Viewer is broken

Owned by Former user (Deleted)
Last updated: Apr 04, 2018
2 min read

If the site works but the viewer is broken, it is either an issue with the code (check chf-sufia for recent commits or changes) or it may be an issue with the system.

Right now the viewer's data is stored entirely in Amazon S3 buckets. If the viewer is broken something may be wrong with them.

  1. Go to https://status.aws.amazon.com/ and check for the S3 bucket health in the N. Virginia region. If they show as unhealthy, the issue is an AWS-wide problem. This also means derived image downloads will be broken likely.
    1. If S3 Oregon is healthy and we can ask curators to pause adding new works, we can switch to our backup
      1. Go to ansible's code. We will be changing the value for dzi_s3_bucket in local_env.yml, which is called dzi_bucket
      2. The dzi bucker variable can be found in group_vars/SERVICE_LEVEL (prod)
      3. Switch the value of dzi_bucket to chf-derivatives-backup
      4. Remind curators not to make new works, the backup bucket does not sync new added items to the normal bucket. If someone adds a new object, the object(s) will need to have their tiles remade in the normal bucket.
      5. Either run the ansible update-box command manually, or wait ~10 minutes for the change to be pushed out.
      6. The new bucket will allow the viewer to work
      7. Switch back to the old bucket when S3 N. Virginia is back to normal.
    2. If S3 Oregon is also unhealthy, AWS is having problems and we can't easily fix it.
  2. If the S3 bucket for N. Virginia shows as healthy, it may be a configuration issue.
    1. The CORS configuration needs to be set to allow requests from other domains. Currently we allow requests from any site and it should be:
      1. <?xml version="1.0" encoding="UTF-8"?>
        <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
        <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <MaxAgeSeconds>43200</MaxAgeSeconds>
        <AllowedHeader>*</AllowedHeader>
        </CORSRule>
        </CORSConfiguration>
    2. There should also be a bucket policy that allows access to the objects, objects often have a unique policy to allow access, but the Bucket policy confirms that access is allowed and a missing object permission doesn't break something. The policy should be:

      1. {

        "Version": "2012-10-17",

        "Statement": [

        {

        "Sid": "Add Permission to access from staging",

        "Effect": "Allow",

        "Principal": "*",

        "Action": "s3:GetObject",

        "Resource": "arn:aws:s3:::chf-dzi-production/*"

        }

        ]

        }

    3. If both of these are accurate then it is not a policy issue.
  3. If it is not an AWS outage or a policy issue, it is probably a code issue.