Initially I was getting the default Ubuntu Apache web page as mentioned in the installation notes. I removed 000-default.conf from the sites-enabled and was able to bring up the OOD web page that says I need to configure authentication.
Since this is only for a Proof of Concept demo I’m trying to set it up with ‘AuthType mod_auth_basic’. I edited the ood_portal.yml file adding the following:
List of Apache authentication directives
NB: Be sure the appropriate Apache module is installed for this
Default: (see below, uses OIDC auth with Dex)
auth:
‘AuthType mod_auth_basic’
‘AuthName "OnDemand POC’
'AuthUserFile /etc/apache2/.htpasswd"
‘Require valid-user’
I ran the update_ood_portal command and it was successful. I have a single test user in /etc/apache2/.htpasswd. I now get the following page:
I have a single user, ravi, in the .htpasswd file. I have a local account setup on the Ubuntu server for ravi. Is there a simple way to set up mapping?
Not much in the Apache logs. After adding the auth entry to ood_portal.yml, running update_ood_portal and restarting Apache I was expecting to see a prompt to login. Perhaps I need to set up mapping first?
ls -l /etc/apache2/sites-enabled/
total 0
lrwxrwxrwx 1 root root 34 Oct 9 16:11 ood-portal.conf → …/sites-available/ood-portal.conf
This may help. After rebooting the server and using a private window in firefox I see the following messages in the access/error logs. I see some hits in my Google search that I’ll start reviewing, but I wanted to share this with you as well.
Ubuntu 22.04 OS.
/etc/ood/config/ood_portal.yml
This is my entry in the ood_portaly.yml file:
List of Apache authentication directives
NB: Be sure the appropriate Apache module is installed for this
I think I found my mistake. I had set the AuthType to “mod_auth_basic” when it should have been “Basic”. I now get a login prompt. I’m able to log in with my test user “ravi” but receive a blank dashboard.
I have set up a single test user in my .htpasswd “ravi” but I’m not sure how to map “ravi” to his Linux account “ravi”.
ravi:x:1000:1000:,:/home/ravi:/bin/bash
WORKING BROKEN
List of Apache authentication directives # List of Apache authentication directives
NB: Be sure the appropriate Apache module is installed for # NB: Be sure the appropriate Apache module is installed for
Default: (see below, uses OIDC auth with Dex) # Default: (see below, uses OIDC auth with Dex)
User mapping happens through this config user_map_match. Though it looks like the default should just work for you.
Seeing a blank screen is odd for sure, seems like you should see some error message. In any case - /var/log/apache2, /var/log/ondemand-nginx and ``/var/log/ondemand-nginx/$USER` are the locations you should be looking in to find more information about what’s going on.
When I tested logging in with “ravi” using another browser, Edge, I got the Authorization error below. I checked the nginx logs under and found the following error:
OK - that makes more sense. Did you set the servername or are you trying to access this through an IP?
If you set the servername directly in ood_portal.yml it should start to work. Maybe even if you set the servername to the ip. I think there’s a bug here where we didn’t account for ips - we assumed everyone would be using FQDNs directly.
If you are forced to use the IP and setting the servername to the IP doesn’t work, you can follow the instructions in the first comment of this issue and edit a source file in /var/www to set config.hosts = nil.
Looks like the next step is to setup a cluster. Is it a good practice to install OnDemand on a separate VM rather than a compute node. Right now we only have one Super Micro server with another coming in. As I said earlier, it’s more a POC right now.
Typically yes you’d want it in a VM - or in the very least on a login node. I think compute node is the last place you’d want it - but for a POC, well it should be just fine.