We recommend using different disk for the OS (~20 GB) and the application’s data.

1.2. Java

Download java on adoptium.net

curl -J -O -L -X 'GET'  'https://api.adoptium.net/v3/binary/latest/8/ga/linux/x64/jdk/hotspot/normal/eclipse?project=jdk' -H 'accept: */*'
tar -C /opt -xzf "OpenJDK8U-jdk_x64_linux_hotspot_*.tar.gz

1.3. DATAmaestro Java Archive

You will need the datamaestro-app-<version>-jar-with-dependencies.jar Java archive.

1.4. License

1.5. Firewall For Redirection

You will need a firewall software with port redirection feature:

Firewalld documentation

Shorewall documentation

2. Installation

2.1. datamaestro set up

Create datamaestro-server user:

/usr/sbin/useradd -m -p "" -s /bin/bash datamaestro-server

Move the Java archive to the user home directory:

mv datamaestro-app-jar-<version>-jar-with-dependencies.jar /home/datamaestro-server/

Add symlink to the java archive:

ln -s datamaestro-app-jar-<version>-jar-with-dependencies.jar datamaestro.jar

Change owner of the Java archive:

chown -R datamaestro-server:datamaestro-server /home/datamaestro-server/*

Start DATAmaestro server as datamaestro-server to create pepite application home:

sudo su datamaestro-server
java -jar datamaestro.jar -setHomeDir /data -setHome PEPITe

Then abort by pressing CTRL + C, ENTER. A PEPITe directory should be created into the /data directory. You can chose any directory for these parameters.

Copy license.lic file to /data/PEPITe/DATAmaestro/

Create a file named config and edit as follow :

{
	"rotateLog": 30,
	"securePort": 4443
}

(Change owner of license.lic and config files if they are not owned by datamaestro-server user)

An in-depth configuration document is accessible for a logged in user on the following URL : http://server-hostname/api/debug/help

2.2. datamaestro service

Create unit file in /etc/systemd/system/datamaestro.service with the following content:

[Unit]
Description=DATAmaestro Service
After=network.target
 
[Service]
Type=simple
User=datamaestro-server
Group=datamaestro-server
WorkingDirectory=/home/datamaestro-server
ExecStart=/usr/bin/java -Xmx18000m -Xms18000m -XX:+UseThreadPriorities -XX:ThreadPriorityPolicy=42 -server -jar /home/datamaestro-server/datamaestro.jar -setHomeDir /data -setHome PEPITe
 
Restart=on-failure
 
[Install]
WantedBy=multi-user.target

rem :

• For -Xmx and -Xms use ~50% of the RAM, specified as megabyte

• Use your own value for setHomeDir and setHome parameters

• Do not wrap the ExecStart command into a start_datamaestro.sh

Enable and start service:

sudo systemctl enable datamaestro
sudo systemctl start datamaestro

2.3. Firewall Redirection

DATAmaestro is running under a non-root user. Port < 1024 can not be used by the Java process. We need to forward http(s) requests on port 443 to 4443.

2.3.1. Configure REDIRECT via firewalld

sudo firewall-cmd --permanent --add-forward-port=port=443:proto=tcp:toport=4443
sudo firewall-cmd --reload

3. Configuration

3.1. Users

Login via credentials admin/admin and change the admin password in User Administration (cf. User Administration ).

3.2. SSL Certificates

In order to remove the warning from the browser you need the following items:

• certificate for the fully qualified domain name

• private key for this fully qualified domain name

• the intermediate certificates

Concatenate the intermediaire certificates, the certificates and the private key into a single file.

cat intermediate.pem cert.pem private.pem > bundle.pem
mv bundle.pem /home/datamaestro-server/.PEPITe/DATAmaestro/

Edit the datamaestro config file by adding the certificate field and the path to the certificates bundle as value.

e.g. /home/datamaestro-server/.PEPITe/DATAmaestro/config :

{
    "publicHost": "my.fqdn.com",
    "securePort": 4443,
    "publicSecurePort": 443,
    "certificate": "./bundle.pem"
}

You need to restart the server for the new certificate to take effect : sudo systemctl restart datamaestro

3.3. New license

Simply replace the content of the license.lic file located in the application folder ($PEPITE_DIR/DATAmaestro/) with the new one. Then restart the datamaestro service sudo systemctl restart datamaestro.

3.4. SMTP server

By default, DATAmaestro use the Google SMTP server to send mail alert.

You can configure your own SMTP server as follow:

Create a security directory inside your PEPITe home directory:

e.g. mkdir /data/PEPITe/security

Inside the security directory, create the servicesmtp.json file.

This file is composed of the following fields :

server: smtp server name or ip

port: server port, default is 587

from: the default e-mail address to use for the mail origin. In Lake, when you send an e-mail, you can specify the from address; if you don't, the default will be used.

user and password: credentials for logging onto the smtp server.

useTls: authorizes use of tls during connection. Default is true.

e.g. :

{
  "server":"smtp.mydomain.com",
  "password":"mypass42",
  "user":"watchdog@mydomain.com",
  "from":"watchdog@mydomain.com",
  "port":587
  "useTls": true
}

3.5. Logs

The LogControl.json file is created automatically by the server. It contains the default log configuration. Datamaestro's is

{
  "org.eclipse.jetty":"error",
  "be.pepite":"info"
}

Log levels are those of log4J : debug, info, warn, error.

The logs file can be fould inside the log directory from the application directory (e.g. .PEPITe/DATAmaestro/logs/)

The server parameters rotateLog set the number of days the file are kept.

3.5.1. API

/api/log : Displays the memory buffer associated with the log (i.e. the last x messages written to the log, x is 500 by default).

/api/log?action=clear  : clear the buffer

/api/log?action=size&value=y : changes buffer size, i.e. the number of messages stored in memory

/api/log/files : Returns a list of available log files.

/api/log/files?file=log20220916 : Get specific log file