GitLab

Until it is fully converted to using the Node object, stated is going to need
to use this method since it still does a lot of direct updates to the DB.

overriding the one we really wanted, which went to the DB. Several
hours wasted.

of your own images or anyone else from your SA. Or if your are local
admin, anyone at all. Returns a list of hashes:

[{'url': 'https://www.emulab.net/dev/stoller/image_metadata.php?uuid=d29a5bf0-b0c6-11e1-a37b-001143e453fe',
  'urn': 'urn:publicid:IDN+emulab.net+image+emulab-net:booboo'
 },
 {'url': 'https://www.emulab.net/dev/stoller/image_metadata.php?uuid=456df426-1990-11e2-9f72-001143e453fe',
  'urn': 'urn:publicid:IDN+emulab.net+image+emulab-net:lbsimage'
 },
]

Then you can use the URN to delete your images!

the metadata even if there is nothing in the logfile. Mostly so that
the URL link works and we can get the header info if needed.

Also add slice_urn and slice_idx to the metadata so we find all the
logs associated with a slice.

Fixes.

New Store() method will gzip and move the file from current location
to long term storage, and update the DB row to reflect the change.
Change spewlogfile to handle these compressed files. Also added a
"public" flag that says a log file can be requested by an anonymous
user that knows the logid (md5 of bits). Change spewlogfile to allow
anonymous requests.

Add logfile_metadata to hold key,value pairs associated with a
logfile, eventually for search but initially to include when returning
the contents of a logfile via spewlogfile.

in the pipe. When invoked from the web interface STDERR has
been redirected to the apache log file, and if we do not reset
it, error output land there instead of in the pipe we just opened.

so that it can be called from the PG code.

update-install cause Node is used before code install.

swap in yet:

set client [$ns node]
tb-set-node-os $client FEDORA15-STD

set d1 [$ns blockstore]
$d1 set-class "SAN"
$d1 set-protocol "iSCSI"
$d1 set-size 2GB

set san [$ns duplex-link $client $d1 10Kbps 0ms DropTail]

project/group membership. Confirm this with a confirm page. This
will solve the problem of adding a brand new user to an admins only
project, before they are an admin.

when we clean (delete) all the log files .

members list of vlans table does not get messed up.

swapmod to leave behind vlans on the switch. As a side effect,
add a "class" field to the vlans table so that we can determine if a
stale vlan is a control or experimental vlan (since we now support
building experimental vlans on the control stack, so the stack no
longer tells us what kind of vlan it is).

so that we can do post-mortem debugging. I'm adding this so I can
track down the current snmpit failures, but might useful later too.

Sadly, mysql dump files have no table metadata so once the schema
changes, these files will become less useful if we ever want to load
them into a running DB. It would be nie to dump them in a format that
allows this, but will be a bunch more work.

Also fix typo in BlockstoreType.pm

Clean up the web page a bit, and add a checkbox to retain
the image file in case the user wants to keep it around,
but delete the descriptor (perhaps to recreate it).

Special DHCP options only apply to inner nodes, not inner boss/ops or
a boss/ops virtnode host.

has been reached. The expt_swapped slot of the experiments table is
also updated on swapmod, so some experiments get more time then they
are supposed to.

just untag it. The fact that the node is going back into the free pool
means that the port should not be tagged, so just do it. If anyone
believes different, speak up!

Also, add verbose mode and log to /var/emulab/logs/fixarpinfo.log so we
can track what changes.

It works like this. Certain nodes that are on the node control net
(right now just subbosses, but ops coming soon) can set static ARP entries
for the nodes they serve. This raises the bar for (but does not eliminate
the possibility of) nodes spoofing servers. Currently this is only for
FreeBSD.

When such a server boots, it will early on run /etc/rc.d/arplock.sh
which will in turn run /usr/local/etc/emulab/fixarpinfo. fixarpinfo
asks boss via an SSL tmcc call for "arpinfo" (using SSL ensures that the
info coming back is really from boss). Tmcd on boss returns such arpinfo
as appropriate for the node (subboss, ops, fs, etc.) along with the type
of lockdown being done. The script uses this info to update the ARP
cache on the machine, adding, removing, or making permanent entries
as appropriate.

fixarpinfo is intended to be called not just at boot, but also whenever
we might need to update the ARP info on a server. The only other use right
now is in subboss_dhcpd_makeconf which is called whenever DHCP info may
need to be changed on a subboss (we hook this because a call to this script
might also indicate a change in the set of nodes served by the subboss).
In the future, fixarpinfo might be called from the newnode path (for ops/fs,
when a node is added to the testbed), the deletenode path, or maybe from
the watchdog (if we started locking down arp entries on experiment nodes)

The type of the lockdown is controlled by a sitevar on boss,
general/arplockdown, which can be set to 'none', 'static' or 'staticonly'.
'none' means do nothing, 'static' means just create static arp entries
for the given nodes but continue to dynamically arp for others, and
'staticonly' means use only this set of static arp entries and disable
dynamic arp on the control net interface. The last implies that the server
will only be able to talk to the set of nodes for which it got ARP info.

As mentioned, tmcd is responsible for returning the correct set of arp
info for a given request. The logic currently is:

 * Only return ARP info to nodes which are on the CONTROL_NETWORK.
   If the requester is elsewhere (e.g., Utah's boss and ops are currently
   segregated on different IP subnets) then this whole infrastructure
   does not apply and nothing is returned.

 * If the requester is a subboss, return info for all other servers that
   are on the node control network as well as for the set of nodes
   which the subboss serves.

 * If the requester is an ops or fs node, again return info for all
   other servers and info for all testnodes or virtnodes whose control
   net IP is on the node control net.

 * Otherwise, return nothing.

One final note is that the ARP info for servers such as boss/ops/fs or
the gateway router is not readily available in most Emulab instances
since those machines are not in the DB nodes or interfaces tables.
Eventually we will fix that, but for now the info must come from new
site variables. To help initially populate those variables, I added
the utils/update_sitevars script which attempts to determine which
servers are on the node control net and gathers the appropriate IP and
MAC info from them.

Yucky stuff to create parent host objects for blockstores on the
fly, and to insert these hosts into lans when the blockstore shows up in
lan member lists.

Add "best effort" symbol ("~") to parser for bandwidth spec.

Also adjust the copyright dates on new files.