Thursday, May 14, 2009

Installing Nimbus on wembley

0. I have Debian Lenny with the static ip address on wembley
1. Installing Xen.
  1. xen-hypervisor-3.2.1-i386 package (the same package was installed on gobo). So it seems that this computer has support for PAE.
  2. linux-image-2.6.26-2-xen-686
  3. Reboot the system
2. I tried just to run the image, but the error occurred:

wembley:/opt/xen-image# xm create /opt/xen-image/hello-cloud/hello-cloud.cfg
Using config file "/opt/xen-image/hello-cloud/hello-cloud.cfg".
Error: Device 0 (vif) could not be connected. Could not find bridge, and none was specified

To solve this problem I followed the link:

http://www.debian-administration.org/articles/396

/etc/xen/xend-config.sxp

(network-script network-bridge)
(vif-script vif-bridge)
And then installed a few things that were not installed:

wembley:/opt/xen-image/ttylinux# apt-get install bridge-utils iproute sysfsutils libc6-xen xen-tools

I also try to configure the xen-tools.conf.

Still have the same problem.

I followed:

http://marc.info/?l=xen-users&m=115065666817495&w=2

and my /etc/network/interface looks as:

#########
# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet static
address 170.140.151.54
netmask 255.255.254.0
newtork 192.168.2.1
broadcast 192.168.2.255
gateway 170.140.150.254

auto eth0

auto br-xen
iface br-xen inet static
address 170.140.151.54
netmask 255.255.254.0
newtork 192.168.2.1
broadcast 192.168.2.255
gateway 170.140.150.254
bridge_ports eth0
# optional
bridge_maxwait 0
############3

and now my xen works.

The step I.B. Finished positively. Now I need to run I.C from

http://workspace.globus.org/vm/TP2.2/admin/quickstart.html#part-Ib

Posted by at No comments:

Monday, May 11, 2009

Configuring after Tim letter

1. You need to list the IP addresses that VMs can be assigned in:

"$GLOBUS_LOCATION/etc/nimbus/workspace-service/network-pools/public"

2. You need to have VMM hostnames listed in:

"$GLOBUS_LOCATION/etc/nimbus/workspace-service/vmm-pools/pool1"

3. Making alias for DHCP for the VMM

ifconfig eth0:0 192.168.0.254



4. I am adding the subnet to DHCPd.conf (be aware on space between the
0 and the left bracket.

subnet 192.168.0.0 netmask 255.255.255.0 {
}

5. In "/opt/workspace/worksp.conf" make sure the line looks like this:

association_0: public; eth0; eth0 ; none; 192.168.0.0/24


6. After:
magg@gobo:~/nimbus$ sh test-create.sh

Workspace Factory Service:
https://127.0.0.1:8443/wsrf/services/WorkspaceFactoryService

Read metadata file: "/home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-clients/sample-workspace.xml"
Created deployment request soley from arguments.

Creating workspace "http://example1/localhost/image"... done.



Workspace created: id 11
eth0
Association: public
IP address: 192.168.0.2
Hostname: host2.com
Gateway: 192.168.0.1

Start time: Mon May 11 18:00:59 EDT 2009
Duration: 30 minutes.
Shutdown time: Mon May 11 18:30:59 EDT 2009
Termination time: Mon May 11 18:40:59 EDT 2009

Wrote EPR to "test.epr"


Waiting for updates.

"http://example1/localhost/image" state change: Unstaged --> Propagated
"http://example1/localhost/image" state change: Propagated --> Corrupted
Problem with http://example1/localhost/image: Problem with workspace driver, error executing request operation (but validation succeeded)
STDERR: 2009-05-11 18:01:05,070 - ERROR - workspace (557) - Problem running:
Traceback (most recent call last):
File "worksp.py", line 529, in main
File "worksp.py", line 110, in addWorkspace
File "./workspace/vms/xen/xen_v2.py", line 801, in addWorkspace
RuntimeProblem: Error: (2, 'Invalid kernel', 'xc_dom_find_loader: no loader found\n')
"http://example1/localhost/image": Corrupted, calling destroy for you.
"http://example1/localhost/image" was terminated.

magg@gobo:~/nimbus$
----------------------------------------
And in the workspace:


WORKSPACE INSTANCE CREATED:
- Name: 'http://example1/localhost/image'
- Start time: May 11, 2009 6:00:59 PM
- Shutdown time: May 11, 2009 6:30:59 PM
- Resource termination time: May 11, 2009 6:40:59 PM
- Creator: /C=f5d71601-1c38-404f-9ee0-0cdd89ed2f7e/CN=ms
- ID: 11, VMM: gobo.mathcs.emory.edu
2009-05-11 18:00:59,106 INFO impls.InstanceResourceImpl [Timer-0,setOpsEnabled:457] [NIMBUS-EVENT][id-11]: WS-operations enabled
2009-05-11 18:00:59,112 INFO workspace.WorkspaceUtil [Thread-9_WorkspTaskThrd,runCommand:148] [NIMBUS-EVENT][id-11]: ssh -n -T -o BatchMode=yes magg@gobo.mathcs.emory.edu /opt/workspace/bin/workspace-control --create --name wrksp-11 --memory 256 --networking 'eth0;public;A2:AA:BB:AD:27:51;Bridged;Static;192.168.0.2;192.168.0.1;192.168.0.255;255.255.255.0;170.140.150.1;host2.com;null;null;null;null' --images 'file://hello-cloud.img' --imagemounts 'sda1'
2009-05-11 18:01:05,091 INFO workspace.WorkspaceUtil [Thread-9_WorkspTaskThrd,runCommand:225] [NIMBUS-EVENT][id-11]: Return code is 3
2009-05-11 18:01:05,092 ERROR workspace.WorkspaceUtil [Thread-9_WorkspTaskThrd,runCommand:253] [NIMBUS-EVENT][id-11]: system command FAILURE
STDERR:
2009-05-11 18:01:05,070 - ERROR - workspace (557) - Problem running:
Traceback (most recent call last):
File "worksp.py", line 529, in main
File "worksp.py", line 110, in addWorkspace
File "./workspace/vms/xen/xen_v2.py", line 801, in addWorkspace
RuntimeProblem: Error: (2, 'Invalid kernel', 'xc_dom_find_loader: no loader found\n')

2009-05-11 18:01:05,093 INFO xen.XenTask [Thread-9_WorkspTaskThrd,execute:115] [NIMBUS-EVENT][id-11]: Start failed
2009-05-11 18:01:05,093 ERROR async.ResourceMessage [Thread-9_WorkspTaskThrd,message:99] Problem moving [id-11] to state 'Started'
org.globus.workspace.WorkspaceException: Problem with workspace driver, error executing request operation (but validation succeeded)
STDERR: 2009-05-11 18:01:05,070 - ERROR - workspace (557) - Problem running:
Traceback (most recent call last):
File "worksp.py", line 529, in main
File "worksp.py", line 110, in addWorkspace
File "./workspace/vms/xen/xen_v2.py", line 801, in addWorkspace
RuntimeProblem: Error: (2, 'Invalid kernel', 'xc_dom_find_loader: no loader found\n')

at org.globus.workspace.xen.XenUtil.throwErr(XenUtil.java:686)
at org.globus.workspace.xen.XenUtil.translateReturnException(XenUtil.java:658)
at org.globus.workspace.xen.XenTask._execute(XenTask.java:240)
at org.globus.workspace.xen.XenTask.execute(XenTask.java:91)
at org.globus.workspace.service.impls.async.WorkspaceThread.run(WorkspaceThread.java:47)
2009-05-11 18:01:05,100 INFO impls.InstanceResourceImpl [Thread-9_WorkspTaskThrd,setOpsEnabled:457] [NIMBUS-EVENT][id-11]: WS-operations disabled
2009-05-11 18:01:05,109 WARN impls.StateTransition [Thread-9_WorkspTaskThrd,corrupted:307] Workspace was corrupted (when moving to state Started): can not change state anymore unless workspace is going to be destroyed
2009-05-11 18:01:05,602 INFO manager.DelegatingManager [ServiceThread-6,_opIntake:656] [NIMBUS-EVENT][id-11]: TRASH called by '/C=f5d71601-1c38-404f-9ee0-0cdd89ed2f7e/CN=ms'
2009-05-11 18:01:05,603 INFO impls.InstanceResourceImpl [ServiceThread-6,remove:739] [NIMBUS-EVENT][id-11]: destroy begins
2009-05-11 18:01:05,608 INFO workspace.WorkspaceUtil [ServiceThread-6,runCommand:148] [NIMBUS-EVENT][id-11]: ssh -n -T -o BatchMode=yes magg@gobo.mathcs.emory.edu /opt/workspace/bin/workspace-control --remove --deleteall --name wrksp-11
2009-05-11 18:01:06,309 INFO workspace.WorkspaceUtil [ServiceThread-6,runCommand:225] [NIMBUS-EVENT][id-11]: Return code is 0
2009-05-11 18:01:06,310 INFO xen.XenTask [ServiceThread-6,execute:108] [NIMBUS-EVENT][id-11]: Shutdown-Trash succeeded
2009-05-11 18:01:06,321 INFO defaults.ResourcepoolUtil [ServiceThread-6,retireMem:424] [NIMBUS-EVENT][id-11]: 'pool1' resource pool entry 'gobo.mathcs.emory.edu': 256 MB given back, now has 1024 MB available
2009-05-11 18:01:06,369 INFO dbdefault.DBAccountingAdapter [ServiceThread-6,destroy:319] [NIMBUS-EVENT][id-11]: accounting: ownerDN = '/C=f5d71601-1c38-404f-9ee0-0cdd89ed2f7e/CN=ms', minutesElapsed = 1, real usage = 1, uuid = '84a83873-55c9-453a-8dcd-b22560a3604a'
2009-05-11 18:01:06,379 INFO defaults.Util [ServiceThread-6,retireEntry:154] [NIMBUS-EVENT][id-11]: 'public' network lease is over, ip=192.168.0.2
2009-05-11 18:01:06,413 INFO impls.InstanceResourceImpl [ServiceThread-6,remove:748] [NIMBUS-EVENT][id-11]: destroyed ('http://example1/localhost/image')
Posted by at No comments:

Friday, May 8, 2009

Fighting with NIC and GridFTP account

1. Trying to install it again.



2. Installing autocontainer:

magg@gobo:~/nimbus$ wget http://workspace.globus.org/downloads/autocontainer-GT4.0.8-v1.0.tar.gz; tar xfvz autocontainer-GT4.0.8-v1.0.tar.gz

Following the documentation:

magg@gobo:~/nimbus/autocontainer$ ./bin/setup-container.sh

  • a hostname that clients can use to contact the container: gobo.mathcs.emory.edu
  • in one terminal run:
    $ /home/magg/nimbus/autocontainer/bin/start-container.sh
  • in another terminal run:
    $ source /home/magg/nimbus/autocontainer/bin/source-me.sh
    $ /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/bin/grid-proxy-init -cert ~/.globus/usercert-1.pem -key ~/.globus/userkey-1.pem
    $ /home/magg/nimbus/autocontainer/bin/test-container.sh
  • Tests passed:
    magg@gobo:~/nimbus$ /home/magg/nimbus/autocontainer/bin/test-container.sh
    Got notification with value: 3
    Counter has value: 3
    Got notification with value: 13
    magg@gobo:~/nimbus$
3. I tested the xen. It looks that the bridge

gobo:/home/xen/domains# xm create hello-cloud/hello-cloud.cfg
Using config file "./hello-cloud/hello-cloud.cfg".
Started domain hellocloud
gobo:/home/xen/domains# brctl show
bridge name bridge id STP enabled interfaces
eth0 8000.000bdb6fe75f no peth0 vif1.0


4. wget http://workspace.globus.org/downloads/nimbus-TP2.2.tar.gz ; tar xfvz nimbus-TP2.2.tar.gz

4a. Setting GLOBUS_LOCATION:

magg@gobo:~/nimbus/nimbus-TP2.2$ source ~/nimbus/autocontainer/bin/source-me.sh

4b. magg@gobo:~/nimbus/nimbus-TP2.2$ ./bin/all-build-and-install.sh

BUILD SUCCESSFUL
Total time: 1 minute 5 seconds
Successful: Nimbus - build and install all

4c. Autoconfiguration:

magg@gobo:~/nimbus/nimbus-TP2.2$ $GLOBUS_LOCATION/share/nimbus-autoconfig/autoconfig.sh

VMM - hypevisor - Pick a VMM to test with, enter a hostname: gobo.mathcs.emory.edu

How much RAM (MB) should be allocated for a test VM on the 'gobo.mathcs.emory.edu' VMM?
128

container account is (magg)

Now we'll set up the *hostname* that VMMs will use to contact the container over SSHd:
gobo.mathcs.emory.edu

We need to interrupt this part of the installation since now we need to install workspace control.

5. Setting workspace control:
Instructions:

magg/magg (privileged user and its group)

gobo:/home/magg/nimbus# ls
autocontainer nimbus-controls-TP2.2.tar.gz old-nimbus
autocontainer-GT4.0.8-v1.0.tar.gz nimbus-TP2.2
nimbus-controls-TP2.2 nimbus-TP2.2.tar.gz
gobo:/home/magg/nimbus# rm -rf nimbus-controls-TP2.2
gobo:/home/magg/nimbus# tar xzf nimbus-controls-TP2.2.tar.gz
gobo:/home/magg/nimbus# cd nimbus-controls-TP2.2
gobo:/home/magg/nimbus/nimbus-controls-TP2.2# mkdir /opt/workspace
gobo:/home/magg/nimbus/nimbus-controls-TP2.2# cp workspace-control/worksp.conf.example /opt/workspace/worksp.conf

5a. First dry run: (option -o)
gobo:/home/magg/nimbus/nimbus-controls-TP2.2# cd workspace-control/

gobo:/home/magg/nimbus/nimbus-controls-TP2.2# python install.py -c /opt/workspace/worksp.conf -a magg -g magg -o

gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# python install.py -c /opt/workspace/worksp.conf -a magg -g magg -i

Actually option '-n' also should work even better:
gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# python install.py -c /opt/workspace/worksp.conf -a magg -g magg -i

There are some things you have to do after the script manually.
One of them is

Changing lines in or adding new lines to.

/etc/dhcp3/dhcpd.conf

and updating the location of this file in file

/opt/workspace/bin/dhcp-config.sh

5b. Configuring images:

gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# cp /home/xen/domains/hello-cloud/hello-cloud.img /opt/workspace/images/

List the image:

gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# nano /opt/workspace/worksp.conf

Configuring the networks:

gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# nano /opt/workspace/worksp.conf

association_0: public; eth0; eth0 ; none; 170.140.151.0/24
#association_0: public; eth0; eth0 ; none; 192.168.0.0/24
#;association_1: public; eth0; eth0 ; none; 170.140.151.0/23


/etc/dhcp3/dhcpd.conf
subnet 170.140.151.55 netmask 255.255.255.255 {
}

subnet 170.140.151.94 netmask 255.255.255.255 {
}


5c. now testing. First restart dhcp:
/etc/init/dhcp3-server restart

gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# wget http://workspace.globus.org/vm/TP2.2/admin/test-create.sh

5d. Change the location of the image:

gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# nano /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-clients/sample-workspace.xml

file://hello-cloud.img

We are coming back to the configuration

4d. Coming back to the configuration:
Ok Point of no return but: testing for wembley.mathcs.emory.edu

And then manually run '/home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-autoconfig/autoconfig-adjustments.sh' at your leisure.

There is a note:

NOTE: you need to MATCH this network in the workspace-control configuration file.
This configuration file is at '/opt/workspace/worksp.conf' by default

For example, you might have this line:

association_0: public; xenbr0; vif0.1 ; none; 170.140.151.54/24

... "public" is the name of the network we chose.
... "xenbr0" is the name of the bridge to put VMs in this network on.
... "vif0.1" is the interface where the DHCP server is listening in dom0 on the VMM
... and the network address range serves as a sanity check (you can disable that check in the conf file)

----------

Making sure 'fake mode' is off:

[*] The 'fake.mode' configuration was:
... set to 'false'
... (it used to be set to 'true')
... in the file '/home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/etc/nimbus/workspace-service/other/common.conf'

----------

Finished.

See 'NOTE' above.

4e. Testing

magg@gobo:~/nimbus$ wget http://workspace.globus.org/vm/TP2.2/admin/test-create.sh

4f. I have got the error Unknown CA. Rebooting the machine and testing it once more.

4g. After reboot:
magg@gobo:~/nimbus/autocontainer$ ./bin/setup-container.sh

in one terminal:
magg@gobo:~$ /home/magg/nimbus/autocontainer/bin/start-container.sh

in the other terminal:
magg@gobo:~/nimbus$ source /home/magg/nimbus/autocontainer/bin/source-me.sh
magg@gobo:~/nimbus$ /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/bin/grid-proxy-init

Now the playing with gridmapfile:

magg@gobo:~/nimbus$ cp /home/magg/.globus/auto-container-01/grid-mapfile /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/etc/nimbus/nimbus-grid-mapfile

Changing in both files to not_real_account: magg

magg@gobo:~/nimbus/autocontainer$ nano /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/etc/nimbus/factory-security-config.xml


to


After running the test script I have some problems:

magg@gobo:~/nimbus$ sh test-create.sh

Workspace Factory Service:
https://127.0.0.1:8443/wsrf/services/WorkspaceFactoryService

Read metadata file: "/home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-clients/sample-workspace.xml"
Created deployment request soley from arguments.

Creating workspace "http://example1/localhost/image"...
Problem: Resource request denied: Error creating workspace(s): No resource pool has an applicable entry
magg@gobo:~/nimbus$
Posted by at No comments:

Thursday, May 7, 2009

After installation trying to run

1. magg$ rm -rf ~/.globus

magg@gobo:~/nimbus/autocontainer$ ./bin/setup-container.sh

The result:
===

To create more users with this certificate authority, run this in the future:

$ /home/magg/nimbus/autocontainer/bin/create-new-cert.sh /home/magg/.globus/auto-container-01/ca

Or like so to automatically authorize the newly generated credential:

$ /home/magg/nimbus/autocontainer/bin/create-new-cert.sh /home/magg/.globus/auto-container-01/ca /home/magg/.globus/auto-container-01/grid-mapfile
===

Congratulations.

In one terminal, run:

$ /home/magg/nimbus/autocontainer/bin/start-container.sh

In another terminal, run:

$ source /home/magg/nimbus/autocontainer/bin/source-me.sh
$ /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/bin/grid-proxy-init
$ /home/magg/nimbus/autocontainer/bin/test-container.sh

Bye!
magg@gobo:~/nimbus/autocontainer$

2. So in one terminal:

$ /home/magg/nimbus/autocontainer/bin/start-container.sh

3. In another terminal, run:

$ source /home/magg/nimbus/autocontainer/bin/source-me.sh
$ /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/bin/grid-proxy-init
$ /home/magg/nimbus/autocontainer/bin/test-container.sh

4. Now I try to find the grid-mapfile: grep gridmap /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/etc/globus_wsrf_core/global_security_descriptor.xml


I got the following error:
magg@gobo:~/nimbus/autocontainer/gt/ws-core-4.0.8$ sh test-create.sh

Workspace Factory Service:
https://127.0.0.1:8443/wsrf/services/WorkspaceFactoryService

Read metadata file: "/home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-clients/sample-workspace.xml"
Created deployment request soley from arguments.

Creating workspace "http://example1/localhost/image"... done.



Workspace created: id 5
eth0
Association: public
IP address: 170.149.151.54
Hostname: wembley.mathcs.emory.edu
Gateway: 170.140.150.254

Start time: Thu May 07 17:30:25 EDT 2009
Duration: 30 minutes.
Shutdown time: Thu May 07 18:00:25 EDT 2009
Termination time: Thu May 07 18:10:25 EDT 2009

Wrote EPR to "test.epr"


Waiting for updates.

"http://example1/localhost/image" state change: Unstaged --> Corrupted
Problem with http://example1/localhost/image: Problem with parameters to workspace driver, incorrectly supplied or validation of request failed
STDERR: 2009-05-07 17:30:26,478 - WARNING - workspace.xen_v2 (3804) - cannot remove dhcp/ebtables rules without create params
2009-05-07 17:30:26,479 - CRITICAL - workspace (509) - Problem validating configuration:

Valid:
------
- conffile parsed: /opt/workspace/worksp.conf
- no value given for conf family
- found pygrub: /usr/bin/pygrub
- no config for xmsudo, assuming sudo is used for xm
- found sudo conf: /usr/bin/sudo
- found xm conf: /usr/sbin/xm
- found xend conf: /usr/sbin/xend
- found dhcpconfig conf: None
- '/opt/workspace/persistence' exists on the filesystem and is rwx-able
- no xm output is available (perhaps assume_xend is true)
- '/opt/workspace/secureimages' exists on the filesystem and is rwx-able
- found scp conf: /usr/bin/scp
- no value given for scp default user
- caller can override default scp user
- '/usr/bin/scp' is executable
- Examining file (partition/HD image): 'file://hello-cloud.img'
- partition/HD is relative path w/ file://
- partition is read-write
- '/opt/workspace/images/hello-cloud.img' exists on the filesystem and is readable
- IMG #1 is valid
- ** found 1 valid partitions/HD images
- main partition/HD image = 'file:///opt/workspace/images/hello-cloud.img'
- found xenmounttype: 'file'
- imagemount = 'sda1'
- found 2 guest kernel(s) configuration(s): ['file:///opt/workspace/images/hello-cloud.img', 'file:///opt/workspace/images/vmlinuz-2.6-xen']
- no value given for allow_guestkernel_override, assuming false
- using kernel authz list
- no kernel specified, attempting to use default
- default: 'file:///opt/workspace/images/hello-cloud.img'
- '/opt/workspace/images/hello-cloud.img' exists on the filesystem and is readable
- asked to look for initrds with suffix '-initrd'
- ramdisk will be sought via matching
- ramdisk setting is absolute path w/ file://
- initrd image being sought via kernel matching algorithm is '/opt/workspace/images/hello-cloud.img-initrd', this does not exist on the filesystem, and so not using any initrd
- '/opt/workspace/mnt' exists on the filesystem and is rwx-able
- '/opt/workspace/tmp' exists on the filesystem and is rwx-able
- no configuration for finding max VM RAM, default is false
- memory requested: 256
- NIC #1: no broadcast given, IP 170.149.151.54 is a class B address, assigning 170.149.255.255
- NIC #1: no subnet mask given, IP 170.149.151.54 is a class B address, assigning 255.255.0.0
- NIC #1: certname not set
- NIC #1: keyname not set
- NIC #1: certpath not set
- NIC #1: keypath not set
- ** found 0 valid NICs

Invalid:
--------
- NIC #1: no bridge assignment?
- NIC #1 is invalid
- failure is triggered, backing out any networking reservations

for help use --help
"http://example1/localhost/image": Corrupted, calling destroy for you.
"http://example1/localhost/image" was terminated.
Posted by at No comments:

Wednesday, May 6, 2009

Installing Nimbus -cont.

1. Tim answered me that I can shutdown the domain and the state will be unchanged. So let's check it out. However, I doubt since every time I load the image then I have to modify the password. So let's see if Tim is right.
The 'xm save' saves the ram.

And the answer is yes. Tim is right.

2. Since the domain is based on dhcp-ip so it changes every time the domain
is instantiated so I need to do this bi-directional password-less ssh stuff again.
And this is the good brief tutorial to do that.

3. However, I got again the same error with pseudoterminal:

magg@gobo:~/.ssh$ ssh magg@h973c
PTY allocation request failed on channel 0

So I came back to my previous post. It occurs that /dev/pts is missing so I created it and mounted. And that was enough:

h973C:/home/magg# mkdir /dev/pts
h973C:/home/magg# mount /dev/pts

4. So now we need to refresh the globus certificates and I can try to install the nimbus.


BUILD SUCCESSFUL
Total time: 23 seconds
Successful: Nimbus - build and install all
magg@gobo:~/nimbus/nimbus-TP2.2$

5. It looks that I need passwordless auth from gobo to gobo.

6. This autoconfig.sh script requires that the workspace control should be installed. So now I tried to install this workspace control. So I need to download
and install this nimbus-controlled.tgz

7. Create a necessary directory structure. You can try to run this with the
option '-o' for the first time instead of '-i'

gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# python install.py -c /opt/workspace/worksp.conf -a magg -g magg -i

Then try to change something. I change the below files before installation so
the changes were copied to the /opt/workspace/blah blah


DHCPD_CONF dhcp-config.sh

gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# cp dhcp-config.sh dhcp-config.sh.org
gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# nano dhcp-config.sh

DHCPD_CONF="/etc/dhcp3/dhcpd.conf"

8. copying images

gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# cp /home/xen/domains/hello-cloud/hello-cloud.* /opt/workspace/images/

gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# cp /opt/workspace/worksp.conf /opt/workspace/worksp.conf.org

gobo:/home/magg/nimbus/nimbus-controls-TP2.2/workspace-control# nano /opt/workspace/worksp.conf

guestkernels: /opt/workspace/images/hello-cloud.img,%(localdir)s/vmlinuz-2.6-xen

9. testing

gobo:/home/magg/.ssh# cp /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-clients/sample-workspace.xml /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-clients/sample-workspace.xml.org

nano sample-workspace.xml:

file://hello-cloud.img

I have got some errors:

gobo:/home/magg/nimbus# ./test-create.sh

Workspace Factory Service:
https://127.0.0.1:8443/wsrf/services/WorkspaceFactoryService

Read metadata file: "/home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-clients/sample-workspace.xml"
Created deployment request soley from arguments.

Creating workspace "http://example1/localhost/image"...
Problem: General error: ; nested exception is:
GSSException: Defective credential detected [Caused by: Proxy file (/tmp/x509up_u0) not found.]

9a. So I run the container and created this certificates - proxy or whatever. And run as a magg user. I have got the following error:

magg@gobo:~/nimbus$ ./test-create.sh

Workspace Factory Service:
https://127.0.0.1:8443/wsrf/services/WorkspaceFactoryService

Read metadata file: "/home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-clients/sample-workspace.xml"
Created deployment request soley from arguments.

Creating workspace "http://example1/localhost/image"...
Problem: General error: org.globus.wsrf.impl.security.authorization.exceptions.AuthorizationException: "/C=f56baae7-1024-4c02-951c-3c9466917c37/CN=ms" is not authorized to use operation: {http://www.globus.org/2008/06/workspace}create on this service
magg@gobo:~/nimbus$

9b. magg@gobo:~/nimbus$ nano /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/etc/nimbus/nimbus-grid-mapfile
"/C=f56baae7-1024-4c02-951c-3c9466917c37/CN=ms" fakeaccount

9c. now the test script worked

10. Continuing nimbus script:
---------------------
These settings are now stored in '/home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-autoconfig/autoconfig-decisions.sh'

If you type 'y', that script will be run for you with the settings.

Or you can answer 'n' to the next question and adjust this file.
And then manually run '/home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-autoconfig/autoconfig-adjustments.sh' at your leisure.

OK, point of no return. Proceed? y/n
--------------------
After pressing the 'y':

----------------------------------------
NOTE: you need to MATCH this network in the workspace-control configuration file.
This configuration file is at '/opt/workspace/worksp.conf' by default

For example, you might have this line:

association_0: public; xenbr0; vif0.1 ; none; 170.149.151.54/24

... "public" is the name of the network we chose.
... "xenbr0" is the name of the bridge to put VMs in this network on.
... "vif0.1" is the interface where the DHCP server is listening in dom0 on the VMM
... and the network address range serves as a sanity check (you can disable that check in the conf file)

----------

Making sure 'fake mode' is off:

[*] The 'fake.mode' configuration was:
... set to 'false'
... (it used to be set to 'true')
... in the file '/home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/etc/nimbus/workspace-service/other/common.conf'

----------

Finished.

See 'NOTE' above.
--------------------------------

11. Following the instructions from the web page I obtained the expected results. So it looks as it works. Check the security and map-grid-something files.
Posted by at No comments:

Tuesday, May 5, 2009

hello-cloud image and passwordless ssh

In order to log to the hello-cloud from the outside world I needed to do a few things.

1. I examined the /var/log/auth.log on my hello-cloud image. I have found the following problems:

May 5 14:16:12 h9761 sshd[1199]: error: openpty: No such file or directory
May 5 14:16:12 h9761 sshd[1203]: error: session_pty_req: session 0 alloc failed

2. Then I followed _some_ of the instructions from:
http://www.patoche.org/LTT/kernel/00000172.html
That is: on my hello-cloud image I did:

h9761:# mknod /dev/ptmx c 5 2
h9761:# chmod 666 /dev/ptmx
h9761:# mkdir /dev/pts
- Add to /etc/fstab:
none /dev/pts devpts gid=5,mode=600 0 0
h9761:# mount /dev/pts

3. I change the /etc/ssh/sshd_config on the hello-cloud image (I compared with my local /etc/ssh/sshd_config file.

--------------------------------------------------------
# Package generated configuration file
# See the sshd(8) manpage for defails

# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# ...but breaks Pam auth via kbdint, so we have to turn it off
# Use PAM authentication via keyboard-interactive so PAM modules can
# properly interface with the user (off due to PrivSep)
#PAMAuthenticationViaKbdInt no
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768
# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 600
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys

# rhosts authentication should not be used
#RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Uncomment to disable s/key passwords
ChallengeResponseAuthentication no

# To disable tunneled clear text passwords, change to no here!
#MS PasswordAuthentication no


# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no

# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes

# MS X11Forwarding no
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net
#ReverseMappingCheck yes

Subsystem sftp /usr/lib/openssh/sftp-server


UsePAM yes

#UseDNS no
#PermitRootLogin without-password


#ChallengeResponseAuthentication no
------------------------------------

4. I restarted the sshd:

h9761:/etc/ssh# /etc/init.d/ssh restart

5. Then I did this ssh-passwordless configuration stuff with generating
private and public keys. And now I can log-in to the hello-cloud image from the outside world with or without a password (depending if this password-less stuff is performed earlier).

6. So it looks like the hello-cloud image lacks pty (pseudo terminal interfaces).

7. I hope I can repeat this and incorporate this into my modified hello-cloud image.
Posted by at No comments:

Monday, May 4, 2009

Nimbus-installation Build

1. I notice that the owner is root - so I once more unpack a tar file into the
fresh directory.

magg@gobo:~/nimbus/nimbus-TP2.2$ ./bin/all-build-and-install.sh

*** Nimbus - build and install all:
[echo] Building default Nimbus-for-GT4.0 packages:
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/service-api/java/source
[echo] Building: Nimbus Services Bridge (RM API)
[echo] Built: Nimbus Services Bridge (RM API)
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/service/service/java/source
[echo] Building: Workspace Service module
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[echo] Built: Workspace Service module
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/metadata/java/source
[echo] Building: Metadata Server module
[javac] Note: /home/magg/nimbus/nimbus-TP2.2/metadata/java/source/src/org/nimbustools/metadataserver/defaults/DefaultMetadataServer.java uses unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[echo] Built: Metadata Server module
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/schema/dist
[echo] Building: Web services WSDL/schemas
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/schema/dist/deploy-server.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/schema/dist/deploy-client.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/schema/dist/deploy-jndi-config.xml to copy.
[echo] Built: Web services WSDL/schemas
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0-elastic/schema/dist
[echo] Building: EC2 WSDL (elastic)
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0-elastic/schema/dist/deploy-server.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0-elastic/schema/dist/deploy-client.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0-elastic/schema/dist/deploy-jndi-config.xml to copy.
[echo] Built: EC2 WSDL (elastic)
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/stubs
[echo] Building: Auto-generated code for web services
[echo] Merging NStoPkg.properties
[echo] Generating stubs from workspace_factory_service.wsdl
[echo] Generating stubs from workspace_group_service.wsdl
[echo] Generating stubs from workspace_ensemble_service.wsdl
[echo] Generating stubs from workspace_status_service.wsdl
[echo] Generating stubs from workspace_service.wsdl
[echo] Generating stubs from workspace_ctx_service.wsdl
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/stubs/deploy-server.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/stubs/deploy-client.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/stubs/deploy-jndi-config.xml to copy.
[echo] Built: Auto-generated code for web services
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0-elastic/java/stubs
[echo] Building: Auto-generated code for web services (elastic)
[echo] Merging NStoPkg.properties
[echo] Generating stubs from ec2.wsdl
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0-elastic/java/stubs/deploy-server.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0-elastic/java/stubs/deploy-client.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0-elastic/java/stubs/deploy-jndi-config.xml to copy.
[echo] Built: Auto-generated code for web services (elastic)
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/common
[echo] Building: Nimbus GT4.0 messaging common
[javac] Note: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/common/src/org/nimbustools/messaging/gt4_0/common/CommonUtil.java uses unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[echo] Built: Nimbus GT4.0 messaging common
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/msgbridge
[echo] Building: Nimbus GT4.0 messaging bridge
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[echo] Built: Nimbus GT4.0 messaging bridge
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0-elastic/java/msgbridge
[echo] Building: Nimbus GT4.0 elastic messaging bridge
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[echo] Built: Nimbus GT4.0 elastic messaging bridge
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/service/client/java/source
[echo] Building: Nimbus GT4.0 clients GAR package (API, client, and cloud-client)
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/service/client/java/source/deploy-server.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/service/client/java/source/deploy-client.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/service/client/java/source/deploy-jndi-config.xml to copy.
[echo] Built: Nimbus GT4.0 clients GAR package (API, client, and cloud-client)
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/gar-builder
[echo] Building: Nimbus GT4.0 main GAR package
[echo] Cleaned: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/gar-builder
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/gar-builder/deploy-client.wsdd to copy.
[echo] Built: Nimbus GT4.0 main GAR package
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/autoconfiguration
[echo] Building: Nimbus auto-configuration tools GAR package
[javac] Note: Some input files use unchecked or unsafe operations.
[javac] Note: Recompile with -Xlint:unchecked for details.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/autoconfiguration/deploy-server.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/autoconfiguration/deploy-client.wsdd to copy.
[copy] Warning: Could not find file /home/magg/nimbus/nimbus-TP2.2/autoconfiguration/deploy-jndi-config.xml to copy.
[echo] Built: Nimbus auto-configuration tools GAR package
[echo]
[echo] Default installation to GT4.0 container:
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/schema/dist
[echo] Installing: Web services WSDL/schemas
[echo] Deploying gar with profile:
[echo] Installed: Web services WSDL/schemas
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/stubs
[echo] Installing: Auto-generated code for web services
[echo] Deploying gar with profile:
[echo] Installed: Auto-generated code for web services
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0-elastic/schema/dist
[echo] Installing: EC2 WSDL (elastic)
[echo] Deploying gar with profile:
[echo] Installed: EC2 WSDL (elastic)
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0-elastic/java/stubs
[echo] Installing: Auto-generated code for web services (elastic)
[echo] Deploying gar with profile:
[echo] Installed: Auto-generated code for web services (elastic)
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/service/client/java/source
[echo] Installing: Nimbus GT4.0 clients GAR package (API, client, and cloud-client)
[echo] Deploying gar with profile:
[echo] Creating Unix launcher script workspace
[echo] Creating Unix launcher script workspace-status
[echo] Installed: Nimbus GT4.0 clients GAR package (API, client, and cloud-client)
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/messaging/gt4.0/java/gar-builder
[echo] Installing: Nimbus GT4.0 main GAR package
[echo] Deploying gar with profile:
[copy] Warning: /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/etc/nimbus not found.
[echo] deploying server config...
[echo] deploying JNDI config...
[echo] Adjusted workspace conf-locator paths
[echo] Adjusted elastic conf-locator paths
[echo] Adjusted workspace common.conf paths
[echo] Adjusted JNDI config paths
[echo] Ensured owner-only r permissions: etc/nimbus/workspace-service/pilot-authz.conf
[echo] Setting up Workspace Service persistence:
[echo] Creating an embedded database for the Workspace Service
[echo] Ensured owner-only rwx permissions on persistence directory
[echo] Creating an embedded database for workspace service accounting
[echo] Ensured owner-only rwx permissions on persistence directory
[echo] Set up Workspace Service persistence.
[echo] Did not find 'commons-dbcp.jar' dependency, copying commons-dbcp-1.2.1 to /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/lib
[echo] Did not find 'commons-pool.jar' dependency, copying commons-pool-1.2 to /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/lib
[echo] Installed: Nimbus GT4.0 main GAR package
[echo]
[echo] **** Module: /home/magg/nimbus/nimbus-TP2.2/autoconfiguration
[echo] Installing: Nimbus auto-configuration tools GAR package
[echo] Deploying gar with profile:
[echo] Installed: Nimbus auto-configuration tools GAR package
[echo]
[echo] NOTES: To run the auto-configuration program, launch:
[echo] /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-autoconfig/autoconfig.sh
[echo]
[echo] To run the cloud configuration admin helper, launch:
[echo] /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-autoconfig/cloud-admin.sh
[echo]

BUILD SUCCESSFUL
Total time: 1 minute 7 seconds
Successful: Nimbus - build and install all
-----------------------------
2. magg@gobo:~/nimbus/nimbus-TP2.2$ /home/magg/nimbus/autocontainer/gt/ws-core-4.0.8/share/nimbus-autoconfig/autoconfig.sh
Posted by at 1 comment:
Subscribe to: Posts (Atom)