Changes between Version 31 and Version 32 of GENIRacksAdministration/InstaGENIAdministration


Ignore:
Timestamp:
04/06/17 09:24:02 (3 years ago)
Author:
lnevers@bbn.com
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GENIRacksAdministration/InstaGENIAdministration

    v31 v32  
    1111
    1212    - boss and ops hosts
    13     - control, flowvisor and foam hosts
     13    - control and flowvisor hosts
    1414
    1515To access any of the above hosts, simply add the your domain name to the hostname listed above. For example to access the GPO boss node:
     
    3333The '' boss''  and ''ops'' hosts are VMs located on the ''control'' node. The ''local administrator'' must request an account via the InstaGENI web interface as described in [wiki:GENIRacksAdministration/InstaGENIAdministration#a1.2.1.UserRequestsAdministrativeAccount section 1.2.1] below before they can SSH to these two VMs. This process is the same for subsequent administrator accounts. [[BR]]
    3434
    35 === 1.1.2 control, flowvisor and foam hosts ===
     35=== 1.1.2 control and flowvisor hosts ===
    3636
    37 The ''control'' host is a physical node, while the '' flowvisor'' and ''foam'' hosts are VMs.  The initial ''local administrator'' must send the desired login ID and an SSH version 2 public key to the InstaGENI Utah team.  The requested login ID and SSH keys will be part of the OS images that run on the ''control'', ''foam'' and ''flowvisor'' hosts.  Once the ''local administrator'' has access to these 3 hosts and he/she may grant access to subsequent administrators as described in the [wiki:GENIRacksAdministration/InstaGENIAdministration#a1.2.3.LocalAdministratorInstallsKeysonthecontrolfoamandflowvisorhosts section 1.2.3]
     37The ''control'' host is a physical node, while the '' flowvisor'' host is a VM.  The initial ''local administrator'' must send the desired login ID and an SSH version 2 public key to the InstaGENI Utah team.  The requested login ID and SSH keys will be part of the OS images that run on the ''control'' and ''flowvisor'' hosts.  Once the ''local administrator'' has access to these 2 hosts and he/she may grant access to subsequent administrators as described in the [wiki:GENIRacksAdministration/InstaGENIAdministration#a1.2.3.LocalAdministratorInstallsKeysonthecontrolandflowvisorhosts section 1.2.3]
    3838
    3939=== 1.1.3 Experimenter nodes ===
     
    6262  1. User requests administrative account by joining "emulab-ops" group.
    6363  2. Local administrator approves request and enables ''boss'' and ops ''administrative'' access.
    64   3. Local administrator installs requester public key on control, foam and flowvisor hosts.
     64  3. Local administrator installs requester public key on control and flowvisor hosts.
    6565
    6666=== 1.2.1. User Requests Administrative Account ===
     
    8989''Note'': A user must verify email address before their request shows up in the ''New User Approval'' list.
    9090
    91 === 1.2.3. Local Administrator Installs Keys on the control, foam and flowvisor hosts ===
     91=== 1.2.3. Local Administrator Installs Keys on the control and flowvisor hosts ===
    9292
    93 The ''local administrator'' has an account on the ''control'', ''foam'', and ''flowvisor'' hosts, where he/she can use the ''mkadmin.pl'' script to add (or remove) other administrator accounts.
     93The ''local administrator'' has an account on the ''control'' and ''flowvisor'' hosts, where he/she can use the ''mkadmin.pl'' script to add (or remove) other administrator accounts.
    9494
    9595
     
    103103 }}}
    104104
    105 Repeat the procedure for the ''foam'' host:
    106  {{{
    107  $ scp user-ssh-key.pub foam.your.rack.domain:<pathtopubkey>
    108  $ ssh foam.your.rack.domain
    109  foam-host> sudo /usr/local/bin/mkadmin.pl <username> <pathtopubkey>
    110  }}}
    111 
    112 And finally repeat the procedure for the ''flowvisor'' host:
     105Repeat the procedure for the ''flowvisor'' host:
    113106 {{{
    114107 $ scp user-ssh-key.pub flowvisor.your.rack.domain:<pathtopubkey>
     
    117110 }}}
    118111
    119 The new administrator account now has SSH access to the control, foam and flowvisor hosts with the keys provided.
     112The new administrator account now has SSH access to the control and flowvisor hosts with the keys provided.
    120113
    121114== 1.3 Using Administrator Accounts ==
     
    144137To remove an administrator account two steps must be taken:
    145138  1. Delete the user web account for the rack
    146   2. Remove the user SSH Keys for the ''control'', ''foam'', and ''flowvisor'' hosts.
     139  2. Remove the user SSH Keys for the ''control'' and ''flowvisor'' hosts.
    147140
    148141=== 1.4.1 Delete Web Interface Administrator Account ===
     
    159152=== 1.4.2 Remove SSH Keys ===
    160153
    161 To remove access for any accounts, an administrator must execute the '' '''mkadmin.pl''' '' script on the ''control'', ''foam'', and ''flowvisor'' hosts as follows:
     154To remove access for any accounts, an administrator must execute the '' '''mkadmin.pl''' '' script on the ''control'' and ''flowvisor'' hosts as follows:
    162155 {{{
    163156 $ ssh control.your.rack.domain
     
    165158 }}}
    166159
    167 Repeat the procedure for the ''foam'' host:
    168  {{{
    169  $ ssh foam.your.rack.domain
    170  $ sudo /usr/local/bin/mkadmin.pl -r <username>
    171  }}}
    172 
    173 And finally, repeat procedure for the ''flowvisor'' host:
     160Repeat the procedure for the ''flowvisor'' host:
    174161 {{{
    175162 $ ssh flowvisor.your.rack.domain