| Version 2 (modified by , 9 years ago) (diff) |
|---|
OG-ADM-2: Rack Administrator Access Test
This page captures status for the test case OG-ADM-2. For additional information see the Acceptance Test Status - April 2014 page overall status, or the OpenGENI Acceptance Test Plan for details about the planned evaluation.
| Step | State | Notes | Tickets |
| Step 1 | Pass | ||
| Step 2 | Pass | ||
| Step 3 | Pass: most criteria | Remote access to iDRAC | 65 |
| State Legend | Description |
| Pass | Test completed and met all criteria |
| Pass: most criteria | Test completed and met most criteria. Exceptions documented |
| Fail | Test completed and failed to meet criteria. |
| Complete | Test completed but will require re-execution due to expected changes |
| Blocked | Blocked by ticketed issue(s). |
| In Progress | Currently under test. |
| Not Planned | This area is not part of initial evaluation |
Test Plan Steps
Step 1: For each type of rack infrastructure node verify features
For each type of rack infrastructure node, including VM server hosts and any VMs running infrastructure support services, use a site administrator account to test:
- Login to the node using public-key SSH.
- Verify that you cannot login to the node using password-based SSH, nor via any unencrypted login protocol.
- When logged in, run a command via sudo to verify root privileges.
Control Node
Requested Administrative account and provided SSH Public keys. Once the account was created, logged in to verify sudo access on Control Node:
LNM:~$ ssh lnevers@130.127.88.98
Welcome to Ubuntu 12.04.4 LTS (GNU/Linux 3.5.0-46-generic x86_64)
* Documentation: https://help.ubuntu.com/
System information as of Tue Apr 22 12:30:41 EDT 2014
System load: 0.01 Users logged in: 0
Usage of /: 2.4% of 297.06GB IP address for dat: 10.10.5.100
Memory usage: 1% IP address for mgt: 10.10.6.100
Swap usage: 0% IP address for ctl: 10.10.8.100
Processes: 297 IP address for br-ex: 130.127.88.98
Graph this data and manage this system at:
https://landscape.canonical.com/
76 packages can be updated.
28 updates are security updates.
Last login: Tue Apr 22 12:30:04 2014 from 128.89.73.116
lnevers@clemson-clemson-control-1:~$
lnevers@clemson-clemson-control-1:~$ sudo whoami
root
lnevers@clemson-clemson-control-1:~$
Compute Nodes
From control node connected to compute resource servers clemson-clemson-compute-1 and clemson-clemson-compute-2 and verified root access:
lnevers@clemson-clemson-control-1:~$ for i in 10.10.8.101 10.10.8.102; do ssh -t $i "hostname; sudo whoami; uname -a "; done clemson-clemson-compute-1 [sudo] password for lnevers: root Linux clemson-clemson-compute-1 3.5.0-46-generic #70~precise1-Ubuntu SMP Thu Jan 9 23:55:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Connection to 10.10.8.101 closed. clemson-clemson-compute-2 [sudo] password for lnevers: root Linux clemson-clemson-compute-2 3.5.0-46-generic #70~precise1-Ubuntu SMP Thu Jan 9 23:55:12 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Connection to 10.10.8.102 closed. lnevers@clemson-clemson-control-1:~$
Step 2: For each rack infrastructure device verify features
For each rack infrastructure device (switches, remote PDUs if any), use a site administrator account to test:
- Login via SSH.
- Login via a serial console (if the device has one).
- Verify that you cannot login to the device via an unencrypted login protocol.
- Use the "enable" command or equivalent to verify privileged access.
From Control Node connected to Force10 OpenFlow Switch which is 10.10.8.200:
lnevers@clemson-clemson-control-1:~$ ssh 10.10.8.200
lnevers@10.10.8.200's password:
FTOS>ena
Password:
FTOS#
FTOS#show version
Dell Force10 Real Time Operating System Software
Dell Force10 Operating System Version: 2.0
Dell Force10 Application Software Version: 9.1(0.0)
Copyright (c) 1999-2012 by Dell Inc. All Rights Reserved.
Build Time: Tue Feb 26 20:02:06 2013
Build Path: /sites/sjc/work/build/toolSpaces/tools03/E9-1-0/SW/SRC
FTOS uptime is 6 week(s), 5 day(s), 1 hour(s), 15 minute(s)
System image file is "system://B"
System Type: S4810
Control Processor: Freescale QorIQ P2020 with 2147483648 bytes of memory.
128M bytes of boot flash memory.
1 52-port GE/TE/FG (SE)
48 Ten GigabitEthernet/IEEE 802.3 interface(s)
4 Forty GigabitEthernet/IEEE 802.3 interface(s)
FTOS#
FTOS#show running-config
Current Configuration ...
! Version 9.1(0.0)
! Last configuration change at Wed Apr 23 08:48:58 2014 by bparker
! Startup-config last updated at Wed Apr 23 08:49:43 2014 by bparker
!
boot system stack-unit 0 primary system: B:
boot system stack-unit 0 secondary system: A:
boot system stack-unit 0 default system: B:
boot system gateway 10.10.8.1
!
redundancy auto-synchronize full
redundancy disable-auto-reboot stack-unit
!
redundancy disable-auto-reboot stack-unit 0
redundancy disable-auto-reboot stack-unit 1
redundancy disable-auto-reboot stack-unit 2
redundancy disable-auto-reboot stack-unit 3
redundancy disable-auto-reboot stack-unit 4
redundancy disable-auto-reboot stack-unit 5
redundancy disable-auto-reboot stack-unit 6
redundancy disable-auto-reboot stack-unit 7
redundancy disable-auto-reboot stack-unit 8
redundancy disable-auto-reboot stack-unit 9
redundancy disable-auto-reboot stack-unit 10
redundancy disable-auto-reboot stack-unit 11
!
hardware watchdog
!
logging coredump stack-unit all
!
hostname FTOS
!
cam-acl l2acl 2 ipv4acl 0 ipv6acl 0 ipv4qos 2 l2qos 1 l2pt 0 ipmacacl 0 vman-qos 0 ecfmacl 0 openflow 8 fcoeacl 0 iscsioptacl 0
!
cam-acl-vlan vlanopenflow 1 vlaniscsi 1
!
<<User information omitted>>
stack-unit 0 provision S4810
!
interface TenGigabitEthernet 0/0
no ip address
portmode hybrid
switchport
flowcontrol rx on tx off
no shutdown
!
interface TenGigabitEthernet 0/1
no ip address
portmode hybrid
switchport
flowcontrol rx on tx off
no shutdown
!
interface TenGigabitEthernet 0/2
no ip address
portmode hybrid
switchport
flowcontrol rx on tx off
no shutdown
!
interface TenGigabitEthernet 0/3
no ip address
portmode hybrid
switchport
flowcontrol rx on tx off
no shutdown
!
interface TenGigabitEthernet 0/4
no ip address
portmode hybrid
switchport
flowcontrol rx on tx off
no shutdown
!
interface TenGigabitEthernet 0/5
no ip address
portmode hybrid
switchport
flowcontrol rx on tx off
no shutdown
!
interface TenGigabitEthernet 0/6
no ip address
flowcontrol rx on tx off
no shutdown
!
interface TenGigabitEthernet 0/7
no ip address
flowcontrol rx on tx off
no shutdown
!
interface TenGigabitEthernet 0/8
no ip address
flowcontrol rx on tx off
no shutdown
!
interface TenGigabitEthernet 0/9
no ip address
flowcontrol rx on tx off
no shutdown
!
<<<LOTS of Interface information not captured!>>>
interface ManagementEthernet 0/0
ip address 10.10.8.200/24
no shutdown
!
interface Vlan 1
!untagged TenGigabitEthernet 0/0-5,12-13
!
interface Vlan 100 of-instance 2
no ip address
tagged TenGigabitEthernet 0/12-13
no shutdown
!
interface Vlan 845
no ip address
tagged TenGigabitEthernet 0/47
no shutdown
!
interface Vlan 1000 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-2
no shutdown
!
interface Vlan 1001 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-2
no shutdown
!
interface Vlan 1002 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-2
no shutdown
!
interface Vlan 1003 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-2
no shutdown
!
interface Vlan 1004 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-2
no shutdown
!
interface Vlan 1005 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-2
no shutdown
!
interface Vlan 1006 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-2
no shutdown
<<VLAN 1007 through 2098 not captured here...>>>
interface Vlan 2099 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 2100 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 3000 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-4
no shutdown
!
interface Vlan 3001 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-4
no shutdown
!
interface Vlan 3002 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-4
no shutdown
!
interface Vlan 3003 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-4
no shutdown
!
interface Vlan 3004 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-4
no shutdown
!
interface Vlan 3005 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-4
no shutdown
!
interface Vlan 3006 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-5
no shutdown
!
interface Vlan 3007 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-4
no shutdown
!
interface Vlan 3008 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-4
no shutdown
!
interface Vlan 3009 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-4
no shutdown
!
interface Vlan 3010 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 3011 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 3012 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 3013 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 3014 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 3015 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 3016 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 3017 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 3018 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 3019 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
interface Vlan 3020 of-instance 1
no ip address
tagged TenGigabitEthernet 0/0-3
no shutdown
!
openflow of-instance 1
controller 1 10.10.8.100 tcp
flow-map l2 enable
flow-map l3 enable
interface-type vlan
multiple-fwd-table enable
no shutdown
!
openflow of-instance 2
controller 1 130.127.39.171 tcp
flow-map l2 enable
flow-map l3 enable
interface-type vlan
multiple-fwd-table enable
shutdown
!
snmp-server community public ro
!
ip ssh rsa-authentication enable
ip ssh server enable
!
protocol lldp
!
line console 0
line vty 0
line vty 1
line vty 2
line vty 3
line vty 4
line vty 5
line vty 6
line vty 7
line vty 8
line vty 9
!
http-server http
!
reload-type normal-reload
!
end
FTOS#show vlan
Codes: * - Default VLAN, G - GVRP VLANs, R - Remote Port Mirroring VLANs, P - Primary, C - Community, I - Isolated
O - Openflow
Q: U - Untagged, T - Tagged
x - Dot1x untagged, X - Dot1x tagged
o - OpenFlow untagged, O - OpenFlow tagged
G - GVRP tagged, M - Vlan-stack, H - VSN tagged
i - Internal untagged, I - Internal tagged, v - VLT untagged, V - VLT tagged
NUM Status Description Q Ports
* 1 Active U Te 0/0-5,12-13
O 100 Inactive T Te 0/12-13
845 Inactive T Te 0/47
O 1000 Active T Te 0/0-2
O 1001 Active T Te 0/0-2
O 1002 Active T Te 0/0-2
<....Information Removed>>>
O 3000 Active T Te 0/0-4
O 3001 Active T Te 0/0-4
O 3002 Active T Te 0/0-4
O 3003 Active T Te 0/0-4
O 3004 Active T Te 0/0-4
O 3005 Active T Te 0/0-4
O 3006 Active T Te 0/0-5
O 3007 Active T Te 0/0-4
O 3008 Active T Te 0/0-4
O 3009 Active T Te 0/0-4
O 3010 Active T Te 0/0-3
O 3011 Active T Te 0/0-3
O 3012 Active T Te 0/0-3
O 3013 Active T Te 0/0-3
O 3014 Active T Te 0/0-3
O 3015 Active T Te 0/0-3
O 3016 Active T Te 0/0-3
O 3017 Active T Te 0/0-3
O 3018 Active T Te 0/0-3
O 3019 Active T Te 0/0-3
O 3020 Active T Te 0/0-3
FTOS#
FTOS#show vlan id 3001
Codes: * - Default VLAN, G - GVRP VLANs, R - Remote Port Mirroring VLANs, P - Primary, C - Community, I - Isolated
O - Openflow
Q: U - Untagged, T - Tagged
x - Dot1x untagged, X - Dot1x tagged
o - OpenFlow untagged, O - OpenFlow tagged
G - GVRP tagged, M - Vlan-stack, H - VSN tagged
i - Internal untagged, I - Internal tagged, v - VLT untagged, V - VLT tagged
NUM Status Description Q Ports
O 3001 Active T Te 0/0-4
FTOS#
FTOS#exit
Connection to 10.10.8.200 closed.
lnevers@clemson-clemson-control-1:~$ exit
logout
Connection to 130.127.88.98 closed.
LNM:~$
From Control Node connected to PowerConnect 7048 switch which is 10.10.8.201:
lnevers@clemson-clemson-control-1:~$ ssh 10.10.8.201
lnevers@10.10.8.201's password:
PCT7048>ena
Password:***************
PCT7048#show version
Image Descriptions
image1 : default image
image2 :
Images currently available on Flash
unit image1 image2 current-active next-active
----- ------------ ------------ ----------------- -----------------
1 4.2.0.4 5.0.1.3 image2 image2
PCT7048#
PCT7048#show vlan
VLAN Name Ports Type
----- --------------- ------------- --------------
1 default Po1-128, Default
Gi1/0/4-12,
Gi1/0/16-24,
Gi1/0/28-36,
Gi1/0/40,
Gi1/0/42-47
100 Management Gi1/0/1-3 Static
200 Control Gi1/0/13-15, Static
Gi1/0/37-39,
Gi1/0/41
300 External Static
845 VLAN0845 Gi1/0/48 Static
846 VLAN0846 Gi1/0/48 Static
872 External Gi1/0/25-27, Static
Gi1/0/48
2500 VLAN2500 Gi1/0/1-3 Static
PCT7048#
PCT7048#show running-config
!Current Configuration:
!System Description "PowerConnect 7048, 5.0.1.3, VxWorks 6.6"
!System Software Version 5.0.1.3
!System Operational Mode "Normal"
!
configure
vlan 100,200,300,845-846,872,2500
exit
vlan 100
name "Management"
exit
vlan 200
name "Control"
exit
vlan 300
name "External"
exit
vlan 872
name "External"
exit
hostname "PCT7048"
slot 1/0 5 ! PowerConnect 7048
--More-- or (q)uit
slot 1/1 9 ! CX4 Card
stack
member 1 5 ! PCT7048
exit
interface vlan 1
exit
interface vlan 200
ip address 10.10.8.201 255.255.255.0
exit
interface vlan 845
ip address 130.127.39.136 255.255.255.128
exit
interface vlan 872
exit
<<User info not captured>>
ip ssh server
!
interface Gi1/0/1
--More-- or (q)uit
switchport mode trunk
switchport trunk allowed vlan 100,2500
exit
!
interface Gi1/0/2
switchport mode trunk
switchport trunk allowed vlan 100,2500
exit
!
interface Gi1/0/3
switchport mode trunk
switchport trunk allowed vlan 100,2500
exit
!
interface Gi1/0/13
switchport access vlan 200
exit
!
interface Gi1/0/14
switchport access vlan 200
exit
!
interface Gi1/0/15
--More-- or (q)uit
switchport access vlan 200
exit
!
interface Gi1/0/25
switchport access vlan 872
exit
!
interface Gi1/0/26
switchport access vlan 872
exit
!
interface Gi1/0/27
switchport access vlan 872
exit
!
interface Gi1/0/37
switchport access vlan 200
exit
!
interface Gi1/0/38
switchport access vlan 200
exit
!
interface Gi1/0/39
switchport access vlan 200
exit
!
interface Gi1/0/41
switchport access vlan 200
exit
!
interface Gi1/0/48
switchport mode trunk
switchport trunk allowed vlan 845-846,872
exit
exit
PCT7048#exit
PCT7048>exitConnection to 10.10.8.201 closed.
lnevers@clemson-clemson-control-1:~$
Remote access is available via integrated Dell Remote Access Controller (iDRAC) Configuration, which allows Web access.
With the current network topology, this could be tested without a Windows System. Has been tried by others.
Step 3. Verify OpenGENI remote console solution
Verify the OpenGENI remote console solution for rack hosts can be used to access the consoles all server hosts and experimental hosts:
- Login via SSH or other encrypted protocol.
- Verify that you cannot login via an unencrypted login protocol.
Access to an integrated Dell Remote Access Controller (iDRAC) server is available via SSH from the controller node:
gram@bbn-cam-ctrl-1:~$ ssh -i ~/.ssh/id_dsa gram@10.10.8.10 /admin1-> racadm racadm>> serveraction <action > quit exit
Remote access is available via integrated Dell Remote Access Controller (iDRAC) Configuration, which allows Web access. With the current network topology, this could be tested without a Windows System. I has however been tried by others.
