Distribution: PlanetLab
URL: %{SCMURL}
-Summary: Server-side for SFA, generic implementation derived from PlanetLab
+Summary: Server-side for SFA, generic implementation derived from PlanetLab
Group: Applications/System
BuildRequires: make
BuildRequires: python-setuptools
Requires: util-linux-ng
# and the SFA libraries of course
Requires: sfa-common
-
+
%package common
Summary: Python libraries for SFA, generic implementation derived from PlanetLab
Group: Applications/System
Requires: sfa
%package dummy
-Summary: the SFA layer around a Dummy Testbed
+Summary: the SFA layer around a Dummy Testbed
Group: Applications/System
Requires: sfa
Group: Applications/System
Requires: sfa-common
-%description
+%description
This package provides the registry, aggregate manager and slice
managers for SFA. In most cases it is advisable to install additional
package for a given testbed, like e.g. sfa-plc for a PlanetLab tesbed.
between the existing PlanetLab interfaces and the SFA API.
%description flashpolicy
-This package provides support for adobe flash client applications.
+This package provides support for adobe flash client applications.
%description federica
The SFA driver for FEDERICA.
%{_datadir}/sfa/tests
### sfa installs the 'sfa' service
-%post
+%post
chkconfig --add sfa
-%preun
+%preun
if [ "$1" = 0 ] ; then
/sbin/service sfa stop || :
/sbin/chkconfig --del sfa || :
* Tue Jul 10 2012 Tony Mack <tmack@cs.princeton.edu> - sfa-2.1-12
- Update Openstack driver to support Essex release/
- Fix authority xrn bug.
-
+
* Thu Jun 07 2012 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-2.1-11
- review packaging - site-packages/planetlab now come with sfa-plc
* Mon Apr 16 2012 Tony Mack <tmack@cs.princeton.edu> - sfa-2.1-5
- make sync now supports vserver or lxc.
-- Added slice expiration and login info to SliverStatus response.
+- Added slice expiration and login info to SliverStatus response.
- Fixed CreateSliver bug that causes the method to fail if any node element is missing
the 'component_name' attribute.
- Fixed various bugs that caused SFA to generate invalid or incorrect sliver ids.
-
+
* Tue Mar 20 2012 Tony Mack <tmack@cs.princeton.edu> - sfa-2.1-4
- Introduced new administrative command line script, sfaadmin.py. Removed various single
purpose scripts and migrated their functionality into sfaadmin.py.
- Refactored Registry import scripts.
- Removed SQLAlchemy dependency from sfi.py.
- Fixed bugs in sfi.py
-- Registry, Aggregate and SliceManager now support the OpenStack framework.
+- Registry, Aggregate and SliceManager now support the OpenStack framework.
* Fri Feb 24 2012 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-2.1-3
- slice x researcher rel. in database,
* Wed Jan 25 2012 Tony Mack <tmack@cs.princeton.edu> - sfa-2.0-10
- client: added -R --raw sfi cmdline option that displays raw server response.
-- client: request GENI RSpec by default.
+- client: request GENI RSpec by default.
- server: remove database dependencies from sfa.server.sfaapi.
- server: increased default credential lifetime to 31 days.
- bugfix: fixed bug in sfa.storage.record.SfaRecord.delete().
- bugfix: fixed server key path in sfa.server.sfa-clean-peer-records.
-- bugfix: fixed bug in sfa.server.sfa-start.install_peer_certs().
-
+- bugfix: fixed bug in sfa.server.sfa-start.install_peer_certs().
+
* Sat Jan 7 2012 Tony Mack <tmack@cs.princeton.edu> - sfa-2.0-9
- bugfix: 'geni_api' should be in the top level struct, not the code struct
- bugfix: Display the correct host and port in 'geni_api_versions' field of the GetVersion
- bugfix: sfa.util.sfatime.datetime_to_epoch() returns integers instead of doubles.
- bugfix: Fixed bug that prevented the rspec parser from identifying an rspec's schema when
there is extra whitespace in the schemaLocation field.
-- bugfix: Fixed bug that caused PlanetLab initscripts from showing up in the PGv2 and GENIv3
+- bugfix: Fixed bug that caused PlanetLab initscripts from showing up in the PGv2 and GENIv3
advertisement rspecs.
- bugfix: <login> RSpec element should contain the 'username' attribute.
-- bugfix: Use sfa.util.plxrn.PlXrn to parse the login_base (authority) out of a urn.
-
+- bugfix: Use sfa.util.plxrn.PlXrn to parse the login_base (authority) out of a urn.
+
* Wed Jan 4 2012 Tony Mack <tmack@cs.princeton.edu> - sfa-2.0-8
-- bugfix: Fixed a bug in the sfa-import-plc.py script that caused the script to
+- bugfix: Fixed a bug in the sfa-import-plc.py script that caused the script to
exit when it encountered a user with an invalid public key.
- server: imporved logging in sfa-import-plc.py
-
+
* Tue Jan 3 2012 Tony Mack <tmack@cs.princeton.edu> - sfa-2.0-7
- bugfix: Fixed appending public keys in CreateSliver
- bugfix: Fixed various bugs in the PGv2/GENIv3 request, advertisement and manifest rspecs.
- client: -c --current option allows users to request the current/uncached rspec.
- server: Added 'geni_api_versions' field to GetVersion() output.
- server: Moved PLC specific code from sfa.importer.sfaImport to sfa.importer.sfa-import-plc.
-
+
* Fri Dec 16 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-2.0-6
- bugfix: sfi was not sending call_id with ListResources to v2 servers
- SFA_API_DEBUG replaced with SFA_API_LOGLEVEL
- Unicode-friendliness for user names with accents/special chars.
- Fix bug that could cause create the client to fail when calling CreateSliver for a slice that has the same hrn as a user.
- CreaetSliver no longer fails for users that have a capital letter in their URN.
-- Fix bug in CreateSliver that generated incorrect login bases and email addresses for ProtoGENI requests.
+- Fix bug in CreateSliver that generated incorrect login bases and email addresses for ProtoGENI requests.
- Allow files with .gid, .pem or .crt extension to be loaded into the server's list of trusted certs.
-- Fix bugs and missing imports
-
+- Fix bugs and missing imports
+
* Tue Aug 30 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.0-35
- new method record.get_field for sface
* Wed Aug 24 2011 Tony Mack <tmack@cs.princeton.edu> - sfa-1.0-32
- Fixed exploit that allowed an authorities to issue certs for objects that dont belong to them.
- Fixed holes in certificate verification logic.
-- Aggregates no longer try to lookup slice and person records when processing CreateSliver requests. Clients are now required to specify this info in the 'users' argument.
+- Aggregates no longer try to lookup slice and person records when processing CreateSliver requests. Clients are now required to specify this info in the 'users' argument.
- Added 'boot_state' as an attribute of the node element in SFA rspec.
- Non authority certificates are marked as CA:FALSE.
- Added SFA_MAX_SLICE_RENEW which allows operators to configure the max ammout
of days a user can extend their slice expiration.
- CA certs are only issued to objects of type authority
-
+
* Fri Aug 05 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.0-29
- tag 1.0-28 was broken due to typo in the changelog
- new class sfa/util/httpsProtocol.py that supports timeouts
- Support authority+sm type.
- Fix rspec merging bugs.
- Only load certs that have .gid extension from /etc/sfa/trusted_roots/
-- Created a 'planetlab' extension to the ProtoGENI v2 rspec for supporting
- planetlab hosted initscripts using the <planetlab:initscript> tag
-- Can now handle extraneous whitespace in the rspec without failing.
-
+- Created a 'planetlab' extension to the ProtoGENI v2 rspec for supporting
+ planetlab hosted initscripts using the <planetlab:initscript> tag
+- Can now handle extraneous whitespace in the rspec without failing.
+
* Fri Jul 8 2011 Tony Mack <tmack@cs.princeton.edu> - sfa-1.0-27
- ProtoGENI v2 RSpec updates.
- Convert expiration timestamps with timezone info in credentials to utc.
-- Fixed redundant logging issue.
+- Fixed redundant logging issue.
- Improved SliceManager and SFI client logging.
-- Support aggregates that don't support the optional 'call_id' argument.
+- Support aggregates that don't support the optional 'call_id' argument.
- Only call get_trusted_certs() at aggreage interfaces that support the call.
- CreateSliver() now handles MyPLC slice attributes/tags.
- Cache now supports persistence.
* Thu Jun 6 2011 Tony Mack <tmack@cs.princeton.edu> - sfa-1.0-22
- Added support for ProtoGENI RSpec v2
-
+
* Wed Mar 16 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - sfa-1.0-21
- stable sfascan
- fix in initscript, *ENABLED tags in config now taken into account
* Tue Sep 07 2010 Tony Mack <tmack@cs.princeton.edu> - sfa-0.9-16
- truncate login base of external (ProtoGeni, etc) slices to 20 characters
to avoid returning a PLCAPI exception that might confuse users.
-- Enhance PLC aggregate performace by using a better filter when querying SliceTags.
-- fix build errors.
+- Enhance PLC aggregate performace by using a better filter when querying SliceTags.
+- fix build errors.
* Tue Aug 24 2010 Tony Mack <tmack@cs.princeton.edu> - sfa-0.9-15
- (Architecture) Credential format changed to match ProtoGENI xml format
- (Architecture) All interfaces export a new set of methods that are compatible
- with the ProtoGeni Aggregate spec. These new methods are considered a
- replacement for the pervious methods exported by the interfaces. All
- previous methods are still exported and work as normal, but they are
- considered deprecated and will not be supported in future releases.
+ with the ProtoGeni Aggregate spec. These new methods are considered a
+ replacement for the pervious methods exported by the interfaces. All
+ previous methods are still exported and work as normal, but they are
+ considered deprecated and will not be supported in future releases.
- (Architecture) SFI has been updated to use the new interface methods.
- (Architecture) Changed keyconvet implementation from c to python.
- (Architecture) Slice Manager now attempts looks for a delegated credential
provided by the client before using its own server credential.
-- (Archiceture) Slice Interface no longers stores cache of resources on disk.
+- (Archiceture) Slice Interface no longers stores cache of resources on disk.
This cache now exists only in memory and is cleared when service is restarted
- or cache lifetime is exceeded.
-- (Performance) SliceManager sends request to Aggregates in parallel instead
+ or cache lifetime is exceeded.
+- (Performance) SliceManager sends request to Aggregates in parallel instead
of sequentially.
- (Bug fix) SFA tickets now support the new rspec format.
- (Bug fix) SFI only uses cahced credential if they aren't expired.
- (Enhancement) SFI -a --aggregatge option now sends requests directly to the
Aggregate instead of relaying through the Slice Manager.
- (Enhancement) Simplified caching. Accociated a global cache instance with
- the api handler on every new server request, making it easier to access the
- cache and use in more general ways.
+ the api handler on every new server request, making it easier to access the
+ cache and use in more general ways.
* Thu May 11 2010 Tony Mack <tmack@cs.princeton.edu> - sfa-0.9-11
- SfaServer now uses a pool of threads to handle requests concurrently
- sfa.util.rspec no longer used to process/manage rspecs (deprecated). This is now handled by sfa.plc.network and is not backwards compatible
- PIs can now get a slice credential for any slice at their site without having to be a member of the slice
- Registry records for federated peers (defined in registries.xml, aggregates.xml) updated when sfa service is started
-- Interfaces will try to fetch and install gids from peers listed in registries.xml/aggregates.xml if gid is not found in /etc/sfa/trusted_roots dir
-- Component manager does not install gid files if slice already has them
+- Interfaces will try to fetch and install gids from peers listed in registries.xml/aggregates.xml if gid is not found in /etc/sfa/trusted_roots dir
+- Component manager does not install gid files if slice already has them
- Server automatically fetches and installs peer certificats (defined in registries/aggregates.xml) when service is restarted.
- fix credential verification exploit (verify that the trusted signer is a parent of the object it it signed)
- made it easier for root authorities to sign their sub's certifiacate using the sfa-ca.py (sfa/server/sfa-ca.py) tool
-
+
* Thu Jan 21 2010 anil vengalil <avengali@sophia.inria.fr> - sfa-0.9-10
- This tag is quite same as the previous one (sfa-0.9-9) except that the vini and max aggregate managers are also updated for urn support. Other features are:
- - sfa-config-tty now has the same features like plc-config-tty