Mentions légales du service

Skip to content
Snippets Groups Projects
Commit 1de7ad86 authored by Nabila Aazibou-el-gerrab's avatar Nabila Aazibou-el-gerrab
Browse files

update proxy doc

parent 065a01b4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 48 additions and 143 deletions
Proxy/installation.md
+ 48
143
View file @ 1de7ad86
......@@ -13,22 +13,16 @@ customer: IHE-EUROPE
# Introduction
Proxy is the part of the Gazelle testbed which is used to capture the messages exchanged between two systems under test.
Proxy is a component that used to capture the messages exchanged between two systems under test.
This tool is also bind to the EVSClient in order to validate the messages stored in the Proxy in a very simple way.
As for the other tools, the proxy is an open source project and its sources are available at
[*https://gitlab.inria.fr/gazelle/public/core/proxy-v7.git*](https://gitlab.inria.fr/gazelle/public/core/proxy-v7.git).
You can download the latest gazelle-proxy.ear in nexus
[*http://gazelle.ihe.net/nexus/index.html#nexus-search;quick~gazelle-proxy.ear*](http://gazelle.ihe.net/nexus/index.html#nexus-search;quick~gazelle-proxy.ear)
# Channel Socket Service (Version 6.0.0 and higher)
# Channel Socket Service (Version 2.0.0 and higher)
  • Achraf Achkari @x-AAchka ·
    Owner

    it's no longer called channel socket service, but "proxy" as application

  • Please register or sign in to reply
## Introduction
The Proxy 6 has externalized the low level operations of the channels in a dedicated service based on Netty 4.
This service is called the Channel Socket Service.
The Proxy 2.0.0 has externalized the low level operations of the channels in a dedicated service based on Netty 4.
This service needs to be installed on the same machine as the Proxy and must be started before the Proxy.
This service is called the Channel Socket Service.
Channel Socket Service is withing the Proxy V17 projects.
......@@ -36,7 +30,7 @@ Channel Socket Service is withing the Proxy V17 projects.
### Prerequisites
1. Java 17
1. Java 17 or higher
2. Maven 3.8.x
3. Docker
4. Optional: Mandrel 17 (for native compilation)
......@@ -76,146 +70,57 @@ The Channel Socket Service is configured using JVM properties. The following tab
# Compilation and installation
Gazelle testbed tools are built using Maven 3, when you have download the sources, go to the gazelle-proxy folder and execute
```bash
mvn -P public clean package
```
You will get an EAR in the gazelle-proxy-ear/target folder.
Then, follow the instructions below:
## 1. Create database
In your database (postgresql 9.1 or higher) create a database named "gazelle-proxy", using UTF-8 encoding and owned by the user gazelle
```bash
createdb -U gazelle -E UTF8 gazelle-proxy
```
## 2. File system
### 2.1 Version 6.0.0 and higher
For persistent channels, create a file `/opt/proxy/proxyPersistentChannels.json` and make sure that the user running the application has the right to write in it.
On your file system, create a directory `/opt/proxy/DICOM`.
```bash
sudo mkdir -p /opt/proxy/DICOM
sudo touch /opt/proxy/proxyPersistentChannels.json
sudo chown -R jboss:jboss-admin /opt/proxy
sudo chmod -R 775 /opt/proxy
```
### 2.2 Version 5.0.0 and lower
For persistent channels, create a file `/opt/proxy/proxyPersistentChannels.csv` and make sure that the user running the application has the right to write in it.
On your file system, create a directory `/opt/proxy/DICOM`.
```bash
sudo mkdir -p /opt/proxy/DICOM
sudo touch /opt/proxy/proxyPersistentChannels.csv
sudo chown -R jboss:jboss-admin /opt/proxy
sudo chmod -R 775 /opt/proxy
```
## 3. Put the ear in the deployment folder of your Jboss AS
```bash
cp gazelle-proxy-ear/target/gazelle-proxy.ear /usr/local/jboss7/standalone/deployments/gazelle-proxy.ear
```
## 4. Manage datasource
[WARNING] : From version 4.7.0, datasources have been extracted from the **ear**. The template file can be found in
/src/main/application/datasource in the source or in the file gazelle-proxy-X.X.X-datasource.zip from the nexus.
For more information about how to manage that externalization, please refer to
[general considerations for JBoss7](https://gazelle.ihe.net/gazelle-documentation/General/jboss7.html).
* Datasource name : gazelle-proxyDS
* Database name : gazelle-proxy
# channel manager
## 5. Configure SSO registration
The Channel Manager is a core component of Proxy that oversees the lifecycle of communication channels. It manages the creation, configuration, and supervision of various channel types—such as TCP, HTTP, DICOM, and Syslog—used to intercept and record messages exchanged between systems under test.
Since version **5.1.0**, Proxy can register itself as a client of a SSO server. This is done by giving some environment variables to the application.
The Channel Manager communicates with the Channel Socket Service to control these channels, delegating operations such as starting, stopping, and updating channel configurations through its API.
| **Variable name** | **Description** | **Example of value** |
|-------------------|------------------------------------------------------------------|--------------------------------|
| GZL_PROXY_K8S_ID | Describes the instance ID and the replica ID of the application. | gazelle-proxy-6dfeeb5595-tl29k |
[WARNING] There are additional required variables for registration of the proxy to the SSO server. Please refer to the
[README.md in sso-client-v7](https://gitlab.inria.fr/gazelle/public/framework/sso-client-v7#client-registration).
## 6. Start Jboss AS 7
```bash
sudo /etc/init.d/jboss7 start
```
## 7. Execute the sql script available in your workspace at gazelle-proxy-ear/src/main/sql/schema-X.X.X.sql
```bash
psql -U gazelle gazelle-proxy < schema-X.X.X.sql
```
## 8. Execute the sql script available in your workspace at gazelle-proxy-ear/src/main/sql/init-5.0.0.sql
```bash
psql -U gazelle gazelle-proxy < init-X.X.X.sql
```
## 9. Browse the application
Open a browser and go to [*http://yourServer:8080/proxy*](http://yourServer:8080/proxy)
## 10. The proxy is now up and running, see the next section for information on the configuration.
Channel Socket Service is withing the Proxy V17 projects.
This new instance of the proxy is running without the CAS feature, that means that anyone accessing the tool has the administrator privileges.
# Installation
If you rather want to use a single-sign one authentication, configure the application in this way. Edit the preference
**cas\_enabled** to set it to **false.**
## channel manager ui
This component provides the user interface for managing channels, including creation, deletion, configuration, listing, and updating of channels.
## Called tools
### Prerequisites
1. Node.js 18 or higher
2. pnpm with command `pnpm install -g pnpm`
Check that **dcmtk** is installed on the machine. Actually, the proxy uses dcmdump to render the dicom files.
### Build
1. Clone the project:
```shell
git clone [gazelle-admin-interface-url]
```
```bash
sudo apt get install dcmtk
2. Build the project:
In your project root:
```shell
cd gazelle-admin-interface
pnpm install
```
### Run
To run the Channel Manager UI, use the following command:
```shell
pnpm run dev
```
The UI should now be accessible at:
```plaintext
http://localhost:3000/gazelle/channels
```
# Configuration
There is a set of properties that you can configure on the Configuration page, the table below describes the various properties defined and their default values.
| **Property name** | **Description** | **Default value** |
|-----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------|
| **application\_documentation** | The link to the user manual. Link to this page | |
| **application\_issue\_tracker** | The link to the section of the issue tracker where to report issues about the Gazelle Proxy tool | [https://gazelle.ihe.net/jra/browse/PROXY](https://gazelle.ihe.net/jra/browse/PROXY) |
| **application\_release\_notes** | The link to the application release notes of the tool | [https://gazelle.ihe.net/jira](https://gazelle.ihe.net/jira) |
| **application\_url** | The URL used by any user to access the tool. The application needs it to build permanent links inside the tool | [http://yourASURL/proxy](http://yourASURL/proxy) |
| **dcmdump_path** | Path to dcmdump | /usr/bin/dcmdump |
| **evs\_client\_url** | The URL of the EVSClient application. This is required to validate the messages captured by the proxy. If you install your own instance of the proxy, you also need your own instance of the EVSClient tool. (Do not forget the tailing slash) | [https://gazelle.ihe.net/EVSClient/](https://gazelle.ihe.net/EVSClient/) |
| **jms_communication_is_enabled** | Enable jms communication | false |
| **max\_proxy\_port** | Specifies the high limit for the opened ports | 11000 |
| **min\_proxy\_port** | Specifies the low limit for the opened ports | 10000 |
| **NUMBER_OF_ITEMS_PER_PAGE** | Number of items to display in datatable | 20 |
| **proxy\_ip\_addresses** | This property is used to inform the users of the IP address(es) to use to contact the proxy | 131.254.209.16 (kujira.irisa.fr), 131.254.209.17 (kujira1.irisa.fr), 131.254.209.18 (kujira2.irisa.fr), 131.254.209.19 (kujira3.irisa.fr) |
| **proxy\_oid** | For each tool, we need an OID which uniquely identify the instance of the tool and the URL used to send back results. | 1.1.1.1.1 |
| **storage\_dicom** | Absolute path to the system folder used to store the DICOM datasets | /opt/proxy/DICOM |
| **time\_zone** | The time zone used to display the timestamps | Europe/Paris |
| **admin_only_mode** | This preference is used to enable/disable the Admin Only mode. This mode restricts the access to messages list and messages details to admin only. Connection can however be shared by an administrator to allow users knowing the connection privacy key to see messages from the connection. | false |
| **proxy_persistent_channels_file_path** | This file path where persistent channels are written. The file must be created by server admin | /opt/proxy/proxyPersistentChannels.csv |
| **datahouse_ui_url** | URL to datahouse UI for the new messages list | http://localhost:3000/datahouse-ui |
# SSO Configuration
There are additional preferences to configure the SSO authentication.
| Preference name | Description | Example of value |
| ---------------- | ---------------------------------------------------------------------- | ---------------- |
| **cas_enabled** | Enable or disable the CAS authentication. | true |
| **ip_login** | Enable authentication by IP address matching `ip_login_admin` regex. | false |
| **ip_login_admin** | Regex to authorize ip authentication if CAS authentication is disabled. | .* |
For more documentation about SSO configurations, follow the link [here](https://gitlab.inria.fr/gazelle/public/framework/sso-client-v7/-/blob/master/cas-client-v7/README.md).
\ No newline at end of file
There is a set of properties that you can configure on env that should be on the root of the project.
| **Property name** | **Description** | **Example of value** |
| ------------------------ | ------------------------------------------------------------------------------ | ------------------------------------------------------- |
| **BASE\_PATH\_CHANNEL** | Base path used to mount the admin interface routes | `/gazelle/admin` |
| **HOME\_URL** | URL to redirect users after login or when clicking "Home" | `https://qualif3.ihe.kereval.cloud/home/` |
| **PROXY\_URL** | The base URL of the proxy admin frontend (used for redirection/navigation) | `http://localhost:3001` |
| **USERS\_URL** | URL to the external user management interface (GUM UI) | `https://qualif3.ihe.kereval.cloud/gum-ui/users` |
| **REGISTRATION\_URL** | URL to the user registration page | `https://qualif3.ihe.kereval.cloud/gum-ui/registration` |
| **CHANNEL\_URL** | UI base URL of the current channel management interface | `http://localhost:3000/` |
| **CHANNEL\_API\_URL** | REST API base URL for managing channels (provided by the backend proxy engine) | `http://localhost:8086/proxy/rest/v1/` |
| **USERS\_API\_URL** | API endpoint for user information from the GUM backend | `http://localhost:8081/gum/rest/users` |
| **KEYCLOAK\_CLIENT\_ID** | Keycloak OIDC client ID used for authentication | `OIDC_GAZELLE_CLIENT` |
| **KEYCLOAK\_ISSUER** | Keycloak issuer URL (realm endpoint for token | |
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment