Changes between Version 3 and Version 4 of DICLOUD/GEC12tutorial


Ignore:
Timestamp:
10/17/11 15:25:59 (12 years ago)
Author:
David Irwin
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • DICLOUD/GEC12tutorial

    v3 v4  
    33This page summarizes the !DiCloud tutorial that was presented at GEC 12. Slides can be found here.
    44
    5 Tutorial section quick links:
     5Tutorial sections:
    66
    77 * Pre-requisites
     
    5757MySQL server will ask you to set a root password. Remember the password.
    5858
     59== Setup !DiCloud's !MySQL Server ==
    5960
     61First, log into !MySQL and create the dicloud database by running the following commands.
     62
     63{{{
     64$ mysql -u root -p
     65$ mysql> create database dicloud;
     66$ mysql> quit;
     67}}}
     68
     69Next load the !DiCloud schema, create an admin user, and give the user database rights
     70
     71{{{
     72$ cd ~/Tutorials/DiCloud
     73$ mysql -u root -p < dicloud.schema
     74$ mysql -u root -p
     75$ mysql> INSERT INTO users(id, username, password) VALUES (1, 'admin', SHA1('geni'));
     76$ mysql> INSERT INTO admin_rights VALUES (1, true, true, true, true);
     77$ mysql> create user vise;
     78$ mysql> SET PASSWORD FOR 'vise' = PASSWORD('');
     79$ mysql> GRANT ALL ON dicloud.* TO 'vise'@'localhost';
     80}}}
     81
     82== Create Amazon user credentials ==
     83
     84Note that tutorial participants should not perform this step.
     85
     86Amazon EC2 requires that each user create and upload an X.509 certificate to Amazon, and use the corresponding private key to access the web services functions.  We create the certificate and private key below.  We copy versions of these certificates and change the ownership to www-data to allow the !DiCloud web portal to read them.
     87
     88{{{
     89$ cd ~/Tutorials/DiCloud/ec2/keys
     90$ openssl genrsa 1024 > ./geni_pk.pem
     91$ openssl req -new -x509 -nodes -sha1 -key ./geni_pk.pem > ./geni_cert.pem
     92$ ssh-keygen geni-keypair.pem
     93}}}
     94
     95== Register new user on Amazon EC2 ==
     96
     97Note that tutorial participants will be able to use a DiCloud account, and do not need to create there own account.  Tutorial participants will also use a pre-existing !DiCloud user, and do not need to perform the steps listed in the rest of this section.
     98
     99Create an account with Amazon web services by going [http://aws.amazon.com/ec2/ here] and clicking on "Create an AWS Account" in the upper-right portion of the page.  Amazon requires that account link to a valid credit card for payment.  Once you've created an account go back to [http://aws.amazon.com/ec2/ here] and click on "Sign in to the AWS Management Console" in the upper-right portion of the page.  Once logged in, click on the AWS IAM tab (second from the right). Click on "Users" on the left panel, and then click "Create New Users".  Create a user named "geni" (or any other name you prefer).  Next click on the geni user, and go to the "Security Credentials" tab at the bottom of the page.  Here you need to generate Access Keys and download the credentials.csv file that has the Access Key and the Secret Access Key.  Also, upload the signing certificate we created at ~/Tutorials/DiCloud/ec2/keys/geni_cert.pem.  Finally, click on the "Amazon EC2" tab (third from the left). Then click on the "Key Pairs" link at the bottom of the left panel.  Now click "Import Key Pair".  Give the new keypair the name "geni-keypair" (or any other name you prefer) and copy the contents of ~/Tutorials/DiCloud/ec2/keys/geni-keypair.pem in the correct place.  Copy the credentials file credentials.csv to ~/Tutorials/DiCloud/ec2/keys/ and create the file ~/Tutorials/DiCloud/ec2/keys/geni_aws_credentials.txt, which should look as follows:
     100
     101geni@geni-tutorial:~/Tutorials/DiCloud/ec2/keys$ cat geni_aws_credentials.txt
     102AWSAccessKeyId=<Your Access Key ID here>
     103AWSSecretKey=<Your Secret Key Here>
     104
     105== Configuring Amazon for Tutorial Participants ==
     106
     107Tutorial participants should download their certificate, private key, key pair, credential.csv, and geni_aws_credentials.txt files by performing the following commands.
     108
     109{{{
     110$ cd ~/Tutorials/DiCloud/ec2/keys
     111$ wget http://geni.cs.umass.edu/geni_cert.pem
     112$ wget http://geni.cs.umass.edu/geni_pk.pem
     113$ wget http://geni.cs.umass.edu/geni-keypair.pem
     114$ wget http://geni.cs.umass.edu/geni-keypair.pub
     115$ wget http://geni.cs.umass.edu/geni_aws_credentials.txt
     116$ wget http://geni.cs.umass.edu/credentials.csv
     117}}}
     118
     119== Enabling Access to Keys via DiCloud's Web Portal ==
     120
     121We also create copies of the certificate and private key and change their ownership to www-data so the web portal can access them.
     122
     123{{{
     124$ cp ./geni_pk.pem ./geni_pk_web.pem
     125$ sudo chown www-data geni_pk_web.pem
     126$ sudo chgrp www-data geni_pk_web.pem
     127$ cp ./geni_cert.pem ./geni_cert_web.pem
     128$ sudo chown www-data geni_cert_web.pem
     129$ sudo chgrp www-data geni_cert_web.pem
     130}}}