Deploying an SM (Service Manager)

Overview

An SM is the actor representing ORCA users. It acts as a client to request, launch, and monitor slices, and receives notifications pertaining to the slice. An SM can run any of a number of controller plugins on a per-slice basis. The controllers implement different resource management policies or choices for the slice. Controller plugins can export external interfaces (programmatic or GUI) for users or external tools to drive the choices.

In the GENI project, we deploy a default standard SM controller called XMLRPC controller for all slices. The XMLRPC controller exports programmatic APIs defined in the GENI project, for use by external tools. Currently the most common interface is GENI AM API. ORCA also has a native XMLRPC interface for tools to create slices. The ORCA XMLRPC Controller plugin implements both of those. An SM running the ORCA XMLRPC controller exports all resources offered by brokers that are visible to the SM. In essence, it exposes an ORCA networked cloud as a single GENI aggregate. The actual ORCA AM protocol uses tickets and leases to implement resource management functions that are not yet available in the GENI AM API.

You can install an SM on any host with a public access to the Internet (to allow communication with other ORCA actors and remote actor registry).

Deploying ORCA Container with a SM actor

  • Create a MySQL database
  • Create ORCA configuration file structure. Generate one GUID for the new container and one GUID and certificate for a new actor and take note of the actor GUID. Configure this container to use remote actor registry. If there are multiple brokers that this SM might talk to and you want to use one of these brokers as the default broker, follow directions to configure default broker for this SM .
  • Use this file as a template for the actor configuration. Substitute the actor name and guid in it for your unique name and guid and modify the description.
  • Place the file under $ORCA_HOME/config/config.xml
  • Create a configuration file for the controller based on this sample and place it under $ORCA_HOME/config/xmlrpc.controller.properties
    • The properties in this file configure the user authorization mechanism, the trust relationship with e.g. GENI federation and whether the slice manifests from this SM should be published to a preconfigured XMPP server.
    • Trust relationship is configured via a truststore file. Place the truststore file geni-trusted.jks attached to this page under $ORCA_HOME/config/ and be sure xmlrpc.controller.properties points to it. The attached file contains trusted certs from GPO, ProtoGENI and BEN. Truststore password is 'orcaorca'. At deployment you should change the password (and put the new password into xmlrpc.controller.properties) using the command
      $ keytool -storepasswd -new newpassword -keystore geni-trusted.jks
      
    • Alternatively you can create your own JKS truststore by importing selected certificates from GPO and Emulab. Only include CA certificates from authorities you want your controller to be able to accept certificates from.
    • Configure the user whitelist.
  • Download and configure Tomcat (with SSL if you plan to use ProtoGENI AM API).
    • Starting with Camano 3.1 we suggest using stock Tomcat 7 instead of the modified Tomcat 5.5 used in the past. You must configure Tomcat 7 with SSL as stated in the instructions.
  • Deploy the ORCA Binary release webapp into Tomcat.
  • Read about ORCA container recovery features

Operation

The GUI Portal allows you to place reservations for individual slivers directly. If you want more sophisticated operation, consult documentation on ORCA XMLRPC controller on how to use the GENI and ProtoGENI AM XMLRPC API.

The page with emulation mode operation has videos that show ORCA web portal operation.

Using the SM

ORCA offers a number of interfaces described in this document.

Attachments