Changes between Version 11 and Version 12 of GENIExperimenter/Tutorials/NSDI13/IntroToOmni/DesignSetup


Ignore:
Timestamp:
03/12/13 02:51:41 (11 years ago)
Author:
nriga@bbn.com
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GENIExperimenter/Tutorials/NSDI13/IntroToOmni/DesignSetup

    v11 v12  
    3939}}}
    4040
    41 == 1a. Look around the omni_config file -- Optional ==
     41== 1a. Look around the omni_config file ==
    4242Open the file `~/.gcf/omni_config` using either vim or emacs. Close to the top of the file you will see two parameters called `default_cf` and `users`. Your username should be at least listed in the user section. Look for the sections in the file that are named `[pg]` and  `[<username>]`.
    4343
     
    4848Another interesting section to look at is the `[aggregate-nicknames]` sections. Flack already knows the URL for all the AMs and present you a list of AMs to choose from using a short, descriptive name. In Omni a user is required to pass the URL for each call to the GENI AM API. In this section the user gets a chance to provide short descriptive names to the URLs that are easier to memorize and use.
    4949
    50 = 2. Clear the passphrase from your cert =
    51 When Omni talks to different authorities in GENI, it will need to identify you
    52 as a valid GENI user, so it will ask you for your passphrase multiple times.
    53 To save time during the tutorial, we are going to remove the passphrase from your cert and your ssh key. There is a script to clear the passphrases.
    54   i. In the terminal run
    55   {{{
    56 clear-passphrases.py
    57 }}}
    58   Use the passphrase given to you in the paper slip, you might be prompted for a passphrase multiple times make sure you always use the same passphrase.
    59   The output should look like
    60   {{{
    61 geni@geni-vm:~$ clear-passphrases.py
    62 Do you want to remove the passphrase from your cert (/home/geni/.ssl/geni_cert.pem) [Y,n]?y
    63 INFO:clearcert:
    64         THIS SCRIPT WILL REPLACE /home/geni/.ssl/geni_cert.pem WITH AN UNENCREPTED CERT. A BACKUP OF THE ORIGINAL CERT WILL BE CREATED
    65 
    66 INFO:clearcert:The encoded certificate file is backed up at /home/geni/.ssl/geni_cert_enc.pem
    67 INFO:clearcert:Removing passphrase from cert...
    68 Enter pass phrase for /home/geni/.ssl/geni_cert.pem:
    69 writing RSA key
    70 INFO:clearcert:Change permissions of /home/geni/.ssl/geni_cert.pem to 0600
    71 Do you want to remove the passphrase from you ssh-key (/home/geni/.ssh/geni_key, key used to login to compute resources) [Y,n]?y
    72 INFO:clearcert:
    73         THIS SCRIPT WILL REMOVE THE PASSPHRASE FROM YOUR SSH KEY. NO COPY OF THE ORIGINAL PRIVATE KEY WILL BE KEPT
    74 Enter PEM pass phrase:
    75 Enter passphrase:
    76 geni@geni-vm:~$
    77 }}}
    78   i. Add the key to the ssh agent
    79   {{{
    80   ssh-add ~/.ssh/geni_key
    81   }}}
    82   i. Verify that you have the necessary credential and key files
    83      {{{
    84      ls ~/.ssh ~/.ssl
    85      }}}
    86      The output looks like :
    87      {{{
    88 geni@geni-vm:~$ ls ~/.ssh ~/.ssl
    89 /home/geni/.ssh:
    90 config  geni_key  geni_key.pub
    91 
    92 /home/geni/.ssl:
    93 geni_cert_enc.pem  geni_cert.pem
    94      }}}
    95 
    96    || geni_cert.pem || Cleartext certificate, i.e. does not require any passphrase ||
    97    || geni_cert_enc.pem || Encrypted certificate  ||
    98    || geni_key || The private key that you will use to login to the nodes ||
    99    || geni_key.pub || The corresponding public key that will be uploaded to the nodes ||
    100 
    101   '''Note''': You might see more files than the ones listed above, which are
    102   probably backup files from configuring omni, or files from other tutorials.
    103 
    104 == 3. Test Omni setup ==
     50== Test Omni setup ==
    10551In order to test that our configuration is correct, you can issue a `getversion`
    10652command. For this step we have used !PlanetLab's AM, but you can use any
     
    10854  i. In the terminal type:
    10955  {{{
    110 omni.py getversion -a plc
     56omni.py getversion -a pg-gpo
    11157}}}
    11258  In GENI each AM can be contacted using a specific URL. In order to make it