X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=db-config;h=2c9f03862d4c4facbadbffa2fe1468c5d390362b;hb=refs%2Fheads%2F4.2;hp=7a7f6f090463d5a477661e4f28ec6e1c419d092d;hpb=be666786283af0260a28963bc46d337930a8bfa9;p=myplc.git diff --git a/db-config b/db-config index 7a7f6f0..2c9f038 100755 --- a/db-config +++ b/db-config @@ -7,11 +7,12 @@ # Mark Huang # Copyright (C) 2006 The Trustees of Princeton University # -# $Id: db-config 7454 2007-12-11 18:55:00Z faiyaza $ +# $Id$ # $HeadURL$ from plc_config import PLCConfiguration import sys +import resource def main(): cfg = PLCConfiguration() @@ -170,16 +171,34 @@ def main(): # YUM configuration {'enabled': True, - 'source': 'PlanetLabConf/yum.conf.php?gpgcheck=1', + 'source': 'PlanetLabConf/f8/yum.conf', 'dest': '/etc/yum.conf', - 'file_permissions': '644', - 'file_owner': 'root', - 'file_group': 'root', - 'preinstall_cmd': '', - 'postinstall_cmd': '', - 'error_cmd': '', + 'file_permissions': '644', 'file_owner': 'root', 'file_group': 'root', + 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', 'ignore_cmd_errors': False, 'always_update': False}, + {'enabled': True, + 'source': 'PlanetLabConf/myplc.repo.php?gpgcheck=1', + 'dest': '/etc/yum.myplc.d/myplc.repo', + 'file_permissions': '644', 'file_owner': 'root', 'file_group': 'root', + 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, + 'source': 'PlanetLabConf/f8/yum.myplc.d/fedora.repo', + 'dest': '/etc/yum.myplc.d/fedora.repo', + 'file_permissions': '644', 'file_owner': 'root', 'file_group': 'root', + 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, + 'source': 'PlanetLabConf/f8/yum.myplc.d/fedora-updates.repo', + 'dest': '/etc/yum.myplc.d/fedora-updates.repo', + 'file_permissions': '644', 'file_owner': 'root', 'file_group': 'root', + 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/delete-rpm-list-production', 'dest': '/etc/planetlab/delete-rpm-list', @@ -238,34 +257,6 @@ def main(): 'ignore_cmd_errors': False, 'always_update': False}, - # XXX Required for old Node Manager - # Proper configuration - {'enabled': True, - 'source': 'PlanetLabConf/propd.conf', - 'dest': '/etc/proper/propd.conf', - 'file_permissions': '644', - 'file_owner': 'root', - 'file_group': 'root', - 'preinstall_cmd': '', - 'postinstall_cmd': '/etc/init.d/proper restart', - 'error_cmd': '', - 'ignore_cmd_errors': True, - 'always_update': False}, - - # XXX Required for old Node Manager - # Bandwidth cap - {'enabled': True, - 'source': 'PlanetLabConf/bwlimit.php', - 'dest': '/etc/planetlab/bwcap', - 'file_permissions': '644', - 'file_owner': 'root', - 'file_group': 'root', - 'preinstall_cmd': '', - 'postinstall_cmd': '', - 'error_cmd': '', - 'ignore_cmd_errors': True, - 'always_update': False}, - # Proxy ARP setup {'enabled': True, 'source': 'PlanetLabConf/proxies.php', @@ -280,17 +271,6 @@ def main(): 'always_update': False}, # Firewall configuration - {'enabled': True, - 'source': 'PlanetLabConf/iptables', - 'dest': '/etc/sysconfig/iptables', - 'file_permissions': '600', - 'file_owner': 'root', - 'file_group': 'root', - 'preinstall_cmd': '', - 'postinstall_cmd': '', - 'error_cmd': '', - 'ignore_cmd_errors': False, - 'always_update': False}, {'enabled': True, 'source': 'PlanetLabConf/blacklist.php', 'dest': '/etc/planetlab/blacklist', @@ -393,7 +373,7 @@ def main(): # sudo configuration {'enabled': True, - 'source': 'PlanetLabConf/sudoers', + 'source': 'PlanetLabConf/sudoers.php', 'dest': '/etc/sudoers', 'file_permissions': '440', 'file_owner': 'root', @@ -450,8 +430,8 @@ def main(): 'min_role_id': 10}, # CPU share - {'name': "cpu_min", - 'description': "Minimum CPU share (ms/s)", + {'name': "cpu_pct", + 'description': "Reserved CPU percent", 'min_role_id': 10}, {'name': "cpu_share", 'description': "Number of CPU shares", @@ -499,19 +479,41 @@ def main(): 'description': "Proper operation (e.g. bind_socket)", 'min_role_id': 10}, - # XXX Required for old Node Manager - # Special attributes applicable to Slice Creation Service (pl_conf) slice - {'name': "plc_slice_type", - 'description': "Type of slice rspec to be created", - 'min_role_id': 20}, - {'name': "plc_agent_version", - 'description': "Version of PLC agent (slice creation service) software to be deployed", + # VServer capabilities + {'name': "capabilities", + 'description': "VServer bcapabilities (separate by commas)", 'min_role_id': 10}, - {'name': "plc_ticket_pubkey", - 'description': "Public key used to verify PLC-signed tickets", - 'min_role_id': 10} + + # Vsys + {'name': "vsys", + 'description': "Bind vsys script fd's to a slice's vsys directory.", + 'min_role_id': 10}, + + # CoDemux + {'name': "codemux", + 'description': "Demux HTTP between slices using localhost ports. Value in the form 'host, localhost port'.", + 'min_role_id': 10}, + + # Delegation + {'name': "delegations", + 'description': "Comma-seperated list of slices to give delegation authority to.", + 'min_role_id': 10}, + ] + # add in the platform supported rlimits to the default_attribute_types + for entry in resource.__dict__.keys() + ["VLIMIT_OPENFD"]: + if entry.find("LIMIT_")==1: + rlim = entry[len("RLIMIT_"):] + rlim = rlim.lower() + for ty in ("min","soft","hard"): + attribute = { + 'name': "%s_%s"%(rlim,ty), + 'description': "Per sliver RLIMIT %s_%s."%(rlim,ty), + 'min_role_id': 10 #admin + } + default_attribute_types.append(attribute) + # Get list of existing attribute types attribute_types = GetSliceAttributeTypes() attribute_types = [attribute_type['name'] for attribute_type in attribute_types] @@ -523,57 +525,101 @@ def main(): else: UpdateSliceAttributeType(default_attribute_type['name'], default_attribute_type) - # Create/update system slices - legacy_slices = [ - # XXX Required for old Node Manager - {'name': "pl_conf", - 'description': "PlanetLab Slice Creation Service (SCS)", - 'url': url, - 'instantiation': "plc-instantiated", - # Renew forever - 'expires': sys.maxint, - 'attributes': [('plc_slice_type', "VServerSlice"), - ('plc_agent_version', "1.0"), - ('plc_ticket_pubkey', "")]}, - - # XXX Required for old Node Manager - {'name': "pl_conf_vserverslice", - 'description': "Default attributes for vserver slices", - 'url': url, - 'instantiation': "plc-instantiated", - # Renew forever - 'expires': sys.maxint, - 'attributes': [('cpu_share', "32"), - ('plc_slice_type', "VServerSlice"), - ('disk_max', "5000000")]}, + # Default Initscripts + default_initscripts = [] + + # Find initscripts and add them to the db + for (root, dirs, files) in os.walk("/etc/plc_sliceinitscripts"): + for f in files: + # Read the file + file = open(root + "/" + f, "ro") + default_initscripts.append({"name": plc['slice_prefix'] + "_" + f, + "enabled": True, + "script": file.read().replace("@SITE@", url).replace("@PREFIX@", plc['slice_prefix'])}) + file.close() + + # Get list of existing initscripts + oldinitscripts = GetInitScripts() + oldinitscripts = [script['name'] for script in oldinitscripts] + + for initscript in default_initscripts: + if initscript['name'] not in oldinitscripts: AddInitScript(initscript) + + # Setup default slice attribute types + default_setting_types = [ + + {'category' : "general", + 'name' : "ifname", + 'description': "Set interface name, instead of eth0 or the like", + 'min_role_id' : 40}, + {'category' : "Multihome", + 'name' : "alias", + 'description': "Specifies that the network is used for multihoming", + 'min_role_id' : 40}, + + {'category' : "hidden", + 'name' : "backdoor", + 'description': "For testing new settings", + 'min_role_id' : 10}, + ] + [ + { "category" : "WiFi", + "name" : x, + "description" : "802.11 %s -- see %s"%(y,z), + "min_role_id" : 40 } for (x,y,z) in [ + ("mode","Mode","iwconfig"), + ("essid","ESSID","iwconfig"), + ("nw","Network Id","iwconfig"), + ("freq","Frequency","iwconfig"), + ("channel","Channel","iwconfig"), + ("sens","sensitivity threshold","iwconfig"), + ("rate","Rate","iwconfig"), + ("key","key","iwconfig key"), + ("key1","key1","iwconfig key [1]"), + ("key2","key2","iwconfig key [2]"), + ("key3","key3","iwconfig key [3]"), + ("key4","key4","iwconfig key [4]"), + ("securitymode","Security mode","iwconfig enc"), + ("iwconfig","Additional parameters to iwconfig","ifup-wireless"), + ("iwpriv","Additional parameters to iwpriv","ifup-wireless"), + ] ] + + + # Get list of existing attribute types + setting_types = GetNodeNetworkSettingTypes() + setting_types = [setting_type['name'] for setting_type in setting_types] + + # Create/update default slice setting types + for default_setting_type in default_setting_types: + if default_setting_type['name'] not in setting_types: + AddNodeNetworkSettingType(default_setting_type) + else: + UpdateNodeNetworkSettingType(default_setting_type['name'], default_setting_type) + + # Create/update system slices default_slices = [ # PlanetFlow {'name': plc['slice_prefix'] + "_netflow", - 'description': "PlanetFlow Traffic Auditing Service", + 'description': "PlanetFlow Traffic Auditing Service. Logs, captured in the root context using fprobe-ulogd, are stored in a directory in the root context which is bind mounted to the planetflow slice. The Planetflow Central service then periodically rsyncs these logs from the planetflow slice for aggregation.", 'url': url, 'instantiation': "plc-instantiated", - # Renew forever - 'expires': sys.maxint, + # Renew forever (minus one day, work around date conversion weirdness) + 'expires': 0x7fffffff - (60 * 60 * 24), 'attributes': [('system', "1"), ('vref', "planetflow"), - ('proper_op', "open file=/etc/passwd, flags=r"), - ('proper_op', "create_socket"), - ('proper_op', "bind_socket")]}, + ('vsys', "pfmount")]}, + # Sirius + {'name': plc['slice_prefix'] + "_sirius", + 'description': 'The Sirius Calendar Service.\n\nSirius provides system-wide reservations of 25% CPU and 2Mb/s outgoing\nbandwidth. Sign up for hour-long slots using the Web GUI at the\nPlanetLab website.\n\nThis slice should not generate traffic external to PlanetLab.\n', + 'url': url + "db/sirius/index.php", + 'instantiation': "plc-instantiated", + # Renew forever (minus one day, work around date conversion weirdness) + 'expires': 0x7fffffff - (60 * 60 * 24), + 'attributes': [('system', "1"), + ('net_min_rate', "2000"), + ('cpu_pct', "25"), + ('initscript', plc['slice_prefix'] + "_sirius")]} ] - - ### xxx - to review once new node manager rolls out - # if PLC_SLICE_PREFIX is left to default - this is meant for the public PL only - if plc['slice_prefix'] == 'pl': - # create both legacy slices together with netflow through default_slices - default_slices += legacy_slices - else: - # we use another slice prefix : disable legacy slices if already created - for legacy_slice in legacy_slices: - try: - DeleteSlice(legacy_slice['name']) - except: - pass for default_slice in default_slices: slices = GetSlices([default_slice['name']]) @@ -734,24 +780,18 @@ requirements. The most common reason for authentication failure is that the authentication key stored in the node configuration file, does not -match the key on record. - -There are two possible steps to resolve the problem. +match the key stored in our database. These keys must match in order to +authenticate the node successfully. -1. If you have used an All-in-one BootCD that includes the plnode.txt file, - then please check your machine for any old boot media, either in the - floppy drive, or on a USB stick. It is likely that an old configuration - is being used instead of the new configuration stored on the BootCD. -Or, -2. If you are using Generic BootCD image, then regenerate the node - configuration file by visiting: +Each time the configuration file is downloaded, either as part of an All-in-One +BootImage or by downloading the plnode.txt file, the authentication key is +RECREATED. So, which ever file was downloaded most recently is the one we +have in our database. Often, users will download both the All-in-One image as +well as the plnode.txt file, and inadvertently break the boot image. - https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d - - Under 'Download', follow the 'Download plnode.txt file for %(hostname)s' - option, and save the downloaded file as plnode.txt on either a floppy - disk or a USB flash drive. Be sure the 'Boot State' is set to 'Boot', - and, then reboot the node. +To repair this problem, simply download your All-in-One BootImage again, and +copy it to the appropriate read-only boot media (write-protected USB or +CD-ROM). If you have already performed this step and are still receiving this message, please reply so that we can help investigate the problem. @@ -969,6 +1009,21 @@ message, please reply so that we may investigate the problem. for ptype in protocol_types: AddPCUProtocolType(id, ptype) + # Run local db-config snippets + files = [] + dir = "/etc/planetlab/db-config.d" + try: + files = os.listdir(dir) + except: + pass + + for file in files: + if (file.endswith(".bak") or file.endswith("~") or + file.endswith(".rpmsave") or file.endswith(".rpmnew") or + file.endswith(".orig")): + continue + execfile(os.path.join(dir, file)) + if __name__ == '__main__': main()