Version 8 (modified by 9 years ago) (diff) | ,
---|
CG-ADM-1 Administrative Tests
This test validates administrative access for NCSU2 and NCSU Cisco racks. Cisco GENI Racks Administrator accounts can be obtained as described at the ExoGENI Rack Operators page where accounts creation and usage is documented.
Test Status
This section captures the status for each step in the acceptance test plan.
Test | State | Tickets/Comments |
NCSU2 Administrative Access | Color(#63B8FF,In Progress)? | Need control and data plane switches access information |
NCSU Administrative Access | Color(#63B8FF,In Progress)? | Need control and data plane switches access information |
State Legend | Description |
Color(green,Pass)? | Test completed and met all criteria |
Color(#98FB98,Pass: most criteria)? | Test completed and met most criteria. Exceptions documented |
Color(red,Fail)? | Test completed and failed to meet criteria. |
Color(yellow,Complete)? | Test completed but will require re-execution due to expected changes |
Color(orange,Blocked)? | Blocked by ticketed issue(s). |
Color(#63B8FF,In Progress)? | Currently under test. |
NCSU2 Administrative Access
With requested account accessed rack head node and verified root access and group membership:
LNM:~$ ssh ncsu2-hn.exogeni.net The authenticity of host 'ncsu2-hn.exogeni.net (152.48.13.190)' can't be established. RSA key fingerprint is 73:17:05:21:29:42:71:05:52:e5:fd:16:a1:07:78:be. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'ncsu2-hn.exogeni.net,152.48.13.190' (RSA) to the list of known hosts. lnevers@ncsu2-hn.exogeni.net's password: Creating home directory for lnevers. |-----------------------------------------------------------------| | ____ ____ ____ ____ ____ ____ ____ | | ||E |||x |||o |||G |||E |||N |||I || | | ||__|||__|||__|||__|||__|||__|||__|| | | |/__\|/__\|/__\|/__\|/__\|/__\|/__\| | | | |-----------------------------------------------------------------| [lnevers@ncsu2-hn ~]$ sudo whoami We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for lnevers: root [lnevers@ncsu2-hn ~]$ id uid=2107(lnevers) gid=2000(nonrenci) groups=2000(nonrenci),2502(ncsuadmins),2508(osfadmins),2509(ucdadmins),2510(sladmins),2512(ncsu2admins),2513(tamuadmins),9510(bbnadmins) [lnevers@ncsu2-hn ~]$
From head node verified login and administrative access to each of the worker nodes that supply VMs.
[lnevers@ncsu2-hn ~]$ for i in 1 2 3 4 ; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done Executing on: ncsu2-w1 root Linux ncsu2-w1 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu2-w2 root Linux ncsu2-w2 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu2-w3 root Linux ncsu2-w3 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu2-w4 root Linux ncsu2-w4 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux [lnevers@ncsu2-hn ~]$
For each worker node execute the following:
for i in X Y; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
Note: No Bare Metal Nodes
Connect to the management switch:
[lnevers@ncsu2-hn ~]$ ssh ncsu-8052.ncsu.xo >ena show interface status show version show vlan
Connect to the OpenFlow switch:
ssh lnevers@ncsu2-8264.ncsu.xo >ena show interface status show version brief show vlan
Verify FOAM and FlowVisor configuration files ownership and paths:
[lnevers@ncsu2-hn ~]$ ls -l /etc/foam.passwd /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd lrwxrwxrwx 1 root flowvisor 21 Feb 10 2014 /etc/flowvisor/fvpasswd -> /etc/flowvisor.passwd -r--r----- 1 flowvisor ncsu2admins 25 Feb 9 2014 /etc/flowvisor.passwd -r--r----- 1 root ncsu2admins 25 Feb 9 2014 /etc/foam.passwd lrwxrwxrwx 1 root root 16 Feb 10 2014 /opt/foam/etc/foampasswd -> /etc/foam.passwd [lnevers@ncsu2-hn ~]$
Check FOAM version and FOAM configuration for site.admin.email, geni.site-tag, email.from settings on the NCSU2 head node:
[lnevers@ncsu2-hn ~]$ foamctl admin:get-version --passwd-file=/etc/foam.passwd { "version": "0.14.0" } [lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="site.admin.email" --passwd-file=/opt/foam/etc/foampasswd { "value": "foam-admin@gpolab.bbn.com" } [lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="geni.site-tag" --passwd-file=/opt/foam/etc/foampasswd { "value": "ncsu2-hn.exogeni.net" } [lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="email.from" --passwd-file=/opt/foam/etc/foampasswd { "value": null } [lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="geni.approval.approve-on-creation" --passwd-file=/opt/foam/etc/foampasswd { "value": 0 } [lnevers@ncsu2-hn ~]$
Show FOAM slivers details:
[lnevers@ncsu2-hn ~]$ foamctl geni:list-slivers --passwd-file=/opt/foam/etc/foampasswd { "slivers": [ { "status": "pending", "flowvisor_slice": "dd2e77e8-02d0-45b8-8053-32c65960a88c", "slice_urn": "urn:publicid:IDN+ch.geni.net:ln-test+slice+IG-CT-4", "pend_reason": [], "deleted": "False", "user": "urn:publicid:IDN+ch.geni.net+user+lnevers", "creation": "2014-12-04 19:42:24.569232+00:00", "enabled": false, "uuid": "dd2e77e8-02d0-45b8-8053-32c65960a88c", "id": 3, "expiration": "2014-12-10 00:00:00+00:00", "sliver_urn": "urn:publicid:IDN+ch.geni.net:ln-test+slice+IG-CT-4:dd2e77e8-02d0-45b8-8053-32c65960a88c", "ref": null, "email": "lnevers@bbn.com", "desc": "IG-CT-4 over 3716 " } ] } [lnevers@ncsu2-hn ~]$
Check the FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU2 Head node:
[lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd ping hello Got reply: PONG(fvadmin): FV version=flowvisor-0.8.1::hello [lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listDevices Device 0: 00:01:18:e7:28:07:bf:c0 [lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getDeviceInfo 00:01:18:e7:28:07:bf:c0 nPorts=5 portList=32,35,44,33,34 dpid=00:01:18:e7:28:07:bf:c0 remote=/192.168.107.20:6633-->/192.168.107.4:13369 portNames=Eth1/32(32),Eth1/35(35),Eth1/44(44),Eth1/33(33),Eth1/34(34) [lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listSlices Slice 0: fvadmin Slice 1: orca-141 Slice 2: orca-142 Slice 3: orca-140 Slice 4: orca-143 Slice 5: orca-136 Slice 6: orca-137 Slice 7: orca-138 Slice 8: orca-128 Slice 9: orca-139 Slice 10: orca-158 Slice 11: orca-129 Slice 12: orca-159 Slice 13: orca-154 Slice 14: orca-155 Slice 15: orca-130 Slice 16: orca-156 Slice 17: orca-131 Slice 18: orca-157 Slice 19: orca-132 Slice 20: orca-133 Slice 21: orca-134 Slice 22: orca-152 Slice 23: orca-135 Slice 24: orca-153 [lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getSliceInfo orca-153 Got reply: connection_1=00:01:18:e7:28:07:bf:c0-->/152.48.13.190:24503-->ncsu2-hn.exogeni.net/152.48.13.190:54423 contact_email=exogeni-ops@renci.org controller_hostname=ncsu2-hn.exogeni.net controller_port=54423 creator=fvadmin [lnevers@ncsu2-hn ~]$
NCSU Administrative Access
With requested account accessed rack head node and verified root access and group membership:
LNM:~$ ssh ncsu-hn.exogeni.net The authenticity of host 'ncsu-hn.exogeni.net (152.48.13.3)' can't be established. RSA key fingerprint is e0:ad:3d:c7:33:02:84:66:1e:44:7d:30:4d:20:5b:07. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'ncsu-hn.exogeni.net,152.48.13.3' (RSA) to the list of known hosts. lnevers@ncsu-hn.exogeni.net's password: |-----------------------------------------------------------------| | ____ ____ ____ ____ ____ ____ ____ | | ||E |||x |||o |||G |||E |||N |||I || | | ||__|||__|||__|||__|||__|||__|||__|| | | |/__\|/__\|/__\|/__\|/__\|/__\|/__\| | | | |-----------------------------------------------------------------| [lnevers@ncsu-hn ~]$ sudo whoami We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for lnevers: root [lnevers@ncsu-hn ~]$ id uid=2107(lnevers) gid=2000(nonrenci) groups=2000(nonrenci),2502(ncsuadmins),2508(osfadmins),2509(ucdadmins),2510(sladmins),2512(ncsu2admins),2513(tamuadmins),9510(bbnadmins) [lnevers@ncsu-hn ~]$
From head node verified login and administrative access to each of the worker nodes that supply VMs.
[lnevers@ncsu-hn ~]$ for i in {1..13}; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done Executing on: ncsu-w1 root Linux ncsu-w1 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w2 root Linux ncsu-w2 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w3 root Linux ncsu-w3 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w4 root Linux ncsu-w4 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w5 root Linux ncsu-w5 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w6 root Linux ncsu-w6 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w7 root Linux ncsu-w7 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w8 root Linux ncsu-w8 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w9 root Linux ncsu-w9 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w10 root Linux ncsu-w10 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w11 root Linux ncsu-w11 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w12 root Linux ncsu-w12 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu-w13 root Linux ncsu-w13 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux [lnevers@ncsu-hn ~]$
For each Bare Metal node execute the following:
for i in 14 15; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
Connect to the management switch:
[lnevers@ncsu-hn ~]$ ssh ncsu-8052.ncsu.xo >ena show interface status show version show vlan
Connect to the OpenFlow switch:
ssh lnevers@ncsu-8264.ncsu.xo >ena show interface status show version brief show vlan
Verify FOAM and FlowVisor configuration files ownership and paths:
[lnevers@ncsu-hn ~]$ ls -l /etc/foam.passwd /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd lrwxrwxrwx 1 root flowvisor 21 Feb 21 2013 /etc/flowvisor/fvpasswd -> /etc/flowvisor.passwd -r--r----- 1 flowvisor ncsuadmins 25 Feb 20 2013 /etc/flowvisor.passwd -r--r-----+ 1 root ncsuadmins 25 Feb 20 2013 /etc/foam.passwd lrwxrwxrwx 1 root root 16 Feb 21 2013 /opt/foam/etc/foampasswd -> /etc/foam.passwd [lnevers@ncsu-hn ~]$
Check FOAM version and FOAM configuration for site.admin.email, geni.site-tag, email.from settings on the NCSU head node:
[lnevers@ncsu-hn ~]$ foamctl admin:get-version --passwd-file=/etc/foam.passwd Basic auth failed: invalid password [lnevers@ncsu-hn ~]$ foamctl config:get-value --key="site.admin.email" --passwd-file=/opt/foam/etc/foampasswd Basic auth failed: invalid password [lnevers@ncsu-hn ~]$ foamctl config:get-value --key="geni.site-tag" --passwd-file=/opt/foam/etc/foampasswd Basic auth failed: invalid password [lnevers@ncsu-hn ~]$ foamctl config:get-value --key="email.from" --passwd-file=/opt/foam/etc/foampasswd Basic auth failed: invalid password [lnevers@ncsu-hn ~]$ foamctl config:get-value --key="geni.approval.approve-on-creation" --passwd-file=/opt/foam/etc/foampasswd Basic auth failed: invalid password [lnevers@ncsu-hn ~]$
Note: Fails as expected, no OpenFlow for NCSU rack.
Show FOAM slivers details:
[lnevers@ncsu-hn ~]$ foamctl geni:list-slivers --passwd-file=/opt/foam/etc/foampasswd Basic auth failed: invalid password
Note: Fails as expected, no OpenFlow for NCSU rack.
Check the FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU Head node:
[lnevers@ncsu-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd ping hello Got reply: PONG(fvadmin): FV version=flowvisor-0.8.1::hello [lnevers@ncsu-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listDevices [lnevers@ncsu-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listSlices Slice 0: fvadmin Slice 1: N3K-Test [lnevers@ncsu-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getSliceInfo N3K-Test Got reply: contact_email=slice=tester@renci.org controller_hostname=127.0.0.1 controller_port=60635 creator=fvadmin [lnevers@ncsu-hn ~]$
Note: No Device present as expected, no OpenFlow at NCSU