Changes between Version 8 and Version 9 of GENIRacksHome/InstageniRacks/ConfirmationTestStatus/NYSERNet

Timestamp:

09/16/13 14:34:35 (11 years ago)

Author:

lnevers@bbn.com

Comment:

--

GENIRacksHome/InstageniRacks/ConfirmationTestStatus/NYSERNet

@@ -1134 +1134 @@
 == IG-CT-6 - Administrative Tests ==
 
+Sent request for administrative account to site contact from the [http://groups.geni.net/geni/wiki/GeniAggregate/NYSERNetInstaGENI NYSERNet InstaGENI] aggregate page.  Followed instructions at [https://users.emulab.net/trac/protogeni/wiki/RackAdminAccounts Admin Accounts on InstaGeni Racks] page for account request. A local admin account was create and also had to join the ''emulab-ops'' group at https://www.nysernet.org/joinproject.php3?target_pid=emulab-ops.   Once the administrative account was created and membership to emulab-ops was approved, proceeded to execute administrative tests.  
+
+{{{
+LNM:~$ ssh control.instageni.nysernet.org
+Welcome to Ubuntu precise (development branch) (GNU/Linux 3.2.0-23-generic x86_64)
+
+ * Documentation:  https://help.ubuntu.com/
+
+  System information as of Mon Sep 16 18:24:35 UTC 2013
+
+  System load:     0.0               IP address for xenbr0:   199.109.64.3
+  Usage of /:      31.2% of 5.85GB   IP address for xenbr0:1: 172.16.0.1
+  Memory usage:    38%               IP address for xenbr1:   10.1.1.254
+  Swap usage:      2%                IP address for xenbr2:   10.2.1.254
+  Processes:       166               IP address for xenbr3:   10.3.1.254
+  Users logged in: 1
+
+  Graph this data and manage this system at https://landscape.canonical.com/
+Last login: Mon Sep 16 17:34:17 2013 from 128.89.254.103
+To run a command as administrator (user "root"), use "sudo <command>".
+See "man sudo_root" for details.
+
+lnevers@nysernet:~$ sudo whoami
+root
+lnevers@nysernet:~$
+
+}}}
+
+Also access the boss node:
+{{{
+LNM:~$ ssh boss.instageni.nysernet.org
+Last login: Mon Sep 16 14:16:21 2013 from dhcp89-073-116.bbn.com
+FreeBSD 9.0-STABLE (TESTBED-XEN) #0: Tue Apr 30 14:24:36 MDT 2013
+
+Welcome to FreeBSD!
+
+Want to use sed(1) to edit a file in place?  Well, to replace every 'e' with
+an 'o', in a file named 'foo', you can do:
+
+        sed -i.bak s/e/o/g foo
+
+And you'll get a backup of the original in a file named 'foo.bak', but if you
+want no backup:
+
+        sed -i '' s/e/o/g foo
+[lnevers@boss ~]$ sudo whoami 
+root
+[lnevers@boss ~]$ }}}
+
+From boss node accessed each of the experiment nodes that support VMs: 
+{{{
+[lnevers@boss ~]$ for i in pc1 pc2; do ssh $i "echo -n '===> Host: ';hostname;sudo whoami;uname -a;echo"; done
+Warning: Permanently added 'pc1.instageni.nysernet.org' (RSA) to the list of known hosts.
+===> Host: vhost1.shared-nodes.emulab-ops.instageni.nysernet.org
+root
+Linux vhost1.shared-nodes.emulab-ops.instageni.nysernet.org 2.6.32-042stab049.6.emulab.1 #1 SMP Mon May 21 14:36:04 MDT 2012 x86_64 x86_64 x86_64 GNU/Linux
+
+Warning: Permanently added 'pc2.instageni.nysernet.org' (RSA) to the list of known hosts.
+===> Host: vhost2.shared-nodes.emulab-ops.instageni.nysernet.org
+root
+Linux vhost2.shared-nodes.emulab-ops.instageni.nysernet.org 2.6.32-042stab049.6.emulab.1 #1 SMP Mon May 21 14:36:04 MDT 2012 x86_64 x86_64 x86_64 GNU/Linux
+
+[lnevers@boss ~]$ 
+
+
+}}}
+
+In order to access Dedicated Nodes some experiment must be running on the raw-pc device. At the time of this capture only 1 raw-pc nodes was in use: 
+{{{
+[lnevers@boss ~]$ sudo ssh pc4
+[root@pc ~]# sudo whoami
+root
+[root@pc ~]# exit
+logout
+Connection to pc4.instageni.nysernet.org closed.
+[lnevers@boss ~]$
+
+}}}
+
+Further verified access by ssh from ops.instageni.gpolab.bbn.com to boss.instageni.gpolab.bbn.com, which is usually restricted for non-admin users: 
+{{{
+LNM:~$ ssh ops.instageni.nysernet.org
+Last login: Mon Sep 16 13:29:52 2013 from 128.89.254.103
+FreeBSD 9.0-STABLE (TESTBED-XEN) #0: Tue Apr 30 14:24:36 MDT 2013
+
+Welcome to FreeBSD!
+
+If you `set watch = (0 any any)' in tcsh, you will be notified when
+someone logs in or out of your system.
+> bash
+[lnevers@ops ~]$ sudo whoami
+root
+[lnevers@ops ~]$ ssh boss
+Last login: Mon Sep 16 14:25:43 2013 from dhcp89-073-116.bbn.com
+FreeBSD 9.0-STABLE (TESTBED-XEN) #0: Tue Apr 30 14:24:36 MDT 2013
+
+Welcome to FreeBSD!
+
+To see the 10 largest files on a directory or partition, use
+
+        du /partition_or_directory_name | sort -rn | head
+                -- Dru <genesis@istar.ca>
+[lnevers@boss ~]$ 
+
+}}}
+Access infrastructure Switches using documented password. First connect to the switch named procurve1 the control network switch: 
+{{{
+[lnevers@boss ~]$ telnet procurve1 
+Trying 10.1.1.253...
+Connected to procurve1.
+Escape character is '^]'.
+
+HP J9623A E2620-24 Switch
+Software revision RA.15.08.0009
+
+Copyright (C) 1991-2012 Hewlett-Packard Development Company, L.P.
+
+                   RESTRICTED RIGHTS LEGEND
+ Confidential computer software.  Valid license from HP required for possession,
+ use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer
+ Software, Computer Software Documentation, and Technical Data for Commercial
+ Items are licensed to the U.S. Government under vendor's standard commercial
+ license.
+                   HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. 
+                   20555 State Highway 249, Houston, TX 77070
+
+We'd like to keep you up to date about:
+  * Software feature updates
+  * New product announcements
+  * Special events
+Please register your products now at:  www.hp.com/networking/register
+
+Username: manager
+Password: 
+
+HP-E2620-24# show version
+Image stamp:    /ws/swbuildm/rel_galt_qaoff/code/build/xform(rel_galt_qaoff)
+                May  9 2012 15:28:43
+                RA.15.08.0009
+                474
+Boot Image:     Primary
+HP-E2620-24# show running-config 
+
+Running configuration:
+
+; J9623A Configuration Editor; Created on release #RA.15.08.0009
+; Ver #02:13.2d:3c
+hostname "HP-E2620-24"
+max-vlans 50
+no stack
+no web-management
+ip default-gateway 10.1.1.254
+snmp-server community "xxx" unrestricted
+aaa authentication ssh login public-key
+aaa authentication ssh enable public-key
+vlan 1
+   name "DEFAULT_VLAN"
+   no untagged 23-24
+   untagged 1-22,25-28
+   ip address 10.254.254.253 255.255.255.0
+   ip igmp
+   exit
+vlan 10
+   name "control-hardware"
+   untagged 23
+   ip address 10.1.1.253 255.255.255.0
+   exit
+vlan 11
+   name "control-alternate"
+   untagged 24
+   ip address 10.2.1.253 255.255.255.0
+   exit
+management-vlan 10
+no dhcp config-file-update
+password manager
+password operator
+
+HP-E2620-24# show vlan 10
+
+ Status and Counters - VLAN Information - VLAN 10
+
+  VLAN ID : 10     
+  Name : control-hardware                
+  Status : Port-based
+  Voice : No 
+  Jumbo : No 
+
+  Port Information Mode     Unknown VLAN Status    
+  ---------------- -------- ------------ ----------
+  23               Untagged Learn        Up        
+ 
+
+HP-E2620-24# exit
+HP-E2620-24> exit
+Do you want to log out [y/n]? y
+Connection closed by foreign host.
+[lnevers@boss ~]$ 
+}}}
+
+Connect to the switch named procurve2 the dataplane network switch via ssh using the documented password: 
+{{{
+[lnevers@boss ~]$ sudo more /usr/testbed/etc/switch.pswd
+xxxxxxx
+[lnevers@boss ~]$  telnet procurve2
+Trying 10.3.1.253...
+Connected to procurve2.
+Escape character is '^]'.
+
+HP J8697A Switch E5406zl
+Software revision K.15.06.5008
+
+Copyright (C) 1991-2012 Hewlett-Packard Development Company, L.P.
+
+                   RESTRICTED RIGHTS LEGEND
+ Confidential computer software.  Valid license from HP required for possession,
+ use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer
+ Software, Computer Software Documentation, and Technical Data for Commercial
+ Items are licensed to the U.S. Government under vendor's standard commercial
+ license.
+                   HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. 
+                   20555 State Highway 249, Houston, TX 77070
+
+We'd like to keep you up to date about:
+  * Software feature updates
+  * New product announcements
+  * Special events
+Please register your products now at:  www.hp.com/networking/register
+
+Username: manager
+Password: 
+
+
+HP-E5406zl# show version
+Image stamp:    /ws/swbuildm/of_bridge_qaoff/code/build/btm(of_bridge_qaoff)
+                Feb 18 2012 11:26:28
+                K.15.06.5008
+                79
+Boot Image:     Primary
+HP-E5406zl# show running-config 
+
+Running configuration:
+
+; J8697A Configuration Editor; Created on release #K.15.06.5008
+; Ver #02:10.0d:1f
+
+hostname "HP-E5406zl" 
+module 1 type J9549A 
+interface A1 
+   speed-duplex auto-1000 
+exit
+interface A2 
+   speed-duplex auto-1000 
+exit
+interface A3 
+   speed-duplex auto-1000 
+exit
+interface A4 
+   speed-duplex auto-1000 
+exit
+interface A5 
+   speed-duplex auto-1000 
+exit
+interface A6 
+   speed-duplex auto-1000 
+exit
+interface A7 
+   speed-duplex auto-1000 
+exit
+interface A8 
+   speed-duplex auto-1000 
+exit
+interface A9 
+   speed-duplex auto-1000 
+exit
+interface A10 
+   speed-duplex auto-1000 
+exit
+ip default-gateway 10.3.1.254 
+vlan 1 
+   name "DEFAULT_VLAN" 
+   forbid A1-A9 
+   untagged A11-A19,A21-A23 
+   no untagged A1-A10,A20,A24 
+   no ip address 
+   exit 
+vlan 10 
+   name "control-hardware" 
+   untagged A20 
+   ip address 10.3.1.253 255.255.255.0 
+   exit 
+vlan 257 
+   name "_1" 
+   untagged A1-A9 
+   no ip address 
+   exit 
+vlan 258 
+   name "_6" 
+   tagged A4,A7 
+   no ip address 
+   exit 
+vlan 259 
+   name "_7" 
+   tagged A1,A4 
+   no ip address 
+   exit 
+vlan 1750 
+   name "_8" 
+   tagged A1,A24 
+   no ip address 
+   exit 
+vlan 260 
+   name "_17" 
+   tagged A7 
+   no ip address 
+   exit 
+vlan 261 
+   name "_19" 
+   tagged A7,A10 
+   no ip address 
+   exit 
+no web-management
+openflow
+   vlan 1750
+      enable
+      controller "tcp:10.3.1.7:6633" fail-secure on
+      exit
+   exit
+snmp-server community "xxx" unrestricted
+aaa authentication ssh login public-key
+aaa authentication ssh enable public-key
+management-vlan 10
+no autorun
+no dhcp config-file-update
+no dhcp image-file-update
+password xxx
+password xxx
+
+HP-E5406zl#  show vlan 1750
+
+ Status and Counters - VLAN Information - VLAN 1750
+
+  VLAN ID : 1750   
+  Name : _8                              
+  Status : Port-based
+  Voice : No 
+  Jumbo : No 
+
+  Port Information Mode     Unknown VLAN Status    
+  ---------------- -------- ------------ ----------
+  A1               Tagged   Learn        Up        
+  A24              Tagged   Learn        Up        
+ 
+
+HP-E5406zl# 
+
+}}}
+
+Access the FOAM VM and gather information for version
+{{{
+LNM:~$ ssh lnevers@foam.nysernet.org
+
+sudo foamctl admin:get-version  --passwd-file=/etc/foam.passwd 
+
+}}}
+Check FOAM configuration for  site.admin.email, geni.site-tag, email.from settings:
+{{{
+foamctl config:get-value --key="site.admin.email"  --passwd-file=/etc/foam.passwd 
+
+foamctl config:get-value --key="geni.site-tag"  --passwd-file=/etc/foam.passwd 
+
+foamctl config:get-value --key="email.from"  --passwd-file=/etc/foam.passwd 
+
+# check if FOAM auto-approve is on. Value 2 = auto-approve is on.
+
+foamctl config:get-value --key="geni.approval.approve-on-creation"  --passwd-file=/etc/foam.passwd 
+
+}}}
+
+Show FOAM slivers and details for one sliver:
+
+{{{
+foamctl geni:list-slivers --passwd-file=/etc/foam.passwd
+
+}}}
+Access the FlowVisor VM and gather version information:
+{{{
+
+ssh lnevers@flowvisor.nysernet.org
+}}}
+Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices:
+{{{     
+
+fvctl --passwd-file=/etc/flowvisor.passwd ping hello
+
+# Devices
+fvctl --passwd-file=/etc/flowvisor.passwd listDevices
+
+fvctl --passwd-file=/etc/flowvisor.passwd getDeviceInfo 06:d6:6c:3b:e5:68:00:00
+
+#Slices
+fvctl --passwd-file=/etc/flowvisor.passwd listSlices
+
+fvctl --passwd-file=/etc/flowvisor.passwd getSliceInfo 5c956f94-5e05-40b5-948f-34d0149d9182
+
+}}}
+
+Check the FlowVisor setting:
+{{{
+fvctl --passwd-file=/etc/flowvisor.passwd dumpConfig /tmp/flowvisor-config
+more /tmp/flowvisor-config 
+
+}}}
+
+
+Verify alerts for the compute resource Aggregate Manager are being reported to the [http://monitor.gpolab.bbn.com/nagios/cgi-bin/status.cgi GPO Tango GENI Nagios monitoring] and that all alerts have status OK.
+
+
+[[Image(NYSERNet-nagios.jpg)]]
+
+Verify alerts for the FOAM Aggregate Manager are being reported to the [http://monitor.gpolab.bbn.com/nagios/cgi-bin/status.cgi GPO Tango GENI Nagios monitoring] and that all alerts have status OK.
+
+[[Image(NYSERNet-OF-nagios.jpg)]]
 ----
 {{{