Tag Archives: GeoServer

Installing a headless GeoServer on Ubuntu 10.4 on Amazon Web Services – part 1

There are a few good articles out there documenting how to get a headless GeoServer box up, and some great documentation out there for Ubuntu on AWS, but nothing covered exactly what I was trying to do in one place, so I thought I’d document the steps necessary to get GeoServer running on Ubuntu 10.4 (Lucid Lynx) hosted on Amazon Web Services.

N.B. At the end of this you should have an Amazon Machine Instance running GeoServer suitable for playing around with. What you will not have is a strongly secured performance optimised GeoServer box – hopefully that will be covered in a following post.

This post also assumes you already have an Amazon Web Services account.

Creating our instance

I’ve tried doing this setup with the default Fedora AMIs from Amazon, but I haven’t used Redhat in a few years, and I’m more familiar with Ubuntu, so the first step is to get a trusted Ubuntu instance to start from.

First step – grab an AMI with Ubuntu 10.4 – Ubuntu’s Public Cloud Deployment documentation lists the Amazon EC2 published AMI’s – I’ll be using the 32bit EBS image on the US West Coast (ami-cb97c68e), as I’m just wanting a small instance (the 64bit are larger, and cost more), I may want to be able to stop the instance without loosing it completely, and as I’m in New Zealand, I suspect the US West Coast will have lower latency than Singapore.

So, let’s create our Instance. Head over to Amazon Web Services EC2 Console Dashboard, and click Launch Instance.

  • In the Choose an AMI tab, click Community AMIs, and enter ami-cb97c68e in the text box next to Viewing / All Images.
  • Press Enter, and the Ubuntu AMI ami-cb97c68e should be listed. Click Select.
  • The Instance Details tab appears, you can leave the defaults selected here. Click Continue.
  • Under Advanced Instance Options,  you may want to click Enable CloudWatch Monitoring for this instance, though note that this costs extra – you can leave this unchecked and add it later if you wish. Click Continue.
  • In the Create Key Pair tab, either select a preexisting key pair, or create a new pair. I’ll creating a new key pair called geoserver – enter geoserver in the name for keypair text box and click Create and Download your Key Pair. Save the .pem file to somewhere safe.
  • In the Configure Firewall tab, as we’ll be running GeoServer on top of Tomcat on port 8080, we’ll select Create a new Security Group. Name the Group, and add the following ports: HTTP (TCP, 80), and SSH (TCP, 22). We’ll also need to add Tomcat (TCP, 8080), but we’ll need to set this up as a custom rule later on.
  • Click Continue, and we’ll be at the Review tab. Check everything looks OK, and click Launch. You can now click Close, and click on the x Security Group(s) link under My resources.
  • Select the GeoServer security group we created earlier, and add the Tomcat rule (Connection Method: Custom, Protocol: TCP, From Port: 8080, To Port: 8080, Source (IP or Group): 0.0.0.0/0). Click Save.

Within a few minutes, the machine should be up and running on the web. Now we need to connect to it and do some installation.First we need to get the public DNS address of the machine:

  • Go back to the EC2 Console Dashboard, and click on the x Running Instance(s) link under My Resources.
  • Right-click your new instance, and select Connect.
  • In the popup that appears, the public DNS will be listed – something like ec2-184-72-xx-xx.us-west-1.compute.amazonaws.com.

Depending on what platform you are using locally, there are two ways to connect. (Well, actually there are loads, but I’ll focus on Windows and Ubuntu).

Connecting from an Ubuntu Linux box

  • Locate your private key file, geoserver.pem
  • Use chmod to make sure your key file isn’t publicly viewable, ssh won’t work otherwise:
    chmod 400 geoserver.pem
  • Connect to your instance using instance’s public DNS.
    ssh -i geoserver.pem ubuntu@ec2-184-72-xx-xx.us-west-1.compute.amazonaws.com
  • Answer yes when warned about authenticity of the host and asked if you want to continue connecting.
  • You should see something like this:

leigh@deep-thought:~$ ssh -i geoserver.pem ubuntu@ec2-184-72-xx-xx.us-west-1.compute.amazonaws.com
The authenticity of host 'ec2-184-72-xx-xx.us-west-1.compute.amazonaws.com (184.72.xx.xx)' can't be established.
RSA key fingerprint is f5:f5:0c:2e:77:9f:6a:82:3a:33:8c:99:5a:65:e2:09.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ec2-184-72-xx-xx.us-west-1.compute.amazonaws.com,184.72.xx.xx' (RSA) to the list of known hosts.
Linux ip-10-160-43-6 2.6.32-305-ec2 #9-Ubuntu SMP Thu Apr 15 04:14:01 UTC 2010 i686 GNU/Linux
Ubuntu 10.04 LTS

Welcome to Ubuntu!
* Documentation: https://help.ubuntu.com/

System information as of Wed Jun 16 21:59:44 UTC 2010

System load: 0.06 Memory usage: 2% Processes: 54
Usage of /: 4.6% of 14.76GB Swap usage: 0% Users logged in: 0

Graph this data and manage this system at https://landscape.canonical.com/
---------------------------------------------------------------------
At the moment, only the core of the system is installed. To tune the
system to your needs, you can choose to install one or more
predefined collections of software by running the following
command:

sudo tasksel --section server
---------------------------------------------------------------------

0 packages can be updated.
0 updates are security updates.

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

To run a command as administrator (user "root"), use "sudo ".
See "man sudo_root" for details.

ubuntu@ip-10-160-43-6:~$

Connecting from a Windows box using PuTTY.

  • PuTTY doesn’t use .pem files for authentication – instead we need to create a PuTTY private key file (.ppk) using the PuTTY Key Generator (PuTTYgen). A guide to doing this can be found here, but the steps required are.
    • Download and run puttygen.exe from the PuTTY download page.
    • Click Conversions->Import Key Pair, and select your .pem file. Click Save private key. You can password protect it at this point if you like, however in my humble opinion, you probably don’t need to if you treat this file with the same care as you would the .pem file. We’ll save the file as geoserver.ppk.
  • Fire up PuTTY, and enter the public DNS in the (Host Name or IP address) text box.
  • In the Category tree, select Connection->SSH->Auth, and Browse for the Private key for authentication, selecting our newly created.ppk file.
  • Go back to the Session category and save this session if you like, and then click Open.
  • Click Yes when warned about verifying the identity of the server, asked if you want to continue connecting.
  • Login as the user ubuntu.
  • You should see something like the following:

login as: ubuntu
Authenticating with public key "imported-openssh-key"
Linux ip-10-160-43-6 2.6.32-305-ec2 #9-Ubuntu SMP Thu Apr 15 04:14:01 UTC 2010 i686 GNU/Linux
Ubuntu 10.04 LTS

Welcome to Ubuntu!
* Documentation: https://help.ubuntu.com/

System information as of Wed Jun 16 22:32:12 UTC 2010

System load: 0.99 Memory usage: 2% Processes: 56
Usage of /: 4.6% of 14.76GB Swap usage: 0% Users logged in: 1

Graph this data and manage this system at https://landscape.canonical.com/
---------------------------------------------------------------------
At the moment, only the core of the system is installed. To tune the
system to your needs, you can choose to install one or more
predefined collections of software by running the following
command:

sudo tasksel --section server
---------------------------------------------------------------------

0 packages can be updated.
0 updates are security updates.

Last login: Wed Jun 16 21:59:45 2010 from xx-xx-xx-xx.dsl.sta.inspire.net.nz
To run a command as administrator (user "root"), use "sudo ".
See "man sudo_root" for details.

ubuntu@ip-10-160-43-6:~$

Installing necessary packages

We’ve now got a vanilla Ubuntu instance running, and we’re connected. Now let’s install the packages necessary to get GeoServer up and running.

  • From the terminal, execute the following:
  • sudo apt-get install unzip lynx tomcat6 tomcat6-admin
  • sudo vim /etc/default/tomcat6
    Find, uncomment and modify the following lines:

JAVA_OPTS="-Djava.awt.headless=true -Xmx512m"
TOMCAT6_SECURITY=no

  • sudo vim /var/lib/tomcat6/conf/tomcat-users.xml
    Modify to contain the following, substituting your own super strong password. Be sure to remove any comment block surrounding the <tomcat-users> section if one exists. (Thanks to jvangeld)

<tomcat-users>
<role rolename="admin"/>
<role rolename="manager"/>
<role rolename="tomcat"/>
<user username="tomcat6" password="some super strong password" roles="admin,manager,tomcat"/>
</tomcat-users>

  • sudo /etc/init.d/tomcat6 restart
  • We’re now ready to login to Tomcat’s administration interface and install GeoServer.
  • Download the Web Archive from GeoServer’s Stable download page.
  • Unzip the downloaded .war.zip file.
  • Browse to your new instance’s tomcat administration interface, e.g. http://ec2-184-72-xx-xx.us-west-1.compute.amazonaws.com:8080/manager/html
  • Log in using the tomcat6 and some super strong password username and password combination specified earlier.
  • Under WAR file to deploy, upload the unzipped geoserver.war file you have just downloaded, and click Deploy.
    • This file is about 40-50MB in size, so this step can take a while depending on your connection speed. You’re waiting to see both the message OK in the top of the window, and /geoserver being listed under the Applications list on the Tomcat Web Application Manager.
  • Browse to your GeoServer instance, e.g. http://ec2-184-72-xx-xx.us-west-1.compute.amazonaws.com:8080/geoserver/web/
  • To check things are OK, lets do a sanity check by clicking on Layer Preview link in the left hand pane.
  • At the bottom of the list of configured layers, there are some entries named tasmania, spearfish and tiger-ny, next to which are some OpenLayers links. Click the spearfish link, and you should get a simple OpenLayers interface showing some test data.
  • Click on the tiger-ny OpenLayers link, and you should get a simple map of New York…
    • …except you won’t – you’ll get a bunch of blank image tiles in an empty map. This threw me for a bit, so I had to delve into the GeoServer error log. You can skip to the solution below, but if you want to see where some of the error information is logged, see the steps below.
      • Open up a terminal session to the server if necessary, and type the following:

        vim /var/log/tomcat6/catalina.out

        You should see, near the bottom of the log file, some telltale entries like the following:

        16 Jun 23:29:42 ERROR [geoserver.ows] -
        org.vfny.geoserver.wms.WmsException: org.vfny.geoserver.wms.WmsException: Rendering process failed
        at org.vfny.geoserver.wms.responses.GetMapResponse.execute(GetMapResponse.java:447)
        ...
        ...
        Caused by: java.lang.Error: Probable fatal error:No fonts found.
        at sun.font.FontManager.getDefaultPhysicalFont(FontManager.java:1088)
        at sun.font.FontManager.initialiseDeferredFont(FontManager.java:960)

      • Google came to the rescue – this being a headless server, it has no fonts installed.
      • In order to find out what fonts Java is expecting, type the following:

        vim /etc/java-6-openjdk/fontconfig.properties

      • This yields the following line amongst others:

        serif.plain.latin-1=DejaVu Serif

    • To install the missing DejaVu font:

      sudo apt-get install ttf-dejavu
      sudo /etc/init.d/tomcat6 restart

    • Try the New York map again, and you should get a map of Manhattan.
  • Note that the maps being displayed are non-tiled, and generated every request. Click the small menu icon in the top left of the map to enable tiled mapping (taking advantage of local caching), and change the map canvas size.

Next steps

I’ve kept this short so that it details the absolute minimum steps required to get GeoServer up and running on an AWS Ubuntu instance.

So the next few bits – I need to get working are:

  • Getting some base map data – ideally I’d like to get this from OpenStreetMap‘s OSM export facility, probably using osm2pgsgl. I haven’t got this working yet,  so in the meantime, I’ll probably download some Shapefiles from the great koordinates repository, which has loads and loads of data, especially for New Zealand.
  • Running direct from PostGIS is going to be a better solution than from Shapefiles, and more manageable.
  • Then, I need to import some TFW raster files, probably using something like GDAL.
  • Making use of GeoWebCache to pre-render and cache map tiles on the server.
  • Last, but not least, securing and optimising the installation.

Hopefully I will write up these steps in the coming weeks.

Some other useful references:

Advertisements

7 Comments

Filed under Uncategorized