Implementing Ed-Fi

The steps below will create a Google Cloud SQL instance using PostgreSQL that will house the Ed-Fi ODS. Along with that a Windows VM will be created in Google Compute Engine that will run your Ed-Fi API, Assessments API bridge, and Admin App. In order to complete the steps below, you will need:

  • A Google Cloud project with billing enabled
  • To have signed the Ed-Fi license
  • A domain name that you can manage. We recommend Google Domains if you do not already have a preferred service.

Deploying Solution

Note

All gcloud commands should be run in Google Cloud via GCP Cloud Shell as they use environment variables provided by that environment.

Running the command below will pull down the Google Cloud Deployment Manager scripts that will implement the Ed-Fi ODS, API, Assessments API bridge, and Admin App.

git clone https://bitbucket.org/landingzone/ed-fi-deployment.git

Open the edfi_technology.yaml file and set the postgres password to something more secure. You’re now ready to run the deployment script!

cd ed-fi-deployment
./deploy.sh $GOOGLE_CLOUD_PROJECT

Configuring Windows VM

Once the deployment has finished, you should now have a Google Cloud SQL instance as well as a Compute Engine VM. The VM has a static IP attached to it. Point your domain name to this IP. When ready, run the command below to reset the password for your newly created Windows VM.

gcloud compute reset-windows-password edfi-api --user="lzone" --zone="us-central1-c" --quiet

Attention

We recommend using a desktop client to RDP into your Windows VMs. We’ve found issues with copy & paste when using the Chrome RDP app. RDP client downloads can be found here

RDP into your Windows Server logging in with username lzone and the password retrieved above. Right-click on Windows PowerShell and select Run as Administrator. Run the commands below to open a few files we need to edit.

notepad.exe C:\inetpub\postgresql\pgpass.conf
notepad.exe C:\inetpub\wwwroot\greenbridge\Web.config
notepad.exe C:\inetpub\wwwroot\bluebridge\Web.config
notepad.exe C:\inetpub\wwwroot\adminapp\Web.config
  • In pgpass.conf, replace the value samplepassword with the actual password of your Cloud SQL postgres user.
  • In Web.config located in the greenbridge folder, replace the value for key UpstreamEdFiApiUrl with https://yourdomain.com/green/
  • In Web.config located in the bluebridge folder, replace the value for key UpstreamEdFiApiUrl with https://yourdomain.com/blue/
  • In Web.config located in the adminapp folder, replace the value for key ProductionApiUrl with https://yourdomain.com/green

Run the commands below in the same PowerShell window. Be sure to set the domain name variable (ie. somedomain.com ) before you run the lines of code.

# Set variable below before running
$DOMAIN_NAME='';

New-WebBinding -Name "Default Web Site" -HostHeader $DOMAIN_NAME -IP "*" -Port 443 -Protocol https;

In the same PowerShell window, run wacs.exe to add SSL Certificate from Let’s Encrypt

  • Choose “N” to create new certificate
  • Single binding of an IIS site
  • Choose binding (select the number corresponding to the domain name you entered)
  • Enter email to be used for notifications
  • Complete prompts (accept defaults)

Caution

If the authorization step times out when running wacs.exe, you may need to wait and try again later. If you recently updated the domain name to point to the new VM, you may need to allow more time for the changes to propogate.

Known Issues

  • When you first log into the VM, you may receive messages from Windows that the default applications have been reset. This will not affect your Ed-Fi installation.