# Chameleon Configurator

This notebook configures chameleon to host a pos testbed.  Once deployed, experiments can be performed in this testbed, e.g., [this example experiment](experiment.ipynb).

## Preparation

Before deploying pos, some preparation is required.

### Download Testbed Images

To boot the testbed machines, images of Linux distributions are required.  To keep this artifact small, they are not included in this notebook.

#### Debian bullseye
For example `debian-11-generic-amd64-20230124-1270.tar.xz` from [cloud.debian.org](https://cloud.debian.org/images/cloud/bullseye/20230124-1270/) but other [official cloud images](https://cloud.debian.org/images/cloud/) should work as well.

In [1]:
wget --continue https://cloud.debian.org/images/cloud/bullseye/20230124-1270/debian-11-generic-amd64-20230124-1270.tar.xz

--2023-11-13 14:52:21--  https://cloud.debian.org/images/cloud/bullseye/20230124-1270/debian-11-generic-amd64-20230124-1270.tar.xz
Resolving cloud.debian.org (cloud.debian.org)... 194.71.11.165, 194.71.11.173, 194.71.11.163, ...
Connecting to cloud.debian.org (cloud.debian.org)|194.71.11.165|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://saimei.ftp.acc.umu.se/images/cloud/bullseye/20230124-1270/debian-11-generic-amd64-20230124-1270.tar.xz [following]
--2023-11-13 14:52:27--  https://saimei.ftp.acc.umu.se/images/cloud/bullseye/20230124-1270/debian-11-generic-amd64-20230124-1270.tar.xz
Resolving saimei.ftp.acc.umu.se (saimei.ftp.acc.umu.se)... 194.71.11.138, 2001:6b0:19::138
Connecting to saimei.ftp.acc.umu.se (saimei.ftp.acc.umu.se)|194.71.11.138|:443... connected.
HTTP request sent, awaiting response... 416 Requested Range Not Satisfiable

    The file is already fully retrieved; nothing to do.



In [2]:
b2sum debian-11*.tar.xz # checksum for reproducibility

4fbe8c172e3c916ff5c583534dfe9649c84c4729e06b837098780c7642819bf35d1b6e06a2616deab8dbc9722711379fe314250453cd44ee03329ee29832b560  debian-11-generic-amd64-20230124-1270.tar.xz


#### iPXE
[`ipxe.iso`](https://boot.ipxe.org/ipxe.iso) from [boot.ipxe.org](https://boot.ipxe.org/) (sadly not versioned) or build your own.

In [3]:
wget --continue https://boot.ipxe.org/ipxe.iso

--2023-11-13 14:52:29--  https://boot.ipxe.org/ipxe.iso
Resolving boot.ipxe.org (boot.ipxe.org)... 54.246.183.96, 2a05:d018:a4d:6403:2dda:8093:274f:d185
Connecting to boot.ipxe.org (boot.ipxe.org)|54.246.183.96|:443... connected.
HTTP request sent, awaiting response... 416 Requested Range Not Satisfiable

    The file is already fully retrieved; nothing to do.



In [4]:
b2sum ipxe.iso # checksum for reproducibility

462c3871698ced3fe4f942366ddd5587890d1548eb3681142f8ff22ee4cadb1fb921b2a153b0dacf687d5e162f6173598ac88cb85e01f1ca1a7a72ed47cb6d7b  ipxe.iso


## Acquire the Setup Scripts

To continue, access to the pos setup scripts is required.  For this, please email `pos` at `net.in.tum.de` with a public SSH key.  To display this notebook's public SSH key use the following command:

In [5]:
ssh-add -L

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDaL05zbjLNZ053ffsff+1m1itiAZ5iBvJleQe2qKMGLuWPWctrUcGnz2uY9XxxuxQTGsi0hMzkST/7XsE0AEmOw6Z4YJLjKfJtNcUNywz/qPFaLcrks/GsxyKIRLIjfj7pdFjs4dYX8Q8ej4jefxqBGHGCEbdB1xuCyqJiyJFvH6fg41Z2l6UggI7HgYX98jNNeQksE4574Mgp6vWx0Yb5qItjM89ted3xFcaXX1K1vrATk8g4KIhg7pIDuEoMeExoKNDGh5IFF64JU+LN1h5E08rYCh168aVZ3LH4XeF2y9HXEEGvxMicuLuM6y4EGi4GqYzQKCENWNzmNvcD/hF/seuZFmvMRcaPRdIqz6+IE4w9P9TR09uadgC3WHIRbCw2FgiiO4FRwc8jDh6B3QpHG9w3sccd+ldBXJRDCW32VOaswfG++ex37rQVNrhckNK/a5apeO+JEBUKGoCOUe13fo4x7xBf9zwkgC9z6HtcW+Fwp2sSb2yt1hmRqAVjhME6TlP8iA8QsrpjfRhP5hX1D15pxztfWkBAd3WxyveyRdnB1O94yvpyuni9xkvrmYIRcvGf7tXuy+Az8a556TaNwH8f7zPAorXWIyXwLerED/Pb0cJkTPfH3ZyFEfQUM6DZadnG9oHXgb0DG9QKiCmA4IrKCKN3hyNb8dh5OD7pvw== /work/.ssh/id_rsa


Once access has been granted, clone the setup scripts:

In [6]:
(export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
[ ! -e setup-pos ] && git clone git@gitlab.lrz.de:pos-x/erdloeweneinrichter.git setup-pos
git -C setup-pos pull)

remote: Enumerating objects: 3, done.[K
remote: Counting objects: 100% (3/3), done.[K
remote: Compressing objects: 100% (3/3), done.[K
remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0[K
Unpacking objects: 100% (3/3), 4.01 KiB | 2.00 MiB/s, done.
From gitlab.lrz.de:pos-x/erdloeweneinrichter
   7d6c102..27caa93  master     -> origin/master
Updating 7d6c102..27caa93
Fast-forward
 cheating.py | 5 [32m++++[m[31m-[m
 1 file changed, 4 insertions(+), 1 deletion(-)


### Reproducibility

The setup scripts will likely be improved over time.  Thus, using a recent commit is likely helpful.  This notebook used the following commit:

In [7]:
git -C setup-pos rev-parse --short HEAD

27caa93


## Create a pos Testbed

Ensure all requirements are installed, e.g., via:

In [8]:
(python3 -m venv venv3
. venv3/bin/activate
pip3 install -r setup-pos/requirements.txt)


[notice] A new release of pip available: 22.3.1 -> 23.3.1
[notice] To update, run: pip install --upgrade pip


The following script will:

1. Create a 1+2 node topology (1 management node; 2 experiment nodes)
    - using the OpenStack configuration from this notebook's environment
    - allowing access only for this notebook's external IP (alas, we need an external service for this)
2. Deploy pos via Ansible on the management node (see script for more options)

In [9]:
(. venv3/bin/activate
setup-pos/deploy-posd.sh -d "${PWD}/debian-11"*".tar.xz" -i "${PWD}/ipxe.iso" \
    -c "${PWD}/app-cred-pos-openrc.sh" \
    -p "$(curl -s ifconfig.me)/32" -k <(ssh-add -L))

+ python3 /work/ELE/setup-pos/create-openstack-testbed.py -vvvv --debian /work/ELE/debian-11-generic-amd64-20230124-1270.tar.xz --ip 129.114.35.22/32 --ipxe /work/ELE/ipxe.iso --key /dev/fd/63 --output /work/ELE/setup-pos/deploy-posd.json
INFO:root:creating networks
INFO:root:preparing SSH key
INFO:root:uploading management server image (this may take a while)
INFO:root:configuring security group
INFO:root:creating management server
INFO:root:waiting for management server to build
INFO:root:configuring experiment network(s)
INFO:root:uploading experiment node image
INFO:root:creating experiment servers (in joint server group)
INFO:root:waiting for experiment servers to build
INFO:root:001/600: waiting for SSH banner of management host (@129.114.27.122)
INFO:root:002/600: waiting for SSH banner of management host (@129.114.27.122)
INFO:root:003/600: waiting for SSH banner of management host (@129.114.27.122)
INFO:root:004/600: waiting for SSH banner of management host (@129.114.27.122)


(Information about the deployed topology is stored, by default, in `setup-pos/deploy-posd.json`.  This file can be used later on to remove anything created in chameleon for this topology.)


__Note__: `debian`'s `sudo` password can be obtained via `jq -r .metadata.management_server.password setup-pos/deploy-posd.json`.

## Access the Testbed

The management node's external IP is stored in `deploy-posd.json` with key `.metadata.management_server.ip4.floating `, i.e., the following should work:

```
ssh "debian@$(jq -r .metadata.management_server.ip4.floating setup-pos/deploy-posd.json)" -- pos --help
```

Depending on which key was used, `-i your.pub` needs to be added. Also, since the machine is temporary, `-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null` is recommended as well, resulting in:

In [10]:
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null "debian@$(jq -r .metadata.management_server.ip4.floating setup-pos/deploy-posd.json)" -- pos --help

Usage: pos [OPTIONS] COMMAND [ARGS]...

  Plain-orchestrating service to access and manipulate the test nodes of this
  testbed.

  Quickstart:

  0. Look at available nodes:

      $ pos nodes list

      $ pos allocations list

  1. Allocate testnodes you want to use for one experiment:

      $ pos allocations allocate nodeA nodeB [...]

  2. Configure the nodes (per node):

      $ pos nodes image nodeA debian-stretch

      $ pos nodes reset nodeA

  3. Execute commands on the nodes (per node):

      $ pos commands launch nodeA -- echo $(hostname)

  You may use command prefixes, e.g. "pos n l" for "pos nodes list"

Options:
  --version             Show the version and exit.
  --color / --no-color
  -h, --help            Show this message and exit.

Commands:
  allocations  Define nodes taking part in an experiment.
  commands     Execute commands on testbed nodes or roles.
  images       List available/add new images.
  nodes        Access testbed nodes or roles.
  roles        

### Sample Experiment

The pos testbed is now ready to be used with for experiments.
One example experiment to try is [this experiment](experiment.ipynb).

In [11]:
mkdir -p ~/.ssh/
ssh-keyscan -t rsa "$(jq -r .metadata.management_server.ip4.floating setup-pos/deploy-posd.json)" >> ~/.ssh/known_hosts
ssh -fN -L 127.0.1.1:5000:172.16.0.1:5000 "debian@$(jq -r .metadata.management_server.ip4.floating setup-pos/deploy-posd.json)"

# 129.114.27.122:22 SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1


In [12]:
(. venv3/bin/activate
# install and configure the pos api library
pip install "git+ssh://debian@$(jq -r .metadata.management_server.ip4.floating setup-pos/deploy-posd.json)/srv/testbed/pos/cli/"
cp -v "$(find venv3 -name poslib)/default_configuration.py" "$(find . -name poslib)/configuration.py"
sed -i -e 's%172.16.0.1%127.0.1.1%' "$(find venv3 -name poslib)/configuration.py"
# install requirements needed to run the pos kernel locally
pip install "ipykernel==6.23.1")

Collecting git+ssh://****@129.114.27.122/srv/testbed/pos/cli/
  Cloning ssh://****@129.114.27.122/srv/testbed/pos/cli/ to /tmp/pip-req-build-en3qo8bm
  Running command git clone --filter=blob:none --quiet 'ssh://****@129.114.27.122/srv/testbed/pos/cli/' /tmp/pip-req-build-en3qo8bm
  Resolved ssh://****@129.114.27.122/srv/testbed/pos/cli/ to commit 56923469f093931f7a9ae9dd32237e93b19d331d
  Preparing metadata (setup.py) ... [?25ldone
[?25hCollecting geni-lib@ git+https://gitlab+deploy-token-1130:****@gitlab.lrz.de/I8-testbeds/misc/ma-schaeffner/geni-lib.git#egg=geni-lib-0.9.9.5
  Cloning https://gitlab%2Bdeploy-token-1130:****@gitlab.lrz.de/I8-testbeds/misc/ma-schaeffner/geni-lib.git to /tmp/pip-install-5hz5p7rw/geni-lib_5c2bd75dfdcf42cf88873ee4dcb55e93
  Running command git clone --filter=blob:none --quiet 'https://gitlab%2Bdeploy-token-1130:****@gitlab.lrz.de/I8-testbeds/misc/ma-schaeffner/geni-lib.git' /tmp/pip-install-5hz5p7rw/geni-lib_5c2bd75dfdcf42cf88873ee4dcb55e93
  Resolved h

In [13]:
(. venv3/bin/activate
python -m ipykernel install --user --name posd --display-name "Python (posd)")

Installed kernelspec posd in /home/ga42his_tum_de/.local/share/jupyter/kernels/posd


In [14]:
mkdir -p ~/.pos
# call pos to make sure authentication_token was created
ssh "debian@$(jq -r .metadata.management_server.ip4.floating setup-pos/deploy-posd.json)" -- pos nodes list > /dev/null
scp "debian@$(jq -r .metadata.management_server.ip4.floating setup-pos/deploy-posd.json):.pos/authentication_token" ~/.pos/authentication_token

authentication_token                          100%  515   340.3KB/s   00:00    


## Clean-Up

To remove any component created when setting up pos, run:

In [None]:
(. venv3/bin/activate
unset $(env|cut -d= -f1|grep '^OS_');. app-cred-pos-openrc.sh
python3 setup-pos/post-cleanup-openstack.py setup-pos/deploy-posd.json && rm -v setup-pos/deploy-posd.json)

The `setup-pos/deploy-posd.json` should have been created in the previous step.