_DB_NAME" < OMERO.server/db.sql
Configuring OMERO.web¶
The following steps are run as the omero system user.
When following this section you can
either use your own values, or alternatively
source settings-web.env:
WEBPORT=80
export WEBPORT
Install other OMERO.web dependencies using pip:
/home/omero/omeroenv/bin/pip2.7 install -r OMERO.server/share/web/requirements-py27.txt
Configure and create the NGINX OMERO configuration file:
OMERO.server/bin/omero config set omero.web.application_server wsgi-tcp
OMERO.server/bin/omero web config nginx --http "$WEBPORT" > OMERO.server/nginx.conf.tmp
For more customization, please read Customizing your OMERO.web installation.
Configuring NGINX¶
The following steps are run as root.
Copy the generated configuration file into the NGINX configuration directory, disable the default configuration and start NGINX:
mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.disabled
cp OMERO.server/nginx.conf.tmp /etc/nginx/conf.d/omero-web.conf
service nginx start
Running OMERO.server¶
The following steps are run as the omero system user.
OMERO should now be set up. To start the server run:
OMERO.server/bin/omero admin start
Please read the SELinux section below.
In addition omero-systemd.service
is available should you wish to start OMERO automatically.
Running OMERO.web¶
The following steps are run as the omero system user.
To start the OMERO.web client run:
OMERO.server/bin/omero web start
NGINX should already be running so you should be able to log in as the OMERO root user by going to http://localhost/ in your web browser.
In addition omero-web-systemd.service is available should you wish to start OMERO.web automatically.
Securing OMERO¶
The following steps are run as root.
If multiple users have access to the machine running OMERO you should restrict access to OMERO.server’s configuration and runtime directories, and optionally the OMERO data directory:
chmod go-rwx OMERO.server/etc OMERO.server/var
# Optionally restrict access to the OMERO data directory
# chmod go-rwx "$OMERO_DATA_DIR"
Regular tasks¶
The following steps are run as root.
The default OMERO.web session handler uses temporary files to store sessions which should be deleted at regular intervals, for instance by creating a cron job:
OMERO_USER=omero
OMERO_SERVER=/home/omero/OMERO.server
su - ${OMERO_USER} -c "${OMERO_SERVER}/bin/omero web clearsessions"
Copy the following commands into the appropriate location:
cp omero-web-cron /etc/cron.daily/omero-web
chmod a+x /etc/cron.daily/omero-web
SELinux¶
The following steps are run as root.
If you are running a system with SELinux enabled (it is enabled by default on CentOS 6) and are unable to access OMERO.web you may need to adjust the security policy:
if [ $(getenforce) != Disabled ]; then
yum -y install policycoreutils-python
setsebool -P httpd_read_user_content 1
setsebool -P httpd_enable_homedirs 1
semanage port -a -t http_port_t -p tcp 4080
fi
Installing Web apps¶
The following steps are run as root.
It is possible to add Web applications to OMERO. If your app required some extra Python packages installed
using pip, those packages should be also installed in the virtual environment. For example,
OMERO.figure requires reportlab and markdown:
virtualenv -p /usr/bin/python2.7 /home/omero/omeroenv
source /home/omero/omeroenv/bin/activate
/home/omero/omeroenv/bin/pip2.7 install reportlab markdown
