Deploying REDCap (Research Electronic Data Capture) on Google Cloud Platform

Written By Soniya Keluskar

Introduction:

REDCap (Research Electronic Data Capture) is a popular web-based application for managing research data. In this blog, we will walk you through the process of deploying REDCap on Google Cloud Platform (GCP) with a private IP address, a load balancer for public access, and a managed instance group for scalability and high availability. This setup ensures that your REDCap installation is secure, performant, and easily manageable.

Preparation:

  • A Google Cloud Platform (GCP) account with appropriate permissions to create and manage resources.

  • Basic knowledge of GCP services like compute engine, cloud SQL, load balancing, and VPC networks.

  • Familiarity with Linux command-line and SSH.

1. Create a Virtual Private Cloud (VPC) network:

  • Go to the VPC networks page in the GCP console.

  • Create a new VPC network with a custom subnet.

  • Ensure that the subnet's "Private Google access" option is enabled, as it allows the instances to access google cloud services without public IPs.

2. Configure a firewall rule:

  • Configure a firewall rule for Load Balancer:

    • Click Create firewall rule to create the firewall rule.

    • For Name, enter fw-allow-health-check.

    • Under Network, select Default.

    • Under Targets, select Specified target tags.

    • Populate the Target tags field with allow-health-check.

    • Set Source filter to IPv4 ranges.

    • Set Source IPv4 ranges to 130.211.0.0/22 and 35.191.0.0/16.

    • Under Protocols and ports, select Specific protocols and ports.

    • Select the TCP checkbox, and then type 80, 443 for the port numbers.

    • Click Create.

  • Configure a firewall rule for NAT:

    • Click Create firewall rule.

    • Enter a Name of allow-ssh.

    • Set Direction of traffic to Ingress.

    • Set Action on match to Allow.

    • Set Targets to allow-health-check.

    • Set Source filter to IP ranges.

    • Set Source IP ranges to 35.235.240.0/20.

    • Set Protocols and ports to Specified protocols and ports.

    • Select the tcp checkbox and enter port 22.

    • Click Create.

3. Create and Configure a Cloud SQL instance:

  • Go to the Cloud SQL page in the GCP console.

  • Create a new MySQL instance with the desired settings (e.g., storage capacity, backup configuration, etc.).

  • Ensure you set the "private IP" option to use a private IP address within the VPC network you created earlier.

  • Create a new database user within the Cloud SQL instance specifically for REDCap named redcapuser generate its password.

4. Set up NAT for outbound internet access:

  • Go to the Cloud NAT page in the GCP Console.

  • Click Get started or Create NAT gateway.

  • Enter a Gateway name of nat-config.

  • Set the VPC network to custom-network1.

  • Set the Region to us-central1.

  • Under Cloud Router, select Create new router.

    • Enter a Name of nat-router.

    • Click Create.

  • Click Create.

5. Create an Instance Template:

  • Go to the Instance templates page in the GCP Console.

  • Create a new instance template based on Ubuntu, specifying the necessary machine type, boot disk, networking settings, and startup script (for installing REDCap).

  • Click Networking and configure the following field:

    • For Network tags, enter allow-health-check.

  • Click Management. Enter the following script into the Startup script field.

<<-EOF1

#! /bin/bash

sudo apt update && sudo apt upgrade 

sudo apt install -y apache2 

sudo apt install -y php libapache2-mod-php php-mysql

sudo apt-get -y install php-curl

sudo apt-get -y install php-xml

sudo apt-get -y install php-gd

sudo apt-get -y install php-imagick

sudo apt-get -y install php-zip php-mbstring

sudo apt install -y mysql-client

sudo apt-get install unzip 

sudo apt update

sudo service apache2 restart

EOF1

  • Click Create

6. Create a Managed Instance Group:

  • Go to the instance groups page in the GCP console.

  • Create a new managed instance group using the instance template created earlier.

  • Configure the group to use the subnet within the VPC network that allows private google access.

  • For autoscaling mode, select On: add and remove instances to the group.
    Set minimum number of instances to 2, and set maximum number of instances to 1 or more.

  • Under port mapping, click add port.

    • For the port name, enter http. For the port number, enter 80.

  • To create the new instance group, click Create.

7. Install REDCap on the instances:

  • Connect to one of the instances in the managed instance group using SSH.

  • I have already downloaded the REDCap and stored it in my google storage bucket, so I will be copying REDCap from my bucket to VM.

  • Run the following commands to install REDCap:

   # Copy REDCap and extract it to the web server root directory

   sudo gsutil cp gs://<BUCKET_NAME>/redcap13.8.1.zip /var/www/html/

   #change directory in which your redcap is copied:

   cd /var/www/html

   # Unzip the redcap:

   sudo unzip redcap13.8.1.zip

   # Set appropriate permissions

   sudo chown -R www-data:www-data /var/www/html/redcap

   sudo chmod -R 744 /var/www/html/redcap

   # Enable necessary Apache modules

   sudo a2enmod rewrite

   # Restart Apache

   sudo service apache2 restart

  • Make changes REDCap database.php so that it can connect to MYSQL DB:

    • sudo nano /var/www/html/redcap/database.php

      • $hostname   = '<host_ip>';  //your_mysql_host_name

      • $db             = 'redcap';   //your_mysql_db_name

      • $username   = 'redcapuser';     //your_mysql_db_username

      • $password   = '<dbuser_password>';  //your_mysql_db_password

      • $salt       = '<rendom_values>';

  • Save the file, now your RedCap VM is able to connect to MySQL DB.

8. Configure Load Balancer for public access:

  • Click create load balancer.

  • On the application load balancer (HTTP/S) card, click start configuration.

  • For internet facing or internal only, select from internet to my VMs.

  • For global or regional, select classic application load balancer.

  • Click continue.

  • For the load balancer name, enter redcap-lb.

  • Frontend configuration

    • Click frontend configuration.

    • Set protocol to HTTPS.

    • Set IP address to lb-ipv4-1, which you created earlier.

    • Ensure that the port is set to 443 to allow HTTPS traffic.

    • Click certificate, and select your primary SSL certificate.

  • Backend configuration

    • Click backend configuration.

    • Under create or select backend services & backend buckets, select backend services > create a backend service.

    • Add a name for your backend service, such as web-backend-service.

    • Under protocol, select HTTP.

    • For the named port, enter http.

    • In backends > new backend > instance group, select your instance group.

    • For the port numbers, enter 80.

    • Retain the other default settings.

    • Under health check, select create a health check, and then add a name for your health check, such as http-basic-check.

    • Set the protocol to HTTP, and then click save.

    • Retain the other default settings.

    • Click Create.

  • Host and path rules

    • For Host and path rules, retain the default settings.

  • Review and finalize, click Create.

9. Configure REDCap:

  • Access the REDCap installation by going to the public IP address of the load balancer.

  • Follow the installation wizard displayed on the REDCap web page.

10. SendGrid Email API Integration with REDCap:

  • Get a SendGrid Account:

  • Obtain your SendGrid API Key:

    • Log in to your SendGrid account.

    • Navigate to the API Keys section and create a new API key.

    • Make sure the API key has the necessary permissions for sending emails.

  • In REDCap this option can be configured on the general configuration page in the control center. 

  • You merely have to provide the API key for your SendGrid account and save it, this will begin using the SendGrid Web API to send *all* emails going out of REDCap. 

11. Change your Authentication Method(Table-based) in REDCap:

  • Create a new table-based user for yourself by going to Control Center > Create New User. Choose a username and receive an email with your username and a password setup link.

  • Before checking your email, visit Control Center > Designate Super User to add your user as a super user. This ensures Control Center access after logging in with the new Table-based user.

  • Go to Control Center > Security & Authentication. Change the method to Table-based, save changes, and click any link to force login with your new Table-based username.

  • Login to REDCap using the new username and emailed password. Set a new password as prompted.

  • Once logged in with the new username, return to Control Center > Designate Super User to remove "site_admin" as a super user.

  • You're now finished. Create usernames for others on the Create New User page to provide them access to REDCap.

Conclusion:

By following the steps outlined in this blog, you can easily deploy REDCap on Google Cloud Platform, ensuring that your installation is secure, highly available, and capable of handling increasing traffic. The combination of a Managed Instance Group, Load Balancer, and Cloud SQL with a private IP address provides a robust and scalable solution for your research data management needs. Happy data capturing!

Soniya Keluskar
Previous

Migrating from VMware to Google Cloud: Unleashing the Power of the Cloud
Next

Evonence, Google Cloud Premier Partner  Ranks 1196 on the 2023 Inc. 5000 Annual List !!!