Open Microscopy Environment

[rpoehlmann]

Hi Josh,

you are the hero, that worked!!!

To be more precise, I put it into etc/grid/template.xml file before the first target definition.
So, the whole section now reads:

Code: Select all

    <properties id="JavaServer">
        <!-- IPv6 is switched-off on this server, make Ice aware about this fact!  -->
        <property name="Ice.IPv6" value="0"/>
      <target name="adh">
        <property name="Ice.Default.Protocol" value="ssl"/>
        <property name="Ice.Plugin.IceSSL" value="IceSSL.PluginFactory"/>
        <property name="IceSSL.Ciphers" value="NONE (DH_anon)"/>
        <property name="IceSSL.VerifyPeer" value="0"/>
      </target>
      <target name="ssl">
        <property name="Ice.Default.Protocol" value="ssl"/>
        <property name="Ice.Plugin.IceSSL" value="IceSSL.PluginFactory"/>
        <property name="IceSSL.DefaultDir" value="etc/certs"/>
        <property name="IceSSL.CertFile" value="pubkey.pem"/>
        <property name="IceSSL.KeyFile" value="privkey.pem"/>
        <property name="IceSSL.CertAuthFile" value="ca.pem"/>
      </target>
    </properties>


At the moment, we have IPv6 switched-off on all our machines since we do not use it yet and occasionally saw strange secondary effects when having it enabled but not used. This is now the 1st case the other way around. Sorry, disabled IPv6 being the culprit did not come into my mind at all.

Would it be worth to mention this somewhere in the documentation? In particular since Ice34 apparently does not show this behavior/effect (our PROD server on OMERO5.0.2/Ice34/CentOS6.5 runs perfectly fine without this extra setting)?

Thanks a lot again for this excellent support.

Best,
-Rainer

[rleigh]

It would be useful to know exactly how you "switched off" IPv6 on your host. Ice should only be using IPv6 when it detects that the system supports IPv6, and this may indicate that it's not been fully disabled which might have broken the check?

Regards,
Roger

[rpoehlmann]

The official way as recommended by CentOS

http://wiki.centos.org/FAQ/CentOS6#head ... 10d41781df

/etc/sysctl.conf

Code: Select all

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1


including

Code: Select all

AddressFamily inet


in /etc/ssh/sshd_config (but which is irrelevant for Ice I assume)

Hope this helps, cheers,
-Rainer

[rleigh]

Thanks. This should be fine in theory!

[jmoore]

Rainer, glad to have helped. Two quick follow-ups (on top of Roger's):

• Your change to templates.xml will be lost when you upgrade, e.g., to 5.0.3. While dealing with another similar issue, I realized you should be able to use: bin/omero config set Ice.IPv6 0 to make a persistent setting. The only caveat is that it will apply to all services, not just Java, though in your case that would seem fine.
• I've added a section under "Troubleshooting" about this. Would you have expected/preferred an IP6 section directly on the installation page?

Thanks,
~Josh.

[rpoehlmann]

Hi Josh,
thanks for the input.

[*]Your change to templates.xml will be lost when you upgrade, e.g., to 5.0.3. While dealing with another similar issue, I realized you should be able to use: bin/omero config set Ice.IPv6 0 to make a persistent setting. The only caveat is that it will apply to all services, not just Java, though in your case that would seem fine.[/*]

When doing this as suggested

Code: Select all

./bin/omero config set 'Ice.IPv6 0'


The config then will look as follows:

Code: Select all

[omeronas@bc2-omerodev01 OMERO.server]$ ./bin/omero config get
Ice.IPv6=0
omero.data.dir=/export/omero/OMERO/
omero.db.gist=localhost
omero.db.name=omerodb_dev
omero.db.pass=**************
omero.db.poolsize=80
omero.db.user=omerouser
omero.ldap.base=OU=BIOPZ,OU=Institutes,DC=unibasel,DC=ads,DC=unibas,DC=ch
omero.ldap.config=true
omero.ldap.password=*************
omero.ldap.urls=ldap://unibasel.ads.unibas.ch:389
omero.ldap.user_mapping=omeName=sAMAccountName,firstName=givenName,lastName=sn,email=mail
omero.ldap.username=podldap@unibasel.ads.unibas.ch
omero.web.admins=[["Rainer Poehlmann", "rainer.poehlmann@unibas.ch"], ["Niko Ehrenfeuchter", "nikolaus.ehrenfeuchter@unibas.ch"]]
omero.web.application_server=fastcgi
omero.web.email_host=bc2-linux00.bc2.unibas.ch
omero.web.email_subject_prefix=OMERODEV@Biozentrum Notification:
omero.web.server_email=omerodev-biozentrum@unibas.ch
omero.web.server_list=[["omerodev.biozentrum.unibas.ch", 4064, "OMERODEV@BZ"]]
omero.web.webstart_host=[omerodev.biozentrum.unibas.ch]


OMERO services will start without any complaints, however I see a strange behavior for the OMERO web client that shows me an empty page or an error "the connection was reset" after I login?!? No further details I could figure out right know. Therefore I switched back to the "template.xml" variant.

Regarding the fact that changes will be overridden with the next update and have to be re-applied manually, I totally agree. However, the same is already true for other changes like Java Heap or PermGen adjustments. Or do I miss anything there?

[*]I've added a section under "Troubleshooting" about this. Would you have expected/preferred an IP6 section directly on the installation page?[/*]

Sorry to say, but I cannot find it? It's hard to judge where it should go. Maybe a remark on the installation page would be more obvious?
By the way, do you have any idea why this behavior is specific for Ice35 only and not for Ice34?

Thanks a lot,
-Rainer

[jmoore]

Code: Select all

./bin/omero config set 'Ice.IPv6 0'


You'll need to omit the quotes: bin/omero config set Ice.IPv6 0

Regarding the fact that changes will be overridden with the next update and have to be re-applied manually, I totally agree. However, the same is already true for other changes like Java Heap or PermGen adjustments. Or do I miss anything there?

No, that's true, but we're hoping to have the heap & permgen issues solved for 5.0.3 as well.

Sorry to say, but I cannot find it? It's hard to judge where it should go. Maybe a remark on the installation page would be more obvious?

Sorry, I should have pasted a link: https://www.openmicroscopy.org/site/support/omero5-staging/sysadmins/troubleshooting.html#server-fails-to-start

The docs haven't gone live yet, which is why you couldn't find them. But we'll look into altering the installation page as well.

Cheers,
~Josh.

P.S.

By the way, do you have any idea why this behavior is specific for Ice35 only and not for Ice34?

Not really, no. It's an Ice issue deep-down, so hopefully will be corrected in a future release.

[rpoehlmann]

You'll need to omit the quotes: bin/omero config set Ice.IPv6 0

Yep, works now as well (although from the "omero get config" output I do not see any difference between applying quotes around the KEY/VALUE pair or not). Maybe I had a small glitch with my browser (Chrome/Linux), it did require two force-reloads and now the page does show up as expected.

Sorry, I should have pasted a link: https://www.openmicroscopy.org/site/sup ... s-to-start

The docs haven't gone live yet, which is why you couldn't find them. But we'll look into altering the installation page as well.

Great!

Thanks a lot for all your help.
Cheers,
-Rainer