Context Navigation

CG-ADM-1

Timestamp:: 12/08/14 13:30:03 (9 years ago)
Author:: lnevers@bbn.com
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

GENIRacksHome/CiscoGENIRacks/AcceptanceTestStatus/CG-ADM-1

-                      v4
+                      v5
 = CG-ADM-1 Administrative Tests =
 This test validates administrative access for NCSU2 and NCSU Cisco racks
+This test validates administrative access for NCSU2 and NCSU Cisco racks.  Cisco GENI Racks Administrator accounts can be obtained as described at the [https://wiki.exogeni.net/doku.php?id=public:operators:start ExoGENI Rack Operators] page where accounts creation and usage is documented.
 == Test Status ==
 …
 = NCSU2 Administrative Access =
-Administrator accounts on an ExoGENI and Cisco racks are documented at [https://wiki.exogeni.net/doku.php?id=public:operators:start ExoGENI wiki],  with the [https://wiki.exogeni.net/doku.php?id=public:operators:start#authentication_authorization operator authentication] page proving insight into accounts creation and usage.
 With requested account accessed rack head node and verified root access and group membership:
 {{{
 LNM:~$ ssh ncsu2-hn.exogeni.net
+sudo whoami
+id
+The authenticity of host 'ncsu2-hn.exogeni.net (152.48.13.190)' can't be established.
+RSA key fingerprint is 73:17:05:21:29:42:71:05:52:e5:fd:16:a1:07:78:be.
+Are you sure you want to continue connecting (yes/no)? yes
+Warning: Permanently added 'ncsu2-hn.exogeni.net,152.48.13.190' (RSA) to the list of known hosts.
+lnevers@ncsu2-hn.exogeni.net's password:
+Creating home directory for lnevers.
+|-----------------------------------------------------------------|
+|                ____ ____ ____ ____ ____ ____ ____               |
+|               ||E |||x |||o |||G |||E |||N |||I ||              |
+|               ||__|||__|||__|||__|||__|||__|||__||              |
+|               |/__\|/__\|/__\|/__\|/__\|/__\|/__\|              |
+|                                                                 |
+|-----------------------------------------------------------------|
+[lnevers@ncsu2-hn ~]$ sudo whoami
+We trust you have received the usual lecture from the local System
+Administrator. It usually boils down to these three things:
+    #1) Respect the privacy of others.
+    #2) Think before you type.
+    #3) With great power comes great responsibility.
+[sudo] password for lnevers:
+root
+[lnevers@ncsu2-hn ~]$ id
+uid=2107(lnevers) gid=2000(nonrenci) groups=2000(nonrenci),2502(ncsuadmins),2508(osfadmins),2509(ucdadmins),2510(sladmins),2512(ncsu2admins),2513(tamuadmins),9510(bbnadmins)
+[lnevers@ncsu2-hn ~]$
 }}}
 From head node verified login and administrative access to each of the worker nodes that supply VMs.
 {{{
+for i in 1 2 3 4 5 6 7 8; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
+[lnevers@ncsu2-hn ~]$ for i in 1 2 3 4 ; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
+Executing on: ncsu2-w1
+root
+Linux ncsu2-w1 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
+Executing on: ncsu2-w2
+root
+Linux ncsu2-w2 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
+Executing on: ncsu2-w3
+root
+Linux ncsu2-w3 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
+Executing on: ncsu2-w4
+root
+Linux ncsu2-w4 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
+[lnevers@ncsu2-hn ~]$
 }}}
 For each worker node execute the following:
 {{{
+for i in 9 10; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
+}}}
+for i in X Y; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
+}}}
+''' Note: No Bare Metal Nodes '''
 Connect to the management switch:
 …
 Verify FOAM and !FlowVisor configuration files ownership and paths:
 {{{
+[lnevers@ncsu2-hn ~]$  ls -l /etc/foam.passwd  /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd
+[lnevers@ncsu2-hn ~]$ ls -l /etc/foam.passwd  /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd
+lrwxrwxrwx 1 root      flowvisor   21 Feb 10  2014 /etc/flowvisor/fvpasswd -> /etc/flowvisor.passwd
+-r--r----- 1 flowvisor ncsu2admins 25 Feb  9  2014 /etc/flowvisor.passwd
+-r--r----- 1 root      ncsu2admins 25 Feb  9  2014 /etc/foam.passwd
+lrwxrwxrwx 1 root      root        16 Feb 10  2014 /opt/foam/etc/foampasswd -> /etc/foam.passwd
+[lnevers@ncsu2-hn ~]$
 }}}
 Check FOAM version and FOAM configuration for site.admin.email, geni.site-tag, email.from settings on the NCSU2 head node:
+{{{
+[lnevers@ncsu2-hn ~]$ foamctl admin:get-version  --passwd-file=/etc/foam.passwd
+{
+ "version": "0.14.0"
+}
+[lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="site.admin.email"  --passwd-file=/opt/foam/etc/foampasswd
+{
+ "value": "foam-admin@gpolab.bbn.com"
+}
+[lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="geni.site-tag"  --passwd-file=/opt/foam/etc/foampasswd
+{
+ "value": "ncsu2-hn.exogeni.net"
+}
+[lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="email.from"  --passwd-file=/opt/foam/etc/foampasswd
+{
+ "value": null
+}
+[lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="geni.approval.approve-on-creation"  --passwd-file=/opt/foam/etc/foampasswd
+{
+ "value": 0
+}
+[lnevers@ncsu2-hn ~]$
+}}}
+Show FOAM slivers details:
+{{{
+[lnevers@ncsu2-hn ~]$ foamctl geni:list-slivers --passwd-file=/opt/foam/etc/foampasswd
+{
+ "slivers": [
+  {
+   "status": "pending",
+   "flowvisor_slice": "dd2e77e8-02d0-45b8-8053-32c65960a88c",
+   "slice_urn": "urn:publicid:IDN+ch.geni.net:ln-test+slice+IG-CT-4",
+   "pend_reason": [],
+   "deleted": "False",
+   "user": "urn:publicid:IDN+ch.geni.net+user+lnevers",
+   "creation": "2014-12-04 19:42:24.569232+00:00",
+   "enabled": false,
+   "uuid": "dd2e77e8-02d0-45b8-8053-32c65960a88c",
+   "id": 3,
+   "expiration": "2014-12-10 00:00:00+00:00",
+   "sliver_urn": "urn:publicid:IDN+ch.geni.net:ln-test+slice+IG-CT-4:dd2e77e8-02d0-45b8-8053-32c65960a88c",
+   "ref": null,
+   "email": "lnevers@bbn.com",
+   "desc": "IG-CT-4 over 3716 "
+  }
+ ]
+}
+[lnevers@ncsu2-hn ~]$
+}}}
+Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU2 Head node:
+{{{
+[lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd ping hello
+Got reply:
+PONG(fvadmin): FV version=flowvisor-0.8.1::hello
+[lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listDevices
+Device 0: 00:01:18:e7:28:07:bf:c0
+[lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getDeviceInfo 00:01:18:e7:28:07:bf:c0
+nPorts=5
+portList=32,35,44,33,34
+dpid=00:01:18:e7:28:07:bf:c0
+remote=/192.168.107.20:6633-->/192.168.107.4:13369
+portNames=Eth1/32(32),Eth1/35(35),Eth1/44(44),Eth1/33(33),Eth1/34(34)
+[lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listSlices
+Slice 0: fvadmin
+Slice 1: orca-141
+Slice 2: orca-142
+Slice 3: orca-140
+Slice 4: orca-143
+Slice 5: orca-136
+Slice 6: orca-137
+Slice 7: orca-138
+Slice 8: orca-128
+Slice 9: orca-139
+Slice 10: orca-158
+Slice 11: orca-129
+Slice 12: orca-159
+Slice 13: orca-154
+Slice 14: orca-155
+Slice 15: orca-130
+Slice 16: orca-156
+Slice 17: orca-131
+Slice 18: orca-157
+Slice 19: orca-132
+Slice 20: orca-133
+Slice 21: orca-134
+Slice 22: orca-152
+Slice 23: orca-135
+Slice 24: orca-153
+[lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getSliceInfo orca-153
+Got reply:
+connection_1=00:01:18:e7:28:07:bf:c0-->/152.48.13.190:24503-->ncsu2-hn.exogeni.net/152.48.13.190:54423
+contact_email=exogeni-ops@renci.org
+controller_hostname=ncsu2-hn.exogeni.net
+controller_port=54423
+creator=fvadmin
+[lnevers@ncsu2-hn ~]$
+}}}
+= NCSU Administrative Access =
+With requested account accessed rack head node and verified root access and group membership:
+{{{
+LNM:~$ ssh ncsu-hn.exogeni.net
+sudo whoami
+id
+}}}
+From head node verified login and administrative access to each of the worker nodes that supply VMs.
+{{{
+for i in 1 2 3 4 5 6 7 8; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
+}}}
+For each worker node execute the following:
+{{{
+for i in 9 10; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
+}}}
+Connect to the management switch:
+{{{
+[lnevers@ncsu-hn ~]$ ssh ncsu-8052.ncsu.xo
+>ena
+show interface status
+show version
+show vlan
+}}}
+}}}
+Connect to the !OpenFlow switch:
+{{{
+ ssh lnevers@ncsu-8264.ncsu.xo
+>ena
+show interface status
+show version brief
+show vlan
+}}}
+Verify FOAM and !FlowVisor configuration files ownership and paths:
+{{{
+[lnevers@ncsu-hn ~]$  ls -l /etc/foam.passwd  /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd
+}}}
+Check FOAM version and FOAM configuration for site.admin.email, geni.site-tag, email.from settings on the NCSU head node:
 {{{
 }}}
 …
 }}}
 Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU2 Head node:
+Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU Head node:
 {{{
 /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd ping hello
 …
 }}}
-= NCSU Administrative Access =
-Administrator accounts on an ExoGENI and Cisco racks are documented at https://wiki.exogeni.net/doku.php?id=public:operators:start,  with https://wiki.exogeni.net/doku.php?id=public:operators:start#authentication_authorization proving insight into accounts creation and usage.
-With requested account accessed rack head node and verified root access and group membership:
-{{{
-LNM:~$ ssh ncsu-hn.exogeni.net
-sudo whoami
-id
-}}}
-From head node verified login and administrative access to each of the worker nodes that supply VMs.
-{{{
-for i in 1 2 3 4 5 6 7 8; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
-}}}
-For each worker node execute the following:
-{{{
-for i in 9 10; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
-}}}
-Connect to the management switch:
-{{{
-[lnevers@ncsu-hn ~]$ ssh ncsu-8052.ncsu.xo
->ena
-show interface status
-show version
-show vlan
-}}}
-}}}
-Connect to the !OpenFlow switch:
-{{{
- ssh lnevers@ncsu-8264.ncsu.xo
->ena
-show interface status
-show version brief
-show vlan
-}}}
-Verify FOAM and !FlowVisor configuration files ownership and paths:
-{{{
-[lnevers@ncsu-hn ~]$  ls -l /etc/foam.passwd  /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd
-}}}
-Check FOAM version and FOAM configuration for site.admin.email, geni.site-tag, email.from settings on the NCSU head node:
-{{{
-}}}
-foamctl admin:get-version  --passwd-file=/etc/foam.passwd
-foamctl config:get-value --key="site.admin.email"  --passwd-file=/opt/foam/etc/foampasswd
-foamctl config:get-value --key="geni.site-tag"  --passwd-file=/opt/foam/etc/foampasswd
-foamctl config:get-value --key="email.from"  --passwd-file=/opt/foam/etc/foampasswd
-foamctl config:get-value --key="geni.approval.approve-on-creation"  --passwd-file=/opt/foam/etc/foampasswd
-Show FOAM slivers details:
-{{{
-foamctl geni:list-slivers --passwd-file=/opt/foam/etc/foampasswd
-}}}
-Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU Head node:
-{{{
-/opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd ping hello
-/opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listDevices
-/opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getDeviceInfo
-/opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listSlices
-/opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getSliceInfo  urn
-}}}