Toolserver:Using the stable server


 * Note: The stable server is still experimental, and details on this page are subject to change.

The stable server provides a stable environment to run tested, mature tools. This page explains how to set up and maintain your tools on the stable server.

Logging in
When you are given access to the stable server, you will be given an account with your SSH keys from hemlock added. Usernames are limited to 8 characters. You can log into this account as normal; the server name is stable.toolserver.org.

Accessing your project
Each tool on the stable server runs under a role account, a special kind of user account. To see which tools you have access to, run roles. To become the role account, use become:

user$ become mytool mytool$

No password is required to do this.

Your account, and your tool's role account, each share a group. You can use this to restrict access to the tool to authorised users.

While you can use your normal user account for maintenance and development, all tools must run under the role account.

screen
By default, screen doesn't work after you su to a different user. If you want to use screen, run ttyallow roleuser before you su.

Resource limits
Each tool has its own project, a Solaris concept used for resource management. The project has the same name as the tool's role account. Each project has resource limits; currently, the default limits are:


 * Maximum threads in the entire project: 100
 * Maximum physical memory use (RSS) for the entire project: 256MB
 * Maximum heap size for each process in the project: 1GB

If you need more resources, send mail to ts-admins.

Web hosting
URLs for stable tools are of the form http://stable.toolserver.org/toolname/. Before you can use web hosting, you must ask an admin to enable web hosting for your account.

The document root for static files is ~toolname/www.


 * PHP: Ask a root to enable PHP for your tool. You must specify which directories PHP will be enabled for.
 * CGI: CGI cannot be used; CGI applications must be turned into FastCGI applications. For most languages, this is fairly trivial.
 * FastCGI: Ask an admin to enable a FastCGI responder for the appropriate path. (TODO: add docs on how to start FastCGI listeners.)

All PHP/FastCGI scripts run as your tool's uid.

Subversion
Each tool is provided with a subversion repository (you need to ask an administrator to create it). For development, access it as file:///svnroot/tool/ or svn+ssh://stable.toolserver.org/svnroot/tool/. All developers for your tool have commit access. For anonymous access, use svn://stable.toolserver.org/tool/.

Your repository will be added to FishEye at http://fisheye.toolserver.org/browse/toolname/.

Bug tracking
Each project on the stable server can have its own JIRA project. Ask an admin to create this for you.

WinSCP
Some people wish to use graphical scp/sftp clients (such as WinSCP) to transfer files to the stable server. Because the tool account is a role, you cannot log into it directly. However, all developers of a tool share a group with the tool account, so you can set group write permissions on the directories you want to copy files to, log in as your normal user account, and copy the files directly.

Java hosting
Java (Java EE 5) hosting is available. We use Sun Java System Application Server with Java 1.5.0.

Creating your domain
Before you can host Java applications, you must create a domain instance:

$ asadmin create-domain --domaindir /projects/projectname/appserver --savemasterpassword=true --portbase portbase --savelogin=true projectname

Run this as your role account. The value for portbase will be given to you by an administrator on request. For other commands in this section, replace adminport with portbase+48.

Starting and stopping your domain
After creating your domain, start it with asadmin:

$ asadmin start-domain --domaindir /projects/projectname/appserver

To stop the domain, run:

$ asadmin stop-domain --domaindir /projects/projectname/appserver

Configuring your domain
Before you do anything else, you will want to enable SSL for the administrative interface:

$ asadmin set -p adminport server.http-service.http-listener.admin-listener.security-enabled=true

There are several ways to configure your appserver domain. The easiest is to visit the administration GUI at https://stable.toolserver.org:portbase/. Log in with the username admin and the password given to you by an administrator. From here you can configure the appserver, create resources and deploy applications.

You can also configure appserver from the command line with the asadmin utility. For example, to deploy an application:

$ asadmin deploy -s -p adminport myapp.war

Another way to deploy applications is to place them in $HOME/appserver/domain/autodeploy/.