wiki:GEC12OmniTutorial/Tutorial

Version 2 (modified by sedwards@bbn.com, 13 years ago) (diff)

--

Advanced Topics in Networking Experiments using GENI


Prework

  1. Download and install VirtualBox on your machine, we have tested versions 4.0.8, 4.0.10, 4.0.12.
    • If you run Ubuntu 10.04, it comes with VirtualBox 3.1.6_OSE, which will not work, please download the latest version.
  2. Download the VM image
  3. Run VirtualBox and Import Appliance (File->Import Ampliance), accept the default settings for the VM.
    • If you are using a FAT32 filesystem you will NOT be able to load the image.
  4. Start the VM and log in
  5. Change the default password, click on the getversiontask bar on the top, on the right on the user 'geni', and choose the Change Password button.
  6. Verify that the VM has connectivity. Start Firefox (shortcut on the top bar) and try to load Google. If you can't reach any website, restore VM's Network connection.
    • On the far right on the top bar, there is the network icon (two opposite facing arrows).
    • Click that icon and choose 'Auto eth0'.
    • Try loading the webpage again.

Useful Tips

  • You can copy-paste between the host and the guest VM.
  • In the terminal within the VM, use Ctrl-Shift-C to copy and Ctrl-Shift-V to paste.
  • vim and emacs editors are installed on the VM, so feel free to use them for editing your files
    • If you are using vim, while in command mode to replace a pattern in the file type
      %s/pattern/replace_text/gc
      
      And press 'y' for the instances of the pattern you want replaced, 'n' otherwise.
    • If you are using emacs, press Alt-x and then type
      query-replace
      
      and press ENTER. Enter the pattern to be replaced, press ENTER, enter the text you want to replace it with and press ENTER. Press 'y' for the instances of the pattern you want replaced, 'n' otherwise.
  • If you want to have a shared folder between your machine and the VM so that it's easier to transfer files during the tutorial, you have to do this before starting the VM. Follow these instructions
  • If you get an error running Omni, look at the troubleshoot page for help.

I. Getting Started

1. Configure Omni

The purpose of this first exercise is to setup Omni to use your credentials and keys.

1a. Setup omni

Omni uses as input a configuration file, where you can specify information such as which clearinghouse to use, where your certificate and keys are located, etc. Under the Tutorials/Omni/<username> directory (where <username> is your username on the piece of paper you were given upon entering the room), there is a configuration file, omni_config.

  • Open a terminal (there is a shortcut on the top bar).
  • First lets update the files that are on the VM:
    cd Tutorials/Omni/
    downloadRSpecs.sh 
    

  • The rest of the tutorial assumes that you are under the Tutorials/Omni/<username> directory :
    cd <username>
    
  • Remove the passphrase from your certificate. For security best practices you should keep a passphrase on your certificate. To avoid typing the passphrase throughout the tutorial, we will temporarily remove the passphrase. Run
    clear_cert.sh <username>
    
    It will prompt you for the passphrase which should be included on the slip that was given to you.
  • Verify that you have the necessary credential and key files
    ls ssh |grep <username>
    
    For gpousr21 the output looks like :
    geni@geni-vm:~/omni_tutorial$ ls ssh | grep gpousr21
    gpousr21_cert_ct.pem
    gpousr21_cert.pem
    gpousr21_key
    gpousr21_key.pub
    
gpousr21_cert_ct.pem Cleartext certificate for gpousr21, i.e. does not require any passphrase
gpousr21_cert.pem Encrypted certificate for gpousr21
gpousr21_key The private key that gpousr21 would use to login to the nodes
gpousr21_key.pub The corresponding public key that gpousr21 will ask to be loaded to the nodes
  • Look at the omni_config. Open omni_config. For the tutorial you should use the cleartext certificate, but when running your own experiments, for security best practices always use your encrypted certificate.

For gpousr21 using a cleartext certificate the omni_config file looks like :

# This file is the omni_config for GEC 12 tutorial 
# Experimental topologies on the GENI Mesoscale network with Omni

# General section of omni config
[omni]
default_cf = pgeni
users = gpousr21

# ---------- Users ----------
[gpousr21]
# Make sure the urn matches the URN of the credential
urn = urn:publicid:IDN+pgeni.gpolab.bbn.com+user+gpousr21

# Public key to be installed in compute resources. For multiple 
# keys use a comma separated file
keys = ~/Tutorials/Omni/gpousr20/ssh/gpousr21_key.pub

# If -a option is not specified the omni command will by run against all 
# the following AMs
aggregates =  http://emulab.net/protogeni/xmlrpc/am, https://pgeni.gpolab.bbn.com/protogeni/xmlrpc/am, http://myplc.gpolab.bbn.com:12346/, http://myplc.clemson.edu:12346/, https://myplc.stanford.edu:12346/, https://wings-openflow-1.wail.wisc.edu:12346/, https://of.cs.washington.edu:12346/, https://plc.orbit-lab.org:12346/, https://myplc.grnoc.iu.edu:12346/, https://myplc.cip.gatech.edu:12346/, https://foam-tutorial.gpolab.bbn.com:3626/foam/gapi

# ---------- Frameworks ----------
[pgeni]
type = pg
ch = https://www.emulab.net:443/protogeni/xmlrpc/ch
sa = https://www.pgeni.gpolab.bbn.com:443/protogeni/xmlrpc/sa

# Use the following two lines if you are using
# a certificate with a passphrase
#cert = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert.pem
#key = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert.pem

# Use the following two lines if you are using 
# a cleartext cert.
cert = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert_ct.pem
key = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert_ct.pem

#------AM nicknames----------------
# Instead of typing the whole url of an AM in the -a option you can 
# specify a nickname in this section and use the nickname instead

# Format :
# Nickname=URN, URL
# URN is optional
[aggregate_nicknames]
# ProtoGENI AMs and PlanetLab central
pg-gpo=urn:publicid:IDN+pgeni.gpolab.bbn.com+authority+am,https://pgeni.gpolab.bbn.com/protogeni/xmlrpc/am
pg-utah=,https://www.emulab.net/protogeni/xmlrpc/am
pg-ky=urn:publicid:IDN+uky.emulab.net+authority+am,https://www.uky.emulab.net/protogeni/xmlrpc/am
plc=,https://www.planet-lab.org:12346

# Private myplc installations
pl-gpo=,http://myplc.gpolab.bbn.com:12346/
pl-clemson=,http://myplc.clemson.edu:12346/
pl-stanford=,https://myplc.stanford.edu:12346/
pl-wisconsin=,https://wings-openflow-1.wail.wisc.edu:12346/
pl-washington=,https://of.cs.washington.edu:12346/
pl-rutgers=,https://plc.orbit-lab.org:12346/
pl-indiana=,https://localhost:1234/
pl-gatech=,https://localhost:2346/


# Tutorial OpenFlow AM
of-tut=,https://foam-tutorial.gpolab.bbn.com:3626/foam/gapi

# Other OpenFlow AMs
of-gpo=,https://foam.gpolab.bbn.com:3626/foam/gapi

Note, the pgeni framework definition includes the Utah Emulab clearinghouse, which is the only clearinghouse for ProtoGENI aggregates. For additional configuration details please see the Omni page for more details. The omni_configuration parameters shown define the following:

Parameter Use
default_cf Default Clearinghouse and credentials used if not specified on the command line.
users users setting used when reserving slices.
urn The username URN
keys A comma separated list of public ssh key files to be uploaded to the Clearinghouse and to your resources
type Clearinghouse/credentials type "pg" indicates ProtoGENI, see the Omni page.
ch ProtoGENI Clearinghouse URL.
sa Slice Authority URL.
cert Location of your SSL encrypted certificate (contains both a certificate and a key).
key Location of your SSL encrypted key (contains both a certificate and a key).
<AM nickname> Optional URN, required URL of an Aggregate Manager.
  • Verify that the user URN is correct. Get the URN from your omni config
    grep urn omni_config
    
    Verify that it matches the urn in your cert (disregard the leading URI:)
    openssl x509 -noout -text -in ./ssh/<username>_cert_ct.pem | grep 'urn:publicid' 
    
    For gpousr21 the output looks like
    geni@geni-vm:~/omni_tutorial$ grep urn omni_config
    urn = urn:publicid:IDN+pgeni.gpolab.bbn.com+user+gpousr21
    geni@geni-vm:~/omni_tutorial$ openssl x509 -noout -text -in ./ssh/gpousr21_cert_ct.pem | grep 'urn:publicid' 
                    URI:urn:publicid:IDN+pgeni.gpolab.bbn.com+user+gpousr21, email:gpousr21@pgeni.gpolab.bbn.com
    

1b. Test configuration

In order to test that our configuration is correct, you can issue a getversion command. For this step we have used PlanetLab's AM, but you can use any Aggregate Manager(AM).

omni.py getversion -a http://www.planet-lab.org:12346

Or equivalently using the PlanetLab nickname:

omni.py getversion -a plc

gpousr21 decided to use PlanetLab central :

geni@geni-tutorial:~/Tutorials/Omni/gpousr21$ omni.py getversion -a plc
INFO:omni:Loading config file omni_config
INFO:omni:Using control framework pgeni
INFO:omni:Substituting AM nickname plc with URL https://www.planet-lab.org:12346, URN unspecified_AM_URN
INFO:omni:AM URN: unspecified_AM_URN (url: https://www.planet-lab.org:12346) has version:
INFO:omni:{   'ad_rspec_versions': [   {   'extensions': [   'http://www.protogeni.net/resources/rspec/ext/gre-tunnel/1',
                                                   'http://www.protogeni.net/resources/rspec/ext/other-ext/3'],
                                 'namespace': 'http://www.protogeni.net/resources/rspec/2',
                                 'schema': 'http://www.protogeni.net/resources/rspec/2/ad.xsd',
                                 'type': 'ProtoGENI',
                                 'version': '2'},
                             {   'extensions': [],
                                 'namespace': None,
                                 'schema': None,
                                 'type': 'SFA',
                                 'version': '1'}],
    'code_tag': '1.0-35',
    'code_url': 'git://git.onelab.eu/sfa.git@sfa-1.0-35',
    'default_ad_rspec': {   'extensions': [],
                            'namespace': None,
                            'schema': None,
                            'type': 'SFA',
                            'version': '1'},
    'geni_api': 1,
    'hostname': 'www.planet-lab.org',
    'hrn': 'plc',
    'interface': 'aggregate',
    'request_rspec_versions': [   {   'extensions': [   'http://www.protogeni.net/resources/rspec/ext/gre-tunnel/1',
                                                        'http://www.protogeni.net/resources/rspec/ext/other-ext/3'],
                                      'namespace': 'http://www.protogeni.net/resources/rspec/2',
                                      'schema': 'http://www.protogeni.net/resources/rspec/2/request.xsd',
                                      'type': 'ProtoGENI',
                                      'version': '2'},
                                  {   'extensions': [],
                                      'namespace': None,
                                      'schema': None,
                                      'type': 'SFA',
                                      'version': '1'}],
    'sfa': 1,
    'testbed': 'myplc'}
INFO:omni: ------------------------------------------------------------
INFO:omni: Completed getversion:

  Options as run:
                aggregate: plc
                framework: pgeni
                native: True

  Args: getversion

  Result Summary: 
Got version for 1 out of 1 aggregates
 
INFO:omni: ============================================================

2. Make a slice

Before we continue with the rest of the tutorial, we need to create a slice that will contain all our slivers with the different AMs. Since the omni_config specifies using GPO's ProtoGENI as the Slice Authority (SA), your slice will be created in the pgeni.gpolab.bbn.com namespace.

2a. Createslice

For this tutorial we will create a slice named gposlice## (where ## matches your username); you should always choose a slice name that is meaningful to you. To avoid confusion, avoid creating a slice with the same name as your username (i.e. if your username is alice, don't name your slice alice too).

omni.py createslice gposlice##

2b. Renew Slice

Note in the above output that our new slice expires soon. Your slivers can not last longer then your slice, and your resources will go away when the reservation expires. For your experiments be sure to renew your slice for the duration of your experiment. For the tutorial you don't need to extend the lifetime, but if you wanted to, this is what it would look like:

omni.py renewslice gposlice## 20111105T00:00:00

For Alice the output would like:

geni@geni-tutorial:~/Tutorials/Omni/gpousr21$ omni.py renewslice gposlice21 20111105T00:00:00
INFO:omni:Loading config file omni_config
INFO:omni:Using control framework pgeni
INFO:omni.protogeni:Requesting new slice expiration '2011-11-05T00:00:00'
INFO:omni:Slice gposlice21 now expires at 2011-11-05 00:00:00 UTC
INFO:omni:Slice urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+gposlice21 expires on 2011-11-05 00:00:00 UTC
INFO:omni: ------------------------------------------------------------
INFO:omni: Completed renewslice:

  Options as run:
		framework: pgeni
		native: True

  Args: renewslice gposlice21 20111105T00:00:00

  Result Summary: Slice gposlice21 now expires at 2011-11-05 00:00:00 UTC
Slice urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+gposlice21 expires on 2011-11-05 00:00:00 UTC 
INFO:omni: ============================================================

Note: You can not renew the slice expiration time to an earlier time that its current expiration time. Also there is no deleteslice operation. However, you can delete all the slivers in your slice and let the slice expire.

2c. List your Slices

If you want to find out what slices you currently have, you can use an Omni command to listmyslices.

omni.py listmyslices <username>

We've pre-reserved resources in a second slice (ctrl##) in advance of the tutorial for each user.

So for gpousr21 the output would look like :

geni@geni-tutorial:~/Tutorials/Omni/gpousr21$ omni.py listmyslices gpousr21
INFO:omni:Loading config file omni_config
INFO:omni:Using control framework pgeni
INFO:omni:User 'gpousr21' has slices: 
	urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+gposlice21
	urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+ctrl21
INFO:omni: ------------------------------------------------------------
INFO:omni: Completed listmyslices:

  Options as run:
		framework: pgeni
		native: True

  Args: listmyslices gpousr21

  Result Summary: Found 2 slices for user 'gpousr21'.
 
INFO:omni: ============================================================

3. Make a ProtoGENI sliver

The first resource we are going to add to our slice is a ProtoGENI host.

3a. Createsliver

Under the Tutorials/Omni/<username> directory, there is a directory called rspecs that has all the necessary RSpecs for the tutorial. For this tutorial we are going to use ProtoGENI hosts from GPO's ProtoGENI, as well as Wide Area ProtoGENI hosts from Utah's ProtoGENI cluster.

  • If your ProtoGENI host is in the emulab.net(e.g. pg30.emulab.net), namespace then it belongs to Utah's cluster and you should use Utah's AM (nickname: pg-utah), and use rspecs/final/protogeni_utah_<username>.rspec
  • If your ProtoGENI host is in the pgeni.gpolab.bbn.com(e.g. pc1.pgeni.gpolab.bbn.com), namespace then it belongs to GPO's cluster and you should use GPO's AM (nickname: pg-gpo), and use rspecs/final/protogeni_gpo_<username>_v02.rspec

gpousr21 was assigned host pc1.pgeni.gpolab.bbn.com so she should use pg_gpo.rspec:

<!--
This rspec will reserve one wide-area ProtoGENI host

AM: http://www.emulab.net/protogeni/xmlrpc/am
-->
<!--  This file is an rspec for GEC 12 tutorial 
-->

<rspec type="request" 
       xsi:schemaLocation="http://www.protogeni.net/resources/rspec/2 http://www.protogeni.net/resources/rspec/2/request.xsd" 
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
       xmlns="http://www.protogeni.net/resources/rspec/2">

  <node client_id="pc1" 
        component_manager_id="urn:publicid:IDN+pgeni.gpolab.bbn.com+authority+cm" 
        component_id="urn:publicid:IDN+pgeni.gpolab.bbn.com+node+pc1" 
        component_name="pc1" exclusive="true">
    <sliver_type name="raw-pc">
      <disk_image name="urn:publicid:IDN+pgeni.gpolab.bbn.com+image+emulab-ops//UBUNTU1004-STD"/>
    </sliver_type>
    <services>
      <execute command="cd /home/gpousr21/config_dir;./install.sh" shell="sh " />
      <install install_path="/home/gpousr21" url="http://192.1.249.166:8383/gec12tutorial_ubuntu.tar.gz" file_type="tar.gz"/>
    </services>
  </node>

</rspec>


  • Now you are ready to reserve your host on the appropriate AM. For easy access and to be able to copy and paste AM URLs that are used in this tutorial, we made a table. If your node is pg46.emulab.net, you are sharing your node with Alice. Alice has already created the sliver for you, so you can run the 'createsliver' command, and its ok if it fails.
    omni.py createsliver -a <AM_NICKNAME> gposlice## rspecs/final/<rspec_file>
    

The output should look like :

geni@geni-vm:~/omni_tutorial$ omni.py createsliver -a http://www.emulab.net/protogeni/xmlrpc/am aliceslice rspecs/pg_utah.rspec 

FILL IN HERE

3b. Sliverstatus

We asked for an exclusive ProtoGENI host, which means that the node needs to be loaded with the right OS and booted, before our sliver is ready to use. This will take a while. We can check the status of our sliver, using the sliverstatus call.

omni.py sliverstatus -a <AM_NICKNAME> gposlice##

The status will probably be 'not ready', you can continue with the next steps of the tutorial, and we will come back to this node later.

II. Exercise 1: Using Physical Topology to Influence Your Experiment

In this exercise we are going to test and see how the underlying network topology can affect the topology of your experiment. For this exercise we have already setup the networking portion of the exercise, so you just need to reserve your compute resources.

To avoid any firewall problems, please first login to "ops.pgeni.gpolab.bbn.com", since we might need to tunnel some traffic through this connections.

To do that run :

xterm -e ssh -i ssh/gpousr##_key -F ssh/config gpousr##@ops &

1. Make a MyPLC sliver

For this exercise you would need to reserve two MyPlc hosts, each in a different AM. Under the final rspecs directory (Tutorials/Omni/<username>/rspecs/final) there are the two MyPLC rspecs that you should use.

  • The name of the rspec is of the form myplc-<site>-<node>.rspec. You should take a look in your omni_config file to find out what is the

nickname for the AM, and try to reserve the sliver.

gpousr21 was assigned hosts bain.gpolab.bbn.com

<?xml version="1.0" ?>
<!-- Resources at AM:
  URN: http://myplc.gpolab.bbn.com:12346/
 -->

<rspec type="request" 
       xmlns="http://www.protogeni.net/resources/rspec/2" 
       xmlns:flack="http://www.protogeni.net/resources/rspec/ext/flack/1" 
       xmlns:planetlab="http://www.planet-lab.org/resources/sfa/ext/planetlab/1" 
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
       xsi:schemaLocation="http://www.protogeni.net/resources/rspec/2 http://www.protogeni.net/resources/rspec/2/request.xsd">
    <node component_id="urn:publicid:IDN+plc:gpolab:gpolab+node+bain.gpolab.bbn.com" 
    component_manager_id="urn:publicid:IDN+plc:gpolab+authority+am" 
    component_name="bain.gpolab.bbn.com" 
    exclusive="false"
    client_id="ganel">
        <sliver_type name="plab-vnode"/>
    </node>
</rspec>
  • Now you are ready to reserve your host on the appropriate AM. For easy access and to be able to copy and paste AM URLs and nicknames that are used in this tutorial, we made a table.
    omni.py createsliver -a <AM_NICKNAME> gposlice## rspecs/final/<rspec_file>
    

The output should look like :

geni@geni-tutorial:~/Tutorials/Omni/gpousr10$ omni.py createsliver slice10 rspecs/final/myplc-gpolab-ganel.rspec -a pl-gpo
INFO:omni:Loading config file omni_config
INFO:omni:Using control framework pgeni
INFO:omni:Slice urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+slice10 expires within 1 day on 2011-11-04 06:57:31 UTC
INFO:omni:Substituting AM nickname pl-gpo with URL http://myplc.gpolab.bbn.com:12346/, URN unspecified_AM_URN
INFO:omni:Substituting AM nickname pl-gpo with URL http://myplc.gpolab.bbn.com:12346/, URN unspecified_AM_URN
INFO:omni:Creating sliver(s) from rspec file rspecs/final/myplc-gpolab-ganel.rspec for slice urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+slice10
INFO:omni:Asked http://myplc.gpolab.bbn.com:12346/ to reserve resources. Result:
INFO:omni:<?xml version="1.0" ?>
INFO:omni:<!-- Reserved resources for:
        Slice: slice10
        At AM:
        URL: http://myplc.gpolab.bbn.com:12346/
 -->
INFO:omni:<rspec expires="2011-11-04T01:58:07Z" generated="2011-11-04T00:58:07Z" type="manifest" xmlns="http://www.protogeni.net/resources/rspec/2" xmlns:flack="http://www.protogeni.net/resources/rspec/ext/flack/1" xmlns:planetlab="http://www.planet-lab.org/resources/sfa/ext/planetlab/1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.protogeni.net/resources/rspec/2 http://www.protogeni.net/resources/rspec/2/manifest.xsd">  
    <node client_id="ganel.gpolab.bbn.com" component_id="urn:publicid:IDN+plc:gpolab:gpolab+node+ganel.gpolab.bbn.com" component_manager_id="urn:publicid:IDN+plc:gpolab+authority+am" component_name="ganel.gpolab.bbn.com" exclusive="false" sliver_id="urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+slice10:291:4:0">    
        <hardware_type name="plab-pc"/>    
        <hardware_type name="pc"/>    
        <location country="us" latitude="42.3897" longitude="-71.1475"/>    
        <sliver_type name="plab-vnode"/>    
    </node>  
</rspec>
INFO:omni: ------------------------------------------------------------
INFO:omni: Completed createsliver:

  Options as run:
                aggregate: pl-gpo
                framework: pgeni
                native: True

  Args: createsliver slice10 rspecs/final/myplc-gpolab-ganel.rspec

  Result Summary: Slice urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+slice10 expires within 1 day(s) on 2011-11-04 06:57:31 UTC
Reserved resources on http://myplc.gpolab.bbn.com:12346/.  
INFO:omni: ============================================================

Follow the same procedure to reserve your second myPLC host.

2. Login to the nodes --- Omni Scripting

After reserving the nodes, we are ready to login. When reserving PlanetLab resources, using a different clearinghouse, the login name that should be used to access the nodes is 'not' the username. The username is listed as part of the sliverstatus call. For common functionality like this that is expected to be used often, omni gives you the capability of writing scripts and including omni as a library. Under omni_tutorial there is a folder 'example_scripts' that includes example python scripts that use Omni. One script that is available is the getMyLogin.py script that will return the exact command for logging-in to your nodes.

readyToLogin -a <AM_NICKNAME> gposlice##

The script will return the actual command that you would need to use for logging in.

For gpousr21 the script would return :

================================================================================
Aggregate [https://myplc.stanford.edu:12346] has a PlanetLab sliver.
of-planet1.stanford.edu's pl_boot_state is: 
	boot
Login using:
	xterm -e ssh -i ssh/gpousr21_key pgenigpolabbbncom_gposlice21@bain.gpolab.bbn.com &

================================================================================

For user gpousr21 this would be :

xterm -e ssh -i ssh/gpousr##_key -F ssh/config gpousr##@ops &

Note: If your hosts are in Georgia Tech you would need to use the connection through ops. To do that run

xterm -e ssh -i ssh/gpousr##_key -F ssh/config <hostname> &

For gpousr21 that would be :

xterm -e ssh -i ssh/gpousr21_key -F ssh/config bain &

3. Test Different Topologies

The Mesoscaly deployment can offer, different topologies even if the communication is between the same hosts. We have provisioned two different subnets in the Mesoscale infrastructure, each using a different VLAN (one using 3715 and the other 3716).

The two subnets that have been provisioned are 10.42.131.0/24 on 3715 and 10.42.132.0/24 on 3716.

First of all let's see how we can figure out the IP of the hosts we reserved :

  • List all the interfaces in your host. You will see that there many interfaces of the form eth1.XXXX
    /sbin/ifconfig
    
    Part of the output would look like :
    eth1.1750:42147 Link encap:Ethernet  HWaddr 00:B0:D0:E1:6F:78  
           inet addr:10.42.147.90  Bcast:10.42.147.255  Mask:255.255.255.0
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
    
    eth1.1750:42148 Link encap:Ethernet  HWaddr 00:B0:D0:E1:6F:78  
           inet addr:10.42.148.90  Bcast:10.42.148.255  Mask:255.255.255.0
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
    
  • Figure out the last octet of the IP address of your hosts. The way these MyPLC hosts are setup, is that they have multiple subinterfaces, each configured to be part of a different IP subnet. Almost all subnets in the hosts are in the form of 10.42.Y.0/24. You will notice that for all these subnets, your host has the same last octet. In the example above all the subinterfaces of eth1, will have an IP address that will end in 90 (10.42.147.90, 10.42.148.90)
  • Ping over 3715. After loging in to your hosts ping from host1 to host2. Assuming that host2 has a last octet of YYY you should:
ping 10.42.131.YYY

Notice the RTT on the packets.

  • Ping over 3716. After loging in to your hosts ping from one host2 to host1. Assuming that host1 has XXX as it's last octet you should ping
ping 10.42.132.XXX

Notice the RTT on the packets and compare it with the above ping.

III. Exercise 2: Using OpenFlow to Create Your Experiment's Topology

Another way to control the path that your packets are taking is with OpenFlow controllers. In this exercise we are going to use an OpenFlow controller that will deflect packets from one server to another one. We will start first by reserving an OpenFlow sliver.

1. Make an OpenFlow sliver

In the previous step, we have used a pre-configured setup to run our test. In this experiment we will first reserve an OpenFlow sliver that will point to a controller to control our traffic.

1a. OpenFlow controller

In a typical OpenFlow experiment, the first step is to figure out where you are going to run your controller. The OpenFlow controller should be able to accept connections from switches. To make this tutorial simpler we have already setup the controllers in separate slices for each user. The name of your controller slice is "ctrlXX" and it contains one myplc host, "navis.gpolab.bbn.com", where your controller will be running on port "100XX".

In the previous example we have pointed all the traffic for subnets 10.42.131.0/24, 10.42.132.0/24 to a switch OpenFlow controller, that's why you were able to ping between your hosts, using that subnet.

1b. OpenFlow sliver

Until you have reserved an OpneFlow sliver, traffic would not be forwarded between your hosts on your assigned subnet.

  • Personalize your rspec. There is a sample OpenFlow rspec, under the rspecs folder (rspecs/openflow-tutorial-template.rspec), that you would need to modify in order to reserve the flowspace that has been assigned to you. In the beginning of the file there is a list of tags you would need to replace. More specifically
    • <USERNAME> : Your usernamer
    • <CTRL-PORT> : The port that your controller will be listening on on navis.gpolab.bbn.com
    • <VLAN> : Which core VLAN you are using for your experiment.
    • <IP_SUBNET_OCT> : The last octet of the subnet that has been assigned to you
    • <ETH_TYPE_1>, <ETH_TYPE_2> : The ethtypes that have been assigned to you for use in this exercise
  • Create the OpenFlow sliver. The flowspace for the tutorial is managed by an AM running at GPO :
    omni.py createsliver gposliceXX ./rspecs/openflow-tutorial-template.rspec -a of-tut
    
  • Login to your controller machine :
    xterm -e ssh -i ssh/gpousrXX_key pgenigpolabbbncom_XX@bain.gpolab.bbn.com &
    
    xterm -e ssh -i ssh/gpousr21_key pgenigpolabbbncom_gposlice21@bain.gpolab.bbn.com &
    
  • Run your controller. First of all verify that there is no other controller running. Run
    ps -ef |grep nox_core
    
    If there is one, make sure you kill it before you start the new one. In order to start your controller do the following
    cd nox_build/src
    ./nox_core -i ptcp:<PORT> -d l2deflect
    

1d. Deflect layer 2 ping using your controller

For this exercise we have already reserved the hosts for you. There are two layer 2 ping servers running and one host that will be used as a client. You will need to login to the client using your key.

ssh -i ssh/gpousrXX_key inki@pg30.emulab.net

After you login run :

cd pingPlus

Run a layer two ping using each one of your two ethernet types. What do you notice?

sudo ./pingPlus 00:15:17:d4:64:c2 eth1.1750 <ETH_TYPE1>
sudo ./pingPlus 00:15:17:d4:64:c2 eth1.1750 <ETH_TYPE2>

IV. Exercise 3: Using Software Routers to Create Your Experiment Topology

In this exercise we are going to use a click router to bandwidth limit our traffic. For this we are going to use the protogeni host you reserved in the beginning.

Note: If you are using one of the hosts pc1.gpolab.bbn.com, pc11.gpolab.bbn.com or pg30.emulab.net your node has already been reserved. Please call us to tell you how to access it.

  • check that your sliver is ready
    omni.py sliverstatus -a <AM_NICKNAME> gpousr##
    
  • If your sliver is ready, run readyToLogin to figure out how to login to the node. (if your host is pg33 please read the notes):
    readyToLogin -a <AM_NICKNAME> gposlice##
    

NOTE 1: If your node is pg33.emulab.net then run

xterm -e xterm -e ssh -i ssh/gpousr##_key -F ssh/config gpousr##@pg33 & &

  • Check to see that the software has been downloaded :
    [alice@protogeni1 ~]$ ls
    config_dir  pingPlus click-2.0.1
    
  • Configure the node. When you login to the node, the data interface of the host is not configured.
     [alice@protogeni1 ~]$ /sbin/ifconfig
    
    This should list only two interface, the loopback and the control interface. Part of the tarball that was downloaded, is a script that will configure the node, and compile the Layer 2 ping software. Run
     ./config_dir/configure.sh
    
    The output for Alice would look like
    [alice@protogeni1 ~]$ ./config_dir/configure.sh 
    DEVICE=eth1.1750 
     USERCTL=no 
     VLAN=yes 
     IPADDR=10.42.131.146
     NETMASK=255.255.255.0 
     BOOTPROTO=static 
     ONBOOT=yes
    
    Added VLAN with VID == 1750 to IF -:eth1:-
    gcc    -c -o packetFunctions.o packetFunctions.c
    gcc    -c -o pingPlusListener.o pingPlusListener.c
    gcc  packetFunctions.o pingPlusListener.o  -o pingPlusListener
    gcc    -c -o pingPlus.o pingPlus.c
    gcc  packetFunctions.o pingPlus.o -o pingPlus
    
    Verify that the data interface is up :
    [alice@protogeni1 ~]$ /sbin/ifconfig
    
    and note the name of the data interface, the data interface is the one that has an IP address in the 10.42.131.0/24 subnet:
    eth1.1750 Link encap:Ethernet  HWaddr 00:1F:29:32:92:4D  
           inet addr:10.42.131.146  Bcast:10.42.131.255  Mask:255.255.255.0
           inet6 addr: fe80::21f:29ff:fe32:924d/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:118 errors:0 dropped:0 overruns:0 frame:0
           TX packets:115 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0 txqueuelen:0 
           RX bytes:5428 (5.3 KiB)  TX bytes:3482 (3.4 KiB)
    
    
    In this case the name is 'eth1.1750'.
  • Configure the click router
    cd click-2.0.1/conf
    
    And edit the "gec12_conf.click" file to personalize it.
  • IF_NAME is the name of the interface that was configured in the previous step
  • MAC_ADDRESS is the mac address of that interface.
  • Run the click router
    cd ../userlevel/
    sudo ./click ../conf/gec12_conf.click 
    
  • Start the new controller. First of all kill the controller that is currently
    ps -ef |grep nox_core
    sudo kill -9 <PID> 
    
    Start the new controller
    ./nox_core -i ptcp:<PORT> -d mbox
    
  • On your two PL hosts install iperf by running :
    sudo yum install iperf
    
  • And then on one host run the server
    iperf -s -i 2
    
    Run the client on the other host
    iperf -c <host> -i 2
    

Look how your traffic is capped.

V. Cleanup resources

Although all your reservations, have expiration times, its always good practice to release the resources, after your experiment is over to make them available to other experimenters.

1. Deletesliver

For each createsliver that you have run, you will need to run deletesliver to release the resources

omni.py deletesliver -a <AM URL> <username>slice 

For Alice this would look like

# Delete ProtoGENI sliver
omni.py deletesliver -a http://www.emulab.net/protogeni/xmlrpc/am aliceslice

# Delete MyPLC slivers
omni.py deletesliver -a https://myplc.stanford.edu:12346 aliceslice

#Delete OpenFlow slivers
 omni.py deletesliver -a https://expedient-tutorial.gpolab.bbn.com:1443/openflow/gapi/ aliceslice

You can not delete your slice. Although this will be cleaned up when it expires, it should be an empty container and thus does not hold up any resources.

Congratulations, you have finished the tutorial! Now you are ready to design and run your own experiments. Don't hesitate to email us with any questions you might have.

VI. Get Your Own Account

The accounts, that you used in the above steps, will be deactivated after the tutorial. If you do not already have an account at GPO's ProtoGENI cluster, you should get your own account so that you can further experiment with GENI.

1a. Get a temporary account

To get a temporary account that will be deactivated on August 12th 2011, apply for an account at this page https://www.pgeni.gpolab.bbn.com/joinproject.php3. For Project name use : Gec11Gpo.

1b. Get a permanent account

If you would like to run your own experiments in this infrastructure, please contact us at help@geni.net to get a permanent account.

2. Getting to Know Omni

Now that you have your own account, you should configure Omni to use your own personal info, instead of the pre-made accounts.

2a. Generate and Download your ProtoGENI certificate

  1. Start Firefox within the VM and https://www.pgeni.gpolab.bbn.com/login.php3 log in to your account.
  2. Select Generate SSL Cert and follow instructions.
  3. Select Download your SSL Cert (it's on the left of the page), and click on the 'Download it in PEM format' link.
  4. Copy the contents of the page (Ctrl-A, Ctrl-C)
  5. Open a terminal (there is a shortcut on the top bar) under the omni_tutorial directory there should be an ssh directory
    cd omni_tutorial/ssh
    
  6. Open a file called <username>_cert.pem, paste your cert(Ctrl-Shift-V) and save.
    pico <username>_cert.pem>
    Ctrl-Shift-V
    Ctrl-X
    
  7. Remove the passphrase from your certificate. For security best practices you should keep a passphrase on your certificate. If you want to avoid typing your passphrase throughout the tutorial, you might want to temporarily remove your passphrase
    openssl rsa -in ./<username>_cert.pem -out ./<username>_cert_ct.pem 
    openssl x509 -in ./<username>_cert.pem >> ./<username>_cert_ct.pem 
    chmod 400 ./<username>_cert_ct.pem
    
    If you want a way to type your passphrase only once per session, look here.

2b. Generate a pair of private/public keys.

In order to be able to login to the resources you will reserve will need a pair of keys. You can use any set of existing keys you might have, or you can generate a new pair. For security best practices you should have a passphrase on your keys.

ssh-keygen -f <username>_key

Now you can go back to (I) and follow the steps using your own certificate and key.

Creating PlanetLab Request RSpecs from Advertisement RSpecs

  1. Use Omni to download and save the advertised RSpec from the aggregate you care about.
    1. In general the command is:
      $ omni.py -a <url or nickname of aggregate> -t ProtoGENI 2 -o listresources
      
      For example, to get the request RSpec from the MyPLC at the GPO Lab:
      $ omni.py -a pl-gpo -t ProtoGENI 2 -o listresources
      
      (Version 2 of the AM API renames the ProtoGENI v2 RSpecs as GENI v3 RSpecs so in the near future the command will become: $ omni.py <url or nickname of aggregate> -t GENI 3 -o listresources)
    2. The output of this command is:
      geni@geni-tutorial:~/Tutorials/Omni/gpousr20$ omni.py -a pl-gpo -t ProtoGENI 2 -o listresources
      INFO:omni:Loading config file omni_config
      INFO:omni:Using control framework pgeni
      INFO:omni:Saving output to a file.
      INFO:omni:Substituting AM nickname pl-gpo with URL http://myplc.gpolab.bbn.com:12346/, URN unspecified_AM_URN
      INFO:omni:Listed resources on 1 out of 1 possible aggregates.
      INFO:omni:Writing to 'rspec-myplc-gpolab-bbn-com-12346-.xml'
      INFO:omni: ------------------------------------------------------------
      INFO:omni: Completed listresources:
      
        Options as run:
      		aggregate: pl-gpo
      		framework: pgeni
      		native: True
      		output: True
      		rspectype: ('ProtoGENI', '2')
      
        Args: listresources
      
        Result Summary: Retrieved resources from 1 aggregates.
      Wrote rspecs from 1 aggregates to 1 files
      Saved listResources RSpec at unspecified_AM_URN to file rspec-myplc-gpolab-bbn-com-12346-.xml. 
      . 
      INFO:omni: ============================================================
      
  1. Copy and edit the RSpec file.
    1. Copy the advertisement RSpec file. The new file will become the request RSpec. In general this would be:
      cp <advertisement RSpec filename> <manifest RSpec filename>
      
      The value of <advertisement RSpec filename> appears in the Omni summary. In this case we will generate a request for the node "navis":
      cp rspec-myplc-gpolab-bbn-com-12346-.xml pl-gpo-navis.rspec
      
    2. Edit the request Rspec file:
      emacs pl-gpo-navis.rspec &
      
      or
      vi pl-gpo-navis.rspec
      
    3. Edit the <rspec> tag.
      1. In the <rspec> tag, remove the expires and generated attributes.
      2. In the <rspec> tag, change the type="advertisement" attribute to type="request".
      3. In the <rspec> tag, change 'ad' to 'request' in the schema location. That is, change this:
        xsi:schemaLocation="http://www.protogeni.net/resources/rspec/2 http://www.protogeni.net/resources/rspec/2/ad.xsd"
        
        To this:
        xsi:schemaLocation="http://www.protogeni.net/resources/rspec/2 http://www.protogeni.net/resources/rspec/2/request.xsd"
        
      4. The <rspec> tag should now look like this (note that the whitespace has been adjusted for ease of reading):
        <rspec type="request" 
               xmlns="http://www.protogeni.net/resources/rspec/2" 
               xmlns:flack="http://www.protogeni.net/resources/rspec/ext/flack/1" 
               xmlns:planetlab="http://www.planet-lab.org/resources/sfa/ext/planetlab/1" 
               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
               xsi:schemaLocation="http://www.protogeni.net/resources/rspec/2 http://www.protogeni.net/resources/rspec/2/request.xsd"> 
        
    4. Remove the node tags you do not want to request.
      1. For example to only reserve the node navis.gpolab.bbn.com remove the following text:
            <node component_id="urn:publicid:IDN+plc:gpolab:gpolab+node+bain.gpolab.bbn.com" 
                  component_manager_id="urn:publicid:IDN+plc:gpolab+authority+am" 
                  component_name="bain.gpolab.bbn.com" 
                  exclusive="false">    
            .... 
           </node>  
            <node component_id="urn:publicid:IDN+plc:gpolab:gpolab+node+sardis.gpolab.bbn.com" 
                  component_manager_id="urn:publicid:IDN+plc:gpolab+authority+am" 
                  component_name="sardis.gpolab.bbn.com" 
                  exclusive="false">
            ....     
           </node>  
            <node component_id="urn:publicid:IDN+plc:gpolab:gpolab+node+ganel.gpolab.bbn.com" 
                  component_manager_id="urn:publicid:IDN+plc:gpolab+authority+am" 
                  component_name="ganel.gpolab.bbn.com" exclusive="false">
            ....     
           </node>  
            <node component_id="urn:publicid:IDN+plc:gpolab:gpolab+node+gardil.gpolab.bbn.com" 
                  component_manager_id="urn:publicid:IDN+plc:gpolab+authority+am" 
                  component_name="gardil.gpolab.bbn.com" exclusive="false">    
            .... 
            </node> 
        
      2. At this point the entire file should look like this:
        <?xml version="1.0" ?>
        <!-- Resources at AM:
        	URN: unspecified_AM_URN
        	URL: http://myplc.gpolab.bbn.com:12346/
         -->
        <rspec type="request" 
               xmlns="http://www.protogeni.net/resources/rspec/2" 
               xmlns:flack="http://www.protogeni.net/resources/rspec/ext/flack/1" 
               xmlns:planetlab="http://www.planet-lab.org/resources/sfa/ext/planetlab/1" 
               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
               xsi:schemaLocation="http://www.protogeni.net/resources/rspec/2 http://www.protogeni.net/resources/rspec/2/request.xsd">  
            <node component_id="urn:publicid:IDN+plc:gpolab:gpolab+node+navis.gpolab.bbn.com" component_manager_id="urn:publicid:IDN+plc:gpolab+authority+am" component_name="navis.gpolab.bbn.com" exclusive="false">    
                <hardware_type name="plab-pc"/>    
                <hardware_type name="pc"/>    
                <available now="true"/>    
                <sliver_type name="plab-vnode">      
                    <planetlab:initscript name="gpolab_sirius"/>      
                </sliver_type>    
                <location country="us" latitude="42.3897" longitude="-71.1475"/>    
            </node>  
        </rspec>
        
    5. Edit the <node> tag you are trying to reserve.
      1. Remove all <hardware_type>, <available>, <location>, and <planetlab:initscript"/> tags which exist from the <node> tag you are trying to reserve.
      2. Add the attribute client_id to the <node> tag you are trying to reserve. The value is your choice, so here we will use client_id="navis".
      3. The final request RSpec file should look like this:
        <?xml version="1.0" ?>
        <!-- Resources at AM:
        	URN: unspecified_AM_URN
        	URL: http://myplc.gpolab.bbn.com:12346/
         -->
        <rspec type="request" 
               xmlns="http://www.protogeni.net/resources/rspec/2" 
               xmlns:flack="http://www.protogeni.net/resources/rspec/ext/flack/1" 
               xmlns:planetlab="http://www.planet-lab.org/resources/sfa/ext/planetlab/1" 
               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
               xsi:schemaLocation="http://www.protogeni.net/resources/rspec/2 http://www.protogeni.net/resources/rspec/2/request.xsd">  
            <node component_id="urn:publicid:IDN+plc:gpolab:gpolab+node+navis.gpolab.bbn.com" component_manager_id="urn:publicid:IDN+plc:gpolab+authority+am" component_name="navis.gpolab.bbn.com" exclusive="false" client_id="navis">    
                <sliver_type name="plab-vnode">         
                </sliver_type>    
            </node>  
        </rspec>
        
    6. Save the file.
  1. Run rspeclint to verify that the file is correct. If it works, you should see no errors returned by the call. In general, this is:
    rspeclint http://www.protogeni.net/resources/rspec/2 http://www.protogeni.net/resources/rspec/2/request.xsd <request RSpec filename>
    
    For this example do:
    rspeclint http://www.protogeni.net/resources/rspec/2 http://www.protogeni.net/resources/rspec/2/request.xsd pl-gpo-navis.rspec
    

Reserving ProtoGENI nodes with Flack

These instructions assume you have already created a slice using omni.

  1. Login to GPO's ProtoGENI instance with your tutorial credentials
    1. Click on: https://www.pgeni.gpolab.bbn.com/login.php3
    2. Use your GPO tutorial username and password as listed on the sheet of paper you were handed on the way into the tutorial.
  2. Login to Flack.
    1. Open a separate browser window or tab.
    2. Click on: http://www.protogeni.net
    3. Scroll down to the large map in the middle of the page.
    4. Click "Login"
    5. In the pull down menu in the upper right hand corner select: pgeni.gpolab.bbn.com
    6. Click "Download"
    7. Enter the password from the sheet of paper in the box near the bottom.
    8. Click "OK" in the lower left hand corner.
    9. You are now logged in.
  3. Reserve the ProtoGENI node listed on your sheet of paper.
    1. For a ProtoGENI Utah node, do the following:
      1. In the Resources window on the right, select the button for your slice. A window will open.
      2. Click on "utahemulab.cm".
      3. Find the node listed on the sheet of paper in the list of nodes on the left.
      4. Drag your node onto the blank canvas on the right.
      5. Click on the blue "i" (Information) icon on the node.
      6. Click "Add Install Service"
      7. In the two boxes, enter the following filling in your username: "/home/<username>" in "http://192.1.249.166:8383/gec12tutorial_fedora.tar.gz"
      8. Click "Add Execute Service"
      9. In the box, enter the following filling in your username: "cd /home/<username>/config_dir;./install.sh"
      10. Confirm Rspec version is set to "2" in the pull-down menu in the upper right hand corner.
      11. Click "Apply" Note : After hitting apply, click on the blue "i" button again, if you can't see the information you entered, then :
        1. Close this window.
        2. On your VM open the rspec with your favorite editor, and copy the whole rspec
        3. On your slice canvas on the top, there is an import button. From the list, choose the "Import from clipboard" option.
        4. The node should appear on your canvas, press the blue "i" button to verify that it is loaded correctly.
      12. Click "Submit"
    2. For a ProtoGENI GPO node, do the following:
      1. In the Resources window on the right, select the button for your slice. A window will open.
      2. Click on "bbn-pgeni.cm" (not "bbn-pgeni1.cm", "bbn-pgeni2.cm", or "bbn-pgeni3.cm").
      3. Find the node listed on the sheet of paper in the list of nodes on the left.
      4. Drag your node onto the blank canvas on the right.
      5. Click on the blue "i" (Information) icon on the node.
      6. Click "Add Install Service"
      7. In the two boxes, enter the following filling in your username: "/home/<username>" in "http://192.1.249.166:8383/gec12tutorial_ubuntu.tar.gz"
      8. Click "Add Execute Service"
      9. In the box, enter the following filling in your username: "cd /users/<username> ;sudo /bin/sh ./config_dir/install.sh"
      10. For the test image, enter: "urn:publicid:IDN+pgeni.gpolab.bbn.com+image+emulab-ops//UBUNTU1004-STD"
      11. Choose Rspec version "0.2" from the pull-down menu in the upper right hand corner.
      12. Click "Apply"
      13. Click "Submit"
  4. Confirm the reserved node is visible via omni.
    1. If you reserved a ProtoGENI Utah host, run:
      omni.py -a pg-utah -t ProtoGENI 2 listresources <slicename>
      
    2. If you reserved a ProtoGENI GPO host, run:
      omni.py -a pg-gpo -t ProtoGENI 0.2 listresources <slicename>
      
  5. Note that you can also download the request RSpec from Flack for later use in a AM API client tool like Omni.
    1. In Flack, click on the magnifying glass in the upper right hand corner.
    2. The request RSpec will appear in the window.
    3. You can then choose to download the RSpec in a file or copy it to the clipboard.

AM URL Table

AM URL
TUTORIAL AM
Clemson's MyPLC http://myplc.clemson.edu:12346
GPO's ProtoGENI http://www.pgeni.gpolab.bbn.com/protogeni/xmlrpc/am
GPO's MyPLC http://myplc.gpolab.bbn.com:12346
GPO's Tutorial OF https://expedient-tutorial.gpolab.bbn.com:1443/openflow/gapi/
Rutgers MyPLC https://plc.orbit-lab.org:12346/
Stanford's MyPLC https://myplc.stanford.edu:12346
Utah's ProtoGENI http://www.emulab.net/protogeni/xmlrpc/am
Washington's MyPLC https://of.cs.washington.edu:12346/
Wisconsin's MyPLC https://wings-openflow-1.wail.wisc.edu:12346/
OTHER
PlanetLab http://www.planet-lab.org:12346
Kentucky's ProtoGENI https://www.uky.emulab.net/protogeni/xmlrpc/am