Changes to iExperiment an Enterprise Electronic Notebook

The following changes have been made to version 1.1 of iExperiment Enterprise Electronic Notebook (ELN):

• The options for viewing records under the Select tab have been changed. There are now four “List of Records I Can” options: read, edit, delete and download.
  

  Figure 1
  New View Record Options under Select Tab

  Top of Select tab in iExperiment showing the four new “List of Records I Can” options: read, edit, delete and download. The read option has been selected.

• Copy Record, Download Record Archive and Download PDF Archive buttons have been added to the tops of records.
  

  Figure 2
  New Copy Record, Download Record Archive and Download PDF Archive Buttons

  New Copy Record, Download Record Archive and Download PDF Archive buttons at the top of a record in iExperiment.

• Sponsoring Institution options have been added to the experiment properties file. The options are:
  • admin: Where the sponsored institution will be the primary administrator (institution key = 1).
  • author: Where the institution of the author’s active research period will be used.
  • key=: The sponsoring institution key will be identified by its database key; Example key=23

  In this AMI the sponsoring institution option is “admin”.

• Bug Fix: The material Oracle was failing to add materials that lacked a lot or serial number.
• Bug Fix: Sections containing no text, such as a Summary section with only the material produced, were not being displayed from a record archive in a web browser, despite being contained in the record archive.

Evaluating iExperiment an Enterprise Electronic Notebook

It’s easy for you to evaluate iExperiment through Amazon Web Services. A three-part tutorial is available, under the Free Trial tab in the navigation bar above, to guide you through i) the creation of an Amazon Elastic Compute Cloud instance using the iExperiment AMI, ii) configuration of iExperiment, and iii) adding your first researcher.

Browser Compatibility of iExperiment

iExperiment is built on Google Web Toolkit and is not compatible with all browsers. Currently, iExperiment works with Mozilla’s FireFox and Google’s Chrome, but does not work with Microsoft’s Internet Explorer or Apple’s Safari. Both Safari and Internet Explorer suffer from the same two problems:

1. The text editor fails to maintain preexisting text.
2. The file drag-and-drop capability introduces characters into the file names in Safari, and does not work at all in Internet Explorer.

Structural Studies of the 26S Proteasome

Stefan Bohn, Max-Planck Institute of Biochemistry, Martinsried, Germany

 
Image from the “Molecular Architecture of the 26S Proteaseome Holocomplex” produced at Max Planck Institute of Biocehmistry, Department of Molecular Structural Biology, showing the arrangement of the non-ATPase regulatory proteins.

Dr. Bohn presented their work on the the 26S Proteasome. The proteasome degrades unfolded proteins that have been tagged with multiple ubiquitins. The 45 nm long by 20 nm wide rod shaped proteasome is built up of approximately 35 protein subunits. The poly-ubiquinated proteins are recognized by the Regulatory protein non-ATPase 10 (Rpn-10) near one end of the proteasome and peptides come out the other end. Crystal structures of many of the proteasome proteins have been solved, including that of the proteolytic core particle (CP) which has 7-fold rotational symmetry. The overall structure of the S. pombe at approximately 8.4 Å resolution was obtained using cryoelectron microscopy and single particle analysis. A variety of techniques to apply constraints between the subunits of the proteasome, including different labeling techniques of different proteins during the Cryo-EM studies, residue-specific chemical crosslinking, and proteomics methods. They created a beautiful video showing the showing the structure and how it is assembled, is coming soon to their Protease website.

Molecular Simulation Methods for Modeling Macromolecular Behavior in Vivo

Adrian Elcock, University of Iowa

 
Snapshot of a cytoplasm in a Brownian dynamics simulation courtesy Adrian Elcock, University of Iowa.

Dr. Elcock’s group has been working on methods to simulate large multi-component systems, up to and including whole cells. Given the computational limitations, his group has reduced the number of parameters in these large systems by grouping residues into a single pseudo-atom or treating proteins as rigid bodies. This has allowed them to take larger time steps, as large as 10-20 ns, a million times longer than what is normally used in a full-atom dynamic simulation. Dr. Elcock has posted several of these simulations on YouTube including his presentation on Biological Diffusion and Brownian Dynamics Brainstorm 2, and Cytoplasm Full Energy Model.

Visualizing and Interacting with the Molecular Cell

Art Olson, The Scripps Research Institute

 
ePMV PyAutodock screen shot courtesy Arthur Olson, The Scripps Research Institute.

Dr. Olson showed the state-of-the-art molecular and cellular graphics that his group has been developing, and demonstrated some of the tools he uses as a researcher and and a educator. Embedded Python Molecular Viewer (ePMV) is an open-source Python plug-in that runs molecular model tools inside of professional 3D animation applications. He demonstrated many interactive interfaces, including the docking of an inhibitor into the active site of a protein using PyAutodock/cAudodock. As he pushed the inhibitor into the site, residues that were interacting with the inhibitor would move out of the way in real time. You can view an ePMV-created video of the Fantastic Voyage Part 1: AutoFill on a synaptic vesicle with placeholder proteins and mock bilayer on YouTube.com.

Current State of High-Speed Atomic Force Microscopy: Its Advantages and Limitations

Toshio Ando, Kanazawa University, Kanazawa, Japan
High-speed Atomic Force Microscopy (AFM) is one of the few methods that allows us to see the dynamic motion of these supramolecular assemblies. This technique is able to visualize the motions on the subsecond to sub-100 millisecond time scales. Dr. Ando showed a high-speed AFM movie of myosin V “walking” on an actin filament, the stochastic nature of the myosin V step duration and the consistent forward progress of myosin V along the actin filament. The myosin V/actin system is ideal for these studies because myosin orients itself in such a way that it can be easily seen using the top-down view of the high-speed AFM technique. Several of these movies can be obtained from Kodera, N. et al. Video Imaging of walking myosin V by high-speed atomic force microscopy. Nature 486, 72-76 [2010]) supplementary material.

It’s easy for you to evaluate iExperiment through Amazon Web Services. A three-part tutorial is available, under the Free Trial tab in the navigation bar above, to guide you through i) the creation of an Amazon Elastic Compute Cloud instance using the iExperiment AMI, ii) configuration of iExperiment, and iii) adding your first researcher.

Completed PDF Records Implemented in iExperiment

iExperiment is now capable of generating an Adobe PDF document upon the completion of an experiment record. On the first page of the PDF record there is a signature area where both the author of the record and a witness can sign; see figure below. This is suitable for digital signatures, but may not be appropriate if you are still using hand-written signatures. Fortunately, the PDF creation process can be modified to meet these needs.

Figure: Top of a Completed PDF Record

The top of a completed PDF record prepared by iExperiment, Colabrativ’s enterprise electronic notebook. The record has been signed by the author, but has not been witnessed yet.

The creation of the completed record PDF is controlled by an EXtensible Stylesheet Language transformation (XSLT) file that can be modifed to meet the specific needs of the research organization. It is possible to change the XSLT file on the iExperiment server to:

• Add or remove signature lines.
• Change the styling for the record, including the font and font size.
• Add a watermark.
• If the signatures need to be placed on each page, the footer could be changed to contain the signature lines.

Browser Compatibility of iExperiment

iExperiment is built on Google Web Toolkit and is not compatible with all browsers. Currently, iExperiment works with Mozilla’s FireFox and Google’s Chrome, but does not work with Microsoft’s Internet Explorer or Apple’s Safari. Both Safari and Internet Explorer suffer from the same two problems:

1. The text editor fails to maintain preexisting text.
2. The file drag-and-drop capability introduces characters into the file names in Safari, and does not work at all in Internet Explorer.

The parallels to our understanding of biological processes are enlightening and therapeutic, and certainly not the intended message of the composer Stefano Rossetto. Biology is a complex process with many “voices” contributing to an observed behavior, such as disease progression. Modern biology has becoming exceedingly good at separating out the individual voices. But, just as the constructive and destructive harmonization of individual voices leads to an inspiring experience, a multitude of separate biological processes combine to create a limb bud or a disease condition. The challenge for us is to incorporate more of the complexity and dynamic behavior of biology into our thinking, models, diagnosis and treatments of disease.

If you have the opportunity to experience a live performance of a 40 to 50 voice Renaissance motet, I would highly recommend it.

The work flow for file drag and drop is as follows:

1. The user drops a file on to the client.
2. The client sends the drop element id and the file to the server in a multipart POST for storage and analysis.
3. The server sends back the POST response to the client with information on how to display the dropped file.
4. The client presents the uploaded file’s information to the user.

We are using cutting edge HTML5 APIs in our drag and drop implementation. Support of these APIs is not available in all browsers.

• This code works today in recent versions of Chrome and FireFox.
• In Safari there is an issue with extra characters being added to the file names, which also complicates the file type assignment.
• Internet Explorer does not currently support the required APIs.

The file drop event is handled by adding an “ondrop” attribute to the HTML elements. The “ondrop” attribute calls the droppedFile JavasScript routine that creates and sends an HTTP POST request to the server. Note that the first argument in the droppedFile JavaScript call is an “element-id”, and the event is the second argument. The drop element ID allows us to identify where the file was dropped on the page.

<table ondrop="event.stopPropagation();
               event.preventDefault();
               droppedFile('element-id', event);">

The “ondrop” element is created by the static addOnDrop method in a client side class (DropFileConnector).

/** Add an ondrop attribute to an element in the DOM, for example:
 * ondrop="event.stopPropagation(); droppedFile('element-id', event);"
 *
 * @param element DOM element
 * @param elementID Element Id to be sent to droppedFile routine.
 */
 public static void addOnDrop(Element element, String elementID) {
     element.setAttribute("ondrop",
         "event.stopPropagation(); droppedFile(\'" + elementID + "\', event);");
 }

The droppedFile JavaScript routine creates a FormData element which is transferred to the server using a multipart HTTP POST request. The first two items appended to the form are the drop element ID (dropElementID) and boundary that is used by the request onreadystatechange function. Two appends are made to the form for each file that is uploaded; the file length (line 16), and the file itself (line 17) are appended to the form. On lines 20-24 the information needed for the POST is created, and the upload handlers are attached to the request. Note that by using a FormData element we are able to eliminate the deprecated FireFox specific methods files[i].getAsBinary(), and replace request.sendAsBinary(postContent) with request.send(formData). These methods were used in our original post to added the files to the POST, and to send the POST, respectively.

The POST responses are handled by the request.onreadystatechange function on line 26-40, and are sent to the client through window.top.dropFileListener.droppedFile method (calls on lines 34 and 38.) Initially when the read state is 1 (readyState == 1) the file name and the MIME boundary are sent to GWT client application on lines 28-35. After succesful completion of the POST (readyState == 4), the POST response is forwarded to the GWT client application.

01  var boundary = null;
02
03  function droppedFile(dropElementID, event) {
04      if (window.File && window.FileList && window.top.dropFileListener) {
05          if (event.dataTransfer) {
06              url = secureURL + "upload";
07              boundary = "Colabrativ-" + Math.floor(999999999999999 * Math.random());
08
09              var formData = new FormData();
10              formData.append("drop-element-id", dropElementID);
11              formData.append("boundary", boundary);
12
13              var files = event.dataTransfer.files;
14
15              for (var i = 0; i < files.length; i++) {
16                  formData.append("file-length-" + i, files[i].size);
17                  formData.append("file-"        + i, files[i]);
18              }
19
20              var request = new XMLHttpRequest();
21              request.upload.onprogress = updateProgress;
22              request.upload.onload     = loaded;
23              request.upload.onerror    = loadError;
24              request.open("POST", url, true);
25
26              request.onreadystatechange = function() {
27                  if (this.readyState == 1) {
28                      var filesJSON = '"files":[';
29                      for (var i = 0; i < files.length; i++) {
30                          filesJSON = filesJSON + '"' + files[i].name + '"';
31                          if (i < files.length - 1) filesJSON = filesJSON + ', ';
32                      }
33                      filesJSON = filesJSON + ']'
34                      window.top.dropFileListener.droppedFile( '{' +
35                          '"requestBoundary": "' + boundary + '", ' + filesJSON + '}');
36                  }
37                  if (this.readyState == 4) {
38                     window.top.dropFileListener.droppedFile( request.responseText );
39                  }
40              }
41
42              request.send(formData);
43          }
44          else {
45              alert("Your browser does not support file drag and drop.  " +
46                    "We recommend that you upgrade your browser to one that supports HTML5, " +
47                    "such as Mozilla's FireFox or Google's Chrome.");
48          }
49      }
50      else {
51          alert("window.top.dropFileListener not found!");
52      }
53  }

The DropFileConnector class connects the dropFileListener in the JavaScript to the GWT code. The DropFileConnector class has a ClientSideDropFileSupport interface that defines the droppedFile method in the JavaScript. The observer (theObserver) is a static ClientSideDropFileSupport incidence that connects to the JavaScript droppedFile method to ClientSideDropFile’s droppedFile method.

package com.colabrativ.common.client; 

import com.google.gwt.dom.client.Element; 

public class DropFileConnector {
    /** Used to pass information to the GWT application. Register your implementations with
      *  {@link com.colabrativ.common.client.DropFileConnector#connect( ClientSideDropFileSupport)}
      */
    public interface ClientSideDropFileSupport {
        /** The page calls this method to send dropped file information to application
          *
          * @param json JSON string containing the file name information.
          */
        void droppedFile(String json);
    } 

    /** An observer of drop file events, supplied by the GWT application. */
    static private ClientSideDropFileSupport theObserver; 

    /**
      * Connect the GWT application to the drop file JavaScript. The observer is notified
      * whenever the user drops a file on the application area (id="app-area").
      *
      * @param observer
      */
     public static void connect( ClientSideDropFileSupport observer ) {
         theObserver = observer;
         connectToPanel();
     }

     // These methods are "glue" methods that let the simple JNDI call talk to the observer through its interface.
     @SuppressWarnings("all")
     private static void droppedFile(String s) { theObserver.droppedFile(s); }

     private static native void connectToPanel() /*-{
         var listener = new Object();
         listener.droppedFile = function(json) {
             json = unescape( json );
             @com.colabrativ.common.client.DropFileConnector::droppedFile( Ljava/lang/String;)( json );
         };

         $wnd.top.dropFileListener = listener;
     }-*/; 

     /**
       * Add an ondrop attribute to an element in the DOM, for example:
       * ondrop="event.stopPropagation(); droppedFile('element-id', event);"
       *
       * @param element DOM element
       * @param elementId Element Id to be sent to droppedFile routine.
       */
      public static void addOnDrop(Element element, String elementId) {
          element.setAttribute("ondrop",
              "event.stopPropagation(); droppedFile(\'" + elementId + "\', event);");
      }
} 

Finally, a DropFileConnector.connect call is made in a client class that handles the POST responses. Our upload servlet adds either an OKAY or a FAIL to the POST response that the DropFileConnector handles. In our implementation, the POST responses are encapsulated in JSON. The upload progress monitoring is also handled by the DropFileConnector. In our implementation, the MIME boundary is used as an Id for the upload, and the monitoring is managed by the singleton of the UploadManager class.

DropFileConnector.connect(
    new DropFileConnector.ClientSideDropFileSupport() {
        public void droppedFile(String response) {
            if (response.startsWith("OKAY:")) {
                String json = response.substring( response.indexOf(": ") + 2); // Remove OKAY:
                determineWhatToDoWithResponse(json);
            }
            else if (response.startsWith("FAIL:")) {
                // Do Nothing?
            }
            else {
                JSONObject responseJSON = (JSONObject) JSONParser.parseStrict( response );
                JSONString boundaryJSON = (JSONString) responseJSON.get( UploadResponse.requestBoundary);

                if (boundaryJSON != null) {
                    String boundary = boundaryJSON.toString();
                    JSONArray filesJSON = (JSONArray) responseJSON.get( UploadResponse.files);

                    if (filesJSON != null) {
                        UploadManager.getInstance().addProgressDialog( boundary, filesJSON);
                    }
                    else {
                        UploadManager.getInstance().update( boundary, responseJSON);
                    }
                }
            }
        }
    }
); 

Several resources helped us create our file drag and drop; these included:

1. W3C XMLHttpRequest Level 2 http://www.w3.org/TR/XMLHttpRequest2/
2. W3C File API http://www.w3.org/TR/file-upload/
3. Using FormData object in Mozilla’s Developers Network page on Using XMLHttpRequest at https://developer.mozilla.org/En/XMLHttpRequest/Using_XMLHttpRequest#Using_FormData_objects
4. How to Use HTML5 File Drag & Drop by Craig Buckler at http://www.sitepoint.com/html5-file-drag-and-drop/
5. XHR progress and rich file upload feedback by Austin King at http://hacks.mozilla.org/2009/06/xhr-progress-and-richer-file-uploading-feedback/

iExperiment Public Machine Image on the Amazon Management Console

Why We Choose to Use Amazon Web Services

1. Control of Experiment Information: A research organization’s experiment records are the foundation of its intellectual property, and, as such, must be stored in a way that allows the research organization to maintain control over these records. We feel that Software as a Service (SAAS) electronic notebook solutions do not offer the same level of control as having your experimental data on a server you control.
2. Convenience of Cloud Computing: Using an Amazon Machine Image allows us to set up the iExperiment server for you. All you need to do is configure the instance and start the instance’s services. In addition, Amazon’s Elastic Compute Cloud (EC2) is one of the lower cost cloud service providers.
3. Support: Amazon has one of the largest cloud services user communities to draw upon to answer questions that you may have about running your EC2 instance. You can also always contact us at here at colabrativ.com.
4. Server Security: Amazon facilities are Statement on Auditing Standard No. 70 (SAS70) compliant. They completed the Type II audit in 2009, so you know they are doing everything they can to keep your data secure.

Other iExperiment Hosting Options

Amazon Web Services may not be the right solution for you for any number of reasons, including: AWS places the responsibility of the enterprise application setup and maintenance on the client’s administrator; or, you may not be comfortable with the security in a cloud computing environment. If this is the case, you can contact us and we can work with you to install our electronic notebook, iExperiment, either at your facility or at another full-service SAS70-compliant cloud service provider.

The SAFE-BioPharma Association is a non-profit association formed by a group of pharmaceutical companies, including AstraZeneca, Pfizer and Johnson&Johnson, to establish a digital signature standard (SAFE-BioPharma digital signature) for the biopharmaceutical industry that would be accepted by federal agencies, such as the Food and Drug Administration. The driving force behind the need for digital signatures is cost and time savings that digital records enable. The acronym SAFE stands for Signatures and Authentication For Everyone.

Selection of SAFE-BioPharma Digital Signatures

Colabrativ, Inc. selected SAFE-BioPharma™ Digital Signatures for the following reasons.

• SAFE-BioPharma digital signatures are accepted by all of United States federal agencies (see SAFE-BioPharma is Cross Certified with Federal Bridge Certificate Authority), regulatory agencies in 27 European Union countries, and a majority of the pharmaceutical industry companies that utilize digital signatures. They are 21 CFR Part 11 compliant.
• SAFE-BioPharma offers both hardware and software based digital certificates. We were particularly interested in a digital certificate that an individual has control of, i.e. a digital certificate token (Aladdin eToken). Many digital signature options are signature services, where an individual’s certificate is accessed through the internet.
• There are three ways of identity proofing: online, use of a Notary, and Trusted Agent model identity proofing. We used both the online and a notary to establish the identities of our staff and a service provider. We felt that it was important to have an independent person establish an individual’s identity, and therefore we did not establish a SAFE-BioPharma Trusted Agent within Colabrativ, Inc.
• The SAFE-BioPharma™ Association has a large collection of information on digital signatures, and their use in their Info Center. In addition, members have access to the SAFE Implementation Toolkit that contains documents supporting the implementation of SAFE digital signatures.
• Cost ‐ We found that SAFE-BioPharma membership was one of the least expensive digital signature options. The cost of a SAFE-BioPharma membership is as little as $50 per user per year. Membership has a five person, three year minimum.
• The SAFE-BioPharma digital identity service is managed by Verizon Communications Inc.

Documents with Both Digital and Non-digital Signatures

There are a lot of organizations that we deal with that are not accustomed to digital signatures, and do not understand how they work. A digital signature is a wrapper around a document that both ensures that the document has not been changed since it was signed, and identifies the individual that signed the document in a verifiable way. I actually like Surety’s modern-day wax seal analogy. A nobleman’s wax seal both identified the sender of the letter and ensured that the envelope containing the letter had not been open or tampered with.

If you are an organization that does not have digital signatures for your staff, and are working with an organization that does, then you should observe the following procedure when jointly signing a document:

1. Printout the signature page and sign it.
   You may need to find an acceptable solution to a situation in which you do not want to sign the document before the other party has signed it. If you require this of an organization that would like a digitally signed document, you are doing them a disservice, because once you print out and scan the signature page, the digital signature can no longer be validated.
2. Compile the body of the document and scanned signature page into an electronic version.
   We use Adobe Acrobat X Pro to insert the scanned signature into a PDF document. We typically create a Microsoft Word version of the document without the signature page, open it with Acrobat, and then use the Tools – Pages – More Insert Options – Insert from Clipboard function in Acrobat to add the scanned signature page to the bottom of the document.
3. Send the document to the other party for their digital signature.

What you will get back is a document that has the benefits of a digital signature. It cannot be changed without invalidating the digital signature. If it has a SAFE-BioPharma digital signature on it, you will know that it is accepted by all of the federal agencies.

Digital Signatures Display

One final note – digital signatures are large (see below). They are difficult to read if they are squeezed into a typically signature box. This is not really an issue, since most programs that recognize and validate digital signatures allow you to examine the signature information. If for nothing else but esthetics, it is worth considering enlarging the signature area for a document that will be digitally signed.

Example of a Digital Signature

SAFE-BioPharma™ is a trademark of the SAFE-BioPharma Association.

Our goal is to enhance the Clearity database ability to track the patient outcomes in a retrospective analysis.  The current database was developed by Michael L. Petka.  It works well for the profiling and reporting needs of the organization.  However, Mike is currently occupied with other aspects of database enhancement. 

In order to ensure the privacy of the patient, we needed a test database that did not contain any actual patient information. In this blog I will describe how we created a test Patients table in Excel.

The Patients table was created by Michael L. Petka, and is made up of the following columns:

Patient Identification Key

The patient identification key (PatientID) is a sequential numbering of the patient rows.

Patient Name

We were fortunate to find a table of 10,000 random names at The ColdFusion Open Source Software Blog. In addition to the columns we needed, this database has complete name strings, both first name first, and last name first. The first name, last name and middle initial columns were cut and pasted into our test Patients table in Excel.

Patient Sex

The sex of the random names was determined in Excel by comparing the first name of a random name with a list of girls’ names from RandomNames.com. If the name matched, F (female) was assigned, otherwise M (male) was assigned, using the function below.

=IF(EXACT(A5,LOOKUP(A5,I$2:I$895)),"F","M")

Street Address

We found 261 of the most popular neighborhood street names at Living Places. We generated random house numbers and random street names, then concatenated them together in Excel.

=INT(11000*RAND())

=INDIRECT("StreetNames!B"&RANDBETWEEN(2,262))

=CONCATENATE(A5," ", B5)

City, State and ZIP code

A table containing city, state and ZIP codes of 80,810 places was downloaded from A Free Zip Code Database as the Excel file free-zipcode-database.xlsx. This file has more than just city, state and ZIP codes. It also includes type (STANDARD, PO BOX ONLY, MILITARY, etc.), county name, latitude, longitude, population, land area and water area. In Excel, the table was sorted on type, for we only wanted to use types STANDARD and PO BOX ONLY. After removing everything else, the list was reduced from 80,180 to 73,756 entries. We then generated 10,000 random ZIP keys to match up with our 10,000 random names in Excel using RANDBETWEEN(2,73757). All of this was stored in the City worksheet in Excel. In the Patients table (worksheet), the city, state and ZIP codes were added using arandom ZIP code key. The city name was capitalized using the PROPER function; see below.

=PROPER(INDIRECT("City!D"&City!M5))

=INDIRECT("City!E"&City!M5))

=INDIRECT("City!A"&City!M5))

Social Security Number

A random social security number (SSN) was generated for each fictitious patient by concatenating three RANDBETWEEN operations together; see below.

=CONCATENATE(RANDBETWEEN(100,999),"-",RANDBETWEEN(10,99),"-",MID((RANDBETWEEN(10000,19999)),2,4))

Date of Birth

We wanted a normal distribution of birthdays, so we randomly seeded the NORMINV function with random value between 0 and 1. We used a mean of 21,000 (June 29, 1957) and a standard deviation of 5,000 days (13.7 years) in the NORMINV function to get an acceptable distribution; see below.

=NORMINV(RAND(),21000,5000)

Telephone Number

Random telephone numbers were generated in the same manner as the social security numbers, by concatenation of three RANDBETWEEN operations; see below.

=CONCATENATE(INT(RANDBETWEEN(100,999)),"-",INT(RANDBETWEEN(100,999)),"-",MID((RANDBETWEEN(10000,19999)),2,4))

Email Address

Fictitious patient email addresses were constructed from each fictitious patient’s first name, last name and the domain name “@example.com”; see below.

=CONCATENATE(C5,".",B5,"@example.com")

Stability of the Excel Random Cells

We found that the randomly created cells in Excel were not stable. If such a cell were edited, previous random values would be regenerated, effecting all the cell that depended on that random number. Therefore, the final step was to write out the Patients worksheet as a comma-separated values (CSV) file, and then to read the CSV back into Excel. In this way we were able to create a stable test Patients table in Excel.

In my previous post, I described the Setup of Amazon’s Elastic Compute Cloud (EC2) Server for iExperiment, our enterprise electronic notebook application. That post covered the following topics:

• iExperiment Server Requirements
• Setup of Amazon Web Services EC2 Instance
• Creating and Attaching an Elastic Block Storage Volume (optional)
• Assigning URL of the iExperiment EC2 Server on the DNS Server

You may want to take a quick look at iExperiment Server Requirements.

In this post we will go over the setup and configuration of the EC2 server and the installation and setup of iExperiment on it. Topics in this post include:

• Updating the EC2 Server
• Mounting Elastic Block Storage Volume (optional)
• Installing MySQL
• iExperiment Database Setup
• SSL Certificate Creation
• Set Up of Apache and Tomcat
• Adding index.html
• iExperiment Applications Installation
• Removing Port 8443 from HTTPS Requests

The majority of these tasks are preformed on the iExperiment EC2. Tests of the server’s operation were made using Firefox 5. We use PuTTY to log onto our EC2 server (Instructions can be found in an Amazon appendix on PuTTY.

> sudo yum update
...
===============================================================================
Install       1 Package(s)
Upgrade      47 Package(s)

Total download size: 113 M
Is this ok [y/N]: Y
...
Importing GPG key 0x21C0F39F "Amazon Linux AMI (Beta)
" from /etc/pki/rpm-gpg/RPM-GPG-KEY-amazon-beta
Is this ok [y/N]: Y

> sudo yum install xfsprogs
Is this ok [y/N]: y

> more /proc/partitions
major  minor  #blocks  name
 202        1    8388608 xvda1
 202       80   10485760 xvdf

> sudo mkfs.xfs /dev/sdf
meta-data=/dev/sdf               isize=256    agcount=4, agsize=65536 blks
         =                       sectsz=512   attr=2
data     =                       bsize=4096   blocks=2621440, imaxpct=25
         =                       sunit=0      swidth=0 blks
naming   =version 2              bsize=4096   ascii-ci=0
log      =internal log           bsize=4096   blocks=2560, version=2
         =                       sectsz=512   sunit=0 blks, lazy-count=1
realtime =none                   extsz=4096   blocks=0, rtextents=0sudo vi /etc/fstab

> sudo mkdir /ebs1

> sudo cp -p /etc/fstab /etc/fstab.orig
> sudo vi /etc/fstab
> more /etc/fstab
#
LABEL=/     /           ext4    defaults,noatime  1   1
tmpfs       /dev/shm    tmpfs   defaults        0   0
devpts      /dev/pts    devpts  gid=5,mode=620  0   0
sysfs       /sys        sysfs   defaults        0   0
proc        /proc       proc    defaults        0   0
/dev/xvdf   /ebs1       xfs     noatime         0   0

> sudo mount /ebs1

> sudo mkdir /ebs1/etc
> sudo mkdir /ebs1/etc/mysql
> sudo mkdir /ebs1/lib
> sudo mkdir /ebs1/lib/mysql
> sudo mkdir /ebs1/log
> sudo mkdir /ebs1/log/mysql
> sudo mkdir /ebs1/log/iexperiment
> sudo mkdir /ebs1/local/iexperiment

> sudo mkdir /etc/mysql
> sudo mkdir /var/lib/mysql
> sudo mkdir /var/log/mysql
> sudo mkdir /var/log/iexperiment
> sudo mkdir /var/local/iexperiment

> sudo vi /etc/fstab
> more /etc/fstab
#
LABEL=/     /           ext4    defaults,noatime  1   1
tmpfs       /dev/shm    tmpfs   defaults        0   0
devpts      /dev/pts    devpts  gid=5,mode=620  0   0
sysfs       /sys        sysfs   defaults        0   0
proc        /proc       proc    defaults        0   0
/dev/xvdf   /ebs1       xfs     noatime         0   0
/ebs1/etc/mysql          /etc/mysql              none    bind
/ebs1/lib/mysql          /var/lib/mysql          none    bind
/ebs1/log/mysql          /var/log/mysql          none    bind
/ebs1/log/iexperiment    /var/log/iexperiment    none    bind
/ebs1/local/iexperiment  /var/local/iexperiment  none    bind

> sudo mount /etc/mysql
> sudo mount /var/lib/mysql
> sudo mount /var/log/mysql
> sudo mount /var/log/iexperiment
> sudo mount /var/local/iexperiment

> sudo mkdir /ebs1/etc
> sudo mkdir /ebs1/lib
> sudo mkdir /ebs1/log
> sudo mv /etc/mysql     /vol/etc/
> sudo mv /var/lib/mysql /vol/lib/
> sudo mv /var/log/mysql /vol/log/

> sudo mkdir /etc/mysql
...

> sudo yum install mysql
Is this ok [y/N]: y

> sudo yum install mysql-server
Is this ok [y/N]: y

> sudo service mysqld start
Initializing MySQL database:  Installing MySQL system tables...
OK
Filling help tables...
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:

/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h ip-10-176-31-62 password 'new-password'

Alternatively you can run:
/usr/bin/mysql_secure_installation

which will also give you the option of removing the test
databases and anonymous user created by default.  This is
strongly recommended for production servers.

See the manual for more instructions.

You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &

You can test the MySQL daemon with mysql-test-run.pl
cd /usr/mysql-test ; perl mysql-test-run.pl

Please report any problems with the /usr/bin/mysqlbug script!

[  OK  ]
Starting mysqld:                                           [  OK  ]

> /usr/bin/mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!
    

> mysql -h localhost -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 5.1.52 Source distribution

Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL v2 license

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> create user 'iexperiment'@'localhost' identified by 'iexperimentpassword';
Query OK, 0 rows affected (0.00 sec)

mysql> grant usage on *.* to 'iexperiment'@'localhost';
Query OK, 0 rows affected (0.00 sec)

mysql> grant all privileges on *.* to 'iexperiment'@'localhost';
Query OK, 0 rows affected (0.00 sec)

mysql> exit
Bye
    

> sudo mkdir /var/log/iexperiment
> sudo mkdir /var/local/iexperiment
> sudo mkdir /var/local/iexperiment/ddl
    

> pushd /var/local/iexperiment/ddl
/var/local/iexperiment/ddl ~
> ls -lt
total 136
-rw-rw-r-- 1 root root   917 Jul 17 21:22 initial_setup.sql
-rw-rw-r-- 1 root root  3465 Jul 17 21:08 insert_permissions_START-UP.sql
-rw-rw-r-- 1 root root   944 Jul 17 21:08 insert_admin_START-UP.sql
-rw-rw-r-- 1 root root 22612 Jul 14 17:33 create_tables.sql
-rw-rw-r-- 1 root root 73893 Jul 14 17:09 insert_record_categories.sql
-rw-rw-r-- 1 root root 18355 Jul 14 17:09 create_constraints.sql
-rw-rw-r-- 1 root root   932 Jul 14 17:08 insert_admin.sql

> mysql -h localhost -u iexperiment -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 5.1.52 Source distribution

Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL v2 license

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show grants;
+-----------------------------------------------------------------------------------------------------------------------------+
| Grants for iexperiment@localhost                                                                                            |
+-----------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'iexperiment'@'localhost' IDENTIFIED BY PASSWORD '*BAA33824FACE624B5B0AAC8A604733A5648A7A6B' |
+-----------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)

mysql> create database iexperiment;
Query OK, 1 row affected (0.00 sec)

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| iexperiment        |
| mysql              |
+--------------------+
3 rows in set (0.00 sec)

mysql> use iexperiment;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> source initial_setup.sql;

Query OK, 1 row affected (0.00 sec)
.
.
.
Query OK, 1 row affected (0.00 sec)

mysql> show tables;
+------------------------+
| Tables_in_iexperiment  |
+------------------------+
| admin_group_member     |
| ...
| version                |
+------------------------+
55 rows in set (0.00 sec)

mysql> select * from version;
+-------------+----------------------------------+
| version_num | comment                          |
+-------------+----------------------------------+
|           6 | May 25, 2010 - Switch to Records |
+-------------+----------------------------------+
1 row in set (0.00 sec)

mysql> exit
Bye
  

> sudo mkdir /usr/etc/cert
> cd /usr/etc/cert

> sudo keytool -genkey -alias tomcat -keypass sslcert1 -keystore temp.iexperiment.bin -storepass sslcert1
What is your first and last name?
[Unknown]:  Marc Whitlow
What is the name of your organizational unit?
[Unknown]:
What is the name of your organization?
[Unknown]:  Colabrativ, Inc.
What is the name of your City or Locality?
[Unknown]:  El Sobrante
What is the name of your State or Province?
[Unknown]:  California
What is the two-letter country code for this unit?
[Unknown]:  US
Is CN=Marc Whitlow, OU=Unknown, O="Colabrativ, Inc.", L=El Sobrante, ST=California, C=US correct?
[no]:  y

> ls -l
total 4
-rw-r--r-- 1 root root 1292 Jul 18 02:30 temp.iexperiment.bin
    

> sudo yum install httpd
Is this ok [y/N]: y

> sudo yum install tomcat6
Is this ok [y/N]: y

> sudo yum install tomcat6-webapps
Is this ok [y/N]: y

> sudo yum install mod_ssl
Is this ok [y/N]: y

> sudo service httpd start
Starting httpd:                                            [  OK  ]
> sudo service tomcat6 start
Starting tomcat6:                                          [  OK  ]
    

> cd /etc/tomcat6
> sudo cp -p server.xml server.xml.orig
> sudo vi server.xml
> diff server.xml.orig server.xml
83,88c83,92
<     
<
---
>
>                     protocol="HTTP/1.1"
>                SSLEnabled="true"
>                maxThreads="150"
>                scheme="https" secure="true"
>                clientAuth="false" sslProtocol="TLS"
>                keystoreFile="/usr/etc/cert/temp.iexperiment.bin"
>                keystorePass="sslcert1" />

> sudo service tomcat6 restart
Stopping tomcat6:                                          [  OK  ]
Starting tomcat6:                                          [  OK  ]
    

> sudo service tomcat6 stop
Stopping tomcat6:                                          [  OK  ]

> sudo mkdir /var/local/iexperiment/attachments
> sudo mkdir /var/local/iexperiment/lucene
> sudo chown -R tomcat:tomcat /var/local/iexperiment/*

> cd /var/lib/tomcat6/webapps/
> ls -lt
total 12
drwxrwxr-x 5 root tomcat 4096 Jul 14 14:53 sample
drwxrwxr-x 5 root tomcat 4096 Jul 14 14:53 examples
drwxrwxr-x 3 root tomcat 4096 Jul 14 14:53 ROOT

> sudo mkdir record
> sudo mkdir admin
> sudo mkdir resetPassword
> sudo chgrp tomcat *

# Begein of admin application configuration.
> pushd admin
> sudo unzip ../admin.war

# After uploading Admin.html
> sudo chown -R root:root *.html

# After uploading deployment specific images to the images diectory.
> pushd images
> sudo chown -R root:root *
> popd

# After uploading the deployment specific properties files
# to the WEB-INF/classes directory
> pushd WEB-INF/classes/
> sudo chown -R root:root *.properties
> ls -lt
total 28
-rw-rw-r-- 1 root root 1287 Jul 14 18:33 log4j.properties
-rw-rw-r-- 1 root root 2020 Jul 14 18:33 iexperiment.properties
-rw-rw-r-- 1 root root 1514 Jul 14 18:33 dbpool.properties
drwxr-xr-x 3 root root 4096 Jul 14 17:49 net
drwxr-xr-x 3 root root 4096 Jul 14 17:49 org
drwxr-xr-x 4 root root 4096 Jul 14 17:49 com
-rw-r--r-- 1 root root 1370 May  3 19:05 mail.properties

# End of admin application configuration.
# Repeat for the record and resetPassword applications. 

> sudo service tomcat6 start
Starting tomcat6:                                          [  OK  ]
    

> sudo iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443
> sudo iptables -t nat -I OUTPUT -p tcp --dport 443 -j REDIRECT --to-ports 8443

> sudo iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
REDIRECT   tcp  --  anywhere             anywhere            tcp dpt:https redir ports 8443

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
REDIRECT   tcp  --  anywhere             anywhere            tcp dpt:https redir ports 8443

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

> sudo iptables-save > iptables.conf
> more iptables.conf
# Generated by iptables-save v1.4.7 on Thu Sep  8 03:32:23 2011
*nat
:PREROUTING ACCEPT [5:300]
:OUTPUT ACCEPT [50:3801]
:POSTROUTING ACCEPT [50:3801]
-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
-A OUTPUT -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
COMMIT
# Completed on Thu Sep  8 03:32:23 2011

> sudo cp -p iptables.conf /etc/.
> sudo chown -R root:root /etc/iptables.conf
> sudo ls -l /etc/iptables.conf
-rw-rw-r-- 1 root root 332 Sep  8 03:32 /etc/iptables.conf

> sudo vi /etc/rc.local
> more /etc/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local
/sbin/iptables-restore < /etc/iptables.conf
    

Closing Remarks

iExperiment run on a typical AWS Apache Tomcat deployment.

Resources

1. “Configuring MySQL to use the EBS volume” section of Eric Hammond’s article on Running MySQL on Amazon EC2 with EBS (Elastic Block Store).
2. Installing Apache Tomcat on Linux by Werner Puschitz.
3. How Do I Save Iptables Rules or Settings? by Vivek Gite.

In this post and in the following post, I will show you how we setup our enterprise electronic notebook application, iExperiment, on an Amazon EC2 server. This first post covers the launch of the Amazon EC2 server and attachment of Elastic Block Storage volume to the server. The cloud equivalent of purchasing a server and disk, plugging it in, and connecting it to the network. Experienced Amazon EC2 administrators may want to take a quick look at iExperiment Server Requirements and then move on to the second post on the setup and configuring of an EC2 server for iExperiment.

• iExperiment Server Requirements
• Setup of Amazon Web Services EC2 Instance
• Creating and Attaching an Elastic Block Storage Volume (optional)
• Assigning URL of the iExperiment EC2 Server on the DNS Server

In the second post we will go over the setup and configuration of the EC2 server and the installation and setup of iExperiment on it. Topic in the post include:

• Updating the Server
• Installing MySQL
• iExperiment Database Setup
• Mounting Elastic Block Storage Volume (optional)
• SSL Certificate Creation
• Setup Apache & Tomcat
• Adding index.html
• iExperiment Applications Installation

iExperiment Server Requirements

The requirements of our enterprise electronic notebook application, iExperiment, are:

1. Linux hosting web environment: We normally use Apache and Tomcat.
2. MySQL database.
3. Mail server: By default iExperiment uses the iExperiment.net mail server.

In addition to these requirements, we recommend that you have the following before setting up iExperiment.

1. A subdomain name under your domain name for iExperiment, for example iexperiment.example.org.
2. An administrator mail address on your mail server, e.g. admin@example.org.

Setup of Amazon Web Services EC2 Instance

If you are not familiar with Amazon Web Services, we recommend that you read the Amazon Elastic Compute Cloud Getting Started Guide. There you can find instructions on how to sign up for Amazon EC2, which tell you to “Go to http://aws.amazon.com/ec2, click on the Sign Up for Amazon EC2, and follow the on-screen instructions.”

After signing on in the Amazon Management Console, and selecting a region, the following tasks are performed.

1. Select an Amazon Region for the iExperiment Server

   Select a Region from the region pull-down menu at the top of the Navigation panel. We are in Northern California, so we normally select the US West (N. California) region.

2. Create Security Group

   Open the Security Groups panel by clicking on its link under NETWORK & SECURITY in the Navigation panel.

   1. Click on the “Create Security Group” button at the top of the Security Group panel.
      This will bring up the “Create Security Group” popup.
   2. In the “Create Security Group” popup, fill in the following information:
      

      Name:	iExperiment
      Description:	iExperiment open ports: 22 (SSH), 80 and 8080 (HTTP), and 443 and 8443 (HTTPS)
      VPC:	No VPC

      Then click on the “Yes, Create” button.

   3. Click on the iExperiment security group, and click on the “Inbound” tab.
   4. In the “Inbound” tab add the following rules:
      1. From the “Create a new rule” pull-down menu, select “SSH”,
         then click on the “Add Rule” button.
      2. From the “Create a new rule” pull-down menu, select “HTTP”,
         then click on the “Add Rule” button.
      3. From the “Create a new rule” pull-down menu, select “HTTPS”,
         then click on the “Add Rule” button.
      4. From the “Create a new rule” pull-down menu, select “Custom TCP rule”,
         enter the “port range” of 8080,
         then click on the “Add Rule” button.
      5. From the “Create a new rule” pull-down menu, select “Custom TCP rule”,
         enter the “port range” of 8443,
         then click on the “Add Rule” button.
         
         The resulting security table contains the following rules:
         
         
      6. After adding all of the Rules, click on the “Apply Rule Changes” button at the bottom of the Inbound* tab.

    

3. Create Key Pair

   Open the Key Pairs panel by click on its link under NETWORK & SECURITY in the Navigation panel.

   1. Click on the “Create Key Pair” button at the top of the Key Pairs panel.
      This will bring up the “Create Key Pair” popup.
   2. Supply a “Key Pair Name”, then click on the “Create” button.
      Amazon will create the key pair and download the file to you.
      Save the .pem file somewhere accessible to you.

    

4. Launch EC2 Instance

   Open the Instances panel by clicking on its link under INSTANCES in the Navigation panel.

   1. Click on the “Launch Instance” button at the top of the My Instances panel.
      This will bring up the “Request Instances Wizard” popup.
   2. Click the “Select” button to the right of the “Basic 32-bit Amazon Linux AMI 2011.02.1 Beta” under the “Quick Start” tab in the Request Instances Wizard.
   3. Fill in the Instance Details:
      

      Instance Details

      Number of Instances:	1
      Availability Zone:	us-west-1a
      Instance Type:	Small (m1.small, 1.7 GB)

      Then click on the “Continue” button at the bottom of the popup.

   4. We normally change nothing in the “Advanced Instance Options“.
      Click on the “Continue” button at the bottom of the popup.
   5. If you have multiple EC2 instances, you may want to add Tags to the iExperiment instance.
      Click on the “Continue” button at the bottom of the popup.
   6. Choose the “Choose from your existing Key Pairs” option, then select the key pair for iExperiment from a “Your existing Key Pair” pull-down menu.
      Click on the “Continue” button at the bottom of the popup.
   7. Choose the iExperiment security group using the “Choose one or more of your existing Security Groups” option from list of security groups, then
      click on the “Continue” button at the bottom of the popup.
   8. Review the configuration of your EC2 Instance request, then
      click on the “Launch” button at the bottom of the “Request Instances Wizard” popup.
      

   It’s worth noting the id, Availability Zone, and Public DNS of the EC2 instance you created by clicking on the instance in the “My Instances” panel.

5. Create an Elastic IP

   Amazon’s Elastic IP Addresses are static IP addresses that you can associate with an Amazon EC2 server. Open the Addresses panel by clicking on the Elastic IPs link under NETWORK & SECURITY in the Navigation panel.

   1. Click on the “Allocate New Address” button at the top of the “Addresses” panel.
      This will bring up the “Allocate New Address” popup.
      Click on the “Yes, Allocate” button in the popup.
      This will create a new address.
   2. Click on the new Elastic IP address and select Associate Address.
      This will bring up the “Associate Address” popup.
      Select the iExperiment EC2 Instance from the “Instance” pull-down list and
      click on the “Yes, Associate” button in the popup.

   The eleastic IP address will be needed when setting up the Domain Name Server, below, so make a note of it.

Creating and Attaching an Elastic Block Storage Volume (optional)

We highly recommend that you place your experiment records created in iExperiment on an EC2 server in an Elastic Block Storage (EBS) volume. EBS isolates your data from the server failures and its scalable. An existing volume can be copied to a large volume as your iExperiment records increase. From the Amazon Management Console open the EBS Volumes panel by clicking on the Volumes link under ELASTIC BLOCK STORE in the Navigation panel.

1. Click on the “Create Volume” button at the top of the “EBS Volumes” panel.
   This will bring up the “Create Volume” popup.
2. In the “Create Volume” popup enter a volume Size, and Availability Zone.
   The volume Size you choose will primarily depend on the size of the figures and attachment the researchers using iExperiment plan to associate with their experiment records. 10 GiB is a good starting size. The Availability Zone must be the same as the iExperiment instance.
   Click on “Yes, Create” button in the popup.
3. Click on the EBS volume you just created and select “Attach Volume”.
   This will bring up the “Attach Volume” popup with Volume already filled in.
   Select the iExperiment EC2 instance, shown by id, from the Instances pull-down menu.
   Click on the “Yes, Attach” button in the popup to attach the EBS volume to the iExperiment instance.

Assigning URL of the iExperiment EC2 Server on the DNS Server

Here we will use the domain name temp.iExperiment.net, but you will be using a sub-domain of your domain such as iexperiment.example.com. We are using Kattare Internet Services for our DNS server. There we associate the AWS Elastic IP address with both the sub-domain and its secure variant in the iExperiment Zone File: