Added support for white listing slices.

Added in a number of vserver specific resources in the "default allocation" table,
such that when they are set as slice attributes they will make their way down to
sliver_vs.py.

diff --git a/sm.py b/sm.py
index cb90364..d747e71 100644 (file)
--- a/sm.py
+++ b/sm.py
@@ -15,10 +15,12 @@ import database
 import delegate
 import logger
 import sliver_vs
+import string,re
 
 
 DEFAULT_ALLOCATION = {
     'enabled': 1,
+    'whitelist': 1,
     # CPU parameters
     'cpu_min': 0, # ms/s
     'cpu_share': 32, # proportional share
@@ -34,12 +36,73 @@ DEFAULT_ALLOCATION = {
     'net_thresh_kbyte': 4529848, #Kbyte
     'net_i2_max_kbyte': 17196646,
     'net_i2_thresh_kbyte': 13757316,
-    'disk_max': 5000000 # bytes
+    # disk space limit
+    'disk_max': 5000000, # bytes
+
+    # VSERVER specific limits
+    # resident set size (memory) limits
+    'rss_min': sliver_vs.KEEP_LIMIT,
+    'rss_soft': sliver_vs.KEEP_LIMIT,
+    'rss_hard': sliver_vs.KEEP_LIMIT,
+    # address space limits
+    'as_min': sliver_vs.KEEP_LIMIT,
+    'as_soft': sliver_vs.KEEP_LIMIT,
+    'as_hard': sliver_vs.KEEP_LIMIT,
+    # number of process limit
+    'nproc_min': sliver_vs.KEEP_LIMIT,
+    'nproc_soft': sliver_vs.KEEP_LIMIT,
+    'nproc_hard': sliver_vs.KEEP_LIMIT,
+    # number of file descriptor limit
+    'openfd_min': sliver_vs.KEEP_LIMIT,
+    'openfd_soft': sliver_vs.KEEP_LIMIT,
+    'openfd_hard': sliver_vs.KEEP_LIMIT,
     }
 
 start_requested = False  # set to True in order to request that all slivers be started
 
 
+def whitelistfilter():
+    """creates a regex (re) object based on the slice definitions
+       in /etc/planetlab/whitelist"""
+
+    whitelist = []
+    whitelist_re = re.compile("([a-zA-Z0-9\*]+)_([a-zA-Z0-9\*]+)")
+    linecount = 0
+    try:
+        f = open('/etc/planetlab/whitelist')
+        for line in f.readlines():
+            linecount = linecount+1
+            line = line.strip()
+            # skip comments
+            if len(line)>0 and line[0]=='#':
+                continue
+            m = whitelist_re.search(line)
+            if m == None:
+                logger.log("skipping line #%d in /etc/planetlab/whitelist" % linecount)
+                continue
+            else:
+                whitelist.append(m.group())
+        f.close()
+    except IOError,e:
+        logger.log("IOError -> %s" % e)
+        logger.log("No whitelist file found; setting slice white list to *_*")
+        whitelist = ["*_*"]
+
+    white_re_list = None
+    for w in whitelist:
+        w = string.replace(w,'*','([a-zA-Z0-9]+)')
+        if white_re_list == None:
+            white_re_list = w
+        else:
+            white_re_list = "(%s)|(%s)" % (white_re_list,w)
+
+    if white_re_list == None:
+        white_re_list = "([a-zA-Z0-9]+)_([a-zA-Z0-9]+)"
+
+    logger.log("whitelist regex = %s" % white_re_list)
+    whitelist_re = re.compile(white_re_list)
+    return whitelist_re
+
 @database.synchronized
 def GetSlivers(data, fullupdate=True):
     """This function has two purposes.  One, convert GetSlivers() data
@@ -78,6 +141,9 @@ def GetSlivers(data, fullupdate=True):
     for is_rec in data['initscripts']:
         initscripts_by_id[str(is_rec['initscript_id'])] = is_rec['script']
 
+    # remove slivers not on the whitelist
+    whitelist_regex = whitelistfilter()
+    
     for sliver in data['slivers']:
         rec = sliver.copy()
         rec.setdefault('timestamp', data['timestamp'])
@@ -106,6 +172,13 @@ def GetSlivers(data, fullupdate=True):
             try: amt = int(attr_dict[resname])
             except (KeyError, ValueError): amt = default_amt
             rspec[resname] = amt
+
+        # disable sliver
+        m = whitelist_regex.search(sliver['name'])
+        if m == None:
+            rspec['whitelist'] = 0
+            rspec['enabled'] = 0
+
         database.db.deliver_record(rec)
     if fullupdate: database.db.set_min_timestamp(data['timestamp'])
     database.db.sync()