Changes between Version 31 and Version 32 of GENIRacksAdministration/InstaGENIAdministration
- Timestamp:
- 04/06/17 09:24:02 (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GENIRacksAdministration/InstaGENIAdministration
v31 v32 11 11 12 12 - boss and ops hosts 13 - control , flowvisor and foamhosts13 - control and flowvisor hosts 14 14 15 15 To access any of the above hosts, simply add the your domain name to the hostname listed above. For example to access the GPO boss node: … … 33 33 The '' boss'' and ''ops'' hosts are VMs located on the ''control'' node. The ''local administrator'' must request an account via the InstaGENI web interface as described in [wiki:GENIRacksAdministration/InstaGENIAdministration#a1.2.1.UserRequestsAdministrativeAccount section 1.2.1] below before they can SSH to these two VMs. This process is the same for subsequent administrator accounts. [[BR]] 34 34 35 === 1.1.2 control , flowvisor and foamhosts ===35 === 1.1.2 control and flowvisor hosts === 36 36 37 The ''control'' host is a physical node, while the '' flowvisor'' and ''foam'' hosts are VMs. The initial ''local administrator'' must send the desired login ID and an SSH version 2 public key to the InstaGENI Utah team. The requested login ID and SSH keys will be part of the OS images that run on the ''control'', ''foam'' and ''flowvisor'' hosts. Once the ''local administrator'' has access to these 3 hosts and he/she may grant access to subsequent administrators as described in the [wiki:GENIRacksAdministration/InstaGENIAdministration#a1.2.3.LocalAdministratorInstallsKeysonthecontrolfoamandflowvisorhosts section 1.2.3]37 The ''control'' host is a physical node, while the '' flowvisor'' host is a VM. The initial ''local administrator'' must send the desired login ID and an SSH version 2 public key to the InstaGENI Utah team. The requested login ID and SSH keys will be part of the OS images that run on the ''control'' and ''flowvisor'' hosts. Once the ''local administrator'' has access to these 2 hosts and he/she may grant access to subsequent administrators as described in the [wiki:GENIRacksAdministration/InstaGENIAdministration#a1.2.3.LocalAdministratorInstallsKeysonthecontrolandflowvisorhosts section 1.2.3] 38 38 39 39 === 1.1.3 Experimenter nodes === … … 62 62 1. User requests administrative account by joining "emulab-ops" group. 63 63 2. Local administrator approves request and enables ''boss'' and ops ''administrative'' access. 64 3. Local administrator installs requester public key on control , foamand flowvisor hosts.64 3. Local administrator installs requester public key on control and flowvisor hosts. 65 65 66 66 === 1.2.1. User Requests Administrative Account === … … 89 89 ''Note'': A user must verify email address before their request shows up in the ''New User Approval'' list. 90 90 91 === 1.2.3. Local Administrator Installs Keys on the control , foamand flowvisor hosts ===91 === 1.2.3. Local Administrator Installs Keys on the control and flowvisor hosts === 92 92 93 The ''local administrator'' has an account on the ''control'' , ''foam'',and ''flowvisor'' hosts, where he/she can use the ''mkadmin.pl'' script to add (or remove) other administrator accounts.93 The ''local administrator'' has an account on the ''control'' and ''flowvisor'' hosts, where he/she can use the ''mkadmin.pl'' script to add (or remove) other administrator accounts. 94 94 95 95 … … 103 103 }}} 104 104 105 Repeat the procedure for the ''foam'' host: 106 {{{ 107 $ scp user-ssh-key.pub foam.your.rack.domain:<pathtopubkey> 108 $ ssh foam.your.rack.domain 109 foam-host> sudo /usr/local/bin/mkadmin.pl <username> <pathtopubkey> 110 }}} 111 112 And finally repeat the procedure for the ''flowvisor'' host: 105 Repeat the procedure for the ''flowvisor'' host: 113 106 {{{ 114 107 $ scp user-ssh-key.pub flowvisor.your.rack.domain:<pathtopubkey> … … 117 110 }}} 118 111 119 The new administrator account now has SSH access to the control , foamand flowvisor hosts with the keys provided.112 The new administrator account now has SSH access to the control and flowvisor hosts with the keys provided. 120 113 121 114 == 1.3 Using Administrator Accounts == … … 144 137 To remove an administrator account two steps must be taken: 145 138 1. Delete the user web account for the rack 146 2. Remove the user SSH Keys for the ''control'' , ''foam'',and ''flowvisor'' hosts.139 2. Remove the user SSH Keys for the ''control'' and ''flowvisor'' hosts. 147 140 148 141 === 1.4.1 Delete Web Interface Administrator Account === … … 159 152 === 1.4.2 Remove SSH Keys === 160 153 161 To remove access for any accounts, an administrator must execute the '' '''mkadmin.pl''' '' script on the ''control'' , ''foam'',and ''flowvisor'' hosts as follows:154 To remove access for any accounts, an administrator must execute the '' '''mkadmin.pl''' '' script on the ''control'' and ''flowvisor'' hosts as follows: 162 155 {{{ 163 156 $ ssh control.your.rack.domain … … 165 158 }}} 166 159 167 Repeat the procedure for the ''foam'' host: 168 {{{ 169 $ ssh foam.your.rack.domain 170 $ sudo /usr/local/bin/mkadmin.pl -r <username> 171 }}} 172 173 And finally, repeat procedure for the ''flowvisor'' host: 160 Repeat the procedure for the ''flowvisor'' host: 174 161 {{{ 175 162 $ ssh flowvisor.your.rack.domain