Context Navigation

Stanford

Timestamp:: 12/12/13 15:46:36 (10 years ago)
Author:: lnevers@bbn.com
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

GENIRacksHome/InstageniRacks/ConfirmationTestStatus/Stanford

-                      v13
+                      v14
 == IG-CT-6 - Administrative Tests ==
+Sent request for administrative account to site contact from the [http://groups.geni.net/geni/wiki/GeniAggregate/StanfordInstaGENI Stanford InstaGENI] aggregate page.  Followed instructions at the [http://groups.geni.net/geni/wiki/GENIRacksAdministration/InstaGENIAdministration InstaGENI Administration] page for account request. A local administrator account was requested by joining the ''emulab-ops'' group at https://www.instageni.stanford.edu/joinproject.php3 page.   Once the administrative account was approved and the membership to emulab-ops was granted, proceeded to execute administrative tests.
+{{{
+LNM:~$ ssh control.instageni.stanford.edu
+}}}
+Also access the boss node:
+{{{
+LNM:~$ ssh boss.instageni.stanford.edu
+The authenticity of host 'boss.instageni.stanford.edu (171.67.2.4)' can't be established.
+RSA key fingerprint is 46:63:92:67:c8:75:20:4e:52:9f:2d:f6:cb:58:16:77.
+Are you sure you want to continue connecting (yes/no)? yes
+Warning: Permanently added 'boss.instageni.stanford.edu,171.67.2.4' (RSA) to the list of known hosts.
+FreeBSD 9.0-STABLE (TESTBED-XEN) #0: Tue Apr 30 14:24:36 MDT 2013
+Welcome to FreeBSD!
+Any user that is a member of the wheel group can use "su -" to simulate
+a root login. You can add a user to the wheel group by editing /etc/group.
+                -- Konstantinos Konstantinidis <kkonstan@duth.gr>
+> bash
+[lnevers@boss ~]$ sudo whoami
+root
+[lnevers@boss ~]$ uname -a
+FreeBSD boss.instageni.stanford.edu 9.0-STABLE FreeBSD 9.0-STABLE #0: Tue Apr 30 14:24:36 MDT 2013     root@n1.one-freebsd.testbed.emulab.net:/usr/obj/mnt/src/sys/TESTBED-XEN  i386
+[lnevers@boss ~]$
+}}}
+From boss node accessed each of the experiment nodes that support VMs:
+{{{
+[lnevers@boss ~]$ for i in pc1 pc2 pc3; do ssh $i "echo -n '===> Host: ';hostname;sudo whoami;uname -a;echo"; done
+Warning: Permanently added 'pc1.instageni.stanford.edu' (RSA) to the list of known hosts.
+===> Host: vhost1.shared-nodes.emulab-ops.instageni.stanford.edu
+root
+Linux vhost1.shared-nodes.emulab-ops.instageni.stanford.edu 2.6.32-042stab049.6.emulab.1 #1 SMP Mon May 21 14:36:04 MDT 2012 x86_64 x86_64 x86_64 GNU/Linux
+Warning: Permanently added 'pc2.instageni.stanford.edu' (RSA) to the list of known hosts.
+===> Host: vhost2.shared-nodes.emulab-ops.instageni.stanford.edu
+root
+Linux vhost2.shared-nodes.emulab-ops.instageni.stanford.edu 2.6.32-042stab049.6.emulab.1 #1 SMP Mon May 21 14:36:04 MDT 2012 x86_64 x86_64 x86_64 GNU/Linux
+Warning: Permanently added 'pc3.instageni.stanford.edu' (RSA) to the list of known hosts.
+===> Host: vhost3.shared-nodes.emulab-ops.instageni.stanford.edu
+root
+Linux vhost3.shared-nodes.emulab-ops.instageni.stanford.edu 3.2.46 #1 SMP Wed Jun 5 15:53:18 MDT 2013 x86_64 x86_64 x86_64 GNU/Linux
+[lnevers@boss ~]$
+}}}
+In order to access Dedicated Nodes some experiment must be running on the raw-pc device. At the time of this capture there one experiment using the two raw-pc nodes (pc4 and pc5):
+{{{
+[lnevers@boss ~]$ sudo ssh pc4
+[root@vm ~]# sudo whoami
+root
+[root@vm ~]# uname -a
+Linux vm.ln2pc.ch-geni-net.instageni.stanford.edu 2.6.40-4.emulab2.fc15.i686.PAE #1 SMP Tue Feb 26 13:35:12 MST 2013 i686 i686 i386 GNU/Linux
+[root@vm ~]# exit
+logout
+Connection to pc4.instageni.stanford.edu closed.
+[lnevers@boss ~]$ sudo ssh pc5
+[root@pc ~]# sudo whoami
+root
+[root@pc ~]# uname -a
+Linux pc.ln2pc.ch-geni-net.instageni.stanford.edu 2.6.40-4.emulab2.fc15.i686.PAE #1 SMP Tue Feb 26 13:35:12 MST 2013 i686 i686 i386 GNU/Linux
+[root@pc ~]# exit
+logout
+Connection to pc5.instageni.stanford.edu closed.
+[lnevers@boss ~]$
+}}}
+Further verified access by ssh from ops.instageni.gpolab.bbn.com to boss.instageni.gpolab.bbn.com, which is usually restricted for non-admin users:
+{{{
+LNM:~$   ssh ops.instageni.stanford.edu
+The authenticity of host 'ops.instageni.stanford.edu (171.67.2.5)' can't be established.
+RSA key fingerprint is 46:63:92:67:c8:75:20:4e:52:9f:2d:f6:cb:58:16:77.
+Are you sure you want to continue connecting (yes/no)? yes
+Warning: Permanently added 'ops.instageni.stanford.edu,171.67.2.5' (RSA) to the list of known hosts.
+FreeBSD 9.0-STABLE (TESTBED-XEN) #0: Tue Apr 30 14:24:36 MDT 2013
+Welcome to FreeBSD!
+To determine whether a file is a text file, executable, or some other type
+of file, use
+        file filename
+                -- Dru <genesis@istar.ca>
+> bash
+[lnevers@ops ~]$ sudo whoami
+root
+[lnevers@ops ~]$ uname -a
+FreeBSD ops.instageni.stanford.edu 9.0-STABLE FreeBSD 9.0-STABLE #0: Tue Apr 30 14:24:36 MDT 2013     root@n1.one-freebsd.testbed.emulab.net:/usr/obj/mnt/src/sys/TESTBED-XEN  i386
+[lnevers@ops ~]$
+[lnevers@ops ~]$ uname -a
+FreeBSD ops.instageni.stanford.edu 9.0-STABLE FreeBSD 9.0-STABLE #0: Tue Apr 30 14:24:36 MDT 2013     root@n1.one-freebsd.testbed.emulab.net:/usr/obj/mnt/src/sys/TESTBED-XEN  i386
+[lnevers@ops ~]$ ssh boss
+The authenticity of host 'boss.instageni.stanford.edu (171.67.2.4)' can't be established.
+ECDSA key fingerprint is bd:05:23:a7:5b:cc:78:c8:8c:a8:d3:e9:f7:27:53:cb.
+Are you sure you want to continue connecting (yes/no)? yes
+Warning: Permanently added 'boss.instageni.stanford.edu' (ECDSA) to the list of known hosts.
+Last login: Thu Dec 12 12:30:49 2013 from dhcp89-073-116.bbn.com
+FreeBSD 9.0-STABLE (TESTBED-XEN) #0: Tue Apr 30 14:24:36 MDT 2013
+Welcome to FreeBSD!
+Having trouble using fetch through a firewall? Try setting the environment
+variable FTP_PASSIVE_MODE to yes, and see fetch(3) for more details.
+> bash
+[lnevers@boss ~]$
+}}}
+Access infrastructure switches using documented password. First connect to the switch named procurve1 the control network switch:
+{{{
+[lnevers@boss ~]$ sudo more /usr/testbed/etc/switch.pswd
+XXXXXXXXX
+[lnevers@boss ~]$ telnet procurve1
+Trying 10.1.1.253...
+Connected to procurve1.
+Escape character is '^]'.
+HP J9623A E2620-24 Switch
+Software revision RA.15.05.0006
+Copyright (C) 1991-2011 Hewlett-Packard Development Company, L.P.
+                   RESTRICTED RIGHTS LEGEND
+ Confidential computer software.  Valid license from HP required for possession,
+ use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer
+ Software, Computer Software Documentation, and Technical Data for Commercial
+ Items are licensed to the U.S. Government under vendor's standard commercial
+ license.
+                   HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.
+State Highway 249, Houston, TX 77070
+We'd like to keep you up to date about:
+  * Software feature updates
+  * New product announcements
+  * Special events
+Please register your products now at:  www.hp.com/networking/register
+Password:
+HP-E2620-24# show version
+Image stamp:    /sw/code/build/xform(RA_15_05)
+                Aug  9 2011 09:08:18
+                RA.15.05.0006
+Boot Image:     Primary
+HP-E2620-24# show running-config
+Running configuration:
+; J9623A Configuration Editor; Created on release #RA.15.05.0006
+; Ver #01:01:00
+hostname "HP-E2620-24"
+ip default-gateway 10.1.1.254
+vlan 1
+   name "DEFAULT_VLAN"
+   untagged 1-22,25-28
+   ip address 10.254.254.253 255.255.255.0
+   no untagged 23-24
+   ip igmp
+   exit
+vlan 11
+   name "control-alternate"
+   untagged 24
+   ip address 10.2.1.253 255.255.255.0
+   exit
+vlan 10
+   name "control-hardware"
+   untagged 23
+   ip address 10.1.1.253 255.255.255.0
+   exit
+no web-management
+snmp-server community "xxx" unrestricted
+aaa authentication ssh login public-key
+aaa authentication ssh enable public-key
+management-vlan 10
+no dhcp config-file-update
+password xx
+password xx
+HP-E2620-24# show vlans
+ Status and Counters - VLAN Information
+  Maximum VLANs to support : 256
+  Primary VLAN : DEFAULT_VLAN
+  Management VLAN : control-hardware
+  VLAN ID Name                             | Status     Voice Jumbo
+  ------- -------------------------------- + ---------- ----- -----
+       DEFAULT_VLAN                     | Port-based No    No
+      control-hardware                 | Port-based No    No
+      control-alternate                | Port-based No    No
+HP-E2620-24#
+}}}
+Connect to the switch named procurve2 the dataplane network switch via ssh using the documented password:
+{{{
+[lnevers@boss ~]$ sudo more /usr/testbed/etc/switch.pswd
+xxxxxxx
+[lnevers@boss ~]$ telnet procurve2
+Trying 10.3.1.253...
+Connected to procurve2.
+Escape character is '^]'.
+HP J8697A Switch E5406zl
+Software revision K.15.06.5008
+Copyright (C) 1991-2012 Hewlett-Packard Development Company, L.P.
+                   RESTRICTED RIGHTS LEGEND
+ Confidential computer software.  Valid license from HP required for possession,
+ use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer
+ Software, Computer Software Documentation, and Technical Data for Commercial
+ Items are licensed to the U.S. Government under vendor's standard commercial
+ license.
+                   HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.
+State Highway 249, Houston, TX 77070
+We'd like to keep you up to date about:
+  * Software feature updates
+  * New product announcements
+  * Special events
+Please register your products now at:  www.hp.com/networking/register
+Username: manager
+Password:
+HP-E5406zl# show version
+Image stamp:    /ws/swbuildm/of_bridge_qaoff/code/build/btm(of_bridge_qaoff)
+                Feb 18 2012 11:26:28
+                K.15.06.5008
+Boot Image:     Primary
+HP-E5406zl# show running-config
+Running configuration:
+; J8697A Configuration Editor; Created on release #K.15.06.5008
+; Ver #02:10.0d:1f
+hostname "HP-E5406zl"
+module 1 type J9549A
+interface A1
+   speed-duplex auto-1000
+exit
+interface A2
+   speed-duplex auto-1000
+exit
+interface A3
+   speed-duplex auto-1000
+exit
+interface A4
+   speed-duplex auto-1000
+exit
+interface A5
+   speed-duplex auto-1000
+exit
+interface A6
+   speed-duplex auto-1000
+exit
+interface A7
+   speed-duplex auto-1000
+exit
+interface A8
+   speed-duplex auto-1000
+exit
+interface A9
+   speed-duplex auto-1000
+exit
+interface A10
+   speed-duplex auto-1000
+exit
+interface A13
+   speed-duplex auto-1000
+exit
+ip default-gateway 10.3.1.254
+vlan 1
+   name "DEFAULT_VLAN"
+   forbid A1-A9
+   untagged A11-A12,A14-A19,A21-A23
+   no untagged A1-A10,A13,A20,A24
+   no ip address
+   exit
+vlan 10
+   name "control-hardware"
+   untagged A20
+   ip address 10.3.1.253 255.255.255.0
+   exit
+vlan 257
+   name "5000"
+   untagged A1-A9
+   no ip address
+   exit
+vlan 3752
+   name "5007"
+   tagged A1,A7,A24
+   no ip address
+   exit
+vlan 3755
+   name "5013"
+   tagged A24
+   no ip address
+   exit
+vlan 3756
+   name "5014"
+   tagged A24
+   no ip address
+   exit
+vlan 3757
+   name "5015"
+   tagged A24
+   no ip address
+   exit
+vlan 3758
+   name "5016"
+   tagged A24
+   no ip address
+   exit
+vlan 3759
+   name "5017"
+   tagged A24
+   no ip address
+   exit
+vlan 258
+   name "5051"
+   untagged A10,A13
+   no ip address
+   exit
+no web-management
+openflow
+   vlan 3752
+      enable
+      controller "tcp:10.3.1.7:6633" fail-secure on
+      exit
+   vlan 3755
+      enable
+      controller "tcp:10.3.1.7:6633" fail-secure on
+      exit
+   vlan 3756
+      enable
+      controller "tcp:10.3.1.7:6633" fail-secure on
+      exit
+   vlan 3757
+      enable
+      controller "tcp:10.3.1.7:6633" fail-secure on
+      exit
+   vlan 3758
+      enable
+      controller "tcp:10.3.1.7:6633" fail-secure on
+      exit
+   vlan 3759
+      enable
+      controller "tcp:10.3.1.7:6633" fail-secure on
+      exit
+   exit
+snmp-server community "xxx" unrestricted
+aaa authentication ssh login public-key
+aaa authentication ssh enable public-key
+management-vlan 10
+no autorun
+no dhcp config-file-update
+no dhcp image-file-update
+password xx
+password xx
+HP-E5406zl#  show vlans
+ Status and Counters - VLAN Information
+  Maximum VLANs to support : 256
+  Primary VLAN : DEFAULT_VLAN
+  Management VLAN : control-hardware
+  VLAN ID Name                             | Status     Voice Jumbo
+  ------- -------------------------------- + ---------- ----- -----
+       DEFAULT_VLAN                     | Port-based No    No
+      control-hardware                 | Port-based No    No
+     5000                             | Port-based No    No
+     5051                             | Port-based No    No
+    5007                             | Port-based No    No
+    5013                             | Port-based No    No
+    5014                             | Port-based No    No
+    5015                             | Port-based No    No
+    5016                             | Port-based No    No
+    5017                             | Port-based No    No
+HP-E5406zl#
+}}}
+Access the FOAM VM and gather information for version
+{{{
+LNM:~$ ssh lnevers@foam.stanford.net
+sudo foamctl admin:get-version  --passwd-file=/etc/foam.passwd
+}}}
+Check FOAM configuration for  site.admin.email, geni.site-tag, email.from settings:
+{{{
+foamctl config:get-value --key="site.admin.email"  --passwd-file=/etc/foam.passwd
+foamctl config:get-value --key="geni.site-tag"  --passwd-file=/etc/foam.passwd
+foamctl config:get-value --key="email.from"  --passwd-file=/etc/foam.passwd
+# check if FOAM auto-approve is on. Value 2 = auto-approve is on.
+foamctl config:get-value --key="geni.approval.approve-on-creation"  --passwd-file=/etc/foam.passwd
+}}}
+Show FOAM slivers details:
+{{{
+foamctl geni:list-slivers --passwd-file=/etc/foam.passwd
+}}}
+Access the FlowVisor VM and gather version information:
+{{{
+ssh lnevers@flowvisor.stanford.net
+}}}
+Check the !FlowVisor version, list of devices, get details for a device, list of active slices, and details for one of the slices:
+{{{
+fvctl --passwd-file=/etc/flowvisor.passwd ping hello
+# Devices
+fvctl --passwd-file=/etc/flowvisor.passwd listDevices
+fvctl --passwd-file=/etc/flowvisor.passwd getDeviceInfo 06:d6:6c:3b:e5:68:00:00
+#Slices
+fvctl --passwd-file=/etc/flowvisor.passwd listSlices
+fvctl --passwd-file=/etc/flowvisor.passwd getSliceInfo 5c956f94-5e05-40b5-948f-34d0149d9182
+}}}
+Check the FlowVisor setting:
+{{{
+fvctl --passwd-file=/etc/flowvisor.passwd dumpConfig /tmp/flowvisor-config
+more /tmp/flowvisor-config
+}}}
 Verify alerts for the compute resource Aggregate Manager are being reported to the [http://monitor.gpolab.bbn.com/nagios/cgi-bin/status.cgi GPO Tango GENI Nagios monitoring] and that the majority of alerts have a status of "OK". Other statuses may be encountered and are verified with activities, outages or known issues for the site.