381 | | === Createsliver and sliverstatus with Omni === |
382 | | |
383 | | == 1. Configure Omni == |
384 | | The purpose of this first exercise is to setup |
385 | | [http://trac.gpolab.bbn.com/gcf/wiki/Omni Omni] to use your credentials and |
386 | | keys. |
387 | | |
388 | | === 1a. Setup omni === |
389 | | Omni uses as input a configuration file, where you can specify information such |
390 | | as which clearinghouse to use, where your certificate and keys are located, etc. |
391 | | Under the ''Tutorials/Omni/<username>'' directory (where <username> is your |
392 | | username on the piece of paper you were given upon entering the room), there is |
393 | | a configuration file, ''omni_config''. |
394 | | |
395 | | * '''Open a terminal''' (there is a shortcut on the top bar). |
396 | | * First lets update the files that are on the VM: |
397 | | {{{ |
398 | | cd Tutorials/Omni/ |
399 | | downloadRSpecs.sh |
400 | | }}} |
401 | | |
402 | | * The rest of the tutorial assumes that you are under the |
403 | | ''Tutorials/Omni/<username>'' directory : |
404 | | {{{ |
405 | | cd <username> |
406 | | }}} |
407 | | * '''Remove the passphrase''' from your certificate. For security best |
408 | | practices you should keep a passphrase on your certificate. To avoid typing the |
409 | | passphrase throughout the tutorial, we will temporarily remove the passphrase. |
410 | | Run |
411 | | {{{ |
412 | | clear_cert.sh <username> |
413 | | }}} |
414 | | It will prompt you for the passphrase which should be included on the slip |
415 | | that was given to you. |
416 | | * |
417 | | |
418 | | * '''Look at the omni_config'''. Open omni_config. For the tutorial you |
419 | | should use the cleartext certificate, but when running your own experiments, for |
420 | | security best practices always use your encrypted certificate. |
421 | | |
422 | | For ''gpousr21'' using a cleartext certificate the omni_config file looks |
423 | | like : |
424 | | |
425 | | {{{ |
426 | | # This file is the omni_config for GEC 12 tutorial |
427 | | # Experimental topologies on the GENI Mesoscale network with Omni |
428 | | |
429 | | # General section of omni config |
430 | | [omni] |
431 | | default_cf = pgeni |
432 | | users = gpousr21 |
433 | | |
434 | | # ---------- Users ---------- |
435 | | [gpousr21] |
436 | | # Make sure the urn matches the URN of the credential |
437 | | urn = urn:publicid:IDN+pgeni.gpolab.bbn.com+user+gpousr21 |
438 | | |
439 | | # Public key to be installed in compute resources. For multiple |
440 | | # keys use a comma separated file |
441 | | keys = ~/Tutorials/Omni/gpousr20/ssh/gpousr21_key.pub |
442 | | |
443 | | # If -a option is not specified the omni command will by run against all |
444 | | # the following AMs |
445 | | aggregates = http://emulab.net/protogeni/xmlrpc/am, |
446 | | https://pgeni.gpolab.bbn.com/protogeni/xmlrpc/am, |
447 | | http://myplc.gpolab.bbn.com:12346/, http://myplc.clemson.edu:12346/, |
448 | | https://myplc.stanford.edu:12346/, |
449 | | https://wings-openflow-1.wail.wisc.edu:12346/, |
450 | | https://of.cs.washington.edu:12346/, https://plc.orbit-lab.org:12346/, |
451 | | https://myplc.grnoc.iu.edu:12346/, https://myplc.cip.gatech.edu:12346/, |
452 | | https://foam-tutorial.gpolab.bbn.com:3626/foam/gapi/1 |
453 | | |
454 | | # ---------- Frameworks ---------- |
455 | | [pgeni] |
456 | | type = pg |
457 | | ch = https://www.emulab.net:443/protogeni/xmlrpc/ch |
458 | | sa = https://www.pgeni.gpolab.bbn.com:443/protogeni/xmlrpc/sa |
459 | | |
460 | | # Use the following two lines if you are using |
461 | | # a certificate with a passphrase |
462 | | #cert = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert.pem |
463 | | #key = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert.pem |
464 | | |
465 | | # Use the following two lines if you are using |
466 | | # a cleartext cert. |
467 | | cert = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert_ct.pem |
468 | | key = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert_ct.pem |
469 | | |
470 | | #------AM nicknames---------------- |
471 | | # Instead of typing the whole url of an AM in the -a option you can |
472 | | # specify a nickname in this section and use the nickname instead |
473 | | |
474 | | # Format : |
475 | | # Nickname=URN, URL |
476 | | # URN is optional |
477 | | [aggregate_nicknames] |
478 | | # ProtoGENI AMs and PlanetLab central |
479 | | pg-gpo=urn:publicid:IDN+pgeni.gpolab.bbn.com+authority+am,https://pgeni.gpolab.bbn.com/protogeni/xmlrpc/am |
480 | | pg-utah=,https://www.emulab.net/protogeni/xmlrpc/am |
481 | | pg-ky=urn:publicid:IDN+uky.emulab.net+authority+am,https://www.uky.emulab.net/protogeni/xmlrpc/am |
482 | | plc=,https://www.planet-lab.org:12346 |
483 | | |
484 | | # Private myplc installations |
485 | | pl-gpo=,http://myplc.gpolab.bbn.com:12346/ |
486 | | pl-clemson=,http://myplc.clemson.edu:12346/ |
487 | | pl-stanford=,https://myplc.stanford.edu:12346/ |
488 | | pl-wisconsin=,https://wings-openflow-1.wail.wisc.edu:12346/ |
489 | | pl-washington=,https://of.cs.washington.edu:12346/ |
490 | | pl-rutgers=,https://plc.orbit-lab.org:12346/ |
491 | | pl-indiana=,https://localhost:1234/ |
492 | | pl-gatech=,https://localhost:2346/ |
493 | | |
494 | | |
495 | | # Tutorial OpenFlow AM |
496 | | of-tut=,https://foam-tutorial.gpolab.bbn.com:3626/foam/gapi/1 |
497 | | |
498 | | # Other OpenFlow AMs |
499 | | of-gpo=,https://foam.gpolab.bbn.com:3626/foam/gapi/1 |
500 | | }}} |
501 | | |
502 | | Note, the pgeni framework definition includes the Utah Emulab clearinghouse, |
503 | | which is the only clearinghouse for ProtoGENI aggregates. For additional |
504 | | configuration details please see the [http://trac.gpolab.bbn.com/gcf/wiki/Omni |
505 | | Omni] page for more details. The omni_configuration parameters shown define the |
506 | | following: [[BR]] |
507 | | || '''Parameter''' || ''' Use''' || |
508 | | || default_cf|| Default Clearinghouse and credentials used if not specified |
509 | | on the command line. || |
510 | | || users|| users setting used when reserving slices. || |
511 | | || urn|| The username URN || |
512 | | || keys|| A comma separated list of public ssh key files to be uploaded to |
513 | | the Clearinghouse and to your resources || |
514 | | || type|| Clearinghouse/credentials type "pg" indicates ProtoGENI, see the |
515 | | [http://trac.gpolab.bbn.com/gcf/wiki/Omni Omni] page. || |
516 | | || ch|| ProtoGENI Clearinghouse URL. || |
517 | | || sa|| Slice Authority URL. || |
518 | | || cert|| Location of your SSL encrypted certificate (contains both a |
519 | | certificate and a key). || |
520 | | || key|| Location of your SSL encrypted key (contains both a certificate and |
521 | | a key). || |
522 | | || <AM nickname>|| Optional URN, required URL of an Aggregate Manager. || |
523 | | |
524 | | * Verify that the user URN is correct. |
525 | | Get the URN from your omni config |
526 | | {{{ |
527 | | grep urn omni_config |
528 | | }}} |
529 | | Verify that it matches the urn in your cert (disregard the leading URI:) |
530 | | {{{ |
531 | | openssl x509 -noout -text -in ./ssh/<username>_cert_ct.pem | grep |
532 | | 'urn:publicid' |
533 | | }}} |
534 | | For gpousr21 the output looks like |
535 | | {{{ |
536 | | geni@geni-vm:~/omni_tutorial$ grep urn omni_config |
537 | | urn = urn:publicid:IDN+pgeni.gpolab.bbn.com+user+gpousr21 |
538 | | geni@geni-vm:~/omni_tutorial$ openssl x509 -noout -text -in |
539 | | ./ssh/gpousr21_cert_ct.pem | grep 'urn:publicid' |
540 | | URI:urn:publicid:IDN+pgeni.gpolab.bbn.com+user+gpousr21, |
541 | | email:gpousr21@pgeni.gpolab.bbn.com |
542 | | }}} |
543 | | |
544 | | === 1b. Test configuration === |
545 | | In order to test that our configuration is correct, you can issue a getversion |
546 | | command. For this step we have used !PlanetLab's AM, but you can use any |
547 | | Aggregate Manager(AM). |
548 | | {{{ |
549 | | omni.py getversion -a http://www.planet-lab.org:12346 |
550 | | }}} |
551 | | |
552 | | Or equivalently using the !PlanetLab nickname: |
553 | | {{{ |
554 | | omni.py getversion -a plc |
555 | | }}} |
556 | | |
557 | | gpousr21 decided to use !PlanetLab central : |
558 | | {{{ |
559 | | #!xml |
560 | | geni@geni-tutorial:~/Tutorials/Omni/gpousr21$ omni.py getversion -a plc |
561 | | INFO:omni:Loading config file omni_config |
562 | | INFO:omni:Using control framework pgeni |
563 | | INFO:omni:Substituting AM nickname plc with URL |
564 | | https://www.planet-lab.org:12346, URN unspecified_AM_URN |
565 | | INFO:omni:AM URN: unspecified_AM_URN (url: https://www.planet-lab.org:12346) has |
566 | | version: |
567 | | INFO:omni:{ 'ad_rspec_versions': [ { 'extensions': [ |
568 | | 'http://www.protogeni.net/resources/rspec/ext/gre-tunnel/1', |
569 | | 'http://www.protogeni.net/resources/rspec/ext/other-ext/3'], |
570 | | 'namespace': |
571 | | 'http://www.protogeni.net/resources/rspec/2', |
572 | | 'schema': |
573 | | 'http://www.protogeni.net/resources/rspec/2/ad.xsd', |
574 | | 'type': 'ProtoGENI', |
575 | | 'version': '2'}, |
576 | | { 'extensions': [], |
577 | | 'namespace': None, |
578 | | 'schema': None, |
579 | | 'type': 'SFA', |
580 | | 'version': '1'}], |
581 | | 'code_tag': '1.0-35', |
582 | | 'code_url': 'git://git.onelab.eu/sfa.git@sfa-1.0-35', |
583 | | 'default_ad_rspec': { 'extensions': [], |
584 | | 'namespace': None, |
585 | | 'schema': None, |
586 | | 'type': 'SFA', |
587 | | 'version': '1'}, |
588 | | 'geni_api': 1, |
589 | | 'hostname': 'www.planet-lab.org', |
590 | | 'hrn': 'plc', |
591 | | 'interface': 'aggregate', |
592 | | 'request_rspec_versions': [ { 'extensions': [ |
593 | | 'http://www.protogeni.net/resources/rspec/ext/gre-tunnel/1', |
594 | | 'http://www.protogeni.net/resources/rspec/ext/other-ext/3'], |
595 | | 'namespace': |
596 | | 'http://www.protogeni.net/resources/rspec/2', |
597 | | 'schema': |
598 | | 'http://www.protogeni.net/resources/rspec/2/request.xsd', |
599 | | 'type': 'ProtoGENI', |
600 | | 'version': '2'}, |
601 | | { 'extensions': [], |
602 | | 'namespace': None, |
603 | | 'schema': None, |
604 | | 'type': 'SFA', |
605 | | 'version': '1'}], |
606 | | 'sfa': 1, |
607 | | 'testbed': 'myplc'} |
608 | | INFO:omni: ------------------------------------------------------------ |
609 | | INFO:omni: Completed getversion: |
610 | | |
611 | | Options as run: |
612 | | aggregate: plc |
613 | | framework: pgeni |
614 | | native: True |
615 | | |
616 | | Args: getversion |
617 | | |
618 | | Result Summary: |
619 | | Got version for 1 out of 1 aggregates |
620 | | |
621 | | INFO:omni: ============================================================ |
622 | | }}} |
623 | | |
624 | | == 2. Make a slice == |
625 | | Before we continue with the rest of the tutorial, we need to create a slice that |
626 | | will contain all our slivers with the different AMs. |
627 | | Since the omni_config specifies using GPO's ProtoGENI as the Slice Authority |
628 | | (SA), your slice will be created in the pgeni.gpolab.bbn.com namespace. |
629 | | |
630 | | === 2a. Createslice === |
631 | | For this tutorial we will create a slice named ''gposlice##'' (where ## matches |
632 | | your username); you should always choose a slice name that is meaningful to you. |
633 | | To avoid confusion, avoid creating a slice with the same name as your username |
634 | | (i.e. if your username is ''alice'', don't name your slice ''alice'' too). |
635 | | {{{ |
636 | | omni.py createslice gposlice## |
637 | | }}} |
638 | | |
639 | | |
640 | | === 2b. Renew Slice === |
641 | | Note in the above output that our new slice expires soon. Your slivers can not |
642 | | last longer then your slice, and your resources will go away when the |
643 | | reservation expires. For your experiments be sure to renew your slice for the |
644 | | duration of your experiment. For the tutorial you don't need to extend the |
645 | | lifetime, but if you wanted to, this is what it would look like: |
646 | | |
647 | | {{{ |
648 | | omni.py renewslice gposlice## 20111105T00:00:00 |
649 | | }}} |
650 | | |
651 | | For Alice the output would like: |
652 | | {{{ |
653 | | geni@geni-tutorial:~/Tutorials/Omni/gpousr21$ omni.py renewslice gposlice21 |
654 | | 20111105T00:00:00 |
655 | | INFO:omni:Loading config file omni_config |
656 | | INFO:omni:Using control framework pgeni |
657 | | INFO:omni.protogeni:Requesting new slice expiration '2011-11-05T00:00:00' |
658 | | INFO:omni:Slice gposlice21 now expires at 2011-11-05 00:00:00 UTC |
659 | | INFO:omni:Slice urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+gposlice21 expires |
660 | | on 2011-11-05 00:00:00 UTC |
661 | | INFO:omni: ------------------------------------------------------------ |
662 | | INFO:omni: Completed renewslice: |
663 | | |
664 | | Options as run: |
665 | | framework: pgeni |
666 | | native: True |
667 | | |
668 | | Args: renewslice gposlice21 20111105T00:00:00 |
669 | | |
670 | | Result Summary: Slice gposlice21 now expires at 2011-11-05 00:00:00 UTC |
671 | | Slice urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+gposlice21 expires on |
672 | | 2011-11-05 00:00:00 UTC |
673 | | INFO:omni: ============================================================ |
674 | | |
675 | | }}} |
676 | | |
677 | | '''Note:''' You can not renew the slice expiration time to an earlier time that |
678 | | its current expiration time. Also there is no deleteslice operation. However, |
679 | | you can delete all the slivers in your slice and let the slice expire. |
680 | | |
681 | | |
682 | | === 2c. List your Slices === |
683 | | If you want to find out what slices you currently have, you can use an Omni |
684 | | command to {{{listmyslices}}}. |
685 | | {{{ |
686 | | omni.py listmyslices <username> |
687 | | }}} |
688 | | |
689 | | We've pre-reserved resources in a second slice (ctrl##) in advance of the |
690 | | tutorial for each user. |
691 | | |
692 | | So for gpousr21 the output would look like : |
693 | | {{{ |
694 | | geni@geni-tutorial:~/Tutorials/Omni/gpousr21$ omni.py listmyslices gpousr21 |
695 | | INFO:omni:Loading config file omni_config |
696 | | INFO:omni:Using control framework pgeni |
697 | | INFO:omni:User 'gpousr21' has slices: |
698 | | urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+gposlice21 |
699 | | urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+ctrl21 |
700 | | INFO:omni: ------------------------------------------------------------ |
701 | | INFO:omni: Completed listmyslices: |
702 | | |
703 | | Options as run: |
704 | | framework: pgeni |
705 | | native: True |
706 | | |
707 | | Args: listmyslices gpousr21 |
708 | | |
709 | | Result Summary: Found 2 slices for user 'gpousr21'. |
710 | | |
711 | | INFO:omni: ============================================================ |
712 | | |
713 | | }}} |
| 381 | === Createsliver and sliverstatus === |
| 382 | For this part we are going to go back and forth between Omni and Flack and understand how each tool manipulate slices. In Flack go back to the empty canvas on your slice. You will see on the left the AMs that you chose in the beginning . |
| 383 | There are some icons next to them to correspond to nodes. You can drag and drop nodes in your canvas. |
| 384 | |
| 385 | [[Image(flack-addnodes.png, 50%)]] |
| 386 | |
| 387 | You can press on the (i) button and look at all the information that you can set for your nodes. If you have more than one nodes in your canvas you can draw links between the nodes, and set parameters on that links. |
| 388 | |
| 389 | On the background Flack is creating the request specification documents that you will need to reserve the resources that are on your slice canvas. If you want to take a look at the RSpec created by flack you have to press at the button on the top right of your canvas that correspond to "Preview Request Rspec". |
| 390 | |
| 391 | [[Image(flack-preview.png, 50%)]] |
| 392 | |
| 393 | |