This installation note assumes that you have installed and configured MyPLC in the usual manner, and you have set up your yum repo like for a MyPLC install.
Once you have completed the server configuration, a brief introduction to the SFA user tools is here:
http://svn.planet-lab.org/wiki/SFAGuide
-----
1) Install the SFA packages:
# yum install sfa-plc sfa-client
Note that the above command installs both sfa server (sfa-plc) and sfa client packages along with necessary dependency packages. Depending on the requirements, you may choose to install the appropriate one (server, client or both) for you. For e.g. to set up your own SFA server on top of your MyPLC, you need sfa-plc. On the other hand, if you plan to use an existing SFA server, you would typically need the sfa-client only.
-------
2) Note down the PLC_ROOT_USER, PLC_ROOT_PASSWORD, PLC_DB_USER and PLC_DB_PASSWORD of your MyPLC installation:
# plc-config-tty
Enter command (u for usual changes, w to save, ? for help) s PLC_ROOT_USER
PLC_ROOT_USER = root@test.onelab.eu
Enter command (u for usual changes, w to save, ? for help) s PLC_ROOT_PASSWORD
PLC_ROOT_PASSWORD = test++
Enter command (u for usual changes, w to save, ? for help) s PLC_DB_USER
PLC_DB_USER = pgsqluser
Enter command (u for usual changes, w to save, ? for help) s PLC_DB_PASSWORD
PLC_DB_PASSWORD = 4a333aba-a322-41b1-9c05-90b4f34d1332
These four configuration parameters are required for SFA server configuration
-------
3) Configure and start SFA servers:
(a) # sfa-config-tty
set SFA_PLC_USER to PLC_ROOT_USER
set SFA_PLC_PASSWORD to PLC_ROOT_PASSWORD
set SFA_PLC_DB_USER to PLC_DB_USER
set SFA_PLC_DB_PASSWORD to PLC_DB_PASSWORD
write and quit
*NOTE* at this point you get a warning b/c the authorities hierarchy has not been created yet; ignore
(b) # sfa-import-plc.py
(o/p will look like this)
Import: creating top level authorities
Hierarchy: creating authority: plc
plc :
Import: creating table for authority plc
NOTICE: table "sfa$plc" does not exist, skipping
inserting authority record for plc
Import: adding plc to trusted list
Import_Site: importing site plc.internet2
Hierarchy: creating authority: plc.internet2
inserting authority record for plc.internet2
Import_Site: importing site plc.pl
Hierarchy: creating authority: plc.pl
inserting authority record for plc.pl
Import: importing person plc.pl.root
Import: creating table for authority plc.pl
NOTICE: table "sfa$plc$pl" does not exist, skipping
(c) run sfa-config-tty again and select q to come out of the config command
This will initialize /etc/sfa/authorities/server.key from /etc/sfa/authorities/plc/plc.pkey
(d) # service sfa start
This will start Registry, Slice Manager and Aggregate Manager. Your ps command output would look like:
# ps -ef | grep python
root 24944 1 0 May11 ? 00:00:00 /usr/bin/python /usr/bin/sfa-start.py -r -d
root 24957 1 0 May11 ? 00:00:00 /usr/bin/python /usr/bin/sfa-start.py -a -d
root 24970 1 0 May11 ? 00:00:00 /usr/bin/python /usr/bin/sfa-start.py -s -d
-------
4) Configure SFA client:
(a) # mkdir ~/.sfi
(b)copy your private RSA key to ~/.sfi/username.pkey Replace username with your actual account name. NOTE: DSA KEYS WILL NOT WORK
(c) # cp /etc/sfa/sfi_config ~/.sfi/
(d) edit ~/.sfi/sfi_config. A sample configuration looks like:
SFI_AUTH='plc.pl'
SFI_USER='plc.pl.root'
SFI_REGISTRY='http://vplc25.inria.fr:12345/'
SFI_SM='http://vplc25.inria.fr:12347/'
------
5) Testing:
At this stage you should be able to run sfi command. Some sample outputs are:
(a) # sfi.py list plc.pl
plc.pl.netflow (slice)
plc.pl.sirius (slice)
plc.pl.root (user)
plc.pl.pif (node)
(b) # sfi.py show plc.pl.pif
gid:
hrn: plc.pl.pif
uuid: 99878316891261700702442883738232624912
hrn: plc.pl.pif
type: node
node_type: regular
hostname: pif.inria.fr
(c) # sfi.py show plc.pl.root
gid:
hrn: plc.pl.root
uuid: 67306954103472941609600457537601239401
hrn: plc.pl.root
type: user
last_name: Administrator
phone: None
key: plc.pl.root#user
first_name: Default
email: root@vplc25.inria.fr
(d) # sfi.py slices
plc.pl.netflow
plc.pl.sirius
(e) # sfi.py resources
------
6) Federation configuration:
(a) Follow the same procedure to install and configure second MyPLC with SFA server.
(b) On each PLC, edit the /etc/sfa/registries.xml file
set addr to ip or hostname of federated (remote) peer
set port to sfa service port on federated (remote) peer
set hrn to human readable name of federated (remote) peer interface
Sample configuration:
(c) Likewise, edit the /etc/sfa/aggregates.xml
Sampel configuration
(d) trade trusted root gid's (seen on /etc/sfa/trusted_roots)
we have to copy the gid of first SFA server to the /etc/sfa/trusted_roots directory of second one and vice-versa.