Fed4Fire with Omni
Jump to navigation
Jump to search
Although omni is explicitly stated as a compatible tool for working with Fed4Fire, finding documentation on how to do so can be complicated.
This page presents a working configuration file for using Fed4fire with omni completed with any useful considerations.
Omni configuration
[omni] default_cf = fedblock users = userblock aggregates=g5k [fedblock] type=chapi cert=<path_to_federation_certificate_and_key> key=<path_to_federation_certificate_and_key> ch=https:// ma=https://www.wall2.ilabt.iminds.be:12369/protogeni/xmlrpc/geni-ma/2 sa=https://www.wall2.ilabt.iminds.be:12369/protogeni/xmlrpc/geni-sa/2 [userblock] urn = urn:publicid:IDN+wall.ilabt.iminds.be+user+<username> keys = ~/.ssh/id_rsa.pub [aggregate_nicknames] g5k=urn:publicid:IDN+am.grid5000.fr+authority+am,https://am.grid5000.fr/
Fields details
- [omni]
- Fields within this block represents your default settings, they mostly point to other blocks in the configuration file.
- [fedblock]
- type
- Must be chapi (not sfa) to communicate with the member and slice authority set up by Fed4Fire.
- (thanks to Brecht Vermeulen for this indication)
- cert
- Path to the certificate provided by the Fed4Fire user authority, usually the same as the key.
- key
- Path to the key provided by the Fed4Fire user authority, usually the same as the cert cert.
- ch (Clearing House)
- Made useless by providing ma and sa but still mandatory, must at least contain a valid protocol.
- ma (Member authority)
- Address of Fed4Fire Member Authority API.
- (as seen in jFed-probe)
- sa (Slice authority)
- Address of Fed4Fire Slice Authority API.
- (as seen in jFed-probe)
- [userblock]
- urn
- URN attributed by federation authority, can be found in the certificate under Subject Alternative Name.
- Usually "urn:publicid:IDN+wall.ilabt.iminds.be+user+<username>".
- keys
- Path to ssh keys
- [aggregate_nicknames]
- List of aliases for Aggregate Managers (AM) written as :
- <alias>=<URN>,<address>
- the URN is optional, do not forget the coma