HADES v1.0 Installation Guide v0 -...
Transcript of HADES v1.0 Installation Guide v0 -...
HADES v1.0 Installation Guide v0.8
Last updated: 21-06-2012
Activity: SA2 T3
Dissemination Level: PU
Document Code: <GN3-0n-nnnvn>
Authors: Roland Karch, Andres Guerrero
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
Document Revision History
Version Date Description of change Person
0.1 20-07-11 First draft issued A. Guerrero
21-07-11 Revision S. Naegele-Jackson
0.2 27-07-11 Second draft issued A. Guerrero
0.3 28-07-11 Revision S. Naegele-Jackson
0.4 28-07-11 Revision S. Naegele-Jackson
0.5 1-08-11 Revision A. Guerrero
0.6 12-08-11 Third draft issued A. Guerrero
0.7 15-03-12 Fourth draft issued A. Guerrero
0.8 14-06-12 Fifth draft issued A. Guerrero
21-06-12 Revision S. Naegele-Jackson
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
iii
Table of Contents
1 Introduction 1
2 Architecture 2
3 Hardware requirements 4
3.1 Requirements of the HADES central server 4
3.2 Requirements for measuring points (clients) 5
4 Pre-configuration steps 6
4.1 IPv6 support on the measuring machines 6
4.2 Firewall configuration 7
4.3 Connectivity test 8
4.4 NTP configuration 9
4.5 Configuration of the repository 10
5 Installation process 11
5.1 Installation process on the server side 12
5.1.1 Installation of the needed resources for the HADES server package installation 12
5.1.2 Installation of the HADES server package 14
5.1.3 Installation of the database server 15
5.1.4 Postgres configuration file 18
5.1.5 SSH communication configuration between the measuring machines and
the central server 18
5.1.6 Configuration of the central server directory structure 19
5.1.7 Configuration of the HADES central server 20
5.1.8 Daemon configuration in the central server 23
5.2 Installation process on the client side 23
5.2.1 Installation of the required perl modules in the measuring points 23
5.2.2 Installation of the HADES package 24
5.2.3 Directory structure of measurement machines 25
5.2.4 Installation of the HADES traceroute package 26
6 Configuration deployment 27
7 User perspective 28
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
iv
8 Bibliography 29
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
1
1 Introduction
The DFN-LAB has developed a system called HADES (HADES Active Delay Evaluation System). HADES is a
tool that provides performance measurements following the IETF approach [RFC3393] and offers IPPM
performance metrics such as One-Way Delay (OWD) [1], One-Way Delay Variation (OWDV) and Packet Loss.
A transmitter station produces groups of UDP-packets (UDP: User Datagram Protocol) in configurable intervals,
signs each packet with a valid timestamp (based on a GPS hardware clock) and a sequence number and
transfers it to a receiving station. The receiver determines precisely the actual receiving time and stores all the
data in a file. With this information the one-way delay, the delay variation and packet loss on a single route can
be determined.
HADES is currently being used for all IP performance measurements at over 57 locations within the X-WiN (the
German R&E Network). HADES measurements are currently also being performed within GÉANT, within the
LHCOPN networks (Large Hadron Collider, CERN) and within NRENs participating in the GÉANT2 MDM
Prototype resulting in more than 100 measurement stations being deployed worldwide yielding data on over
5000 monitored paths. Access to the HADES measurement data is available through the perfSONAR-UI
graphical interface (http://www.perfsonar.net/).The purpose of this document is to provide a guide on how to
properly install HADES. This guide should be used together with the HADES User’s Guide [2] during the
installation process, which focuses primarily on the steps required to install and start HADES, in an
environment mainly based on two (or more) points of measurement and a central server. Because of this
distribution, the process presented here involves the manipulation of both a server system and client stations
that are in charge of measuring the network.
All steps described in this document were completed on machines with a Linux CentOS 5.6 32-bit operating
system.
This document is organized as follows: Chapter 2 is about the HADES architecture and the hardware
environment which this installation process uses. Subsequently, sections 3.1 and 3.2 in Chapter 3 focus on the
requirements for the installation of HADES. Chapter 4 gives an idea about what steps are useful to do before
the installation process of HADES begins. Chapter 5 describes the installation process itself, and finally,
Chapters 6 and 7 are related to post-installation steps of HADES.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
2
2 Architecture
The HADES architecture is described by the modules listed in figure 2.1. Several main parts can be identified:
The blue box on the left represents a measuring station, set up by a receiver process. As part of the outcome
‘raw data’ text files are produced, which contain the measurements (timestamps) made by the terminals. In the
middle there is the central server using the script “hades-analyzer.pl” to perform, among other tasks, the
analysis of raw data. As part of this analysis an aggregated representation of the raw data is generated with
different measures such as the time taken by the fastest/slowest package, the amount of lost packages, etc.
Figure 2.1: The different modules of the HADES architecture
On the right side of the figure there are two visualization modules. The upper module called ‘Map generation’ is
responsible for the generation of maps that characterize the different paths based on the measurements
previously obtained. The bottom module described as ‘HADES MA’ (Measurement Archive) is responsible for
the web visualization.
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
3
Figure 2.2: Basic structure of HADES
Figure 2.2 shows the basic structure of HADES that this installation process uses. Here the reader can see two
HADES measuring stations (Host1 and Host2), which interact with the central server to provide the
measurements obtained.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
4
3 Hardware requirements
3.1 Requirements of the HADES central server
The minimum requirements of hardware for a HADES server are the following:
Element Value
Central processing unit CPU 2 GHz
RAM memory 2 GB
Hard disk 40 GB
Table 3.1: HADES server requirements
Depending on the amount of measuring points (MP) that the server will have to manage and the amount of time
that the HADES central server will have to keep the measurements, the requirements increase as described in
the following table:
Storage duration
1 year 2 years 3 years 5 years 10 years
MP
10 16 GB 32 GB 47 GB 79 GB 157 GB
25 105 GB 209 GB 314 GB 523 GB 1044 GB
40 272 GB 544 GB 815 GB 1358 GB 2716 GB
60 617 GB 1233 GB 1849 GB 3 TB 6 TB
Table 3.2: Data storage requirements
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
5
Table 3.2 gives a quick overview of the data storage requirements depending on the scale of a deployment
(measured in number of measuring points MP) as well as the accumulated amount of data for certain periods of
time for a fully meshed configuration. This is the requirement for the scheduled data of one measurement
domain only. Dual stack measurements (IPv4/IPv6) double these requirements. If multiple measurement
domains are collected on the same server, the disk space requirements of each individual domain need to be
added up.
3.2 Requirements for measuring points (clients)
HADES is capable of running on any standard PC entry level hardware. To have the best available quality of
measurement results, the system should be thermally stable (case fans set to specific instead of adaptive
speeds, sufficient space in the case to allow for good ventilation) and if possible, any power saving features
affecting operating performance (adaptive processor speed, HD suspend, …) are best disabled. The NIC is
also a major factor affecting measurement results. For this it is important to consider Intel based chips and
cards. To achieve the best possible results, especially concerning exact OWD values and asymmetric delay
measurements, it is essential for the system to be synchronized to an external hardware clock or receiver (an
alternative will be explained in section 4.4). The Meinberg GPS170PCI/PEX are in use with a majority of the
systems running HADES, but other products like the significantly smaller Trimble GPS antenna also work well.
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
6
4 Pre-configuration steps
This chapter treats the previous configuration settings to be performed for a successfull installation of HADES.
Therefore, these sections prepare the environment for the HADES installation configuring basic things (like
firewall and NTP) that the installation process assumes ready to use.
4.1 IPv6 support on the measuring machines
The operating system, CentOS 5.6 in our case, supports both versions of the Internet Protocol, the IPv4 and
the IPv6. Both are needed by HADES. It may be that the operating system on which HADES is to be installed
does not support IPv6.
This section has the purpose of enabling the IPv6 protocol in case the machine that will host the HADES
software does not support it. This protocol could have been disabled during the installation of the operating
system, among other possible manipulations done on the machine. If the system administrator knows that the
machine certainly supports this protocol, the installation process of HADES can continue omitting this section.
To check this parameter, do the following:
1. In a measuring point go to the “/etc/” location
]# cd /etc/
2. In this directory execute the following command:
]# vi modprobe.conf
3. If the operating system does not support the IPv6 protocol, the file will contain 3 lines, as shown in
figure 4.1 that disable the IPv6 protocol on the machine. Delete these three lines.
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
7
Figure 4.1: IPv6 support in a HADES machine.
4. After editing the file, save the changes.
5. Restart the box.
4.2 Firewall configuration
This step describes how to configure the firewall to ensure an unobstructed communication. This section is
specifically applied to the range of ports used by HADES, which is specified in the configuration files located in
“/data/hades/domain_name/cfgs”. Typically the port range is from 50000 to 65535. On the path
previously named, the portion “domain_name” corresponds to the name given to the execution domain of
HADES. If the domain is called “example”, for instance, that path would have the form
“/data/hades/example/cfgs”.
The steps explained bellow, taken from [5], apply to the iptables/netfilter firewall built in the CentOS operating
system.
1. To check if iptables is installed on your system, type the following command:
]# rpm –q iptables
The output should be something similar to figure 4.2.
Figure 4.2: Output of checking an iptables installation
2. To see if iptables is actually running, type the following command:
]# lsmod | grep ip_tables
The output should be something like figure 4.3.
Figure 4.3: Output of checking if the iptables firewall is running
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
8
3. After checking the execution of iptables, the configuration of the HADES working ports will be the next
step. Type the following commands:
]# iptables -P INPUT ACCEPT
]# iptables -F
]# iptables -A INPUT -i lo -j ACCEPT
]# iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT
]# iptables -A INPUT -p udp -dport 50000:65535 -j ACCEPT
]# iptables -P INPUT DROP
]# iptables -P FORWARD DROP
]# iptables -P OUTPUT ACCEPT
4. To save the current firewall configuration type the command:
]# /sbin/service iptables save
From these commands, the most important is the “iptables -A INPUT -p udp -dport
50000:65535 -j ACCEPT” because it is the one that configures the range of the HADES working
ports. The other commands are important for the internal firewall configuration of the machine that
makes part of the HADES environment. If a user wants to learn more or extend this firewall
configuration, the link specified in [5] provides more information.
4.3 Connectivity test
Before any communication process and generation of public or private keys it is necessary to test the
connectivity between the different sites. In order to do that, a simple traceroute command can be executed
between the points that exchange information. For example, if the user wants to connect to the computer
whose IP address is 192.168.0.1, the traceroute test would be
]# traceroute 192.168.0.1
Once the other side of the communication responds successfully it is necessary to test the SSH connection.
This is accomplished by
]# ssh [email protected]
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
9
in which case “username” is the name of the user who executes the current process and “192.168.0.1” is
the IP address of the machine we want to communicate with. The first time around, it will ask you if you wish to
add the remote host to a list of known_hosts, go ahead and say yes. After the successful completion of this
test, logout from the remote machine using the following command:
]# exit
4.4 NTP configuration
The NTP configuration is necessary for the machines that perform the measurements to be synchronized in
time and date. This is done as follows:
1. The first resource to install in this section is NTP. To do this execute the following command:
]# yum install ntp.i386
2. Once the NTP tool has been installed, type the following command:
]# vi /etc/ntp.conf
3. Include in this file the line:
server myntp.server.com
From this line, the part “myntp.server.com” corresponds to the URL of the NTP server that HADES
will use for synchronization. Change this parameter with the time NTP resource that the environment
has.
4. After editing the file, save the changes.
5. To configure the NTP service to start on booting, type the following:
]# chkconfig ntpd on
6. To start, stop and restart NTP after booting, follow these examples:
]# service ntpd start
]# service ntpd stop
]# service ntpd restart
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
10
7. To test whether the NTP process is running use the command:
]# pgrep ntpd
8. To determine if NTP is properly synchronized use the command:
]# ntpq –p
The output of this command should be similar to figure 4.4.
For correct synchronization, the delay and offset values should be non-zero and the jitter value should
be under 100. An example of this is listed in figure 4.4.
Figure 4.4: NTP configuration example
It is necessary to clarify that if a machine is synchronized with an NTP server, it is mandatory that the other
machines that make up the HADES environment are also synchronized with the same server. In this way, the
quality of the obtained measurements is ensured. It is the responsibility of the user to include an NTP server in
this configuration that provides the desired functionality.
4.5 Configuration of the repository
This pre-configuration step is only necessary in the central server. To configure this do the following:
1. Go to the location “/etc/yum.repos.d” location:
]# cd /etc/yum.repos.d/
2. In this directory, type the following command:
]# wget http://downloads.perfsonar.eu/repositories/rpm/perfsonar-stable.repo
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
11
5 Installation process
The installation process will constantly change between the client and server, this is because many times an
operation depends on what takes place on the other side. However, the installation guide tries to explain first
the configuration steps that the HADES central server needs and then proceeds with the settings of the
measuring machine that the user needs to complete.
A central server configuration in HADES implies mainly the following steps:
1. Installation of the needed resources for the installation of the HADES server package.
2. Installation of the HADES server package.
3. Installation and configuration of the database used by HADES.
4. SSH communication configuration between the measuring machines and the central server.
5. Configuration of the directory structure.
6. Configuration of the HADES central server using the hades.conf file
Once these steps have been performed on the central server, several resources will be configured on the
measuring machines. Among those steps we have:
1. Installation of the needed perl modules.
2. Installation of the HADES package (client).
3. Installation of the HADES traceroute package.
Finally the measuring configuration will be deployed and the execution of the hades-analyzed daemon will
be explained.
In this context, we will proceed to show the installation of the perl modules needed to install the HADES server
package on the central server.
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
12
5.1 Installation process on the server side
5.1.1 Installation of the needed resources for the HADES server package installation
The tables below list the names of the modules required on the central server. The table explicitly specifies the
order in which the perl modules must be installed.
Order Module name Description
1. Params::Util Provides a basic set of importable functions that makes checking parameters a
lot easier
2. Task::Weaken Ensures that a platform has weaken support
3. Clone To recursively copy perl datatypes
4. List::MoreUtils To provide the stuff missing in List::Util
5. IO::String This module provides the IO::File interface for in-core strings.
6. PPI::Document Object representation of a perl document
7. Glib Perl wrappers for the GLib utility and object libraries
8. Pango For layout and rendering of international text
9. Number::Compare Numeric comparisons
10. Text::Glob To match globbing patterns against text
11. File::Find::Rule Alternative interface to File::Find
Table 5.1: Perl modules needed for the installation of the HADES server package (all these descriptions available at [6]).
The installation process of these modules is as follows:
1. Make a place to download the perl module
]# mkdir mymodule
where the portion “mymodule” indicates the name of the folder that will store the Perl module to
download.
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
13
2. Go to that new directory
]# cd mymodule
3. In that folder, execute the following command:
]# wget http://url.my.module.com/mymodule.rpm
where the portion “url.my.module.com/” indicates the location of the required perl module and
“mymodule.rpm” indicates the name of the new file.
4. Once the file has been downloaded, execute the following command:
]# yum --nogpgcheck localinstall mymodule.rpm
It could happen that the installation of a certain module needs a previous installation of another resource; in
that case, it is the responsibility of the system administrator to provide or install these resources. The
installation of the perl modules named above depends on the previous configuration of a repository. In the case
of CentOS, if the user cannot configure a repository (section 4.5), the perl modules included in the following
table 5.2 have to be additionally installed.
Order Module name Description
1. Params::Validate This module allows you to validate method or function call parameters to an
arbitrary level of specificity.
2. DateTime::Locale DateTime::Locale is primarily a factory for the various locale subclasses. It also
provides some functions for getting information on all the available locales.
3. Class::Singleton This module implements a Singleton class from which other classes can be
derived. By itself, the Class::Singleton module does very little other than manage the instantiation of a single object.
4. DateTime::Timezone This class is the base class for all time zone objects. A time zone is represented
internally as a set of observances, each of which describes the offset from GMT for a given time period.
5. libwww-perl The libwww-perl collection is a set of Perl modules which provides a simple and
consistent application programming interface to the World-Wide Web. The main focus of the library is to provide classes and functions that allow you to write WWW clients.
6. DateTime DateTime is a class for the representation of date/time combinations, and is part
of the Perl DateTime project.
7. DateTime::Format::HTTP This module provides functions that deal with the date formats used by the HTTP
protocol.
8. Gtk2 The Gtk2 module allows a Perl developer to use the Gtk+ graphical user
interface library.
9. Config::General This module opens a config file and parses its contents for you.
10. IO::Interface This module allows you to interrogate and change network interfaces.
11. Net::Daemon Net::Daemon is an abstract base class for implementing portable server
applications in a very simple way.
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
14
Order Module name Description
12. PIRPC (Perl RPC) is a package for implementing servers and clients that are written in
Perl entirely.
13. DBI The DBI is a database access module for the Perl programming language.
14. Log::Dispatch This module manages a set of Log::Dispatch::* output objects that can be logged
to via an unified interface.
15. GD GD allows you to create color drawings using a large number of graphics
primitives, and emit the drawings as PNG files.
16. Data::Compare Compares two perl data structures recursively. Returns 0 if the structures differ,
else returns 1.
17. DBD Database interfaces
18. YAML The YAML.pm module implements a YAML Loader and Dumper based on the
YAML 1.0 specification.
19. BD::Text::Align This module provides an object that draws a string aligned to a coordinate at an
angle.
Table 5.2: Perl modules to be installed in CentOS if no repository is available (all these descriptions are available at [6]).
5.1.2 Installation of the HADES server package
Once the needed perl modules have been installed, the installation of the HADES server package can be
executed. In order to achieve this, follow these commands:
1. Make a directory where the HADES server package will be downloaded. To do this, execute the
following command:
]# mkdir hadesserverlocation
Here, the portion “hadesserverlocation” corresponds to the name of the directory that will hold the
new package to download.
2. In this directory, type the following command:
]# wget http://downloads.perfsonar.eu/repositories/rpm/stable/noarch/Packages/hades-server-1.0-
1.noarch.rpm
This command will download the HADES server package in the location previously created.
3. To proceed with the installation of the package, type the following command:
]# yum --nogpgcheck localinstall hades-server-1.0-1.noarch.rpm
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
15
It could happen that the installation of a certain module needs a previous installation of another
resource; in that case, it is the responsability of the system administrator to provide or install these
resources.
5.1.3 Installation of the database server
It is necessary to have a database on the central server to collect the meta data obtained by the measuring
machines. This database is managed by PostgreSQL whose installation process will be accomplished inserting
the following command:
]# yum install postgresql84-server.i386
Once the database server has been installed, do the following steps:
1. As root, execute the following command:
]# mkdir –p /usr/local/pgsql/data
2. Once this location has been created, it is necessary to change the owner of that structure. To
accomplish this, execute the following command:
]# chown –R postgres.postgres /usr/local/pgsql
3. Now, change to the postgres user
]# su postgres
4. As postgres user, start the database cluster executing the following command:
postgres$ initdb –D /usr/local/pgsql/data
Once these steps have been completed, several new files can be found under the “data” directory. Among
these, two files are particularly important which must now be edited:
1. Go to the location “/usr/local/pgsql/data”
]# cd /usr/local/pgsql/data
2. In this location, type the following command:
]# vi pg_hba.conf
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
16
3. Edit that file with the following information:
Type Database User CIDR-ADDRESS Method
Host All all 127.0.0.1/32 md5
Table 5.3: Parameters for the pg_hba.conf file.
4. After editing the file, save the changes.
Next, the second file must be edited with other parameters. Follow these steps:
1. Go to the location “/usr/local/pgsql/data”
]# cd /usr/local/pgsql/data
2. Start editing the file with the following command:
]# vi postgresql.conf
3. In the “CONNECTIONS AND AUTHENTICATION” section, make sure that your database server will
listen to all the possible IP addresses. This is verified in the line:
listen_addresses = ‘*’
4. In the same section, uncomment the portion that says “port = 5432”
5. After editing the file, save all changes.
Once these steps have been executed, the database server must be started. This is done in the following way:
1. Change to the postgres user
]# su postgres
2. As postgres user execute the following command:
$ postmaster –D /usr/local/pgsql/data
This will start the database server. If a user prefers to have this step performed in the background, the
following command should be executed (instead of the previous one):
$ postmaster –D /usr/local/pgsql/data >logfile 2>&1 &
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
17
Once the database server is running, the “hades” database will be created along with the user that will handle
it. To accomplish this, see the next steps:
1. Add a user to the system:
]# adduser myuser
2. Once the user has been added, assign a password with the following command:
]# passwd myuser
3. Once the password has been assigned, change to the postgres user
]# su postgres
4. As postgres user, type the following command:
$ psql template1
5. Add the new user to the database along with the corresponding password
template1=# CREATE USER myuser WITH PASSWORD ‘mypassword’;
6. Create the database
template1=# CREATE DATABASE hades;
7. Assign all the privileges to that user upon the newly created database
template1=# GRANT ALL PRIVILEGES ON DATABASE hades to myuser;
8. Quit with the following command:
template1=# \q
9. Next, the new user along with the database will be tested. Execute the following commands:
$ su – myuser
$ psql -d hades -U myuser
After executing this, the HADES database is ready to accept any SQL query. If, at the end, the user
can see the SQL execution cursor (hades=>), the database was successfully created.
10. Quit the database query manager with the following command:
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
18
]# \q
5.1.4 Postgres configuration file
It is important to have a database connection in order to manage the location of the generated data. This
connection is accomplished by reading a file which contains the parameters of the database to use. This
section creates this file, according to the user name and database created in the previous section. To perform
this configuration, do the following steps:
1. Go to the location “/etc/sysconfig/pgsql”
]# cd /etc/sysconfig/pgsql/
2. In the pgsql folder, create a new file named “pg_service.conf” with the following content:
[hades]
dbname=hades
host=mydb.host.com
user=myuser
password=mypassword
port=5432
3. Finish editing the file and save the changes.
It is necessary to clarify that the location “/etc/sysconfig/” can vary depending on the operating system
and the version of the database management system installed on the central server. For the exact location of
this “pg_service.conf” file, refer to the messages printed in “hades-analyzed.log” located in
“/var/log” in order to know where to place this configuration file.
5.1.5 SSH communication configuration between the measuring machines and the
central server
It is really important to have an excellent and secure communication between the measuring points and the
central server. For that reason an SSH communication must be configured. This SSH communication is mainly
based on two keys, one private key and one public key which must be copied to all users who want to
communicate with the server [3]. The steps to complete are:
1. On the central server create the next location “/data/hades/”
]# mkdir /data/hades/
2. Set “hades” as the owner of those folders
]# chown data hades
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
19
]# chown hades hades
3. In the “hades” directory, create a new folder called “.ssh”
]# mkdir .ssh
4. In order to test the correct creation of this directory structure, go to the “.ssh” folder and execute the
“pwd” command. The output should be:
/data/hades/.ssh
5. Type the following command:
]# ssh-keygen
6. This process will ask for the location of the new pair of keys being generated [4]. In this part refer to the
location “/data/hades/.ssh”
7. Once the pair of public-private SSH keys has been generated, copy the public key to the measuring
points. To do this execute the following command:
]# scp /data/hades/.ssh/id_rsa.pub myuser@myipaddress:.ssh/authorized_keys
In this command, the portion “myuser” corresponds to the user that manages the measuring point. The
portion “myipaddress” corresponds to the IP address of the measuring point that will communicate
with the central server.
5.1.6 Configuration of the central server directory structure
The hades-analyzed script is responsible for copying the measurements made by the measuring points to a
given location on the central server; this location will be defined by the following steps:
1. On the central server go to “/data/hades/example”.
]# cd /data/hades/example
In this example, the last part “example” corresponds to the name of the domain configured to do the
measurements.
2. In the “example” directory create the directories “data”, “www” and “cfgs”
]# mkdir www
]# mkdir data
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
20
]# mkdir cfgs
This creates the two directories that store the measurements which, once the daemon is running, will have an
internal structure updated automatically depending on the amount of time HADES is executed. For example, if
HADES provided measurements on the 1st and 2nd of January of 2000, the directories created in this section
would have a root directory called “2000.” Within this directory there would be a subdirectory named “01” for the
month of January. In this directory, two more subdirectories would appear called “01” and “02” which would
contain measurements made on these dates.
5.1.7 Configuration of the HADES central server
As named above, the measurements are made by terminals that are part of a domain. In this case the domain
has the name “example” which is configured by the “hades.conf” file.
There are 3 changes that have to be done in this file which are:
1. Go to the location “/etc/hades/”.
]# cd /etc/hades/
2. In that directory, there must be the configuration file “hades.conf”. Enter the following command to
edit this file:
]# vi hades.conf
In that file there is a section dedicated to some important file locations. Go there and uncomment the
following section:
$datadir = "$basedir/data";
$bindir = "$basedir/bin";
$wwwdir = "$basedir/www";
$cfgsdir = "$basedir/cfgs";
$bindir = "$basedir/bin";
$datadir = "/data/hades/$domain/data";
$wwwdir = "/data/hades/$domain/www";
$cfgsdir = "/data/hades/$domain/cfgs";
In the file there is also a section dedicated to the SSH configuration of HADES from which two parts
are going to be edited. First enter the name of the user logged into the operating system on the section
that says
user => "labor",
replacing the word “labor” by that name. For example, if the user that is using the operating system is
“testuser”, the word “labor” would be changed to “testuser” getting the following result:
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
21
user => "testuser",
Next, the location of the SSH private key previously generated must be specified:
identity_files => [
"/data/hades/.ssh/identity",
],
The portion “/data/hades/.ssh/identity” has to be replaced by the location of the generated
private key. If, for example, the location of such a key is “/testuser/.ssh/id_dsa”, the line after
this change should look like this:
identity_files => [
"/testuser/.ssh/id_dsa",
],
Finally, the entire section should be something like this:
%hosts_default = (
ssh_args => {
user => "testuser",
identity_files => [
"/testuser/.ssh/id_dsa",
],
protocol => 2,
},
bin_path => "/usr/local/bin",
log_path => "/var/log/hades/$domain",
pid_path => "/var/run/hades/$domain",
cfg_path => "/etc/hades/$domain",
dat_path => "/data/hades/$domain",
);
3. Hosts configuration. To do a certain measurement, two points are needed which are identified in the
hosts section of the configuration file “hades.conf”. In this file, uncomment the hosts section and
make the following changes:
IP address. In the portion indicated by
ip => "1.2.3.4",
enter the IP address of the first machine used as a measuring station.
Configuration of interfaces. Since the example for this installation needs only one interface per
terminal, the second interface suggested in the file is deleted.
Second host addition. Since measurements are made between two points, a second host has
to be included in this section. Copy and paste the information belonging to the first host and
change carefully the number “1” by the number “2”, for example, in the information of the new
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
22
host, the suggested name would be “Host1”, change this to “Host2” and so on. Likewise,
configure the IP address of this host.
After these changes, the section should have the following appearance (the two IP addresses are only
suggestions):
%hosts = (
"Host1" => {
ip => "192.168.1.0",
interfaces => {
"Host1_Interface1" => {
shortname => "H1_I1"
},
}
},
"Host2" => {
ip => "192.168.1.1",
interfaces => {
"Host2_Interface1" => {
shortname => "H2_I1"
},
}
},
);
4. Routing configuration. The configuration file “hades.conf” has a section for the configuration of routes,
uncomment it and do the following changes. In the portion that says:
"Host2_Interface2" => [
{
packetsize => 1472,
},
change the number “2” to the number “1”, because only one interface per host is used. Finally, the
section should look like this:
%routes = (
"Host1_Interface1" => {
"Host2_Interface1" => [
{
},
],
"Host2_Interface1" => [
{
packetsize => 1472,
},
],
},
);
5. After editing the file, save all changes.
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
23
5.1.8 Daemon configuration in the central server
In the central server execute the following steps:
1. Go to the location “/etc/hades/”
]# cd /etc/hades/
2. Start editing the file “analyzed.conf” with the following command:
]# vi analyzed.conf
3. In the domain section (section of that file identified by the header “domain - Configure domains
that should be handled by analyzed”) write the following:
domain /etc/hades/hades.conf --updatedb
4. Finish the edition saving all the changes.
5.2 Installation process on the client side
Once the configuration of the central server is complete, the measuring points should be configured next. This
section describes the following steps:
1. Installation of the required perl modules in the measuring points
2. Installation of the HADES traceroute package
3. Installation of the HADES package
5.2.1 Installation of the required perl modules in the measuring points
This section is dedicated to the installation of the required perl modules for the HADES and HADES traceroute
packages.
The table below lists the names of the modules required in the measuring points. The table explicitly specifies
the order in which the perl modules must be installed.
Order Module name Description
1. YAML implements a YAML Loader and Dumper based on the YAML 1.0 specification.
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
24
Order Module name Description
2. IO::Interface Perl extension for access to network card configuration information
3. Params::Validate Validates method/function parameters
4. Log::Dispatch Dispatches messages to one or more outputs
Table 5.4: Perl modules needed on the client side
The installation process of these modules is as follows:
1. Make a place to download the perl module
]# mkdir mymodule
In this command, the portion “mymodule” indicates the name of the folder that will store the perl
module to download.
2. Go to that new directory
]# cd mymodule
3. In that folder, execute the following command:
]# wget http://url.my.module.com/mymodule.rpm
where the portion “url.my.module.com/” indicates the location of the required perl module and the
portion “mymodule.rpm” indicates the name of the new file.
4. Once the file has been downloaded, execute the following command:
]# yum --nogpgcheck localinstall mymodule.rpm
It could happen that the installation of a certain module needs a previous installation of another resource, and if
that is the case, it is the responsibility of the system administrator to provide or install these resources.
5.2.2 Installation of the HADES package
Once the needed perl modules have been installed, the installation of the HADES package can be executed. In
order to achieve this, follow these commands:
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
25
1. Make a directory where the HADES package will be downloaded. To do this, execute the following
command:
]# mkdir hadeslocation
Here, the portion “hadeslocation” corresponds to the name of the directory that will hold the new
package to download.
2. In this directory, type the following command:
]# wget http://downloads.perfsonar.eu/repositories/rpm/stable/noarch/Packages/hades-1.0-
3.i386.rpm
This command will download the HADES package in the location previously created.
3. To proceed with the installation of the package, type the following command:
]# yum --nogpgcheck localinstall hades-1.0-3.i386.rpm
Again, as already described above, it could happen that the installation of a certain module needs a previous
installation of another resource; if this is the case, it is the responsibility of the system administrator to provide
or install these resources.
5.2.3 Directory structure of measurement machines
After the successful completion of the previous step, a directory structure has to be created to store the pid file.
This structure includes the domain name that the user wants to give to the system of measurement. A domain
is the set of machines that performs measurements in the network and is identified by a given name, in this
case the domain name “example”. To create this structure, do the following steps:
1. Go to the location “/var/run/hades/”
]# cd /var/run/hades/
2. In this “hades” directory, create a new sub directory with the domain name, in this case “example”
]# mkdir example
3. If inside of he “example” directory the following linux command is typed
]# pwd
the result must be
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
26
/var/run/hades/example
5.2.4 Installation of the HADES traceroute package
Once the needed perl modules have been installed, the installation of the HADES traceroute package can be
executed. In order to achieve this, follow these commands:
1. Make a directory where the HADES traceroute package will be downloaded. To do this, execute the
following command:
]# mkdir hadestraceroutelocation
Here, the portion “hadestraceroutelocation” corresponds to the name of the directory that will
hold the new package to download.
2. In this directory, type the following command:
]# wget http://downloads.perfsonar.eu/repositories/rpm/stable/noarch/Packages/hades-traceroute-
1.0-3.noarch.rpm
This command will download the HADES traceroute package in the location previously created.
3. To proceed with the installation of the package, type the following command:
]# yum --nogpgcheck localinstall hades-traceroute-1.0-3.noarch.rpm
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
27
6 Configuration deployment
Once the measuring points and the central server have been configured, their configuration will be deployed in
the HADES environment. To achieve this, do the following:
1. Go to the location “/opt/hades/bin”
]# cd /opt/hades/bin/
2. Type the following command:
]# perl hades-cfg-create.pl --config=/etc/hades/hades.conf --all
After running this command, the only thing the user must do is to allow the SSH communication once. If
this process requests the entry of a password, the SSH communication was misconfigured as the
interaction between the different machines should not require any password. The possible solution to
such problems could be to check if the public key was indeed copied in the appropriate location of the
client machines.
Once this configuration has been deployed, the hades-analyzed daemon has to be started in order to collect
the measurements. To do this, execute the following command:
]# service hades-analyzed start
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
28
7 User perspective
Once HADES is in operation, the pre-configured measurements are produced. Section 5.1.6 explains the
structure of the directories that contain the results generated by HADES. There are two directories that are of
particular interest to the user. The first contains the raw data of the measurements. These are located in
“/data/hades/example/data.” The second directory contains the same data but in a processed form.
These are located in “/data/hades/example/www.” This information can be used by different tools for
visualization.
If the user wants to view the results on screen, the script “hades-show-data.pl” can be used as follows:
1. Consider the location and name of the file to visualize. This file may hold raw data or aggregated data,
i.e. it may come from the location “/data/hades/example/data” or from
“/data/hades/example/www”.
2. Consider the domain configuration file used to get the measurements. In this case the configuration file
corresponds to “/etc/hades/hades.conf”
3. Go to the location “/opt/hades/bin/”
]# cd /opt/hades/bin
4. Execute the following command:
]# perl hades-show-data.pl --config=/etc/hades/hades-example.conf
/data/hades/example/www/2011/04/19/Host1_Interface1.Host2_Interface1.0.info.dat
As can be seen in the previously executed command, the information displayed derives from aggregated data.
If the user wants to display raw data, the information must come from the “data” directory.
Fehler! Verwenden Sie die Registerkarte 'Start', um Heading 1 dem Text zuzuweisen, der hier angezeigt werden soll.
Fehler! Verwenden Sie die Registerkarte 'Start', um Title dem Text zuzuweisen, der hier angezeigt werden soll.
Document Code: <GN3-0n-nnnvn>
29
8 Bibliography
[1] A One-way Delay Metric for IPPM. Network Working Group. G. Almes, S. Kalidindi, M. Zekauskas.
Advanced Network & Services September 1999. Category: Standards Track.
[2] HADES User’s Guide. Roland Karch (2011). Win-Labor DFN http://www.win-labor.dfn.de/hades-doc/
[3] Suso Technology Services, Inc. Copyright 2004 - 2009 101 W. Kirkwood Ave Ste 222 Bloomington,
Indiana. SSH Tutorial for Linux, Support Documentation. Wiki.
[4] RSA article. Algorithm for public-key cryptography. Rivest, R.; A. Shamir; L. Adleman (1978). A Method
for Obtaining Digital Signatures and Public-Key Cryptosystems, Wikipedia, the free encyclopedia.
[5] CentOS Community ENTerprise Operating System “HowTos/Network/IPTables” (last edited 2009-07-
08 22:22:45 by RalphAngenendt) This wiki is licensed under a Creative Commons Attribution-Share
Alike 3.0 Unported License. http://wiki.centos.org/HowTos/Network/IPTables
[6] CPAN. Comprehensive Perl Archive Network. LWPS, POES, and DBIS -- Oh my!. Yours Eclectically,
The Self-Appointed Master Librarians (OOK!) of the CPAN. Copyright 1995 – 2010 Jarkko Hietaniemi.
Copyright 2011 Perl.org. All rights reserved. www.cpan.org