我使用这种方法在windows下通过putty成功了,但如果您使用AWS的Free Usage Tier,那么就不能用这种方法,因为这里使用的AMI中EBS为15G,而Free的EBS只有10G,问题很好解决,换个AMI就可以了。我使用的AMI ID是:ami-ac41b7c5,也可以在这里(http://thecloudmarket.com)找到更多的AMI。另外,使用Free版本的AMI在安装JDK时会遇到问题,建议使用64位的AMI,而不是32位的。
There
are a few good articles out there documenting how to get a headless
GeoServer box up, and some great documentation out there for Ubuntu on
AWS, but nothing covered exactly what I was trying to do in one place,
so I thought I’d document the steps necessary to get GeoServer running
on Ubuntu 10.4 (Lucid Lynx) hosted on Amazon Web Services.
N.B.
At the end of this you should have an Amazon Machine Instance running GeoServer suitable for playing around with. What you will
not
have is a strongly secured performance optimised GeoServer box – hopefully that will be covered in a following post.
This post also assumes you already have an Amazon Web Services account.
Creating our instance
I’ve
tried doing this setup with the default Fedora AMIs from Amazon, but I
haven’t used Redhat in a few years, and I’m more familiar with Ubuntu,
so the first step is to get a trusted Ubuntu instance to start from.
First step – grab an AMI with Ubuntu 10.4 – Ubuntu’s
Public Cloud Deployment documentation
lists the
Amazon EC2 published AMI’s
– I’ll be using the 32bit EBS image on the US West Coast (ami-cb97c68e
)
, as I’m just wanting a small instance (the 64bit are larger, and cost
more), I may want to be able to stop the instance without loosing it
completely, and as I’m in New Zealand, I suspect the US West Coast will
have lower latency than Singapore.
So, let’s create our Instance. Head over to Amazon Web Services
EC2 Console Dashboard
, and click
Launch Instance
.
- In the
Choose an AMI
tab, click
Community AMIs
, and enter
ami-cb97c68e
in the text box next to Viewing / All Images. - Press
Enter
, and the Ubuntu AMI
ami-cb97c68e
should be listed. ClickSelect
. - The
Instance Details
tab appears, you can leave the defaults selected here. Click
Continue
. - Under
Advanced Instance Options
, you may want to click
Enable CloudWatch Monitoring for this instance
, though note that this costs extra – you can leave this unchecked and add it later if you wish. Click
Continue
. - In the
Create Key Pair
tab, either select a preexisting key pair, or create a new pair. I’ll creating a new key pair called
geoserver
– enter
geoserver
in the
name for keypair
text box and click
Create and Download your Key Pair
. Save the
.pem
file to somewhere safe. - In the
Configure Firewall
tab, as we’ll be running GeoServer on top of Tomcat on port 8080, we’ll select
Create a new Security Group
. Name the Group, and add the following ports: HTTP (TCP, 80), and SSH
(TCP, 22). We’ll also need to add Tomcat (TCP, 8080), but we’ll need to
set this up as a custom rule later on. - Click
Continue
, and we’ll be at the
Review
tab. Check everything looks OK, and click
Launch
. You can now click
Close
, and click on the
x Security Group(s)
link under
My resources
. - Select the
GeoServer
security group we created earlier, and add the Tomcat rule (Connection Method:
Custom
, Protocol:
TCP
, From Port:
8080
, To Port:
8080
, Source (IP or Group):
0.0.0.0/0
). Click
Save
.
Within
a few minutes, the machine should be up and running on the web. Now we
need to connect to it and do some installation.First we need to get the
public DNS address of the machine:
- Go back to the
EC2 Console Dashboard
, and click on the
x Running Instance(s)
link under
My Resources
. - Right-click your new instance, and select
Connect
. - In the popup that appears, the public DNS will be listed – something likeec2-184-72-xx-xx.us-west-1.compute.amazonaws.com
.
Depending
on what platform you are using locally, there are two ways to connect.
(Well, actually there are loads, but I’ll focus on Windows and Ubuntu).
Connecting from an Ubuntu Linux box
- Locate your private key file,
geoserver.pem
- Use
chmod
to make sure your key file isn’t publicly viewable, ssh won’t work otherwise:
chmod 400 geoserver.pem - Connect to your instance using instance’s public DNS.
ssh -i geoserver.pem ubuntu@ec2-
184-72-xx-xx
.us-west-1.compute.amazonaws.com - Answer
yes
when warned about authenticity of the host and asked if you want to continue connecting. - You should see something like this:
leigh@deep-thought:~$ ssh -i geoserver.pem ubuntu@ec2-184-72-xx-xx
.us-west-1.compute.amazonaws.com
The authenticity of host 'ec2-184-72-xx-xx
.us-west-1.compute.amazonaws.com (184.72.xx.xx)' can't be established.
RSA key fingerprint is f5:f5:0c:2e:77:9f:6a:82:3a:33:8c:99:5a:65:e2:09.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'ec2-184-72-xx-xx
.us-west-1.compute.amazonaws.com,184.72.xx.xx' (RSA) to the list of known hosts.
Linux ip-10-160-43-6 2.6.32-305-ec2 #9-Ubuntu SMP Thu Apr 15 04:14:01 UTC 2010 i686 GNU/Linux
Ubuntu 10.04 LTSWelcome to Ubuntu!
* Documentation: https://help.ubuntu.com/System information as of Wed Jun 16 21:59:44 UTC 2010
System load: 0.06 Memory usage: 2% Processes: 54
Usage of /: 4.6% of 14.76GB Swap usage: 0% Users logged in: 0Graph this data and manage this system at https://landscape.canonical.com/
---------------------------------------------------------------------
At the moment, only the core of the system is installed. To tune the
system to your needs, you can choose to install one or more
predefined collections of software by running the following
command:sudo tasksel --section server
---------------------------------------------------------------------0 packages can be updated.
0 updates are security updates.The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.To run a command as administrator (user "root"), use "sudo ".
See "man sudo_root" for details.ubuntu@ip-10-160-43-6:~$
Connecting from a Windows box using PuTTY.
- PuTTY
doesn’t use
.pem
files for authentication – instead we need to create a PuTTY private key file (.ppk
) using the PuTTY Key Generator (PuTTYgen). A guide to doing this can be found
here
, but the steps required are.- Download and run
puttygen.exe
from the PuTTY
download page
. - Click
Conversions->Import Key Pair
, and select your
.pem
file. Click Save private key. You can password protect it at this point
if you like, however in my humble opinion, you probably don’t need to if
you treat this file with the same care as you would the
.pem
file. We’ll save the file as
geoserver.ppk
.
- Download and run
- Fire up PuTTY, and enter the public DNS in the
(Host Name or IP address)
text box. - In the Category tree, select
Connection->SSH->Auth
, and
Browse
for the
Private key for authentication
, selecting our newly created.ppk
file. - Go back to the
Session
category and save this session if you like, and then click
Open
. - Click
Yes
when warned about verifying the identity of the server, asked if you want to continue connecting. - Login as the user
ubuntu
. - You should see something like the following:
login as: ubuntu
Authenticating with public key "imported-openssh-key"
Linux ip-10-160-43-6 2.6.32-305-ec2 #9-Ubuntu SMP Thu Apr 15 04:14:01 UTC 2010 i686 GNU/Linux
Ubuntu 10.04 LTSWelcome to Ubuntu!
* Documentation: https://help.ubuntu.com/System information as of Wed Jun 16 22:32:12 UTC 2010
System load: 0.99 Memory usage: 2% Processes: 56
Usage of /: 4.6% of 14.76GB Swap usage: 0% Users logged in: 1Graph this data and manage this system at https://landscape.canonical.com/
---------------------------------------------------------------------
At the moment, only the core of the system is installed. To tune the
system to your needs, you can choose to install one or more
predefined collections of software by running the following
command:sudo tasksel --section server
---------------------------------------------------------------------0 packages can be updated.
0 updates are security updates.Last login: Wed Jun 16 21:59:45 2010 from xx-xx-xx-xx.dsl.sta.inspire.net.nz
To run a command as administrator (user "root"), use "sudo ".
See "man sudo_root" for details.ubuntu@ip-10-160-43-6:~$
Installing necessary packages
We’ve
now got a vanilla Ubuntu instance running, and we’re connected. Now
let’s install the packages necessary to get GeoServer up and running.
- From the terminal, execute the following:
- sudo apt-get install unzip lynx tomcat6 tomcat6-admin
- sudo vim /etc/default/tomcat6
Find, uncomment and modify the following lines:
JAVA_OPTS="-Djava.awt.headless=true -Xmx512
m"
TOMCAT6_SECURITY=no
- sudo vim /var/lib/tomcat6/conf/tomcat-users.xml
Modify to contain the following, substituting your own super strong
password. Be sure to remove any comment block surrounding the<tomcat-users>
section if one exists.
(Thanks to jvangeld)
<tomcat-users>
<role rolename="admin"/>
<role rolename="manager"/>
<role rolename="tomcat"/>
<user username="tomcat6
" password="some super strong password
" roles="admin,manager,tomcat"/>
</tomcat-users>
- sudo /etc/init.d/tomcat6 restart
- We’re now ready to login to Tomcat’s administration interface and install GeoServer.
- Download the Web Archive from GeoServer’s
Stable download page
. - Unzip the downloaded
.war.zip
file. - Browse
to your new instance’s tomcat administration interface, e.g.http://ec2-184-72-xx-xx.us-west-1.compute.amazonaws.com:8080/manager/html
- Log in using the
tomcat6
and
some super strong password
username and password combination specified earlier. - Under
WAR file to deploy
, upload the unzipped
geoserver.war
file you have just downloaded, and click
Deploy
.- This
file is about 40-50MB in size, so this step can take a while depending
on your connection speed. You’re waiting to see both the message
OK
in the top of the window, and
/geoserver
being listed under the
Applications
list on the
Tomcat Web Application Manager
.
- This
- Browse to your GeoServer instance, e.g. http://ec2-184-72-xx-xx.us-west-1.compute.amazonaws.com:8080/geoserver/web/
- To check things are OK, lets do a sanity check by clicking on
Layer Preview
link in the left hand pane. - At the bottom of the list of configured layers, there are some entries named
tasmania
,
spearfish
and
tiger-ny
, next to which are someOpenLayers
links. Click the
spearfish
link, and you should get a simple OpenLayers interface showing some test data. - Click on the
tiger-ny OpenLayers
link, and you should get a simple map of New York…- …except
you won’t – you’ll get a bunch of blank image tiles in an empty map.
This threw me for a bit, so I had to delve into the GeoServer error log.
You can skip to the solution below, but if you want to see where some
of the error information is logged, see the steps below.- Open up a terminal session to the server if necessary, and type the following:
vim /var/log/tomcat6/catalina.out
You should see, near the bottom of the log file, some telltale entries like the following:
16 Jun 23:29:42 ERROR [geoserver.ows] -
org.vfny.geoserver.wms.WmsException: org.vfny.geoserver.wms.WmsException:
Rendering process failed
at org.vfny.geoserver.wms.responses.GetMapResponse.execute(GetMapResponse.java:447)
...
...
Caused by: java.lang.Error:
Probable fatal error:No fonts found.
at sun.font.FontManager.getDefaultPhysicalFont(FontManager.java:1088)
at sun.font.FontManager.initialiseDeferredFont(FontManager.java:960) - Google
came to the
rescue
– this being a headless server, it has no fonts installed. - In order to find out what fonts Java is expecting, type the following:
vim /etc/java-6-openjdk/fontconfig.properties
- This yields the following line amongst others:
serif.plain.latin-1=DejaVu Serif
- Open up a terminal session to the server if necessary, and type the following:
- To install the missing DejaVu font:
sudo apt-get install ttf-dejavu
sudo /etc/init.d/tomcat6 restart - Try the New York map again, and you should get a map of Manhattan.
- …except
- Note
that the maps being displayed are non-tiled, and generated every
request. Click the small menu icon in the top left of the map to enable
tiled mapping (taking advantage of local caching), and change the map
canvas size.
Next steps
I’ve
kept this short so that it details the absolute minimum steps required
to get GeoServer up and running on an AWS Ubuntu instance.
So the next few bits – I need to get working are:
- Getting some base map data – ideally I’d like to get this fromOpenStreetMap
‘s OSM
export
facility, probably using
osm2pgsgl
. I haven’t got this working yet, so in the meantime, I’ll probably download some Shapefiles from the great
koordinates
repository, which has loads and loads of data, especially for New Zealand. - Running direct from PostGIS is going to be a better solution than from Shapefiles, and more manageable.
- Then, I need to import some TFW raster files, probably using something like GDAL.
- Making use of GeoWebCache to pre-render and cache map tiles on the server.
- Last, but not least, securing and optimising the installation.
Hopefully I will write up these steps in the coming weeks.