1. 02 Dec, 2011 3 commits
    • Leigh B Stoller's avatar
      When PROTOGENI is defined, look for an out of sync protogeni/rspec-geni, · 64b7a579
      Leigh B Stoller authored
      which is a submodule. Bail if out of sync.
      
      This will most certainly annoy Jon, but everyone else should always be
      running in sync.
      64b7a579
    • Leigh B Stoller's avatar
      Minor changes so that we can allow the subos map to be used for · fb5fb526
      Leigh B Stoller authored
      determining the jailosid for "static" images like OPENVZ-STD. For
      example:
      
      	tb-set-hardware $n1 d710-vm
      	tb-set-node-os $n1 OPENVZ-STD FEDORA15-64-OVZ-STD
      
      The main point is that OPENVZ-STD is a placeholder with no associated
      image. It exists to tell the mapper and osload what to do. This is
      accomplished with nextosid. The new approach makes things consistent
      with subos stuff.
      fb5fb526
    • Leigh B Stoller's avatar
      Changes to allow new users to request their encrypted SSL certificate · 8def7e94
      Leigh B Stoller authored
      on the join/start project pages. At the moment this is conditional
      under the PROTOGENI flag, since users on non-protogeni sites rarely
      need an encrypted SSL certificate. The initial passphrase has to be
      store someplace since we cannot built the certificate until the user
      is approved, so put it into the users table, and delete when the first
      certificate is built (at approval).
      8def7e94
  2. 01 Dec, 2011 2 commits
  3. 30 Nov, 2011 7 commits
  4. 29 Nov, 2011 5 commits
    • Leigh B Stoller's avatar
    • Leigh B Stoller's avatar
      Fix bug that was causing reserved vlantags to be left behind, causing · 235db86c
      Leigh B Stoller authored
      snmmpit to fail at seemingly random times. Also add an update script
      to delete the stale tags.
      235db86c
    • David Johnson's avatar
      Support using Linux netem modules for delay and loss shaping. · 35f1deaa
      David Johnson authored
      ... instead of using our custom kernel modules.  I got tired of
      pulling our patches forward and adapting to the packet sched API
      changes in the kernel!  netem is more advanced than our stuff,
      anyway, and should do a fine job.
      35f1deaa
    • David Johnson's avatar
      Lots of changes: debug; macvlans; details below. · fdf97b51
      David Johnson authored
      I added debug options for each LVM and vzctl call; you can toggle it
      on by touching /vz/.lvmdebug, /vz.save/.lvmdebug, /.lvmdebug, and
      /vz/.vzdebug, /vz.save/.vzdebug, /.vzdebug.  I also added dates to
      debug timestamps for debugging longer-term shared node problems.
      
      I added support for using macvlan devices instead of openvz veths
      for experiment interfaces.  Basically, you can add macvlan devices
      atop any other ethernet device to "virtualize" it using fake mac
      addresses.  We use them like this: if the virtual link/lan needs to
      leave the vhost on a phys device or vlan device, we attach the macvlan
      devices to the appropriate real device.  If the virtlan is completely
      internal to the vhost, we create a dummy ethernet device and attach
      the macvlan devices to that.
      
      The difference between macvlan devices and veths is that macvlan
      devices are created only in the root context, and are moved into
      the container context when the vnodes boot.  There is no "root
      context" half -- the device is fully in the container's network
      namespace.  BUT, the underlying device is in the root network
      namespace.
      
      We use macvlans in "bridge" mode, so that when one macvlan device sends
      a packet, the device driver checks any other macvlan devices attached
      to the underlying physical, vlan, or dummy device, and delivers the packet
      accordingly.  The difference between this fake bridge and a real bridge
      is that the macvlan driver knows the mac of each attached interface,
      and does not have to do any learning whatsoever.  I haven't looked at
      the code, but it should be a very, very simple, fast, and zero-copy
      transmit from one macvlan device onto another.
      
      This is essentially the same as the planetlab shortbridge, but since
      I haven't looked at the code, I can't say that there aren't more
      opportunities to optimize.  Still, this should hopefully be faster
      than openvz veths.
      
      Oh, and I also added support for using Linux tc's netem modules
      for doing delay and loss shaping, instead of using our custom
      kernel modules.  I got tired of pulling our patches forward and
      adapting to the packet sched API changes in the kernel!  netem is
      more advanced than our stuff, anyway, and should do a fine job.
      fdf97b51
    • David Johnson's avatar
      07f685b3
  5. 28 Nov, 2011 12 commits
  6. 21 Nov, 2011 6 commits
  7. 19 Nov, 2011 3 commits
  8. 17 Nov, 2011 2 commits