wiki:GpoLab/MyplcSfaUpgrade

Version 1 (modified by tupty@bbn.com, 13 years ago) (diff)

--

Upgrading MyPLC and SFA

This page provides general instructions for upgrading a MyPLC aggregate running the SFA aggregate manager software in the GENI mesoscale deployment.

Variables

<distro>

Description

Abbreviation of the Linux distribution that is running on the MyPLC machine

Possible Values

  • f8
  • f12

<arch>

Description

Architecture of the machine that is running MyPLC

Possible Values

  • i386
  • x86_64

<baseurl>

Description

URL of MyPLC repository, follows the form http://build.planet-lab.org/planetlab/<distro>/pl-<distro>-<arch>-5.0-k32-rc-20/RPMS/

Possible Values

Requirements

If you find that your systems do not meet the requirements below, or if you are unable to determine if you met the requirements, please contact gpo-infra@geni.net.

Linux Distribution

This page assumes that you are running your MyPLC machine on either Fedora 12 or Fedora 8.

MyPLC Software

This page assumes that you are at running at least a MyPLC version 5.0 release candidate. To verify this, run the following command:

grep myplc /etc/myplc-release

look for output similar to the following:

               myplc :: version=5.0 release=9.planetlab

The version number being at 5.0 is the important part here.

SFA Software

This page assumes that you are running the sfa-geni-gec9 git-tagged version of SFA. This was likely installed from source. If you haven't explicitly upgraded your SFA version after GEC 11, then you probably are running this version.

Upgrade Procedure

Backups (Optional)

If you have some backup procedure that you would like to follow, do so now. This might be as simple as taking a snapshot of your MyPLC machine.

Upgrading MyPLC

These instructions are modified from the MyPLC User Guide (https://svn.planet-lab.org/wiki/MyPLCUserGuide#Upgradingtoamorerecentversion)

You will need to upgrade your MyPLC to MyPLC 5.0 rc20.:

  1. Modify your /etc/yum.repos.d/myplc.repo to have the following contents:
[myplc]
name= MyPLC
baseurl=<baseurl>
enabled=1
gpgcheck=0
  1. Shut down the plc service
    sudo service plc stop
    
  1. Update to packages in the MyPLC rc20 repo:
    sudo yum clean all
    sudo yum update
    
  1. Start the plc service again:
    sudo service plc start
    
  1. Make a copy of the new plnet.py on your MyPLC machine in your home directory
    • Note that the path for this depends on your python version on your MyPLC host
    • The command will look similar to the following:
      cp /usr/lib/python2.5/site-packages/plnet.py ~/
      
  1. Patch the new plnet.py file
    • A patch file was included in an email from the GPO
    • If you do not have the correct patch file, then please email gpo-infra@geni.net and ask about the patch file for the MyPLC SFA upgrade
      patch ~/plnet.py < myplc-rc20-plnet.patch
      

Upgrading MyPLC-based PlanetLab Nodes

  1. Reboot the node
    • This will pick up a new kernel on the node
    • Note that if you have problems with this the node coming back up, restarting the plc service on the MyPLC machine may help:
      sudo service plc restart
      
  1. Copy the newly patched plnet.py file from your MyPLC machine to each of the nodes
    • Note that the path for this depends on your python version on your nodes
    • The command will look similar to the following:
      scp ~/plnet.py node.fqdn.tld:/usr/lib/python2.5/site-packages/plnet.py
      
  1. From each node, manually restart NodeManager:
    sudo service nm restart
    

Upgrading SFA

These instructions are modified from the GPO's MyPLC Reference Implementation page (http://groups.geni.net/geni/wiki/GpoLab/MyplcReferenceImplementation#AddingSFAtoMyPLC)

  1. Prepare to Upgrade SFA
    sudo service sfa stop
    sudo sfa-nuke-plc.py
    ls /etc/sfa/trusted_roots > ~/trusted_roots.txt
    sudo rm /etc/sfa/trusted_roots/*
    sudo rm -rf /var/lib/sfa/
    
  1. Obtain a tarball of the sfa-1.0-35-PATCHED code and store it in your home directory on your MyPLC machine:
    wget -O ~/sfa-1.0-35-PATCHED.tar.gz https://svn.planet-lab.org/raw-attachment/wiki/SFA-1.0-35-PATCHED/sfa-1.0-35-PATCHED.tar.gz
    
  1. Ensure SFA prerequisites are installed:
    sudo yum update fedora-release
    sudo yum install m2crypto python-dateutil python-psycopg2 myplc-config pyOpenSSL python-ZSI libxslt-python xmlsec1-openssl-devel python-lxml
    sudo yum upgrade pyOpenSSL python-lxml
    
  1. Compile SFA code on the MyPLC machine
    mkdir ~/src
    cd ~/src
    tar xvzf ~/sfa-1.0-35-PATCHED.tar.gz
    cd sfa-1.0-35
    make
    
  1. Install SFA:
    sudo make install
    
  1. Initialize SFA
    sudo service sfa reload
    
  1. Trust pgeni (and any other Slice Authorities listed in ~/trusted_roots.txt) as a remote slice authority
    • Note that all cert files must have a .gid extension for this release of SFA (i.e. .crt and .pem files will be ignored)
    • Download the cert files to the MyPLC machine, and save it under /etc/sfa/trusted_roots/
    • Here's an example of how to do this for pgeni:
      wget -O ~/pgeni.gpolab.bbn.com.gid http://www.pgeni.gpolab.bbn.com/ca-cert/pgeni.gpolab.bbn.com.pem
      sudo cp ~/pgeni.gpolab.bbn.com.gid /etc/sfa/trusted_roots/
      
  1. Import PLC database into SFA:
    sudo sfa-import-plc.py
    
  1. Configure the maximum sliver renewal time
    • This value is a configurable parameter for how long a user can renew a sliver on your aggregate
    • You can set this value to be whatever you want
    • At the GPO, we have set this value to 180 days
    • The default value is 60 days
    • The process to do this is as follows:
      [user@myplc:~]$sudo sfa-config-tty
      Enter command (u for usual changes, w to save, ? for help) e SFA_MAX_SLICE_RENEW
      == SFA_MAX_SLICE_RENEW : [60] 180
      Enter command (u for usual changes, w to save, ? for help) w
      Wrote /etc/sfa/configs/site.xml
      Merged
      	/etc/sfa/default_config.xml
      and	/etc/sfa/configs/site.xml
      into	/etc/sfa/sfa_config.xml
      You might want to type 'r' (restart sfa), 'R' (reload sfa) or 'q' (quit)
      Enter command (u for usual changes, w to save, ? for help) q
      
  2. Start SFA
    sudo service sfa restart
    
  3. Restart all MyPLC-based Planet Lab nodes one last time