Commit 58960470 authored by Leigh B. Stoller's avatar Leigh B. Stoller

A slew of changes for jails!

parent fdb9600a
......@@ -19,7 +19,7 @@ SUBDIR = tmcd/common
include $(OBJDIR)/Makeconf
all:
all: vnodesetup
include $(TESTBED_SRCDIR)/GNUmakerules
......
......@@ -18,10 +18,10 @@ use POSIX qw(strftime);
#
sub usage()
{
print "Usage: bootvnodes [-d] [-f]\n";
print "Usage: bootvnodes [-d] [-f] [-k | -h]\n";
exit(1);
}
my $optlist = "df";
my $optlist = "kdfh";
#
# Turn off line buffering on output
......@@ -42,6 +42,8 @@ my $logname = "$LOGDIR/bootvnodes.debug";
my $vndir = "/var/emulab/jails";
my $debug = 0;
my $daemon = 1;
my $killit = 0;
my $haltit = 0;
#
# Forward declarations for prototype checking
......@@ -62,6 +64,12 @@ if (defined($options{"d"})) {
if (defined($options{"f"})) {
$daemon = 0;
}
if (defined($options{"k"})) {
$killit = 1;
}
if (defined($options{"h"})) {
$haltit = 1;
}
if (@ARGV) {
usage();
}
......@@ -95,6 +103,28 @@ if ($daemon && TBBackGround($logname)) {
exit(0);
}
if ($killit | $haltit) {
my $opt = ($haltit ? "-h" : "-k");
my $act = ($haltit ? "Halting" : "Killing");
print "$act vnodes ... please be patient ...\n";
opendir(DIR, "/var/emulab/jails") or
die("Cannot opendir /var/emulab/jails: $!\n");
my @files = readdir(DIR);
closedir(DIR);
foreach my $file (@files) {
if ($file ne "." && $file ne ".." &&
$file =~ /^([-\w]*)$/) {
print "$act vnode $1 ...\n";
system("vnodesetup $opt $1");
}
}
exit(0);
}
my %curvnodelist;
my @vnodes;
......
......@@ -91,7 +91,7 @@ while (<CMD>) {
}
}
if (!defined(@agents) || !defined($login)) {
if (! @agents || !defined($login)) {
fatal(TMPROGAGENTS . " not in proper format!");
}
......
......@@ -23,15 +23,16 @@ BEGIN { require "/etc/emulab/paths.pm"; import emulabpaths; }
#
sub usage()
{
print "Usage: vnodesetup [-j [-s]] [-b | -k | -r] [-d] <vnodeid>\n".
print "Usage: vnodesetup [-j [-s]] [-b | -k | -r | -h] [-d] <vnodeid>\n".
"Use the -k option to kill the virtual node.\n";
exit(1);
}
my $optlist = "kbdjsr";
my $optlist = "kbdjsrh";
# Locals
my $killit = 0;
my $rebootit = 0;
my $haltit = 0;
my $debug = 0;
my $fromboot = 0;
my $dojail = 0;
......@@ -92,6 +93,9 @@ if (! getopts($optlist, \%options)) {
if (defined($options{"k"})) {
$killit = 1;
}
if (defined($options{"h"})) {
$haltit = 1;
}
if (defined($options{"r"})) {
$rebootit = 1;
}
......@@ -127,11 +131,9 @@ my $vnodedir = "/var/emulab/jails/$vnodeid";
my $logname = "$LOGDIR/tbvnode-${vnodeid}.log";
#
# If killing the virtual node, then kill the manager process. We use
# the negative signal number to send to the process group so that all
# stuff gets killed in one fell swoop.
# If killing/halting the virtual node, then kill the manager process.
#
if ($killit) {
if ($killit || $haltit) {
if (! -e $pidfile) {
die("*** $0:\n".
" No pid for $vnodeid manager!\n");
......@@ -183,9 +185,11 @@ if (!$debug && !$interactive && TBBackGround($logname)) {
}
#
# Change our process group since we are a daemon. Not usually important,
# but we get called from the watchdog, and we do not want to be in
# its process group, or it will die when we get killed.
# Change our process group since we are a daemon; we get called from
# the watchdog, and we do not want to be in its process group, or it
# will die when we get killed. In any event, by putting ourselves into
# another process group, we can more easily kill off all our decendents.
# when tearing down.
#
POSIX::setsid();
......@@ -251,7 +255,7 @@ if (! -e $vnodedir) {
# Inform the TMCD we are setting up.
#
REBOOT:
system("tmcc -n $vnodeid state REBOOTING");
system("tmcc -n $vnodeid state BOOTING");
system("tmcc -n $vnodeid state TBSETUP");
#
......@@ -274,15 +278,28 @@ if (!defined($pid)) {
$UID = 0;
#
# Okay, now startup the scripts.
# This stuff is done only when the node is not in a jail. The jail setup
# code does all this, so we avoid duplication of effort.
#
if (-e TMTUNNELCONFIG) {
print "Starting Tunnels ...\n";
TBForkCmd(TMTUNNELCONFIG);
sleep(5);
}
if (!$dojail) {
print STDOUT "Checking Testbed tunnel configuration ... \n";
dotunnels();
print STDOUT "Checking Testbed routing configuration ... \n";
dorouterconfig();
print STDOUT "Checking Testbed traffic generation configuration ...\n";
dotrafficconfig();
#
# Okay, now run startup the scripts
#
if (-e TMTUNNELCONFIG) {
print "Starting Tunnels ...\n";
TBForkCmd(TMTUNNELCONFIG);
sleep(5);
}
if (-e TMTRAFFICCONFIG) {
print "Starting Traffic Generators ...\n";
TBForkCmd(TMTRAFFICCONFIG);
......@@ -359,8 +376,10 @@ sub killvnode() {
die("*** $0:\n".
" Bad data in pid: $mpid!\n");
}
if (kill('USR1', $mpid) == 0) {
print"*** Could not kill(USR1) process $mpid: $!\n";
my $sigtosend = ($haltit ? 'TERM' : 'USR1');
if (kill($sigtosend, $mpid) == 0) {
print"*** Could not kill($sigtosend) process $mpid: $!\n";
return -1;
}
......@@ -368,11 +387,11 @@ sub killvnode() {
# Wait for the pidfile to be removed. Do not wait too long though.
#
for (my $i = 0; $i < 30;) {
sleep(5);
sleep(2);
if (! -e $pidfile) {
return 0;
}
$i += 5;
$i += 2;
}
print "*** Not able to kill running vnode manager process $mpid!\n";
return 0;
......
......@@ -112,6 +112,7 @@ script-install: dir-install
$(INSTALL) -m 755 $(SRCDIR)/cpuspeed.awk $(BINDIR)/cpuspeed.awk
$(INSTALL) -m 755 $(SRCDIR)/tbshutdown $(BINDIR)/tbshutdown
$(INSTALL) -m 755 $(SRCDIR)/delaysetup $(BINDIR)/delaysetup
$(INSTALL) -m 755 $(SRCDIR)/ifsetup $(BINDIR)/ifsetup
$(INSTALL) -m 755 $(SRCDIR)/control_interface \
$(BINDIR)/control_interface
$(INSTALL) -m 644 $(SRCDIR)/gated_fxp0.conf $(BINDIR)/gated_fxp0.conf
......@@ -137,15 +138,18 @@ jail-install: dir-install
$(INSTALL) -m 640 $(SRCDIR)/jail/master.passwd $(JAILDIR)/master.passwd
$(INSTALL) -m 755 $(SRCDIR)/jail/rc.conf $(JAILDIR)/rc.conf
$(INSTALL) -m 755 $(SRCDIR)/jail/rc.local $(JAILDIR)/rc.local
$(INSTALL) -m 755 $(SRCDIR)/jail/rc.injail $(BINDIR)/rc.injail
$(INSTALL) -m 755 $(SRCDIR)/jail/injail.pl $(JAILDIR)/injail.pl
$(INSTALL) -m 755 $(SRCDIR)/jail/crontab $(JAILDIR)/crontab
$(INSTALL) -m 755 $(SRCDIR)/jail/jaildog.pl $(BINDIR)/jaildog.pl
$(INSTALL) -m 755 $(SRCDIR)/jail/jailctl $(BINDIR)/jailctl
$(INSTALL) -m 755 $(SRCDIR)/jail/jailsetup $(BINDIR)/jailsetup
$(INSTALL) -m 755 $(SRCDIR)/jail/mkjail.pl $(BINDIR)/mkjail.pl
# Invoked from ../ron
remote-install: jail-install
$(INSTALL) -m 755 $(SRCDIR)/rc.ipod $(BINDIR)/rc.ipod
# Does tunnel stuff.
$(INSTALL) -m 755 $(SRCDIR)/ifsetup $(BINDIR)/ifsetup
$(INSTALL) -m 755 $(SRCDIR)/delaysetup $(BINDIR)/delaysetup
$(INSTALL) -m 755 $(SRCDIR)/liblocsetup.pm $(BINDIR)/liblocsetup.pm
# Invoked from ../ron
......
paper.emulab.net:root@any.emulab.net:NoStinkingPassword:
boss.mini.emulab.net:root@any.mini.emulab.net:NoStinkingPassword:
......@@ -384,7 +384,7 @@ sub LinkDelaySetup()
my @delays;
my $kernel;
my $checkreplace = 0;
my $gotjails = 0;
my $gotjails = (defined($vnodeid) ? 1 : 0);
my $upcmds = "";
my $downcmds = "";
......
......@@ -83,7 +83,9 @@ if (@ARGV) {
# Uninstall just looks for the file and runs it.
if ($uninstall) {
system("delaysetup -u " . (defined($vnodeid) ? "-j $vnodeid" : ""));
system("delaysetup -u " . (defined($vnodeid) ? "-j $vnodeid" : ""))
if (!REMOTE());
system(TMIFC . " disable")
if (-e TMIFC);
if (defined($vnodeid) && defined($rtabid)) {
......@@ -100,7 +102,8 @@ unlink TMIFC, TMROUTECONFIG, TMTUNNELCONFIG;
# is run via the ifconfig, so just need to run that one.
#
dotunnels($rtabid);
doifconfig($rtabid);
doifconfig($rtabid)
if (!REMOTE());
dorouterconfig($rtabid);
if (-e TMTUNNELCONFIG && $install) {
......@@ -118,6 +121,8 @@ if (-e TMIFC && $install) {
# Do the delaysetup stuff.
system("delaysetup ".
($install ? "-i " : "") .
(defined($vnodeid) ? "-j $vnodeid " : ""));
(defined($vnodeid) ? "-j $vnodeid " : ""))
if (!REMOTE());
exit(0);
......@@ -14,22 +14,32 @@ use Getopt::Std;
# of /sbin/init, since killing the jail cleanly from outside the jail
# turns out to be rather difficult, and doing it from inside is very easy!
#
# Note though, when the machine is shutdown we can cleanly send this
# script a signal from mkjail. If reboot is used instead of shutdown,
# the system broadcasts SIGTERM, and this script will catch that and
# die. However, thats not good cause the caller (mkjail) wipes out the
# jail when this script exits of its own accord. So, ignore TERM, and wait
# for mkjail to send us a USR1, which means to exit.
#
my $DEFCONSIX = "/bin/sh /etc/rc";
#
# Catch TERM.
#
sub handler () {
$SIG{TERM} = 'IGNORE';
$SIG{USR1} = 'IGNORE';
system("kill -TERM -1");
sleep(1);
system("kill -KILL -1");
exit(1);
}
$SIG{TERM} = \&handler;
$SIG{TERM} = 'IGNORE';
$SIG{USR1} = \&handler;
my $childpid = fork();
if (!$childpid) {
$SIG{TERM} = 'DEFAULT';
if (@ARGV) {
exec @ARGV;
}
......
......@@ -241,9 +241,12 @@ else {
#
# If the jail has its own IP, must insert the control network alias.
# We use a 255.255.255.255 netmask since there might be multiple
# virtual nodes from the same subnet on this node.
#
if (defined($IPALIAS)) {
mysystem("ifconfig `control_interface` alias $IPALIAS netmask $IPMASK");
mysystem("ifconfig `control_interface` alias $IPALIAS ".
"netmask 255.255.255.255");
}
#
......@@ -573,7 +576,6 @@ sub cleanmess($) {
mysystem("rm -f $path/root/$ETCDIR/cvsup.auth");
mysystem("rm -rf $path/root/$ETCDIR/.cvsup");
mysystem("rm -f $path/root/$ETCDIR/master.passwd");
mysystem("rm -f $path/root/$ETCDIR/bossnode");
#
# Copy in emulabman if it exists.
......@@ -640,7 +642,7 @@ sub cleanup()
}
if (defined($jailpid)) {
kill('TERM', $jailpid);
kill('USR1', $jailpid);
waitpid($jailpid, 0);
}
......@@ -816,9 +818,6 @@ sub setjailoptions() {
$routetabid = getnextrtabid();
$jailoptions .= " -r $routetabid";
}
else {
$jailoptions .= " -o norouting";
}
last SWITCH;
};
/^DEVMEM$/ && do {
......@@ -839,6 +838,10 @@ sub setjailoptions() {
};
}
}
#
# If there is no IP for the jail, must restrict the port range of
# it. Otherwise it has it own IP, and there is no need to.
#
if (! defined($IPALIAS)) {
if (defined($portrange)) {
$jailoptions .= " -p $portrange";
......@@ -878,9 +881,9 @@ sub addroutestorc($rc)
open(RC, ">>$rc") or
fatal("Could not open $rc to append static routes");
my $routerip = `cat $BOOTDIR/routerip`;
my $routerip = `cat $BOOTDIR/routerip`;
chomp($routerip);
my $hostip = `cat $BOOTDIR/myip`;
my $hostip = `cat $BOOTDIR/myip`;
chomp($hostip);
#
......@@ -891,8 +894,16 @@ sub addroutestorc($rc)
print RC "route_lo0=\"localhost -interface lo0\"\n";
print RC "route_host=\"$hostip localhost\"\n";
if ($IP ne $hostip) {
print RC "static_routes=\"\$static_routes jailip\"\n";
print RC "route_jailip=\"$IP localhost\"\n";
# Setup a route for all jails on this node, to the loopback.
print RC "static_routes=\"\$static_routes jailnet\"\n";
print RC "route_jailnet=\"-net $IP -interface lo0 255.255.255.0\"\n";
# Need a route for the private network.
my $ctrliface = `control_interface`;
chomp($ctrliface);
print RC "static_routes=\"\$static_routes privnet\"\n";
print RC "route_privnet=\"-net $IP -interface $ctrliface $IPMASK\"\n";
}
#
......
......@@ -82,15 +82,12 @@ my $SHELLS = "/etc/shells";
my $DEFSHELL = "/bin/tcsh";
#
# OS dependent part of cleanup node state.
# OS dependent part of cleanup node state. On a remote node, this will
# only be called from inside a JAIL, or from the prepare script.
#
sub os_cleanup_node ($) {
my ($scrub) = @_;
if (REMOTE() && !JAILED()) {
return 0;
}
if (! $scrub) {
return 0;
}
......
#
# When the release is bumped, be sure to remove sup/sup/FBSD45-STD/checkouts
# on the client.
# Bump as needed.
#
FBSD47-STD base=@CLIENT_VARDIR@ prefix=/ preserve release=current
FBSD47-STD base=@CLIENT_VARDIR@ prefix=/ preserve release=20030610
#!/bin/sh
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# All rights reserved.
#
. /etc/emulab/paths.sh
......@@ -15,6 +15,8 @@ start)
$BINDIR/rc.testbed
;;
stop)
# Foreground mode.
$BINDIR/bootvnodes -f -h
echo "Informing the testbed we're rebooting"
$BINDIR/tmcc state SHUTDOWN
;;
......
paper.emulab.net:root@any.emulab.net:NoStinkingPassword:
boss.mini.emulab.net:root@any.mini.emulab.net:NoStinkingPassword:
......@@ -118,19 +118,21 @@ if ( -f "$LOGDIR/pacct" ) {
unlink("$LOGDIR/pacct");
}
opendir(VARACCT,$VARACCTDIR) or
die("Could not open directory $VARACCTDIR: $!");
while ($dirent = readdir(VARACCT)) {
my $file = $VARACCTDIR . "/" . $dirent;
if (-f $file) {
if ($file =~ /acct/) {
unlink($file) or
die ("Could not unlink $file: $!");
if (-d $VARACCTDIR) {
opendir(VARACCT,$VARACCTDIR) or
die("Could not open directory $VARACCTDIR: $!");
while ($dirent = readdir(VARACCT)) {
my $file = $VARACCTDIR . "/" . $dirent;
if (-f $file) {
if ($file =~ /acct/) {
unlink($file) or
die ("Could not unlink $file: $!");
}
}
}
closedir(VARACCT);
}
closedir(VARACCT);
print "Removing root's history ...\n";
if (-f $HISTORY) {
......
#
# When the release is bumped, be sure to remove sup/sup/RHL71-STD/checkouts
# on the client.
# Bump as needed
#
RHL71-STD base=@CLIENT_VARDIR@ prefix=/ preserve release=newclient
RHL73-STD base=@CLIENT_VARDIR@ prefix=/ preserve release=current
#!/bin/sh
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# All rights reserved.
#
. /etc/emulab/paths.sh
......@@ -23,6 +23,7 @@ stop)
restart)
if [ -f $BINDIR/emulabctl ]; then
$BINDIR/emulabctl stop
echo 'Sleeping a bit before restarting ...'
sleep 10
$BINDIR/emulabctl start
fi
......
......@@ -82,6 +82,7 @@ if ($action eq "stop") {
if (! -e $pidfile) {
exit(0);
}
system("bootvnodes -f -h");
system("kill `cat $pidfile`");
exit($? >> 8);
}
......
......@@ -30,6 +30,8 @@ my $MOUNTINFO = "/var/db/mounttab";
my @ETCFILES = ("rc.conf.local", "resolv.conf", "namedb/localhost.rev",
"emulab.pkey", "emulab-hard.txt", "emulab-soft.txt");
my $USERS = "/users";
my $SSHDIR = "/etc/ssh";
my @SSHFILES = ("ssh_host_dsa_key", "ssh_host_rsa_key", "ssh_host_key");
#
# Turn off line buffering on output
......@@ -171,6 +173,13 @@ if (-f $SFSHOSTKEY) {
system("rm -f $SFSHOSTKEY");
}
print "Clearing ssh key files $SSHDIR ...\n";
foreach my $file (@SSHFILES) {
if (-f "${SSHDIR}/$file") {
system("rm -f ${SSHDIR}/${file}");
system("rm -f ${SSHDIR}/${file}.pub");
}
}
print "Clearing out directories in $VARDIR ...\n";
foreach my $dir (@VARDIRS) {
......@@ -194,4 +203,3 @@ system("$BINDIR/mkemuman.sh");
print "Clearing out old SFS links ... \n";
system("rm -f /netbed/*");
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment