Is controlled by a new configure variable called TIMESTAMPS - if this
variable is set, prints out a timestamp, along with its arguments (so
that you can distinguish between the timesteamps.) Otherwise, does
nothing. The basic idea is that we can sprinkle calls to this in the
code, and only enable it on devel trees.

Added new vis tools.
(we should remove the old ones soon)

parser runs. The staticroutes script is a wrapper for Chad's route
solver. The network optimization is currently turned off; use -t to
turn it on, until I know if its correct.

Note that Chad gets credit for routecalc.cc; I'm just committing the
file for him, with a couple of trivial changes that I made.

remote node. Called out of os_setup and tbswapout (-k option to tear
down the vnodes). Invokes the proper script on the remote node, with
the vnodeid (vronXXX) as the key (which is passed along in tmcc to
distinguish vnodes from each other).

Also included here is my defs.

the vlans table to determine how much of the trunk bandwidth is
currently 'reserved', and subtracts that from the trunk bandwidth
reported in the output.

This feature is disabled by default. However, you can enable it by
putting the line
TRACK_INTERSWITCH_BANDWIDTH=1
in your defs file.

by smarter brains by me (I have asked Dave to look it over). Anyway ...

I added a top level ssl directory which has a bunch of goo for
creating certificates and keys.  I currently create a Certificate
Authority, a server certificate, and a client certificate. The private
keys for all three are unencrypted, so no password is required. All
key/cert combos can be installed on boss. The client side needs the
key/cert pair (in one file), and the CA cert (no key!). There are
install targets to do this. NOTE, you do not want to create/install
these without being careful, since you could instantly invalidate all
the clients!

I have added the necessary SSL routines to tmcd/tmcc. See the ssl.c
and ssl.h file. I have set it up so that with all you need to do is
uncomment three lines in the makefile, and accept,connect,read,write,
and close are redirected to SSL'ified versions in ssl.c. The current
security model is that the client and server both "demand" certificate
verification from the other side (as opposed to just server side
verification). tmcd reads in server.pem, while tmcc reads in
client.pem. Both read in the emulab.pem (CA cert with no private
key).

Initial testing indicates I have done this at least partially
correctly. Whoever invented this stuff has a really twisted mind
though. There are some questions at the top of ssl.c that need to be
answered.

Oh, also redid all the syslog stuff throughout tmcd.

experiment log file to the user as it gets generated. The web page
does not redraw, it just never exits until the backend sees that the
experiement transition is done, and then it exists, which terminates
the script. I added a DB field to hold the logfile name and some
routines in libdb, with the idea that this might be more generally
useful at some point. Next time you create an experiment, look for the
last sentence, and click on "realtime".

basically work like the libdb.pm functions of the same name (and in
fact much of the code was stolen from there.)

Provides a simple single function call to send events. Intended for
use in scripts whose primary purpose is _not_ to interface with the
event system, like power and node_reboot. If more control/efficiency
is required (for example, these functions reconnect to the event
system every time they're called) , it's better to use the C-like API.

Example call:
EventSendFatal(objtype   => "TBEXAMPLE",
               eventtype => $ARGV[0],
               host      => "*" );

* tmcd/ron: A new directory of client code, based on the freebsd
  client code, but scaled back to the bare minimum. Does only account
  and group file maintenance. I redid the account stuff so that only
  emulab accounts are operated on. Does not require a stub file, but
  instead keeps a couple of local dbm files recording what groups and
  accounts were added by Emulab. There is a ton of paranoia checking
  to make sure that local accounts are not touched.

  The update script that runs on the client node detaches so that the
  ssh from boss returns immediately. update can also be run from the
  node periodically and at boottime. The script is installed setuid
  root, but checks to make sure that *only* root or "emulabman" has
  invoked it.

* utils/sshremote: New file. For remote nodes, instead of using sshtb,
  use sshremote, which ssh's in as "emulabman", which needs to be a
  local non-root user, but with an authorized_keys file containing
  boss' public key.

* web interface changes: Allow user to specify his own public key in
  addition to the emulab key.

  Add option in showexp page to update accounts on nodes in the
  experiment. I was originally intending to do this from approveuser,
  but this was easier and faster. I will add an option to do it on the
  approveuser page later.

* libdb.pm: Add a TBIsNodeRemote() query to see if a node is in the
  local testbed or a pcRemote node. Currently, this test is hardwired
  to a check for class=pcRemote, but this will need to change to a
  node_types property at some point.

* node_update: Reorg so that there is a maximum number of children
  created. Previously, a child was forked for each node, but that
  could chew up too many processes, especially for remote nodes which
  might hang up. For the same reason, we need to "lock" the experiment
  so that it cannot be terminated while a node_update is in progress.
  Might be to relax that, but this was easy for now. Also add
  distinction between local and remote, since for remote we use
  sshremote insted of sshtb. Various cleanup stuff

* mkacct; When generating a new account, include user supplied pub key
  in the authorized keys file, in addition to the eumlab generated
  key. Both keys are stored in the DB in the users table. Anytime we
  update an account, get a fresh copy of the emulab pub key, in case
  user changes it.

Watches for events sent by TMCD regarding the state of nodes. Records
this information in the database. Also watches for nodes that undergo
invalid state transitions, or stay in the same state for too long.
Right now, the only action it takes is to send email, but in the
future, will take action to 'unstick' nodes.

Not yet installed by default.

and reponds to PROGRAM events. Currently, just start and stop. Start
takes a COMMAND= argument, and allows arbitrary command lines since I
pass the whole thing off to the shell. Caveat; the agent runs as root
and starts the program as root. You can has as many program objects in
your NS file as you like, but each one can be started once; you have
to either stop or wait for the old one to finish before trying to
start again.

remove the originals, so that we can run the files through configure.

NOTE: I wanted to keep the RCS history intact so I went over to the
CVS directory on moab and copied the ,v file to the new names, and
then did a normal cvs remove the originals. This keeps the RCS history
going without screwing up anyone. Not a recommended approach, but what
the hell.

Usage: portstats <pid> <eid> [vname ...] [vname:port ...]

If only pid and eid are given, prints out information about all
ports in the experiment. Otherwise, output is limited to the
nodes and/or ports given.

matches the one in the checked-out source.

This now gets called as part of the 'boss-install' target, to guard
against installing software that is out-of-sync with the running
database. It is skipped if @prefix@ is not /usr/testbed, to avoid
getting in the way of development.

If you want to bypass this check, use the 'boss-install-force' target.
Use of this, however, is not recommended.

Got new visualization integrated...
Put .png files for icons in www/ (both src and build trees)
..those should probably be somewhere else eventually (at least in a subdir of www),
but they're happy there for now.

assign binary. Change name to --with-assignbinary as per Jay request.

and causes the assign Makefile to copy in the binary instead of trying
to build it. You can specify --with-assign=/path/to/assign, but if
left out defaults to "assign.bin" in the assign directory so that we
can stick the binary into the distribution easily.

variable, which is now references in the toplevel GNUmakefile.in file.

scheme that we discussed in email. Notifications and subscriptions now
take an "address_tuple" argument (I know, crappy name) that is a
structure that looks like this:

	char		*site;		/* Which Emulab site. God only */
	char		*expt;		/* Project and experiment IDs */
	char		*group;		/* User defined group of nodes */
	char		*host;		/* A specific host */
	char		*objtype;	/* LINK, TRAFGEN, etc ... */
        char		*objname;	/* link0, cbr0, cbr1, etc ... */
        char		*eventtype;	/* START, STOP, UP, DOWN, etc ... */

These can be a specific value, ADDRESSTUPLE_ANY if you are a
subscriber, or ADDRESSTUPLE_ALL if you are a producer. The reason for
the distinction is that you can optimize the match expression with the
extra bit of information, and the above structure can make for a
fairly lengthy match expression, which takes more time of course.
You should use address_tuple_alloc() and address_tuple_free() rather
than allocating them yourself. Note that host above is actually the
ipaddr of control interface. This turns out to be more convenient
since free nodes do not have virtual names.

Also added a new tbgen directly. This directory includes 3 programs in
the making:

tbmevd: Is the Testbed Master Event Daemon, to be run on boss and will
handle TBCONTROL events (reboot, reload, etc). It is just a shell of a
program right now, that takes the events but does not do anything
useful with them. Have not defined what the events are, and what DB
state will be modified.

tbmevc: Is the Testbed Master Event Client (akin to tmcc). It
generates TBCONTROL events which the tbmevd will pick up and do
something useful with. This program is intended to be wrapped by a
perl script that will ask the tmcd for the name of the boss (running
the event daemon).

sample-client: This is a little client to demonstrate how to connect
to the event system and use the address tuple to subscribe to events,
and then how to get information out of notifications.

Note that I have not created a proper build environment yet, so new
programs should probably go in the event dir for now, and link using
the same approach as in tbgen/GNUmakefile.in.

all put together. Use --enable-events.

Also several changes for building on FreeBSD. I've left the older
Makefiles in place so Ian can continue to build in his environmant
(Linux?).

an infinite loop rather easily via the NS file TCL hooks. Added a
perl wrapper around parse.tcl called parse-ns, which forks a child to
run the parser. The parser is invoked "nice +10" and the CPU limit for
the child is set to 60 seconds, which should be enough for any parse.
If the limit is exceeded, send email to tbops since this indicates a
big problem or a user being dumb/malicious.

line in all email from the system. Remove all of the TESTBED: tags
and modify the email function in the web server and perl library to
prepend @DOMAIN@: to the message.

whatever other maintenance is required.

very useful by itself anyway.

supporting autocreating and autoloading images. The imageid form now
sports a field to specify a nodeid to create the image from; If set,
the backend create_image script is invoked. Thats the easy part.
Slightly harder is autoloading images based on the osid specified in
the NS file. To support this, I have added a new DB table called
osidtoimageid, which holds the mapping from osid/pctype to imageid.
When users create images, they must specify what node types that image
is good for. Obviously, the mappings have to be unique or it would be
impossible to figure it out! Anyway, once that image mapping is
in place and the image created, the user can specify that ID in the NS
file. I've changed os_setup to to look for IDs that are not loaded,
and to try and find one in the osidtoimageid. If found, it invokes
os_load. To keep things running in parallel as much as possible,
os_setup issues all the loads/reboots (could be more than a single set
of loads is multiple IDs are in the NS file) at once, and waits for
all the children to exit. I've hacked up os_load a bit to try and be
more robust in the face of PXE failures, which still happen and are
rather troublsesome. Need an event system!

Contained in this revision are unrelated changed to make the OS and
Image IDs per-project unique instead of globally unique, since thats a
pain for the users. This turns out to be very messy, since underneath
we do not want to pass around pid/ID in all the various places its
used. Rather, I create a globally unique name and extened the OS and
Image tables to include pid/name/ID. The user selects pid/name, and I
create the globally unique ID. For the most part this is invisible
throughout the system, except where we interface with the user, say in
the web pages; the user should see his chosen name where possible, and
the should invoke scripts (os_load, create_image, etc) using his/her
name not the internal ID. Also, in the front end the NS file should
use the user name not the ID. All in all, this accounted for a number
of annoying changes and some special cases that are unavoidable.

A simple little script to find links/lans that cross between switches,
and print them out (including which switches they use, and how many
members they have on each switch.)

Right now, it loads foreign key information from the foreign_keys
table of the database, and prints out information on rows that fail
the consistency checks.

The plan is that it will eventually check more things, such as the
existence of files references in the database.

fact is defaulted in configure.in but can be overridden in the defs
file. Changed the one perl script that had a hardwired flux group. The
other dozen or so uses are in the web page code. I'll do those next.

genelists and move to defs file (default and mini). If not specified,
defaults back to whatever TBOPSEMAIL is.

it is converted into a proper config.h file in the object directory.
Look for AC_DEFINE_UNQUOTED in configure.in. This removes some of the
headache of defining variables for C code in the makefiles. Be sure
sure to add -I.. to CFLAGS and include "config.h" in your source code.

and ops email address.