Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 79 Next »

Recipe instructions for building your own Avalon setup from scratch on CentOS or Red Hat Enterprise Linux.

Ready the Installation Environment

Install EPEL

rpm -ivh

This package has libyaml-devel which is required by ruby and not provided by Redhat.

Make sure a valid hostname is resolvable

The default hostname is “”, so name the machine this and enter it into /etc/hosts

# hostname
# cat /etc/hosts   localhost localhost.localdomain localhost4 localhost4.localdomain4

Configure iptables 

The Avalon Media System requires several ports to be open to client browsers.

Here are the port settings that will need to be configured:

80HTTP (Avalon)Yes
1935RTMP (red5)Yes
5080HTTP (red5)No
8983HTTP (Fedora/Solr)No
18080HTTP (Matterhorn)Yes


The preferred method is to create a shell script that will do the work for you. Here is an example script:

# Flush all current rules from iptables
iptables -F

# Set rules
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p icmp -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
for n in 22 80 1935 8080;
        iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport $n -j ACCEPT
iptables -A INPUT -j REJECT --reject-with icmp-host-prohibited
iptables -A FORWARD -j REJECT --reject-with icmp-host-prohibited

# Backup previous settings
iptables-save > /etc/sysconfig/iptables.prev
# These settings can be retreived with the following command:
# iptables-recover /etc/sysconfig/iptables.prev
# Save settings
/sbin/service iptables save

# Restart iptables service so the new settings can take effect
service iptables restart

# List rules
echo "New rules:"
iptables -L -v

Save your script to /etc/sysconfig/, make it executable and run it.
*CAUTION: If you're connected over ssh, it might kick you off. 

chmod +x /etc/sysconfig/

*If you run into connection issues along the line you can disable the iptables, completely dropping your firewall, by running "service iptables stop" and when you're done troubleshooting, run "service iptables start".

Disable SELinux

echo 0 > /selinux/enforce 
vim /etc/selinux/config #change the value of `SELINUX` from `enforcing` to `permissive`

Add the NUL repository 

Create the NUL repository config file:

vim /etc/yum.repos.d/nul-public.repo

Append the following code:

name=NUL Library Public RHEL repository

Install and place the NUL GPG key in the proper location:

curl -o /etc/pki/rpm-gpg/RPM-GPG-KEY-nul

Install Development Libraries and packages for building Ruby

yum groupinstall "Development Tools"
yum install readline-devel zlib-devel libyaml-devel libffi-devel openssl-devel libxml2-devel libxslt-devel


Install Apache Tomcat with the nulrepo-public repository configured and enabled.

yum install tomcat
service tomcat start
vim /usr/local/tomcat/conf/server.xml

on line 70, change the Tomcat connector port from 8080 to 8983:

<Connector port="8983" protocol="HTTP/1.1"

Add Tomcat manager user

By default, no user has access to the Tomcat Manager App. 

vim /usr/local/tomcat/conf/tomcat-users.xml

Define a role and a user in tomcat-users.xml with a manager-gui role. Below is a very basic example. Use more secure log in credentials than the example please.

  <role rolename="manager-gui"/>
  <user username="admin" password="tomcat" roles="manager-gui"/>

Restart Tomcat

service tomcat restart

See if you can log in to the manager app: http://<server host name>:8983/manager/html

Try it out on your local machine and on another machine. If you can't reach the app from another machine, your iptables might need to be changed to allow access.


Avalon makes use of Solr through the Blacklight gem for faceting and relevance-based searching.

Download the solr tarball and unpack it


tar xvf solr-4.2.0.tgz
mv solr-4.2.0 /usr/local/solr
cd /usr/local/solr/dist/
cp solr-4.2.0.war /usr/local/tomcat/webapps/solr.war
mv solr-4.2.0.war /usr/local/solr/solr.war

Add XML configurations

Place into /usr/local/tomcat/conf/Catalina/localhost/solr.xml:

<Context docBase="/usr/local/solr/solr.war" debug="0" crossContext="true">
 <Environment name="solr/home" type="java.lang.String" value="/usr/local/solr" override="true"/>

Place into /usr/local/solr/solr.xml:

<?xml version="1.0" encoding="UTF-8" ?>
  <solr persistent="true">
    <cores defaultCoreName="avalon" adminPath="/admin/cores" zkClientTimeout="${zkClientTimeout:15000}" hostPort="8983" hostContext="solr">
    <core instanceDir="avalon/" name="avalon"/>

Download and Install Avalon specific Solr files from github

mkdir /usr/local/solr/lib
mv /usr/local/solr/dist/* /usr/local/solr/lib/
mv /usr/local/solr/contrib /usr/local/solr/lib/
unzip master
mv puppet-solr-master/files/avalon /usr/local/solr
chown -R tomcat7:tomcat /usr/local/solr/
chown -R tomcat7:tomcat /usr/local/tomcat
service tomcat restart

If you have successfully installed Solr you should be able to access the dashboard page:

http://<server host name>:8983/solr

If you can't access the dashboard, check the tomcat logs in /usr/local/tomcat/logs/. Catalina.out and localhost.<date>.log have been the most helpful.



Avalon uses MySQL for storing search queries, user data and roles, and as a back end for asynchronously sending requests to Matterhorn.

Install MySQL server 

yum install mysql-server
service mysqld start

Create databases and users

Enter the mysql monitor:

Welcome to the MySQL monitor. Commands end with ; or \g.

Create a database for the Fedora Commons Repository software and add a user to it.  

create database fedora3;
create user 'fcrepo'@'localhost' identified by 'fcrepo';
grant all privileges on fedora3.* to 'fcrepo'@'localhost';
flush privileges; 

Create a database for the Avalon web application and add a user to it.

create database rails;
create user 'rails'@'localhost' identified by 'rails';
grant all privileges on rails.* to 'rails'@'localhost';
flush privileges;

Check your work and exit

mysql> show databases;
| Database           |
| information_schema |
| fedora3            |
| mysql              |
| rails              |
| test               |
5 rows in set (0.00 sec)
mysql> select user, host from mysql.user;
| user   | host         |
| root   |    |
|        | |
| root   | |
|        | localhost    |
| fcrepo | localhost    |
| rails  | localhost    |
| root   | localhost    |
7 rows in set (0.00 sec)
mysql> exit;

Please see documentation for your version of MySQL Server for detailed syntax ( )

Fedora Commons Repository

Download and run the fcrepo installer
java -jar fcrepo-installer-3.6.2.jar

Enter values:

Installation type
Fedora home directory
Fedora administrator password
Fedora server host
Fedora application server context
Authentication requirement for API-A
SSL availability
SSL required for API-A
SSL required for API-M
Servlet engine
Tomcat home directory
Tomcat HTTP port
Tomcat shutdown port
Tomcat Secure HTTP port
Keystore file
Keystore password
Keystore type
MySQL JDBC driver
Database username
Database password

accept remaining defaults then add permissions for Tomcat and restart Tomcat

chown -R tomcat7:tomcat /usr/local/fedora
service tomcat restart

Red5 Media Server

Red5 is an open source alternative to Adobe Flash Media Server.

Create a red5 user.

useradd red5

Download and install Red5.

tar xvf red5-1.0.1.tar.gz
mv red5-server-1.0 /usr/local/red5

Download the init script and add it to the init.d directory.

wget -O
mv /etc/rc.d/init.d/red5

Give red5 permissions to the Red5 directory and the init script.

chown -R red5:red5 /usr/local/red5
chmod +x /etc/rc.d/init.d/red5


Installation prerequisites

Install prerequisite packages using yum and the NUL-public repository:


for the lazy:

yum install SDL-devel a52dec-devel bzip2-devel faad2-devel freetype-devel frei0r-plugins-devel \
	gsm-devel imlib2-devel lame-devel libdc1394-devel libraw1394-devel librtmp-devel libtheora-devel \
	libva-devel libfaac-devel libvdpau-devel libstdc++-devel libvorbis-devel libvpx-devel \
	mediainfo opencore-amr-devel opencv-devel openjpeg-devel openssl-devel schroedinger-devel \
	speex-devel texi2html vo-aacenc-devel x264-devel xvidcore-devel yasm zlib-devel

Install rpmdev-setuptree

yum install rpmdevtools

Install ffmpeg srpm

Log in as the user red5, because the following commands need to run under a user other than root.

su - red5

Run the ffmpeg install.

#rpm -ivh
   1:ffmpeg                 warning: user makerpm does not exist - using root
warning: group makerpm does not exist - using root
########################################### [100%]
warning: user makerpm does not exist - using root
warning: group makerpm does not exist - using root
Build ffmpeg binary as non-root and install as root
#rpmbuild -bb rpmbuild/SPECS/ffmpeg12.spec

Log back in as root and finish the install.

su - root
rpm -ivh /home/red5/rpmbuild/RPMS/x86_64/ffmpeg-*.rpm


Install and start the httpd service.

yum install httpd
service httpd start


Install Matterhorn

Create a user for Matterhorn and then install Matterhorn

useradd matterhorn
tar xvf 1.4.x
mv avalon-felix-1.4.x /usr/local/matterhorn

mv /etc/init.d/matterhorn

chmod +x /etc/init.d/matterhorn
chown -R matterhorn:matterhorn /usr/local/matterhorn

Add avalon user and create avalon directory.

useradd avalon
mkdir /var/www/avalon
chown -R avalon:avalon /var/www/avalon

Create and configure streaming directories.

mkdir -p /usr/local/red5/webapps/avalon/streams
mkdir /var/avalon
mkdir -p /var/www/avalon/public/streams

chown red5:avalon /usr/local/red5/webapps/avalon/streams
chmod 0775 /usr/local/red5/webapp/avalon/streams
ln -s /usr/local/red5/webapps/avalon/streams /var/avalon/rtmp_streams
mkdir /var/avalon/hls_streams
chown root:root /var/avalon/hls_streams/
ln -s /var/avalon/hls_streams/ /var/www/avalon/public/streams

chmod 0775 /var/avalon/hls_streams/

Configure Matterhorn

Download Matterhorn config and verify property values.

Change the server url port from 18080 to 8080 on line 19:

And verify these values:

Then move the config to the appropriate spot.

mv /usr/local/matterhorn/etc/

Add matterhorn user to the avalon group.

usermod -G avalon matterhorn

Apache Passenger and Ruby

Change current user to avalon then install RVM and ruby 1.9.3-p448.

su - avalon
curl -L | bash -s stable --ruby=1.9.3

Source the RVM shell (as avalon user)

source /home/avalon/.rvm/scripts/rvm

Install Passenger via Gem (as avalon user)

gem install passenger

Check to make sure passenger installed in the expected location (as avalon user)

$ passenger-config --root

Install Passenger apache module requirements (as root)

su - root
yum install curl-devel httpd httpd-devel apr-devel apr-util-devel

Build passenger for your version of Apache and Ruby (as avalon user)

su - avalon
passenger-install-apache2-module #copy the suggested Apache configuration file settings for later

Create an apache configuration file (as root)

su - root
vim /etc/httpd/conf.d/passenger.conf

Example contents of /etc/httpd/conf.d/passenger.conf:

LoadModule passenger_module /home/avalon/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.10/buildout/apache2/
<IfModule passenger_module>
  PassengerRoot /home/avalon/.rvm/gems/ruby-1.9.3-p448/gems/passenger-4.0.10
  PassengerDefaultRuby /home/avalon/.rvm/wrappers/ruby-1.9.3-p448/ruby
  PassengerMaxPoolSize 30
  PassengerPoolIdleTime 300
  PassengerMaxInstancesPerApp 0
  PassengerMinInstances 3
  PassengerSpawnMethod smart-lv2

Apache security configuration

wget -O /usr/local/sbin/avalon_auth
chmod +x /usr/local/sbin/avalon_auth
wget -P /etc/httpd/conf.d/

Create a virtual host for avalon in /etc/httpd/conf.d/avalon.conf

wget -P /etc/httpd/conf.d/
vim /etc/httpd/conf.d/20-avalon.conf

Add this line to 20-avalon under the VirtualHost tag:

RailsEnv development

Restart apache.  With apache running, check passenger-status

[root@localhost ~]# /etc/init.d/httpd restart
[root@localhost ~]# su - avalon
[avalon@localhost ~]$ which passenger-status


Grab Avalon code from github

cd ~
git clone git://
cd avalon
git checkout master #make sure you are in the master branch (should be by default)
rm .rvmrc
mv public/* /var/www/avalon/public/
mv  * /var/www/avalon/

Configure Avalon 

Create /var/www/avalon/.ruby-version and add:


Create /var/www/avalon/config/setup_load_paths.rb and add:

if ENV['MY_RUBY_HOME'] && ENV['MY_RUBY_HOME'].include?('rvm')
     gems_path = ENV['MY_RUBY_HOME'].split(/@/)[0].sub(/rubies/,'gems')
     ENV['GEM_PATH'] = "#{gems_path}:#{gems_path}@global"
     require 'rvm'
     RVM.use_from_path! File.dirname(File.dirname(__FILE__))
   rescue LoadError
     raise "RVM gem is currently unavailable."
 # If you're not using Bundler at all, remove lines bellow
 ENV['BUNDLE_GEMFILE'] = File.expand_path('../Gemfile', File.dirname(__FILE__))
 require 'bundler/setup'
cd /var/www/avalon/config
cp authentication.yml.example config/authentication.yml
vim database.yml

Configure database settings

vim database.yml

Replace what's in database.yml for your development environment with:

  adapter: mysql2
  host: localhost
  database: rails
  username: rails
  password: rails
  pool: 5
  timeout: 5000

Install the mysql2 adapter we referenced above

yum install mysql-devel
su - avalon
gem install activerecord-mysql2-adapter
gem install mysql2
su - root
vim /var/www/avalon/Gemfile

Add this line to the Gemfile:

gem 'mysql2', '~>0.3.11'

Run the bundle install

su - avalon
cd /var/www/avalon
gem update debugger-ruby_core_source
bundle install

Finish configuring Avalon

Edit /var/www/avalon/config/solr.yml

    url: http://localhost:8983/solr/

Edit /var/www/avalon/config/fedora.yml

    user: fedoraAdmin
    password: fedoraPassword

Create  /var/www/avalon/config/matterhorn.yml

  url: http://matterhorn_system_account:CHANGE_ME@localhost:8080/

Create  /var/www/avalon/config/avalon.yml and base it off of /var/www/avalon/config/avalon.yml.example. Here's a snippet:

    path: '/var/avalon/dropbox/'
    upload_uri: 'sftp://localhost/var/avalon/dropbox'
    username: 'test'
    password: 'test'
    notification_email_address: ''

Create the database using rake

su - avalon
cd /var/www/avalon
rake db:create

If you get an error message saying that you can't connect to the database, take a look at this post and follow some of the troubleshooting steps:

Run the database migrations

rake db:migrate

Set rails environment to development (it is by default)

On the first line of /var/www/avalon/config/environment.rb make sure it says 'development' like so:

ENV['RAILS_ENV'] ||= 'development'

Visit your new Avalon site!

You should be able to visit the webpage with just the hostname. ex: http://localhost (if you want to test from your local machine)

Click on "Sign in" in the upper right corner of the website main page.

Skip the sign-in fields and click the Create identity button using these values:


This is a known identity with administrative privileges.

Start delayed_job

As avalon user:

cd /var/www/avalon/
bundle exec rake delayed_job:start

Delayed Job handles background jobs.  DelayedJob logs to log/delayed_job.log in the avalon directory. 

Red5 Avalon Security Webapp

cd /usr/local/red5/webapps
tar xvzf red5-avalon.tar.gz
chown -R red5:red5 avalon/

Edit /usr/local/red5/webapps/avalon/WEB-INF/


Restart red5

service red5 restart

If Red5 is installed and running you should be able to access this page:


groupadd -r dropbox
useradd -r avalondrop
mkdir -p /var/avalon/dropbox
chown avalondrop:dropbox /var/avalon/dropbox
chmod 2775 /var/avalon/dropbox

Add this to /etc/ssh/sshd_config:

# override default of no subsystems
Subsystem sftp internal-sftp
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
Match Group dropbox
ChrootDirectory /var/avalon
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

Restart SSH

service sshd restart

Using the System

You can find specific information about using the system in the Collection Manager's Guide. Upload items individually or via batch. Batch demo content is available for your convenience, which includes the media files and an excel document necessary to run a batch.  You can submit a batch directly via SFTP using the avalondrop account you created above.

Known Issues - Release 1.0 - a list of bugs, workarounds, and cautions for using Release 1.0.

Restarting the Server

Before you restart your Avalon server, you'll want to make sure all of the services necessary to run Avalon will start automatically after the restart. Run these commands once and you should be set:

chkconfig --level 345 tomcat on
chkconfig --level 345 mysqld on
chkconfig --level 345 sshd on
chkconfig --level 345 red5 on
chkconfig --level 345 httpd on
chkconfig --level 345 matterhorn on
  • No labels