Changes between Version 31 and Version 32 of GEC13Agenda/ExperimenterWorkflowTutorial/Tutorial


Ignore:
Timestamp:
03/13/12 10:54:28 (7 years ago)
Author:
nriga@bbn.com
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GEC13Agenda/ExperimenterWorkflowTutorial/Tutorial

    v31 v32  
    9494Now Flack will go behind the scenes and invoke listresources in the selected AMs and populate the map. While Flack is loading the resources you can browse through your personal information by clicking to the button with your username on the left. You will see your credential, your certificate and your ssh keys.
    9595
    96 ===Configure Omni to use your account ===
     96=== Configure Omni to use your account ===
    9797While Flack is loading the resources let's understand how the same functionality works with Omni. Omni is configured through a text file that is called omni_config. Go back to the terminal window and go under the directory that corresponds to your user
    9898{{{
     
    379379Notice how you can see the slice that you created with Flack from Omni as well. If you go back to flack and click the reload button that is next to the Slice under your username on the left you will see that the Omni slice will appear there as well.
    380380
    381 === Createsliver and sliverstatus with Omni ===
    382 
    383 == 1. Configure Omni ==
    384 The purpose of this first exercise is to setup
    385 [http://trac.gpolab.bbn.com/gcf/wiki/Omni Omni] to use your credentials and
    386 keys.
    387 
    388 === 1a. Setup omni ===
    389 Omni uses as input a configuration file, where you can specify information such
    390 as which clearinghouse to use, where your certificate and keys are located, etc.
    391 Under the ''Tutorials/Omni/<username>'' directory (where <username> is your
    392 username on the piece of paper you were given upon entering the room), there is
    393 a configuration file, ''omni_config''.
    394 
    395    * '''Open a terminal''' (there is a shortcut on the top bar).
    396    * First lets update the files that are on the VM:
    397       {{{
    398 cd Tutorials/Omni/
    399 downloadRSpecs.sh
    400       }}}
    401    
    402    * The rest of the tutorial assumes that you are under the
    403 ''Tutorials/Omni/<username>'' directory :
    404       {{{
    405 cd <username>
    406       }}}
    407    * '''Remove the passphrase''' from your certificate. For security best
    408 practices you should keep a passphrase on your certificate. To avoid typing the
    409 passphrase throughout the tutorial, we will temporarily remove the passphrase.
    410 Run
    411    {{{
    412    clear_cert.sh <username>
    413    }}}
    414    It will prompt you for the passphrase which should be included on the slip
    415 that was given to you.
    416    *
    417 
    418    * '''Look at the  omni_config'''. Open omni_config. For the tutorial you
    419 should use the cleartext certificate, but when running your own experiments, for
    420 security best practices always use your encrypted certificate.
    421 
    422    For ''gpousr21'' using a cleartext certificate the omni_config file looks
    423 like :
    424 
    425    {{{
    426 # This file is the omni_config for GEC 12 tutorial
    427 # Experimental topologies on the GENI Mesoscale network with Omni
    428 
    429 # General section of omni config
    430 [omni]
    431 default_cf = pgeni
    432 users = gpousr21
    433 
    434 # ---------- Users ----------
    435 [gpousr21]
    436 # Make sure the urn matches the URN of the credential
    437 urn = urn:publicid:IDN+pgeni.gpolab.bbn.com+user+gpousr21
    438 
    439 # Public key to be installed in compute resources. For multiple
    440 # keys use a comma separated file
    441 keys = ~/Tutorials/Omni/gpousr20/ssh/gpousr21_key.pub
    442 
    443 # If -a option is not specified the omni command will by run against all
    444 # the following AMs
    445 aggregates =  http://emulab.net/protogeni/xmlrpc/am,
    446 https://pgeni.gpolab.bbn.com/protogeni/xmlrpc/am,
    447 http://myplc.gpolab.bbn.com:12346/, http://myplc.clemson.edu:12346/,
    448 https://myplc.stanford.edu:12346/,
    449 https://wings-openflow-1.wail.wisc.edu:12346/,
    450 https://of.cs.washington.edu:12346/, https://plc.orbit-lab.org:12346/,
    451 https://myplc.grnoc.iu.edu:12346/, https://myplc.cip.gatech.edu:12346/,
    452 https://foam-tutorial.gpolab.bbn.com:3626/foam/gapi/1
    453 
    454 # ---------- Frameworks ----------
    455 [pgeni]
    456 type = pg
    457 ch = https://www.emulab.net:443/protogeni/xmlrpc/ch
    458 sa = https://www.pgeni.gpolab.bbn.com:443/protogeni/xmlrpc/sa
    459 
    460 # Use the following two lines if you are using
    461 # a certificate with a passphrase
    462 #cert = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert.pem
    463 #key = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert.pem
    464 
    465 # Use the following two lines if you are using
    466 # a cleartext cert.
    467 cert = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert_ct.pem
    468 key = ~/Tutorials/Omni/gpousr21/ssh/gpousr21_cert_ct.pem
    469 
    470 #------AM nicknames----------------
    471 # Instead of typing the whole url of an AM in the -a option you can
    472 # specify a nickname in this section and use the nickname instead
    473 
    474 # Format :
    475 # Nickname=URN, URL
    476 # URN is optional
    477 [aggregate_nicknames]
    478 # ProtoGENI AMs and PlanetLab central
    479 pg-gpo=urn:publicid:IDN+pgeni.gpolab.bbn.com+authority+am,https://pgeni.gpolab.bbn.com/protogeni/xmlrpc/am
    480 pg-utah=,https://www.emulab.net/protogeni/xmlrpc/am
    481 pg-ky=urn:publicid:IDN+uky.emulab.net+authority+am,https://www.uky.emulab.net/protogeni/xmlrpc/am
    482 plc=,https://www.planet-lab.org:12346
    483 
    484 # Private myplc installations
    485 pl-gpo=,http://myplc.gpolab.bbn.com:12346/
    486 pl-clemson=,http://myplc.clemson.edu:12346/
    487 pl-stanford=,https://myplc.stanford.edu:12346/
    488 pl-wisconsin=,https://wings-openflow-1.wail.wisc.edu:12346/
    489 pl-washington=,https://of.cs.washington.edu:12346/
    490 pl-rutgers=,https://plc.orbit-lab.org:12346/
    491 pl-indiana=,https://localhost:1234/
    492 pl-gatech=,https://localhost:2346/
    493 
    494 
    495 # Tutorial OpenFlow AM
    496 of-tut=,https://foam-tutorial.gpolab.bbn.com:3626/foam/gapi/1
    497 
    498 # Other OpenFlow AMs
    499 of-gpo=,https://foam.gpolab.bbn.com:3626/foam/gapi/1
    500    }}}
    501 
    502    Note, the pgeni framework definition includes the Utah Emulab clearinghouse,
    503 which is the only clearinghouse for ProtoGENI aggregates. For additional
    504 configuration details please see the [http://trac.gpolab.bbn.com/gcf/wiki/Omni
    505 Omni] page for more details.  The omni_configuration parameters shown define the
    506 following:  [[BR]]
    507    || '''Parameter'''   || ''' Use'''  ||
    508    || default_cf||  Default Clearinghouse and credentials used if not specified
    509 on the command line.  ||
    510    || users||  users setting used when reserving slices. ||
    511    || urn||  The username URN ||
    512    || keys|| A comma separated list of public ssh key files to be uploaded to
    513 the Clearinghouse and to your resources ||
    514    || type||  Clearinghouse/credentials type "pg" indicates ProtoGENI, see the
    515 [http://trac.gpolab.bbn.com/gcf/wiki/Omni Omni] page. ||
    516    || ch||  ProtoGENI Clearinghouse URL. ||
    517    || sa|| Slice Authority URL. ||
    518    || cert||  Location of your SSL encrypted certificate (contains both a
    519 certificate and a key). ||
    520    || key||  Location of your SSL encrypted key (contains both a certificate and
    521 a key). ||
    522    || <AM nickname>|| Optional URN, required URL of an Aggregate Manager. ||
    523 
    524    * Verify that the user URN is correct.
    525      Get the URN from your omni config
    526      {{{
    527      grep urn omni_config
    528      }}}
    529      Verify that it matches the urn in your cert (disregard the leading URI:)
    530      {{{
    531      openssl x509 -noout -text -in ./ssh/<username>_cert_ct.pem | grep
    532 'urn:publicid'
    533      }}}
    534      For gpousr21 the output looks like
    535      {{{
    536 geni@geni-vm:~/omni_tutorial$ grep urn omni_config
    537 urn = urn:publicid:IDN+pgeni.gpolab.bbn.com+user+gpousr21
    538 geni@geni-vm:~/omni_tutorial$ openssl x509 -noout -text -in
    539 ./ssh/gpousr21_cert_ct.pem | grep 'urn:publicid'
    540                 URI:urn:publicid:IDN+pgeni.gpolab.bbn.com+user+gpousr21,
    541 email:gpousr21@pgeni.gpolab.bbn.com
    542      }}}
    543 
    544 === 1b. Test configuration ===
    545 In order to test that our configuration is correct, you can issue a getversion
    546 command. For this step we have used !PlanetLab's AM, but you can use any
    547 Aggregate Manager(AM).
    548 {{{
    549 omni.py getversion -a http://www.planet-lab.org:12346
    550 }}}
    551 
    552 Or equivalently using the !PlanetLab nickname:
    553 {{{
    554 omni.py getversion -a plc
    555 }}}
    556 
    557 gpousr21 decided to use !PlanetLab central :
    558 {{{
    559 #!xml
    560 geni@geni-tutorial:~/Tutorials/Omni/gpousr21$ omni.py getversion -a plc
    561 INFO:omni:Loading config file omni_config
    562 INFO:omni:Using control framework pgeni
    563 INFO:omni:Substituting AM nickname plc with URL
    564 https://www.planet-lab.org:12346, URN unspecified_AM_URN
    565 INFO:omni:AM URN: unspecified_AM_URN (url: https://www.planet-lab.org:12346) has
    566 version:
    567 INFO:omni:{   'ad_rspec_versions': [   {   'extensions': [
    568 'http://www.protogeni.net/resources/rspec/ext/gre-tunnel/1',
    569                                                    'http://www.protogeni.net/resources/rspec/ext/other-ext/3'],
    570                                  'namespace':
    571 'http://www.protogeni.net/resources/rspec/2',
    572                                  'schema':
    573 'http://www.protogeni.net/resources/rspec/2/ad.xsd',
    574                                  'type': 'ProtoGENI',
    575                                  'version': '2'},
    576                              {   'extensions': [],
    577                                  'namespace': None,
    578                                  'schema': None,
    579                                  'type': 'SFA',
    580                                  'version': '1'}],
    581     'code_tag': '1.0-35',
    582     'code_url': 'git://git.onelab.eu/sfa.git@sfa-1.0-35',
    583     'default_ad_rspec': {   'extensions': [],
    584                             'namespace': None,
    585                             'schema': None,
    586                             'type': 'SFA',
    587                             'version': '1'},
    588     'geni_api': 1,
    589     'hostname': 'www.planet-lab.org',
    590     'hrn': 'plc',
    591     'interface': 'aggregate',
    592     'request_rspec_versions': [   {   'extensions': [
    593 'http://www.protogeni.net/resources/rspec/ext/gre-tunnel/1',
    594                                                         'http://www.protogeni.net/resources/rspec/ext/other-ext/3'],
    595                                       'namespace':
    596 'http://www.protogeni.net/resources/rspec/2',
    597                                       'schema':
    598 'http://www.protogeni.net/resources/rspec/2/request.xsd',
    599                                       'type': 'ProtoGENI',
    600                                       'version': '2'},
    601                                   {   'extensions': [],
    602                                       'namespace': None,
    603                                       'schema': None,
    604                                       'type': 'SFA',
    605                                       'version': '1'}],
    606     'sfa': 1,
    607     'testbed': 'myplc'}
    608 INFO:omni: ------------------------------------------------------------
    609 INFO:omni: Completed getversion:
    610 
    611   Options as run:
    612     aggregate: plc
    613     framework: pgeni
    614     native: True
    615 
    616   Args: getversion
    617 
    618   Result Summary:
    619 Got version for 1 out of 1 aggregates
    620  
    621 INFO:omni: ============================================================
    622 }}}
    623 
    624 == 2. Make a slice ==
    625 Before we continue with the rest of the tutorial, we need to create a slice that
    626 will contain all our slivers with the different AMs.
    627 Since the omni_config specifies using GPO's ProtoGENI as the Slice Authority
    628 (SA), your slice will be created in the pgeni.gpolab.bbn.com namespace. 
    629 
    630 === 2a. Createslice ===
    631 For this tutorial we will create a slice named ''gposlice##'' (where ## matches
    632 your username); you should always choose a slice name that is meaningful to you.
    633 To avoid confusion, avoid creating a slice with the same name as your username
    634 (i.e. if your username is ''alice'', don't name your slice ''alice'' too).
    635 {{{
    636 omni.py createslice gposlice##
    637 }}}
    638 
    639 
    640 === 2b. Renew Slice ===
    641 Note in the above output that our new slice expires soon. Your slivers can not
    642 last longer then your slice, and your resources will go away when the
    643 reservation expires. For your experiments be sure to renew your slice for the
    644 duration of your experiment. For the tutorial you don't need to extend the
    645 lifetime, but if you wanted to, this is what it would look like:
    646 
    647 {{{
    648 omni.py renewslice gposlice## 20111105T00:00:00
    649 }}}
    650 
    651 For Alice the output would like:
    652 {{{
    653 geni@geni-tutorial:~/Tutorials/Omni/gpousr21$ omni.py renewslice gposlice21
    654 20111105T00:00:00
    655 INFO:omni:Loading config file omni_config
    656 INFO:omni:Using control framework pgeni
    657 INFO:omni.protogeni:Requesting new slice expiration '2011-11-05T00:00:00'
    658 INFO:omni:Slice gposlice21 now expires at 2011-11-05 00:00:00 UTC
    659 INFO:omni:Slice urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+gposlice21 expires
    660 on 2011-11-05 00:00:00 UTC
    661 INFO:omni: ------------------------------------------------------------
    662 INFO:omni: Completed renewslice:
    663 
    664   Options as run:
    665     framework: pgeni
    666     native: True
    667 
    668   Args: renewslice gposlice21 20111105T00:00:00
    669 
    670   Result Summary: Slice gposlice21 now expires at 2011-11-05 00:00:00 UTC
    671 Slice urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+gposlice21 expires on
    672 2011-11-05 00:00:00 UTC
    673 INFO:omni: ============================================================
    674 
    675 }}}
    676 
    677 '''Note:''' You can not renew the slice expiration time to an earlier time that
    678 its current expiration time. Also there is no deleteslice operation. However,
    679 you can delete all the slivers in your slice and let the slice expire.
    680 
    681 
    682 === 2c. List your Slices ===
    683 If you want to find out what slices you currently have, you can use an Omni
    684 command to {{{listmyslices}}}.
    685 {{{
    686 omni.py listmyslices <username>
    687 }}}
    688 
    689 We've pre-reserved resources in a second slice (ctrl##) in advance of the
    690 tutorial for each user.
    691 
    692 So for gpousr21 the output would look like :
    693 {{{
    694 geni@geni-tutorial:~/Tutorials/Omni/gpousr21$ omni.py listmyslices gpousr21
    695 INFO:omni:Loading config file omni_config
    696 INFO:omni:Using control framework pgeni
    697 INFO:omni:User 'gpousr21' has slices:
    698   urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+gposlice21
    699   urn:publicid:IDN+pgeni.gpolab.bbn.com+slice+ctrl21
    700 INFO:omni: ------------------------------------------------------------
    701 INFO:omni: Completed listmyslices:
    702 
    703   Options as run:
    704     framework: pgeni
    705     native: True
    706 
    707   Args: listmyslices gpousr21
    708 
    709   Result Summary: Found 2 slices for user 'gpousr21'.
    710  
    711 INFO:omni: ============================================================
    712 
    713 }}}
     381=== Createsliver and sliverstatus  ===
     382For this part we are going to go back and forth between Omni and Flack and understand how each tool manipulate slices. In Flack go back to the empty canvas on your slice. You will see on the left the AMs that you chose in the beginning .
     383There are some icons next to them to correspond to nodes. You can drag and drop nodes in your canvas.
     384
     385[[Image(flack-addnodes.png, 50%)]]
     386
     387 You can press on the (i) button and look at all the information that you can set for your nodes. If you have more than one nodes in your canvas you can draw links between the nodes, and set parameters on that links.
     388
     389On the background Flack is creating the request specification documents that you will need to reserve the resources that are on your slice canvas. If you want to take a look at the RSpec created by flack you have to press at the button on the top right of your canvas that correspond to "Preview Request Rspec".
     390
     391[[Image(flack-preview.png, 50%)]]
     392
     393
    714394
    715395== 3. Make a ProtoGENI sliver ==