| | 55 | === IMF Extended Openfire XMPP Server (IMF Messaging Service) === |
| | 56 | |
| | 57 | Th IMF Messaging Service is expected to run in some management server, typically outside slices. In the GEC13 demo, this ran on a management server on the BEN facility at RENCI. |
| | 58 | |
| | 59 | It holds a certificate for at least one GENI Certifying Authority. That is, it "recognizes" the authority of (is prepared to accept certificates issued by) this GENI CA. It may hold certificates for multiple GENI CAs. |
| | 60 | |
| | 61 | When a client attempt to initiate a secure connection to it, the IMF Messaging Service expects that client to produce a certificate which is signed by the GENI CA. If not, the connection is refused. We call this ''entity authentication''. |
| | 62 | |
| | 63 | Having successfully connected to the IMF Messaging Service, a client would attempt to either publish to a topic (node), or subscribe to it. The IMF Messaging Server expects credentials to find previously stored credentials for the authenticated entity corresponding to each such action ("can-publish" and "can-subscibe" credentials). Otherwise these actions are refused. Credentials can be stored by the creator of the topic. We call this credential verification ''authorization''. |
| | 64 | |
| | 65 | Both certificates and credentials can be created by the '''gcf''' tool, which has been extended for the purpose. |
| | 66 | |
| | 67 | In order to make this work, the JIDs of clients have to match the arbitrary generated credentials. Thus in this view, the JIDs of the clients are not meant to have significance to humans, whereas the topic names are. |
| | 68 | |
| | 69 | === "Empty" Sample Client to IMF Messaging Service === |
| | 70 | |
| | 71 | A simple XMPP client which behave according to the expectations of the IMF Messaging Service as above. This can be used as sample code for building messaging clients with the authentication and authorization capabilities. In the GEC13 demo, this ran off a standalone laptop at the demo site. |
| | 72 | |
| | 73 | To access the IMF Messaging Service, the client must have access to a public IP interface of the server running the IMF Messaging Service. Alternatively, if the server is in a VPN, it needs access to that VPN; etc. In our GEC13 demo, the server was in a VPN to which the laptop had been given access. |
| | 74 | |
| | 75 | === OMF EC and RC using IMF Messaging Service === |
| | 76 | |
| | 77 | In the OMF system, the Experiment Controller (EC) and Resource Controller (RC) communicate to each other through an XMPP server. The XMPP topics are bootstrapped by the OMF Aggregate Manager (AM). The EC locates the XMPP server by prior secure HTTP interaction with the AM. In the GENI context, the OMF EC and RC can be expected to run in VMs within slices. |
| | 78 | |
| | 79 | We created modules similar to the OMF EC and RC, that communicate through the IMF Messaging System, and using authentication and authorization as above. The topic bootstrapping is currently manual. Our implementation conforms with OMF 5.4; OMF is currently moving to 6.0 which should eliminate the secure HTTP step, and we will reexamine our implementation in light of that change when available. |
| | 80 | |
| | 81 | In the GEC13 demo, these ran in an ORCA slice created with Flukes; on distinct VMs of the same slice, which had VPN access to the IMF Messaging Service server. |
| | 82 | |
| | 83 | === Repository Service using IMF Messaging Service === |
| | 84 | |
| | 85 | A client built on the sample client, which subscribes to some particular topic, then locally archives every message that is published on that topic. In the GEC13 demo, it ran on a standalone laptop at the demo site, which had VPN access to the IMF Messaging Service server. |
| | 86 | |
| | 87 | The repository server attempts to be accommodating of messages to be archived. If the XML message contains a particular preamble, the Repository Service attempts to parse the XML to find out what table to store the message into, and divide the message into column values. If this preamble is missing, the Repository Service simply stores the entire message as one field in a default table, indexed only by timestamp and sender. |
| | 88 | |
| | 89 | === IMF Optical Measurement Handler using IMF Messaging Service === |
| | 90 | |
| | 91 | This is the IMF Measurement Handler (with PubSub Manager) with appropriate physical optical substrate interface modules to extract measurement data from various optical substrates, such as Polatis switches and Infinera DTNs, that we successfully demonstrated at GEC8 and following. It has been updated to use the IMF Messaging Service, rather than an inbuilt XMPP server, and use authentication and authorization. This must run on a machine that has access to the management interfaces of the optical hardware - typically this would imply physical proximity, and RS232 connection or similar. In the GEC13 demo, this ran on a dedicated server on BEN at RENCI. |
| | 92 | |
| | 93 | This code module also makes the "SimpleIMFSubscriber" target, which can consume and display the optical port power and other readings being generated and published by the Measurement Handler/PSM, updated to use the IMF Messaging Service. |
| 87 | | * [attachment:ezclient.pl Download zip file] |
| 88 | | * [attachment:perfsonar_imf_gui_v2.1.jar perfSONAR standalone GUI client for IMF measurements] |
| 89 | | * [attachment:mh.tar.gz Measurement Handler] |
| 90 | | * [attachment:PubSub_for_PerfSONAR.tar.gz PubSub for perfSONAR] |
| 91 | | * [attachment:perfsonar_imf_realtime.tar.gz perfSONAR IMF Realtime service] |
| | 126 | * [attachment:some_name.zip Download zip file] |
| | 127 | * [attachment:some_other_name.docx Detailed documentation] |
| | 128 | |
| | 129 | === "Empty" Sample Client to IMF Messaging Service === |
| | 130 | |
| | 131 | * [attachment:some_name.zip Download zip file] |
| | 132 | * [attachment:some_other_name.docx Detailed documentation] |
| | 133 | |
| | 134 | === OMF EC and RC using IMF Messaging Service === |
| | 135 | |
| | 136 | * [attachment:some_name.zip Download zip file] |
| | 137 | * [attachment:some_other_name.docx Detailed documentation] |
| | 138 | |
| | 139 | === Repository Service using IMF Messaging Service === |
| | 140 | |
| | 141 | * [attachment:some_name.zip Download zip file] |
| | 142 | * [attachment:some_other_name.docx Detailed documentation] |
| | 143 | |
| | 144 | === IMF Optical Measurement Handler using IMF Messaging Service === |
| | 145 | |
| | 146 | * [attachment:some_name.zip Download zip file] |
| | 147 | * [attachment:some_other_name.docx Detailed documentation] |
| | 148 | |
| | 149 | |
