X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=db-config;h=a7733203a4d74d7bc8c4b1d134dc8cfa0c48bc12;hb=6505a6ca0ec37cda613ed455109d4ef251201eb3;hp=1df4ba6d1482562775f396e8059fda016d5289cb;hpb=c47bddbcfbf6fa1082292141a20334afe5f777cf;p=myplc.git diff --git a/db-config b/db-config index 1df4ba6..a773320 100755 --- a/db-config +++ b/db-config @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/env /usr/bin/plcsh # # Bootstraps the PLC database with a default administrator account and # a default site, defines default slice attribute types, and @@ -7,15 +7,12 @@ # Mark Huang # Copyright (C) 2006 The Trustees of Princeton University # -# $Id: api-config,v 1.12 2006/05/30 15:06:20 mlhuang Exp $ +# $Id: db-config,v 1.22 2007/02/02 23:40:22 mlhuang Exp $ # -import plcapilib -(plcapi, moreopts, argv) = plcapilib.plcapi(globals()) from plc_config import PLCConfiguration import sys - def main(): cfg = PLCConfiguration() cfg.load() @@ -33,18 +30,18 @@ def main(): 'last_name': "Administrator", 'email': plc['root_user'], 'password': plc['root_password'] } - persons = AdmGetPersons([admin['person_id']]) + persons = GetPersons([admin['person_id']]) if not persons: - person_id = AdmAddPerson(admin['first_name'], admin['last_name'], admin) + person_id = AddPerson(admin) if person_id != admin['person_id']: # Huh? Someone deleted the account manually from the database. - AdmDeletePerson(person_id) + DeletePerson(person_id) raise Exception, "Someone deleted the \"%s %s\" account from the database!" % \ (admin['first_name'], admin['last_name']) - AdmSetPersonEnabled(person_id, True) + UpdatePerson(person_id, { 'enabled': True }) else: person_id = persons[0]['person_id'] - AdmUpdatePerson(person_id, admin) + UpdatePerson(person_id, admin) # Create/update the default site (should be site_id 1) if plc_www['port'] == '80': @@ -56,42 +53,38 @@ def main(): site = { 'site_id': 1, 'name': plc['name'] + " Central", 'abbreviated_name': plc['name'], - # XXX Default site slice_prefix/login_base must be "pl_" - # 'login_base': plc['slice_prefix'], - 'login_base': "pl", - 'is_public': False, + 'login_base': plc['slice_prefix'], + 'is_public': True, 'url': url, 'max_slices': 100 } - sites = AdmGetSites([site['site_id']]) + sites = GetSites([site['site_id']]) if not sites: - site_id = AdmAddSite(site['name'], site['abbreviated_name'], site['login_base'], site) + site_id = AddSite(site['name'], site['abbreviated_name'], site['login_base'], site) if site_id != site['site_id']: - AdmDeleteSite(site_id) + DeleteSite(site_id) raise Exception, "Someone deleted the \"%s\" site from the database!" % \ site['name'] sites = [site] - # Must call AdmUpdateSite() even after AdmAddSite() to update max_slices + # Must call UpdateSite() even after AddSite() to update max_slices site_id = sites[0]['site_id'] - # XXX login_base cannot be updated - del site['login_base'] - AdmUpdateSite(site_id, site) + UpdateSite(site_id, site) # The default administrator account must be associated with a site # in order to login. - AdmAddPersonToSite(admin['person_id'], site['site_id']) - AdmSetPersonPrimarySite(admin['person_id'], site['site_id']) + AddPersonToSite(admin['person_id'], site['site_id']) + SetPersonPrimarySite(admin['person_id'], site['site_id']) # Grant admin and PI roles to the default administrator account - AdmGrantRoleToPerson(admin['person_id'], 10) - AdmGrantRoleToPerson(admin['person_id'], 20) + AddRoleToPerson(10, admin['person_id']) + AddRoleToPerson(20, admin['person_id']) # Setup default PlanetLabConf entries default_conf_files = [ # NTP configuration - {'enabled': 1, - 'source': 'PlanetLabConf/ntpconf.php', + {'enabled': True, + 'source': 'PlanetLabConf/ntp.conf.php', 'dest': '/etc/ntp.conf', 'file_permissions': '644', 'file_owner': 'root', @@ -99,10 +92,10 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '/etc/rc.d/init.d/ntpd restart', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, - 'source': 'PlanetLabConf/ntptickers.php', + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, + 'source': 'PlanetLabConf/ntp/step-tickers.php', 'dest': '/etc/ntp/step-tickers', 'file_permissions': '644', 'file_owner': 'root', @@ -110,11 +103,11 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '/etc/rc.d/init.d/ntpd restart', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, # SSH server configuration - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/sshd_config', 'dest': '/etc/ssh/sshd_config', 'file_permissions': '600', @@ -123,46 +116,46 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '/etc/init.d/sshd restart', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, # Administrative SSH keys - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/keys.php?root', 'dest': '/root/.ssh/authorized_keys', 'file_permissions': '644', 'file_owner': 'root', 'file_group': 'root', 'preinstall_cmd': '', - 'postinstall_cmd': '', + 'postinstall_cmd': '/bin/chmod 700 /root/.ssh', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/keys.php?site_admin', 'dest': '/home/site_admin/.ssh/authorized_keys', 'file_permissions': '644', 'file_owner': 'site_admin', 'file_group': 'site_admin', 'preinstall_cmd': 'grep -q site_admin /etc/passwd', - 'postinstall_cmd': '', + 'postinstall_cmd': '/bin/chmod 700 /home/site_admin/.ssh', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/keys.php?role=admin', 'dest': '/home/pl_admin/.ssh/authorized_keys', 'file_permissions': '644', 'file_owner': 'pl_admin', 'file_group': 'pl_admin', 'preinstall_cmd': 'grep -q pl_admin /etc/passwd', - 'postinstall_cmd': '', + 'postinstall_cmd': '/bin/chmod 700 /home/pl_admin/.ssh', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, # Log rotation configuration - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/logrotate.conf', 'dest': '/etc/logrotate.conf', 'file_permissions': '644', @@ -171,11 +164,11 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, # updatedb/locate nightly cron job - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/slocate.cron', 'dest': '/etc/cron.daily/slocate.cron', 'file_permissions': '755', @@ -184,11 +177,11 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, # YUM configuration - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/yum.conf.php?gpgcheck=1', 'dest': '/etc/yum.conf', 'file_permissions': '644', @@ -197,9 +190,9 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/delete-rpm-list-production', 'dest': '/etc/planetlab/delete-rpm-list', 'file_permissions': '644', @@ -208,11 +201,11 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, # PLC configuration - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/get_plc_config.php', 'dest': '/etc/planetlab/plc_config', 'file_permissions': '644', @@ -221,9 +214,9 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/get_plc_config.php?python', 'dest': '/etc/planetlab/plc_config.py', 'file_permissions': '644', @@ -232,9 +225,9 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/get_plc_config.php?perl', 'dest': '/etc/planetlab/plc_config.pl', 'file_permissions': '644', @@ -243,9 +236,9 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/get_plc_config.php?php', 'dest': '/etc/planetlab/php/plc_config.php', 'file_permissions': '644', @@ -254,12 +247,13 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, + # XXX Required for old Node Manager # Node Manager configuration - {'enabled': 1, - 'source': 'PlanetLabConf/pl_nm-v3.conf', + {'enabled': True, + 'source': 'PlanetLabConf/pl_nm.conf', 'dest': '/etc/planetlab/pl_nm.conf', 'file_permissions': '644', 'file_owner': 'root', @@ -267,9 +261,9 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '/etc/init.d/pl_nm restart', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/RootResources/plc_slice_pool.php', 'dest': '/home/pl_nm/RootResources/plc_slice_pool', 'file_permissions': '644', @@ -278,9 +272,9 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/RootResources/pl_conf.py', 'dest': '/home/pl_nm/RootResources/pl_conf', 'file_permissions': '644', @@ -289,9 +283,9 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '/etc/init.d/pl_nm restart', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/RootResources/pl_netflow.py', 'dest': '/home/pl_nm/RootResources/pl_netflow', 'file_permissions': '644', @@ -300,12 +294,13 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, + # XXX Required for old Node Manager # Proper configuration - {'enabled': 1, - 'source': 'PlanetLabConf/propd-NM-1.0.conf', + {'enabled': True, + 'source': 'PlanetLabConf/propd.conf', 'dest': '/etc/proper/propd.conf', 'file_permissions': '644', 'file_owner': 'root', @@ -313,11 +308,12 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '/etc/init.d/proper restart', 'error_cmd': '', - 'ignore_cmd_errors': 1, - 'always_update': 0}, + 'ignore_cmd_errors': True, + 'always_update': False}, + # XXX Required for old Node Manager # Bandwidth cap - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/bwlimit.php', 'dest': '/etc/planetlab/bwcap', 'file_permissions': '644', @@ -326,11 +322,11 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '/etc/init.d/pl_nm restart', 'error_cmd': '', - 'ignore_cmd_errors': 1, - 'always_update': 0}, + 'ignore_cmd_errors': True, + 'always_update': False}, # Proxy ARP setup - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/proxies.php', 'dest': '/etc/planetlab/proxies', 'file_permissions': '644', @@ -339,11 +335,11 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, # Firewall configuration - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/iptables', 'dest': '/etc/sysconfig/iptables', 'file_permissions': '600', @@ -352,9 +348,9 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/blacklist.php', 'dest': '/etc/planetlab/blacklist', 'file_permissions': '600', @@ -363,11 +359,11 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '/sbin/iptables-restore --noflush < /etc/planetlab/blacklist', 'error_cmd': '', - 'ignore_cmd_errors': 1, - 'always_update': 1}, + 'ignore_cmd_errors': True, + 'always_update': False}, # /etc/issue - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/issue.php', 'dest': '/etc/issue', 'file_permissions': '644', @@ -376,11 +372,11 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, # Kernel parameters - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/sysctl.php', 'dest': '/etc/sysctl.conf', 'file_permissions': '644', @@ -389,12 +385,12 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '/sbin/sysctl -e -p /etc/sysctl.conf', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 1}, + 'ignore_cmd_errors': False, + 'always_update': False}, # Sendmail configuration - {'enabled': 1, - 'source': 'PlanetLabConf/alpha-sendmail.mc', + {'enabled': True, + 'source': 'PlanetLabConf/sendmail.mc', 'dest': '/etc/mail/sendmail.mc', 'file_permissions': '644', 'file_owner': 'root', @@ -402,10 +398,10 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, - 'source': 'PlanetLabConf/alpha-sendmail.cf', + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, + 'source': 'PlanetLabConf/sendmail.cf', 'dest': '/etc/mail/sendmail.cf', 'file_permissions': '644', 'file_owner': 'root', @@ -413,11 +409,11 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': 'service sendmail restart', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, # GPG signing keys - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/RPM-GPG-KEY-fedora', 'dest': '/etc/pki/rpm-gpg/RPM-GPG-KEY-fedora', 'file_permissions': '644', @@ -426,9 +422,9 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, - {'enabled': 1, + 'ignore_cmd_errors': False, + 'always_update': False}, + {'enabled': True, 'source': 'PlanetLabConf/get_gpg_key.php', 'dest': '/etc/pki/rpm-gpg/RPM-GPG-KEY-planetlab', 'file_permissions': '644', @@ -437,11 +433,11 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-planetlab', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, # Ping of death configuration - {'enabled': 1, + {'enabled': True, 'source': 'PlanetLabConf/ipod.conf.php', 'dest': '/etc/ipod.conf', 'file_permissions': '644', @@ -450,12 +446,12 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}, + 'ignore_cmd_errors': False, + 'always_update': False}, # sudo configuration - {'enabled': 1, - 'source': 'PlanetLabConf/v3-sudoers.php', + {'enabled': True, + 'source': 'PlanetLabConf/sudoers', 'dest': '/etc/sudoers', 'file_permissions': '440', 'file_owner': 'root', @@ -463,14 +459,15 @@ def main(): 'preinstall_cmd': '', 'postinstall_cmd': '/usr/sbin/visudo -c', 'error_cmd': '', - 'ignore_cmd_errors': 0, - 'always_update': 0}] + 'ignore_cmd_errors': False, + 'always_update': False} + ] # Get list of existing (enabled, global) files - conf_files = AdmGetConfFile() + conf_files = GetConfFiles() conf_files = filter(lambda conf_file: conf_file['enabled'] and \ - not conf_file['node_id'] and \ - not conf_file['nodegroup_id'], + not conf_file['node_ids'] and \ + not conf_file['nodegroup_ids'], conf_files) dests = [conf_file['dest'] for conf_file in conf_files] conf_files = dict(zip(dests, conf_files)) @@ -478,166 +475,424 @@ def main(): # Create/update default PlanetLabConf entries for default_conf_file in default_conf_files: if default_conf_file['dest'] not in dests: - AdmCreateConfFile(default_conf_file['enabled'], - default_conf_file['source'], - default_conf_file['dest'], - default_conf_file['file_permissions'], - default_conf_file['file_owner'], - default_conf_file['file_group'], - default_conf_file['preinstall_cmd'], - default_conf_file['postinstall_cmd'], - default_conf_file['error_cmd'], - default_conf_file['ignore_cmd_errors'], - default_conf_file['always_update']) + AddConfFile(default_conf_file) else: conf_file = conf_files[default_conf_file['dest']] - AdmUpdateConfFile(conf_file['conf_file_id'], default_conf_file) + UpdateConfFile(conf_file['conf_file_id'], default_conf_file) # Setup default slice attribute types default_attribute_types = [ # Slice type (only vserver is supported) - {'name': "plc_slice_type", - 'description': "Type of slice rspec to be created", - 'is_exclusive': True, 'min_role_id': 20, 'max_per_slice': 1, - 'value_fields': [{'description': "rspec class", - 'name': "type", - 'type': "string"}]}, + {'name': "type", + 'description': "Type of slice (e.g. vserver)", + 'min_role_id': 20}, + + # System slice + {'name': "system", + 'description': "Is a default system slice (1) or not (0 or unset)", + 'min_role_id': 10}, + + # Slice enabled (1) or suspended (0) + {'name': "enabled", + 'description': "Slice enabled (1 or unset) or suspended (0)", + 'min_role_id': 10}, + + # Slice reference image + {'name': "vref", + 'description': "Reference image", + 'min_role_id': 30}, # Slice initialization script {'name': "initscript", - 'description': "slice initialization script", - 'is_exclusive': False, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "", - 'name': "initscript_id", - 'type': "integer"}]}, - - # CPU share (general_prop_share is deprecated) - {'name': "general_prop_share", - 'description': "general share", - 'is_exclusive': False, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "", - 'name': "general_prop_share", - 'type': "integer"}]}, - {'name': "nm_cpu_share", - 'description': "Number of CPU shares to be allocated to slice", - 'is_exclusive': True, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "number of shares", - 'name': "cpu_share", - 'type': "integer"}]}, + 'description': "Slice initialization script", + 'min_role_id': 10}, - # Bandwidth limits - {'name': "nm_net_min_rate", - 'description': "Minimum network Tx bandwidth", - 'is_exclusive': True, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "rate (bps)", - 'name': "rate", - 'type': "integer"}]}, - {'name': "nm_net_max_rate", - 'description': "Maximum network Tx bandwidth", - 'is_exclusive': True, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "rate (bps)", - 'name': "rate", - 'type': "integer"}]}, - {'name': "nm_net_avg_rate", - 'description': "Average daily network Tx bandwidth", - 'is_exclusive': True, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "rate (bps)", - 'name': "rate", - 'type': "integer"}]}, - {'name': "nm_net_exempt_min_rate", - 'description': "Minimum network Tx bandwidth to Internet2 destinations", - 'is_exclusive': True, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "rate (bps)", - 'name': "rate", - 'type': "integer"}]}, - {'name': "nm_net_exempt_max_rate", - 'description': "Maximum network Tx bandwidth to Internet2 destinations", - 'is_exclusive': True, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "rate (bps)", - 'name': "rate", - 'type': "integer"}]}, - {'name': "nm_net_exempt avg_rate", - 'description': "Average daily network Tx bandwidth to Internet2 destinations", - 'is_exclusive': True, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "rate (bps)", - 'name': "rate", - 'type': "integer"}]}, + # CPU share + {'name': "cpu_min", + 'description': "Minimum CPU share (ms/s)", + 'min_role_id': 10}, + {'name': "cpu_share", + 'description': "Number of CPU shares", + 'min_role_id': 10}, + # Bandwidth limits + {'name': "net_min_rate", + 'description': "Minimum bandwidth (kbps)", + 'min_role_id': 10}, + {'name': "net_max_rate", + 'description': "Maximum bandwidth (kbps)", + 'min_role_id': 10}, + {'name': "net_i2_min_rate", + 'description': "Minimum bandwidth over I2 routes (kbps)", + 'min_role_id': 10}, + {'name': "net_i2_max_rate", + 'description': "Maximum bandwidth over I2 routes (kbps)", + 'min_role_id': 10}, + {'name': "net_max_kbyte", + 'description': "Maximum daily network Tx KByte limit.", + 'min_role_id': 10}, + {'name': "net_thresh_kbyte", + 'description': "KByte limit before warning and throttling.", + 'min_role_id': 10}, + {'name': "net_i2_max_kbyte", + 'description': "Maximum daily network Tx KByte limit to I2 hosts.", + 'min_role_id': 10}, + {'name': "net_i2_thresh_kbyte", + 'description': "KByte limit to I2 hosts before warning and throttling.", + 'min_role_id': 10}, + {'name': "net_share", + 'description': "Number of bandwidth shares", + 'min_role_id': 10}, + {'name': "net_i2_share", + 'description': "Number of bandwidth shares over I2 routes", + 'min_role_id': 10}, + # Disk quota - {'name': "nm_disk_quota", - 'description': "Disk quota", - 'is_exclusive': True, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "Number of 1k disk blocks", - 'name': "quota", - 'type': "integer"}]}, + {'name': "disk_max", + 'description': "Disk quota (1k disk blocks)", + 'min_role_id': 10}, + # Proper operations + {'name': "proper_op", + 'description': "Proper operation (e.g. bind_socket)", + 'min_role_id': 10}, + + # XXX Required for old Node Manager # Special attributes applicable to Slice Creation Service (pl_conf) slice + {'name': "plc_slice_type", + 'description': "Type of slice rspec to be created", + 'min_role_id': 20}, {'name': "plc_agent_version", 'description': "Version of PLC agent (slice creation service) software to be deployed", - 'is_exclusive': True, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "current version of PLC agent (SCS)", - 'name': "version", - 'type': "string"}]}, + 'min_role_id': 10}, {'name': "plc_ticket_pubkey", 'description': "Public key used to verify PLC-signed tickets", - 'is_exclusive': True, 'min_role_id': 10, 'max_per_slice': 1, - 'value_fields': [{'description': "PEM-encoded public key", - 'name': "key", - 'type': "string"}]}] + 'min_role_id': 10} + ] # Get list of existing attribute types - attribute_types = SliceAttributeTypeList() + attribute_types = GetSliceAttributeTypes() + attribute_types = [attribute_type['name'] for attribute_type in attribute_types] # Create/update default slice attribute types for default_attribute_type in default_attribute_types: if default_attribute_type['name'] not in attribute_types: - SliceAttributeTypeCreate(default_attribute_type['name'], - default_attribute_type['description'], - default_attribute_type['min_role_id'], - default_attribute_type['max_per_slice'], - default_attribute_type['is_exclusive'], - default_attribute_type['value_fields']) + AddSliceAttributeType(default_attribute_type) else: - # XXX No way to update slice attribute types - pass - - # Get contents of SSL public certificate used for signing slice tickets - try: - plc_ticket_pubkey = "" - for line in file(plc_ma_sa['ssl_key_pub']): - # Skip comments - if line[0:5] != "-----": - # XXX The embedded newlines matter, do not strip()! - plc_ticket_pubkey += line - except: - plc_ticket_pubkey = '%KEY%' + UpdateSliceAttributeType(default_attribute_type['name'], default_attribute_type) # Create/update system slices - slices = [{'name': "pl_conf", - 'description': "PlanetLab Slice Creation Service (SCS)", - 'url': url, - 'attributes': {'plc_slice_type': {'type': "VServerSlice"}, - 'plc_agent_version': {'version': "1.0"}, - 'plc_ticket_pubkey': {'key': plc_ticket_pubkey}}}, - {'name': "pl_conf_vserverslice", - 'description': "Default attributes for vserver slices", - 'url': url, - 'attributes': {'nm_cpu_share': {'cpu_share': 32}, - 'plc_slice_type': {'type': "VServerSlice"}, - 'nm_disk_quota': {'quota': 5000000}}}] - for slice in slices: - try: - SliceInfo([slice['name']]) - except: - SliceCreate(slice['name']) - SliceSetInstantiationMethod(slice['name'], 'plc-instantiated') - SliceUpdate(slice['name'], slice['url'], slice['description']) - # Renew forever - SliceRenew(slice['name'], sys.maxint) + legacy_slices = [ + # XXX Required for old Node Manager + {'name': "pl_conf", + 'description': "PlanetLab Slice Creation Service (SCS)", + 'url': url, + 'instantiation': "plc-instantiated", + # Renew forever + 'expires': sys.maxint, + 'attributes': [('plc_slice_type', "VServerSlice"), + ('plc_agent_version', "1.0"), + ('plc_ticket_pubkey', "")]}, + + # XXX Required for old Node Manager + {'name': "pl_conf_vserverslice", + 'description': "Default attributes for vserver slices", + 'url': url, + 'instantiation': "plc-instantiated", + # Renew forever + 'expires': sys.maxint, + 'attributes': [('cpu_share', "32"), + ('plc_slice_type', "VServerSlice"), + ('disk_max', "5000000")]}, + ] + default_slices = [ + # PlanetFlow + {'name': plc['slice_prefix'] + "_netflow", + 'description': "PlanetFlow Traffic Auditing Service", + 'url': url, + 'instantiation': "plc-instantiated", + # Renew forever + 'expires': sys.maxint, + 'attributes': [('system', "1"), + ('vref', "planetflow"), + ('proper_op', "open file=/etc/passwd, flags=r"), + ('proper_op', "create_socket"), + ('proper_op', "bind_socket")]}, + ] + + ### xxx - to review once new node manager rolls out + # if PLC_SLICE_PREFIX is left to default - this is meant for the public PL only + if plc['slice_prefix'] == 'pl': + # create both legacy slices together with netflow through default_slices + default_slices += legacy_slices + else: + # we use another slice prefix : disable legacy slices if already created + for legacy_slice in legacy_slices: + try: + DeleteSlice(legacy_slice['name']) + except: + pass + + for default_slice in default_slices: + slices = GetSlices([default_slice['name']]) + if slices: + slice = slices[0] + UpdateSlice(slice['slice_id'], default_slice) + else: + AddSlice(default_slice) + slice = GetSlices([default_slice['name']])[0] + # Create/update all attributes - for attribute, values in slice['attributes'].iteritems(): - SliceAttributeSet(slice['name'], attribute, values) + slice_attributes = [] + if slice['slice_attribute_ids']: + # Delete unknown attributes + for slice_attribute in GetSliceAttributes(slice['slice_attribute_ids']): + if (slice_attribute['name'], slice_attribute['value']) \ + not in default_slice['attributes']: + DeleteSliceAttribute(slice_attribute['slice_attribute_id']) + else: + slice_attributes.append((slice_attribute['name'], slice_attribute['value'])) + + for (name, value) in default_slice['attributes']: + if (name, value) not in slice_attributes: + AddSliceAttribute(slice['name'], name, value) + + installfailed = """ +Once the node meets these requirements, please reinitiate the install +by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Click the Reinstall link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + + # Load default message templates + message_templates = [ + {'message_id': 'Verify account', + 'subject': "Verify account registration", + 'template': """ +Please verify that you registered for a %(PLC_NAME)s account with the +username %(email)s by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/register.php?id=%(person_id)d&key=%(verification_key)s + +If you did not register for a %(PLC_NAME)s account, please ignore this +message, or contact %(PLC_NAME)s Support <%(PLC_MAIL_SUPPORT_ADDRESS)s>. +""" + }, + + {'message_id': 'New PI account', + 'subject': "New PI account registration from %(first_name)s %(last_name)s <%(email)s> at %(site_name)s", + 'template': """ +%(first_name)s %(last_name)s <%(email)s> has signed up for a new +%(PLC_NAME)s account at %(site_name)s and has requested a PI role. PIs +are responsible for enabling user accounts, creating slices, and +ensuring that all users abide by the %(PLC_NAME)s Acceptable Use +Policy. + +Only %(PLC_NAME)s administrators may enable new PI accounts. If you +are a PI at %(site_name)s, please respond and indicate whether this +registration is acceptable. + +To view the request, visit: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/index.php?id=%(person_id)d +""" + }, + + {'message_id': 'New account', + 'subject': "New account registration from %(first_name)s %(last_name)s <%(email)s> at %(site_name)s", + 'template': """ +%(first_name)s %(last_name)s <%(email)s> has signed up for a new +%(PLC_NAME)s account at %(site_name)s and has requested the following +roles: %(roles)s. + +To deny the request or enable the account, visit: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/index.php?id=%(person_id)d +""" + }, + + {'message_id': 'Password reset requested', + 'subject': "Password reset requested", + 'template': """ +Someone has requested that the password of your %(PLC_NAME)s account +%(email)s be reset. If this person was you, you may continue with the +reset by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/reset_password.php?id=%(person_id)d&key=%(verification_key)s + +If you did not request that your password be reset, please contact +%(PLC_NAME)s Support <%(PLC_MAIL_SUPPORT_ADDRESS)s>. Do not quote or +otherwise include any of this text in any correspondence. +""" + }, + + {'message_id': 'Password reset', + 'subject': "Password reset", + 'template': """ +The password of your %(PLC_NAME)s account %(email)s has been +temporarily reset to: + +%(password)s + +Please change it at as soon as possible by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/index.php?id=%(person_id)d + +If you did not request that your password be reset, please contact +%(PLC_NAME)s Support <%(PLC_MAIL_SUPPORT_ADDRESS)s>. Do not quote or +otherwise include any of this text in any correspondence. +""" + }, + + # Boot Manager messages + {'message_id': "installfinished", + 'subject': "%(hostname)s completed installation", + 'template': """ +%(hostname)s just completed installation. + +The node should be usable in a couple of minutes if installation was +successful. +""" + }, + + {'message_id': "insufficientdisk", + 'subject': "%(hostname)s does not have sufficient disk space", + 'template': """ +%(hostname)s failed to boot because it does not have sufficent disk +space, or because its disk controller was not recognized. + +Please replace the current disk or disk controller or install +additional disks to meet the current hardware requirements. +""" + installfailed + }, + + {'message_id': "insufficientmemory", + 'subject': "%(hostname)s does not have sufficient memory", + 'template': """ +%(hostname)s failed to boot because it does not have sufficent +memory. + +Please install additional memory to meet the current hardware +requirements. +""" + installfailed + }, + + {'message_id': "authfail", + 'subject': "%(hostname)s failed to authenticate", + 'template': +""" +%(hostname)s failed to authenticate for the following reason: + +%(fault)s + +The most common reason for authentication failure is that the +authentication key stored in the node configuration file, does not +match the key on record. Regenerate the node configuration file by +visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Click the Configuration File link, and save the downloaded file as +plnode.txt on either a floppy disk or a USB flash drive. Click the +Boot link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + }, + + {'message_id': "notinstalled", + 'subject': "%(hostname)s is not installed", + 'template': +""" +%(hostname)s failed to boot because it has either never been +installed, or the installation is corrupt. + +Please check if the hard drive has failed, and replace it if so. After +doing so, visit: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Click the Reinstall link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + }, + + {'message_id': "hostnamenotresolve", + 'subject': "%(hostname)s does not resolve", + 'template': +""" +%(hostname)s failed to boot because its hostname does not resolve, or +does resolve but does not match its configured IP address. + +Please check the network settings for the node, especially its +hostname, IP address, and DNS servers, by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Correct any errors, click the Reinstall link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + }, + + # XXX N.B. I don't think these are necessary, since there's no + # way that the Boot Manager would even be able to contact the + # API to send these messages. + + {'message_id': "noconfig", + 'subject': "%(hostname)s does not have a configuration file", + 'template': """ +%(hostname)s failed to boot because it could not find a PlanetLab +configuration file. To create this file, visit: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Click the Configuration File link, and save the downloaded file as +plnode.txt on either a floppy disk or a USB flash drive. Click the +Reinstall link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + }, + {'message_id': "nodetectednetwork", + 'subject': "%(hostname)s has unsupported network hardware", + 'template': +""" + +%(hostname)s failed to boot because it has network hardware that is +unsupported by the current production kernel. If it has booted +successfully in the past, please try re-installing it by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Click the Reinstall link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + }, + ] + + for template in message_templates: + messages = GetMessages([template['message_id']]) + if not messages: + AddMessage(template) if __name__ == '__main__': main() + +# Local variables: +# tab-width: 4 +# mode: python +# End: