wiki:CRON-2Q10-status

Version 22 (modified by Seung-Jong Park, 14 years ago) (diff)

--

CRON Project Status Reports

Period: April 2010 - June 2010

I. Major accomplishments

A. Milestones achieved

  1. Test over a 10Gbps connection between CRON and ProtoGeni? nodes
  1. Develop a component manager at CRON testbed (ongoing discussion among other ProtoGeni project)

B. Deliverables made

N/A

II. Description of work performed during last quarter

A. Activities and findings

During the past quarter, PIs have been working on two issues: (1) network test over a 10Gbps connection between CRON at LSU and ProtoGeni nodes at BBN and Utah and (2) a component manager which the ProtoGeni (Utah group) has proposed.

Activity 1

After PIs checked two individual connections (LONI to Internet 2 and Internet2 to BBN) through ION service during the first quarter 2010, LONI network administrators changed a web interface to reserve a circuit of Internet2. Therefore, PIs have performed several end-to-end tests between a node inside CRON testbed and a node inside BBN) with a new interface, OSCARS (On demand Secure Circuits and Advance Reservation System), to create a circuit of Internet2. And successfully, they created and performed several connection tests between CRON and BBN nodes with OSCARS.

We were able to ping bbn (10.37.28.100) successfully from CRON's machine (ip: 10.37.28.101, mac: 0060.dd46.9e11). But there was a problem with the underlying ION network that was preventing us from building circuits to the Salt Lake PoP from LSU or BBN. This issue has been corrected and now BBN can ping Utah’s machine. We are trying to explore if ION circuits can be created as multipoint instead of point-to-point. In that case we would be able to test that.

The circuit information between LSU to BBN is as follows:

GRI: loni.org-341

status: finished

User:    mazad1

Description: CRON to BBN test1

Start date:7/1/2010

Start time: 14:30

End date: 7/1/2010

End time: 17:00

Bandwidth (Mbps): 100

Source: urn:ogf:network:domain=loni.org:node=lsu-dcn:port=0-2-3:link=*

Destination: urn:ogf:network:domain=dcn.internet2.edu:node=BOST:port=S26879:link=bbn

Source VLAN:3728

Tagged    true

Destination VLAN:3728

Tagged    true

Interdomain path

urn:ogf:network:domain=loni.org:node=lsu-dcn:port=0-2-3:link=*
urn:ogf:network:domain=loni.org:node=lsu-dcn:port=0-2-1:link=*
urn:ogf:network:domain=dcn.internet2.edu:node=BATO:port=S27135:link=10.100.90.169
urn:ogf:network:domain=dcn.internet2.edu:node=BATO:port=DTL2:link=10.100.90.133
urn:ogf:network:domain=dcn.internet2.edu:node=HOUS:port=DTL1:link=10.100.90.134
urn:ogf:network:domain=dcn.internet2.edu:node=HOUS:port=DTL2:link=10.100.90.109
urn:ogf:network:domain=dcn.internet2.edu:node=KANS:port=DTL2:link=10.100.90.110
urn:ogf:network:domain=dcn.internet2.edu:node=KANS:port=DTL1:link=10.100.90.66
urn:ogf:network:domain=dcn.internet2.edu:node=CHIC:port=DTL9:link=10.100.90.65
urn:ogf:network:domain=dcn.internet2.edu:node=CHIC:port=DTL1:link=10.100.90.62
urn:ogf:network:domain=dcn.internet2.edu:node=CLEV:port=DTL9:link=10.100.90.61
urn:ogf:network:domain=dcn.internet2.edu:node=CLEV:port=DTL1:link=10.100.90.42
urn:ogf:network:domain=dcn.internet2.edu:node=BOST:port=DTL2:link=10.100.90.41
urn:ogf:network:domain=dcn.internet2.edu:node=BOST:port=S26879:link=bbn

The circuit information between BBN and Utah is as follows:

site                     IP                 MAC

BBN            10.38.28.101         00:0C:29:4A:B0:19

SALT POP       10.38.28.100         00:24:A8:30:A5:00

Ping data:

carthage,13:41$ ping 10.38.28.100

PING 10.38.28.100 (10.38.28.100) 56(84) bytes of data.

64 bytes from 10.38.28.100: icmp_seq=1 ttl=64 time=118 ms

64 bytes from 10.38.28.100: icmp_seq=2 ttl=64 time=58.1 ms

64 bytes from 10.38.28.100: icmp_seq=3 ttl=64 time=58.1 ms

Traceroute data:

carthage,13:43$ traceroute 10.38.28.100

traceroute to 10.38.28.100 (10.38.28.100), 30 hops max, 40 byte packets

 1  10.38.28.100 (10.38.28.100)  58.244 ms  58.403 ms  58.497 ms

Activity 2

To aggregate resources at CRON testbed and share them with other ProtoGeni testbeds, PIs and other collaborators of other ProtoGENI projects have discussed about the component manager.

In general, there are two prototypes of component manager, Emulab-based installation and standalone reference model). Since CRON testbed is based on the Emulab software package, PIs will use the Emulab-based component manager (refer http://www.protogeni.net/trac/protogeni/wiki/ComponentManagerAPIV2). Inside an Emulab-based component manager proposed by ProtoGeni group (Utah), PIs will support the following APIs:

Resolve

DiscoverResources 

CreateSliver 

DeleteSlice 

GetSliver 

RestartSliver

RenewSlice 

SliverStatus 

Shutdown

GetVersion 

Downloaded Emulab-based component manager (https://users.emulab.net/trac/protogeni/wiki/ProtoGENIInstall) , and created our local ProtoGENI domain (http://cron.cct.lsu.edu). Sent out CRON testbed site key certificate to Utah clearinghouse and got confirmed. Therefore, the CRON component manager could get in touch with Utah clearinghouse. We have not decided to contribute local resources to be registered with Utah clearinghouse. After data switch development finishes on CRON testbed, we will finish the resource registration and start component manager test on communication with Utah clearinghouse.

Since there have been many ongoing discussions on the component manager among other project participants, PIs plan to finish the development of the component manager before next quarter and deploy the component manager before next GEC 9 conference.

Result log of installation of the Component Manager developed by ProtoGeni(Utah)

/usr/testbed/src/CRON_branch/configure --with-TBDEFS=/usr/testbed/src/CRON_definition_file/defs-CRON-privatecnet

####### waiting for Utah clearing house approval #########

boss# /usr/testbed/sbin/protogeni/initsite

Checking for package libxml2>=2.6.26

Checking for package p5-Crypt-SSLeay>=0.57

Checking for package p5-Frontier-RPC

Checking for package p5-XML-LibXML

Checking for package xmlsec1

No reason to regenerate. Exiting ...

Creating Geni pseudo user ...

User geniuser/10006 has been created

No group membership for geniuser; using the guest group!

Creating Geni slices project ...

Project GeniSlices/10003 has been created

Adding group GeniSlices to local node ...

Adding group GeniSlices to ops.cron.cct.lsu.edu.


*** /usr/testbed/sbin/mkgroup:

    Could not add GeniSlices (6003) to ops.cron.cct.lsu.edu!

*** /usr/testbed/sbin/mkproj:

    /usr/testbed/sbin/mkgroup GeniSlices failed!

*** /usr/testbed/sbin/protogeni/initsite:
    Could not approve geni project


boss# /usr/testbed/sbin/protogeni/initsite

Checking for package libxml2>=2.6.26

Checking for package p5-Crypt-SSLeay>=0.57

Checking for package p5-Frontier-RPC

Checking for package p5-XML-LibXML

Checking for package xmlsec1

No reason to regenerate. Exiting ...

No group membership for [User: geniuser, IDX: 10006]; using the guest group!

Generating a 1024 bit RSA private key

writing new private key to 'usercert_key.pem'

Using configuration from /usr/testbed/lib/ssl/ca.cnf

DEBUG[load_index]: unique_subject = "no"

Check that the request matches the signature

Signature ok

The Subject's Distinguished Name is as follows


countryName           :PRINTABLE:'US'

stateOrProvinceName   :PRINTABLE:'Louisiana'

localityName          :PRINTABLE:'Baton Rouge'

organizationName      :PRINTABLE:'Louisiana State University'

organizationalUnitName:PRINTABLE:'cron.cct.lsu.edu.geniuser'

commonName            :PRINTABLE:'a5376850-635a-11df-9f21-002128000a06'

emailAddress          :IA5STRING:'geniuser@cron.cct.lsu.edu'

Certificate is to be certified until May 19 15:25:10 2011 GMT (365 days)

Write out database with 1 new entries
Data Base Updated

*** /usr/testbed/sbin/mkusercert:

    Could not mkdir /users/geniuser/.ssl: No such file or directory

*** /usr/testbed/sbin/protogeni/initsite:

    Could not create encrypted certificate for geni user


boss# /usr/testbed/sbin/protogeni/initsite

Checking for package libxml2>=2.6.26

Checking for package p5-Crypt-SSLeay>=0.57

Checking for package p5-Frontier-RPC

Checking for package p5-XML-LibXML


Checking for package xmlsec1

No reason to regenerate. Exiting ...

Creating Databases ...

Creating CM certificate ...

Creating SA certificate ...

Creating SES certificate ...

Fetching clearinghouse certificate from Utah ...

Getting credential to talk to clearinghouse ...

xml response: 500 SSL negotiation failed: error:1406C0C8:SSL routines:GET_SERVER_FINISHED:peer error | error:1406E0C9:SSL 

routines:GET_SERVER_VERIFY:peer error certificate

Content-Type: text/plain

Client-Date: Wed, 19 May 2010 15:25:35 GMT

Client-Warning: Internal response

500 SSL negotiation failed: error:1406C0C8:SSL routines:GET_SERVER_FINISHED:peer error | error:1406E0C9:SSL routines:GET_SERVER_VERIFY:peer error certificate

*** /usr/testbed/sbin/protogeni/initsite:
    Could not get credential to talk to clearinghouse



boss# /usr/testbed/sbin/protogeni/initsite

Checking for package libxml2>=2.6.26

Checking for package p5-Crypt-SSLeay>=0.57

Checking for package p5-Frontier-RPC

Checking for package p5-XML-LibXML

Checking for package xmlsec1

No reason to regenerate. Exiting ...

Creating Databases ...

Fetching clearinghouse certificate from Utah ...

Getting credential to talk to clearinghouse ...

xml response: 500 SSL negotiation failed: error:1406C0C8:SSL routines:GET_SERVER_FINISHED:peer error | error:1406E0C9:SSL 

routines:GET_SERVER_VERIFY:peer error certificate

Content-Type: text/plain

Client-Date: Wed, 19 May 2010 15:25:54 GMT

Client-Warning: Internal response

500 SSL negotiation failed: error:1406C0C8:SSL routines:GET_SERVER_FINISHED:peer error | error:1406E0C9:SSL routines:GET_SERVER_VERIFY:peer error certificate

*** /usr/testbed/sbin/protogeni/initsite:
    Could not get credential to talk to clearinghouse



$$$$$$$ after Utah confirmed, everything looks fine $$$$$$$$$

boss# /usr/testbed/sbin/protogeni/initsite

Checking for package libxml2>=2.6.26

Checking for package p5-Crypt-SSLeay>=0.57

Checking for package p5-Frontier-RPC

Checking for package p5-XML-LibXML

Checking for package xmlsec1

No reason to regenerate. Exiting ...

Files /usr/testbed/etc/genica.bundle and /tmp/genica.bundle.66532 differ

Stopping apache.

Waiting for PIDS: 64582.

Starting apache.

Creating Databases ...

Fetching clearinghouse certificate from Utah ...

Getting credential to talk to clearinghouse ...

Registering SA cert at the clearinghouse.

Registering CM cert at the clearinghouse.

Registering SES cert at the clearinghouse.  

B. Project participants

Seung-Jong Park, PI

Rajgopal Kannan, co-PI

Cheng Cui, graduate student

Mohammed Azad, graduate student

Lin Xue, graduate student

Chase Pierson, graduate student

C. Publications (individual and organizational)

N/A