X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=db-config;h=e5a275ad0ea5aa4e85e9b1edc0702f123a3afc33;hb=bd6a98f3c29d7e0f56ad65434e1ed694eb79608a;hp=b81043b348c049c74478f899a37749a41871fe53;hpb=eb3d09488033ebf735d4bb1a2f6b662634c7a83f;p=myplc.git diff --git a/db-config b/db-config index b81043b..e5a275a 100755 --- a/db-config +++ b/db-config @@ -7,7 +7,7 @@ # Mark Huang # Copyright (C) 2006 The Trustees of Princeton University # -# $Id$ +# $Id: db-config,v 1.20 2007/02/02 19:43:01 faiyaza Exp $ # from plc_config import PLCConfiguration @@ -250,6 +250,7 @@ def main(): 'ignore_cmd_errors': False, 'always_update': False}, + # XXX Required for old Node Manager # Node Manager configuration {'enabled': True, 'source': 'PlanetLabConf/pl_nm.conf', @@ -296,6 +297,7 @@ def main(): 'ignore_cmd_errors': False, 'always_update': False}, + # XXX Required for old Node Manager # Proper configuration {'enabled': True, 'source': 'PlanetLabConf/propd.conf', @@ -309,6 +311,7 @@ def main(): 'ignore_cmd_errors': True, 'always_update': False}, + # XXX Required for old Node Manager # Bandwidth cap {'enabled': True, 'source': 'PlanetLabConf/bwlimit.php', @@ -357,7 +360,7 @@ def main(): 'postinstall_cmd': '/sbin/iptables-restore --noflush < /etc/planetlab/blacklist', 'error_cmd': '', 'ignore_cmd_errors': True, - 'always_update': True}, + 'always_update': False}, # /etc/issue {'enabled': True, @@ -383,7 +386,7 @@ def main(): 'postinstall_cmd': '/sbin/sysctl -e -p /etc/sysctl.conf', 'error_cmd': '', 'ignore_cmd_errors': False, - 'always_update': True}, + 'always_update': False}, # Sendmail configuration {'enabled': True, @@ -484,9 +487,14 @@ def main(): 'description': "Type of slice (e.g. vserver)", 'min_role_id': 20}, + # System slice + {'name': "system", + 'description': "Is a default system slice (1) or not (0 or unset)", + 'min_role_id': 10}, + # Slice enabled (1) or suspended (0) {'name': "enabled", - 'description': "Slice enabled (1) or suspended (0)", + 'description': "Slice enabled (1 or unset) or suspended (0)", 'min_role_id': 10}, # Slice reference image @@ -508,36 +516,48 @@ def main(): 'min_role_id': 10}, # Bandwidth limits - {'name': "net_min", - 'description': "Minimum bandwidth (bps)", + {'name': "net_min_rate", + 'description': "Minimum bandwidth (kbps)", 'min_role_id': 10}, - {'name': "net_max", - 'description': "Maximum bandwidth (bps)", + {'name': "net_max_rate", + 'description': "Maximum bandwidth (kbps)", 'min_role_id': 10}, - {'name': "net_avg", - 'description': "Average bandwidth (bps)", + {'name': "net_i2_min_rate", + 'description': "Minimum bandwidth over I2 routes (kbps)", 'min_role_id': 10}, - {'name': "net_share", - 'description': "Number of bandwidth shares", + {'name': "net_i2_max_rate", + 'description': "Maximum bandwidth over I2 routes (kbps)", 'min_role_id': 10}, - {'name': "net2_min", - 'description': "Minimum bandwidth over routes exempt from node bandwidth limits (bps)", + {'name': "net_max_kbyte", + 'description': "Maximum daily network Tx KByte limit.", 'min_role_id': 10}, - {'name': "net2_max", - 'description': "Maximum bandwidth over routes exempt from node bandwidth limits (bps)", + {'name': "net_thresh_kbyte", + 'description': "KByte limit before warning and throttling.", 'min_role_id': 10}, - {'name': "net2_avg", - 'description': "Average bandwidth over routes exempt from node bandwidth limits (bps)", + {'name': "net_i2_max_kbyte", + 'description': "Maximum daily network Tx KByte limit to I2 hosts.", 'min_role_id': 10}, - {'name': "net2_share", - 'description': "Number of bandwidth shares over routes exempt from node bandwidth limits", + {'name': "net_i2_thresh_kbyte", + 'description': "KByte limit to I2 hosts before warning and throttling.", 'min_role_id': 10}, - + {'name': "net_share", + 'description': "Number of bandwidth shares", + 'min_role_id': 10}, + {'name': "net_i2_share", + 'description': "Number of bandwidth shares over I2 routes", + 'min_role_id': 10}, + # Disk quota {'name': "disk_max", 'description': "Disk quota (1k disk blocks)", 'min_role_id': 10}, + # Proper operations + {'name': "proper_op", + 'description': "Proper operation (e.g. bind_socket)", + 'min_role_id': 10}, + + # XXX Required for old Node Manager # Special attributes applicable to Slice Creation Service (pl_conf) slice {'name': "plc_slice_type", 'description': "Type of slice rspec to be created", @@ -573,29 +593,30 @@ def main(): plc_ticket_pubkey = '%KEY%' # Create/update system slices - default_slices = [ - # Required for old Node Manager + legacy_slices = [ + # XXX Required for old Node Manager {'name': "pl_conf", 'description': "PlanetLab Slice Creation Service (SCS)", 'url': url, 'instantiation': "plc-instantiated", # Renew forever 'expires': sys.maxint, - 'attributes': {'plc_slice_type': "VServerSlice", - 'plc_agent_version': "1.0", - 'plc_ticket_pubkey': plc_ticket_pubkey}}, + 'attributes': [('plc_slice_type', "VServerSlice"), + ('plc_agent_version', "1.0"), + ('plc_ticket_pubkey', plc_ticket_pubkey)]}, - # Required for old Node Manager + # XXX Required for old Node Manager {'name': "pl_conf_vserverslice", 'description': "Default attributes for vserver slices", 'url': url, 'instantiation': "plc-instantiated", # Renew forever 'expires': sys.maxint, - 'attributes': {'cpu_share': "32", - 'plc_slice_type': "VServerSlice", - 'disk_max': "5000000"}}, - + 'attributes': [('cpu_share', "32"), + ('plc_slice_type', "VServerSlice"), + ('disk_max', "5000000")]}, + ] + default_slices = [ # PlanetFlow {'name': plc['slice_prefix'] + "_netflow", 'description': "PlanetFlow Traffic Auditing Service", @@ -603,9 +624,26 @@ def main(): 'instantiation': "plc-instantiated", # Renew forever 'expires': sys.maxint, - 'attributes': {'vref': "planetflow"}}, + 'attributes': [('system', "1"), + ('vref', "planetflow"), + ('proper_op', "open file=/etc/passwd, flags=r"), + ('proper_op', "create_socket"), + ('proper_op', "bind_socket")]}, ] - + + ### xxx - to review once new node manager rolls out + # if PLC_SLICE_PREFIX is left to default - this is meant for the public PL only + if plc['slice_prefix'] == 'pl': + # create both legacy slices together with netflow through default_slices + default_slices += legacy_slices + else: + # we use another slice prefix : disable legacy slices if already created + for legacy_slice in legacy_slices: + try: + DeleteSlice(legacy_slice['name']) + except: + pass + for default_slice in default_slices: slices = GetSlices([default_slice['name']]) if slices: @@ -616,16 +654,251 @@ def main(): slice = GetSlices([default_slice['name']])[0] # Create/update all attributes - slice_attributes = {} + slice_attributes = [] if slice['slice_attribute_ids']: + # Delete unknown attributes for slice_attribute in GetSliceAttributes(slice['slice_attribute_ids']): - slice_attributes[slice_attribute['name']] = slice_attribute - - for name, value in default_slice['attributes'].iteritems(): - if name not in slice_attributes: + if (slice_attribute['name'], slice_attribute['value']) \ + not in default_slice['attributes']: + DeleteSliceAttribute(slice_attribute['slice_attribute_id']) + else: + slice_attributes.append((slice_attribute['name'], slice_attribute['value'])) + + for (name, value) in default_slice['attributes']: + if (name, value) not in slice_attributes: AddSliceAttribute(slice['name'], name, value) - else: - UpdateSliceAttribute(slice_attributes[name]['slice_attribute_id'], value) + + installfailed = """ +Once the node meets these requirements, please reinitiate the install +by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Click the Reinstall link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + + # Load default message templates + message_templates = [ + {'message_id': 'Verify account', + 'subject': "Verify account registration", + 'template': """ +Please verify that you registered for a %(PLC_NAME)s account with the +username %(email)s by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/register.php?id=%(person_id)d&key=%(verification_key)s + +If you did not register for a %(PLC_NAME)s account, please ignore this +message, or contact %(PLC_NAME)s Support <%(PLC_MAIL_SUPPORT_ADDRESS)s>. +""" + }, + + {'message_id': 'New PI account', + 'subject': "New PI account registration from %(first_name)s %(last_name)s <%(email)s> at %(site_name)s", + 'template': """ +%(first_name)s %(last_name)s <%(email)s> has signed up for a new +%(PLC_NAME)s account at %(site_name)s and has requested a PI role. PIs +are responsible for enabling user accounts, creating slices, and +ensuring that all users abide by the %(PLC_NAME)s Acceptable Use +Policy. + +Only %(PLC_NAME)s administrators may enable new PI accounts. If you +are a PI at %(site_name)s, please respond and indicate whether this +registration is acceptable. + +To view the request, visit: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/index.php?id=%(person_id)d +""" + }, + + {'message_id': 'New account', + 'subject': "New account registration from %(first_name)s %(last_name)s <%(email)s> at %(site_name)s", + 'template': """ +%(first_name)s %(last_name)s <%(email)s> has signed up for a new +%(PLC_NAME)s account at %(site_name)s and has requested the following +roles: %(roles)s. + +To deny the request or enable the account, visit: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/index.php?id=%(person_id)d +""" + }, + + {'message_id': 'Password reset requested', + 'subject': "Password reset requested", + 'template': """ +Someone has requested that the password of your %(PLC_NAME)s account +%(email)s be reset. If this person was you, you may continue with the +reset by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/reset_password.php?id=%(person_id)d&key=%(verification_key)s + +If you did not request that your password be reset, please contact +%(PLC_NAME)s Support <%(PLC_MAIL_SUPPORT_ADDRESS)s>. Do not quote or +otherwise include any of this text in any correspondence. +""" + }, + + {'message_id': 'Password reset', + 'subject': "Password reset", + 'template': """ +The password of your %(PLC_NAME)s account %(email)s has been +temporarily reset to: + +%(password)s + +Please change it at as soon as possible by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/index.php?id=%(person_id)d + +If you did not request that your password be reset, please contact +%(PLC_NAME)s Support <%(PLC_MAIL_SUPPORT_ADDRESS)s>. Do not quote or +otherwise include any of this text in any correspondence. +""" + }, + + # Boot Manager messages + {'message_id': "installfinished", + 'subject': "%(hostname)s completed installation", + 'template': """ +%(hostname)s just completed installation. + +The node should be usable in a couple of minutes if installation was +successful. +""" + }, + + {'message_id': "insufficientdisk", + 'subject': "%(hostname)s does not have sufficient disk space", + 'template': """ +%(hostname)s failed to boot because it does not have sufficent disk +space, or because its disk controller was not recognized. + +Please replace the current disk or disk controller or install +additional disks to meet the current hardware requirements. +""" + installfailed + }, + + {'message_id': "insufficientmemory", + 'subject': "%(hostname)s does not have sufficient memory", + 'template': """ +%(hostname)s failed to boot because it does not have sufficent +memory. + +Please install additional memory to meet the current hardware +requirements. +""" + installfailed + }, + + {'message_id': "authfail", + 'subject': "%(hostname)s failed to authenticate", + 'template': +""" +%(hostname)s failed to authenticate for the following reason: + +%(fault)s + +The most common reason for authentication failure is that the +authentication key stored in the node configuration file, does not +match the key on record. Regenerate the node configuration file by +visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Click the Configuration File link, and save the downloaded file as +plnode.txt on either a floppy disk or a USB flash drive. Click the +Boot link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + }, + + {'message_id': "notinstalled", + 'subject': "%(hostname)s is not installed", + 'template': +""" +%(hostname)s failed to boot because it has either never been +installed, or the installation is corrupt. + +Please check if the hard drive has failed, and replace it if so. After +doing so, visit: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Click the Reinstall link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + }, + + {'message_id': "hostnamenotresolve", + 'subject': "%(hostname)s does not resolve", + 'template': +""" +%(hostname)s failed to boot because its hostname does not resolve, or +does resolve but does not match its configured IP address. + +Please check the network settings for the node, especially its +hostname, IP address, and DNS servers, by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Correct any errors, click the Reinstall link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + }, + + # XXX N.B. I don't think these are necessary, since there's no + # way that the Boot Manager would even be able to contact the + # API to send these messages. + + {'message_id': "noconfig", + 'subject': "%(hostname)s does not have a configuration file", + 'template': """ +%(hostname)s failed to boot because it could not find a PlanetLab +configuration file. To create this file, visit: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Click the Configuration File link, and save the downloaded file as +plnode.txt on either a floppy disk or a USB flash drive. Click the +Reinstall link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + }, + + {'message_id': "nodetectednetwork", + 'subject': "%(hostname)s has unsupported network hardware", + 'template': +""" + +%(hostname)s failed to boot because it has network hardware that is +unsupported by the current production kernel. If it has booted +successfully in the past, please try re-installing it by visiting: + +https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/nodes/?id=%(node_id)d + +Click the Reinstall link, then reboot the node. + +If you have already performed this step and are still receiving this +message, please reply so that we may investigate the problem. +""" + }, + ] + + for template in message_templates: + messages = GetMessages([template['message_id']]) + if not messages: + AddMessage(template) if __name__ == '__main__': main()