Tags:
create new tag
, view all tags

How to Build GENI DCN AM from Scratch

This page is a guide to building a MAX style GENI AM from scratch. It uses ION AM as example to provide step-by-step instructions on installation and configuration of a GENI AM to cover a DCN aggregate / domain.

We use Fedora 12 as the reference OS. Similar procedure applies to REHL/CentOS6 when myplc and sfa packages are ready for such platforms.

Install myplc-5.0 and sfa-2.0-9

  • cat >> /etc/yum.repos.d/myplc.repo
[myplc]
name=MyPLC
baseurl=http://build.planet-lab.org/planetlab/f12/pl-f12-x86_64-5.0-k32-rc-20/RPMS/
enabled=1
gpgcheck=0

  • cat >> /etc/yum.repos.d/sfa.repo
[sfa]
name=SFA
baseurl=http://build.onelab.eu/sfa/stable-f12-64/RPMS/
enabled=1
gpgcheck=0

  • yum install myplc *yum install sfa sfa-client sfa-sfatables sfa-plc

Configure MyPLC

  • run: plc-config-tty
---- example input ----
Enter command (u for usual changes, w to save, ? for help) u
== PLC_NAME : [ION PLC_SFA] 
== PLC_SHORTNAME : [ionpl] 
== PLC_SLICE_PREFIX : [ionpl] 
== PLC_ROOT_USER : [xyang@isi.edu] 
== PLC_ROOT_PASSWORD : [mypass] 
== PLC_MAIL_ENABLED : [false] 
== PLC_MAIL_SUPPORT_ADDRESS : [xyang@east.isi.edu] 
== PLC_DB_HOST : [localhost] 
== PLC_API_HOST : [206.196.179.239] 
== PLC_WWW_HOST : [206.196.179.239] 
== PLC_BOOT_HOST : [206.196.179.239] 
== PLC_NET_DNS1 : [206.196.176.2] 
== PLC_NET_DNS2 : [206.196.176.2] 

Configure SFA

  • run: sfa-config-tty
---- example input ----
Enter command (u for usual changes, w to save, ? for help) u
== SFA_INTERFACE_HRN : [ionpl] 
== SFA_REGISTRY_ROOT_AUTH : [ionpl] 
== SFA_REGISTRY_HOST : [alpha.dragon.maxgigapop.net] 
== SFA_AGGREGATE_HOST : [alpha.dragon.maxgigapop.net] 
== SFA_SM_HOST : [alpha.dragon.maxgigapop.net] 
== SFA_PLC_URL : [https://localhost:443/PLCAPI/] 
== SFA_PLC_USER : [xyang@isi.edu] 
== SFA_PLC_PASSWORD : [mypass] 
== SFA_DB_HOST : [localhost] 

Patch SFA-2.0-9

Manually patch the following files

  • edit /etc/sfa/sfa_config
  ---- add ----
# MAX-GENI AM URL
# The URL for ION GENI AM
MAXGENI_AM_URL='http://alpha.dragon.maxgigapop.net:8080/axis2/services/AggregateGENI'

# MAX-GENI AM Java API client path
# The path to API client package
MAXGENI_AM_APICLIENT_PATH='/usr/local/MAXGENI_AM_APIClient'

  • edit /etc/sfa/sfa_config.xml
  ---- add ----
    <category id="maxgeni_am">
      <name>MAX site specific</name>
      <description>The settings that are used by MAX GENI AM.</description>
      <variablelist>
        <variable id="apiclient_path" type="string">
          <name>MAX-GENI AM Java API client path</name>
          <value>/usr/local/MAXGENI_AM_APIClient</value>
          <description>The path to API client package</description>
        </variable>
        <variable id="url" type="string">
          <name>MAX-GENI AM URL</name>
          <value>http://alpha.dragon.maxgigapop.net:8080/axis2/services/AggregateGENI</value>
          <description>The URL for ION GENI AM</description>
        </variable>
      </variablelist>
    </category>

  • edit /etc/sfa/configs/site.xml
  ---- add ----
    <category id="maxgeni_am">
      <name>MAX site specific</name>
      <description>The settings that are used by MAX GENI AM.</description>
      <variablelist>
        <variable id="apiclient_path" type="string">
          <name>MAX-GENI AM Java API client path</name>
          <value>/usr/local/MAXGENI_AM_APIClient</value>
          <description>The path to API client package</description>
        </variable>
        <variable id="url" type="string">
          <name>MAX-GENI AM URL</name>
          <value>http://alpha.dragon.maxgigapop.net:8080/axis2/services/AggregateGENI</value>
          <description>The URL for ION GENI AM</description>
        </variable>
      </variablelist>
    </category>
  </variables>

Restart MyPLC and SFA

  • service myplc restart
  • service sfa restart

Import data from MyPLC into SFA

  • add a GENI user in PI role into myplc via PLC web portal: https://alpha.dragon.maxgigapop.net
  • run: sfa-import-plc.py
  • verify correct import in /var/log/sfa_import.log (the user just added should be imported in log)

Configure federation with other aggregates

  • place peer cert (for example emulab.gid and maxpl.gid) under /etc/sfa/trusted_roots/.
  • edit /etc/sfa/registries.xml to read like below
<registries>
        <registry addr="www.planet-lab.org" hrn="plc" port="12345"/>
        <registry addr="max-myplc.dragon.maxgigapop.net" hrn="maxpl" port="12345"/>
        <registry addr="www.emulab.net/protogeni/xmlrpc/am" hrn="emulab" port="443"/>
</registries>
  • edit /etc/sfa/aggregates.xml to read like below
<aggregates>
        <aggregate addr="www.planet-lab.org" hrn="plc" port="12346"/>
        <aggregate addr="max-myplc.dragon.maxgigapop.net" hrn="maxpl" port="12346"/>
        <aggregate addr="www.emulab.net/protogeni/xmlrpc/am" hrn="emulab" port="443"/>
</aggregates>

Install dependency packages from GENI AM software

  • install java-1.6.0-openjdk, java-1.6.0-openjdk-devel, mysql, tomcat, axis-1.4.2 and ant
  • configure mysql user and pass for GENI
  • create database aggregate in mysql

Setup env variables

  • export AGGREGATE_HOME=/usr/local/geni-aggregate
  • similarly do JAVA_HOME, AXIS2_HOME, CATALINA_HOME

Export, compile and deploy MAX GENI AM code from SVN

  • svn export svn://svn.maxgigapop.net/geni-aggregate/branches/1.0 /usr/local/geni-aggregate
  • cd $AGGREGATE_HOME/AggregateWS/
  • ant axis2-deploy-local

Configure GENI AM

  • edit $AGGREGATE_HOME/AggregateAttic/conf/aggregate.properties
--- to read ---

#AM
aggregate.am.urn=urn:publicid:IDN+ion.internet2.edu
aggregate.rspec.handler=net.geni.aggregate.services.core.RspecHandler_GENIv3

#MySQL DB
aggregate.mysql.user=dragon
aggregate.mysql.pass=mypass

#OSCARS-IDC
aggregate.idc.domainid=ion.internet2.edu
aggregate.idc.url=https://ndb4.net.internet2.edu:8443/axis2/services/OSCARS
aggregate.idc.repo=/usr/local/geni-aggregate/AggregateAttic/conf/repo
aggregate.idc.topofile=/usr/local/geni-aggregate/AggregateAttic/conf/ion-stitch-ad-v9.xml

#PlanetLab-PLCAPI
aggregate.plc.url=https://alpha.dragon.maxgigapop.net/PLCAPI/
aggregate.plc.pi=xyang@east.isi.edu
aggregate.plc.pass=mypass
aggregate.plc.base=ionpl

#ComputeResource DB config file
aggregate.crdb.path=/usr/local/geni-aggregate/AggregateAttic/conf/repo/crdb.xml

  • edit $AGGREGATE_HOME/AggregateAttic/conf/repo/crdb.xml
    • Change user 'id' to match up with the id in MyPLC and also 'name' and other fields
    • Change user 'certSubject' to match up with the GENI AM client user cert CN (described later) ---
--- the file should read like the below ---

<?xml version="1.0" encoding="UTF-8"?>
<rspec id="physical_crdb">
    <aggregate>urn:publicid:IDN+ion.internet2.edu</aggregate>
    <user id="3" name="xyang" email="xyang@east.isi.edu" firstName="Xi" lastName="Yang" role="PI" certSubject="CN=Xi Yang, OU=ISI, O=USC, L=Arlington, ST=Virginia, C=US" description="GENI Test PI User" />
    <computeResource id="urn:publicid:IDN+ion.internet2.edu+rspec+crdb">
        <computeNode id="urn:publicid:IDN+ion.internet2.edu+node+ion.net.internet2.edu">
            <capabilities>urn:publicid:IDN+ion.internet2.edu+capability+dragon</capabilities>
            <description>Internet2 ION InterDomain Controller</description>
            <networkInterface id="urn:publicid:IDN+ion.internet2.edu+interface+ion.net.internet2.edu:eth0">
                <deviceType>Ethernet</deviceType>
                <deviceName>eth0</deviceName>
                <capacity>1000Mbps</capacity>
                <ipAddress>140.182.44.142/255.255.255.255</ipAddress>
            </networkInterface>
        </computeNode>
    </computeResource>
</rspec>

Configure DCN OSCARS Client

  • import DCN user and CA certs into $AGGREGATE_HOME/AggregateAttic/conf/repo/OSCARS.jks
  • import DCN CA vert into $AGGREGATE_HOME/AggregateAttic/conf/repo/ssl-keystore.jks0
  • edit rampConfig.xml to match up with the user alias in OSCARS.jks

Set up MAX style GENI AM native client for SFA to make calls

  • download GENI AM client package from https://geni.maxgigapop.net/twiki/bin/view/GENI/AggMgrApiClient
  • unzip it into MAXGENI_AM_APICLIENT_PATH as specified in your sfa-config file, say /usr/local/MAXGENI_AM_APIClient.
  • cd /usr/local/MAXGENI_AM_APIClient
  • create/import GENI user key and cert (and also CA cert if not self-signed) into repo/AggregateGENI.jks
  • edit repo/rampConfig.xml to match up with user alias
  • add CA cert into repo/ssl-keystore.jks if your tomcat is on SSL.
  • import GENI AM client user's CA cert is into the OSCARS.jks above.
    • Note that GENI AM reuse the DCN client keystore $AGGREGATE_HOME/AggregateAttic/conf/repo/OSCARS.jks as its own keystore.

Restart Tomcat

  • $CATALINA_HOME/bin/catalina.sh stop
  • $CATALINA_HOME/bin/catalina.sh start

Additional Notes

  • Also refer to $AGGREGATE_HOME/AggregateWS/README
  • Contact us for example configure files as reference

-- XiYang - 04 Dec 2012

Topic revision: r4 - 2013-02-18 - XiYang
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback