Version 16 (modified by 12 years ago) (diff) | ,
---|
LAMP Evaluation
The Leveraging and Abstracting Measurements with perfSONAR (LAMP) Evaluation was based on instruction found at the LAMP I&M System Tutorial page. No versioning was available for either of the two scripts available for download, lamp-getcertificate.py and lamp-sendmanifest.py.
Evaluation Time Frame: November 16 and 22 2011
LAMP GENI Findings
Several issues were found including:
- There is no versioning in the tools attached on the tutorial page.
- The lamp-sendmanifest.py script has problems uploading manifests for RSpec v0.2.
- Error handling for failed manifest upload is not obvious and it is difficult to tell that a failure occurred.
- Updating the bundle cert on the lamp server is not documented in tutorial, and should be documented with the perfSONAR process (psconfig) restart requirements.
LAMP How-to
Using instructions from the LAMP I&M System Tutorial page, downloaded the 2 LAMP scripts and the required ProtoGENI Test script a these locations:
Unpacked the protogeni-test tools and placed the two lamp scripts in the same directory as the ProtoGENI tests.
1. Create Slice with LAMP Resources
Used Omni tools to set up a ProtoGENI slice and sliver that uses the required LAMP image named UBUNTU91-LAMP:
$ ./src/omni.py createslice lnevers-lamp-slice1 INFO:omni:Loading config file omni_config INFO:omni:Using control framework pg INFO:omni:Created slice with Name lnevers-lamp-slice1, URN urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1, Expiration 2011-11-17 00:09:25+00:00 INFO:omni: ------------------------------------------------------------ INFO:omni: Completed createslice: Options as run: framework: pg native: True Args: createslice lnevers-lamp-slice1 Result Summary: Created slice with Name lnevers-lamp-slice1, URN urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1, Expiration 2011-11-17 00:09:25+00:00 INFO:omni: ============================================================
Modified the LAMP example RSpec to include my slice name and my user information:
<rspec xmlns="http://protogeni.net/resources/rspec/0.2" xmlns:lamp="http://protogeni.net/resources/rspec/0.2/ext/lamp/1"> <node virtual_id="node1" virtualization_type="raw" exclusive="1" startup_command="/usr/local/etc/lamp/bootstrap.sh urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 urn:publicid:IDN+emulab.net+user+lnevers"> <node_type type_name="pc" type_slots="1"/> <disk_image name="urn:publicid:IDN+emulab.net+image+GeniSlices//UBUNTU91-LAMP" /> <lamp:config /> <interface virtual_id="iface0"/> </node> <node virtual_id="node2" virtualization_type="raw" exclusive="1" startup_command="/usr/local/etc/lamp/bootstrap.sh urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 urn:publicid:IDN+emulab.net+user+lnevers"> <node_type type_name="pc" type_slots="1"/> <disk_image name="urn:publicid:IDN+emulab.net+image+GeniSlices//UBUNTU91-LAMP" /> <lamp:config /> <interface virtual_id="iface0"/> </node> <link virtual_id="link1" > <interface_ref virtual_node_id="node1" virtual_interface_id="iface0"/> <interface_ref virtual_node_id="node2" virtual_interface_id="iface0"/> <link_type type_name="ethernet" /> <latency>100</latency> <packet_loss>0.05</packet_loss> </link> <node virtual_id="lamp" virtualization_type="raw" exclusive="1" startup_command="/usr/local/etc/lamp/bootstrap.sh urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 urn:publicid:IDN+emulab.net+user+lnevers"> <node_type type_name="pc" type_slots="1"/> <disk_image name="urn:publicid:IDN+emulab.net+image+GeniSlices//UBUNTU91-LAMP" /> <lamp:config> <lamp:service type="lamp_portal" enable="true" /> </lamp:config> </node> </rspec>
2. Add LAMP Resources Using the above RSpec created a sliver:
$ ./src/omni.py -a https://www.emulab.net/protogeni/xmlrpc/am -n createsliver lnevers-lamp-slice1 lamp.rspec INFO:omni:Loading config file omni_config INFO:omni:Using control framework pg INFO:omni:Slice urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 expires within 1 day on 2011-11-17 00:09:25 UTC INFO:omni:Creating sliver(s) from rspec file lamp.rspec for slice urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 INFO:omni:Asked https://www.emulab.net/protogeni/xmlrpc/am to reserve resources. Result: INFO:omni:<?xml version="1.0" ?> INFO:omni:<!-- Reserved resources for: Slice: lnevers-lamp-slice1 At AM: URL: https://www.emulab.net/protogeni/xmlrpc/am --> INFO:omni: <rspec xmlns="http://protogeni.net/resources/rspec/0.2" xmlns:lamp="http://protogeni.net/resources/rspec/0.2/ext/lamp/1"> <node component_manager_urn="urn:publicid:IDN+emulab.net+authority+cm" component_manager_uuid="28a10955-aa00-11dd-ad1f-001143e453fe" component_urn="urn:publicid:IDN+emulab.net+node+pc151" component_uuid="de98e45d-773e-102b-8eb4-001143e453fe" exclusive="1" hostname="pc151.emulab.net" sliver_urn="urn:publicid:IDN+emulab.net+sliver+62460" sliver_uuid="84a0623d-107e-11e1-b47a-001143e453fe" sshdport="22" startup_command="/usr/local/etc/lamp/bootstrap.sh urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 urn:publicid:IDN+emulab.net+user+lnevers" virtual_id="node1" virtualization_subtype="raw" virtualization_type="raw" xmlns:lamp="http://protogeni.net/resources/rspec/0.2/ext/lamp/1"> <node_type type_name="pc" type_slots="1"/> <disk_image name="urn:publicid:IDN+emulab.net+image+GeniSlices//UBUNTU91-LAMP"/> <lamp:config/> <interface component_id="eth3" virtual_id="iface0"/> <services> <login authentication="ssh-keys" hostname="pc151.emulab.net" port="22" username="lnevers"/> </services> </node> <node component_manager_urn="urn:publicid:IDN+emulab.net+authority+cm" component_manager_uuid="28a10955-aa00-11dd-ad1f-001143e453fe" component_urn="urn:publicid:IDN+emulab.net+node+pc157" component_uuid="de994176-773e-102b-8eb4-001143e453fe" exclusive="1" hostname="pc157.emulab.net" sliver_urn="urn:publicid:IDN+emulab.net+sliver+62461" sliver_uuid="85797dab-107e-11e1-b47a-001143e453fe" sshdport="22" startup_command="/usr/local/etc/lamp/bootstrap.sh urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 urn:publicid:IDN+emulab.net+user+lnevers" virtual_id="node2" virtualization_subtype="raw" virtualization_type="raw" xmlns:lamp="http://protogeni.net/resources/rspec/0.2/ext/lamp/1"> <node_type type_name="pc" type_slots="1"/> <disk_image name="urn:publicid:IDN+emulab.net+image+GeniSlices//UBUNTU91-LAMP"/> <lamp:config/> <interface component_id="eth3" virtual_id="iface0"/> <services> <login authentication="ssh-keys" hostname="pc157.emulab.net" port="22" username="lnevers"/> </services> </node> <link sliver_urn="urn:publicid:IDN+emulab.net+sliver+62463" sliver_uuid="86c7361d-107e-11e1-b47a-001143e453fe" virtual_id="link1" vlantag="805"> <interface_ref IP="10.10.1.1" MAC="0002b365cd49" component_urn="urn:publicid:IDN+emulab.net+interface+pc151:eth3" sliver_urn="urn:publicid:IDN+emulab.net+sliver+62464" sliver_uuid="8762eaa1-107e-11e1-b47a-001143e453fe" virtual_interface_id="iface0" virtual_node_id="node1"/> <interface_ref IP="10.10.1.2" MAC="0002b335f753" component_urn="urn:publicid:IDN+emulab.net+interface+pc157:eth3" sliver_urn="urn:publicid:IDN+emulab.net+sliver+62465" sliver_uuid="8851fd87-107e-11e1-b47a-001143e453fe" virtual_interface_id="iface0" virtual_node_id="node2"/> <link_type type_name="ethernet"/> <latency> 100 </latency> <packet_loss> 0.05 </packet_loss> </link> <node component_manager_urn="urn:publicid:IDN+emulab.net+authority+cm" component_manager_uuid="28a10955-aa00-11dd-ad1f-001143e453fe" component_urn="urn:publicid:IDN+emulab.net+node+pc150" component_uuid="de98a21d-773e-102b-8eb4-001143e453fe" exclusive="1" hostname="pc150.emulab.net" sliver_urn="urn:publicid:IDN+emulab.net+sliver+62462" sliver_uuid="86285b18-107e-11e1-b47a-001143e453fe" sshdport="22" startup_command="/usr/local/etc/lamp/bootstrap.sh urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 urn:publicid:IDN+emulab.net+user+lnevers" virtual_id="lamp" virtualization_subtype="raw" virtualization_type="raw" xmlns:lamp="http://protogeni.net/resources/rspec/0.2/ext/lamp/1"> <node_type type_name="pc" type_slots="1"/> <disk_image name="urn:publicid:IDN+emulab.net+image+GeniSlices//UBUNTU91-LAMP"/> <lamp:config> <lamp:service enable="true" type="lamp_portal"/> </lamp:config> <services> <login authentication="ssh-keys" hostname="pc150.emulab.net" port="22" username="lnevers"/> </services> </node> </rspec> INFO:omni: ------------------------------------------------------------ INFO:omni: Completed createsliver: Options as run: aggregate: https://www.emulab.net/protogeni/xmlrpc/am framework: pg native: True Args: createsliver lnevers-lamp-slice1 lamp.rspec Result Summary: Slice urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 expires within 1 day(s) on 2011-11-17 00:09:25 UTC Reserved resources on https://www.emulab.net/protogeni/xmlrpc/am. INFO:omni: ============================================================
3. Upload Slice Manifest
This step requires upload the slice manifest, which can be generated as follows:
$ ./src/omni.py -a https://www.emulab.net/protogeni/xmlrpc/am -o listresources lnevers-lamp-slice1
This command creates an output file named lnevers-lamp-slice1-rspec-www-emulab-net-protogeni.xml, renamed it lnevers-lamp-slice1-manifest.xml for conciseness. Also needed credential file which was generated as instructed with the ProtoGENI test tools:
./getslicecredential.py -n lnevers-lamp-slice1 >lnevers-lamp-slice1-cred.xml
To upload the manifest executed the following:
$ ./lamp-sendmanifest.py 0.2 lnevers-lamp-slice1-manifest.xml urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 lnevers-lamp-slice1-cred.xml <?xml version="1.0" ?> <topology id="genitopo" xmlns="http://ogf.org/schema/network/topology/unis/20100528/" xmlns:pgeni="http://ogf.org/schema/network/topology/protogeni/20100716/" xmlns:psconfig="http://ogf.org/schema/network/topology/psconfig/20100716/"> <domain id="urn:ogf:network:domain=emulab.net+slice+lnevers-lamp-slice1"> <node id="urn:ogf:network:domain=emulab.net+slice+lnevers-lamp-slice1:node=node1"> <address type="dns"> pc151.emulab.net </address> <nodePropertiesBag> <pgeni:nodeProperties component_manager_urn="urn:publicid:IDN+emulab.net+authority+cm" component_manager_uuid="28a10955-aa00-11dd-ad1f-001143e453fe" component_urn="urn:publicid:IDN+emulab.net+node+pc151" component_uuid="de98e45d-773e-102b-8eb4-001143e453fe" exclusive="1" sliver_urn="urn:publicid:IDN+emulab.net+sliver+62460" sliver_uuid="84a0623d-107e-11e1-b47a-001143e453fe" startup_command="/usr/local/etc/lamp/bootstrap.sh urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 urn:publicid:IDN+emulab.net+user+lnevers" virtualization_subtype="raw" virtualization_type="raw" xmlns:lamp="http://protogeni.net/resources/rspec/0.2/ext/lamp/1"> <pgeni:node_type type_name="pc" type_slots="1"/> <pgeni:disk_image name="urn:publicid:IDN+emulab.net+image+GeniSlices//UBUNTU91-LAMP"/> <pgeni:services> <pgeni:login authentication="ssh-keys" hostname="pc151.emulab.net" port="22" username="lnevers"/> </pgeni:services> </pgeni:nodeProperties> <psconfig:nodeProperties/> </nodePropertiesBag> <port id="urn:ogf:network:domain=emulab.net+slice+lnevers-lamp-slice1:node=node1:port=iface0"> <name> eth3 </name> <portPropertiesBag> <pgeni:portProperties component_id="eth3" component_urn="urn:publicid:IDN+emulab.net+interface+pc151:eth3" sliver_urn="urn:publicid:IDN+emulab.net+sliver+62464" sliver_uuid="8762eaa1-107e-11e1-b47a-001143e453fe"/> </portPropertiesBag> <address type="mac"> 0002b365cd49 </address> <address type="ipv4"> 10.10.1.1 </address> </port> </node> <node id="urn:ogf:network:domain=emulab.net+slice+lnevers-lamp-slice1:node=node2"> <address type="dns"> pc157.emulab.net </address> <nodePropertiesBag> <pgeni:nodeProperties component_manager_urn="urn:publicid:IDN+emulab.net+authority+cm" component_manager_uuid="28a10955-aa00-11dd-ad1f-001143e453fe" component_urn="urn:publicid:IDN+emulab.net+node+pc157" component_uuid="de994176-773e-102b-8eb4-001143e453fe" exclusive="1" sliver_urn="urn:publicid:IDN+emulab.net+sliver+62461" sliver_uuid="85797dab-107e-11e1-b47a-001143e453fe" startup_command="/usr/local/etc/lamp/bootstrap.sh urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 urn:publicid:IDN+emulab.net+user+lnevers" virtualization_subtype="raw" virtualization_type="raw" xmlns:lamp="http://protogeni.net/resources/rspec/0.2/ext/lamp/1"> <pgeni:node_type type_name="pc" type_slots="1"/> <pgeni:disk_image name="urn:publicid:IDN+emulab.net+image+GeniSlices//UBUNTU91-LAMP"/> <pgeni:services> <pgeni:login authentication="ssh-keys" hostname="pc157.emulab.net" port="22" username="lnevers"/> </pgeni:services> </pgeni:nodeProperties> <psconfig:nodeProperties/> </nodePropertiesBag> <port id="urn:ogf:network:domain=emulab.net+slice+lnevers-lamp-slice1:node=node2:port=iface0"> <name> eth3 </name> <portPropertiesBag> <pgeni:portProperties component_id="eth3" component_urn="urn:publicid:IDN+emulab.net+interface+pc157:eth3" sliver_urn="urn:publicid:IDN+emulab.net+sliver+62465" sliver_uuid="8851fd87-107e-11e1-b47a-001143e453fe"/> </portPropertiesBag> <address type="mac"> 0002b335f753 </address> <address type="ipv4"> 10.10.1.2 </address> </port> </node> <node id="urn:ogf:network:domain=emulab.net+slice+lnevers-lamp-slice1:node=lamp"> <address type="dns"> pc150.emulab.net </address> <nodePropertiesBag> <pgeni:nodeProperties component_manager_urn="urn:publicid:IDN+emulab.net+authority+cm" component_manager_uuid="28a10955-aa00-11dd-ad1f-001143e453fe" component_urn="urn:publicid:IDN+emulab.net+node+pc150" component_uuid="de98a21d-773e-102b-8eb4-001143e453fe" exclusive="1" sliver_urn="urn:publicid:IDN+emulab.net+sliver+62462" sliver_uuid="86285b18-107e-11e1-b47a-001143e453fe" startup_command="/usr/local/etc/lamp/bootstrap.sh urn:publicid:IDN+emulab.net+slice+lnevers-lamp-slice1 urn:publicid:IDN+emulab.net+user+lnevers" virtualization_subtype="raw" virtualization_type="raw" xmlns:lamp="http://protogeni.net/resources/rspec/0.2/ext/lamp/1"> <pgeni:node_type type_name="pc" type_slots="1"/> <pgeni:disk_image name="urn:publicid:IDN+emulab.net+image+GeniSlices//UBUNTU91-LAMP"/> <pgeni:services> <pgeni:login authentication="ssh-keys" hostname="pc150.emulab.net" port="22" username="lnevers"/> </pgeni:services> </pgeni:nodeProperties> <psconfig:nodeProperties> <psconfig:service enable="true" type="lamp_portal"/> </psconfig:nodeProperties> </nodePropertiesBag> </node> <link directed="false" id="urn:ogf:network:domain=emulab.net+slice+lnevers-lamp-slice1:link=link1"> <type> ethernet </type> <linkPropertiesBag> <pgeni:linkProperties sliver_urn="urn:publicid:IDN+emulab.net+sliver+62463" sliver_uuid="86c7361d-107e-11e1-b47a-001143e453fe" vlantag="805"> <pgeni:latency> 100 </pgeni:latency> <pgeni:packet_loss> 0.05 </pgeni:packet_loss> </pgeni:linkProperties> </linkPropertiesBag> <relation type="endPoint"> <portIdRef> urn:ogf:network:domain=emulab.net+slice+lnevers-lamp-slice1:node=node1:port=iface0 </portIdRef> </relation> <relation type="endPoint"> <portIdRef> urn:ogf:network:domain=emulab.net+slice+lnevers-lamp-slice1:node=node2:port=iface0 </portIdRef> </relation> </link> </domain> </topology>
4. Get the LAMP certificate
$ ./lamp-getcertificate.py -n lnevers-lamp-slice1 Got my SA credential, looking up lnevers-lamp-slice1 Asking for slice credential for lnevers-lamp-slice1 Got the slice credential Asking for my lamp certificate Paste the following certificate *as is* into a file called lampcert.pem Upload the certificate to all LAMP enabled nodes at /usr/local/etc/protogeni/ssl/lampcert.pem -----BEGIN RSA PRIVATE KEY----- .. many lines of output not show here.... -----END CERTIFICATE-----
5. Upload LAMP Certificate Determined which node to which to upload the LAMP certificate, and then upload certificate to /usr/local/etc/protogeni/ssl/lampcert.pem on each node.
$ grep "login" lnevers-lamp-slice1-manifest.xml <services> <login authentication="ssh-keys" hostname="pc151.emulab.net" port="22" username="lnevers"/> </services> </node> <services> <login authentication="ssh-keys" hostname="pc157.emulab.net" port="22" username="lnevers"/> </services> </node> <services> <login authentication="ssh-keys" hostname="pc150.emulab.net" port="22" username="lnevers"/> </services> </node> $ for node in pc151.emulab.net pc157.emulab.net pc150.emulab.net; do scp lampcert.pem lnevers@$node:.; ssh lnevers@$node "sudo mv lampcert.pem /usr/local/etc/protogeni/ssl/lampcert.pem"; ssh lnevers@$node "sudo chown root.perfsonar /usr/local/etc/protogeni/ssl/lampcert.pem"; ssh lnevers@$node "sudo chmod 440 /usr/local/etc/protogeni/ssl/lampcert.pem"; ssh lnevers@$node "sudo /etc/init.d/psconfig restart"; done lampcert.pem 100% 4226 4.1KB/s 00:00 /etc/init.d/psconfig stop: perfSONAR pSConfig Service stopped waiting... /opt/perfsonar_ps/perfSONAR_PS-pSConfig/bin/daemon.pl --ssl-enable --config=/usr/local/etc/perfSONAR/pSConfig.conf --pidfile=psconfig.pid --piddir=/var/run --logger=/usr/local/etc/perfSONAR/pSConfig_logger.conf --user=perfsonar --group=perfsonar /etc/init.d/psconfig start: perfSONAR pSConfig Service started lampcert.pem 100% 4226 4.1KB/s 00:00 /etc/init.d/psconfig stop: perfSONAR pSConfig Service stopped waiting... /opt/perfsonar_ps/perfSONAR_PS-pSConfig/bin/daemon.pl --ssl-enable --config=/usr/local/etc/perfSONAR/pSConfig.conf --pidfile=psconfig.pid --piddir=/var/run --logger=/usr/local/etc/perfSONAR/pSConfig_logger.conf --user=perfsonar --group=perfsonar /etc/init.d/psconfig start: perfSONAR pSConfig Service started lampcert.pem 100% 4226 4.1KB/s 00:00 /etc/init.d/psconfig stop: perfSONAR pSConfig Service stopped waiting... /opt/perfsonar_ps/perfSONAR_PS-pSConfig/bin/daemon.pl --ssl-enable --config=/usr/local/etc/perfSONAR/pSConfig.conf --pidfile=psconfig.pid --piddir=/var/run --logger=/usr/local/etc/perfSONAR/pSConfig_logger.conf --user=perfsonar --group=perfsonar /etc/init.d/psconfig start: perfSONAR pSConfig Service started
After the services were started still could connect to the LAMP Portal, it was suggested that Web Server Certificate Bundle should be refreshed:
lamp:~> sudo /usr/local/etc/protogeni/ssl/getcacerts Files /usr/local/etc/protogeni/ssl/genica.bundle and /tmp/genica.bundle.6774 differ Files /usr/local/etc/protogeni/ssl/genicrl.bundle and /tmp/genicrl.bundle.6774 differ /etc/init.d/psconfig stop: perfSONAR pSConfig Service stopped /opt/perfsonar_ps/perfSONAR_PS-pSConfig/bin/daemon.pl --ssl-enable --config=/usr/local/etc/perfSONAR/pSConfig.conf --pidfile=psconfig.pid --piddir=/var/run --logger=/usr/local/etc/perfSONAR/pSConfig_logger.conf --user=perfsonar --group=perfsonar /etc/init.d/psconfig start: perfSONAR pSConfig Service started * Starting MySQL database server mysqld [ OK ] * Checking for corrupt, not cleanly closed and upgrade needing tables. lamp:~>
After refreshing the Webserver Certificate bundle, the service should be restarted on the node by using the following:
lamp:~> sudo /etc/init.d/psconfig restart
You can now connect to the LAMP Portal. Following is a capture of the main page:
Selecting the Registered Services brings up the following page:
At this point the web server stopped responding even though the Apache server was still running. Waiting on response.
Attachments (12)
- Lamp-portal-1.jpg (138.4 KB) - added by 12 years ago.
- Lamp-portal-2.jpg (75.8 KB) - added by 12 years ago.
- Lamp-portal-3.jpg (179.4 KB) - added by 12 years ago.
- Lamp-portal-4.jpg (149.6 KB) - added by 12 years ago.
- lamp-sendmanifest.py (19.7 KB) - added by 12 years ago.
- Lamp-portal-6.jpg (141.8 KB) - added by 12 years ago.
- Lamp-portal-7.jpg (106.4 KB) - added by 12 years ago.
- Lamp-portal-8.jpg (108.9 KB) - added by 12 years ago.
- Lamp-portal-9.jpg (222.9 KB) - added by 12 years ago.
- Lamp-portal-10.jpg (68.9 KB) - added by 12 years ago.
- Lamp-portal-11.jpg (60.1 KB) - added by 12 years ago.
- Lamp-portal-12.jpg (197.2 KB) - added by 12 years ago.
Download all attachments as: .zip