Code Monkey home page Code Monkey logo

ndn_ansible's Introduction

Deprecated

New testbed repo: https://github.com/named-data/testbed

NDN_Ansible

Ansible management for NDN Testbed

To do the whole thing: ansible-playbook -i testbedInventory testbed.yml

To do just nlsr on LIP6 and BERN ansible-playbook -i testbedInventory --tags="nlsr" --limit="LIP6,BERN" testbed.yml

To slow the process down if you are having trouble with multiple repeated logins to a site (sometimes firewalls block if they see too many attempts): ./echoY.sh | ansible-playbook --step -i testbedInventory testbed.yml

The echoY.sh script echos a Y to the ansible-playbook process every 30 seconds.

ndn_ansible's People

Contributors

jdehart1 avatar pulsejet avatar tianyuan129 avatar wu-arl avatar

Stargazers

avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

cawka tianyuan129 ucla-irl

ndn_ansible's Issues

Accommodate certificate name in KeyLocator in /localhop/nfd/rib validation rules

Currently, command validation rules for /localhop/nfd/rib command are written as:

rule
{
    for interest
    filter
    {
        type name
        regex ^[<localhop><localhost>]<nfd><rib>[<register><unregister>]<><><>$
    }
    checker
    {
        type customized
        sig-type rsa-sha256
        key-locator
        {
            type name
            regex ^<>*<KEY><>$
        }
    }
}

This means, the validator can only accept a signed Interest if its KeyLocator contains key name, but would reject a signed Interest if its KeyLocator contains certificate name.

Since ndn-cxx Feature 5112, KeyLocator would contain certificate name. Additionally, legacy client may continue to send KeyLocator with key name.
Thus, this rule should be relaxed to accept either key name or certificate name as KeyLocator.

NFD Feature 5114 will provide specific examples on what to write in nfd.conf. After that issue is closed, nfd.conf.j2 in this codebase should be updated accordingly and deployed to testbed.
It is not necessary to wait for NFD release, and this change would not affect previous versions of end hosts.

Check TLS certs and autoupdate

Davide says a lot are expired. They are supposed to autoupdate.

Also shift completely to TLS and https.

Send email to Davide for clarification.

Write up a detailed list of steps for adding a new node

Current Ansible location on my laptop: /Users/jdd/Google Drive/NDN/NDN_CRI/NDN_Testbed
Define links for this node to other nodes. They will go in host_vars file and in links.json file below.
Included in defining links is determining one-way delay between two nodes to be linked. (ping and traceroute can sometimes help with this, but not always)
Add host_vars file for node
Add host to WU_ARL/ndnstatus/ndn_prefix/config_ndn
On ndnmap.arl.wustl.edu (accessed through ndndemo?) Add host to WU_ARL/ndnmap/WebServer/gmap/json/{geocode.json, routers.json, links.json}
'sudo cp' those three files over to ~ndnmap/ndnmap/WebServer/gmap/json/
Verify that python is installed on node. Needed for Ansible. Ansible can take care of everything else that needs to be installed.

Run Ansible (we'll actually do this a couple of times)
First one does the bulk of the installs on the new node
jdd> ansible-playbook -i testbedInventory --limit="AAU" testbed_0.6.0.yml

Updates for nlsr and ndnsec that require other nodes to be updated. For ndnsec we need UCLA involved to sign the site-cert. For nlsr we need the nodes that are linked to the new node so their nlsr.conf files get updated. We can do this in one or two steps.
Either this:
jdd> ansible-playbook -i testbedInventory --tags="ndnsec" --limit="AAU,UCLA" testbed_0.6.0.yml
jdd> ansible-playbook -i testbedInventory --tags="nlsr" --limit="AAU,BERN,BASEL,PADUA" testbed_0.6.0.yml

Or this:
jdd> ansible-playbook -i testbedInventory --tags="ndnsec,nlsr" --limit="AAU,UCLA,BERN,BASEL,PADUA" testbed_0.6.0.yml

Add operator to the operator mailing list ([email protected]) at
https://alpha.netsec.colostate.edu/mailman/listinfo/operators
And add an alias in my mail client for sending directly to a site operator (e.g. AAU_operator)

NLSR on testbed nodes is generating a bad certificate

nlsr@wundngw:/home/nlsr$ ndnsec-cert-dump -p -i /ndn/edu/wustl/%C1.Router/wundngw/NLSR
Certificate name:
/ndn/edu/wustl/%C1.Router/wundngw/NLSR/KEY/ksk-1516811331884/ID-CERT/%FD%00%00%01a%29%00%2A%AE
Validity:
NotBefore: 20180123T162852
NotAfter: 19011214T100036
Subject Description:
2.5.4.41: /ndn/edu/wustl/%C1.Router/wundngw/NLSR/ksk-1516811331884
Public key bits: (RSA)
MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEA5d/MvAzG4z0wYMWb54gT
yRI6UEmu010gX3pch5vodRiN7LaDaUHY1R66BRtPZJe60l3KSKtfWLnCt9E1HP0d
ooS6wVTWmMyV3j+ll82hgG1Iodt42MV8zxaj4/kkMvxfcClU313ZW4exvnEj4wKF
w129eSQhSPYXyg/DLnMmm2RQBf23N2AXTk3Mv2V0oICx3jo3inOF3TmQhIi3G684
9/uN3ZCGNED5LYcTsVJ7Uy1yeBXliD5sm4aKV0GwfSu8lUj/zUMvFmENB6RzBMeT
culNdYJZGIv/rteNKV6j7c22kwgGLxyucgHAjbcPhKhOxoHUL0lOJa2Xz5qzw5mp
mQIB
Signature Information:
Signature Type: SignatureSha256WithRsa
Key Locator: (Name) /ndn/edu/wustl/%C1.Router/wundngw/KEY/ksk-1444282035499/ID-CERT

nlsr@wundngw:/home/nlsr$

Restart ndnping tests

Memphis wants the ping results again.
This is a test where each node ndnpings each other node.

From earlier email with Ashlesh:
So, if our testbed has for example 30 nodes, then on each node are we running
29 simultaneous ndnpings that each last for 5 minutes?

Contact operators of all currently down NDN Testbed nodes

REMAP: Email sent(8/15). JeffB says they'll check on it in the next day or two. (8/15)
BUPT: Email sent(8/15). Guijin Zou responded (8/16) that they are still interested. Working on setting up the node again.
CNIC: This is just an issue of ndndemo status page not being able to contact it. Node is up. I can log in.
PKUSZ: Email sent(8/15)
TONGJI: Email sent(8/15). Received email from operator (8/23). Machine back up now.
BYU: Email sent(8/15)
SYSTEMX: Email sent(8/15)
INDONESIA: Email sent(8/15)
CAGLIARI: Email sent(8/15)
CAIDA: Email sent (8/15). Dan rebooted and it is back. (8/16).
SRRU: Email send (8/15). Thongchai responded (8/16). They are working on it.

Try to clear them all up or remove them before NDNCOMM

Tie ndnmap and ndndemo together so they get updates in sync

ndnmap and ndndemo use a lot of the same information about nodes/sites in the Testbed.
ndn-fch service relies on ndnmap but ndnmap usually lags behind ndndemo in updates when something gets added or changed.

Perhaps we can support both of them on the same machine. Right now they are on separate machines.
Or perhaps we can generate the config files from Ansible and push them out to each of them from one place.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.