Changes between Version 8 and Version 9 of GENIRacksHome/ExogeniRacks/AcceptanceTestStatus/EG-MON-2


Ignore:
Timestamp:
08/14/12 18:05:11 (12 years ago)
Author:
Josh Smift
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GENIRacksHome/ExogeniRacks/AcceptanceTestStatus/EG-MON-2

    v8 v9  
    2424
    2525|| '''Step''' || '''State'''                || '''Date completed''' || '''Open Tickets''' || '''Closed Tickets/Comments'''                      ||
    26 || 1          || [[Color(orange,Blocked)]]  ||                      ||                    || need info from exogeni-design, asked 2012-08-14    ||
    27 || 2          || [[Color(orange,Blocked)]]  ||                      ||                    || need info from exogeni-design, asked 2012-08-14    ||
    28 || 3          || [[Color(orange,Blocked)]]  ||                      ||                    || need info from exogeni-design, asked 2012-08-14    ||
    29 || 4          || [[Color(orange,Blocked)]]  ||                      ||                    || need info from exogeni-design, asked 2012-08-14    ||
     26|| 1          || [[Color(lightgreen,Pass)]] || 2012-08-14           ||                    ||                                                    ||
     27|| 2          || [[Color(lightgreen,Pass)]] || 2012-08-14           ||                    ||                                                    ||
     28|| 3          || [[Color(lightgreen,Pass)]] || 2012-08-14           ||                    ||                                                    ||
     29|| 4          || [[Color(lightgreen,Pass)]] || 2012-08-14           ||                    ||                                                    ||
    3030|| 5          || [[Color(lightgreen,Pass)]] || 2012-08-14           ||                    ||                                                    ||
    3131
     
    3838 * A site administrator uses available system data sources (process listings, monitoring output, system logs, etc) and/or AM administrative interfaces to determine the configuration of ExoGENI resources:
    3939   * How many VMs are assigned to each of the BBN rack SM and the global ExoSM
    40    * How many bare metal nodes are configured on the rack and whether they are controlled by the BBN rack SM or by ExoSM.
    41    * How many unbound VLANs are in the rack's available pool and whether they are controlled by the BBN rack SM or by ExoSM.
     40   * How many bare metal nodes are configured on the rack and whether they are allocated to the BBN rack SM or by ExoSM.
     41   * How many unbound VLANs are in the rack's available pool and whether they are allocated to the BBN rack SM or by ExoSM.
    4242   * Whether the BBN ExoGENI AM, the RENCI ExoGENI AM, and ExoSM trust the pgeni.gpolab.bbn.com slice authority, which will be used for testing.
    4343 * A site administrator uses available system data sources to determine the configuration of !OpenFlow resources according to FOAM, ExoGENI, and !FlowVisor.
     
    5959 * The site administrator can determine how many VMs are allocated to each SM
    6060
     61=== Results of Step 1 from 2012-08-14 ===
     62
     63On bbn-hn, in /opt/orca-12080/config/config.xml, I see
     64
     65{{{
     66        <topology>
     67                <edges>
     68                        <edge>
     69                                <from name="bbn-broker" guid="2d6308a4-e38b-4210-9f4b-3319acd28e4e" type="broker">
     70                                        <location protocol="soapaxis2" url="http://bbn-hn.bbn.exogeni.net:13080/orca/services/bbn-broker"/>
     71<certificate>
     72MIICbTCCAdagAwIBAgIET0+04zANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJVUzELMAkGA1UE
     73CBMCTkMxDzANBgNVBAcTBkR1cmhhbTENMAsGA1UEChMEb3JjYTEQMA4GA1UECxMHc2hpcmFrbzEt
     74MCsGA1UEAxMkMmQ2MzA4YTQtZTM4Yi00MjEwLTlmNGItMzMxOWFjZDI4ZTRlMB4XDTEyMDMwMTE3
     75NDE1NVoXDTIyMDIyNzE3NDE1NVowezELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMQ8wDQYDVQQH
     76EwZEdXJoYW0xDTALBgNVBAoTBG9yY2ExEDAOBgNVBAsTB3NoaXJha28xLTArBgNVBAMTJDJkNjMw
     77OGE0LWUzOGItNDIxMC05ZjRiLTMzMTlhY2QyOGU0ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
     78gYEA0LqNHOAo51mJbWHQaozNPZ3+rbwommOcP0aSe0dEOlF4YtdOy6CewxiipDpMrcbia/Ur3wfn
     79s83Tm/+5tgGNyn9jmhGfmCGKr6PVieF0/F3jGsGN3wDX6C2bOG/B99pDbtyWM6EJR5wxVLVYsuji
     80kkzA2I5P6Ri/G/edh1yaex0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAGmuajmFFnd577IX/rvit4
     81vL+HlM2Yybf22bkEqlzG0uFtaXFJRUto9xOcSPm+Y3xijkf2B/X4Q+N73CFTxBEJkSh6s89SPUab
     82nLHlwi3NXDPNd5t3WR4L0KzWgFndObXbxP0ZQFS7bI5O/F8k6iBNVa5PfEvkTVekpJvYA9WJTg==
     83</certificate>
     84                                </from>
     85                                <to name="bbn-vm-am" guid="8e9f5bd9-6bd4-495b-9293-92a982e8ecf0" type="site" />
     86                                <rset>
     87                                        <type>bbnvmsite.vm</type>
     88                                        <units>48</units>
     89                                        <start>2010-01-30T00:00:00</start>
     90                                        <end>2031-01-30T00:00:00</end>
     91                                </rset>
     92                                <!--
     93                                <rset>
     94                                        <type>bbnvmsite.baremetalce</type>
     95                                        <units>1</units>
     96                                        <start>2010-01-30T00:00:00</start>
     97                                        <end>2031-01-30T00:00:00</end>
     98                                </rset>
     99                                -->
     100                                <rset>
     101                                        <type>bbnvmsite.vlan</type>
     102                                        <units>500</units>
     103                                        <start>2010-01-30T00:00:00</start>
     104                                        <end>2031-01-30T00:00:00</end>
     105                                </rset>
     106                        </edge>
     107                        <edge>
     108                                <from name="ndl-broker" guid="25bc9111-9b41-46ab-a96b-3c87f574cfde" type="broker">
     109                                        <location protocol="soapaxis2" url="http://geni-net.renci.org:11080/orca/services/ndl-broker"/>
     110<certificate>
     111MIICbTCCAdagAwIBAgIETDtgYzANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJVUzELMAkGA1UE
     112CBMCTkMxDzANBgNVBAcTBkR1cmhhbTENMAsGA1UEChMEb3JjYTEQMA4GA1UECxMHc2hpcmFrbzEt
     113MCsGA1UEAxMkMjViYzkxMTEtOWI0MS00NmFiLWE5NmItM2M4N2Y1NzRjZmRlMB4XDTEwMDcxMjE4
     114MzUxNVoXDTIwMDcwOTE4MzUxNVowezELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMQ8wDQYDVQQH
     115EwZEdXJoYW0xDTALBgNVBAoTBG9yY2ExEDAOBgNVBAsTB3NoaXJha28xLTArBgNVBAMTJDI1YmM5
     116MTExLTliNDEtNDZhYi1hOTZiLTNjODdmNTc0Y2ZkZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
     117gYEAqcyS60d5t9c3eEud529hYmD/0BrIHGkEevwAtqBb7FFD1X98SB1G8y7gzxplt0xr2Hm72Et+
     11801qB7YgT6XQHWfJQQW7RUZEnrDbGsS0v6bffY291eeDVd0ZCH1ogzPDlyMqdhSGKsstqZd0CYc2E
     119zRFNngOIytBu1m59Jr6/FqsCAwEAATANBgkqhkiG9w0BAQUFAAOBgQCpFKta+1JitcfPbti3x3Tj
     120WqqINj2f/MzwTVZbxV1eW6gLrwc3FRTX8RgAfqn2sl9Igxfzb+GbQbhY2j5iyBsEV90eKjQQitgv
     121KUA1IpJqVMYiGSohX2jL+uXEK7bujv9eRyNG82Rp+ouWCrDKo7kOVLh/iSD1s8Mrk03/wd3qfw==
     122</certificate>
     123                                </from>
     124                                <to name="bbn-vm-am" guid="8e9f5bd9-6bd4-495b-9293-92a982e8ecf0" type="site" />
     125                                <rset>
     126                                        <type>bbnvmsite.vm</type>
     127                                        <units>48</units>
     128                                        <start>2010-01-30T00:00:00</start>
     129                                        <end>2031-01-30T00:00:00</end>
     130                                </rset>
     131                                <rset>
     132                                        <type>bbnvmsite.baremetalce</type>
     133                                        <units>2</units>
     134                                        <start>2010-01-30T00:00:00</start>
     135                                        <end>2031-01-30T00:00:00</end>
     136                                </rset>
     137                                <rset>
     138                                        <type>bbnvmsite.vlan</type>
     139                                        <units>500</units>
     140                                        <start>2010-01-30T00:00:00</start>
     141                                        <end>2031-01-30T00:00:00</end>
     142                                </rset>
     143                        </edge>
     144                        <edge>
     145                                <from name="ndl-broker" guid="25bc9111-9b41-46ab-a96b-3c87f574cfde" type="broker">
     146                                        <location protocol="soapaxis2" url="http://geni-net.renci.org:11080/orca/services/ndl-broker"/>
     147<certificate>
     148MIICbTCCAdagAwIBAgIETDtgYzANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJVUzELMAkGA1UE
     149CBMCTkMxDzANBgNVBAcTBkR1cmhhbTENMAsGA1UEChMEb3JjYTEQMA4GA1UECxMHc2hpcmFrbzEt
     150MCsGA1UEAxMkMjViYzkxMTEtOWI0MS00NmFiLWE5NmItM2M4N2Y1NzRjZmRlMB4XDTEwMDcxMjE4
     151MzUxNVoXDTIwMDcwOTE4MzUxNVowezELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5DMQ8wDQYDVQQH
     152EwZEdXJoYW0xDTALBgNVBAoTBG9yY2ExEDAOBgNVBAsTB3NoaXJha28xLTArBgNVBAMTJDI1YmM5
     153MTExLTliNDEtNDZhYi1hOTZiLTNjODdmNTc0Y2ZkZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
     154gYEAqcyS60d5t9c3eEud529hYmD/0BrIHGkEevwAtqBb7FFD1X98SB1G8y7gzxplt0xr2Hm72Et+
     15501qB7YgT6XQHWfJQQW7RUZEnrDbGsS0v6bffY291eeDVd0ZCH1ogzPDlyMqdhSGKsstqZd0CYc2E
     156zRFNngOIytBu1m59Jr6/FqsCAwEAATANBgkqhkiG9w0BAQUFAAOBgQCpFKta+1JitcfPbti3x3Tj
     157WqqINj2f/MzwTVZbxV1eW6gLrwc3FRTX8RgAfqn2sl9Igxfzb+GbQbhY2j5iyBsEV90eKjQQitgv
     158KUA1IpJqVMYiGSohX2jL+uXEK7bujv9eRyNG82Rp+ouWCrDKo7kOVLh/iSD1s8Mrk03/wd3qfw==
     159</certificate>
     160                                </from>
     161                                <to name="bbn-net-am" guid="ca369912-0b78-4cc0-a52a-89b9eff03cf2" type="site" />
     162                                <rset>
     163                                        <type>bbnNet.vlan</type>
     164                                        <units>10</units>
     165                                        <start>2010-01-30T00:00:00</start>
     166                                        <end>2031-01-30T00:00:00</end>
     167                                </rset>
     168                        </edge>
     169                </edges>
     170        </topology>
     171}}}
     172
     173That indicates that 48 VMs are allocated to bbn-broker, and 48 VMs are allocated to ndl-broker.
     174
    61175== Step 2: determine bare metal node configurations ==
    62176
     
    64178
    65179'''Using:'''
    66  * On bbn-hn, use available system data sources (process listings, monitoring output, system logs, etc) and/or AM administrative interfaces to determine how many nodes in the rack are configured as bare metal nodes, and whether they are controlled by the BBN rack SM or by ExoSM.
     180 * On bbn-hn, use available system data sources (process listings, monitoring output, system logs, etc) and/or AM administrative interfaces to determine how many nodes in the rack are configured as bare metal nodes, and whether they are allocated to the BBN rack SM or by ExoSM.
    67181
    68182'''Verify:'''
    69  * The site administrator can determine how many bare metal nodes are controlled by the local SM
    70  * The site administrator can determine where each rack bare metal node's controller is if the controller is not the local SM
     183 * The site administrator can determine how many bare metal nodes are allocated to the local SM
     184 * The site administrator can determine what each bare metal node is allocated to if it is not allocated to the local SM
     185
     186=== Results of Step 2 from 2012-08-14 ===
     187
     188See Step 1 for the full topology element from /opt/orca-12080/config/config.xml. In that topology, I see
     189
     190{{{
     191                                <!--
     192                                <rset>
     193                                        <type>bbnvmsite.baremetalce</type>
     194                                        <units>1</units>
     195                                        <start>2010-01-30T00:00:00</start>
     196                                        <end>2031-01-30T00:00:00</end>
     197                                </rset>
     198                                -->
     199}}}
     200
     201in the bbn-broker section, and
     202
     203{{{
     204                                <rset>
     205                                        <type>bbnvmsite.baremetalce</type>
     206                                        <units>2</units>
     207                                        <start>2010-01-30T00:00:00</start>
     208                                        <end>2031-01-30T00:00:00</end>
     209                                </rset>
     210}}}
     211
     212in the ndl-broker section.
     213
     214That indicates that one bare metal node would normally be allocated to bbn-broker, but it's commented out; and two bare metal nodes are currently allocated to ndl-broker.
    71215
    72216== Step 3: determine available VLAN pool ==
     
    82226 * The site administrator can determine what bound VLANs are available for use and where they are allocated.
    83227
     228=== Results of Step 3 from 2012-08-14 ===
     229
     230For the first, see Step 1 for the full topology element from /opt/orca-12080/config/config.xml. In that topology, I see
     231
     232{{{
     233                                <rset>
     234                                        <type>bbnvmsite.vlan</type>
     235                                        <units>500</units>
     236                                        <start>2010-01-30T00:00:00</start>
     237                                        <end>2031-01-30T00:00:00</end>
     238                                </rset>
     239}}}
     240
     241in the bbn-broker section, and
     242
     243{{{
     244                                <rset>
     245                                        <type>bbnvmsite.vlan</type>
     246                                        <units>500</units>
     247                                        <start>2010-01-30T00:00:00</start>
     248                                        <end>2031-01-30T00:00:00</end>
     249                                </rset>
     250}}}
     251
     252in the ndl-broker section.
     253
     254That indicates that 500 VLANs are allocated to bbn-broker, and 500 VLANs are allocated to ndl-broker.
     255
     256For the second, in /opt/orca-12080/ndl/bbnvmsite.rdf, I see
     257
     258{{{
     259    <layer:LabelSet rdf:about="#Bbn/ExoGeni/staticVLANSet">
     260        <collections:size rdf:datatype="&xsd;int">1</collections:size>
     261        <domain:isAllocatable rdf:datatype="&xsd;boolean">false</domain:isAllocatable>
     262        <collections:element rdf:resource="#Bbn/ExoGeni/VLANLabel/1750"/>
     263        <domain:hasResourceType rdf:resource="&domain;VLAN"/>
     264    </layer:LabelSet>
     265}}}
     266
     267which indicates that VLAN 1750 is the only bound VLAN.
     268
    84269== Step 4: determine which GENI SAs are trusted ==
    85270
     
    87272
    88273'''Using:'''
    89  * On bbn-hn, use available system data sources (process listings, monitoring output, system logs, etc) and/or AM administrative interfaces to determine which GENI slice authorities the local rack SM trusts.
    90  * Use the GENI AM API to verify that the BBN ExoGENI AM, the RENCI ExoGENI AM and the ExoSM trust the pgeni.gpolab.bbn.com SA.
     274 * On bbn-hn, use available system data sources (process listings, monitoring output, system logs, etc) and/or AM administrative interfaces to determine which GENI slice authorities the BBN ExoGENI AM trusts.
     275 * On bbn-hn, use available system data sources (process listings, monitoring output, system logs, etc) and/or AM administrative interfaces to determine which GENI slice authorities FOAM trusts.
     276 * Use the GENI AM API to verify that the BBN ExoGENI AM and the ExoSM trust the pgeni.gpolab.bbn.com SA.
    91277 * Use the GENI AM API to verify that the rack FOAM instance trusts the pgeni.gpolab.bbn.com SA.
    92278
     
    97283=== Results of Step 4 from 2012-08-14 ===
    98284
    99 I verified that the rack FOAM instance trusts the pgeni.gpolab.bbn.com SA in two ways.
    100 
    101 On bbn-hn:
     285For the first, on bbn-hn:
     286
     287{{{
     288[17:37:14] jbs@bbn-hn:/home/jbs
     289+$ keytool -v -list -keystore /opt/orca-11080/config/geni-trusted.jks 
     290Enter keystore password: 
     291
     292*****************  WARNING WARNING WARNING  *****************
     293* The integrity of the information stored in your keystore  *
     294* has NOT been verified!  In order to verify its integrity, *
     295* you must provide your keystore password.                  *
     296*****************  WARNING WARNING WARNING  *****************
     297
     298Keystore type: JKS
     299Keystore provider: SUN
     300
     301Your keystore contains 3 entries
     302
     303Alias name: ben-ca
     304Creation date: Nov 29, 2011
     305Entry type: trustedCertEntry
     306
     307Owner: EMAILADDRESS=ben-ops@renci.org, O=BEN@RENCI, L=Chapel Hill, ST=NC, C=US
     308Issuer: EMAILADDRESS=ben-ops@renci.org, O=BEN@RENCI, L=Chapel Hill, ST=NC, C=US
     309Serial number: 88753bc67f92f627
     310Valid from: Fri Aug 29 14:27:45 EDT 2008 until: Mon Aug 27 14:27:45 EDT 2018
     311Certificate fingerprints:
     312         MD5:  6A:5B:EA:64:D7:40:BF:C1:AC:F0:D0:34:A6:54:00:C5
     313         SHA1: 94:63:C3:04:4F:48:00:B7:35:34:35:32:C3:03:E5:B7:2E:3A:44:B1
     314         Signature algorithm name: SHA1withRSA
     315         Version: 3
     316
     317Extensions:
     318
     319#1: ObjectId: 2.5.29.14 Criticality=false
     320SubjectKeyIdentifier [
     321KeyIdentifier [
     3220000: D8 9C 85 3A 11 47 9B CF   41 2E 59 B3 8B 54 37 F0  ...:.G..A.Y..T7.
     3230010: B9 D7 1E 42                                        ...B
     324]
     325]
     326
     327#2: ObjectId: 2.5.29.19 Criticality=false
     328BasicConstraints:[
     329  CA:true
     330  PathLen:2147483647
     331]
     332
     333#3: ObjectId: 2.5.29.35 Criticality=false
     334AuthorityKeyIdentifier [
     335KeyIdentifier [
     3360000: D8 9C 85 3A 11 47 9B CF   41 2E 59 B3 8B 54 37 F0  ...:.G..A.Y..T7.
     3370010: B9 D7 1E 42                                        ...B
     338]
     339
     340[EMAILADDRESS=ben-ops@renci.org, O=BEN@RENCI, L=Chapel Hill, ST=NC, C=US]
     341SerialNumber: [    88753bc6 7f92f627]
     342]
     343
     344
     345
     346*******************************************
     347*******************************************
     348
     349
     350Alias name: gpo-ca
     351Creation date: Nov 28, 2011
     352Entry type: trustedCertEntry
     353
     354Owner: EMAILADDRESS=testbed-ops@ops.pgeni.gpolab.bbn.com, CN=boss.pgeni.gpolab.bbn.com, OU=Certificate Authority, O=GENI Project Office, L=Cambridge, ST=Massachusetts, C=US
     355Issuer: EMAILADDRESS=testbed-ops@ops.pgeni.gpolab.bbn.com, CN=boss.pgeni.gpolab.bbn.com, OU=Certificate Authority, O=GENI Project Office, L=Cambridge, ST=Massachusetts, C=US
     356Serial number: fcedda89e11abaaf
     357Valid from: Fri May 28 12:07:58 EDT 2010 until: Wed Nov 18 11:07:58 EST 2015
     358Certificate fingerprints:
     359         MD5:  0D:A1:E0:43:F9:C9:5A:06:39:A4:27:33:02:A6:CD:D1
     360         SHA1: 2D:78:00:D0:1F:A0:7F:14:96:FA:57:DA:11:C6:E5:CC:F1:42:C2:BD
     361         Signature algorithm name: MD5withRSA
     362         Version: 3
     363
     364Extensions:
     365
     366#1: ObjectId: 2.5.29.14 Criticality=false
     367SubjectKeyIdentifier [
     368KeyIdentifier [
     3690000: 98 57 01 01 AE BF D9 9C   8D D2 F0 04 06 D9 2A E8  .W............*.
     3700010: 06 CB B0 F9                                        ....
     371]
     372]
     373
     374#2: ObjectId: 2.5.29.19 Criticality=false
     375BasicConstraints:[
     376  CA:true
     377  PathLen:2147483647
     378]
     379
     380#3: ObjectId: 2.5.29.35 Criticality=false
     381AuthorityKeyIdentifier [
     382KeyIdentifier [
     3830000: 98 57 01 01 AE BF D9 9C   8D D2 F0 04 06 D9 2A E8  .W............*.
     3840010: 06 CB B0 F9                                        ....
     385]
     386
     387[EMAILADDRESS=testbed-ops@ops.pgeni.gpolab.bbn.com, CN=boss.pgeni.gpolab.bbn.com, OU=Certificate Authority, O=GENI Project Office, L=Cambridge, ST=Massachusetts, C=US]
     388SerialNumber: [    fcedda89 e11abaaf]
     389]
     390
     391#4: ObjectId: 2.5.29.18 Criticality=false
     392IssuerAlternativeName [
     393  URIName: urn:publicid:IDN+pgeni.gpolab.bbn.com+authority+root
     394]
     395
     396#5: ObjectId: 2.5.29.17 Criticality=false
     397SubjectAlternativeName [
     398  URIName: urn:publicid:IDN+pgeni.gpolab.bbn.com+authority+root
     399]
     400
     401
     402
     403*******************************************
     404*******************************************
     405
     406
     407Alias name: utah-emulab
     408Creation date: Nov 29, 2011
     409Entry type: trustedCertEntry
     410
     411Owner: EMAILADDRESS=testbed-ops@flux.utah.edu, CN=boss.emulab.net, OU=Certificate Authority, O=Utah Network Testbed, L=Salt Lake City, ST=Utah, C=US
     412Issuer: EMAILADDRESS=testbed-ops@flux.utah.edu, CN=boss.emulab.net, OU=Certificate Authority, O=Utah Network Testbed, L=Salt Lake City, ST=Utah, C=US
     413Serial number: 0
     414Valid from: Wed Dec 02 13:47:47 EST 2009 until: Mon May 25 14:47:47 EDT 2015
     415Certificate fingerprints:
     416         MD5:  AC:CD:F6:5E:90:E6:7F:4D:BA:A2:75:CE:21:C6:09:99
     417         SHA1: 23:44:33:D5:30:5F:4B:6C:53:75:8D:B0:A5:4D:46:72:FB:F6:8A:70
     418         Signature algorithm name: MD5withRSA
     419         Version: 3
     420
     421Extensions:
     422
     423#1: ObjectId: 2.5.29.14 Criticality=false
     424SubjectKeyIdentifier [
     425KeyIdentifier [
     4260000: E1 FD 98 33 CE 37 B3 7D   F0 D3 75 31 DF A7 D8 31  ...3.7....u1...1
     4270010: A0 F6 98 20                                        ...
     428]
     429]
     430
     431#2: ObjectId: 2.5.29.19 Criticality=false
     432BasicConstraints:[
     433  CA:true
     434  PathLen:2147483647
     435]
     436
     437#3: ObjectId: 2.5.29.35 Criticality=false
     438AuthorityKeyIdentifier [
     439KeyIdentifier [
     4400000: E1 FD 98 33 CE 37 B3 7D   F0 D3 75 31 DF A7 D8 31  ...3.7....u1...1
     4410010: A0 F6 98 20                                        ...
     442]
     443
     444[EMAILADDRESS=testbed-ops@flux.utah.edu, CN=boss.emulab.net, OU=Certificate Authority, O=Utah Network Testbed, L=Salt Lake City, ST=Utah, C=US]
     445SerialNumber: [    00]
     446]
     447
     448#4: ObjectId: 2.5.29.18 Criticality=false
     449IssuerAlternativeName [
     450  URIName: urn:publicid:IDN+emulab.net+authority+root
     451]
     452
     453#5: ObjectId: 2.5.29.17 Criticality=false
     454SubjectAlternativeName [
     455  URIName: urn:publicid:IDN+emulab.net+authority+root
     456]
     457
     458
     459
     460*******************************************
     461*******************************************
     462}}}
     463
     464That indicates that ben-ca, gpo-ca, and utah-emulab are trusted by the ORCA AM.
     465
     466For the second, on bbn-hn:
    102467
    103468{{{
     
    183548}}}
    184549
    185 Via the GENI AM API:
     550That indicates that boss.pgeni.gpolab.bbn.com is trusted by FOAM.
     551
     552For the third:
     553
     554{{{
     555[17:48:37] jbs@jericho:/home/jbs
     556+$ grep -A 8 -B 2 '\[gpolab\]' ~/.gcf/omni_config
     557## GPO Lab ProtoGENI
     558
     559[gpolab]
     560
     561type = pg
     562verbose = false
     563ch = https://www.pgeni.gpolab.bbn.com/protogeni/xmlrpc/ch
     564sa = https://www.pgeni.gpolab.bbn.com/protogeni/xmlrpc/sa
     565cert = ~/.ssl/jbs@pgeni.gpolab.bbn.com.pem
     566key = ~/.ssl/jbs@pgeni.gpolab.bbn.com.pem
     567
     568[17:50:36] jbs@jericho:/home/jbs
     569+$ omni -a https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc listresources -f gpolab
     570INFO:omni:Loading config file /home/jbs/.gcf/omni_config
     571INFO:omni:Using control framework gpolab
     572INFO:omni:Listed resources on 1 out of 1 possible aggregates.
     573INFO:omni:<?xml version="1.0" ?>
     574INFO:omni:<!-- Resources at AM:
     575        URN: unspecified_AM_URN
     576        URL: https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc
     577 -->
     578INFO:omni:<rspec type="advertisement" xmlns="http://www.geni.net/resources/rspec/3" xmlns:ns2="http://hpn.east.isi.edu/rspec/ext/stitch/0.1/" xmlns:ns3="http://www.protogeni.net/resources/rspec/ext/emulab/1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.geni.net/resources/rspec/3 http://www.geni.net/resources/rspec/3/ad.xsd http://hpn.east.isi.edu/rspec/ext/stitch/0.1/ http://hpn.east.isi.edu/rspec/ext/stitch/0.1/stitch-schema.xsd http://www.protogeni.net/resources/rspec/ext/emulab/1 http://www.protogeni.net/resources/rspec/ext/emulab/1/ptop_extension.xsd"> 
     579      <node component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+node+orca-vm-cloud" component_manager_id="urn:publicid:IDN+exogeni.net:bbnvmsite+authority+am" component_name="orca-vm-cloud" exclusive="false">   
     580            <hardware_type name="orca-vm-cloud">     
     581                  <ns3:node_type type_slots="47"/>     
     582            </hardware_type>   
     583            <available now="true"/>   
     584            <interface component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+bbn:ExoGeni:TengigabitEthernet:2" role="experimental"/>   
     585            <interface component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+Bbn:ExoGeni:TenGigabitEthernet:1" role="experimental"/>   
     586      </node> 
     587      <link component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+link+Bbn:ExoGeni:TenGigabitEthernet:1:BbnNet:IBM:G8052:TenGigabitEthernet:1:1">   
     588            <interface_ref component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+Bbn:ExoGeni:TenGigabitEthernet:1"/>   
     589            <interface_ref component_id="urn:publicid:IDN+exogeni.net:bbnNet+interface+BbnNet:IBM:G8052:TenGigabitEthernet:1:1"/>   
     590            <link_type name="ethernet"/>   
     591      </link> 
     592      <link component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+link+bbn:ExoGeni:TengigabitEthernet:2:BbnNet:BM:G8052:TenGigabitEthernet:1:2">   
     593            <interface_ref component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+bbn:ExoGeni:TengigabitEthernet:2"/>   
     594            <interface_ref component_id="urn:publicid:IDN+exogeni.net:bbnNet+interface+BbnNet:BM:G8052:TenGigabitEthernet:1:2"/>   
     595            <link_type name="ethernet"/>   
     596      </link> 
     597      <node component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+node+orca-transit-net-vlan" component_manager_id="urn:publicid:IDN+exogeni.net:bbnvmsite+authority+am" component_name="orca-transit-net-vlan" exclusive="false">   
     598            <hardware_type name="orca-static-net-vlan">     
     599                  <ns3:node_type type_slots="1"/>     
     600            </hardware_type>   
     601            <hardware_type name="orca-transit-net-vlan">     
     602                  <ns3:node_type type_slots="500"/>     
     603            </hardware_type>   
     604            <available now="true"/>   
     605            <interface component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+bbn:ExoGeni:TengigabitEthernet:2" role="experimental"/>   
     606            <interface component_id="urn:publicid:IDN+exogeni.net:bbnvmsite+interface+Bbn:ExoGeni:TenGigabitEthernet:1" role="experimental"/>   
     607      </node> 
     608</rspec>
     609INFO:omni: ------------------------------------------------------------
     610INFO:omni: Completed listresources:
     611
     612  Options as run:
     613                aggregate: https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc
     614                framework: gpolab
     615                native: True
     616
     617  Args: listresources
     618
     619  Result Summary: Retrieved resources from 1 aggregates.
     620Wrote rspecs from 1 aggregates.
     621INFO:omni: ============================================================
     622}}}
     623
     624That indicates that BBN ExoGENI trusts the pgeni.gpolab.bbn.com SA.
     625
     626I also verified that it did not trust another SA, the BBN pgeni1 staging SA in this case:
     627
     628{{{
     629[17:51:17] jbs@jericho:/home/jbs
     630+$ grep -A 8 -B 2 '\[pgeni1\]' ~/.gcf/omni_config
     631## GPO Lab staging ProtoGENI
     632
     633[pgeni1]
     634
     635type = pg
     636verbose = false
     637ch = https://www.pgeni1.gpolab.bbn.com/protogeni/xmlrpc/ch
     638sa = https://www.pgeni1.gpolab.bbn.com/protogeni/xmlrpc/sa
     639cert = ~/.ssl/jbs@pgeni1.gpolab.bbn.com.pem
     640key = ~/.ssl/jbs@pgeni1.gpolab.bbn.com.pem
     641
     642[17:52:09] jbs@jericho:/home/jbs
     643+$ omni -a https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc listresources -f pgeni1
     644INFO:omni:Loading config file /home/jbs/.gcf/omni_config
     645INFO:omni:Using control framework pgeni1
     646INFO:omni:Listed resources on 0 out of 1 possible aggregates.
     647INFO:omni:Got no resources. No resources from AM https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc: Credendial Exception: javax.security.auth.login.CredentialException: No credential was found with appropriate privileges.
     648INFO:omni: ------------------------------------------------------------
     649INFO:omni: Completed listresources:
     650
     651  Options as run:
     652                aggregate: https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc
     653                framework: pgeni1
     654                native: True
     655
     656  Args: listresources
     657
     658  Result Summary: Got no resources. No resources from AM https://bbn-hn.exogeni.gpolab.bbn.com:11443/orca/xmlrpc: Credendial Exception: javax.security.auth.login.CredentialException: No credential was found with appropriate privileges.
     659INFO:omni: ============================================================
     660}}}
     661
     662That indicates that it does not trust the BBN pgeni1 SA.
     663
     664For the fourth:
    186665
    187666{{{
     
    235714}}}
    236715
     716That indicates that FOAM trusts the pgeni.gpolab.bbn.com SA.
     717
    237718I also verified that it did not trust another SA, Utah ProtoGENI in this case:
    238719
     
    275756INFO:omni: ============================================================
    276757}}}
     758
     759That indicates that it does not trust the ProtoGENI Utah SA.
    277760
    278761== Step 5: determine rack !OpenFlow state ==