Run OmicSoft Server v12 on Red Hat from Pre-built AMIs

From Array Suite Wiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Tips.pngThis page describes the installation steps for OmicSoft Server with OmicSoft Suite v12.1, released mid-May 2022. If you're using OmicSoft Suite v11.7 or earlier, please visit Install Array Server On CentOS or RedHat.


Create the EC2 instance

The AMIs were built for use with OmicSoft Suite 12, by following the steps described on Install OmicSoft Server v12 on Red Hat.

  • Create a new EC2 instance by choosing the appropriate AMI for your AWS region and following the hardware requirements described at Hardware/Software Requirements for OmicSoft Server.
  • Connect to your instance via SSH using the ec2-user user.
    • Make sure you are using the private key corresponding to the "key pair" specified when starting up the EC2 instance.
Date Created Region AMI Name AMI ID AMI Snapshot ID
25-05-2022 US-East-1 (Virginia) OmicSoftServer.V12-ue2-p-mono6-rhel8-R4.0.4-20220520 ami-0c9d6f828765192cd snap-05676620f02bb723c
25-05-2022 US-East-2 (Ohio) OmicSoftServer.V12-ue2-p-mono6-rhel8-R4.0.4-20220520 ami-0347bf8103ec49c06 snap-092deeb91e4ff5065
25-05-2022 US-West-1 (N. California) OmicSoftServer.V12-ue2-p-mono6-rhel8-R4.0.4-20220520 ami-033e582f2d8194cb6 snap-05424f710976d8f39
25-05-2022 US-West-2 (Oregon) OmicSoftServer.V12-ue2-p-mono6-rhel8-R4.0.4-20220520 ami-09f15470a586c181f snap-084bcd48619f61227
25-05-2022 EU-West-1 (Ireland) OmicSoftServer.V12-ue2-p-mono6-rhel8-R4.0.4-20220520 ami-0117abfc36fc7fdf0 snap-06140b51d9a1906a9
25-05-2022 EU-West-2 (London) OmicSoftServer.V12-ue2-p-mono6-rhel8-R4.0.4-20220520 ami-01ce65ea6ada032b7 snap-066aa972f54e1b794
25-05-2022 EU-Central-1 (Frankfurt) OmicSoftServer.V12-ue2-p-mono6-rhel8-R4.0.4-20220520 ami-0bade4ec8fcb1bcad snap-06d31205748599915
25-05-2022 AP-Northeast-1 (Tokyo) OmicSoftServer.V12-ue2-p-mono6-rhel8-R4.0.4-20220520 ami-0f5751e14da92faac snap-084a781bf327d3257
25-05-2022 AP-Southeast-2 (Sydney) OmicSoftServer.V12-ue2-p-mono6-rhel8-R4.0.4-20220520 ami-05f3e3045ad57d165 snap-0eab16a8db5b3dbde

Activate RHEL Subscription

Register your Red Hat subscription on the newly-created instance:

$ sudo subscription-manager register --username RED-HAT-USER --password **** --auto-attach
$ sudo subscription-manager refresh

Set up OmicSoft Applications

Update OmicSoft Server

Run Omicsoft Service Updater

If the mono process instance running the Omicsoft Server is started, make sure it is stopped first.

$ cd /opt/arrayserver

# If not downloaded recently, get the latest version of OmicSoftServiceUpdater: wget -c https://resources.omicsoft.com/software_update/OmicSoftServiceUpdater.exe
$ mono ./OmicsoftServiceUpdater.exe

Update ArrayServer.cfg

The downloaded template contains the ArrayServer.cfg, which is the key configuration file. The following sections and fields are mandatory:

  • License section - server license code for your company
  • Port2 and Port3 - define the port number for data communication (gRPC and SFTP data transfer) between OmicSoft Studio client and OmicSoft Server. Make sure to open these ports on firewall.
  • CertificateThumbprint - specifies the server certificate thumbprint
  • MasterServerUrl - identify the DNS name and the gRPC port on which the server can be accessed
  • OmicSoft directories
    • BaseDirectory - this will be the working directory of the array server, storing all the raw and possessed data. Depending on the projects, it can take huge amount of disk space.
    • OmicsoftDirectory - This directory can be defined locally or on a network drive. All the reference genomes, gene models, Affymetrix CDF files, log files, etc. are stored in this folder.
    • TempDirectory - This should be a local directory (i.e. NOT a network drive) for fast read and write access. It can take twice the size of an unzipped fastq file in some NGS tasks (we would suggest use a drive with at least 100GB storage).
    • LandDirectory - directory for Land data storage. Depending on the number of Lands installed, this can take several hundred GB.
  • Locations of Mono 6 binaries installed on your Oshell instance(s), which are required by jobs started through the server:
  • The [Folder] section defines additional local or network folders monitored and available for access by array server users.

To enable cloud-based NGS analysis with the Array Server Cloud add-on, please follow the instructions from ArrayServer_Configuration_with_Cloud. The following properties must be configured within ArrayServer.cfg.

For a full list of options, see ArrayServer.cfg for more details. For master-analytic server setup, please read Master Server and Analytic Server for more details.

Update metadata template files

  • default.template: it defines project level meta data, such as requiring project title, and list organism. Admin can customize the project meta data based on this template file and even enforce controlled vocabulary. For first time setup, the default values we prepared should be good to go. Admin can further customized based on the understanding of default.template wiki article.
  • sample.template: it defines sample level meta data, such as requiring users to fill organism and tissue for each samples in sample registration. Admin can customize the sample meta based on this template file and even enforce controlled vocabulary. For first time setup, the default values we prepared should be good to go. Admin can further customize based on the understanding of sample.template wiki article.

Update Oshell

$ cd /opt/oshell
 
# If not downloaded recently, get the latest version of OmicSoftServiceUpdater: wget -c http://omicsoft.com/software_update/OmicSoftServiceUpdater.exe
$ mono ./OmicSoftServiceUpdater.exe
 
$ mono ./oshell.exe --version
OShell version=12.1.X.X

Configure Certificates

Prerequisites

  • DNS name
    • DNS must point to the OmicSoft Server machine (ex.: omicsoftserver.example.com)
    • DNS must be reachable from all machines where OmicSoft Studio/Land Explorer/Oshell and (if applicable) Analytic servers will be installed
    • DNS name must point to a static/fixed IP
    • DNS must have a valid TLS >= 1.2 signed server certificate (including the associated private key)

Make sure that the server is reachable using the DNS name, both from outside the server network, but also from the server machine itself:

ping omicsoftserver.example.com
Pinging omicsoftserver.example.com [X.XXX.XX.XX] with 32 bytes of data:
Reply from X.XXX.XX.XX: bytes=32 time=230ms TTL=37
...
Ping statistics for 3.128.81.13:
   Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
   Minimum = 230ms, Maximum = 231ms, Average = 230ms
  • TLS certificate
    • The certificate must be signed by a public certificate authority (no self-signed certificates can be used).
    • The certificate should be in .pfx (PKCS #12) format, containing the entire certificate chain and the private key.
    • You also need the intermediate CA certificates in separate files, so you can import them in the Mono store.

Information on how to obtain all the required files can be found Certificates Setup page.

Certificates Setup

Set up the TLS Certificate for Server

If you don't have all the required files, please review the Certificates Setup page.

Install the intermediate CA certificate(s)

Intermediate CA can be in the following formats: .PEM, .CRT, .CER.

Import the intermediate CA certificates:

  • the current user intermediate CA store
$ certmgr -add -c -v CA IntermediateCA1.cer
  • the machine intermediate CA store
$ sudo certmgr -add -c -v -m CA IntermediateCA1.cer

Verify certificates installation with:

$ certmgr -list -c CA
$ sudo /opt/mono-6.12.0/bin/certmgr -list -c -m CA
Install the server certificate(s)

Import the server certificate in the machine-level ( -m param. ), personal ('My') store, from the PFX file (that must have also the private key included). The private key password might be needed for this step:

$ sudo certmgr -add -c -v -p privatekeypassword -m My cert.pfx

Verify if the certificate was properly imported with:

$ sudo certmgr -list -c -m My

Update Omicsoft server configuration file

Get the server certificate thumbprint that must be set in ArrayServer.cfg using the PFX file:

$ openssl pkcs12 -in cert.pfx -nodes -passin pass:privatekeypassword | openssl x509 -noout -fingerprint | cut -f2 -d'='

Set/Update the thumbprint in ArrayServer.cfg

Port2=8065
CertificateThumbprint=B1:9A:...:6D:71
MasterServerUrl=omicsoft.example.com:8065

Start OmicSoft Server

$ cd /opt/arrayserver/
$ mono ./OmicSoftServer.exe >> ./run.log &
$ & disown -h