= OG-ADM-2: Rack Administrator Access Test = This page captures status for the test case OG-ADM-2. For additional information see the [wiki:GENIRacksHome/OpenGENIRacks/AcceptanceTestStatusDec2013 Acceptance Test Status - December 2013] page overall status, or the [wiki:GENIRacksHome/AcceptanceTests/OpenGENIAcceptanceTestsPlan OpenGENI Acceptance Test Plan] for details about the planned evaluation. ''Last Update: 2013/12/13" || '''Step''' || '''State''' ||''' Notes ''' || '''Tickets''' || || Step 1 ||[[span(Pass: most criteria, style=background-color: #98FB98)]]||Administrative account instructions not complete||#95 || || Step 2 ||[[span(Pass, style=background-color: green )]] || || || Step 3 ||[[span(Pass: most criteria, style=background-color: #98FB98)]] || Remote access not fully validated||#65 || [[BR]] || '''State Legend''' || '''Description''' || ||[[span(Pass, style=background-color: green )]] || Test completed and met all criteria || ||[[span(Pass: most criteria, style=background-color: #98FB98)]]|| Test completed and met most criteria. Exceptions documented || ||[[span(Fail, style=background-color: red)]] || Test completed and failed to meet criteria. || ||[[span(Complete, style=background-color: yellow)]] || Test completed but will require re-execution due to expected changes || ||[[span(Blocked, style=background-color: orange)]] || Blocked by ticketed issue(s). || ||[[span(In Progress, style=background-color: #63B8FF)]]|| Currently under test. || ||[[span(Not Planned)]] || This area is not part of initial evaluation || = Test Plan Steps = == Step 1: For each type of rack infrastructure node verify features == For each type of rack infrastructure node, including VM server hosts and any VMs running infrastructure support services, use a site administrator account to test: * Login to the node using public-key SSH. * Verify that you cannot login to the node using password-based SSH, nor via any unencrypted login protocol. * When logged in, run a command via sudo to verify root privileges. === Control Node === Requested Administrative account and provided SSH Public keys. Once the account was created, logged in to verify sudo access on Control Node: {{{ LNM:~$ ssh -Y 128.89.72.112 -l lnevers Welcome to Ubuntu 12.04.3 LTS (GNU/Linux 3.5.0-43-generic x86_64) * Documentation: https://help.ubuntu.com/ System information as of Tue Dec 10 10:02:56 EST 2013 System load: 1.54 Users logged in: 0 Usage of /: 2.4% of 296.80GB IP address for eth2: 10.10.5.100 Memory usage: 2% IP address for eth3: 10.10.8.100 Swap usage: 0% IP address for eth1: 10.10.6.100 Processes: 313 IP address for br-ex: 128.89.72.112 Graph this data and manage this system at https://landscape.canonical.com/ 21 packages can be updated. 11 updates are security updates. Last login: Tue Dec 10 09:14:16 2013 from dhcp89-073-116.bbn.com lnevers@bbn-cam-ctrl-1:~$ sudo whoami [sudo] password for lnevers: root lnevers@bbn-cam-ctrl-1:~$ uname -a Linux bbn-cam-ctrl-1.bbn.com 3.5.0-43-generic #66~precise1-Ubuntu SMP Thu Oct 24 14:52:23 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux lnevers@bbn-cam-ctrl-1:~$ lnevers@bbn-cam-ctrl-1:~$ ssh bbn-cam-cmpe-1 Permission denied (publickey). lnevers@bbn-cam-ctrl-1:~$ ssh bbn-cam-cmpe-2 Permission denied (publickey). }}} === Compute Nodes VM servers === Logged in to each of the 2 VM servers and verified access. Compute Node 1: {{{ LNM:~$ ssh -Y 128.89.72.113 -l lnevers Welcome to Ubuntu 12.04.3 LTS (GNU/Linux 3.5.0-43-generic x86_64) * Documentation: https://help.ubuntu.com/ System information as of Tue Dec 10 10:04:45 EST 2013 System load: 0.0 Users logged in: 0 Usage of /: 2.8% of 422.79GB IP address for eth2: 10.10.5.101 Memory usage: 3% IP address for eth3: 10.10.8.101 Swap usage: 0% IP address for eth1: 10.10.6.101 Processes: 317 IP address for br-ex: 128.89.72.113 Graph this data and manage this system at https://landscape.canonical.com/ 48 packages can be updated. 16 updates are security updates. Last login: Tue Dec 10 09:04:54 2013 from dhcp89-073-116.bbn.com lnevers@bbn-cam-cmpe-1:~$ sudo whoami [sudo] password for lnevers: root lnevers@bbn-cam-cmpe-1:~$ uname -a Linux bbn-cam-cmpe-1 3.5.0-43-generic #66~precise1-Ubuntu SMP Thu Oct 24 14:52:23 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux lnevers@bbn-cam-cmpe-1:~$ }}} Compute Node 2: {{{ LNM:~$ ssh -Y 128.89.72.114 -l lnevers Welcome to Ubuntu 12.04.3 LTS (GNU/Linux 3.5.0-43-generic x86_64) * Documentation: https://help.ubuntu.com/ System information as of Tue Dec 10 10:05:22 EST 2013 System load: 0.01 Users logged in: 0 Usage of /: 2.2% of 422.79GB IP address for eth2: 10.10.5.102 Memory usage: 2% IP address for eth3: 10.10.8.102 Swap usage: 0% IP address for eth1: 10.10.6.102 Processes: 281 IP address for br-ex: 128.89.72.114 Graph this data and manage this system at https://landscape.canonical.com/ 23 packages can be updated. 11 updates are security updates. Last login: Tue Dec 10 09:08:33 2013 from dhcp89-073-116.bbn.com lnevers@bbn-cam-cmpe-2:~$ sudo whoami [sudo] password for lnevers: root lnevers@bbn-cam-cmpe-2:~$ uname -a Linux bbn-cam-cmpe-2 3.5.0-43-generic #66~precise1-Ubuntu SMP Thu Oct 24 14:52:23 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux lnevers@bbn-cam-cmpe-2:~$ }}} == Step 2: For each rack infrastructure device verify features == For each rack infrastructure device (switches, remote PDUs if any), use a site administrator account to test: * Login via SSH. * Login via a serial console (if the device has one). * Verify that you cannot login to the device via an unencrypted login protocol. * Use the "enable" command or equivalent to verify privileged access. First connected to Force10 !OpenFlow Switch which is 10.10.8.200 according to [http://groups.geni.net/geni/wiki/GENIRacksHome/OpenGENIRacks/DellRackDetails Dell Rack Details] page: {{{ lnevers@bbn-cam-ctrl-1:~$ ssh admin@10.10.8.200 admin@10.10.8.200's password: FTOS>show version Dell Force10 Real Time Operating System Software Dell Force10 Operating System Version: 2.0 Dell Force10 Application Software Version: 9.1(0.0) Copyright (c) 1999-2012 by Dell Inc. All Rights Reserved. Build Time: Tue Feb 26 20:02:06 2013 Build Path: /sites/sjc/work/build/toolSpaces/tools03/E9-1-0/SW/SRC FTOS uptime is 1 week(s), 1 day(s), 0 hour(s), 47 minute(s) System image file is "system://A" System Type: S4810 Control Processor: Freescale QorIQ P2020 with 2147483648 bytes of memory. 128M bytes of boot flash memory. 1 52-port GE/TE/FG (SE) 48 Ten GigabitEthernet/IEEE 802.3 interface(s) 4 Forty GigabitEthernet/IEEE 802.3 interface(s) FTOS> FTOS>ena Password: FTOS#show running-config Current Configuration ... ! Version 9.1(0.0) ! Last configuration change at Mon Dec 2 15:15:15 2013 by admin ! boot system stack-unit 0 primary system: A: boot system stack-unit 0 secondary system: B: boot system stack-unit 0 default system: A: boot system gateway 128.89.72.1 ! redundancy auto-synchronize full ! hardware watchdog ! service timestamps log datetime localtime show-timezone ! hostname FTOS ! cam-acl l2acl 2 ipv4acl 0 ipv6acl 0 ipv4qos 2 l2qos 1 l2pt 0 ipmacacl 0 vman-qos 0 ecfmacl 0 openflow 8 fcoeacl 0 iscsioptacl 0 ! cam-acl-vlan vlanopenflow 1 vlaniscsi 1 ! enable password 7 xxx ! username admin password 7 xx ! enable restricted 7 xx ! stack-unit 0 provision S4810 ! interface TenGigabitEthernet 0/0 no ip address portmode hybrid switchport flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/1 no ip address portmode hybrid switchport flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/2 no ip address portmode hybrid switchport flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/3 no ip address portmode hybrid switchport flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/4 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/5 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/6 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/7 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/8 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/9 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/10 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/11 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/12 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/13 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/14 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/15 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/16 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/17 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/18 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/19 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/20 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/21 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/22 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/23 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/24 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/25 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/26 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/27 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/28 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/29 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/30 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/31 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/32 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/33 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/34 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/35 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/36 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/37 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/38 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/39 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/40 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/41 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/42 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/43 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/44 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/45 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/46 no ip address flowcontrol rx on tx off no shutdown ! interface TenGigabitEthernet 0/47 no ip address flowcontrol rx on tx off no shutdown ! interface fortyGigE 0/48 no ip address flowcontrol rx on tx off no shutdown ! interface fortyGigE 0/52 no ip address flowcontrol rx on tx off no shutdown ! interface fortyGigE 0/56 no ip address flowcontrol rx on tx off no shutdown ! interface fortyGigE 0/60 no ip address flowcontrol rx on tx off no shutdown ! interface ManagementEthernet 0/0 ip address 10.10.8.200/24 no shutdown ! interface ManagementEthernet 1/0 no shutdown ! interface ManagementEthernet 2/0 no shutdown ! interface ManagementEthernet 3/0 no shutdown ! interface ManagementEthernet 4/0 no shutdown ! interface ManagementEthernet 5/0 no shutdown ! interface ManagementEthernet 6/0 no shutdown ! interface ManagementEthernet 7/0 no shutdown ! interface ManagementEthernet 8/0 no shutdown ! interface ManagementEthernet 9/0 no shutdown ! interface ManagementEthernet 10/0 no shutdown ! interface ManagementEthernet 11/0 no shutdown ! interface Vlan 1 !untagged TenGigabitEthernet 0/0-3 ! interface Vlan 1000 of-instance 1 no ip address tagged TenGigabitEthernet 0/0-2 no shutdown <... VLAN 1001 through 2098 not shown here...> interface Vlan 2099 of-instance 1 no ip address tagged TenGigabitEthernet 0/0-3 no shutdown ! openflow of-instance 1 controller 1 10.10.8.100 tcp flow-map l2 enable flow-map l3 enable interface-type vlan multiple-fwd-table enable no shutdown ! clock timezone PST -8 ! ip ssh server enable ! protocol lldp ! line console 0 exec-timeout 35751 0 line vty 0 line vty 1 line vty 2 line vty 3 line vty 4 line vty 5 line vty 6 line vty 7 line vty 8 line vty 9 ! reload-type normal-reload ! end FTOS# }}} ''Note'': A total of 1100 VLAN were in the run-config, only subset was capture above. Then connected to !PowerConnect 7048 switch which is 10.10.8.201 according to [http://groups.geni.net/geni/wiki/GENIRacksHome/OpenGENIRacks/DellRackDetails Dell Rack Details] page: {{{ lnevers@bbn-cam-ctrl-1:~$ ssh admin@10.10.8.201 admin@10.10.8.201's password: console>ena console#show version Image Descriptions image1 : default image image2 : Images currently available on Flash unit image1 image2 current-active next-active ----- ------------ ------------ ----------------- ----------------- 1 4.2.2.3 4.2.2.3 image1 image1 console#show running-config !Current Configuration: !System Description "PowerConnect 7048, 4.2.2.3, VxWorks 6.6" !System Software Version 4.2.2.3 !System Operational Mode "Normal" ! configure vlan database vlan 100,200,300,2500 vlan routing 1 1 exit vlan 100 name "Management" exit vlan 200 name "Control" exit vlan 300 name "External" exit ip telnet server disable slot 1/0 5 ! PowerConnect 7048 stack member 1 5 ! PCT7048 exit interface out-of-band ip address 10.10.8.201 255.255.255.0 0.0.0.0 exit interface vlan 1 exit username "xx" password xx privilege 15 encrypted username "xx" password xx privilege 15 encrypted crypto key pubkey-chain ssh user-key "gram" rsa key-string row xx exit exit line ssh enable authentication xxx exit ip ssh server ip ssh pubkey-auth ! interface Gi1/0/1 switchport mode trunk switchport trunk allowed vlan 2500 exit ! interface Gi1/0/2 switchport mode trunk switchport trunk allowed vlan 2500 exit ! interface Gi1/0/3 switchport mode trunk switchport trunk allowed vlan 2500 exit ! interface Gi1/0/13 switchport access vlan 200 exit ! interface Gi1/0/14 switchport access vlan 200 exit ! interface Gi1/0/15 switchport access vlan 200 exit ! interface Gi1/0/16 switchport access vlan 200 exit ! interface Gi1/0/17 switchport access vlan 200 exit ! interface Gi1/0/18 switchport access vlan 200 exit ! interface Gi1/0/19 switchport access vlan 200 exit ! interface Gi1/0/20 switchport access vlan 200 exit ! interface Gi1/0/25 switchport access vlan 300 exit ! interface Gi1/0/26 switchport access vlan 300 exit ! interface Gi1/0/27 switchport access vlan 300 exit ! interface Gi1/0/29 switchport access vlan 300 exit ! interface Gi1/0/37 switchport access vlan 300 exit ! interface Gi1/0/48 switchport access vlan 300 exit exit console#show vlan VLAN Name Ports Type -----