Changes between Version 4 and Version 5 of GENIRacksHome/CiscoGENIRacks/AcceptanceTestStatus/CG-ADM-1


Ignore:
Timestamp:
12/08/14 13:30:03 (5 years ago)
Author:
lnevers@bbn.com
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GENIRacksHome/CiscoGENIRacks/AcceptanceTestStatus/CG-ADM-1

    v4 v5  
    33= CG-ADM-1 Administrative Tests =
    44
    5 This test validates administrative access for NCSU2 and NCSU Cisco racks
     5This test validates administrative access for NCSU2 and NCSU Cisco racks.  Cisco GENI Racks Administrator accounts can be obtained as described at the [https://wiki.exogeni.net/doku.php?id=public:operators:start ExoGENI Rack Operators] page where accounts creation and usage is documented.
    66
    77== Test Status ==
     
    2525= NCSU2 Administrative Access =
    2626
    27 Administrator accounts on an ExoGENI and Cisco racks are documented at [https://wiki.exogeni.net/doku.php?id=public:operators:start ExoGENI wiki],  with the [https://wiki.exogeni.net/doku.php?id=public:operators:start#authentication_authorization operator authentication] page proving insight into accounts creation and usage.
    28 
    2927With requested account accessed rack head node and verified root access and group membership:
    3028{{{
    3129LNM:~$ ssh ncsu2-hn.exogeni.net
    32 
    33 
    34 sudo whoami
    35 
    36 id
    37 
     30The authenticity of host 'ncsu2-hn.exogeni.net (152.48.13.190)' can't be established.
     31RSA key fingerprint is 73:17:05:21:29:42:71:05:52:e5:fd:16:a1:07:78:be.
     32Are you sure you want to continue connecting (yes/no)? yes
     33Warning: Permanently added 'ncsu2-hn.exogeni.net,152.48.13.190' (RSA) to the list of known hosts.
     34lnevers@ncsu2-hn.exogeni.net's password:
     35Creating home directory for lnevers.
     36|-----------------------------------------------------------------|
     37|                ____ ____ ____ ____ ____ ____ ____               |
     38|               ||E |||x |||o |||G |||E |||N |||I ||              |
     39|               ||__|||__|||__|||__|||__|||__|||__||              |
     40|               |/__\|/__\|/__\|/__\|/__\|/__\|/__\|              |
     41|                                                                 |
     42|-----------------------------------------------------------------|
     43[lnevers@ncsu2-hn ~]$ sudo whoami
     44
     45We trust you have received the usual lecture from the local System
     46Administrator. It usually boils down to these three things:
     47
     48    #1) Respect the privacy of others.
     49    #2) Think before you type.
     50    #3) With great power comes great responsibility.
     51
     52[sudo] password for lnevers:
     53root
     54[lnevers@ncsu2-hn ~]$ id
     55uid=2107(lnevers) gid=2000(nonrenci) groups=2000(nonrenci),2502(ncsuadmins),2508(osfadmins),2509(ucdadmins),2510(sladmins),2512(ncsu2admins),2513(tamuadmins),9510(bbnadmins)
     56[lnevers@ncsu2-hn ~]$
    3857}}}
    3958
    4059From head node verified login and administrative access to each of the worker nodes that supply VMs.
    4160{{{
    42 for i in 1 2 3 4 5 6 7 8; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
     61[lnevers@ncsu2-hn ~]$ for i in 1 2 3 4 ; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
     62Executing on: ncsu2-w1
     63root
     64Linux ncsu2-w1 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
     65Executing on: ncsu2-w2
     66root
     67Linux ncsu2-w2 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
     68Executing on: ncsu2-w3
     69root
     70Linux ncsu2-w3 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
     71Executing on: ncsu2-w4
     72root
     73Linux ncsu2-w4 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
     74[lnevers@ncsu2-hn ~]$
    4375}}}
    4476
    4577For each worker node execute the following:
    4678{{{
    47 for i in 9 10; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
    48 }}}
     79for i in X Y; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
     80}}}
     81
     82''' Note: No Bare Metal Nodes '''
    4983
    5084Connect to the management switch:
     
    74108Verify FOAM and !FlowVisor configuration files ownership and paths:
    75109{{{
    76 [lnevers@ncsu2-hn ~]$  ls -l /etc/foam.passwd  /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd
     110[lnevers@ncsu2-hn ~]$ ls -l /etc/foam.passwd  /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd
     111lrwxrwxrwx 1 root      flowvisor   21 Feb 10  2014 /etc/flowvisor/fvpasswd -> /etc/flowvisor.passwd
     112-r--r----- 1 flowvisor ncsu2admins 25 Feb  9  2014 /etc/flowvisor.passwd
     113-r--r----- 1 root      ncsu2admins 25 Feb  9  2014 /etc/foam.passwd
     114lrwxrwxrwx 1 root      root        16 Feb 10  2014 /opt/foam/etc/foampasswd -> /etc/foam.passwd
     115[lnevers@ncsu2-hn ~]$
     116
    77117}}}
    78118
    79119Check FOAM version and FOAM configuration for site.admin.email, geni.site-tag, email.from settings on the NCSU2 head node:
     120{{{
     121[lnevers@ncsu2-hn ~]$ foamctl admin:get-version  --passwd-file=/etc/foam.passwd
     122{
     123 "version": "0.14.0"
     124}
     125[lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="site.admin.email"  --passwd-file=/opt/foam/etc/foampasswd
     126{
     127 "value": "foam-admin@gpolab.bbn.com"
     128}
     129[lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="geni.site-tag"  --passwd-file=/opt/foam/etc/foampasswd
     130
     131{
     132 "value": "ncsu2-hn.exogeni.net"
     133}
     134[lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="email.from"  --passwd-file=/opt/foam/etc/foampasswd
     135{
     136 "value": null
     137}
     138[lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="geni.approval.approve-on-creation"  --passwd-file=/opt/foam/etc/foampasswd
     139{
     140 "value": 0
     141}
     142[lnevers@ncsu2-hn ~]$
     143}}}
     144
     145Show FOAM slivers details:
     146{{{
     147[lnevers@ncsu2-hn ~]$ foamctl geni:list-slivers --passwd-file=/opt/foam/etc/foampasswd
     148{
     149 "slivers": [
     150  {
     151   "status": "pending",
     152   "flowvisor_slice": "dd2e77e8-02d0-45b8-8053-32c65960a88c",
     153   "slice_urn": "urn:publicid:IDN+ch.geni.net:ln-test+slice+IG-CT-4",
     154   "pend_reason": [],
     155   "deleted": "False",
     156   "user": "urn:publicid:IDN+ch.geni.net+user+lnevers",
     157   "creation": "2014-12-04 19:42:24.569232+00:00",
     158   "enabled": false,
     159   "uuid": "dd2e77e8-02d0-45b8-8053-32c65960a88c",
     160   "id": 3,
     161   "expiration": "2014-12-10 00:00:00+00:00",
     162   "sliver_urn": "urn:publicid:IDN+ch.geni.net:ln-test+slice+IG-CT-4:dd2e77e8-02d0-45b8-8053-32c65960a88c",
     163   "ref": null,
     164   "email": "lnevers@bbn.com",
     165   "desc": "IG-CT-4 over 3716 "
     166  }
     167 ]
     168}
     169[lnevers@ncsu2-hn ~]$
     170}}}
     171
     172Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU2 Head node:
     173{{{
     174[lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd ping hello
     175Got reply:
     176PONG(fvadmin): FV version=flowvisor-0.8.1::hello
     177[lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listDevices
     178Device 0: 00:01:18:e7:28:07:bf:c0
     179[lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getDeviceInfo 00:01:18:e7:28:07:bf:c0
     180nPorts=5
     181portList=32,35,44,33,34
     182dpid=00:01:18:e7:28:07:bf:c0
     183remote=/192.168.107.20:6633-->/192.168.107.4:13369
     184portNames=Eth1/32(32),Eth1/35(35),Eth1/44(44),Eth1/33(33),Eth1/34(34)
     185[lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listSlices
     186Slice 0: fvadmin
     187Slice 1: orca-141
     188Slice 2: orca-142
     189Slice 3: orca-140
     190Slice 4: orca-143
     191Slice 5: orca-136
     192Slice 6: orca-137
     193Slice 7: orca-138
     194Slice 8: orca-128
     195Slice 9: orca-139
     196Slice 10: orca-158
     197Slice 11: orca-129
     198Slice 12: orca-159
     199Slice 13: orca-154
     200Slice 14: orca-155
     201Slice 15: orca-130
     202Slice 16: orca-156
     203Slice 17: orca-131
     204Slice 18: orca-157
     205Slice 19: orca-132
     206Slice 20: orca-133
     207Slice 21: orca-134
     208Slice 22: orca-152
     209Slice 23: orca-135
     210Slice 24: orca-153
     211[lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getSliceInfo orca-153
     212Got reply:
     213connection_1=00:01:18:e7:28:07:bf:c0-->/152.48.13.190:24503-->ncsu2-hn.exogeni.net/152.48.13.190:54423
     214contact_email=exogeni-ops@renci.org
     215controller_hostname=ncsu2-hn.exogeni.net
     216controller_port=54423
     217creator=fvadmin
     218[lnevers@ncsu2-hn ~]$
     219}}}
     220
     221= NCSU Administrative Access =
     222
     223With requested account accessed rack head node and verified root access and group membership:
     224{{{
     225LNM:~$ ssh ncsu-hn.exogeni.net
     226
     227
     228
     229sudo whoami
     230
     231id
     232
     233}}}
     234
     235From head node verified login and administrative access to each of the worker nodes that supply VMs.
     236{{{
     237for i in 1 2 3 4 5 6 7 8; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
     238}}}
     239
     240For each worker node execute the following:
     241{{{
     242for i in 9 10; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
     243}}}
     244
     245Connect to the management switch:
     246{{{
     247[lnevers@ncsu-hn ~]$ ssh ncsu-8052.ncsu.xo
     248
     249>ena
     250
     251show interface status
     252show version
     253show vlan
     254}}}
     255
     256}}}
     257
     258Connect to the !OpenFlow switch:
     259{{{
     260 ssh lnevers@ncsu-8264.ncsu.xo
     261
     262>ena
     263
     264show interface status
     265show version brief
     266show vlan
     267}}}
     268
     269Verify FOAM and !FlowVisor configuration files ownership and paths:
     270{{{
     271[lnevers@ncsu-hn ~]$  ls -l /etc/foam.passwd  /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd
     272}}}
     273
     274Check FOAM version and FOAM configuration for site.admin.email, geni.site-tag, email.from settings on the NCSU head node:
    80275{{{
    81276}}}
     
    91286}}}
    92287
    93 Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU2 Head node:
     288Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU Head node:
    94289{{{
    95290/opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd ping hello
     
    100295
    101296}}}
    102 
    103 = NCSU Administrative Access =
    104 
    105 Administrator accounts on an ExoGENI and Cisco racks are documented at https://wiki.exogeni.net/doku.php?id=public:operators:start,  with https://wiki.exogeni.net/doku.php?id=public:operators:start#authentication_authorization proving insight into accounts creation and usage.
    106 
    107 With requested account accessed rack head node and verified root access and group membership:
    108 {{{
    109 LNM:~$ ssh ncsu-hn.exogeni.net
    110 
    111 
    112 
    113 sudo whoami
    114 
    115 id
    116 
    117 }}}
    118 
    119 From head node verified login and administrative access to each of the worker nodes that supply VMs.
    120 {{{
    121 for i in 1 2 3 4 5 6 7 8; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
    122 }}}
    123 
    124 For each worker node execute the following:
    125 {{{
    126 for i in 9 10; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done
    127 }}}
    128 
    129 Connect to the management switch:
    130 {{{
    131 [lnevers@ncsu-hn ~]$ ssh ncsu-8052.ncsu.xo
    132 
    133 >ena
    134 
    135 show interface status
    136 show version
    137 show vlan
    138 }}}
    139 
    140 }}}
    141 
    142 Connect to the !OpenFlow switch:
    143 {{{
    144  ssh lnevers@ncsu-8264.ncsu.xo
    145 
    146 >ena
    147 
    148 show interface status
    149 show version brief
    150 show vlan
    151 }}}
    152 
    153 Verify FOAM and !FlowVisor configuration files ownership and paths:
    154 {{{
    155 [lnevers@ncsu-hn ~]$  ls -l /etc/foam.passwd  /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd
    156 }}}
    157 
    158 Check FOAM version and FOAM configuration for site.admin.email, geni.site-tag, email.from settings on the NCSU head node:
    159 {{{
    160 }}}
    161 foamctl admin:get-version  --passwd-file=/etc/foam.passwd
    162 foamctl config:get-value --key="site.admin.email"  --passwd-file=/opt/foam/etc/foampasswd
    163 foamctl config:get-value --key="geni.site-tag"  --passwd-file=/opt/foam/etc/foampasswd
    164 foamctl config:get-value --key="email.from"  --passwd-file=/opt/foam/etc/foampasswd
    165 foamctl config:get-value --key="geni.approval.approve-on-creation"  --passwd-file=/opt/foam/etc/foampasswd
    166 Show FOAM slivers details:
    167 {{{
    168 foamctl geni:list-slivers --passwd-file=/opt/foam/etc/foampasswd
    169 
    170 }}}
    171 
    172 Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU Head node:
    173 {{{
    174 /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd ping hello
    175 /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listDevices
    176 /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getDeviceInfo
    177 /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listSlices
    178 /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getSliceInfo  urn
    179 
    180 }}}