clone_image.in

#!/usr/bin/perl -w
#
# Copyright (c) 2000-2014 University of Utah and the Flux Group.
# 
# {{{EMULAB-LICENSE
# 
# This file is part of the Emulab network testbed software.
# 
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
# 
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public
# License for more details.
# 
# You should have received a copy of the GNU Affero General Public License
# along with this file.  If not, see <http://www.gnu.org/licenses/>.
# 
# }}}
#
use English;
use strict;
use Getopt::Std;
use Data::Dumper;
use File::Temp qw(tempfile);
use CGI;
use File::Basename;

#
# Clone an image (descriptor) from a node and then snapshot
# that node into the descriptor. Creates the descriptor if
# if it does not exist. The idea is to use all of the info
# from the current image descriptor that is loaded on the node
# to quickly create a new descriptor by inheriting all of the
# attributes of the original.
#
# We also want to support taking a snapshot of a previously
# created clone. To make everything work properly, require
# that the imagename exist in the experiment project, which
# ensures that we are operating on a clone, not an image in
# some other project or a system image.
#
sub usage()
{
    print("Usage: clone_image [-d] [-e] [-n | -s] <imagename> <node_id>\n".
	  "Options:\n".
	  "       -d     Turn on debug mode\n".
	  "       -e     Create a whole disk image\n".
	  "       -g 0,1 Override base image global setting\n".
	  "       -s     Create descriptor but do not snapshot\n".
	  "       -n     Impotent mode\n");
    exit(-1);
}
my $optlist     = "densg:";
my $debug       = 0;
my $wholedisk   = 0;
my $impotent    = 0;
my $nosnapshot  = 0;
my $isvirtnode  = 0;
my $global;

#
# Configure variables
#
my $TB           = "@prefix@";
my $PROJROOT     = "@PROJROOT_DIR@";
my $GROUPROOT    = "@GROUPSROOT_DIR@";
my $CREATEIMAGE  = "$TB/bin/create_image";
my $NEWIMAGEEZ   = "$TB/bin/newimageid_ez";
my $DOPROVENANCE = @IMAGEPROVENANCE@;

#
# Untaint the path
#
$ENV{'PATH'} = "$TB/bin:$TB/sbin:/bin:/usr/bin:/usr/bin:/usr/sbin";
delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};

#
# Turn off line buffering on output
#
$| = 1;

#
# Load the Testbed support stuff.
#
use lib "@prefix@/lib";
use EmulabConstants;
use emutil;
use User;
use Project;
use Image;
use OSinfo;
use Node;

# Protos
sub fatal($);

#
# Parse command arguments. Once we return from getopts, all that should be
# left are the required arguments.
#
my %options = ();
if (! getopts($optlist, \%options)) {
    usage();
}
if (defined($options{"d"})) {
    $debug = 1;
}
if (defined($options{"e"})) {
    $wholedisk = 1;
}
if (defined($options{"n"})) {
    $impotent = 1;
}
if (defined($options{"s"})) {
    $nosnapshot = 1;
}
if (defined($options{"g"})) {
    $global = $options{"g"};
}
usage()
    if (@ARGV != 2);

my $imagename = shift(@ARGV);
my $node_id   = shift(@ARGV);

#
# Map invoking user to object. 
#
my $this_user = User->ThisUser();
if (! defined($this_user)) {
    fatal("You ($UID) do not exist!");
}

#
# The node must of course be allocated and the user must have
# permission to clone it. 
#
my $node = Node->Lookup($node_id);
if (!defined($node)) {
    fatal("No such node");
}
$isvirtnode = $node->isvirtnode();

if (!$node->AccessCheck($this_user, TB_NODEACCESS_LOADIMAGE())) {
    fatal("Not enough permission");
}
my $experiment = $node->Reservation();
if (!defined($experiment)) {
    fatal("Node is not reserved");
}
my $pid     = $experiment->pid();
my $group   = $experiment->GetGroup();
my $gid     = $group->gid();
my $project = $experiment->GetProject();
if (! (defined($project) && defined($group))) {
    fatal("Could not get project/group for $experiment");
}
my $image = Image->Lookup($project->pid(), $imagename);

#
# Need to look up the base image; the image that is currently running
# on the node and being cloned.
#
my ($base_osinfo, $base_image) = $node->RunningOsImage();
# No support for cloning MFSs, so there will always be a base image.
if (! (defined($base_osinfo) && defined($base_image))) {
    fatal("Could not determine osid/imageid for $node_id");
}
print "$node_id is running $base_osinfo,$base_image\n"
    if ($debug);

#
# The simple case is that the descriptor already exists. So it is just
# a simple snapshot to the image file. 
#
if (defined($image)) {
    my $needdelete = 0;
    
    #
    # Only EZ images via this interface.
    #
    if (!$image->ezid()) {
	fatal("Cannot clone a non-ez image");
    }

    #
    # But we do not allow emulab-ops images to be overwritten.
    # Might remove this later. Just being careful since this is going
    # to be used from the ProtoGENI RPC interface.
    #
    if ($image->pid eq TBOPSPID() && !$this_user->IsAdmin()) {
	fatal("Not allowed to snapshot a system image");
    }
    
    #
    # The access check above determines if the caller has permission
    # to overwrite the image file. 
    # Not that this matters, cause create_image is going to make the
    # same checks.
    #
    if ($impotent) {
	print "Not doing anything in impotent mode\n";
	exit(0);
    }

    #
    # We create a new version of the image descriptor for the new
    # snapshot. We mark it as not ready so that others know it is
    # in transition. When we later call createimage, it will make
    # sure the ready bit is clear before trying to lock it. 
    #
    # Before we do anything destructive, we lock the image.
    #
    if ($image->Lock()) {
	fatal("Image is locked, please try again later!\n");
    }
    if ($DOPROVENANCE) {
	#
	# Is the ready bit set? If not, it means something went wrong with
	# a previous image creation. Lets reset the provenance.
	#
	if (!$image->ready()) {
	    my $osinfo = OSinfo->Lookup($image->imageid());
	    if (!defined($osinfo)) {
		$image->Unlock();
		fatal("Cannot lookup osinfo for $image");
	    }
	    $image->SetProvenance($base_image);
	    $osinfo->SetProvenance($base_osinfo);
	}
	else {
	    my $clone_error;
	    my $clone = $image->NewVersion($this_user,
					   $base_image, undef, \$clone_error);
	    if (!defined($clone)) {
		$image->Unlock();
		fatal("Could not clone image descriptor" .
		      (defined($clone_error) ? ": $clone_error" : "") . "\n");
	    }
	    $image = $clone;
	    $needdelete = 1;

	    #
	    # Watch for a system image that is saved elsewhere; see equiv code
	    # in create_image. We change the path to point over to the /proj
	    # directory so that we do not burn up space on boss until it is
	    # officially "released". We can also use this version of the image
	    # by explicitly using its version number, before it is released. 
	    #
	    if ($image->path() =~ /^\/usr\/testbed/) {
		my $path = $PROJROOT . "/" . $image->pid() . "/images/" .
		    basename($image->path()) . ":" . $image->version();

		if ($image->Update({"path" => $path, "released" => 0})) {
		    $image->DeleteVersion();
		    fatal("Could not update path and ready bit");
		}
	    }
	}
    }
    $image->Unlock();
    
    if ($nosnapshot) {
	print "Not taking a snapshot, as directed\n"
	    if ($debug);
	exit(0);
    }

    my $output = emutil::ExecQuiet("$CREATEIMAGE -p $pid $imagename $node_id");
    if ($?) {
	if ($DOPROVENANCE) {
	    $image->DeleteVersion()
		if ($needdelete);
	}
	print STDERR $output;
	fatal("Failed to create image");
    }
    print "Image is being created. This can take 15-30 minutes.\n";
    exit(0);
}
DoNew:

#
# Only EZ images via this interface.
#
if (!$base_image->ezid()) {
    fatal("Cannot clone a non-ez image");
}

#
# To avoid confusion, we do not allow users to shadow system images
# in their own project. 
#
if (Image->LookupByName($imagename) && !$this_user->IsAdmin()) {
    fatal("Not allowed to shadow snapshot a system image");
}

# Subgroups change the path
my $path = ($experiment->pid() eq $experiment->gid() ?
	    "$PROJROOT/$pid/images/${imagename}.ndz" :
	    "$GROUPROOT/$pid/$gid/images/${imagename}.ndz");

#
# Create the image descriptor. We use the backend script to do the
# heavy lifting, but we have to cons up an XML file based on the image
# descriptor that is being cloned.
#
# These are the fields we have to come up with, plus a number
# of mtype_* entries.
#
my %xmlfields =
    ("imagename"	=> $imagename,
     "pid"		=> $project->pid(),
     "gid"		=> $experiment->gid(),
     "description"	=> $base_osinfo->description(),
     "OS"		=> $base_osinfo->OS(),
     "version"		=> $base_osinfo->version(),
     "path"		=> $path,
     "op_mode",		=> $base_osinfo->op_mode(),
     "global"           => (defined($global) ?
			    ($global ? 1 : 0) : $base_osinfo->shared()),
     "wholedisk",	=> $wholedisk,
);
$xmlfields{"reboot_waittime"} = $base_osinfo->reboot_waittime()
    if (defined($base_osinfo->reboot_waittime()));
$xmlfields{"osfeatures"} = $base_osinfo->osfeatures()
    if (defined($base_osinfo->osfeatures()) &&
	$base_osinfo->osfeatures() ne "");
    
if (defined($base_image)) {
    $xmlfields{"mbr_version"}     = $base_image->mbr_version();
    $xmlfields{"loadpart"}        = $base_image->loadpart();
    $xmlfields{"noexport"}        = $base_image->noexport();
    $xmlfields{"global"}          = (defined($global) ?
				     ($global ? 1 : 0) : $base_image->global());

    # Short form uses wholedisk instead. Should fix this. 
    if ($base_image->loadpart() == 0 && $base_image->loadlength() == 4) {
	$xmlfields{"loadpart"}    = 1;
	$xmlfields{"wholedisk"}   = 1;
    }
    elsif ($wholedisk) {
	$xmlfields{"loadpart"}    = 1;
    }
}
elsif ($isvirtnode) {
    $xmlfields{"reboot_waittime"} = 240;
    $xmlfields{"loadpart"}        = 1;
    $xmlfields{"mtype_pcvm"}      = 1;
    $xmlfields{"wholedisk"}       = 1;
}
else {
    fatal("No base image for $node_id");
}
# This needs more thought.
if (($isvirtnode || $base_osinfo) && $base_osinfo->def_parentosid()) {
    my $parentosinfo = OSinfo->Lookup($base_osinfo->def_parentosid());
    if (!defined($parentosinfo)) {
	fatal("Could not lookup object for parent osid of $base_osinfo");
    }
    $xmlfields{"def_parentosid"} =
	$parentosinfo->pid() . "," . $parentosinfo->osname();

    # And this is just plain bogus. 
    #$xmlfields{"mbr_version"} = 99;
}

#
# Grab the existing type list and generate new mtype_* variables.
#
if (defined($base_image)) {
    my @typelist = $base_image->TypeList($base_osinfo);
    if (! @typelist) {
	fatal("$base_image does not run on any types");
    }
    foreach my $type (@typelist) {
	my $type_id = $type->type();
    
	$xmlfields{"mtype_${type_id}"} = 1;
    }
}

#
# Create the XML file to pass to newimageid_ez.
#
my ($fh, $filename) = tempfile(UNLINK => 1);
fatal("Could not create temporary file")
    if (!defined($fh));

print $fh "<image>\n";
foreach my $key (keys(%xmlfields)) {
    my $value = $xmlfields{$key};

    print $fh "<attribute name=\"$key\">";
    print $fh "<value>" . CGI::escapeHTML($value) . "</value>";
    print $fh "</attribute>\n";
}
print $fh "</image>\n";
close($fh);

if ($debug) {
    system("/bin/cat $filename");
}

my $output = emutil::ExecQuiet("$NEWIMAGEEZ -s -v $filename");
if ($?) {
    print STDERR $output;
    my $foo = `cat $filename`;
    print STDERR $foo;
    fatal("Failed to verify image descriptor from $filename");
}
if ($impotent) {
    print "Not doing anything in impotent mode\n";
    system("cat $filename");
    exit(0);
}
$output = emutil::ExecQuiet("$NEWIMAGEEZ -s $filename");
if ($?) {
    print STDERR $output;
    my $foo = `cat $filename`;
    print STDERR $foo;
    fatal("Failed to create image descriptor");
}

$image = Image->Lookup($project->pid(), $imagename);
if (!defined($image)) {
    fatal("Cannot lookup newly created image for $imagename");
}
my $osinfo = OSinfo->Lookup($image->imageid());
if (!defined($osinfo)) {
    fatal("Cannot lookup newly created osinfo for $image");
}
if ($DOPROVENANCE) {
    $image->SetProvenance($base_image);
    $osinfo->SetProvenance($base_osinfo);
}
if ($debug) {
    print "Created $osinfo\n";
    print "Created $image\n";
}
if ($nosnapshot) {
    print "Not taking a snapshot, as directed\n"
	if ($debug);
    exit(0);
}
$output = emutil::ExecQuiet("$CREATEIMAGE -p $pid $imagename $node_id");
if ($?) {
    print STDERR $output;
    fatal("Failed to create image");
}
print "Image is being created. This can take 15-30 minutes.\n";
exit(0);

sub fatal($)
{
    my ($mesg) = @_;

    die("*** $0:\n".
	"    $mesg\n");
}