A slew of changes for jails!

58960470 · Leigh B. Stoller · fdb9600a · 58960470 · 58960470 · 58960470
Commit 58960470 authored Jun 24, 2003 by Leigh B. Stoller
19 changed files
--- a/tmcd/common/GNUmakefile.in
+++ b/tmcd/common/GNUmakefile.in
@@ -19,7 +19,7 @@ SUBDIR		= tmcd/common

 include $(OBJDIR)/Makeconf

-all:
+all:	vnodesetup

 include $(TESTBED_SRCDIR)/GNUmakerules


--- a/tmcd/common/bootvnodes
+++ b/tmcd/common/bootvnodes
@@ -18,10 +18,10 @@ use POSIX qw(strftime);
 #
 sub usage()
 {
-    print "Usage: bootvnodes [-d] [-f]\n";
+    print "Usage: bootvnodes [-d] [-f] [-k | -h]\n";
    exit(1);
 }
-my $optlist = "df";
+my $optlist = "kdfh";

 #
 # Turn off line buffering on output
@@ -42,6 +42,8 @@ my $logname = "$LOGDIR/bootvnodes.debug";
 my $vndir   = "/var/emulab/jails";
 my $debug   = 0;
 my $daemon  = 1;
+my $killit  = 0;
+my $haltit  = 0;

 #
 # Forward declarations for prototype checking
@@ -62,6 +64,12 @@ if (defined($options{"d"})) {
 if (defined($options{"f"})) {
    $daemon = 0;
 }
+if (defined($options{"k"})) {
+    $killit = 1;
+}
+if (defined($options{"h"})) {
+    $haltit = 1;
+}
 if (@ARGV) {
    usage();
 }
@@ -95,6 +103,28 @@ if ($daemon && TBBackGround($logname)) {
    exit(0);
 }

+if ($killit | $haltit) {
+    my $opt = ($haltit ? "-h" : "-k");
+    my $act = ($haltit ? "Halting" : "Killing");
+    
+    print "$act vnodes ... please be patient ...\n";
+
+    opendir(DIR, "/var/emulab/jails") or
+	die("Cannot opendir /var/emulab/jails: $!\n");
+    my @files = readdir(DIR);
+    closedir(DIR);
+
+    foreach my $file (@files) {
+	if ($file ne "." && $file ne ".." &&
+	    $file =~ /^([-\w]*)$/) {
+
+	    print "$act vnode $1 ...\n";
+	    system("vnodesetup $opt $1");
+	}
+    }
+    exit(0);
+}
+
 my %curvnodelist;
 my @vnodes;


--- a/tmcd/common/rc.progagent
+++ b/tmcd/common/rc.progagent
@@ -91,7 +91,7 @@ while (<CMD>) {
    }
 }

-if (!defined(@agents) || !defined($login)) {
+if (! @agents || !defined($login)) {
    fatal(TMPROGAGENTS . " not in proper format!");
 }


--- a/tmcd/common/vnodesetup
+++ b/tmcd/common/vnodesetup
@@ -23,15 +23,16 @@ BEGIN { require "/etc/emulab/paths.pm"; import emulabpaths; }
 #
 sub usage()
 {
-    print "Usage: vnodesetup [-j [-s]] [-b | -k | -r] [-d] <vnodeid>\n".
+    print "Usage: vnodesetup [-j [-s]] [-b | -k | -r | -h] [-d] <vnodeid>\n".
 	"Use the -k option to kill the virtual node.\n";
    exit(1);
 }
-my $optlist	= "kbdjsr";
+my $optlist	= "kbdjsrh";

 # Locals
 my $killit	= 0;
 my $rebootit	= 0;
+my $haltit	= 0;
 my $debug	= 0;
 my $fromboot	= 0;
 my $dojail	= 0;
@@ -92,6 +93,9 @@ if (! getopts($optlist, \%options)) {
 if (defined($options{"k"})) {
    $killit = 1;
 }
+if (defined($options{"h"})) {
+    $haltit = 1;
+}
 if (defined($options{"r"})) {
    $rebootit = 1;
 }
@@ -127,11 +131,9 @@ my $vnodedir = "/var/emulab/jails/$vnodeid";
 my $logname  = "$LOGDIR/tbvnode-${vnodeid}.log";

 #
-# If killing the virtual node, then kill the manager process. We use
-# the negative signal number to send to the process group so that all
-# stuff gets killed in one fell swoop.
+# If killing/halting the virtual node, then kill the manager process.
 #
-if ($killit) {
+if ($killit || $haltit) {
    if (! -e $pidfile) {
 	die("*** $0:\n".
 	    "    No pid for $vnodeid manager!\n");
@@ -183,9 +185,11 @@ if (!$debug && !$interactive && TBBackGround($logname)) {
 }

 #
-# Change our process group since we are a daemon. Not usually important,
-# but we get called from the watchdog, and we do not want to be in
-# its process group, or it will die when we get killed.
+# Change our process group since we are a daemon; we get called from
+# the watchdog, and we do not want to be in its process group, or it
+# will die when we get killed. In any event, by putting ourselves into
+# another process group, we can more easily kill off all our decendents.
+# when tearing down.
 #
 POSIX::setsid();

@@ -251,7 +255,7 @@ if (! -e $vnodedir) {
 # Inform the TMCD we are setting up. 
 #
 REBOOT:
-system("tmcc -n $vnodeid state REBOOTING");
+system("tmcc -n $vnodeid state BOOTING");
 system("tmcc -n $vnodeid state TBSETUP");

 #
@@ -274,15 +278,28 @@ if (!defined($pid)) {
 $UID = 0;

 #
-# Okay, now startup the scripts.
+# This stuff is done only when the node is not in a jail. The jail setup
+# code does all this, so we avoid duplication of effort.
 #
-if (-e TMTUNNELCONFIG) {
-    print "Starting Tunnels ...\n";
-    TBForkCmd(TMTUNNELCONFIG);
-    sleep(5);
-}
-
 if (!$dojail) {
+    print STDOUT "Checking Testbed tunnel configuration ... \n";
+    dotunnels();
+
+    print STDOUT "Checking Testbed routing configuration ... \n";
+    dorouterconfig();
+
+    print STDOUT "Checking Testbed traffic generation configuration ...\n";
+    dotrafficconfig();
+
+    #
+    # Okay, now run startup the scripts
+    #
+    if (-e TMTUNNELCONFIG) {
+	print "Starting Tunnels ...\n";
+	TBForkCmd(TMTUNNELCONFIG);
+	sleep(5);
+    }
+
    if (-e TMTRAFFICCONFIG) {
 	print "Starting Traffic Generators ...\n";
 	TBForkCmd(TMTRAFFICCONFIG);
@@ -359,8 +376,10 @@ sub killvnode() {
 	die("*** $0:\n".
 	    "    Bad data in pid: $mpid!\n");
    }
-    if (kill('USR1', $mpid) == 0) {
-	print"*** Could not kill(USR1) process $mpid: $!\n";
+    my $sigtosend = ($haltit ? 'TERM' : 'USR1');
+	
+    if (kill($sigtosend, $mpid) == 0) {
+	print"*** Could not kill($sigtosend) process $mpid: $!\n";
 	return -1;
    }
    
@@ -368,11 +387,11 @@ sub killvnode() {
    # Wait for the pidfile to be removed. Do not wait too long though. 
    # 
    for (my $i = 0; $i < 30;) {
-	sleep(5);
+	sleep(2);
 	if (! -e $pidfile) {
 	    return 0;
 	}
-	$i += 5;
+	$i += 2;
    }
    print "*** Not able to kill running vnode manager process $mpid!\n";
    return 0;

--- a/tmcd/freebsd/GNUmakefile.in
+++ b/tmcd/freebsd/GNUmakefile.in
@@ -112,6 +112,7 @@ script-install:	dir-install
 	$(INSTALL) -m 755 $(SRCDIR)/cpuspeed.awk $(BINDIR)/cpuspeed.awk
 	$(INSTALL) -m 755 $(SRCDIR)/tbshutdown $(BINDIR)/tbshutdown
 	$(INSTALL) -m 755 $(SRCDIR)/delaysetup $(BINDIR)/delaysetup
+	$(INSTALL) -m 755 $(SRCDIR)/ifsetup $(BINDIR)/ifsetup
 	$(INSTALL) -m 755 $(SRCDIR)/control_interface \
 			$(BINDIR)/control_interface
 	$(INSTALL) -m 644 $(SRCDIR)/gated_fxp0.conf $(BINDIR)/gated_fxp0.conf
@@ -137,15 +138,18 @@ jail-install:	dir-install
 	$(INSTALL) -m 640 $(SRCDIR)/jail/master.passwd $(JAILDIR)/master.passwd
 	$(INSTALL) -m 755 $(SRCDIR)/jail/rc.conf $(JAILDIR)/rc.conf
 	$(INSTALL) -m 755 $(SRCDIR)/jail/rc.local $(JAILDIR)/rc.local
+	$(INSTALL) -m 755 $(SRCDIR)/jail/rc.injail $(BINDIR)/rc.injail
 	$(INSTALL) -m 755 $(SRCDIR)/jail/injail.pl $(JAILDIR)/injail.pl
 	$(INSTALL) -m 755 $(SRCDIR)/jail/crontab $(JAILDIR)/crontab
-	$(INSTALL) -m 755 $(SRCDIR)/jail/jaildog.pl $(BINDIR)/jaildog.pl
-	$(INSTALL) -m 755 $(SRCDIR)/jail/jailctl $(BINDIR)/jailctl
+	$(INSTALL) -m 755 $(SRCDIR)/jail/jailsetup $(BINDIR)/jailsetup
 	$(INSTALL) -m 755 $(SRCDIR)/jail/mkjail.pl $(BINDIR)/mkjail.pl

 # Invoked from ../ron
 remote-install:	jail-install
 	$(INSTALL) -m 755 $(SRCDIR)/rc.ipod $(BINDIR)/rc.ipod
+	# Does tunnel stuff.
+	$(INSTALL) -m 755 $(SRCDIR)/ifsetup $(BINDIR)/ifsetup
+	$(INSTALL) -m 755 $(SRCDIR)/delaysetup $(BINDIR)/delaysetup
 	$(INSTALL) -m 755 $(SRCDIR)/liblocsetup.pm $(BINDIR)/liblocsetup.pm

 # Invoked from ../ron

--- a/tmcd/freebsd/cvsup.auth
+++ b/tmcd/freebsd/cvsup.auth
 paper.emulab.net:root@any.emulab.net:NoStinkingPassword:
+boss.mini.emulab.net:root@any.mini.emulab.net:NoStinkingPassword:
--- a/tmcd/freebsd/delaysetup
+++ b/tmcd/freebsd/delaysetup
@@ -384,7 +384,7 @@ sub LinkDelaySetup()
    my @delays;
    my $kernel;
    my $checkreplace = 0;
-    my $gotjails = 0;
+    my $gotjails = (defined($vnodeid) ? 1 : 0); 
    my $upcmds   = "";
    my $downcmds = "";


--- a/tmcd/freebsd/ifsetup
+++ b/tmcd/freebsd/ifsetup
@@ -83,7 +83,9 @@ if (@ARGV) {

 # Uninstall just looks for the file and runs it.
 if ($uninstall) {
-    system("delaysetup -u " . (defined($vnodeid) ? "-j $vnodeid" : "")); 
+    system("delaysetup -u " . (defined($vnodeid) ? "-j $vnodeid" : ""))
+	if (!REMOTE());
+	
    system(TMIFC . " disable")
 	if (-e TMIFC);
    if (defined($vnodeid) && defined($rtabid)) {
@@ -100,7 +102,8 @@ unlink TMIFC, TMROUTECONFIG, TMTUNNELCONFIG;
 # is run via the ifconfig, so just need to run that one.
 #
 dotunnels($rtabid);
-doifconfig($rtabid);
+doifconfig($rtabid)
+    if (!REMOTE());
 dorouterconfig($rtabid);

 if (-e TMTUNNELCONFIG && $install) {
@@ -118,6 +121,8 @@ if (-e TMIFC && $install) {
 # Do the delaysetup stuff.
 system("delaysetup ".
       ($install ? "-i " : "") .
-       (defined($vnodeid) ? "-j $vnodeid " : ""));
+       (defined($vnodeid) ? "-j $vnodeid " : ""))
+    if (!REMOTE());
+   
 exit(0);

--- a/tmcd/freebsd/jail/injail.pl
+++ b/tmcd/freebsd/jail/injail.pl
@@ -14,22 +14,32 @@ use Getopt::Std;
 # of /sbin/init, since killing the jail cleanly from outside the jail
 # turns out to be rather difficult, and doing it from inside is very easy!
 #
+# Note though, when the machine is shutdown we can cleanly send this
+# script a signal from mkjail. If reboot is used instead of shutdown,
+# the system broadcasts SIGTERM, and this script will catch that and
+# die. However, thats not good cause the caller (mkjail) wipes out the
+# jail when this script exits of its own accord. So, ignore TERM, and wait
+# for mkjail to send us a USR1, which means to exit.
+#
 my $DEFCONSIX = "/bin/sh /etc/rc";

 #
 # Catch TERM.
 # 
 sub handler () {
-    $SIG{TERM} = 'IGNORE';
+    $SIG{USR1} = 'IGNORE';
    system("kill -TERM -1");
    sleep(1);
    system("kill -KILL -1");
    exit(1);
 }
-$SIG{TERM} = \&handler;
+$SIG{TERM} = 'IGNORE';
+$SIG{USR1} = \&handler;

 my $childpid = fork();
 if (!$childpid) {
+    $SIG{TERM} = 'DEFAULT';
+    
    if (@ARGV) {
 	exec @ARGV;
    }

--- a/tmcd/freebsd/jail/mkjail.pl
+++ b/tmcd/freebsd/jail/mkjail.pl
@@ -241,9 +241,12 @@ else {

 #
 # If the jail has its own IP, must insert the control network alias.
+# We use a 255.255.255.255 netmask since there might be multiple
+# virtual nodes from the same subnet on this node. 
 #
 if (defined($IPALIAS)) {
-    mysystem("ifconfig `control_interface` alias $IPALIAS netmask $IPMASK");
+    mysystem("ifconfig `control_interface` alias $IPALIAS ".
+	     "netmask 255.255.255.255");
 }

 #
@@ -573,7 +576,6 @@ sub cleanmess($) {
    mysystem("rm -f  $path/root/$ETCDIR/cvsup.auth");
    mysystem("rm -rf $path/root/$ETCDIR/.cvsup");
    mysystem("rm -f  $path/root/$ETCDIR/master.passwd");
-    mysystem("rm -f  $path/root/$ETCDIR/bossnode");

    #
    # Copy in emulabman if it exists.
@@ -640,7 +642,7 @@ sub cleanup()
    }

    if (defined($jailpid)) {
-	kill('TERM', $jailpid);
+	kill('USR1', $jailpid);
 	waitpid($jailpid, 0);
    }

@@ -816,9 +818,6 @@ sub setjailoptions() {
 		    $routetabid   = getnextrtabid();
 		    $jailoptions .= " -r $routetabid";
 		}
-		else {
-		    $jailoptions .= " -o norouting";
-		}
 		last SWITCH;
 	    };
 	    /^DEVMEM$/ && do {
@@ -839,6 +838,10 @@ sub setjailoptions() {
 	    };
 	}
    }
+    #
+    # If there is no IP for the jail, must restrict the port range of
+    # it. Otherwise it has it own IP, and there is no need to.
+    # 
    if (! defined($IPALIAS)) {
 	if (defined($portrange)) {
 	    $jailoptions .= " -p $portrange";
@@ -878,9 +881,9 @@ sub addroutestorc($rc)
    open(RC, ">>$rc") or
 	fatal("Could not open $rc to append static routes");

-    my $routerip = `cat $BOOTDIR/routerip`;
+    my $routerip  = `cat $BOOTDIR/routerip`;
    chomp($routerip);
-    my $hostip   = `cat $BOOTDIR/myip`;
+    my $hostip    = `cat $BOOTDIR/myip`;
    chomp($hostip);

    #
@@ -891,8 +894,16 @@ sub addroutestorc($rc)
    print RC "route_lo0=\"localhost -interface lo0\"\n";
    print RC "route_host=\"$hostip localhost\"\n";
    if ($IP ne $hostip) {
-	print RC "static_routes=\"\$static_routes jailip\"\n";
-	print RC "route_jailip=\"$IP localhost\"\n";
+	# Setup a route for all jails on this node, to the loopback.
+	print RC "static_routes=\"\$static_routes jailnet\"\n";
+	print RC "route_jailnet=\"-net $IP -interface lo0 255.255.255.0\"\n";
+
+	# Need a route for the private network.
+	my $ctrliface = `control_interface`;
+	chomp($ctrliface);
+	
+	print RC "static_routes=\"\$static_routes privnet\"\n";
+	print RC "route_privnet=\"-net $IP -interface $ctrliface $IPMASK\"\n";
    }

    #

--- a/tmcd/freebsd/liblocsetup.pm
+++ b/tmcd/freebsd/liblocsetup.pm
@@ -82,15 +82,12 @@ my $SHELLS	= "/etc/shells";
 my $DEFSHELL	= "/bin/tcsh";

 #
-# OS dependent part of cleanup node state.
+# OS dependent part of cleanup node state. On a remote node, this will
+# only be called from inside a JAIL, or from the prepare script. 
 # 
 sub os_cleanup_node ($) {
    my ($scrub) = @_;

-    if (REMOTE() && !JAILED()) {
-	return 0;
-    }
-
    if (! $scrub) {
 	return 0;
    }

--- a/tmcd/freebsd/supfile.in
+++ b/tmcd/freebsd/supfile.in
 #
-# When the release is bumped, be sure to remove sup/sup/FBSD45-STD/checkouts
-# on the client.
+# Bump as needed.
 #
-FBSD47-STD base=@CLIENT_VARDIR@ prefix=/ preserve release=current
+FBSD47-STD base=@CLIENT_VARDIR@ prefix=/ preserve release=20030610
--- a/tmcd/freebsd/testbed.sh
+++ b/tmcd/freebsd/testbed.sh
 #!/bin/sh
 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2000-2002 University of Utah and the Flux Group.
+# Copyright (c) 2000-2003 University of Utah and the Flux Group.
 # All rights reserved.
 #
 . /etc/emulab/paths.sh
@@ -15,6 +15,8 @@ start)
 	$BINDIR/rc.testbed
 	;;
 stop)
+	# Foreground mode.
+	$BINDIR/bootvnodes -f -h
 	echo "Informing the testbed we're rebooting"
 	$BINDIR/tmcc state SHUTDOWN
 	;;

--- a/tmcd/linux/cvsup.auth
+++ b/tmcd/linux/cvsup.auth
 paper.emulab.net:root@any.emulab.net:NoStinkingPassword:
+boss.mini.emulab.net:root@any.mini.emulab.net:NoStinkingPassword:
--- a/tmcd/linux/prepare
+++ b/tmcd/linux/prepare
@@ -118,19 +118,21 @@ if ( -f "$LOGDIR/pacct" ) {
    unlink("$LOGDIR/pacct");
 }

-opendir(VARACCT,$VARACCTDIR) or
-    die("Could not open directory $VARACCTDIR: $!");
-
-while ($dirent = readdir(VARACCT)) {
-    my $file = $VARACCTDIR . "/" . $dirent;
-    if (-f $file) {
-	if ($file =~ /acct/) {
-	    unlink($file) or
-		die ("Could not unlink $file: $!");
+if (-d $VARACCTDIR) {
+    opendir(VARACCT,$VARACCTDIR) or
+	die("Could not open directory $VARACCTDIR: $!");
+
+    while ($dirent = readdir(VARACCT)) {
+	my $file = $VARACCTDIR . "/" . $dirent;
+	if (-f $file) {
+	    if ($file =~ /acct/) {
+		unlink($file) or
+		    die ("Could not unlink $file: $!");
+	    }
 	}
    }
+    closedir(VARACCT);
 }
-closedir(VARACCT);

 print "Removing root's history ...\n";
 if (-f $HISTORY) {

--- a/tmcd/linux/supfile.in
+++ b/tmcd/linux/supfile.in
 #
-# When the release is bumped, be sure to remove sup/sup/RHL71-STD/checkouts
-# on the client.
+# Bump as needed
 #
-RHL71-STD  base=@CLIENT_VARDIR@ prefix=/ preserve release=newclient
+RHL73-STD  base=@CLIENT_VARDIR@ prefix=/ preserve release=current
--- a/tmcd/ron/emulab.sh
+++ b/tmcd/ron/emulab.sh
 #!/bin/sh
 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2000-2002 University of Utah and the Flux Group.
+# Copyright (c) 2000-2003 University of Utah and the Flux Group.
 # All rights reserved.
 #
 . /etc/emulab/paths.sh
@@ -23,6 +23,7 @@ stop)
 restart)
 	if [ -f $BINDIR/emulabctl ]; then
 	    $BINDIR/emulabctl stop
+	    echo 'Sleeping a bit before restarting ...'
 	    sleep 10
 	    $BINDIR/emulabctl start
 	fi

--- a/tmcd/ron/emulabctl
+++ b/tmcd/ron/emulabctl
@@ -82,6 +82,7 @@ if ($action eq "stop") {
    if (! -e $pidfile) {
 	exit(0);
    }
+    system("bootvnodes -f -h");
    system("kill `cat $pidfile`");
    exit($? >> 8);
 }

--- a/tmcd/ron/prepare
+++ b/tmcd/ron/prepare
@@ -30,6 +30,8 @@ my $MOUNTINFO	= "/var/db/mounttab";
 my @ETCFILES    = ("rc.conf.local", "resolv.conf", "namedb/localhost.rev",
 		   "emulab.pkey", "emulab-hard.txt", "emulab-soft.txt");
 my $USERS	= "/users";
+my $SSHDIR	= "/etc/ssh";
+my @SSHFILES	= ("ssh_host_dsa_key", "ssh_host_rsa_key", "ssh_host_key");

 #
 # Turn off line buffering on output
@@ -171,6 +173,13 @@ if (-f $SFSHOSTKEY) {
    system("rm -f $SFSHOSTKEY");
 }

+print "Clearing ssh key files $SSHDIR ...\n";
+foreach my $file (@SSHFILES) {
+    if (-f "${SSHDIR}/$file") {
+	system("rm -f ${SSHDIR}/${file}");
+	system("rm -f ${SSHDIR}/${file}.pub");
+    }
+}

 print "Clearing out directories in $VARDIR ...\n";
 foreach my $dir (@VARDIRS) {
@@ -194,4 +203,3 @@ system("$BINDIR/mkemuman.sh");

 print "Clearing out old SFS links ... \n";
 system("rm -f /netbed/*");
-