| 1 | = GCF Sample GENI Aggregate Manager = |
| 2 | |
| 3 | The GCF software has been evaluated, but it is not part of the original list of candidates. The following versions of GCF tools have been tested: 20100517, 20100526, 20100615. |
| 4 | |
| 5 | The GCF version 20100615 was posted to the click-server as gcf-20100615.tar.gz at the location http://www.gpolab.bbn.com/local-sw/. Details captured in |
| 6 | [http://groups.geni.net/syseng/ticket/650 GST 650 ]. |
| 7 | |
| 8 | = GCF Evaluation findings = |
| 9 | |
| 10 | - Could not run on older Linux system such as Fedora 8 and CentOS 4.5. |
| 11 | |
| 12 | - There is a dependency for openssl version 0.9.8k. Tried GCF on several ubuntu versions that include version 0.9.8g: |
| 13 | |
| 14 | * Ubuntu 8.10 (intrepid) with python 2.6 installed from source |
| 15 | * Ubuntu 9.04 (jaunty) with python 2.6 |
| 16 | * Ubuntu 9.10 (karmic) with python 2.6.4rc2 |
| 17 | |
| 18 | Could not run without installing Python-OpenSSL on these earlier versions of ubuntu. |
| 19 | |
| 20 | Also, tried Ubuntu 10.04 (lucid) which includes python 2.6.5 and openssl 0.9.8k and did not need to install Python-OpenSSL |
| 21 | |
| 22 | All installation requirements are captured in README.txt. Runtime instructions are also provided in the README.txt |
| 23 | |
| 24 | = GCF How-to = |
| 25 | |
| 26 | README.txt Instructions allow for successful installation and running of the tools, and includes the following details: |
| 27 | |
| 28 | {{{ |
| 29 | Description |
| 30 | =========== |
| 31 | |
| 32 | This software implements a sample GENI Aggregate Manager. It also |
| 33 | includes a sample GENI Clearinghouse and command line client. This |
| 34 | software is intended to demonstrate the GENI Aggregate Manager API. |
| 35 | |
| 36 | |
| 37 | Software Dependencies |
| 38 | ===================== |
| 39 | |
| 40 | The GCF package is intended to be run on a modern Linux distribution |
| 41 | (circa 2010 or 2009). Python 2.6 is required. This software is not |
| 42 | Python 3 compatible. |
| 43 | |
| 44 | This software requires a number of readily available software |
| 45 | packages. Most modern Linux distributions should have these packages |
| 46 | available via their native package management suite (eg. yum or apt). |
| 47 | |
| 48 | 1. Python M2Crypto package |
| 49 | |
| 50 | The M2Crypto package provides utilities for handling X.509 |
| 51 | certificates and SSL connections. M2Crypto is required by |
| 52 | certificate class in sfa/trust. M2Crypto should be readily available |
| 53 | on most Linux distributions. |
| 54 | |
| 55 | More information is available at: |
| 56 | http://chandlerproject.org/bin/view/Projects/MeTooCrypto |
| 57 | |
| 58 | 2. Python dateutil package |
| 59 | |
| 60 | The dateutil package provides date parsing routines to Python. It |
| 61 | should be readily available on most Linux distributions. |
| 62 | |
| 63 | More information is available at: |
| 64 | http://labix.org/python-dateutil |
| 65 | |
| 66 | 3. Python OpenSSL package |
| 67 | |
| 68 | The OpenSSL package provides a python API to the OpenSSL |
| 69 | package. There is an implicity dependency on OpenSSL, but that |
| 70 | should be handled by the Linux package manager (yum, apt, etc.) |
| 71 | |
| 72 | More information is available at: |
| 73 | https://launchpad.net/pyopenssl |
| 74 | |
| 75 | 4. xmlsec1 package |
| 76 | |
| 77 | The XML Security Library provides implementations of XML Digital |
| 78 | Signature (RFC 3275) and W3C XML Encryption. The program xmlsec1 |
| 79 | from this package is used to sign credentials. |
| 80 | |
| 81 | More information is available at: |
| 82 | http://www.aleksey.com/xmlsec/ |
| 83 | http://www.w3.org/TR/xmlenc-core/ |
| 84 | http://www.ietf.org/rfc/rfc3275.txt |
| 85 | |
| 86 | |
| 87 | Included Software |
| 88 | ================= |
| 89 | |
| 90 | This package includes software from PlanetLab. All of the PlanetLab |
| 91 | software is in the src/sfa directory. More information, including the |
| 92 | license, can be found in src/sfa/README.txt. |
| 93 | |
| 94 | |
| 95 | Instructions |
| 96 | ============ |
| 97 | |
| 98 | 1. Initialize the certificate authority and generate keys and certificates: |
| 99 | |
| 100 | $ src/init-ca.py |
| 101 | |
| 102 | This creates a certificate authority key and certificate and then |
| 103 | creates keys and certificates for a clearinghouse (ch), an aggregate |
| 104 | manager (am), and a researcher (alice). |
| 105 | |
| 106 | 2. Start the clearinghouse server: |
| 107 | |
| 108 | $ src/gch.py -r ca-cert.pem -c ca-cert.pem -k ca-key.pem |
| 109 | |
| 110 | 3. Start the aggregate manager server: |
| 111 | |
| 112 | $ src/gam.py -r ca-cert.pem -c ca-cert.pem -k ca-key.pem |
| 113 | |
| 114 | 4. Run the client |
| 115 | |
| 116 | $ src/client.py -c alice-cert.pem -k alice-key.pem \ |
| 117 | --ch https://localhost:8000/ --am https://localhost:8001/ |
| 118 | |
| 119 | The output should show some basic API testing, and possibly some |
| 120 | debug output. |
| 121 | |
| 122 | }}} |