This installation note assumes that you have installed and configured MyPLC in the usual manner, and you have set up your yum repo like for a MyPLC install. Once you have completed the server configuration, a brief introduction to the SFA user tools is here: http://svn.planet-lab.org/wiki/SFAGuide ----- 1) Install the SFA packages: # yum install sfa-plc sfa-client Note that the above command installs both sfa server (sfa-plc) and sfa client packages along with necessary dependency packages. Depending on the requirements, you may choose to install the appropriate one (server, client or both) for you. For e.g. to set up your own SFA server on top of your MyPLC, you need sfa-plc. On the other hand, if you plan to use an existing SFA server, you would typically need the sfa-client only. ------- 2) Note down the PLC_ROOT_USER, PLC_ROOT_PASSWORD, PLC_DB_USER and PLC_DB_PASSWORD of your MyPLC installation: # plc-config-tty Enter command (u for usual changes, w to save, ? for help) s PLC_ROOT_USER PLC_ROOT_USER = root@test.onelab.eu Enter command (u for usual changes, w to save, ? for help) s PLC_ROOT_PASSWORD PLC_ROOT_PASSWORD = test++ Enter command (u for usual changes, w to save, ? for help) s PLC_DB_USER PLC_DB_USER = pgsqluser Enter command (u for usual changes, w to save, ? for help) s PLC_DB_PASSWORD PLC_DB_PASSWORD = 4a333aba-a322-41b1-9c05-90b4f34d1332 These four configuration parameters are required for SFA server configuration ------- 3) Configure and start SFA servers: (a) # sfa-config-tty set SFA_PLC_USER to PLC_ROOT_USER set SFA_PLC_PASSWORD to PLC_ROOT_PASSWORD set SFA_PLC_DB_USER to PLC_DB_USER set SFA_PLC_DB_PASSWORD to PLC_DB_PASSWORD write and quit *NOTE* at this point you get a warning b/c the authorities hierarchy has not been created yet; ignore (b) # sfa-import-plc.py (o/p will look like this) Import: creating top level authorities Hierarchy: creating authority: plc plc : Import: creating table for authority plc NOTICE: table "sfa$plc" does not exist, skipping inserting authority record for plc Import: adding plc to trusted list Import_Site: importing site plc.internet2 Hierarchy: creating authority: plc.internet2 inserting authority record for plc.internet2 Import_Site: importing site plc.pl Hierarchy: creating authority: plc.pl inserting authority record for plc.pl Import: importing person plc.pl.root Import: creating table for authority plc.pl NOTICE: table "sfa$plc$pl" does not exist, skipping (c) run sfa-config-tty again and select q to come out of the config command This will initialize /etc/sfa/authorities/server.key from /etc/sfa/authorities/plc/plc.pkey (d) # service sfa start This will start Registry, Slice Manager and Aggregate Manager. Your ps command output would look like: # ps -ef | grep python root 24944 1 0 May11 ? 00:00:00 /usr/bin/python /usr/bin/sfa-start.py -r -d root 24957 1 0 May11 ? 00:00:00 /usr/bin/python /usr/bin/sfa-start.py -a -d root 24970 1 0 May11 ? 00:00:00 /usr/bin/python /usr/bin/sfa-start.py -s -d ------- 4) Configure SFA client: (a) # mkdir ~/.sfi (b)copy your private RSA key to ~/.sfi/username.pkey Replace username with your actual account name. NOTE: DSA KEYS WILL NOT WORK (c) # cp /etc/sfa/sfi_config ~/.sfi/ (d) edit ~/.sfi/sfi_config. A sample configuration looks like: SFI_AUTH='plc.pl' SFI_USER='plc.pl.root' SFI_REGISTRY='http://vplc25.inria.fr:12345/' SFI_SM='http://vplc25.inria.fr:12347/' ------ 5) Testing: At this stage you should be able to run sfi command. Some sample outputs are: (a) # sfi.py list plc.pl plc.pl.netflow (slice) plc.pl.sirius (slice) plc.pl.root (user) plc.pl.pif (node) (b) # sfi.py show plc.pl.pif gid: hrn: plc.pl.pif uuid: 99878316891261700702442883738232624912 hrn: plc.pl.pif type: node node_type: regular hostname: pif.inria.fr (c) # sfi.py show plc.pl.root gid: hrn: plc.pl.root uuid: 67306954103472941609600457537601239401 hrn: plc.pl.root type: user last_name: Administrator phone: None key: plc.pl.root#user first_name: Default email: root@vplc25.inria.fr (d) # sfi.py slices plc.pl.netflow plc.pl.sirius (e) # sfi.py resources ------ 6) Federation configuration: (a) Follow the same procedure to install and configure second MyPLC with SFA server. (b) On each PLC, edit the /etc/sfa/registries.xml file set addr to ip or hostname of federated (remote) peer set port to sfa service port on federated (remote) peer set hrn to human readable name of federated (remote) peer interface Sample configuration: (c) Likewise, edit the /etc/sfa/aggregates.xml Sampel configuration (d) trade trusted root gid's (seen on /etc/sfa/trusted_roots) we have to copy the gid of first SFA server to the /etc/sfa/trusted_roots directory of second one and vice-versa.