X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=db-config;h=6aaa9875235902ffb97ec6207a29212329799b7a;hb=08a4993f8e06496fbcfd5cd324b1fd0c80e193c7;hp=ac230cd2f8fd405e10b38cd1a2ddf03a49da97c0;hpb=553dd6e5805e7c477548e5c0360f6c9e018ec1ca;p=myplc.git diff --git a/db-config b/db-config index ac230cd..6aaa987 100755 --- a/db-config +++ b/db-config @@ -7,7 +7,7 @@ # Mark Huang # Copyright (C) 2006 The Trustees of Princeton University # -# $Id: db-config,v 1.4 2006/11/08 23:34:28 mlhuang Exp $ +# $Id: db-config,v 1.10 2006/11/28 21:45:53 mlhuang Exp $ # from plc_config import PLCConfiguration @@ -127,7 +127,7 @@ def main(): 'file_owner': 'root', 'file_group': 'root', 'preinstall_cmd': '', - 'postinstall_cmd': '', + 'postinstall_cmd': '/bin/chmod 700 /root/.ssh', 'error_cmd': '', 'ignore_cmd_errors': False, 'always_update': False}, @@ -138,7 +138,7 @@ def main(): 'file_owner': 'site_admin', 'file_group': 'site_admin', 'preinstall_cmd': 'grep -q site_admin /etc/passwd', - 'postinstall_cmd': '', + 'postinstall_cmd': '/bin/chmod 700 /home/site_admin/.ssh', 'error_cmd': '', 'ignore_cmd_errors': False, 'always_update': False}, @@ -149,7 +149,7 @@ def main(): 'file_owner': 'pl_admin', 'file_group': 'pl_admin', 'preinstall_cmd': 'grep -q pl_admin /etc/passwd', - 'postinstall_cmd': '', + 'postinstall_cmd': '/bin/chmod 700 /home/pl_admin/.ssh', 'error_cmd': '', 'ignore_cmd_errors': False, 'always_update': False}, @@ -250,6 +250,54 @@ def main(): 'ignore_cmd_errors': False, 'always_update': False}, + # XXX Required for old Node Manager + # Node Manager configuration + {'enabled': True, + 'source': 'PlanetLabConf/pl_nm.conf', + 'dest': '/etc/planetlab/pl_nm.conf', + 'file_permissions': '644', + 'file_owner': 'root', + 'file_group': 'root', + 'preinstall_cmd': '', + 'postinstall_cmd': '/etc/init.d/pl_nm restart', + 'error_cmd': '', + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, + 'source': 'PlanetLabConf/RootResources/plc_slice_pool.php', + 'dest': '/home/pl_nm/RootResources/plc_slice_pool', + 'file_permissions': '644', + 'file_owner': 'pl_nm', + 'file_group': 'pl_nm', + 'preinstall_cmd': '', + 'postinstall_cmd': '', + 'error_cmd': '', + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, + 'source': 'PlanetLabConf/RootResources/pl_conf.py', + 'dest': '/home/pl_nm/RootResources/pl_conf', + 'file_permissions': '644', + 'file_owner': 'pl_nm', + 'file_group': 'pl_nm', + 'preinstall_cmd': '', + 'postinstall_cmd': '/etc/init.d/pl_nm restart', + 'error_cmd': '', + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, + 'source': 'PlanetLabConf/RootResources/pl_netflow.py', + 'dest': '/home/pl_nm/RootResources/pl_netflow', + 'file_permissions': '644', + 'file_owner': 'pl_nm', + 'file_group': 'pl_nm', + 'preinstall_cmd': '', + 'postinstall_cmd': '', + 'error_cmd': '', + 'ignore_cmd_errors': False, + 'always_update': False}, + + # XXX Required for old Node Manager # Proper configuration {'enabled': True, 'source': 'PlanetLabConf/propd.conf', @@ -263,6 +311,20 @@ def main(): 'ignore_cmd_errors': True, 'always_update': False}, + # XXX Required for old Node Manager + # Bandwidth cap + {'enabled': True, + 'source': 'PlanetLabConf/bwlimit.php', + 'dest': '/etc/planetlab/bwcap', + 'file_permissions': '644', + 'file_owner': 'root', + 'file_group': 'root', + 'preinstall_cmd': '', + 'postinstall_cmd': '/etc/init.d/pl_nm restart', + 'error_cmd': '', + 'ignore_cmd_errors': True, + 'always_update': False}, + # Proxy ARP setup {'enabled': True, 'source': 'PlanetLabConf/proxies.php', @@ -298,7 +360,7 @@ def main(): 'postinstall_cmd': '/sbin/iptables-restore --noflush < /etc/planetlab/blacklist', 'error_cmd': '', 'ignore_cmd_errors': True, - 'always_update': True}, + 'always_update': False}, # /etc/issue {'enabled': True, @@ -324,7 +386,7 @@ def main(): 'postinstall_cmd': '/sbin/sysctl -e -p /etc/sysctl.conf', 'error_cmd': '', 'ignore_cmd_errors': False, - 'always_update': True}, + 'always_update': False}, # Sendmail configuration {'enabled': True, @@ -425,9 +487,14 @@ def main(): 'description': "Type of slice (e.g. vserver)", 'min_role_id': 20}, + # System slice + {'name': "system", + 'description': "Is a default system slice (1) or not (0 or unset)", + 'min_role_id': 10}, + # Slice enabled (1) or suspended (0) {'name': "enabled", - 'description': "Slice enabled (1) or suspended (0)", + 'description': "Slice enabled (1 or unset) or suspended (0)", 'min_role_id': 10}, # Slice reference image @@ -476,8 +543,25 @@ def main(): # Disk quota {'name': "disk_max", - 'description': "Disk quota (bytes)", + 'description': "Disk quota (1k disk blocks)", + 'min_role_id': 10}, + + # Proper operations + {'name': "proper_op", + 'description': "Proper operation (e.g. bind_socket)", + 'min_role_id': 10}, + + # XXX Required for old Node Manager + # Special attributes applicable to Slice Creation Service (pl_conf) slice + {'name': "plc_slice_type", + 'description': "Type of slice rspec to be created", + 'min_role_id': 20}, + {'name': "plc_agent_version", + 'description': "Version of PLC agent (slice creation service) software to be deployed", 'min_role_id': 10}, + {'name': "plc_ticket_pubkey", + 'description': "Public key used to verify PLC-signed tickets", + 'min_role_id': 10} ] # Get list of existing attribute types @@ -491,16 +575,68 @@ def main(): else: UpdateSliceAttributeType(default_attribute_type['name'], default_attribute_type) + # Get contents of SSL public certificate used for signing slice tickets + try: + plc_ticket_pubkey = "" + for line in file(plc_ma_sa['ca_ssl_key_pub']): + # Skip comments + if line[0:5] != "-----": + # XXX The embedded newlines matter, do not strip()! + plc_ticket_pubkey += line + except: + plc_ticket_pubkey = '%KEY%' + # Create/update system slices + legacy_slices = [ + # XXX Required for old Node Manager + {'name': "pl_conf", + 'description': "PlanetLab Slice Creation Service (SCS)", + 'url': url, + 'instantiation': "plc-instantiated", + # Renew forever + 'expires': sys.maxint, + 'attributes': [('plc_slice_type', "VServerSlice"), + ('plc_agent_version', "1.0"), + ('plc_ticket_pubkey', plc_ticket_pubkey)]}, + + # XXX Required for old Node Manager + {'name': "pl_conf_vserverslice", + 'description': "Default attributes for vserver slices", + 'url': url, + 'instantiation': "plc-instantiated", + # Renew forever + 'expires': sys.maxint, + 'attributes': [('cpu_share', "32"), + ('plc_slice_type', "VServerSlice"), + ('disk_max', "5000000")]}, + ] default_slices = [ + # PlanetFlow {'name': plc['slice_prefix'] + "_netflow", 'description': "PlanetFlow Traffic Auditing Service", + 'url': url, 'instantiation': "plc-instantiated", # Renew forever 'expires': sys.maxint, - 'attributes': {'reference': "planetflow"}}, + 'attributes': [('system', "1"), + ('vref', "planetflow"), + ('proper_op', "open file=/etc/passwd, flags=r"), + ('proper_op', "create_socket"), + ('proper_op', "bind_socket")]}, ] - + + ### leaving slice_prefix to default + if plc['slice_prefix'] == 'pl': + # create them with default slices + default_slices += legacy_slices + else: + # we use another slice prefix : disable legacy slices if already created + for legacy_slice in legacy_slices: + try: + DeleteSlice(legacy_slice['name']) + except: + pass + for default_slice in default_slices: slices = GetSlices([default_slice['name']]) if slices: @@ -511,16 +647,19 @@ def main(): slice = GetSlices([default_slice['name']])[0] # Create/update all attributes - slice_attributes = {} + slice_attributes = [] if slice['slice_attribute_ids']: + # Delete unknown attributes for slice_attribute in GetSliceAttributes(slice['slice_attribute_ids']): - slice_attributes[slice_attribute['name']] = slice_attribute - - for name, value in default_slice['attributes'].iteritems(): - if name not in slice_attributes: + if (slice_attribute['name'], slice_attribute['value']) \ + not in default_slice['attributes']: + DeleteSliceAttribute(slice_attribute['slice_attribute_id']) + else: + slice_attributes.append((slice_attribute['name'], slice_attribute['value'])) + + for (name, value) in default_slice['attributes']: + if (name, value) not in slice_attributes: AddSliceAttribute(slice['name'], name, value) - else: - UpdateSliceAttribute(slice_attributes[name]['slice_attribute_id'], value) if __name__ == '__main__': main()