Opened 10 years ago

Closed 10 years ago

#93 closed (fixed)

Identifying ExoGENI software

Reported by: jbs@bbn.com Owned by: somebody
Priority: major Milestone: EG-MON-1
Component: Administration Version: SPIRAL4
Keywords: Cc:
Dependencies:

Description (last modified by jbs@bbn.com)

I'm working on EG-MON-1 Step 1 (http://groups.geni.net/geni/wiki/GENIRacksHome/AcceptanceTests/ExogeniAcceptandceTestsPlan#EG-MON-1:ControlNetworkSoftwareandVLANInspectionTest), and identified various files that are part of programs that are listening on the network, but aren't part of RPM packages. How would a site admin find out where those files came from, e.g. if they wanted to review the code?

Change History (19)

comment:1 Changed 10 years ago by jbs@bbn.com

So, /omd/sites/rack_bbn/var/tmp/xinetd, which appears to be a copy of /usr/sbin/xinetd -- is that as expected? As to the others, the relevant part of the acceptance test procedure says:

A site administrator enumerates processes on each of the head node and an OpenStack? worker node which listen for network connections from other nodes, identifies what version of what software package is in use for each, and verifies that we know the source of each piece of software and could get access to its source code.

So, if a site admin wanted to find out that information about those six things, how would they go about doing it?

comment:3 Changed 10 years ago by jbs@bbn.com

The first and last of those three are private pages; should I be able to see those?

comment:4 Changed 10 years ago by ibaldin@renci.org

Yes if you login.

comment:5 Changed 10 years ago by jbs@bbn.com

Aha, ok. RENCI LDAP credentials? (Which other site admins will have too?)

(Just being cautious because I don't want to send that password to a host that shouldn't have it.)

comment:6 Changed 10 years ago by ibaldin@renci.org

ExoGENI LDAP credentials, yes. All site admins will have those.

comment:7 Changed 10 years ago by jbs@bbn.com

Ok. Lemme cycle back to this next week, so y'all can focus on your deployment for now.

comment:8 in reply to:  2 Changed 10 years ago by lnevers@bbn.com

Replying to ibaldin@renci.org:

https://wiki.exogeni.net/doku.php?id=private:orca:deployment

https://wiki.exogeni.net/doku.php?id=public:software:aux_infrastructure:start

https://wiki.exogeni.net/doku.php?id=private:openflow:start

Using LDAP credentials to reviewed both public and private pages listed above and here are some updates:

  1. Both private pages do not exist:
  1. Public page https://wiki.exogeni.net/doku.php?id=public:software:aux_infrastructure:start provides a list of "auxiliary infrastructure elements" which includes:
    • ImageProxy
    • Orca Actor Registry
    • NDL-OWL/RSpec Conversion service

The aux_infrastructure page also points to ORCA Actors at https://wiki.exogeni.net/doku.php?id=public:software:start which gives insight into other software components including:

  • FOAM ("version": "0.8.2")
  • Shorewall DNAT Proxy
  • FlowVisor (FV version=flowvisor-0.8.1::1)
  • ORCA AM (not the GENI AM!)
  • Local and Global Brokers
  • EC2
  • xCAT
  • Eucalyptus
  • OpenStack
  • Apache Tomcat (version 7.0.22)

comment:9 Changed 10 years ago by vjo@duke.edu

Has this received an adequate response, or does this ticket require further action?

comment:10 Changed 10 years ago by jbs@bbn.com

Description: modified (diff)

I re-ran EG-MON-1 Step 1 just now, with results at http://groups.geni.net/geni/wiki/GENIRacksHome/ExogeniRacks/AcceptanceTestStatus/EG-MON-1#ResultsofStep1from2012-12-18. Search down for "here are the files that aren't from an RPM" and you'll find a list of files that aren't part of RPMs.

I can't easily tell from Luisa's recent update whether she thinks that a site admin could easily tell where each of those files came from. I couldn't at a glance, although it's possible I could track them down with more research.

Luisa, what do you think? Is the existing documentation adequate here, or is more needed?

comment:11 Changed 10 years ago by jbs@bbn.com

Ping! Luisa, is the existing documentation adequate here, or is more needed?

comment:12 Changed 10 years ago by lnevers@bbn.com

Public Page:

Comment 8 (10/10/12 10:53:14 by lnevers@bbn.com ) stated that each of the major software components are captured and have some level of documentation at the location "https://wiki.exogeni.net/doku.php?id=public:software:start". Level of detail varies, and someone familiar with those components may disagree that they are adequate. I have not had exposure to the component listed, to know if we have enough information to manage them in the rack.

Private Pages:

The private pages suggested in comment 2 still do not exist:

1) https://wiki.exogeni.net/doku.php?id=private:orca:deployment

2) https://wiki.exogeni.net/doku.php?id=private:openflow:start

I have searched and found that the suggested link "1" may be replaced by the link for Orca deployment found at:

And that suggested link "2" may be replace by the OpenFlow page:

Again, level of information varies and if anyone feel the information is insufficient to manage these components in the rack, please update.

comment:13 in reply to:  12 Changed 10 years ago by jbs@bbn.com

Replying to lnevers@bbn.com:

Comment 8 (10/10/12 10:53:14 by lnevers@bbn.com ) stated that each of the major software components are captured and have some level of documentation at the location "https://wiki.exogeni.net/doku.php?id=public:software:start". Level of detail varies, and someone familiar with those components may disagree that they are adequate. I have not had exposure to the component listed, to know if we have enough information to manage them in the rack.

Ah, I may not have been clear enough about what this ticket is about. We're not looking for documentation about managing components here, but merely information about where software came from: In particular, software that doesn't come from an RPM.

Buried in http://groups.geni.net/geni/wiki/GENIRacksHome/ExogeniRacks/AcceptanceTestStatus/EG-MON-1#ResultsofStep1from2012-12-18 is a list of files that are involved in software that listens on the network, and aren't from an RPM:

file /omd/sites/rack_bbn/var/tmp/xinetd is not owned by any package
file /opt/floodlight/floodlight.jar is not owned by any package
file /opt/imageproxy/axis2 is not owned by any package
file /opt/imageproxy/axis2/conf is not owned by any package
file /opt/imageproxy/axis2/lib/XmlSchema-1.4.7.jar is not owned by any package
file /opt/imageproxy/axis2/lib/activation-1.1.jar is not owned by any package
file /opt/imageproxy/axis2/lib/antlr-2.7.7.jar is not owned by any package
file /opt/imageproxy/axis2/lib/apache-mime4j-core-0.7.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axiom-api-1.2.13.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axiom-dom-1.2.13.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axiom-impl-1.2.13.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-adb-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-adb-codegen-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-ant-plugin-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-clustering-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-codegen-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-corba-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-fastinfoset-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-java2wsdl-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-jaxbri-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-jaxws-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-jibx-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-json-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-kernel-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-metadata-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-mtompolicy-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-saaj-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-soapmonitor-servlet-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-spring-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-transport-http-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-transport-local-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/axis2-xmlbeans-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/bcel-5.1.jar is not owned by any package
file /opt/imageproxy/axis2/lib/commons-cli-1.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/commons-codec-1.3.jar is not owned by any package
file /opt/imageproxy/axis2/lib/commons-fileupload-1.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/commons-httpclient-3.1.jar is not owned by any package
file /opt/imageproxy/axis2/lib/commons-io-1.4.jar is not owned by any package
file /opt/imageproxy/axis2/lib/commons-logging-1.1.1.jar is not owned by any package
file /opt/imageproxy/axis2/lib/geronimo-annotation_1.0_spec-1.1.jar is not owned by any package
file /opt/imageproxy/axis2/lib/geronimo-jaxws_2.2_spec-1.0.jar is not owned by any package
file /opt/imageproxy/axis2/lib/geronimo-jta_1.1_spec-1.1.jar is not owned by any package
file /opt/imageproxy/axis2/lib/geronimo-saaj_1.3_spec-1.0.1.jar is not owned by any package
file /opt/imageproxy/axis2/lib/geronimo-stax-api_1.0_spec-1.0.1.jar is not owned by any package
file /opt/imageproxy/axis2/lib/geronimo-ws-metadata_2.0_spec-1.1.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/httpcore-4.0.jar is not owned by any package
file /opt/imageproxy/axis2/lib/jalopy-1.5rc3.jar is not owned by any package
file /opt/imageproxy/axis2/lib/jaxb-api-2.1.jar is not owned by any package
file /opt/imageproxy/axis2/lib/jaxb-impl-2.1.7.jar is not owned by any package
file /opt/imageproxy/axis2/lib/jaxb-xjc-2.1.7.jar is not owned by any package
file /opt/imageproxy/axis2/lib/jaxen-1.1.1.jar is not owned by any package
file /opt/imageproxy/axis2/lib/jaxws-tools-2.1.3.jar is not owned by any package
file /opt/imageproxy/axis2/lib/jettison-1.0-RC2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/jibx-bind-1.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/jibx-run-1.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/jsr311-api-1.0.jar is not owned by any package
file /opt/imageproxy/axis2/lib/juli-6.0.16.jar is not owned by any package
file /opt/imageproxy/axis2/lib/log4j-1.2.15.jar is not owned by any package
file /opt/imageproxy/axis2/lib/mail-1.4.jar is not owned by any package
file /opt/imageproxy/axis2/lib/mex-1.6.2-impl.jar is not owned by any package
file /opt/imageproxy/axis2/lib/neethi-3.0.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/regexp-1.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/tribes-6.0.16.jar is not owned by any package
file /opt/imageproxy/axis2/lib/woden-api-1.0M9.jar is not owned by any package
file /opt/imageproxy/axis2/lib/woden-impl-commons-1.0M9.jar is not owned by any package
file /opt/imageproxy/axis2/lib/woden-impl-dom-1.0M9.jar is not owned by any package
file /opt/imageproxy/axis2/lib/wsdl4j-1.6.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/wstx-asl-3.2.9.jar is not owned by any package
file /opt/imageproxy/axis2/lib/xalan-2.7.0.jar is not owned by any package
file /opt/imageproxy/axis2/lib/xml-resolver-1.2.jar is not owned by any package
file /opt/imageproxy/axis2/lib/xmlbeans-2.3.0.jar is not owned by any package
file /opt/orca-11080/tomcat/bin/bootstrap.jar is not owned by any package
file /opt/orca-11080/tomcat/bin/tomcat-juli.jar is not owned by any package
file /opt/orca-12080/tomcat/bin/bootstrap.jar is not owned by any package
file /opt/orca-12080/tomcat/bin/tomcat-juli.jar is not owned by any package
file /opt/orca-13080/tomcat/bin/bootstrap.jar is not owned by any package
file /opt/orca-13080/tomcat/bin/tomcat-juli.jar is not owned by any package
file /opt/orca-aux/tomcat-7/bin/bootstrap.jar is not owned by any package
file /opt/orca-aux/tomcat-7/bin/tomcat-juli.jar is not owned by any package

So, we're trying to confim that if a site admin said "what is this thing that's listening on my network? I want to know where this came from, and ideally look at the source code", they could do that.

Thus, my question to you (Luisa) is: Given the existing docs, can you find that information for those files?

If not, we'd like the ExoGENI folks to provide docs about the things that you can't find.

Make sense?

comment:14 Changed 10 years ago by lnevers@bbn.com

Thanks Josh!!! :-)

I checked https://wiki.exogeni.net and could not find any instances of the following:

  • floolight
  • omd
  • orca-aux
  • tomcat

There are numerous instances of "orca", I assume the digits are process numbers? I believe that an administrator that has and ExoGENI rack should be able to figure out that "Orca" is part of the rack solution.

What I have found are 3 instance of "imageproxy" at wiki.exogeni.net:

And within the experimenter:start page there is a link to the Eucalyptus/XCat ImageProxy at https://code.renci.org/gf/project/networkedclouds/wiki/?pagename=ImageProxy.

Code for image-proxy is found at the location: https://code.renci.org/gf/project/networkedclouds/scmsvn/?action=browse&path=%2Fimage-proxy%2Ftrunk%2F

In summary, there is documentation on only one of the above, but the naming is inconsistent across file system, wiki and svn (ImageProxy?/imageproxy/image-proxy)

comment:15 Changed 10 years ago by jbs@bbn.com

Luisa: Thanks!

RENCI folks: Can you add some docs about the others?

(The questions that the docs should answer, to recap, are: What software is this file a part of? What version of that software is this? Where did it come from, so I can look at the source code?)

comment:16 Changed 10 years ago by jbs@bbn.com

Ping! RENCI folks, can you add some docs about the things that Luisa found were missing? (The questions that the docs should answer, to recap, are: What software is this file a part of? What version of that software is this? Where did it come from, so I can look at the source code?)

comment:17 Changed 10 years ago by ibaldin@renci.org

  • Floodlight is mentioned several times in the wiki if you search for proper spelling. This page explains:

https://wiki.exogeni.net/doku.php?id=private:configuration:openflow:start that it is used internally by ORCA and a pointer is given to an external website

  • omd is Nagios
  • orca-aux - not sure what you mean - is there a process with that name?
  • ORCA currently runs under tomcat, again it is explained here:

https://wiki.exogeni.net/doku.php?id=private:configuration:orca:installation it is a well-known piece of open-source software that I don't think we need to explain, same way we wouldn't explain Apache.

comment:18 in reply to:  17 Changed 10 years ago by lnevers@bbn.com

Replying to ibaldin@renci.org:

  • Floodlight is mentioned several times in the wiki if you search for proper spelling. This page explains:

https://wiki.exogeni.net/doku.php?id=private:configuration:openflow:start that it is used internally by ORCA and a pointer is given to an external website

Sorry. Agreed, the user will find FloodLight?

  • omd is Nagios

If the administrator is familiar with Nagios, they are aware of OMD. If they are not familiar, then there are numerous Nagios files that can help the administrator help determine that OMD delivers Nagios, they will not find instances on the ExoGENI wiki. I think this is ok.

  • orca-aux - not sure what you mean - is there a process with that name?

I was trying to map each path name listed to some process or software that the administrator could search for in the wiki. Although administrators will recognize that any path that includes "orca" in its name/path is ExoGENI.

  • ORCA currently runs under tomcat, again it is explained here:

https://wiki.exogeni.net/doku.php?id=private:configuration:orca:installation it is a well-known piece of open-source software that I don't think we need to explain, same way we wouldn't explain Apache.

Agreed no reason to explain Apache.

Overall Josh's point was that the files are not part of a package, so overall I leave it to him to decide the current answers are acceptable.

comment:19 Changed 10 years ago by jbs@bbn.com

Resolution: fixed
Status: newclosed

I think those answers are good enough -- and if they're not, site admins will let us know. (We obviously want to try to make the docs as good as possible before site admins need them, but there will always be things we missed or mistakenly assumed that "everyone would know".)

So, I think it's fine to consider this one closed.

Note: See TracTickets for help on using tickets.