Skip to content

EdgeNet-project/fed4fire

Repository files navigation

Fed4FIRE Aggregate Manager for EdgeNet

CI/Build CI/Docker Coverage

This package implements the GENI Aggregate Manager API Version 3 to federate EdgeNet under the Fed4FIRE+ project.

Accessing EdgeNet through Fed4FIRE

  • To run experiments on a Fed4FIRE testbed, follow the instructions at https://doc.fed4fire.eu.
  • EdgeNet defines one non-exclusive sliver type named container and one disk image named ubuntu2004.
  • View the testbed status on FedMon.

Example RSpecs

Minimal

<rspec type="request" xsi:schemaLocation="http://www.geni.net/resources/rspec/3 http://www.geni.net/resources/rspec/3/request.xsd " xmlns:client="http://www.protogeni.net/resources/rspec/ext/client/1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.geni.net/resources/rspec/3">
  <node client_id="PC" component_manager_id="urn:publicid:IDN+edge-net.org+authority+am"  exclusive="false">
  </node>
</rspec>

Specific node and disk image

<rspec type="request" xsi:schemaLocation="http://www.geni.net/resources/rspec/3 http://www.geni.net/resources/rspec/3/request.xsd " xmlns:client="http://www.protogeni.net/resources/rspec/ext/client/1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.geni.net/resources/rspec/3">
  <node client_id="PC" component_id="urn:publicid:IDN+edge-net.org+node+geni-us-tn-cb07.edge-net.io" component_manager_id="urn:publicid:IDN+edge-net.org+authority+am"  exclusive="false">
      <sliver_type name="container">
          <disk_image name="urn:publicid:IDN+edge-net.org+image+ubuntu2004"/>
      </sliver_type>
  </node>
</rspec>

Architecture

  • The AM server is stateless, all the information about slices and slivers is stored in Kubernetes objects annotations.
  • Object names are derived from the first 8 bytes of the SHA512 hash of the RSpec name. This allows to create objects with names that are valid in the GENI spec, but not in Kubernetes which mostly allows only alphanumeric chars.

Workarounds

  • Fed4FIRE uses client certificates with non-standard OIDs that are not supported by the Go X.509 parser. As such we rely on nginx to verify the client certificate and pass the decoded certificate to the AM server. The openssl CLI tool is then used to process the certificate, instead of the Go standard library.

Deployment

The AM image is hosted on Docker Hub (edgenetio/fed4fire):

docker run edgenetio/fed4fire:main --help

The AM must be deployed behind a reverse proxy that pass the X-Fed4Fire-Certificate header. For an example, see dev/nginx.conf.

Development

git clone git@github.com:EdgeNet-project/fed4fire.git && cd fed4fire/dev/
# Create a self-signed server certificate and download the trusted client root certificates
make
# Start the AM behind nginx
docker-compose up
# Optionnally, connect to the Go debug server
dlv connect localhost:40000
# Issue XML-RPC calls (set `--cert` to the appropriate client certificate path)
curl --cacert self_signed/ca-server.pem \
     --cert ~/.jFed/login-certs/*.pem \
     --data '<methodCall><methodName>GetVersion</methodName><params/></methodCall>' \
     --header 'Content-Type: text/xml' \
     --request POST \
     https://localhost:9443

About

Fed4FIRE Aggregate Manager for EdgeNet.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •