1. 04 Dec, 2008 1 commit
  2. 17 Nov, 2008 1 commit
    • Leigh B. Stoller's avatar
      Minor changes to user certs to support certificate revocation lists · 4809cd65
      Leigh B. Stoller authored
      in the protogeni code. We no longer save the unencrypted certs after
      they are revoked, since protogeni will ignore them. I redid the the
      DB table as well, adding a revoked stamp, and the DN so that we can
      generate the CRL list from the DB directly, without having to run them
      all through openssl.
      This commit requires all certs to be regenerated, and the ssl xmlrpc
      server to be restarted.
  3. 20 Oct, 2008 1 commit
  4. 17 Oct, 2008 1 commit
  5. 28 Aug, 2008 1 commit
  6. 19 Aug, 2008 1 commit
  7. 16 Jul, 2008 1 commit
  8. 10 Jul, 2008 2 commits
  9. 11 Jun, 2008 2 commits
  10. 03 Jun, 2008 1 commit
  11. 30 May, 2008 1 commit
  12. 20 May, 2008 1 commit
  13. 19 May, 2008 1 commit
  14. 13 May, 2008 1 commit
  15. 12 May, 2008 1 commit
  16. 17 Apr, 2008 3 commits
  17. 24 Mar, 2008 1 commit
  18. 21 Feb, 2008 1 commit
  19. 11 Feb, 2008 2 commits
  20. 09 Feb, 2008 1 commit
  21. 14 Jan, 2008 1 commit
  22. 10 Jan, 2008 2 commits
  23. 20 Dec, 2007 1 commit
  24. 26 Nov, 2007 2 commits
  25. 06 Nov, 2007 1 commit
    • Leigh B. Stoller's avatar
      This started out as a simple change to turn the datastore into a CVS · c1cff09b
      Leigh B. Stoller authored
      sandbox, and that I did. It falls back to the older archive when
      the template is older then CVS repos.
      But along the way I got annoyed with the fact that template instantiation
      does not provide a logfile to the web interface. The reason is that
      the current logfile stuff is very experiment centric; there has to be an
      experiment and an attached logfile. An instance does not have an experiment
      until really late in the game so the code was just not bothering.
      Anyway, I've started to generalize the logfile stuff with a new table
      and the approach that a logfile is named by a random key, and if you
      know the key you can look at the logfile in the web (since without an
      experiment it is hard to do permission checks unless we make logfiles
      uid/gid owned, and I did not want to do that.
  26. 17 Oct, 2007 1 commit
  27. 21 Aug, 2007 1 commit
    • Leigh B. Stoller's avatar
      Another round of widearea node hacking for CMU. These changes add · 99346dc0
      Leigh B. Stoller authored
      widearea reloading support.
      * New slot in the images table to store an access key which remote
        sites must provide in order to download an image (via https).
      * tmcd returns a different kind of ADDRESS field from doloadinfo.
        Instead of the multicast stuff, return a URL that points to boss'
        web server. The URL is of the form:
        which as you can see is fully specified; the client does not need
        to know anything else.
      * New webpage and backend scripts appropriately called "spewimage"
        which also includes support for the http HEAD request (from wget) to
        avoid downloading images that are already on the node. I just
        learned about this HEAD request stuff today ... but otherwise these
        operate as expected, spewing the image if the access key is provided.
      * Changes to rc.frisbee to deal with remote loading. In addition to
        URL support, I also added support for simple paths, the intent being
        that we will probably distribute images offline (say, at night) so
        that when a node reboots it doesn't actually have to wait 60 minutes
        for an image to download. I have not added any server side support
        for this yet though. Maybe later this week.
      * Other bits and pieces and fixes to make this work.
  28. 16 Aug, 2007 1 commit
    • Leigh B. Stoller's avatar
      Add IP and privkey slots (key INDEX slots) to widearea_nodeinfo table. · 0fe9fe1a
      Leigh B. Stoller authored
      This will superceed the widearea_privkeys table that was used for
      RON/Netbed but was never done well.
      The privkey is just something we generate and store on the dongle (as
      a simplification, we just create a dongle per node instead of
      generating them on the fly) since there are not very many of these
      widearea (CMU) nodes. We store the IP here for convenience (there is
      an interfaces table entry of course).
      The IP is updated when the node tells us it has changed, using the
      privkey to uniquely identify it (for checkin).
  29. 31 Jul, 2007 1 commit
  30. 27 Jul, 2007 2 commits
    • Leigh B. Stoller's avatar
      Minor fix to previous revision. · 438ccf09
      Leigh B. Stoller authored
    • Leigh B. Stoller's avatar
      * Add new tables to store NS files (and any files they source) in the · f8333ef2
      Leigh B. Stoller authored
        DB alongside the resource records. Previously, we stored only the
        nsfiles for current experiments, and purged them when the experiment
        was terminated. The new approach saves them forever using the resource
        record ID. Note that we do not store copies of NS files, but reference
        them indirectly instead so that we can MD5 them and avoid the dups.
        I put a "compressed" bit into the table cause at some point we will
        start compressing the data before storing them into the DB. Or maybe
        we bag this and start using GFS!
        Also note that this addresses the problem of losing the NS file
        history when using swapmod, since the NS file is overwritten.
      * Add a pmapping table stores the nodes (and their types) used by an
        experiment. This data is also saved forever, alongside the resource
        records, so that we can more accurately replay an experiment. As Rob
        points out, the node names can also be used in conjunction with the
        ptop files that are saved, to get a 100% accurate remap of resources.
  31. 26 Jul, 2007 1 commit
  32. 12 Jul, 2007 1 commit