Hey All,
I hope this email finds you all well. My name is Krish Katariya and I have
been working on setting up Apache Airavata, and during this process I
encountered a lot of challenges but also a lot of insights into airavata
setup which I believe will be helpful to future new contributors who are
navigating similar issues. I also plan to update readmes and code in the
near future to fix some of these issues.
Here is a general list of tips:
First, when running mvn clean install, even though the ide-integration says
to use the develop branch, I recommend using the master branch since the
develop branch is several commits behind. Also, even if the readme says to
use java 8, I recommend java 17 as using java 8/11 causes many compilation
errors with maven.
If you encounter issues with running the API Server (especially errors with
entity files and open jpa errors) I recommend going to the directories
causing the errors and running mvn clean install, since this fixes a lot of
random errors for me.
Also, we can't use the keycloak jboss docker image anymore, and airavata
has migrated to a newer version of keycloak. I recommend changing the
keycloak section of the docker-compose file to this:
```
keycloak:
image: quay.io/keycloak/keycloak:24.0.0
environment:
- KEYCLOAK_ADMIN=admin
- KEYCLOAK_ADMIN_PASSWORD=admin
ports:
- "8080:8080"
- "8443:8443"
volumes:
-
./keycloak/Default-export.json:/opt/keycloak/data/import/Default-export.json
command:
- start-dev
- "--import-realm"
- "--hostname-strict=false"
```
You will also need to update the Default-export.json. Focus on: mapping
redirect uris correctly to airavata.host and keeping only pga-client.
When getting keycloak set up, I recommend using keycloak-upgrade branch of
the django portal repository rather than the main branch. This branch
doesn't have the settings_local.py file setup, so you will need to fill in
information as necessary. Access airavata.host:8080 and use admin, admin to
login into the keycloak portal. From here you may need to recreate the pga
client, and regenerate a new client id. Furthermore, focus on getting the
right keycloak URLs as the keycloak API url links have been updated.
Personally, these worked well for me:
KEYCLOAK_AUTHORIZE_URL = '
http://airavata.host:8080/realms/master/protocol/openid-connect/auth'
KEYCLOAK_TOKEN_URL = '
http://airavata.host:8080/realms/master/protocol/openid-connect/token'
KEYCLOAK_USERINFO_URL = '
http://airavata.host:8080/realms/master/protocol/openid-connect/userinfo'
KEYCLOAK_LOGOUT_URL = '
http://airavata.host:8080/realms/master/protocol/openid-connect/logout'
If you get SSL errors because Django and Keycloak don't have the right
matched versions, add this into
settings.py: os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'. Note this is
only for development purposes, otherwise you should setup SSL properly.
For windows users when setting up the django portal, you may need to update
scripts to work with Windows file system/directories. The build.js script
also may fail if your directory has spaces in it, but this is a quick fix.
These are most of the issues/fixes I encountered so far, I hope this helps
someone!
Krish Katariya
