'ignore_cmd_errors': False,
'always_update': False},
+ # XXX Required for old Node Manager
# Node Manager configuration
{'enabled': True,
'source': 'PlanetLabConf/pl_nm.conf',
'ignore_cmd_errors': False,
'always_update': False},
+ # XXX Required for old Node Manager
# Proper configuration
{'enabled': True,
'source': 'PlanetLabConf/propd.conf',
'ignore_cmd_errors': True,
'always_update': False},
+ # XXX Required for old Node Manager
# Bandwidth cap
{'enabled': True,
'source': 'PlanetLabConf/bwlimit.php',
'postinstall_cmd': '/sbin/iptables-restore --noflush < /etc/planetlab/blacklist',
'error_cmd': '',
'ignore_cmd_errors': True,
- 'always_update': True},
+ 'always_update': False},
# /etc/issue
{'enabled': True,
'postinstall_cmd': '/sbin/sysctl -e -p /etc/sysctl.conf',
'error_cmd': '',
'ignore_cmd_errors': False,
- 'always_update': True},
+ 'always_update': False},
# Sendmail configuration
{'enabled': True,
'description': "Type of slice (e.g. vserver)",
'min_role_id': 20},
+ # System slice
+ {'name': "system",
+ 'description': "Is a default system slice (1) or not (0 or unset)",
+ 'min_role_id': 10},
+
# Slice enabled (1) or suspended (0)
{'name': "enabled",
- 'description': "Slice enabled (1) or suspended (0)",
+ 'description': "Slice enabled (1 or unset) or suspended (0)",
'min_role_id': 10},
# Slice reference image
'description': "Disk quota (1k disk blocks)",
'min_role_id': 10},
+ # Proper operations
+ {'name': "proper_op",
+ 'description': "Proper operation (e.g. bind_socket)",
+ 'min_role_id': 10},
+
+ # XXX Required for old Node Manager
# Special attributes applicable to Slice Creation Service (pl_conf) slice
{'name': "plc_slice_type",
'description': "Type of slice rspec to be created",
plc_ticket_pubkey = '%KEY%'
# Create/update system slices
- default_slices = [
- # Required for old Node Manager
+ legacy_slices = [
+ # XXX Required for old Node Manager
{'name': "pl_conf",
'description': "PlanetLab Slice Creation Service (SCS)",
'url': url,
'instantiation': "plc-instantiated",
# Renew forever
'expires': sys.maxint,
- 'attributes': {'plc_slice_type': "VServerSlice",
- 'plc_agent_version': "1.0",
- 'plc_ticket_pubkey': plc_ticket_pubkey}},
+ 'attributes': [('plc_slice_type', "VServerSlice"),
+ ('plc_agent_version', "1.0"),
+ ('plc_ticket_pubkey', plc_ticket_pubkey)]},
- # Required for old Node Manager
+ # XXX Required for old Node Manager
{'name': "pl_conf_vserverslice",
'description': "Default attributes for vserver slices",
'url': url,
'instantiation': "plc-instantiated",
# Renew forever
'expires': sys.maxint,
- 'attributes': {'cpu_share': "32",
- 'plc_slice_type': "VServerSlice",
- 'disk_max': "5000000"}},
-
+ 'attributes': [('cpu_share', "32"),
+ ('plc_slice_type', "VServerSlice"),
+ ('disk_max', "5000000")]},
+ ]
+ default_slices = [
# PlanetFlow
{'name': plc['slice_prefix'] + "_netflow",
'description': "PlanetFlow Traffic Auditing Service",
'instantiation': "plc-instantiated",
# Renew forever
'expires': sys.maxint,
- 'attributes': {'vref': "planetflow"}},
+ 'attributes': [('system', "1"),
+ ('vref', "planetflow"),
+ ('proper_op', "open file=/etc/passwd, flags=r"),
+ ('proper_op', "create_socket"),
+ ('proper_op', "bind_socket")]},
]
-
+
+ ### xxx - to review once new node manager rolls out
+ # if PLC_SLICE_PREFIX is left to default - this is meant for the public PL only
+ if plc['slice_prefix'] == 'pl':
+ # create both legacy slices together with netflow through default_slices
+ default_slices += legacy_slices
+ else:
+ # we use another slice prefix : disable legacy slices if already created
+ for legacy_slice in legacy_slices:
+ try:
+ DeleteSlice(legacy_slice['name'])
+ except:
+ pass
+
for default_slice in default_slices:
slices = GetSlices([default_slice['name']])
if slices:
slice = GetSlices([default_slice['name']])[0]
# Create/update all attributes
- slice_attributes = {}
+ slice_attributes = []
if slice['slice_attribute_ids']:
+ # Delete unknown attributes
for slice_attribute in GetSliceAttributes(slice['slice_attribute_ids']):
- slice_attributes[slice_attribute['name']] = slice_attribute
-
- for name, value in default_slice['attributes'].iteritems():
- if name not in slice_attributes:
+ if (slice_attribute['name'], slice_attribute['value']) \
+ not in default_slice['attributes']:
+ DeleteSliceAttribute(slice_attribute['slice_attribute_id'])
+ else:
+ slice_attributes.append((slice_attribute['name'], slice_attribute['value']))
+
+ for (name, value) in default_slice['attributes']:
+ if (name, value) not in slice_attributes:
AddSliceAttribute(slice['name'], name, value)
- else:
- UpdateSliceAttribute(slice_attributes[name]['slice_attribute_id'], value)
+
+ # Load default message templates
+ message_templates = [
+ {'message_id': 'Verify account',
+ 'subject': "Verify account registration",
+ 'template': """
+Please verify that you registered for a %(PLC_NAME)s account with the
+username %(email)s by visiting:
+
+https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/register.php?id=%(person_id)d&key=%(verification_key)s
+
+If you did not register for a %(PLC_NAME)s account, please ignore this
+message, or contact %(PLC_NAME)s Support <%(PLC_MAIL_SUPPORT_ADDRESS)s>.
+"""
+ },
+
+ {'message_id': 'New PI account',
+ 'subject': "New PI account registration from %(first_name)s %(last_name)s <%(email)s> at %(site_name)s",
+ 'template': """
+%(first_name)s %(last_name)s <%(email)s> has signed up for a new
+%(PLC_NAME)s account at %(site_name)s and has requested a PI role. PIs
+are responsible for enabling user accounts, creating slices, and
+ensuring that all users abide by the %(PLC_NAME)s Acceptable Use
+Policy.
+
+Only %(PLC_NAME)s administrators may enable new PI accounts. If you
+are a PI at %(site_name)s, please respond and indicate whether this
+registration is acceptable.
+
+To view the request, visit:
+
+https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/index.php?id=%(person_id)d
+"""
+ },
+
+ {'message_id': 'New account',
+ 'subject': "New account registration from %(first_name)s %(last_name)s <%(email)s> at %(site_name)s",
+ 'template': """
+%(first_name)s %(last_name)s <%(email)s> has signed up for a new
+%(PLC_NAME)s account at %(site_name)s and has requested the following
+roles: %(roles)s.
+
+To deny the request or enable the account, visit:
+
+https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/index.php?id=%(person_id)d
+"""
+ },
+
+ {'message_id': 'Password reset requested',
+ 'subject': "Password reset requested",
+ 'template': """
+Someone has requested that the password of your %(PLC_NAME)s account
+%(email)s be reset. If this person was you, you may continue with the
+reset by visiting:
+
+https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/reset_password.php?id=%(person_id)d&key=%(verification_key)s
+
+If you did not request that your password be reset, please contact
+%(PLC_NAME)s Support <%(PLC_MAIL_SUPPORT_ADDRESS)s>. Do not quote or
+otherwise include any of this text in any correspondence.
+"""
+ },
+
+ {'message_id': 'Password reset',
+ 'subject': "Password reset",
+ 'template': """
+The password of your %(PLC_NAME)s account %(email)s has been
+temporarily reset to:
+
+%(password)s
+
+Please change it at as soon as possible by visiting:
+
+https://%(PLC_WWW_HOST)s:%(PLC_WWW_SSL_PORT)d/db/persons/index.php?id=%(person_id)d
+
+If you did not request that your password be reset, please contact
+%(PLC_NAME)s Support <%(PLC_MAIL_SUPPORT_ADDRESS)s>. Do not quote or
+otherwise include any of this text in any correspondence.
+"""
+ },
+ ]
+
+ for template in message_templates:
+ messages = GetMessages([template['message_id']])
+ if not messages:
+ AddMessage(template)
if __name__ == '__main__':
main()