wiki:CRON-2Q10-status

Version 3 (modified by Seung-Jong Park, 14 years ago) (diff)

--

CRON Project Status Reports

Period: April 2010 - June 2010

I. Major accomplishments

A. Milestones achieved

  1. Test over a 10Gbps connection between CRON and ProtoGeni nodes
  2. Develop a component manager at CRON testbed (ongoing discussion among other ProtoGeni project)

B. Deliverables made

N/A

II. Description of work performed during last quarter

A. Activities and findings

During the past quarter, PIs have been working on two issues: (1) network test over a 10Gbps connection between CRON at LSU and ProtoGeni nodes at BBN and Utah and (2) a component manager which the ProtoGeni (Utah group) has proposed.

Activity 1

After PIs checked two individual connections (LONI to Internet 2 and Internet2 to BBN) through ION service during the first quarter 2010, LONI network administrators changed a web interface to reserve a circuit of Internet2. Therefore, PIs have performed several end-to-end tests between a node inside CRON testbed and a node inside BBN) with a new interface, OSCARS (On demand Secure Circuits and Advance Reservation System), to create a circuit of Internet2. And successfully, they created and performed several connection tests between CRON and BBN nodes with OSCARS.

We were able to ping bbn (10.37.28.100) successfully from CRON's machine (ip: 10.37.28.101, mac: 0060.dd46.9e11). But there was a problem with the underlying ION network that was preventing us from building circuits to the Salt Lake PoP from LSU or BBN. This issue has been corrected and now BBN can ping Utah’s machine. We are trying to explore if ION circuits can be created as multipoint instead of point-to-point. In that case we would be able to test that.

The circuit information between LSU to BBN is as follows:

GRI: loni.org-341 status: finished User: mazad1 Description: CRON to BBN test1 Start date:7/1/2010 Start time: 14:30 End date: 7/1/2010 End time: 17:00 Bandwidth (Mbps): 100 Source: urn:ogf:network:domain=loni.org:node=lsu-dcn:port=0-2-3:link=* Destination: urn:ogf:network:domain=dcn.internet2.edu:node=BOST:port=S26879:link=bbn Source VLAN:3728 Tagged true Destination VLAN:3728 Tagged true

Interdomain path

urn:ogf:network:domain=loni.org:node=lsu-dcn:port=0-2-3:link=* urn:ogf:network:domain=loni.org:node=lsu-dcn:port=0-2-1:link=* urn:ogf:network:domain=dcn.internet2.edu:node=BATO:port=S27135:link=10.100.90.169 urn:ogf:network:domain=dcn.internet2.edu:node=BATO:port=DTL2:link=10.100.90.133 urn:ogf:network:domain=dcn.internet2.edu:node=HOUS:port=DTL1:link=10.100.90.134 urn:ogf:network:domain=dcn.internet2.edu:node=HOUS:port=DTL2:link=10.100.90.109 urn:ogf:network:domain=dcn.internet2.edu:node=KANS:port=DTL2:link=10.100.90.110 urn:ogf:network:domain=dcn.internet2.edu:node=KANS:port=DTL1:link=10.100.90.66 urn:ogf:network:domain=dcn.internet2.edu:node=CHIC:port=DTL9:link=10.100.90.65 urn:ogf:network:domain=dcn.internet2.edu:node=CHIC:port=DTL1:link=10.100.90.62 urn:ogf:network:domain=dcn.internet2.edu:node=CLEV:port=DTL9:link=10.100.90.61 urn:ogf:network:domain=dcn.internet2.edu:node=CLEV:port=DTL1:link=10.100.90.42 urn:ogf:network:domain=dcn.internet2.edu:node=BOST:port=DTL2:link=10.100.90.41 urn:ogf:network:domain=dcn.internet2.edu:node=BOST:port=S26879:link=bbn

The circuit information between BBN and Utah is as follows: site IP MAC


BBN 10.38.28.101 00:0C:29:4A:B0:19 SALT POP 10.38.28.100 00:24:A8:30:A5:00

Ping data:

carthage,13:41$ ping 10.38.28.100 PING 10.38.28.100 (10.38.28.100) 56(84) bytes of data. 64 bytes from 10.38.28.100: icmp_seq=1 ttl=64 time=118 ms 64 bytes from 10.38.28.100: icmp_seq=2 ttl=64 time=58.1 ms 64 bytes from 10.38.28.100: icmp_seq=3 ttl=64 time=58.1 ms

Traceroute data:

carthage,13:43$ traceroute 10.38.28.100 traceroute to 10.38.28.100 (10.38.28.100), 30 hops max, 40 byte packets

1 10.38.28.100 (10.38.28.100) 58.244 ms 58.403 ms 58.497 ms

Activity 2 To aggregate resources at CRON testbed and share them with other ProtoGeni testbeds, PIs and other collaborators of other ProtoGENI projects have discussed about the component manager.

In general, there are two prototypes of component manager, Emulab-based installation and standalone reference model). Since CRON testbed is based on the Emulab software package, PIs will use the Emulab-based component manager (refer http://www.protogeni.net/trac/protogeni/wiki/ComponentManagerAPIV2). Inside an Emulab-based component manager proposed by ProtoGeni group (Utah), PIs will support the following APIs:

  • Resolve
  • DiscoverResources
  • CreateSliver
  • DeleteSlice
  • GetSliver
  • RestartSliver
  • RenewSlice
  • SliverStatus
  • Shutdown
  • GetVersion

Downloaded Emulab-based component manager (https://users.emulab.net/trac/protogeni/wiki/ProtoGENIInstall) , and created our local ProtoGENI domain (http://cron.cct.lsu.edu). Sent out CRON testbed site key certificate to Utah clearinghouse and got confirmed. Therefore, the CRON component manager could get in touch with Utah clearinghouse. We have not decided to contribute local resources to be registered with Utah clearinghouse. After data switch development finishes on CRON testbed, we will finish the resource registration and start component manager test on communication with Utah clearinghouse.

Since there have been many ongoing discussions on the component manager among other project participants, PIs plan to finish the development of the component manager before next quarter and deploy the component manager before next GEC 9 conference. Result of installation of the Component Manage developed by ProtoGeni(Utah) /usr/testbed/src/CRON_branch/configure --with-TBDEFS=/usr/testbed/src/CRON_definition_file/defs-CRON-privatecnet

######### waiting for Utah clearing house approval ##############

boss# /usr/testbed/sbin/protogeni/initsite Checking for package libxml2>=2.6.26 Checking for package p5-Crypt-SSLeay>=0.57 Checking for package p5-Frontier-RPC Checking for package p5-XML-LibXML Checking for package xmlsec1 No reason to regenerate. Exiting ... Creating Geni pseudo user ... User geniuser/10006 has been created No group membership for geniuser; using the guest group! Creating Geni slices project ... Project GeniSlices/10003 has been created Adding group GeniSlices to local node ... Adding group GeniSlices to ops.cron.cct.lsu.edu. * /usr/testbed/sbin/mkgroup:

Could not add GeniSlices (6003) to ops.cron.cct.lsu.edu!

* /usr/testbed/sbin/mkproj:

/usr/testbed/sbin/mkgroup GeniSlices failed!

* /usr/testbed/sbin/protogeni/initsite:

Could not approve geni project

boss# /usr/testbed/sbin/protogeni/initsite Checking for package libxml2>=2.6.26 Checking for package p5-Crypt-SSLeay>=0.57 Checking for package p5-Frontier-RPC Checking for package p5-XML-LibXML Checking for package xmlsec1 No reason to regenerate. Exiting ... No group membership for [User: geniuser, IDX: 10006]; using the guest group! Generating a 1024 bit RSA private key ..............................++++++ ......++++++ writing new private key to 'usercert_key.pem'


Using configuration from /usr/testbed/lib/ssl/ca.cnf DEBUG[load_index]: unique_subject = "no" Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName :PRINTABLE:'US' stateOrProvinceName :PRINTABLE:'Louisiana' localityName :PRINTABLE:'Baton Rouge' organizationName :PRINTABLE:'Louisiana State University' organizationalUnitName:PRINTABLE:'cron.cct.lsu.edu.geniuser' commonName :PRINTABLE:'a5376850-635a-11df-9f21-002128000a06' emailAddress :IA5STRING:'geniuser@cron.cct.lsu.edu' Certificate is to be certified until May 19 15:25:10 2011 GMT (365 days)

Write out database with 1 new entries Data Base Updated * /usr/testbed/sbin/mkusercert:

Could not mkdir /users/geniuser/.ssl: No such file or directory

* /usr/testbed/sbin/protogeni/initsite:

Could not create encrypted certificate for geni user

boss# /usr/testbed/sbin/protogeni/initsite Checking for package libxml2>=2.6.26 Checking for package p5-Crypt-SSLeay>=0.57 Checking for package p5-Frontier-RPC Checking for package p5-XML-LibXML Checking for package xmlsec1 No reason to regenerate. Exiting ... Creating Databases ... Creating CM certificate ... Creating SA certificate ... Creating SES certificate ... Fetching clearinghouse certificate from Utah ... Getting credential to talk to clearinghouse ... xml response: 500 SSL negotiation failed: error:1406C0C8:SSL routines:GET_SERVER_FINISHED:peer error | error:1406E0C9:SSL routines:GET_SERVER_VERIFY:peer error certificate Content-Type: text/plain Client-Date: Wed, 19 May 2010 15:25:35 GMT Client-Warning: Internal response

500 SSL negotiation failed: error:1406C0C8:SSL routines:GET_SERVER_FINISHED:peer error | error:1406E0C9:SSL routines:GET_SERVER_VERIFY:peer error certificate

* /usr/testbed/sbin/protogeni/initsite:

Could not get credential to talk to clearinghouse

boss# /usr/testbed/sbin/protogeni/initsite Checking for package libxml2>=2.6.26 Checking for package p5-Crypt-SSLeay>=0.57 Checking for package p5-Frontier-RPC Checking for package p5-XML-LibXML Checking for package xmlsec1 No reason to regenerate. Exiting ... Creating Databases ... Fetching clearinghouse certificate from Utah ... Getting credential to talk to clearinghouse ... xml response: 500 SSL negotiation failed: error:1406C0C8:SSL routines:GET_SERVER_FINISHED:peer error | error:1406E0C9:SSL routines:GET_SERVER_VERIFY:peer error certificate Content-Type: text/plain Client-Date: Wed, 19 May 2010 15:25:54 GMT Client-Warning: Internal response

500 SSL negotiation failed: error:1406C0C8:SSL routines:GET_SERVER_FINISHED:peer error | error:1406E0C9:SSL routines:GET_SERVER_VERIFY:peer error certificate

* /usr/testbed/sbin/protogeni/initsite:

Could not get credential to talk to clearinghouse

$$$$$$$ after Utah confirmed, everything looks fine $$$$$$$$$ boss# /usr/testbed/sbin/protogeni/initsite Checking for package libxml2>=2.6.26 Checking for package p5-Crypt-SSLeay>=0.57 Checking for package p5-Frontier-RPC Checking for package p5-XML-LibXML Checking for package xmlsec1 No reason to regenerate. Exiting ... Files /usr/testbed/etc/genica.bundle and /tmp/genica.bundle.66532 differ Stopping apache. Waiting for PIDS: 64582. Starting apache. Creating Databases ... Fetching clearinghouse certificate from Utah ... Getting credential to talk to clearinghouse ... Registering SA cert at the clearinghouse. Registering CM cert at the clearinghouse. Registering SES cert at the clearinghouse.

B. Project participants

*Seung-Jong Park, PI *Rajgopal Kannan, co-PI *Cheng Cui, graduate student *Mohammed Azad, graduate student *Lin Xue, graduate student

C. Publications (individual and organizational)

N/A