# Mark Huang <mlhuang@cs.princeton.edu>
# Copyright (C) 2006 The Trustees of Princeton University
#
-# $Id: db-config,v 1.4 2006/11/08 23:34:28 mlhuang Exp $
+# $Id: db-config,v 1.10 2006/11/28 21:45:53 mlhuang Exp $
#
from plc_config import PLCConfiguration
'file_owner': 'root',
'file_group': 'root',
'preinstall_cmd': '',
- 'postinstall_cmd': '',
+ 'postinstall_cmd': '/bin/chmod 700 /root/.ssh',
'error_cmd': '',
'ignore_cmd_errors': False,
'always_update': False},
'file_owner': 'site_admin',
'file_group': 'site_admin',
'preinstall_cmd': 'grep -q site_admin /etc/passwd',
- 'postinstall_cmd': '',
+ 'postinstall_cmd': '/bin/chmod 700 /home/site_admin/.ssh',
'error_cmd': '',
'ignore_cmd_errors': False,
'always_update': False},
'file_owner': 'pl_admin',
'file_group': 'pl_admin',
'preinstall_cmd': 'grep -q pl_admin /etc/passwd',
- 'postinstall_cmd': '',
+ 'postinstall_cmd': '/bin/chmod 700 /home/pl_admin/.ssh',
'error_cmd': '',
'ignore_cmd_errors': False,
'always_update': False},
'ignore_cmd_errors': False,
'always_update': False},
+ # XXX Required for old Node Manager
+ # Node Manager configuration
+ {'enabled': True,
+ 'source': 'PlanetLabConf/pl_nm.conf',
+ 'dest': '/etc/planetlab/pl_nm.conf',
+ 'file_permissions': '644',
+ 'file_owner': 'root',
+ 'file_group': 'root',
+ 'preinstall_cmd': '',
+ 'postinstall_cmd': '/etc/init.d/pl_nm restart',
+ 'error_cmd': '',
+ 'ignore_cmd_errors': False,
+ 'always_update': False},
+ {'enabled': True,
+ 'source': 'PlanetLabConf/RootResources/plc_slice_pool.php',
+ 'dest': '/home/pl_nm/RootResources/plc_slice_pool',
+ 'file_permissions': '644',
+ 'file_owner': 'pl_nm',
+ 'file_group': 'pl_nm',
+ 'preinstall_cmd': '',
+ 'postinstall_cmd': '',
+ 'error_cmd': '',
+ 'ignore_cmd_errors': False,
+ 'always_update': False},
+ {'enabled': True,
+ 'source': 'PlanetLabConf/RootResources/pl_conf.py',
+ 'dest': '/home/pl_nm/RootResources/pl_conf',
+ 'file_permissions': '644',
+ 'file_owner': 'pl_nm',
+ 'file_group': 'pl_nm',
+ 'preinstall_cmd': '',
+ 'postinstall_cmd': '/etc/init.d/pl_nm restart',
+ 'error_cmd': '',
+ 'ignore_cmd_errors': False,
+ 'always_update': False},
+ {'enabled': True,
+ 'source': 'PlanetLabConf/RootResources/pl_netflow.py',
+ 'dest': '/home/pl_nm/RootResources/pl_netflow',
+ 'file_permissions': '644',
+ 'file_owner': 'pl_nm',
+ 'file_group': 'pl_nm',
+ 'preinstall_cmd': '',
+ 'postinstall_cmd': '',
+ 'error_cmd': '',
+ 'ignore_cmd_errors': False,
+ 'always_update': False},
+
+ # XXX Required for old Node Manager
# Proper configuration
{'enabled': True,
'source': 'PlanetLabConf/propd.conf',
'ignore_cmd_errors': True,
'always_update': False},
+ # XXX Required for old Node Manager
+ # Bandwidth cap
+ {'enabled': True,
+ 'source': 'PlanetLabConf/bwlimit.php',
+ 'dest': '/etc/planetlab/bwcap',
+ 'file_permissions': '644',
+ 'file_owner': 'root',
+ 'file_group': 'root',
+ 'preinstall_cmd': '',
+ 'postinstall_cmd': '/etc/init.d/pl_nm restart',
+ 'error_cmd': '',
+ 'ignore_cmd_errors': True,
+ 'always_update': False},
+
# Proxy ARP setup
{'enabled': True,
'source': 'PlanetLabConf/proxies.php',
'postinstall_cmd': '/sbin/iptables-restore --noflush < /etc/planetlab/blacklist',
'error_cmd': '',
'ignore_cmd_errors': True,
- 'always_update': True},
+ 'always_update': False},
# /etc/issue
{'enabled': True,
'postinstall_cmd': '/sbin/sysctl -e -p /etc/sysctl.conf',
'error_cmd': '',
'ignore_cmd_errors': False,
- 'always_update': True},
+ 'always_update': False},
# Sendmail configuration
{'enabled': True,
'description': "Type of slice (e.g. vserver)",
'min_role_id': 20},
+ # System slice
+ {'name': "system",
+ 'description': "Is a default system slice (1) or not (0 or unset)",
+ 'min_role_id': 10},
+
# Slice enabled (1) or suspended (0)
{'name': "enabled",
- 'description': "Slice enabled (1) or suspended (0)",
+ 'description': "Slice enabled (1 or unset) or suspended (0)",
'min_role_id': 10},
# Slice reference image
# Disk quota
{'name': "disk_max",
- 'description': "Disk quota (bytes)",
+ 'description': "Disk quota (1k disk blocks)",
+ 'min_role_id': 10},
+
+ # Proper operations
+ {'name': "proper_op",
+ 'description': "Proper operation (e.g. bind_socket)",
+ 'min_role_id': 10},
+
+ # XXX Required for old Node Manager
+ # Special attributes applicable to Slice Creation Service (pl_conf) slice
+ {'name': "plc_slice_type",
+ 'description': "Type of slice rspec to be created",
+ 'min_role_id': 20},
+ {'name': "plc_agent_version",
+ 'description': "Version of PLC agent (slice creation service) software to be deployed",
'min_role_id': 10},
+ {'name': "plc_ticket_pubkey",
+ 'description': "Public key used to verify PLC-signed tickets",
+ 'min_role_id': 10}
]
# Get list of existing attribute types
else:
UpdateSliceAttributeType(default_attribute_type['name'], default_attribute_type)
+ # Get contents of SSL public certificate used for signing slice tickets
+ try:
+ plc_ticket_pubkey = ""
+ for line in file(plc_ma_sa['ca_ssl_key_pub']):
+ # Skip comments
+ if line[0:5] != "-----":
+ # XXX The embedded newlines matter, do not strip()!
+ plc_ticket_pubkey += line
+ except:
+ plc_ticket_pubkey = '%KEY%'
+
# Create/update system slices
+ legacy_slices = [
+ # XXX Required for old Node Manager
+ {'name': "pl_conf",
+ 'description': "PlanetLab Slice Creation Service (SCS)",
+ 'url': url,
+ 'instantiation': "plc-instantiated",
+ # Renew forever
+ 'expires': sys.maxint,
+ 'attributes': [('plc_slice_type', "VServerSlice"),
+ ('plc_agent_version', "1.0"),
+ ('plc_ticket_pubkey', plc_ticket_pubkey)]},
+
+ # XXX Required for old Node Manager
+ {'name': "pl_conf_vserverslice",
+ 'description': "Default attributes for vserver slices",
+ 'url': url,
+ 'instantiation': "plc-instantiated",
+ # Renew forever
+ 'expires': sys.maxint,
+ 'attributes': [('cpu_share', "32"),
+ ('plc_slice_type', "VServerSlice"),
+ ('disk_max', "5000000")]},
+ ]
default_slices = [
+ # PlanetFlow
{'name': plc['slice_prefix'] + "_netflow",
'description': "PlanetFlow Traffic Auditing Service",
+ 'url': url,
'instantiation': "plc-instantiated",
# Renew forever
'expires': sys.maxint,
- 'attributes': {'reference': "planetflow"}},
+ 'attributes': [('system', "1"),
+ ('vref', "planetflow"),
+ ('proper_op', "open file=/etc/passwd, flags=r"),
+ ('proper_op', "create_socket"),
+ ('proper_op', "bind_socket")]},
]
-
+
+ ### leaving slice_prefix to default
+ if plc['slice_prefix'] == 'pl':
+ # create them with default slices
+ default_slices += legacy_slices
+ else:
+ # we use another slice prefix : disable legacy slices if already created
+ for legacy_slice in legacy_slices:
+ try:
+ DeleteSlice(legacy_slice['name'])
+ except:
+ pass
+
for default_slice in default_slices:
slices = GetSlices([default_slice['name']])
if slices:
slice = GetSlices([default_slice['name']])[0]
# Create/update all attributes
- slice_attributes = {}
+ slice_attributes = []
if slice['slice_attribute_ids']:
+ # Delete unknown attributes
for slice_attribute in GetSliceAttributes(slice['slice_attribute_ids']):
- slice_attributes[slice_attribute['name']] = slice_attribute
-
- for name, value in default_slice['attributes'].iteritems():
- if name not in slice_attributes:
+ if (slice_attribute['name'], slice_attribute['value']) \
+ not in default_slice['attributes']:
+ DeleteSliceAttribute(slice_attribute['slice_attribute_id'])
+ else:
+ slice_attributes.append((slice_attribute['name'], slice_attribute['value']))
+
+ for (name, value) in default_slice['attributes']:
+ if (name, value) not in slice_attributes:
AddSliceAttribute(slice['name'], name, value)
- else:
- UpdateSliceAttribute(slice_attributes[name]['slice_attribute_id'], value)
if __name__ == '__main__':
main()