Configuring ORCA OSCARS/ION handler

Overview

ORCA OSCARS/ION handler provides Orca with the interface to control Internet2 ION and ESnet OSCARS dynamic circuit services which provide VLAN-like MPLS service between connected sites. The ORCA handler deals with both v05 and v06 OSCARS versions (but not at the same time).

OSCARS v05

Configuration

Orca invoked OSCARS/ION client API via shell scripts. The client API first must be installed under $ORCA_HOME and a properties file needs to be created to communicate the configuration to ORCA. The client API must be configured with user certificate issued by Internet2 or ESnet to the user that has rights to create circuit reservations.

Installing OSCARS/ION client software

  • Follow these instructions to install the software under $ORCA_HOME/oscars. Two subdirectories must be present after you're done: $ORCA_HOME/oscars/axis2-1.4.1 and $ORCA_HOME/oscars/OSCARS-client-api.
  • Get user credentials from Internet2 or ESnet and install your certificate into OSCARS.jks as described in the document above
  • Modify $ORCA_HOME/oscars/OSCARS-client-api/examples/repo/axis2.xml to point to $ORCA_HOME/oscars/OSCARS-client-api/examples/repo/rampConfig.xml
  • Modify $ORCA_HOME/oscars/OSCARS-client-api/examples/repo/rampConfig.xml to point to $ORCA_HOME/oscars/OSCARS-client-api/examples/repo/OSCARS.jks and use the user alias for the certificate that was installed.
  • Install the missing perfsonar.jar into $ORCA_HOME/oscars/OSCARS-client-api/lib (to support 'list' command)
  • Test the installation by running a reservation from the client using $ORCA_HOME/oscars/OSCARS-client-api/examples/run.sh script as described in these instructions
  • Test the handler scripts in scripts directory. Set up the environment first by doing
    $ . ./settestenv.bash
    $ ./start-oscars.bash
    $ export OSCARS_UNIT_VLAN_TAG=<unit.vlan.tag from previous step>; ./query-oscars.bash
    $ export OSCARS_UNIT_VLAN_RESERVATION=<tag from previous step>; ./stop-oscars.bash
    $ ./list-oscars.bash
    

OSCARS v06

Configuration

Orca invoked OSCARS/ION client API via shell scripts. The client API program first must be installed using RPM or directly and a properties file needs to be created to communicate the configuration to ORCA. The properties include pointer to a Java keystore that includes

  • Private key and certificate of the user authorized to speak to OSCARS (typically issued by Internet2 or ESnet)
  • Trusted certificate of the IDC server to which the handler will be speaking. This can be retrieved by using openssl command and installed into a JKS.

Typically all certs and keys can be stored in the same JKS file protected by a single password.

Installing OSCARS/ION client software

Use the code from here and install either as RPM or directly from source

$ mvn clean package
$ tar -zcf oscars-0.6-client.tgz target/appassembler 
$ scp oscars-0.6-client.tgz some.host.running.orca:/opt/oscars-0.6
$ ssh some.host.running.orca tar -zxf /opt/oscars-0.6/oscars-0.6-client.tgz -C /opt/oscars-0.6/

It can be tested by issuing 'oscars' command

some.host.running.orca$ /opt/oscars-0.6/bin/oscars --command list --truststore /path/to/truststore.jks --keystore /path/to/keystore.jks --alias key-alias --keystorepass password 

Configure ORCA handler

Modify the following property file and install it under $ORCA_HOME/oscars/oscars.site.properties. Specify 'oscars.site.properties' property to point to this file in the actor configuration. Example actor configuration file.

Handler details

The OSCARS handler accepts the following properties from the controller:

  • config.interface.1 - first interface name (URN)
  • config.interface.2 - second interface name (URN)
  • config.duration - duration of the reservation in seconds
  • resource.bandwidth - bandwidth in Bps
  • unit.vlan.tag - optional tag to use. If no tag is specified, OSCARS will issue it and it will be returned as part of unit.vlan.tag return property

Return properties:

  • unit.vlan.tag
  • unit.vlan.reservation in the form GRI|interfaceA|vlan tagA|interfaceZ|vlan tagZ