Omada Controller 3.0.2 for Linux (including new tpeap v1.4)
Update 2020-04-30: Omada EAP Controller 3.2.10 community version has just been released.
There is now a .deb-package available for easy installation on Debian, Raspbian and any other Debian-based Linux. The steps below are not necessary anymore for the installation of Omada Controller using the dpkg package manager.
The following (now obsolete) post is still here for reference only:
Hello world!
TP-Link just released the latest version of Omada Controller 3.0.2. Thanks to a tip from forum user humor_amarillo I got my hands on it early. So here it is, baked in just no time: The community version of
Omada EAP Controller 3.0.2 for Linux
Last update: 2018-08-28 22:40
What's new in this version?
- Cloud support. See the official release notes on the TP-Link website.
- Auto-backup, but the Windows-way. See below for the Linux-way to do backups.
- From what I saw so far, the directory structure has been cleaned up. Photoshop file with icons from v2.7.0 has been removed from the images directory.
- GUI now seems much more cleaner, too. Well done, TP-Link!
- EAP Controller starts ~30% faster compared with v2.7.0.
- All steps in the initial wizard now can be skipped! Finally my feature request was honored, thanks to R&D very much!
What's new in the Linux release?
- Logo now shows »Community version« below the TP-Link logo, so you can recognize it better.
- Two new options for tpeap:
- dump lets you dump the database as well as the maps and keystores.
- restore lets you restore a database dump including maps and previous keystores.
- A surprise (see below).
Update #1: New tpeap 1.4 has been released (see this post for more details).
For your convenience, I have attached the new tpeap script v1.4 to this posting, too. It might be handy for doing a backup of your v2.7.0 installation, which can be easily restored in EAP Controller 3.0.2.
Update #2: The tpeap 1.4 just has been added to the TAR archive with Omada Controller 3.0.2. If you download the TAR archive as described below, you will get the new tpeap script already - no need to install it twice.
Standard disclaimer, as usual: Use at your own risk.
This community version (cv for short) is neither released nor supported by TP-Link and it still needs some testing.
Installation of the Linux version
— If you want to install the Linux version for the first time, please see this post first, replace the instructions in step 2 there with the instructions in the same step 2 in this post below and proceed with the remaining steps here when you have installed all the pre-requisites (eapc role account, Java JRE, mongodb database).
— If you already have installed Omada EAP Controller 2.7.0cv on your Linux system, just read on.
Step 1: Make a backup
Obviously, to make a backup, the old EAP Controller needs to be running. Download the tpeap script attached to this posting and install it (you can safely overwrite the old tpeap version in the 2.7.0cv Controller):
cp tpeap /opt/tplink/EAPController/bin/
Next, create a backup. You need to specify a directory for the database dump (else it uses the directory EAPC_HOME/backup):
tpeap dump /tmp/backup
tpeap will create the directory, copy your maps and keystore to it, and then execute mongodump, which dumps the database in binary BSON format into the backup archive. Now you can safely stop the EAP Controller.
Step 2: Download and extract the software
Download the TAR archive from https://rent-a-guru.de/ftp/eapc-3.0.2.tar.gz
Check the SHA256 sum:
$ sha256sum -b eapc-3.0.2.tar.gz
2b9c9ce54a3bc698b25901f1234aef79e3d1e51703a9af1dcaa8360c4b407f66 *eapc-3.0.2.tar.gz
9638bb2ed43d58169a33b52ea2be1d48482fae68a5d93028f162ff66f2b0c4ea *eapc-3.0.2.tar.gz
$
Step 3: Set up the EAP Controller
Installation is straight-forward: Extract the TAR archive as root in /opt/tplink, remove the symlink EAPController pointing to version 2.7.0cv and create a new one pointing to the EAPController-3.0.2 directory just extracted from the TAR archive. Easy, isn't it?
cd /opt/tplink
tar xvzf /your-download-dir/eapc-3.0.2.tar.gz
rm EAPController
ln -s EAPController-3.0.2 EAPController
Do a quick check wether the permissions and ownership has been set correctly (complete dialog shown here):
# ls -ld /opt/tplink/EAPController-3.0.2
drwxr-xr-x 13 eapc eapc 4096 Aug 21 05:53 /opt/tplink/EAPController-3.0.2
# ls -l /opt/tplink/EAPController-3.0.2
total 12
drwxr-xr-x 2 root root 6 Aug 21 05:27 backup
drwxr-xr-x 2 root root 55 Aug 21 02:11 bin
drwxr-xr-x 6 eapc eapc 55 Aug 21 05:53 data
drwxr-x--- 2 root eapc 39 Aug 21 01:30 keystore
drwxr-xr-x 2 root root 4096 Aug 21 01:30 lib
drwxr-xr-x 2 eapc eapc 58 Aug 21 05:53 logs
drwxr-xr-x 2 root root 22 Aug 21 03:18 man
drwxr-x--- 2 root eapc 4096 Aug 21 01:30 properties
drwxr-xr-x 2 root root 36 Aug 21 05:36 webapps
drwxr-xr-x 3 eapc eapc 32 Aug 21 05:53 work
#
Two more things: Install the symlink to the Java JRE:
cd /opt/tplink/EAPController
ln -s /where-your-JRE-lives/ jre
and the manpage of tpeap (you find it in the man subdirectory):
cp man/tpeap.man /usr/share/man/man8/tpeap.8
gzip -v --best /usr/share/man/man8/tpeap.8
My JRE resides under /opt/jvm, so it looks like this:
# ls -l jre
lrwxrwxrwx 1 root root 21 Aug 21 05:53 jre -> /opt/jvm/jre1.8.0_181
Important note for users of Ubuntu and probably other distros, too:
If your mongodb version is >= 3.6 you need to edit the argument list EAPC uses to start the mongod daemon. The option --nohttpinterface, which is set by EAPC, has been removed in mongodb version 3.6 and newer.
Find out your mongod version:
mongod --version
To get rid of the --nohttpinterface option, you will have to delete it from the file mongodb.properties:
cd /opt/tplink/EAPController/properties
cp mongod.properties ../mongod.properties.ORIG
sed -i 's/^\(eap.mongod.args=.*\) --nohttpinterface \(.*\)$/\1 \2/' mongodb.properties
Of course, you can use any other editor, too.
Last step: fire up the new Controller
tpeap -w start
Now restore the database saved in step 1:
tpeap restore /tmp/backup
Enjoy!
Uh, and if you want to see what probably comes next to a Linux server near you:
The color-intense theme awesome with FontAwesome icons - no more image files needed, clean layout for EAPC 2.7.0cv.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
AlienMindbender wrote
Nothing obviously different on my system:
pi@pi:~ $ java -version openjdk version "1.8.0_181" OpenJDK Runtime Environment (build 1.8.0_181-8u181-b13-1~deb9u1-b13) OpenJDK Client VM (build 25.181-b13, mixed mode)
Oh, yes, that's a big difference! You have installed OpenJDK 1.8.0_181 client edition, while mine is Oracle JDK 1.8.0_65 server edition. I just did a default install of Raspbian, which included Java, jsvc and mongodb already. You could try whether it works if you remove -server from variable JAVA_OPTS in /usr/bin/tpeap, but I guess jsvc is compiled for server mode (I'm no Java expert and I really don't want to become one after 30 years of keeping Java out of my way ).
If not, try to install the package oracle-java8-jdk. Your existing jsvc and libcommons-daemon should work with this JVM flawlessly in server mode.
Based on a first short internet research that error seems to occur when executing 64bit java applications with 32bit libraries. Isn't the official Omada Controller a 64bit application?
The official Omada Controller includes x86_64 (architecture name amd64) binaries. Those won't run on an ARM processor as in the RasPi. Completely different CPU architecture. Raspbian still is a 32bit OS despite the fact that RasPi 3 has an ARMv7 CPU with some 64 bit capabilities, but binaries are compiled for ARMv6 in Raspbian. If there are 64bit libs, they must have been compiled and packaged manually.
The community version does not contain any binary, just Java classes and shell scripts, which are portable accross all different architectures. Thus, its architecture name is all and it depends solely on x86_32, amd64, armhf or whatever_your_CPU_is standard packages when it comes to binaries - this are the JRE (or JDK, which includes the JRE), jsvc (you have the right version already) and mongodb. All those packages are available from the Raspbin repository for the ARM platform - just apt-get install them and Omada Controller should work.
- Copy Link
- Report Inappropriate Content
Thanks for your explanation. I figured it out myself (see my edits) and now your Omada-Controlller-community-version-package works fine. Thank you so much.
- Copy Link
- Report Inappropriate Content
hi there, i've been troubleshooting all day and just found your guide. To cut it short I got excited and subsequently got banned on your FTP. So sorry. I was accessing your package on the Linux Omada Controller. Any way to unban it?
my ip starts at 75.84.x.x
I'm new so I'm unable to PM
thanks in advance, you are doing great work!
- Copy Link
- Report Inappropriate Content
lightflash wrote
hi there, i've been troubleshooting all day and just found your guide. To cut it short I got excited and subsequently got banned on your FTP. So sorry. I was accessing your package on the Linux Omada Controller. Any way to unban it?
Yes, the FTPD automatically bans systems if there are too many parallel connections or too many unsuccessful anonymous logins per five minutes. This is to mitigate against hacker and DoS attacks. The ban will be released after 12 hours; there is currently no active ban.
Make sure to use the anonymous login using only one connection at a time. Username is either anonymous or ftp, password is the mail address.
Use the ftp command rather than a browser, which might try to establish more than one connection at the same time. Browsers are too dumb to recognize private FTP areas anyway, so don't use them for FTP.
- Copy Link
- Report Inappropriate Content
Thank you! I thought the ban was permanent hence my panic. I finally was able to install your raspberry pi beta package successfully on Raspbian. I did it on Ubuntu mate first but it was taking around 5minutes to initialize.
I didn't read through all the replies on this post and proceeded to do the instructions on the first page with much difficulty. I'm a linux noob. Once I saw your rpi package, it was a cinch. I know it's in beta but I suggest linking the rpi beta package on the first post, just to let people similar to my situation know. Great work, love your formatting and the way you dumb down the instructions as much as possible.
- Copy Link
- Report Inappropriate Content
lightflash wrote
I finally was able to install your raspberry pi beta package successfully on Raspbian. I did it on Ubuntu mate first but it was taking around 5minutes to initialize.
Thanks for your feedback, glad it worked for you.
Yes, installation of the TAR archive is not the best way, but even with RPM packages the dependencies can't easily be resolved due to Linux distributions refusing to offer Oracle's JRE becasue of licensing issues. I think that's the reason the TP-Link distribution includes an embedded JRE and mongodb, which makes their package architecture-dependant.
However, the community version will remain portable across different platforms, especially since the only reason to use clumpsy Java I can think of is to make proprietary software portable.
I didn't link the Raspbian RPM to the first post because it's a beta and the final 3.0.2 RPM still needs some polishing. But it will become available soon and then I will link this final RPM to the first post of this thread.
- Copy Link
- Report Inappropriate Content
Hi,
I'm trying to run this in a Linux container, but on the first startup, even after 15 minutes, nothing is ready.
Strace shows a bunch of timeouts, so trying to figure out what those are.
First thought was /dev/random not having enough entropy, so I added Java startup options to use /dev/urandom instead, but still not working .
Any ideas on what else might be timing out several times per second in Omaha?
Thanks,
Michael
- Copy Link
- Report Inappropriate Content
MichaelAronsen wrote
I'm trying to run this in a Linux container, but on the first startup, even after 15 minutes, nothing is ready.
Strace shows a bunch of timeouts, so trying to figure out what those are.
Hi Michael,
probably the container does not offer the same networking functionality as a native Linux does, but that's just a guess after searching Google for network problems in Linux containers - this seems to be a well-known problem. If Omada Controller runs into a time-out, then there is a service/system call not responding as expected. Try to check network integration of the container.
- Copy Link
- Report Inappropriate Content
For pretty much all other network services i've tried to run in containers, they are unaware of the containerization.
I guess i'll have to strace or gdb my way to what syscall this is..
- Copy Link
- Report Inappropriate Content
MichaelAronsen wrote
For pretty much all other network services i've tried to run in containers, they are unaware of the containerization.
That's certainly true, but I bet those other network services are all Open Source Software. Unfortunately, Omada Controller is not.
This not only makes it difficult to find the cause for such behavior of Omada Controller in certain envrionments, but makes it almost impossible to changeit if found (what in regard of privilege separation once was the reason to make this community version at all).
So it could help to file a bug report/feature request to TP-Link.
There are still other issues even in native Linux environments such as making discovery optional if OC is used on public servers, letting users choose which mongodb they want to use, supporting proxying with standard web servers such as nginx/Apache, better support of adding official SSL certificates, better handling of individual portal pages etc.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 9
Views: 59372
Replies: 109