wiki:GENIRacksHome/ExogeniRacks/AcceptanceTestStatus/EG-MON-1

Version 6 (modified by chaos@bbn.com, 7 years ago) (diff)

exoticket:10 is no longer a blocker

Detailed test plan for EG-MON-1: Control Network Software and VLAN Inspection Test

This page is GPO's working page for performing EG-MON-1. It is public for informational purposes, but it is not an official status report. See GENIRacksHome/ExogeniRacks/AcceptanceTestStatus for the current status of ExoGENI acceptance tests.

Last substantive edit of this page: 2012-05-08

Page format

  • The status chart summarizes the state of this test
  • The high-level description from test plan contains text copied exactly from the public test plan and acceptance criteria pages.
  • The steps contain things i will actually do/verify:
    • Steps may be composed of related substeps where i find this useful for clarity
    • Each step is either a preparatory step (identified by "(prep)") or a verification step (the default):
      • Preparatory steps are just things we have to do. They're not tests of the rack, but are prerequisites for subsequent verification steps
      • Verification steps are steps in which we will actually look at rack output and make sure it is as expected. They contain a Using: block, which lists the steps to run the verification, and an Expect: block which lists what outcome is expected for the test to pass.

Status of test

Meaning of states:

  • Color(green,Pass)?: Step is completed and passed (for a verification step), or is completed (for a prep step)
  • Color(red,Fail)?: Step is completed and failed, and is not being revisited
  • in progress: We are currently testing or iterating on this step
  • Color(orange,Blocked)?: Step is blocked by some other step or activity
Step State Date completed Tickets Comments
1 ready to test
2 ready to test
3 exoticket:10 ready to test
4 exoticket:10 ready to test

High-level description from test plan

This test inspects the state of the rack control network, infrastructure nodes, and system software.

Procedure

  • A site administrator enumerates processes on each of the head node and an OpenStack worker node which listen for network connections from other nodes, identifies what version of what software package is in use for each, and verifies that we know the source of each piece of software and could get access to its source code.
  • A site administrator reviews the configuration of the rack management switch and verifies that each worker node's control interfaces are on the expected VLANs for that worker node's function (OpenStack or bare metal).
  • A site administrator reviews the MAC address table on the management switch, and verifies that all entries are identifiable and expected.

Criteria to verify as part of this test

  • VI.09. A public document explains how to identify the software versions and system file configurations running on the rack, and how to get information about recent changes to the rack software and configuration. (F.5)
  • VI.11. A public document describes the GENI software running on the rack, and explains how to get access to the source code of each piece of GENI software. (F.6)
  • VII.03. Site administrators can understand the expected control and dataplane network behavior of their rack. (F.2)
  • VII.04. Site administrators can view and investigate current system and network activity on their rack. (F.2)
  • VII.06. A site administrator can verify the control software and configurations on the rack at some point in time. (F.5)
  • VII.08. A site administrator can get access to source code for the version of each piece of GENI code installed on their site rack at some point in time. (F.6)
  • VII.09. A site administrator can determine the MAC addresses of all physical host interfaces, all network device interfaces, all active experimental VMs, and all recently-terminated experimental VMs. (C.3.f)
  • VII.10. A site administrator can locate current and recent CPU and memory utilization for each rack network device, and can find recent changes or errors in a log. (D.6.a)
  • VII.12. For each infrastructure and experimental host, a site administrator can locate current and recent uptime, CPU, disk, and memory utilization, interface traffic counters, process counts, and active user counts. (D.6.b)
  • VII.13. A site administrator can locate recent syslogs for all infrastructure and experimental hosts. (D.6.b)

Step 1: identify network-listening software on the head node

Using:

  • Using netstat, enumerate processes on bbn-hn which listen for network connections from outside the node
  • For each process found:
    • Use the command-line or /proc to determine what executable file is running
    • Use RPM tools to determine whether the executable file is part of an RPM
    • Otherwise, use documentation or iterate with the ExoGENI team to determine the origin of the software
  • For each RPM found, identify a location from which a source RPM for that package can be obtained
  • For each non-RPM software source found, identify a location from which the source code for that version can be obtained.

Verify:

  • The source of each network-listening file can be identified
  • RPM source packages can be found for each RPM-sourced package
  • The source code and identifiable version (e.g. a git tag) can be found for each non-RPM software source

Step 2: identify network-listening software on an OpenStack worker node

Using:

  • Using netstat, enumerate processes on bbn-w1 which listen for network connections from outside the node
  • For each process found:
    • Use the command-line or /proc to determine what executable file is running
    • Use RPM tools to determine whether the executable file is part of an RPM
    • Otherwise, use documentation or iterate with the ExoGENI team to determine the origin of the software
  • For each RPM found, identify a location from which a source RPM for that package can be obtained
  • For each non-RPM software source found, identify a location from which the source code for that version can be obtained.

Verify:

  • The source of each network-listening file can be identified
  • RPM source packages can be found for each RPM-sourced package
  • The source code and identifiable version (e.g. a git tag) can be found for each non-RPM software source

Step 3: verify VLANs on the rack management switch

Using:

  • Establish a privileged login to the 8052 (management) switch
  • Obtain the list of all VLAN mappings for all interfaces
  • Determine which interfaces connect to worker nodes
  • Create a listing of worker node control interfaces to VLANs by interface type

Verify:

  • All worker node IMM interfaces are access ports on VLAN 1006
  • All worker node iSCSI interfaces are access ports on VLAN 1009
  • Control interfaces for all workers in OpenStack mode are access ports on VLAN 1007
  • Control interfaces for all workers in bare metal mode are access ports on VLAN 1008

Step 4: verify MAC addresses on the rack management switch

Using:

  • Establish a privileged login to the 8052 (management) switch
  • Obtain a list of the full MAC address table of the switch
  • Use interface listings on hosts and devices to determine the identities of all MAC addresses

Verify:

  • It is possible to identify and classify every MAC address visible on the switch