Installation Manual – Platform

Introduction

DetaBord Platform is the actual DetaBord data quarantine instance that forms the secure enclave around your sensitive data and provides the software to securely compute analytics jobs and machine learning models on that data. This manual describes the installation procedure of DetaBord Platform.

Prerequisites

The DetaBord Platform ships pre-built as a binary executable for the following platforms:

  • Linux (tested on CentOS 7)
  • Mac OS, Version 10.15 or higher
  • Windows 10

It is recommended to use a Linux host for DetaBord platform.

Installation of Runtime Environment (Linux)

To provide a runtime environment go through the following steps for local execution mode:

  1. Do not run dq0 as root or admin, create a new user if neccessary adduser user
  2. Download miniconda: wget https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh
  3. Install miniconda: sh Miniconda3-latest-Linux-x86_64.sh
  4. Create new conda environment: conda create -n dq0 python=3.7
  5. Activate environment: conda activate dq0

Quick setup

For quick setup the docker compose installation is recommended: Docker Installation

Manual Installation

After everything has been unpacked, the installation process can be started.

  1. Ensure your are user, in conda environment dq0 and in user’s home directory
  2. Install dq0-sdk: pip install dq0sdk-0.1-py3-none-any.whl
  3. Set environment variable DQ0SDK_PATH:cd $CONDA_PREFIX mkdir -p ./etc/conda/activate.d mkdir -p ./etc/conda/deactivate.d touch ./etc/conda/activate.d/env_vars.sh touch ./etc/conda/deactivate.d/env_vars.sh
  4. Edit environment files: edit ./etc/conda/activate.d/env_vars.sh as follows: #!/bin/bash export DQ0SDK_PATH=/home/user/miniconda3/envs/dq0/lib/python3.7/site-packages/dq0sdk
  5. Edit ./etc/conda/deactivate.d/env_vars.sh as follows: #!/bin/bash unset DQ0SDK_PATH

Configuration

dq0config.yaml

  • Set the correct proxy domain name or ip address in pullURL and pushURL
  • other values can be kept unchanged

Generate public key pair

Since dq0 is encrypted end-to-end, we have to generate a public key pair and share the public key with that of the proxy instance. Generate pair (public_key.pem and private_key.pem) and move to config folder:

./dq0-main --create-pk && mv *.pem config`

“public_key.pem” can be now shared with the proxy.

Create database

The database is created locally and uses sqlite3. Create the database with the following command:

./dq0-main db create

Add roles and users

Now we can add new roles and users. To create a new role use the following command:

./dq0-main role add

You will be prompted for the name for the role (enter for example “admin”).

Create users with this command:

./dq0-main user add

Enter the username and password as requested.

Run as Service (Linux Cent OS example)

As root user we need to create a new file: vi /etc/systemd/system/dq0-main.service and add following content:

[Unit]
Description=dq0 main service
After=network.target
StartLimitIntervalSec=0

[Service]
Type=simple
Restart=always
RestartSec=1
WorkingDirectory=/home/user/dq0-main
User=user
Group=user
ExecStart=/home/user/dq0-main/service.sh

[Install]
WantedBy=multi-user.target

Start service:

systemctl start dq0-main

and enable at system startup:

systemctl enable dq0-main

Network Settings

As the data quarantine seeks to provide a secure enclave for your private data it is very important to install DetaBord Main only in a network environment with the highest level of network protection and firewall settings enabled.

  • Make sure that only the DetaBord Proxy port (default is 8000) is open for public communication via TCP. All other ports shall be closed.
  • Set file level or database permissions so that only the DetaBord Main user can read the data source directories. Nobody should have write access to the data sources.

Join Waitlist

Join the AI for Life Sciences Challenge

Let's talk