[[PageOutline]] = CG-ADM-1 Administrative Tests = This test validates administrative access for NCSU2 and NCSU Cisco racks. Cisco GENI Racks Administrator accounts can be obtained as described at the [https://wiki.exogeni.net/doku.php?id=public:operators:start ExoGENI Rack Operators] page where accounts creation and usage is documented. == Test Status == This section captures the status for each step in the acceptance test plan. || '''Test''' ||'''State''' || ''' !Tickets/Comments''' || ||NCSU2 Administrative Access || || || ||NCSU Administrative Access || || || [[BR]] || '''State Legend''' || '''Description''' || || [[Color(green,Pass)]] || Test completed and met all criteria || || [[Color(#98FB98,Pass: most criteria)]] || Test completed and met most criteria. Exceptions documented || || [[Color(red,Fail)]] || Test completed and failed to meet criteria. || || [[Color(yellow,Complete)]] || Test completed but will require re-execution due to expected changes || || [[Color(orange,Blocked)]] || Blocked by ticketed issue(s). || || [[Color(#63B8FF,In Progress)]] || Currently under test. || [[BR]] = NCSU2 Administrative Access = With requested account accessed rack head node and verified root access and group membership: {{{ LNM:~$ ssh ncsu2-hn.exogeni.net The authenticity of host 'ncsu2-hn.exogeni.net (152.48.13.190)' can't be established. RSA key fingerprint is 73:17:05:21:29:42:71:05:52:e5:fd:16:a1:07:78:be. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'ncsu2-hn.exogeni.net,152.48.13.190' (RSA) to the list of known hosts. lnevers@ncsu2-hn.exogeni.net's password: Creating home directory for lnevers. |-----------------------------------------------------------------| | ____ ____ ____ ____ ____ ____ ____ | | ||E |||x |||o |||G |||E |||N |||I || | | ||__|||__|||__|||__|||__|||__|||__|| | | |/__\|/__\|/__\|/__\|/__\|/__\|/__\| | | | |-----------------------------------------------------------------| [lnevers@ncsu2-hn ~]$ sudo whoami We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for lnevers: root [lnevers@ncsu2-hn ~]$ id uid=2107(lnevers) gid=2000(nonrenci) groups=2000(nonrenci),2502(ncsuadmins),2508(osfadmins),2509(ucdadmins),2510(sladmins),2512(ncsu2admins),2513(tamuadmins),9510(bbnadmins) [lnevers@ncsu2-hn ~]$ }}} From head node verified login and administrative access to each of the worker nodes that supply VMs. {{{ [lnevers@ncsu2-hn ~]$ for i in 1 2 3 4 ; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done Executing on: ncsu2-w1 root Linux ncsu2-w1 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu2-w2 root Linux ncsu2-w2 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu2-w3 root Linux ncsu2-w3 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux Executing on: ncsu2-w4 root Linux ncsu2-w4 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux [lnevers@ncsu2-hn ~]$ }}} For each worker node execute the following: {{{ for i in X Y; do sudo ssh root@ncsu2-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done }}} ''' Note: No Bare Metal Nodes ''' Connect to the management switch: {{{ [lnevers@ncsu2-hn ~]$ ssh ncsu-8052.ncsu.xo >ena show interface status show version show vlan }}} Connect to the !OpenFlow switch: {{{ ssh lnevers@ncsu2-8264.ncsu.xo >ena show interface status show version brief show vlan }}} Verify FOAM and !FlowVisor configuration files ownership and paths: {{{ [lnevers@ncsu2-hn ~]$ ls -l /etc/foam.passwd /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd lrwxrwxrwx 1 root flowvisor 21 Feb 10 2014 /etc/flowvisor/fvpasswd -> /etc/flowvisor.passwd -r--r----- 1 flowvisor ncsu2admins 25 Feb 9 2014 /etc/flowvisor.passwd -r--r----- 1 root ncsu2admins 25 Feb 9 2014 /etc/foam.passwd lrwxrwxrwx 1 root root 16 Feb 10 2014 /opt/foam/etc/foampasswd -> /etc/foam.passwd [lnevers@ncsu2-hn ~]$ }}} Check FOAM version and FOAM configuration for site.admin.email, geni.site-tag, email.from settings on the NCSU2 head node: {{{ [lnevers@ncsu2-hn ~]$ foamctl admin:get-version --passwd-file=/etc/foam.passwd { "version": "0.14.0" } [lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="site.admin.email" --passwd-file=/opt/foam/etc/foampasswd { "value": "foam-admin@gpolab.bbn.com" } [lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="geni.site-tag" --passwd-file=/opt/foam/etc/foampasswd { "value": "ncsu2-hn.exogeni.net" } [lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="email.from" --passwd-file=/opt/foam/etc/foampasswd { "value": null } [lnevers@ncsu2-hn ~]$ foamctl config:get-value --key="geni.approval.approve-on-creation" --passwd-file=/opt/foam/etc/foampasswd { "value": 0 } [lnevers@ncsu2-hn ~]$ }}} Show FOAM slivers details: {{{ [lnevers@ncsu2-hn ~]$ foamctl geni:list-slivers --passwd-file=/opt/foam/etc/foampasswd { "slivers": [ { "status": "pending", "flowvisor_slice": "dd2e77e8-02d0-45b8-8053-32c65960a88c", "slice_urn": "urn:publicid:IDN+ch.geni.net:ln-test+slice+IG-CT-4", "pend_reason": [], "deleted": "False", "user": "urn:publicid:IDN+ch.geni.net+user+lnevers", "creation": "2014-12-04 19:42:24.569232+00:00", "enabled": false, "uuid": "dd2e77e8-02d0-45b8-8053-32c65960a88c", "id": 3, "expiration": "2014-12-10 00:00:00+00:00", "sliver_urn": "urn:publicid:IDN+ch.geni.net:ln-test+slice+IG-CT-4:dd2e77e8-02d0-45b8-8053-32c65960a88c", "ref": null, "email": "lnevers@bbn.com", "desc": "IG-CT-4 over 3716 " } ] } [lnevers@ncsu2-hn ~]$ }}} Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU2 Head node: {{{ [lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd ping hello Got reply: PONG(fvadmin): FV version=flowvisor-0.8.1::hello [lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listDevices Device 0: 00:01:18:e7:28:07:bf:c0 [lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getDeviceInfo 00:01:18:e7:28:07:bf:c0 nPorts=5 portList=32,35,44,33,34 dpid=00:01:18:e7:28:07:bf:c0 remote=/192.168.107.20:6633-->/192.168.107.4:13369 portNames=Eth1/32(32),Eth1/35(35),Eth1/44(44),Eth1/33(33),Eth1/34(34) [lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listSlices Slice 0: fvadmin Slice 1: orca-141 Slice 2: orca-142 Slice 3: orca-140 Slice 4: orca-143 Slice 5: orca-136 Slice 6: orca-137 Slice 7: orca-138 Slice 8: orca-128 Slice 9: orca-139 Slice 10: orca-158 Slice 11: orca-129 Slice 12: orca-159 Slice 13: orca-154 Slice 14: orca-155 Slice 15: orca-130 Slice 16: orca-156 Slice 17: orca-131 Slice 18: orca-157 Slice 19: orca-132 Slice 20: orca-133 Slice 21: orca-134 Slice 22: orca-152 Slice 23: orca-135 Slice 24: orca-153 [lnevers@ncsu2-hn ~]$ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getSliceInfo orca-153 Got reply: connection_1=00:01:18:e7:28:07:bf:c0-->/152.48.13.190:24503-->ncsu2-hn.exogeni.net/152.48.13.190:54423 contact_email=exogeni-ops@renci.org controller_hostname=ncsu2-hn.exogeni.net controller_port=54423 creator=fvadmin [lnevers@ncsu2-hn ~]$ }}} = NCSU Administrative Access = With requested account accessed rack head node and verified root access and group membership: {{{ LNM:~$ ssh ncsu-hn.exogeni.net sudo whoami id }}} From head node verified login and administrative access to each of the worker nodes that supply VMs. {{{ for i in 1 2 3 4 5 6 7 8; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done }}} For each worker node execute the following: {{{ for i in 9 10; do sudo ssh root@ncsu-w$i "echo -n 'Executing on: ' ; hostname;whoami;uname -a"; done }}} Connect to the management switch: {{{ [lnevers@ncsu-hn ~]$ ssh ncsu-8052.ncsu.xo >ena show interface status show version show vlan }}} Connect to the !OpenFlow switch: {{{ ssh lnevers@ncsu-8264.ncsu.xo >ena show interface status show version brief show vlan }}} Verify FOAM and !FlowVisor configuration files ownership and paths: {{{ [lnevers@ncsu-hn ~]$ ls -l /etc/foam.passwd /etc/flowvisor.passwd /etc/flowvisor/fvpasswd /opt/foam/etc/foampasswd }}} Check FOAM version and FOAM configuration for site.admin.email, geni.site-tag, email.from settings on the NCSU head node: {{{ }}} foamctl admin:get-version --passwd-file=/etc/foam.passwd foamctl config:get-value --key="site.admin.email" --passwd-file=/opt/foam/etc/foampasswd foamctl config:get-value --key="geni.site-tag" --passwd-file=/opt/foam/etc/foampasswd foamctl config:get-value --key="email.from" --passwd-file=/opt/foam/etc/foampasswd foamctl config:get-value --key="geni.approval.approve-on-creation" --passwd-file=/opt/foam/etc/foampasswd Show FOAM slivers details: {{{ foamctl geni:list-slivers --passwd-file=/opt/foam/etc/foampasswd }}} Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices on the NCSU Head node: {{{ /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd ping hello /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listDevices /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getDeviceInfo /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd listSlices /opt/flowvisor/bin/fvctl --passwd-file=/etc/flowvisor/fvpasswd getSliceInfo urn }}}