This directory contains the implementations of various Semantically Aware as well as SFA enabled APIs and services.
You may skip this part if you already have ruby 2.0.0 and the libraries required, up and running in your system.
First, install rvm:
$ curl https://raw.githubusercontent.com/rvm/rvm/master/binscripts/rvm-installer | bash -s stable
After installation just restart your terminal and type:
$ type rvm | head -n 1
If it prints "rvm is a function" then everything is fine.
Make sure you install ruby 2.0.0 version
$ rvm install 2.0.0
Install xmlsec1, which is required by the am_server
$ sudo apt-get install libxmlsec1-dev xmlsec1
$ sudo apt-get install libsqlite3-dev
$ gem install bundler
The first step is to clone the SAM repository
$ git clone https://github.com/maravger/samant-sfa.git
$ mv samant omf_sfa
$ cd omf_sfa
$ mkdir ready4translation
$ export OMF_SFA_HOME=`pwd`
$ bundle install
This file, OMF_SFA_HOME/etc/omf-sfa/omf-sfa-am.yaml, is the central configuration file of SAM.
$ cd $OMF_SFA_HOME/etc/omf-sfa
$ nano omf-sfa-am.yaml
change domain to omf:TESTBED_NAME*
*replace TESTBED_NAME with your testbed's name. For instance, at NETMODE we use "netmode".
Next you have to install the openrdf-sesame adaptor:
$ wget https://netix.dl.sourceforge.net/project/sesame/Sesame%204/4.1.2/openrdf-sesame-4.1.2-sdk.tar.gz
Unzip the folder and deploy the openrdf-sesame.war and openrdf-workbench.war, located in the openrdf-sesame-4.1.2/war folder. For the deployment you may use Apache Tomcat or any other known alternative of your choice (for the Apache Tomcat, deploying involves copying the .war files in the /webapps folder and starting the server).
Now you are ready to deploy the Semantic Graph Database. Request a copy of GraphDB 8 from here:
https://ontotext.com/products/graphdb/
Unfortunately we can not provide you with a direct download link, but one will be available to you shortly after filling the required fields. Make sure to download it "as a standanlone server".
When the download has finished, it is time to run the GraphDB instance. After unziping it,navigate to the downloaded folder and execute the following script.
$ cd /bin
$ ./graphdb -d -Xms10g -Xmx10g -p ~/pid
The GraphDB Workbench is available at port 7200 of your machine. Then you will have to create a new repository. Download the default configuration file:
$ wget http://graphdb.ontotext.com/free/_downloads/repo-config.ttl
Change the repositoryID field to your liking and issue the following command:
$ curl -X POST http://0.0.0.0:7200/rest/repositories -H 'Content-Type: multipart/form-data' -F "config=@repo-config.ttl"
Now you should import the respective Ontologies. Firstly, download them, in your home repository, like this:
$ wget http://samant.lab.netmode.ntua.gr/omn-domain-sensor_v_2_0.ttl.txt
$ wget http://samant.lab.netmode.ntua.gr/omn-domain-uxv_v_2_0.ttl.txt
Next you have to import the ontologies into the newly created repository, but first you have to kill the running graphdb instance. For this purpose issue the following commands:
$ kill "$(cat ~/pid)"
$ ./loadrdf -f -i localSAM -v -m parallel ~/omn-domain-sensor_v_2_0.ttl ~/omn-domain-uxv_v_2_0.ttl
$ ./graphdb -d -Xms10g -Xmx10g -p ~/pid
The semantic repository is ready! You can see your newly created repo at localhost:7200.
Now it's time to deploy the sesame adapter. Navigate to the /bin folder of your tomcat installation and issue the following commands:
$ ./startup.sh
Navigate to the /bin folder of the /openrdf-sesame directory and run the following:
$ ./console.sh
> connect http://localhost:8080/openrdf-sesame
> create remote
and specify the variables as in the following:
Please specify values for the following variables:
Sesame server location [http://localhost:8080/openrdf-sesame]: http://localhost:7200/
Remote repository ID [SYSTEM]: <graphdbrepositoryID>*
Local repository ID [SYSTEM@localhost]: remoteSAM
Repository title [SYSTEM repository @localhost]: samRemoteClean
Repository created
*Remember to change the according the one you provided above.
Congratulations, your repository is now created and connected to the adapter!
Use the Rakefile to set up the relational database, where the authorization/authentication information is being stored.
$ cd $OMF_SFA_HOME
$ rake db:migrate
This will actually create an empty database based on the information defined on the configuration file.
The directory which holds the certificates is specified in the configuration file. First we have to create a root self signed certificate for our testbed that will sign every other certificate we create.
$ omf_cert.rb --email root@DOMAIN** -o root.pem --duration 50000000 create_root
*please replace DOMAIN with your tesbed's domain. For instance, at NETMODE testdbed, we use "netmode.ntua.gr".
Then you have to copy this file to the trusted roots directory (defined in the configuration file)
$ mkdir ~/.omf
$ mkdir ~/.omf/trusted_roots
$ cp root.pem ~/.omf/trusted_roots
Now we have to create the certificate used by am_server and copy it to the corresponding directory. Please notice that we are using the root certificate, we have just created, in --root argument.
$ omf_cert.rb -o am.pem --geni_uri URI:urn:publicid:IDN+omf:TESTBED_NAME*+user+am --email am@DOMAIN** --resource-id xmpp://147.102.13.123:5269@omf:TESTBED_NAME* --resource-type am_controller --root root.pem --duration 50000000 create_resource
$ cp am.pem ~/.omf/
*replace TESTBED_NAME with your testbed's name. For instance, at NETMODE we use "netmode". **once again, replace DOMAIN with your tesbed's domain. For instance, at NETMODE testdbed, we use "netmode.ntua.gr".
We also have to create a user certificate (for root user) for the various scripts to use. You can use this command to create certificates for any user you wish. .
$ omf_cert.rb -o user_cert.pem --geni_uri URI:urn:publicid:IDN+omf:TESTBED_NAME*+user+root --email root@DOMAIN** --user root --root root.pem --duration 50000000 create_user
$ cp user_cert.pem ~/.omf/
*replace TESTBED_NAME with your testbed's name. For instance, at NETMODE we use "netmode". **once again, replace DOMAIN with your tesbed's domain. For instance, at NETMODE testdbed, we use "netmode.ntua.gr".
Now open the above certificates with any text editor copy the private key at the bottom of the certificate (with the headings) create a new file (get the name of the private key from the corresponding configuration file) and paste the private key in this file. For example:
$ vi user_cert.pem
copy something that looks like this
-----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEA4Rbp2cdAsZ2147QgqnQUeA4y8KSCXYpcp+acVIBFecVT94EC D59l162wMb67tGSwSim3K59olN02A6beN46u ... aafh6gmHbDGx+j1UAo1bFtA kjYJDDXxhrU1yK/foHdT38v5TlGmSvbuubuWOskCJRoKkHfbOPlH -----END RSA PRIVATE KEY-----
$ vi user_cert.pkey
and paste inside.
Repeat this process for the am.pem certificate (am.pem and am.pkey). Also copy the am certificate to trusted_roots folder.
$ cp am.pem ~/.omf/trusted_roots
Update the configuration file OMF_SFA_HOME/etc/omf-sfa/omf-sfa-am.yaml
cert_chain_file: ~/omf_sfa/am.pem
private_key_file: ~/omf_sfa/am_key.pem
trusted_roots: ~/.omf/trusted_roots
To start a SAM instance (at port 443) from this directory, run the following:
$ cd $OMF_SFA_HOME
$ bundle exec ruby -I lib lib/omf-sfa/am/am_server.rb start
for the default 8001 port, or the following for the 443 port
$ rvmsudo bundle exec ruby -I lib lib/omf-sfa/am/am_server.rb start -p 443
which should result into something like:
DEBUG AMScheduler: initialize_event_scheduler
DEBUG AMScheduler: Initial leases: [...]
DEBUG AMScheduler: add_samant_lease_events_on_event_scheduler: lease: ...
DEBUG AMScheduler: Existing jobs on event scheduler:
DEBUG AMScheduler: job: ...
DEBUG AMScheduler: job: ...
Thin web server (v1.6.0 codename Greek Yogurt)
Maximum connections set to 1024
Listening on 0.0.0.0:8001, CTRL+C to stop
INFO XMPP::Communicator: Connecting to '...' ...
Connected to the XMPP.
INFO XMPP::Communicator: Connected
DEBUG XMPP::Topic: New topic: ...
DEBUG Auth::CertificateStore: Registering certificate for '...' - /C=US/ST=CA/O=ACME/OU=Roadrunner/CN=xmpp://10.0.0.200@omf:netmode/type=am_controller/...
DEBUG OmfRc::ResourceFactory:
DEBUG XMPP::Topic: New topic: am_controller
AM Resource Controller ready.
DEBUG XMPP::Communicator: _create >> ... SUCCEED
DEBUG XMPP::Communicator: _subscribe >> ... SUCCEED
DEBUG XMPP::Communicator: _subscribe >> am_controller SUCCEED
DEBUG Auth::CertificateStore: Registering certificate for '{:uuid=>"...", :geni=>"omf"}' - /C=US/ST=CA/O=ACME/OU=Roadrunner/CN=xmpp://10.0.0.200@omf:netmode/type=am_controller/...
DEBUG XMPP::Topic: New topic: xmpp://am_controller@10.0.0.200
DEBUG XML::Message: Found cert for 'xmpp://am_controller@10.0.0.200 - #<OmfCommon::Auth::Certificate subj=/C=US/ST=CA/O=ACME/OU=Roadrunner/CN=xmpp://10.0.0.200@omf:netmode/type=am_controller/...
DEBUG XMPP::Topic: (am_controller) register handler for 'message'
DEBUG XMPP::Communicator: publish >> am_controller SUCCEED
DEBUG Auth::CertificateStore: Registering certificate for '{:uuid=>"...", :geni=>"omf"}' - /C=US/ST=CA/O=ACME/OU=Roadrunner/CN=xmpp://10.0.0.200@omf:netmode/type=am_controller/...
DEBUG XMPP::Topic: (am_controller) Deliver message 'inform': ...
DEBUG XMPP::Topic: (am_controller) Message type '[:inform, :message, :create_succeeded, :creation_ok]' (OmfCommon::Message::XML::Message:)
DEBUG XMPP::Topic: (am_controller) Distributing message to '...'
DEBUG XMPP::Topic: Existing topic: xmpp://am_controller@10.0.0.200
A json file that describes the resources is required. This file can contain either a single resource or more than one resources in the form of an array. A sample file is as follows. The description of each resource is in the form of filling specific values to the predefined properties of each resources. The set of the properties of each resource is defined in its model:
{
"resources": {
"name": "netmode1",
"type": "uxv",
"authority": "samant",
"resource_description": {
"resourceId": "UxV_NETMODE1",
"hasInterface": [
{
"name": "uav1:wlan0",
"type": "wireless_interface",
"authority": "samant",
"resource_description": {
"hasComponentName": "uav1:wlan0",
"hasRole": "experimental"
}
},
{
"name": "uav1:eth0",
"type": "wired_interface",
"authority": "samant",
"resource_description": {
"hasComponentName": "uav1:eth0",
"hasRole": "experimental"
}
}
],
"hasUxVType": "http://www.semanticweb.org/rawfie/samant/omn-domain-uxv#UaV/"
}
}
}
To populate the database with the resources:
$ curl --cert user_cert.pem --key user_cert.pkey -i -H "Accept: application/json" -H "Content-Type:application/json" -X POST -d @jsons/cr_uxv.json -k https://localhost:443/admin/create
Now let's use the REST interface again to see the data we created:
$ curl --cert user_cert.pem --key user_cert.pkey -i -H "Accept: application/json" -H "Content-Type:application/json" -X GET -d @jsons/get_inf.json -k https://localhost:443/admin/getinfo
The most enriched way to interact with SAM is through its REST API. Start with listing all available resources:
$ curl --cert certs_p12/root.p12:pass -i -H 'Accept: application/json' -H 'Content-Type:application/json' -X GET -d @jsons/LR_options.json -k https://localhost:443/samant/listresources
with LR_options.json containing
{
"options": {
"only_available": true
}
}
Please note the -k (or --insecure) option as we are using SSL but the server by default is not using a cert signed by a public CA.
$ sfi.py version
{ 'geni_ad_rspec_versions': [ { 'extensions': [ 'http://nitlab.inf.uth.gr/schema/sfa/rspec/1/ad-reservation.xsd'],
'namespace': 'http://www.geni.net/resources/rspec/3',
'schema': 'http://www.geni.net/resources/rspec/3/ad.xsd',
'type': 'geni',
'version': '3'}],
'geni_api': 3,
'geni_api_versions': { '3': 'http://nitlab.inf.uth.gr:8001/RPC3'},
'geni_credential_types': [{ 'geni_type': 'geni_sfa', 'geni_version': 3}],
'geni_request_rspec_versions': [ { 'extensions': [ 'http://nitlab.inf.uth.gr/schema/sfa/rspec/1/request-reservation.xsd'],
'namespace': 'http://www.geni.net/resources/rspec/3',
'schema': 'http://www.geni.net/resources/rspec/3/request.xsd',
'type': 'geni',
'version': '3'}],
'omf_am': '0.1'}
sfi.py resources
<?xml version="1.0"?>
<rspec xmlns="http://www.geni.net/resources/rspec/3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ol="http://nitlab.inf.uth.gr/schema/sfa/rspec/1" xmlns:omf="http://schema.mytestbed.net/sfa/rspec/1" type="advertisement" xsi:schemaLocation="http://www.geni.net/resources/rspec/3 http://www.geni.net/resources/rspec/3/ad.xsd http://nitlab.inf.uth.gr/schema/sfa/rspec/1 http://nitlab.inf.uth.gr/schema/sfa/rspec/1/ad-reservation.xsd" generated="2017-06-27T12:20:27+03:00" expires="2017-06-27T12:30:27+03:00">
<ol:lease id="f4996b30-956c-4e46-a8c0-187707311c1b" client_id="l1" sliver_id="urn:publicid:IDN+omf:netmode+sliver+f4996b30-956c-4e46-a8c0-187707311c1b" valid_from="2010-01-08T19:00:00Z" valid_until="2017-11-08T20:00:00Z"/>
<node component_id="urn:publicid:IDN+omf:nitos.outdoor+node+node001" component_manager_id="urn:publicid:IDN+omf:netmode+authority+cm" component_name="node001" exclusive="true">
<available now="false"/>
<hardware_type name="PC-Grid"/>
<interface component_id="urn:publicid:IDN+omf:netmode+interface+node001:if0" component_name="node001:if0" role="control">
<ip address="10.0.1.1" type="ipv4" netmask="255.255.255.0"/>
</interface>
<interface component_id="urn:publicid:IDN+omf:netmode+interface+node001:if1" component_name="node001:if1" role="experimental"/>
<ol:lease_ref id_ref="f4996b30-956c-4e46-a8c0-187707311c1b"/>
<location latitude="39.360814" longitude="22.950075"/>
<sliver_type name="miniPC1">
<disk_image name="Voyage-0.9.2" os="Ubuntu" version="3.10.11-voyage"/>
</sliver_type>
</node>
<node component_id="urn:publicid:IDN+omf:nitos.outdoor+node+node001" component_manager_id="urn:publicid:IDN+omf:netmode+authority+cm" component_name="node0134" exclusive="true">
<available now="true"/>
<hardware_type name="PC-Grid"/>
<interface component_id="urn:publicid:IDN+omf:netmode+interface+node001:if0" component_name="node001:if0" role="control">
<ip address="10.0.1.1" type="ipv4" netmask="255.255.255.0"/>
</interface>
<interface component_id="urn:publicid:IDN+omf:netmode+interface+node001:if1" component_name="node001:if1" role="experimental"/>
<location latitude="39.360814" longitude="22.950075"/>
</node>
</rspec>
Use the following command to show the content of a cert in a human readable form:
$ openssl x509 -in ~/.gcf/alice-cert.pem -text
To verify certificates, use openssl to set up a simple SSL server as well as connect to it.
Server:
% openssl s_server -cert ~/.gcf/am-cert.pem -key ~/.gcf/am-key.pem -verify on
Client:
% openssl s_client -cert ~/.gcf/alice-cert.pem -key ~/.gcf/alice-key.pem
% openssl s_client -connect 127.0.0.1:8001 -key ~/.gcf/alice-key.pem -cert ~/.gcf/alice-cert.pem -CAfile ~/.gcf/trusted_roots/CATedCACerts.pem