| 61 | === Results of Step 1 from 2012-08-14 === |
| 62 | |
| 63 | On bbn-hn, in /opt/orca-12080/config/config.xml, I see |
| 64 | |
| 65 | {{{ |
| 66 | <topology> |
| 67 | <edges> |
| 68 | <edge> |
| 69 | <from name="bbn-broker" guid="2d6308a4-e38b-4210-9f4b-3319acd28e4e" type="broker"> |
| 70 | <location protocol="soapaxis2" url="http://bbn-hn.bbn.exogeni.net:13080/orca/services/bbn-broker"/> |
| 71 | <certificate> |
| 72 | MIICbTCCAdagAwIBAgIET0+04zANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJVUzELMAkGA1UE |
| 73 | CBMCTkMxDzANBgNVBAcTBkR1cmhhbTENMAsGA1UEChMEb3JjYTEQMA4GA1UECxMHc2hpcmFrbzEt |
| 74 | MCsGA1UEAxMkMmQ2MzA4YTQtZTM4Yi00MjEwLTlmNGItMzMxOWFjZDI4ZTRlMB4XDTEyMDMwMTE3 |
| 75 | NDE1NVoXDTIyMDIyNzE3NDE1NVowezELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMQ8wDQYDVQQH |
| 76 | EwZEdXJoYW0xDTALBgNVBAoTBG9yY2ExEDAOBgNVBAsTB3NoaXJha28xLTArBgNVBAMTJDJkNjMw |
| 77 | OGE0LWUzOGItNDIxMC05ZjRiLTMzMTlhY2QyOGU0ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC |
| 78 | gYEA0LqNHOAo51mJbWHQaozNPZ3+rbwommOcP0aSe0dEOlF4YtdOy6CewxiipDpMrcbia/Ur3wfn |
| 79 | s83Tm/+5tgGNyn9jmhGfmCGKr6PVieF0/F3jGsGN3wDX6C2bOG/B99pDbtyWM6EJR5wxVLVYsuji |
| 80 | kkzA2I5P6Ri/G/edh1yaex0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAGmuajmFFnd577IX/rvit4 |
| 81 | vL+HlM2Yybf22bkEqlzG0uFtaXFJRUto9xOcSPm+Y3xijkf2B/X4Q+N73CFTxBEJkSh6s89SPUab |
| 82 | nLHlwi3NXDPNd5t3WR4L0KzWgFndObXbxP0ZQFS7bI5O/F8k6iBNVa5PfEvkTVekpJvYA9WJTg== |
| 83 | </certificate> |
| 84 | </from> |
| 85 | <to name="bbn-vm-am" guid="8e9f5bd9-6bd4-495b-9293-92a982e8ecf0" type="site" /> |
| 86 | <rset> |
| 87 | <type>bbnvmsite.vm</type> |
| 88 | <units>48</units> |
| 89 | <start>2010-01-30T00:00:00</start> |
| 90 | <end>2031-01-30T00:00:00</end> |
| 91 | </rset> |
| 92 | <!-- |
| 93 | <rset> |
| 94 | <type>bbnvmsite.baremetalce</type> |
| 95 | <units>1</units> |
| 96 | <start>2010-01-30T00:00:00</start> |
| 97 | <end>2031-01-30T00:00:00</end> |
| 98 | </rset> |
| 99 | --> |
| 100 | <rset> |
| 101 | <type>bbnvmsite.vlan</type> |
| 102 | <units>500</units> |
| 103 | <start>2010-01-30T00:00:00</start> |
| 104 | <end>2031-01-30T00:00:00</end> |
| 105 | </rset> |
| 106 | </edge> |
| 107 | <edge> |
| 108 | <from name="ndl-broker" guid="25bc9111-9b41-46ab-a96b-3c87f574cfde" type="broker"> |
| 109 | <location protocol="soapaxis2" url="http://geni-net.renci.org:11080/orca/services/ndl-broker"/> |
| 110 | <certificate> |
| 111 | MIICbTCCAdagAwIBAgIETDtgYzANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJVUzELMAkGA1UE |
| 112 | CBMCTkMxDzANBgNVBAcTBkR1cmhhbTENMAsGA1UEChMEb3JjYTEQMA4GA1UECxMHc2hpcmFrbzEt |
| 113 | MCsGA1UEAxMkMjViYzkxMTEtOWI0MS00NmFiLWE5NmItM2M4N2Y1NzRjZmRlMB4XDTEwMDcxMjE4 |
| 114 | MzUxNVoXDTIwMDcwOTE4MzUxNVowezELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMQ8wDQYDVQQH |
| 115 | EwZEdXJoYW0xDTALBgNVBAoTBG9yY2ExEDAOBgNVBAsTB3NoaXJha28xLTArBgNVBAMTJDI1YmM5 |
| 116 | MTExLTliNDEtNDZhYi1hOTZiLTNjODdmNTc0Y2ZkZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC |
| 117 | gYEAqcyS60d5t9c3eEud529hYmD/0BrIHGkEevwAtqBb7FFD1X98SB1G8y7gzxplt0xr2Hm72Et+ |
| 118 | 01qB7YgT6XQHWfJQQW7RUZEnrDbGsS0v6bffY291eeDVd0ZCH1ogzPDlyMqdhSGKsstqZd0CYc2E |
| 119 | zRFNngOIytBu1m59Jr6/FqsCAwEAATANBgkqhkiG9w0BAQUFAAOBgQCpFKta+1JitcfPbti3x3Tj |
| 120 | WqqINj2f/MzwTVZbxV1eW6gLrwc3FRTX8RgAfqn2sl9Igxfzb+GbQbhY2j5iyBsEV90eKjQQitgv |
| 121 | KUA1IpJqVMYiGSohX2jL+uXEK7bujv9eRyNG82Rp+ouWCrDKo7kOVLh/iSD1s8Mrk03/wd3qfw== |
| 122 | </certificate> |
| 123 | </from> |
| 124 | <to name="bbn-vm-am" guid="8e9f5bd9-6bd4-495b-9293-92a982e8ecf0" type="site" /> |
| 125 | <rset> |
| 126 | <type>bbnvmsite.vm</type> |
| 127 | <units>48</units> |
| 128 | <start>2010-01-30T00:00:00</start> |
| 129 | <end>2031-01-30T00:00:00</end> |
| 130 | </rset> |
| 131 | <rset> |
| 132 | <type>bbnvmsite.baremetalce</type> |
| 133 | <units>2</units> |
| 134 | <start>2010-01-30T00:00:00</start> |
| 135 | <end>2031-01-30T00:00:00</end> |
| 136 | </rset> |
| 137 | <rset> |
| 138 | <type>bbnvmsite.vlan</type> |
| 139 | <units>500</units> |
| 140 | <start>2010-01-30T00:00:00</start> |
| 141 | <end>2031-01-30T00:00:00</end> |
| 142 | </rset> |
| 143 | </edge> |
| 144 | <edge> |
| 145 | <from name="ndl-broker" guid="25bc9111-9b41-46ab-a96b-3c87f574cfde" type="broker"> |
| 146 | <location protocol="soapaxis2" url="http://geni-net.renci.org:11080/orca/services/ndl-broker"/> |
| 147 | <certificate> |
| 148 | MIICbTCCAdagAwIBAgIETDtgYzANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJVUzELMAkGA1UE |
| 149 | CBMCTkMxDzANBgNVBAcTBkR1cmhhbTENMAsGA1UEChMEb3JjYTEQMA4GA1UECxMHc2hpcmFrbzEt |
| 150 | MCsGA1UEAxMkMjViYzkxMTEtOWI0MS00NmFiLWE5NmItM2M4N2Y1NzRjZmRlMB4XDTEwMDcxMjE4 |
| 151 | MzUxNVoXDTIwMDcwOTE4MzUxNVowezELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMQ8wDQYDVQQH |
| 152 | EwZEdXJoYW0xDTALBgNVBAoTBG9yY2ExEDAOBgNVBAsTB3NoaXJha28xLTArBgNVBAMTJDI1YmM5 |
| 153 | MTExLTliNDEtNDZhYi1hOTZiLTNjODdmNTc0Y2ZkZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC |
| 154 | gYEAqcyS60d5t9c3eEud529hYmD/0BrIHGkEevwAtqBb7FFD1X98SB1G8y7gzxplt0xr2Hm72Et+ |
| 155 | 01qB7YgT6XQHWfJQQW7RUZEnrDbGsS0v6bffY291eeDVd0ZCH1ogzPDlyMqdhSGKsstqZd0CYc2E |
| 156 | zRFNngOIytBu1m59Jr6/FqsCAwEAATANBgkqhkiG9w0BAQUFAAOBgQCpFKta+1JitcfPbti3x3Tj |
| 157 | WqqINj2f/MzwTVZbxV1eW6gLrwc3FRTX8RgAfqn2sl9Igxfzb+GbQbhY2j5iyBsEV90eKjQQitgv |
| 158 | KUA1IpJqVMYiGSohX2jL+uXEK7bujv9eRyNG82Rp+ouWCrDKo7kOVLh/iSD1s8Mrk03/wd3qfw== |
| 159 | </certificate> |
| 160 | </from> |
| 161 | <to name="bbn-net-am" guid="ca369912-0b78-4cc0-a52a-89b9eff03cf2" type="site" /> |
| 162 | <rset> |
| 163 | <type>bbnNet.vlan</type> |
| 164 | <units>10</units> |
| 165 | <start>2010-01-30T00:00:00</start> |
| 166 | <end>2031-01-30T00:00:00</end> |
| 167 | </rset> |
| 168 | </edge> |
| 169 | </edges> |
| 170 | </topology> |
| 171 | }}} |
| 172 | |
| 173 | That indicates that 48 VMs are allocated to bbn-broker, and 48 VMs are allocated to ndl-broker. |
| 174 | |
| 228 | === Results of Step 3 from 2012-08-14 === |
| 229 | |
| 230 | For the first, see Step 1 for the full topology element from /opt/orca-12080/config/config.xml. In that topology, I see |
| 231 | |
| 232 | {{{ |
| 233 | <rset> |
| 234 | <type>bbnvmsite.vlan</type> |
| 235 | <units>500</units> |
| 236 | <start>2010-01-30T00:00:00</start> |
| 237 | <end>2031-01-30T00:00:00</end> |
| 238 | </rset> |
| 239 | }}} |
| 240 | |
| 241 | in the bbn-broker section, and |
| 242 | |
| 243 | {{{ |
| 244 | <rset> |
| 245 | <type>bbnvmsite.vlan</type> |
| 246 | <units>500</units> |
| 247 | <start>2010-01-30T00:00:00</start> |
| 248 | <end>2031-01-30T00:00:00</end> |
| 249 | </rset> |
| 250 | }}} |
| 251 | |
| 252 | in the ndl-broker section. |
| 253 | |
| 254 | That indicates that 500 VLANs are allocated to bbn-broker, and 500 VLANs are allocated to ndl-broker. |
| 255 | |
| 256 | For the second, in /opt/orca-12080/ndl/bbnvmsite.rdf, I see |
| 257 | |
| 258 | {{{ |
| 259 | <layer:LabelSet rdf:about="#Bbn/ExoGeni/staticVLANSet"> |
| 260 | <collections:size rdf:datatype="&xsd;int">1</collections:size> |
| 261 | <domain:isAllocatable rdf:datatype="&xsd;boolean">false</domain:isAllocatable> |
| 262 | <collections:element rdf:resource="#Bbn/ExoGeni/VLANLabel/1750"/> |
| 263 | <domain:hasResourceType rdf:resource="&domain;VLAN"/> |
| 264 | </layer:LabelSet> |
| 265 | }}} |
| 266 | |
| 267 | which indicates that VLAN 1750 is the only bound VLAN. |
| 268 | |
99 | | I verified that the rack FOAM instance trusts the pgeni.gpolab.bbn.com SA in two ways. |
100 | | |
101 | | On bbn-hn: |
| 285 | For the first, on bbn-hn: |
| 286 | |
| 287 | {{{ |
| 288 | [17:37:14] jbs@bbn-hn:/home/jbs |
| 289 | +$ keytool -v -list -keystore /opt/orca-11080/config/geni-trusted.jks |
| 290 | Enter keystore password: |
| 291 | |
| 292 | ***************** WARNING WARNING WARNING ***************** |
| 293 | * The integrity of the information stored in your keystore * |
| 294 | * has NOT been verified! In order to verify its integrity, * |
| 295 | * you must provide your keystore password. * |
| 296 | ***************** WARNING WARNING WARNING ***************** |
| 297 | |
| 298 | Keystore type: JKS |
| 299 | Keystore provider: SUN |
| 300 | |
| 301 | Your keystore contains 3 entries |
| 302 | |
| 303 | Alias name: ben-ca |
| 304 | Creation date: Nov 29, 2011 |
| 305 | Entry type: trustedCertEntry |
| 306 | |
| 307 | Owner: EMAILADDRESS=ben-ops@renci.org, O=BEN@RENCI, L=Chapel Hill, ST=NC, C=US |
| 308 | Issuer: EMAILADDRESS=ben-ops@renci.org, O=BEN@RENCI, L=Chapel Hill, ST=NC, C=US |
| 309 | Serial number: 88753bc67f92f627 |
| 310 | Valid from: Fri Aug 29 14:27:45 EDT 2008 until: Mon Aug 27 14:27:45 EDT 2018 |
| 311 | Certificate fingerprints: |
| 312 | MD5: 6A:5B:EA:64:D7:40:BF:C1:AC:F0:D0:34:A6:54:00:C5 |
| 313 | SHA1: 94:63:C3:04:4F:48:00:B7:35:34:35:32:C3:03:E5:B7:2E:3A:44:B1 |
| 314 | Signature algorithm name: SHA1withRSA |
| 315 | Version: 3 |
| 316 | |
| 317 | Extensions: |
| 318 | |
| 319 | #1: ObjectId: 2.5.29.14 Criticality=false |
| 320 | SubjectKeyIdentifier [ |
| 321 | KeyIdentifier [ |
| 322 | 0000: D8 9C 85 3A 11 47 9B CF 41 2E 59 B3 8B 54 37 F0 ...:.G..A.Y..T7. |
| 323 | 0010: B9 D7 1E 42 ...B |
| 324 | ] |
| 325 | ] |
| 326 | |
| 327 | #2: ObjectId: 2.5.29.19 Criticality=false |
| 328 | BasicConstraints:[ |
| 329 | CA:true |
| 330 | PathLen:2147483647 |
| 331 | ] |
| 332 | |
| 333 | #3: ObjectId: 2.5.29.35 Criticality=false |
| 334 | AuthorityKeyIdentifier [ |
| 335 | KeyIdentifier [ |
| 336 | 0000: D8 9C 85 3A 11 47 9B CF 41 2E 59 B3 8B 54 37 F0 ...:.G..A.Y..T7. |
| 337 | 0010: B9 D7 1E 42 ...B |
| 338 | ] |
| 339 | |
| 340 | [EMAILADDRESS=ben-ops@renci.org, O=BEN@RENCI, L=Chapel Hill, ST=NC, C=US] |
| 341 | SerialNumber: [ 88753bc6 7f92f627] |
| 342 | ] |
| 343 | |
| 344 | |
| 345 | |
| 346 | ******************************************* |
| 347 | ******************************************* |
| 348 | |
| 349 | |
| 350 | Alias name: gpo-ca |
| 351 | Creation date: Nov 28, 2011 |
| 352 | Entry type: trustedCertEntry |
| 353 | |
| 354 | Owner: EMAILADDRESS=testbed-ops@ops.pgeni.gpolab.bbn.com, CN=boss.pgeni.gpolab.bbn.com, OU=Certificate Authority, O=GENI Project Office, L=Cambridge, ST=Massachusetts, C=US |
| 355 | Issuer: EMAILADDRESS=testbed-ops@ops.pgeni.gpolab.bbn.com, CN=boss.pgeni.gpolab.bbn.com, OU=Certificate Authority, O=GENI Project Office, L=Cambridge, ST=Massachusetts, C=US |
| 356 | Serial number: fcedda89e11abaaf |
| 357 | Valid from: Fri May 28 12:07:58 EDT 2010 until: Wed Nov 18 11:07:58 EST 2015 |
| 358 | Certificate fingerprints: |
| 359 | MD5: 0D:A1:E0:43:F9:C9:5A:06:39:A4:27:33:02:A6:CD:D1 |
| 360 | SHA1: 2D:78:00:D0:1F:A0:7F:14:96:FA:57:DA:11:C6:E5:CC:F1:42:C2:BD |
| 361 | Signature algorithm name: MD5withRSA |
| 362 | Version: 3 |
| 363 | |
| 364 | Extensions: |
| 365 | |
| 366 | #1: ObjectId: 2.5.29.14 Criticality=false |
| 367 | SubjectKeyIdentifier [ |
| 368 | KeyIdentifier [ |
| 369 | 0000: 98 57 01 01 AE BF D9 9C 8D D2 F0 04 06 D9 2A E8 .W............*. |
| 370 | 0010: 06 CB B0 F9 .... |
| 371 | ] |
| 372 | ] |
| 373 | |
| 374 | #2: ObjectId: 2.5.29.19 Criticality=false |
| 375 | BasicConstraints:[ |
| 376 | CA:true |
| 377 | PathLen:2147483647 |
| 378 | ] |
| 379 | |
| 380 | #3: ObjectId: 2.5.29.35 Criticality=false |
| 381 | AuthorityKeyIdentifier [ |
| 382 | KeyIdentifier [ |
| 383 | 0000: 98 57 01 01 AE BF D9 9C 8D D2 F0 04 06 D9 2A E8 .W............*. |
| 384 | 0010: 06 CB B0 F9 .... |
| 385 | ] |
| 386 | |
| 387 | [EMAILADDRESS=testbed-ops@ops.pgeni.gpolab.bbn.com, CN=boss.pgeni.gpolab.bbn.com, OU=Certificate Authority, O=GENI Project Office, L=Cambridge, ST=Massachusetts, C=US] |
| 388 | SerialNumber: [ fcedda89 e11abaaf] |
| 389 | ] |
| 390 | |
| 391 | #4: ObjectId: 2.5.29.18 Criticality=false |
| 392 | IssuerAlternativeName [ |
| 393 | URIName: urn:publicid:IDN+pgeni.gpolab.bbn.com+authority+root |
| 394 | ] |
| 395 | |
| 396 | #5: ObjectId: 2.5.29.17 Criticality=false |
| 397 | SubjectAlternativeName [ |
| 398 | URIName: urn:publicid:IDN+pgeni.gpolab.bbn.com+authority+root |
| 399 | ] |
| 400 | |
| 401 | |
| 402 | |
| 403 | ******************************************* |
| 404 | ******************************************* |
| 405 | |
| 406 | |
| 407 | Alias name: utah-emulab |
| 408 | Creation date: Nov 29, 2011 |
| 409 | Entry type: trustedCertEntry |
| 410 | |
| 411 | Owner: EMAILADDRESS=testbed-ops@flux.utah.edu, CN=boss.emulab.net, OU=Certificate Authority, O=Utah Network Testbed, L=Salt Lake City, ST=Utah, C=US |
| 412 | Issuer: EMAILADDRESS=testbed-ops@flux.utah.edu, CN=boss.emulab.net, OU=Certificate Authority, O=Utah Network Testbed, L=Salt Lake City, ST=Utah, C=US |
| 413 | Serial number: 0 |
| 414 | Valid from: Wed Dec 02 13:47:47 EST 2009 until: Mon May 25 14:47:47 EDT 2015 |
| 415 | Certificate fingerprints: |
| 416 | MD5: AC:CD:F6:5E:90:E6:7F:4D:BA:A2:75:CE:21:C6:09:99 |
| 417 | SHA1: 23:44:33:D5:30:5F:4B:6C:53:75:8D:B0:A5:4D:46:72:FB:F6:8A:70 |
| 418 | Signature algorithm name: MD5withRSA |
| 419 | Version: 3 |
| 420 | |
| 421 | Extensions: |
| 422 | |
| 423 | #1: ObjectId: 2.5.29.14 Criticality=false |
| 424 | SubjectKeyIdentifier [ |
| 425 | KeyIdentifier [ |
| 426 | 0000: E1 FD 98 33 CE 37 B3 7D F0 D3 75 31 DF A7 D8 31 ...3.7....u1...1 |
| 427 | 0010: A0 F6 98 20 ... |
| 428 | ] |
| 429 | ] |
| 430 | |
| 431 | #2: ObjectId: 2.5.29.19 Criticality=false |
| 432 | BasicConstraints:[ |
| 433 | CA:true |
| 434 | PathLen:2147483647 |
| 435 | ] |
| 436 | |
| 437 | #3: ObjectId: 2.5.29.35 Criticality=false |
| 438 | AuthorityKeyIdentifier [ |
| 439 | KeyIdentifier [ |
| 440 | 0000: E1 FD 98 33 CE 37 B3 7D F0 D3 75 31 DF A7 D8 31 ...3.7....u1...1 |
| 441 | 0010: A0 F6 98 20 ... |
| 442 | ] |
| 443 | |
| 444 | [EMAILADDRESS=testbed-ops@flux.utah.edu, CN=boss.emulab.net, OU=Certificate Authority, O=Utah Network Testbed, L=Salt Lake City, ST=Utah, C=US] |
| 445 | SerialNumber: [ 00] |
| 446 | ] |
| 447 | |
| 448 | #4: ObjectId: 2.5.29.18 Criticality=false |
| 449 | IssuerAlternativeName [ |
| 450 | URIName: urn:publicid:IDN+emulab.net+authority+root |
| 451 | ] |
| 452 | |
| 453 | #5: ObjectId: 2.5.29.17 Criticality=false |
| 454 | SubjectAlternativeName [ |
| 455 | URIName: urn:publicid:IDN+emulab.net+authority+root |
| 456 | ] |
| 457 | |
| 458 | |
| 459 | |
| 460 | ******************************************* |
| 461 | ******************************************* |
| 462 | }}} |
| 463 | |
| 464 | That indicates that ben-ca, gpo-ca, and utah-emulab are trusted by the ORCA AM. |
| 465 | |
| 466 | For the second, on bbn-hn: |
185 | | Via the GENI AM API: |
| 550 | That indicates that boss.pgeni.gpolab.bbn.com is trusted by FOAM. |
| 551 | |
| 552 | For the third: |
| 553 | |
| 554 | {{{ |
| 555 | [17:48:37] jbs@jericho:/home/jbs |
| 556 | +$ grep -A 8 -B 2 '\[gpolab\]' ~/.gcf/omni_config |
| 557 | ## GPO Lab ProtoGENI |
| 558 | |
| 559 | [gpolab] |
| 560 | |
| 561 | type = pg |
| 562 | verbose = false |
| 563 | ch = https://www.pgeni.gpolab.bbn.com/protogeni/xmlrpc/ch |
| 564 | sa = https://www.pgeni.gpolab.bbn.com/protogeni/xmlrpc/sa |
| 565 | cert = ~/.ssl/jbs@pgeni.gpolab.bbn.com.pem |
| 566 | key = ~/.ssl/jbs@pgeni.gpolab.bbn.com.pem |
| 567 | |
| 568 | [17:50:36] jbs@jericho:/home/jbs |
| 569 | +$ omni -a https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc listresources -f gpolab |
| 570 | INFO:omni:Loading config file /home/jbs/.gcf/omni_config |
| 571 | INFO:omni:Using control framework gpolab |
| 572 | INFO:omni:Listed resources on 1 out of 1 possible aggregates. |
| 573 | INFO:omni:<?xml version="1.0" ?> |
| 574 | INFO:omni:<!-- Resources at AM: |
| 575 | URN: unspecified_AM_URN |
| 576 | URL: https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc |
| 577 | --> |
| 578 | INFO:omni:<rspec type="advertisement" xmlns="http://www.geni.net/resources/rspec/3" xmlns:ns2="http://hpn.east.isi.edu/rspec/ext/stitch/0.1/" xmlns:ns3="http://www.protogeni.net/resources/rspec/ext/emulab/1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.geni.net/resources/rspec/3 http://www.geni.net/resources/rspec/3/ad.xsd http://hpn.east.isi.edu/rspec/ext/stitch/0.1/ http://hpn.east.isi.edu/rspec/ext/stitch/0.1/stitch-schema.xsd http://www.protogeni.net/resources/rspec/ext/emulab/1 http://www.protogeni.net/resources/rspec/ext/emulab/1/ptop_extension.xsd"> |
| 579 | <node component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+node+orca-vm-cloud" component_manager_id="urn:publicid:IDN+exogeni.net:bbnvmsite+authority+am" component_name="orca-vm-cloud" exclusive="false"> |
| 580 | <hardware_type name="orca-vm-cloud"> |
| 581 | <ns3:node_type type_slots="47"/> |
| 582 | </hardware_type> |
| 583 | <available now="true"/> |
| 584 | <interface component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+bbn:ExoGeni:TengigabitEthernet:2" role="experimental"/> |
| 585 | <interface component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+Bbn:ExoGeni:TenGigabitEthernet:1" role="experimental"/> |
| 586 | </node> |
| 587 | <link component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+link+Bbn:ExoGeni:TenGigabitEthernet:1:BbnNet:IBM:G8052:TenGigabitEthernet:1:1"> |
| 588 | <interface_ref component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+Bbn:ExoGeni:TenGigabitEthernet:1"/> |
| 589 | <interface_ref component_id="urn:publicid:IDN+exogeni.net:bbnNet+interface+BbnNet:IBM:G8052:TenGigabitEthernet:1:1"/> |
| 590 | <link_type name="ethernet"/> |
| 591 | </link> |
| 592 | <link component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+link+bbn:ExoGeni:TengigabitEthernet:2:BbnNet:BM:G8052:TenGigabitEthernet:1:2"> |
| 593 | <interface_ref component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+bbn:ExoGeni:TengigabitEthernet:2"/> |
| 594 | <interface_ref component_id="urn:publicid:IDN+exogeni.net:bbnNet+interface+BbnNet:BM:G8052:TenGigabitEthernet:1:2"/> |
| 595 | <link_type name="ethernet"/> |
| 596 | </link> |
| 597 | <node component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+node+orca-transit-net-vlan" component_manager_id="urn:publicid:IDN+exogeni.net:bbnvmsite+authority+am" component_name="orca-transit-net-vlan" exclusive="false"> |
| 598 | <hardware_type name="orca-static-net-vlan"> |
| 599 | <ns3:node_type type_slots="1"/> |
| 600 | </hardware_type> |
| 601 | <hardware_type name="orca-transit-net-vlan"> |
| 602 | <ns3:node_type type_slots="500"/> |
| 603 | </hardware_type> |
| 604 | <available now="true"/> |
| 605 | <interface component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+bbn:ExoGeni:TengigabitEthernet:2" role="experimental"/> |
| 606 | <interface component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+Bbn:ExoGeni:TenGigabitEthernet:1" role="experimental"/> |
| 607 | </node> |
| 608 | </rspec> |
| 609 | INFO:omni: ------------------------------------------------------------ |
| 610 | INFO:omni: Completed listresources: |
| 611 | |
| 612 | Options as run: |
| 613 | aggregate: https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc |
| 614 | framework: gpolab |
| 615 | native: True |
| 616 | |
| 617 | Args: listresources |
| 618 | |
| 619 | Result Summary: Retrieved resources from 1 aggregates. |
| 620 | Wrote rspecs from 1 aggregates. |
| 621 | INFO:omni: ============================================================ |
| 622 | }}} |
| 623 | |
| 624 | That indicates that BBN ExoGENI trusts the pgeni.gpolab.bbn.com SA. |
| 625 | |
| 626 | I also verified that it did not trust another SA, the BBN pgeni1 staging SA in this case: |
| 627 | |
| 628 | {{{ |
| 629 | [17:51:17] jbs@jericho:/home/jbs |
| 630 | +$ grep -A 8 -B 2 '\[pgeni1\]' ~/.gcf/omni_config |
| 631 | ## GPO Lab staging ProtoGENI |
| 632 | |
| 633 | [pgeni1] |
| 634 | |
| 635 | type = pg |
| 636 | verbose = false |
| 637 | ch = https://www.pgeni1.gpolab.bbn.com/protogeni/xmlrpc/ch |
| 638 | sa = https://www.pgeni1.gpolab.bbn.com/protogeni/xmlrpc/sa |
| 639 | cert = ~/.ssl/jbs@pgeni1.gpolab.bbn.com.pem |
| 640 | key = ~/.ssl/jbs@pgeni1.gpolab.bbn.com.pem |
| 641 | |
| 642 | [17:52:09] jbs@jericho:/home/jbs |
| 643 | +$ omni -a https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc listresources -f pgeni1 |
| 644 | INFO:omni:Loading config file /home/jbs/.gcf/omni_config |
| 645 | INFO:omni:Using control framework pgeni1 |
| 646 | INFO:omni:Listed resources on 0 out of 1 possible aggregates. |
| 647 | INFO:omni:Got no resources. No resources from AM https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc: Credendial Exception: javax.security.auth.login.CredentialException: No credential was found with appropriate privileges. |
| 648 | INFO:omni: ------------------------------------------------------------ |
| 649 | INFO:omni: Completed listresources: |
| 650 | |
| 651 | Options as run: |
| 652 | aggregate: https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc |
| 653 | framework: pgeni1 |
| 654 | native: True |
| 655 | |
| 656 | Args: listresources |
| 657 | |
| 658 | Result Summary: Got no resources. No resources from AM https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc: Credendial Exception: javax.security.auth.login.CredentialException: No credential was found with appropriate privileges. |
| 659 | INFO:omni: ============================================================ |
| 660 | }}} |
| 661 | |
| 662 | That indicates that it does not trust the BBN pgeni1 SA. |
| 663 | |
| 664 | For the fourth: |