Changes between Initial Version and Version 1 of SfaInstallGEC9Demos


Ignore:
Timestamp:
10/13/10 14:04:34 (9 years ago)
Author:
chaos@bbn.com
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • SfaInstallGEC9Demos

    v1 v1  
     1[[PageOutline]]
     2
     3This page provides instructions for grabbing/configuring SFA from git, assuming a site which is already running a stable myplc and just needs to add SFA
     4
     5We recommend sites use the tag `sfa-geni-gec9` from the PlanetLab GIT repository.
     6
     7= Variables =
     8
     9You will need to configure SFA using some of the same variables which were configured for PLC.  Get these values by running `plc-config-tty` in read-only mode on your myplc host:
     10{{{
     11$ plc-config-tty
     12Enter command (u for usual changes, w to save, ? for help) s PLC_SLICE_PREFIX
     13PLC_SLICE_PREFIX = <plc_slice_prefix>
     14
     15Enter command (u for usual changes, w to save, ? for help) s PLC_API_HOST
     16PLC_API_HOST = <plc_api_host>
     17
     18Enter command (u for usual changes, w to save, ? for help) s PLC_DB_HOST
     19PLC_DB_HOST = <plc_db_host>
     20
     21Enter command (u for usual changes, w to save, ? for help) s PLC_ROOT_USER
     22PLC_ROOT_USER = <plc_root_user>
     23
     24Enter command (u for usual changes, w to save, ? for help) s PLC_ROOT_PASSWORD
     25PLC_ROOT_PASSWORD = <plc_root_password>
     26
     27Enter command (u for usual changes, w to save, ? for help) s PLC_DB_PASSWORD
     28PLC_DB_PASSWORD = <plc_db_password>
     29
     30Enter command (u for usual changes, w to save, ? for help) q
     31}}}
     32
     33= Step 1: get a tarball of the `sfa-geni-gec9` tag of SFA =
     34
     35On any machine with git installed:
     36{{{
     37git clone git://git.planet-lab.org/sfa.git
     38gittag=sfa-geni-gec9
     39$ git archive --format=tar --prefix=${gittag}/ ${gittag} | gzip > ${gittag}.tar.gz
     40}}}
     41
     42This will produce a tarball named `sfa-geni-gec9.tar.gz`.  Copy the tar file to your myplc node.
     43
     44= Step 2: install SFA prerequisites =
     45
     46If this is the first time you are installing SFA on this myplc, you will need to install prerequisite packages, and you will need to make certain that particular packages are up-to-date:
     47{{{
     48sudo yum update fedora-release
     49sudo yum install m2crypto python-dateutil python-psycopg2 myplc-config pyOpenSSL python-ZSI libxslt-python xmlsec1-openssl-devel python-lxml
     50sudo yum upgrade pyOpenSSL python-lxml
     51}}}
     52
     53= Step 3: Compile and install the SFA code =
     54
     55Compile the source code in a working directory of your choice:
     56{{{
     57mkdir ~/src
     58cd ~/src
     59tar xvzf ~/sfa-geni-gec9.tar.gz
     60cd sfa-geni-gec9
     61make
     62}}}
     63
     64Expect about 6 lines of output and no obvious errors.  Assuming that looks okay, install SFA:
     65{{{
     66sudo make install
     67}}}
     68
     69= Step 4: Configure SFA =
     70
     71Note that many of these configuration options require variables taken from your myplc configuration itself.  See [#Variables] for details.
     72
     73{{{
     74$ sudo sfa-config-tty
     75Enter command (u for usual changes, w to save, ? for help) u
     76 SFA_INTERFACE_HRN: plc.<plc_slice_prefix>
     77 SFA_REGISTRY_ROOT_AUTH: plc
     78 SFA_REGISTRY_HOST : <plc_api_host>
     79 SFA_AGGREGATE_HOST : <plc_api_host>
     80 SFA_SM_HOST : <plc_api_host>
     81 SFA_PLC_DB_HOST : <plc_db_host>
     82 SFA_PLC_DB_USER : postgres
     83 SFA_PLC_USER: <plc_root_user>
     84 SFA_PLC_PASSWORD: <plc_root_password>
     85 SFA_PLC_DB_PASSWORD: <plc_db_password> 
     86 SFA_PLC_URL : [https://localhost:443/PLCAPI/]
     87Enter command (u for usual changes, w to save, ? for help) w
     88Enter command (u for usual changes, w to save, ? for help) q
     89}}}
     90
     91= Step 5: Start SFA =
     92
     93Start up SFA once, to create the initial /etc/sfa/sfa_config.py, and stop it again
     94{{{
     95sudo service sfa reload
     96}}}
     97
     98Import the PLC database into SFA:
     99{{{
     100sudo sfa-import-plc.py
     101}}}
     102 
     103Start up SFA again:
     104{{{
     105sudo service sfa restart
     106}}}
     107
     108= Step 6: Create local sfi credentials if desired =
     109
     110In order to use omni to reserve resources using the `pgeni.gpolab.bbn.com` slice authority, you do not need to test sfi or create local users with sfi certificates.  You should be able to install SFA and configure it to allow omni sliver creation for GEC9 demos without ever installing a local sfi user on your myplc.  So it is fine to skip this step.
     111
     112However, you may want to create local users for other purposes, or to test functionality.  If you want to do that, [wiki:GeniApiInstallationMyPlc#InstallSFA] has instructions for creating an sfi client configuration and using it to test `getversion` in steps 6 and 7.
     113
     114= Step 7: Install the `pgeni.gpolab.bbn.com` certificate =
     115
     116Configure your SFA instance to allow slivers to slices created at the GEC9 demo slice authority, `pgeni.gpolab.bbn.com`.
     117
     118Get a copy of the certificate:
     119{{{
     120wget http://www.pgeni.gpolab.bbn.com/ca-cert/pgeni.gpolab.bbn.com.pem
     121}}}
     122
     123Copy that certificate into a `.crt` file under `/etc/sfa/trusted_roots`:
     124{{{
     125sudo cp pgeni.gpolab.bbn.com.pem /etc/sfa/trusted_roots/pgeni.gpolab.bbn.com.crt
     126}}}
     127
     128Restart sfa:
     129{{{
     130sudo service sfa restart
     131}}}
     132
     133= Outcome =
     134
     135Assuming SFA comes up cleanly, it should now be possible for people to create slivers via omni at your myplc, using the instructions at OmniSetupGEC9Demos.  Of particular note, you will want to run:
     136{{{
     137./src/omni.py listresources -n -a http://<plc_www_host>:12346
     138}}}
     139to obtain an rspec describing the planetlab nodes available at your myplc.  This will tell you what your planetlab hosts are called by omni, and thus how to reserve them.
     140