# Simon: handover doc https://docs.google.com/document/d/1kT-uO0jE-3oLqiEgUe0wecND5B4kmTn_rAWIFXwtmDc/edit See also: - [index of currently useful docs](https://docs.google.com/document/d/1Z9Y1S5R40SPZjKreCRGeU7DH0alwmMPDkuhYoiB5Oqg/edit) - That along with the below, to be moved to wiki as the starting point for all docs - Starting points for "monitoring" et al. from the *user point of view* - All open PRs: https://github.com/pulls?q=is%3Aopen+is%3Apr+author%3Amanics+org%3Aome+org%3Aopenmicroscopy+org%3AIDR ## List of docs - OME Systems Resources IP list - https://docs.google.com/spreadsheets/d/1nnwd-JLnb37PWT9sDwkV0a-vb_IabS3c7bbtbmTI79Y/edit?usp=sharing - `VLAN 33` I think this is probably the old production external facing network, IPs assigned by UoD-IT. Needs cleaning up. - `VLAN 15` Current production external facing network, IPs assigned by UoD-IT, use this for external facing VMs (`10ge Servers` subnet), requires Help4u ticket to open ports on the external firewall - `10.2.1.0/24` Old - `10.2.1.128/29` Old - `10.0.48.0/21` We have ownership of this subnet so use this for new internal VMs (`ome-idr-docker` subnet) - List of all JRS VMware guests (UoD and OME VMware clusters) - https://docs.google.com/spreadsheets/d/1NQl7fhcgpbDqMAbxVZ1VE_cqbg9c8ZDxSx2yWb0aOVM/edit?usp=sharing - Creating a new VM: on the OME VMWare cluster - https://docs.openmicroscopy.org/internal/sysadmin/provisioning/index.html - GPFS management - https://github.com/openmicroscopy/management_tools/wiki/GPFS-%28IBM-Spectrum-Scale%29-Storage - Expanding disk volumes on VMs - https://github.com/openmicroscopy/management_tools/wiki/Resizing-LVM-partitions - IDR usage stats - https://github.com/openmicroscopy/management_tools/wiki/IDR-usage-stats ## Random sysadmin notes - Recent VMs have an emergency local `omeroot` user with ssh access and sudo privileges which is automatically created by the Kickstart file when the system is provisioned. Try one of the passwords in `pass search omeroot` ## LSC contacts - Jonathan Downward (day to day LSC issues, can contact on Teams) ## Monitoring and stats ### UoD Prometheus and Grafana: - https://github.com/openmicroscopy/management_tools/wiki/Monitoring#ome-uod-prometheus-and-grafana - e.g. Registry hits by IP https://ome-dockr-prod1.openmicroscopy.org/grafana/d/0yuEtlPZk/registry-ips-by-component?orgId=1 ### IDR/EBI - https://github.com/IDR/deployment/blob/master/docs/monitoring.md - https://github.com/openmicroscopy/management_tools/wiki/IDR-usage-stats ## External resources: - OMERO.server Prometheus exporter port: https://github.com/prometheus/prometheus/wiki/Default-port-allocations - conda-forge zeroc-ice: - https://github.com/conda-forge/zeroc-ice-feedstock - Ongoing maintenance https://github.com/conda-forge/zeroc-ice-feedstock/pull/11#issuecomment-757370161 - conda-forge omero-py: - https://github.com/conda-forge/staged-recipes/pull/13028 ## GitHub Repositories Transferred to https://github.com/microscopepony and OME admins added ### Python - https://github.com/microscopepony/omero-cli-externalconfig Configure OMERO using environment variables, YAML, and JSON files - https://github.com/microscopepony/omero-server-setup OMERO server setup and database management plugin - https://github.com/microscopepony/omero-cli-database Manage the OMERO.server PostgreSQL database :green_apple: - https://github.com/microscopepony/omero-asyncio OMERO-py client and services that works with asyncio - https://github.com/microscopepony/fs-omero-pyfs OMERO PyFileSystem2 implementation - https://github.com/microscopepony/omero-mapr-graphql An experiment in querying OMERO.mapr IDR metadata using GraphQL - https://github.com/microscopepony/omero-server-jupyter Run OMERO inside Jupyter - https://github.com/microscopepony/omero-idirector https://gitlab.com/openmicroscopy/incubator/omero-idirector - https://github.com/microscopepony/omero-shrtn https://gitlab.com/openmicroscopy/incubator/omero-shrtn - https://github.com/microscopepony/omero-superresolution-tables Can't remember - https://github.com/microscopepony/omero-mpcli Run OMERO python scripts using multiprocessing - https://github.com/microscopepony/omero_copy An attempt at copying images between servers ### Conda - https://github.com/microscopepony/conda-omero-server OMERO.server Conda package - https://github.com/microscopepony/conda-omero-server-setup A Conda package for the OMERO server setup CLI plugin - https://github.com/microscopepony/conda-omero-dropbox A Conda package for OMERO.dropbox - https://github.com/microscopepony/conda-zeroc-ice36 A Conda package for Zeroc Ice 3.6 binaries compatible with OMERO - https://github.com/microscopepony/conda-zeroc-ice-bin A Conda package for Zeroc Ice binaries and Java compatible with OMERO (alternative to the previous repo) - https://github.com/microscopepony/conda-omero-web A Conda package for OMERO.web - https://github.com/microscopepony/conda-whitenoise - https://github.com/microscopepony/conda-django-pipeline A Conda package for django-pipeline for use with OMERO.web - https://github.com/microscopepony/conda-omero-marshal A Conda package for OMERO.marshal - https://github.com/microscopepony/conda-libdb53 libdb53 (needed for Ice binaries) - https://github.com/microscopepony/conda-django A Conda package for Django for use wth OMERO.web ### Docker - https://github.com/manics/jupyter-omero-contents Jupyter OMERO ContentsManager Docker image - https://github.com/microscopepony/docker-example-omero-certificates OMERO.server self-signed certificates (docker-compose) - https://github.com/microscopepony/omerodev-docker Not sure - https://github.com/microscopepony/omero-py-alpine-docker Minimal OMERO.py images based on Alpine Linux ### Jupyter - https://github.com/microscopepony/jupyter-omero-authenticator Jupyter OMERO Authenticator - https://github.com/microscopepony/ome-sysops-notebooks Not much - https://github.com/microscopepony/centos-systemd-jupyter-notebook Notebook for running bash in JupyterHub with a CentOS 7 System image ### IDR notebooks - https://github.com/microscopepony/idr-count-publications Count publications in the IDR - https://github.com/microscopepony/idr-release-stats IDR Release Stats - https://github.com/microscopepony/idr-montage IDR Montage - https://github.com/microscopepony/idr0083-sars-cov2-notebook Zoomable idr0083 image - https://github.com/microscopepony/idr0015-tara-oceans-geospatial IDR Tara oceans plot ### Old IDR - https://github.com/microscopepony/idr-terraform Something to do with Terraform - https://github.com/microscopepony/idr-data-munging Mentions Sysgro... - https://github.com/microscopepony/idr-upload-js-s3-explorer Don't think this works ### Other - https://github.com/microscopepony/omero-veewee-definitions Something to do with the old OMERO VirtualBox image - https://github.com/microscopepony/ome-veewee Something to do with the old OMERO VirtualBox image - https://github.com/microscopepony/alternative-storage One of the first things I worked on in OME - https://github.com/microscopepony/ome-docker-scripts No idea ### Not transferred - https://github.com/manics/kubernetes-omero OMERO Helm chart, linked to GitHub pages - https://github.com/manics/ome-distribution-specific-pypi Something about attempting to create a static PyPI server with multiple wheels for Ice, linked to GitHub pages - https://github.com/manics/github-batch-updater GitHub Batch Updater ## Gists Copy these if you want them in case I clean them up in future - OME2020 video access logs https://gist.github.com/manics/3140a630ab7d87fcee88397ccc0966cf - Grafana OME registry IP query https://gist.github.com/manics/bf6e5a554d956aef6c6617d2589d60ed - Example of creating Celery Docker tasks in OMERO https://gist.github.com/manics/a8a1a62fc3e835cfb09b45b1d584271b - OMERO.server Virtual Machine Image https://gist.github.com/manics/036e7cfdf2d3ca2b4113511c86b78f38 - MinIO Security Token Service (STS) for temporary S3 path restricted access tokens https://gist.github.com/manics/305f4cc56d0ac6431893cde17b1ba8c4 - also see https://github.com/ome/omero-ms-zarr/blob/7b02d060faf0df168b8a868adae9834118351fb3/src/test/java/org/openmicroscopy/s3/TestTokenCreator.java ## Outstanding OME infrastructure issues - Some of our VMWare hypervisors may need a networking configuration fix before VMs can be successfully run on them. - The OME managed GPFS clients (nightshade, idr0-slot3) need a [GPFS upgrade](https://github.com/openmicroscopy/management_tools/pull/975). - VMs running CentOS 6 are EOL and should be deleted (or replaced). - Some VMs are still hosted on UoD VMWare shared hypervisors instead of our own (mostly the CentOS 6 ones but may be others) - ns-web.openmicroscopy.org (Nightshade OMERO.web) VM should be deleted, and OMERO.web installed on nightshade instead, this is leftover from when OMERO.web required CentOS7 but nightshade was still on CentOS 6 - Replace plaintext secrets in https://github.com/openmicroscopy/management_tools/ with credentials in `pass`, most of this is from either using K8S which didnt' integrate with pass, or due to playbooks run by Petr requiring some secrets - [OME Systems Resources](https://docs.google.com/spreadsheets/d/1nnwd-JLnb37PWT9sDwkV0a-vb_IabS3c7bbtbmTI79Y/edit#gid=1946775410) Google doc, Ansible inventory, Google docs for each servers, etc, need a clean-up or unification. - Replace demo server with the training-server playbook (the outreach playbook is newer and tested in molecule) - Consider replacing the nightshade playbook with the training-server playbook to make maintainance easier - pg-slave.openmicroscopy.org and ome-web-prod.openmicroscopy.org are running an old version of PostgreSQL (9.3) - ome-web-prod.openmicroscopy.org is a public production web-server running CentOS 6 which is EOL and therefore unpatched - UoD-IT are moving towards supporting use of AWS. Probably worth moving some infrastructure there if you get fed up of provisioning on VMWare. - Consider moving all public web servers behind a single web-proxy configured with virtualhosts - IDR is still running 5.6.0 due to the BioFormats memo change in 5.6.1+