wiki:GENIUserWorkspace

Version 4 (modified by Jeanne Ohren, 7 years ago) (diff)

--

GENI User Workspace

Where can I find the workspace?

  • You can downloaded it from the BBN FTP server.
    • FTP information will be emailed to the appropriate lists.
    • Usernames and passwords will be emailed

Installing the VM

  1. Install VirtualBox

Download the VirtualBox software from http://www.virtualbox.org.

If you already have VirtualBox installed on your machine, make sure it is version 4.1 or above.

  1. Download VirtualBox VM image for tutorials

Download the VirtualBox VM image (GENI UW 12.04 v1.0.ova) from the BBN FTP server.

  1. Install the GENI UW 12.04 v1.0.ova virtual machine image

Start up VirtualBox, select File->Import Appliance..., and follow the instructions. Accept the default VM settings during the import.

To run the virtual machine, go to the Oracle VM VirtualBox Manager window, select the VM and click the green arrow labeled Start at the top of this window.

Configuring Credentials

You will need three sets of credentials (two optional) when using the user workspace:

  1. A GENI certificate. This is the SSL certificate (with .pem extension) that you download from one of the slice authorities (e.g. emulab.net or pgeni.gpolab.bbn.com)

You can use a certificate with or without a passphrase.

  1. (Optional) An iRODS account. This is only needed if you want to access an iRODS server from the user workspace. You must have the following information in an irods configuration file.
    irodsHost
    irodsPort
    irodsDefResource
    irodsHome
    irodsCwd
    irodsUserName
    irodsZone

Make sure you remember the password for your iRODS account. You will need this when you run credconfig.sh below.

  1. (Optional) A Java Keystore file created from your GENI certificate. This is only needed if you want to use Flukes. See https://geni-orca.renci.org/trac/wiki/flukes/#Userauthorization for instructions on how to generate the keystore file.

Make sure you remember the alias and password that you used when creating the keystore file. You will need this when you run Flukes.

Transfer these files to a location in your home directory. You can do this with ftp, scp, or shared folders.

With these 1-3 files, you can configure your credentials with the credconfig.sh tool.

   $ credconfig.sh -g <path-to-geni-credential> -i <path-to-irods-config> -f <path-to-jks-file>

The -g parameter is required and the -i and -f parameters are optional.

Example:

   $ credconfig.sh -g /home/geniuser/gpo_ctcert.pem -f /home/geniuser/pgeni.jks -i /home/geniuser/irods.config

A pair of SSH keys will be generated for you using the private key from your GENI certificate.

Using Shared Folders

If you need to transfer files from your host machine/laptop, the easiest way is typically using Shared Folders. Follow these steps to set up a shared folder on your user workspace.

  1. Go to the VirtualBox "Devices" menu and select "Shared Folders..."
  1. Click on the "Add" button on the right (looks like a folder with a plus sign).
  1. Select the path of the folder you would like to share with your VM.
  1. Enter the name you would like to give this shared folder in "Folder Name:" (e.g. myshared)
  1. Click on "OK" in the Add Shares window
  1. Click on "OK" in the Shared Folders window
  1. Create the directory where you would like you shared folder mounted (e.g. /media/shared):
    sudo mkdir /media/shared
    
  1. Mount the shared folder:
    sudo mount -t vboxsf myshared /media/shared
    

You should now be able to access your folder at /media/shared.

Basic Environment

  • Ubuntu 12.04
  • OpenJDK JRE 7
  • Most common tools are installed in /opt
  • Home directory structure
        .ssh
           - SSH key pairs
        .ssl
           - Protogeni certificate
           - Java keystore (for Flukes)
        .gcf
           - omni_config
        .irods
           - .irodsEnv:  configuration file for iRODS client
        .flukes.properties
           - Flukes configuration
    
    
    

Credentials

SSH key pair

  • Generated automatically by omni-configure.py
    • named geni_key
  • Location added to omni_config
  • Public key installed on slice nodes
  • Private key can be added to ssh-agent for password-less login

GENI certificate

  • Download from Emulab or GPO
  • With or without passphrase
  • Location added to omni_config, environment variables, and .flukes.properties

Java Keystore

iRODS account

  • Configured in $HOME/.irods/.irodsEnv

Tools

Protogeni test scripts

  • Used by LAMP scripts
  • Installed in /opt/protogeni

LAMP scripts

OMNI

OMF EC

iRODS client

Development Tools

  • Emacs
  • Screen
  • Python
  • Perl
  • Git
  • SVN
  • Expect

Packages Installed

  • python-m2crypto
  • g++
  • git
  • subversion
  • expect
  • vim
  • screen
  • emacs
  • openjdk-7-jre
  • icedtea-6-plugin
  • apache2
  • adobe-flashplugin
  • omf-expctl-5.4

Security Policies

  • External ports
    • HTTP (80)
    • HTTPS? (443)
    • SSH (22)
  • Passphrases for SSH keys?
    • Can use ssh-agent for running scripts
  • Passphrases for protoGENI certificates?
    • How to script using OMNI?
  • Storing GENI credentials?
  • StrictHostKeyChecking in SSH config?
    • removes fingerprint verification question
    • GUSH suggests this to avoid some issues