Version 6 (modified by aydan, 10 years ago)


Notes for setting up Orca on a remote machine (connecting to SVN via https)


  • Java = 1.5
  • Ant >= 1.7 (NOT the Debianized version)
  • Maven >= 2.0.6
  • Maven tasks for ant, installed in your ant's lib directory
  • Subversion client with https:// protocol support
  • A login that works against
  • wget (any version)

Check out Orca's Top-level POM project

svn co pom
cd pom
mvn install

This will obtain a copy of the project and install it in your local repository. However, this will be a development version (-SNAPSHOT) and most Orca projects refer to a release version of the POM file. To obtain a given released version of the POM file use the script:


The last release version of the POM file is 1.0. To install it in your local repository use:

   ./ 1.0

Check out Modules

The Orca repository at is factored into many sub-projects. Some Examples: Core orca Maven descriptor The core (includes mysql schemas) The Orca web portal EC2/Eucalyptus handler

Most of these SVN projects build Maven artifacts (eg .../orca/core/trunk builds the orca.core POM). This is nice because if you only want to work on one part of the tree (eg handlers/ec2/trunk) you only need check out that part of the tree. When you build with Maven, prebuilt packages for all the other components you need will be downloaded and used. This does present a couple of problems, though:

  1. Maven needs to be able to find the remote repository we use (
  2. Maven doesn't like talking to https:// servers with a self-signed certificate

Fixing SSL errors

An easy solution to the first problem requires solving the second one first. In order for Java to trust the CA that signed the SSL certificate used by we need to import this into the Java-local keystore with Keytool

Assuming $JAVA_HOME is defined (eg export JAVA_HOME="/Library/Java/Home" on OS X) the following horrible one-liner will do this:

echo |openssl s_client -connect 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo keytool -import -trustcacerts -alias geni-orca -keystore  $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt

This uses openssl to retrieve the CA cert, then tells keytool to add the certificate to its trusted CA list. "changeit" is the default keystore password.

Telling Maven about the repository

You could do this by editing files in ~/.m2/settings.xml (at least I think so). I find it's easier just to

 svn checkout pom
 cd pom
 mvn install

Once you've done this a local package with information about the Orca project (and its repository at will be placed in your ~/.m2 directory.