[Planetlab-devel] Re: problem #1 (with myplc 0.5-5)

Lee Breslau breslau at research.att.com
Mon Jan 28 13:39:33 EST 2008 

Stephen,

Yes, I *think* for now things are working, at least as far as plc is 
concerned.  I'm not sure if I'll run into problems with no sendmail 
working outside of the plc context.  So for now things are good, but if 
others have thoughts or experience, I'm interested to hear.

Thanks.

Lee


Stephen Soltesz wrote:
> Hey, Lee,
>
> From your description, it sounds like sendmail is working for you now?
>
> Unfortunately, I have not yet successfully configured the email for 
> myplc.  I can appreciate that this is a concern for an actual 
> deployment such as within ATT.  For sure, any service that binds to a 
> port should be disabled outside of the plc context if plc is using the 
> same service/port.  I'm actually not entirely clear how sendmail 
> works, so others may be able to provide a more informed reply for this 
> particular option if it's still not working for you.
>
> Thank you,
> Stephen.
>
> Lee Breslau wrote:
>> Stephen,
>>
>> Thanks.  This helps, and it looks like I can now create the PI 
>> account to bootstrap the rest.
>>
>> I had another problem, which threw me off for a while.  The 
>> notification mail wasn't getting sent when new accounts were 
>> requested.  The solution that I found was to stop the mail service on 
>> the machine, and only enable it within the plc context.  I think 
>> otherwise the plc sendmail was failing because the port it was trying 
>> to bind to was already in use.   Is this what you would expect to 
>> happen?  As I say, things are working now, but just want to make sure 
>> I haven't diverged in some way that will cause problems in the future.
>>
>> Lee
>>
>>
>> Stephen Soltesz wrote:
>>> Hello, Lee,
>>>
>>> First, I'm sorry that I didn't reply to this message sooner.  I 
>>> didn't realize you were sending questions to the devel list, and the 
>>> usual notification I get for new messages wasn't working correctly.
>>>
>>> Your question is good.  An administrator account needs to 
>>> authenticate the initial account creation request for a PI.  Because 
>>> the PI is such a privileged role, only a more privileged account can 
>>> vouch for him.
>>>
>>> The admin can find the user who registered, then enable the user and 
>>> add the PI role.
>>>
>>> Does this help?
>>>
>>> Thank you,
>>> Stephen.
>>>
>>> Lee Breslau wrote:
>>>> Stephen,
>>>>
>>>> This worked great.  Thanks!  Now I'm wondering, once a site is 
>>>> added, who authenticates an initial account creation request?  That 
>>>> is, there isn't yet a site PI.
>>>> Does the site PI also need to be added through the API?
>>>>
>>>> If so, is that documented here:
>>>>
>>>> http://www.planet-lab.org/doc/plc_api
>>>>
>>>> Lee
>>>>
>>>>
>>>> Stephen Soltesz wrote:
>>>>> Hello, Lee,
>>>>>
>>>>> I've forwarded this to the devel list for posterity.  I'm sure 
>>>>> others may have a similar question at some point in the future.
>>>>>
>>>>> I see two questions:
>>>>>
>>>>> 1) how to add a site (to add a user).
>>>>> 2) how to log into the machine (either as site_admin or a new user)
>>>>>
>>>>> Please let me know if I've missed something.
>>>>>
>>>>> 1)
>>>>> Unfortunately, it's not a current feature to add sites through the 
>>>>> web interface.  Instead, this is done manually through the API.  
>>>>> If you've never done this before it may be a little weird, but it 
>>>>> should be straight forward.
>>>>>
>>>>> Start python:
>>>>>
>>>>>    $ python
>>>>>    >>> from xmlrpclib import Server
>>>>>    >>> XMLRPC_SERVER="https://boot.planet-lab.org/PLCAPI/"
>>>>>    >>> plc = Server(XMLRPC_SERVER, verbose=False, allow_none=True)
>>>>>    >>> auth = {'Username': '', 'AuthMethod': 'password', 
>>>>> 'AuthString': ''}
>>>>>
>>>>> Where you add the string for Username with the email address of 
>>>>> the administrative account for the system, and 'AuthString' with 
>>>>> the clear text password.  The default is 
>>>>> root at localhost.localdomain, with password of 'root'.
>>>>>
>>>>> Therefore, the default auth structure would be:
>>>>>
>>>>>    >>> auth = {'Username': 'root at localhost.localdomain', 
>>>>> 'AuthMethod': 'password', 'AuthString': 'root'}
>>>>>
>>>>> Then you will invoke a call on the api, using this authorization.
>>>>>
>>>>>    >>> plc.AddSite(auth, {'name': '',
>>>>>                           'url': '',
>>>>>                           'enabled': True ,
>>>>>                           'max_slices': 10,
>>>>>                           'login_base': '',
>>>>>                           'is_public': True,
>>>>>                           'abbreviated_name': ''})
>>>>>
>>>>> The number that's returned from the call is the site id for your 
>>>>> new site.
>>>>>
>>>>> The 'is_public' attribute determines whether or not the site is 
>>>>> visible on the 'Add Users' form.  The default site has this set to 
>>>>> false, and it gets reset at restart.
>>>>>
>>>>> 2)
>>>>> Each user account has an associated ssh public key.  For a given 
>>>>> site, only those users that are also Technical contacts have their 
>>>>> ssh keys copied to the site_admin account.  It sounds like you 
>>>>> know the steps for loading an ssh key with an account, I would 
>>>>> just try adding the Technical Contact role to the account you're 
>>>>> trying to use with the site_admin login.
>>>>>
>>>>> Please let me know if these directions are helpful, and please let 
>>>>> me know if you have any other questions.
>>>>>
>>>>> Thank you,
>>>>> Stephen.
>>>>>
>>>>>
>>>>> Lee Breslau wrote:
>>>>>> Stephen,
>>>>>>
>>>>>> So much for batching my questions as I'm stuck again.
>>>>>>
>>>>>> I'm trying to add a user account, and one of the fields I am 
>>>>>> prompted for is a Site Name.  There are no site names to choose 
>>>>>> from, but this is a required field.
>>>>>>
>>>>>> Also, how do I log into the box, either from the console or 
>>>>>> remotely?  the console says site admin only, but i don't know the 
>>>>>> account name or password.  Remotely, the documentation tells me 
>>>>>> to ssh as root using a public key in /etc/planetlab.  This is 
>>>>>> asking me for a password, which I don't know (and kind of makes 
>>>>>> me think the public key isn't being used.)
>>>>>>
>>>>>> Lee
>>>>>>
>>>>>>
>>>>
>>>> _______________________________________________
>>>> Devel mailing list
>>>> Devel at lists.planet-lab.org
>>>> https://lists.planet-lab.org/mailman/listinfo/devel
>>
>> _______________________________________________
>> Devel mailing list
>> Devel at lists.planet-lab.org
>> https://lists.planet-lab.org/mailman/listinfo/devel
>
> _______________________________________________
> Devel mailing list
> Devel at lists.planet-lab.org
> https://lists.planet-lab.org/mailman/listinfo/devel

More information about the Devel mailing list