1. 27 Aug, 2013 1 commit
  2. 22 Aug, 2013 2 commits
  3. 20 Aug, 2013 1 commit
  4. 19 Aug, 2013 3 commits
  5. 15 Aug, 2013 6 commits
    • Leigh B Stoller's avatar
    • Leigh B Stoller's avatar
    • Leigh B Stoller's avatar
      Minor debugging change. · b3c13417
      Leigh B Stoller authored
    • Leigh B Stoller's avatar
      Turn off actual norenew until the 30th. · fc0b3ae9
      Leigh B Stoller authored
    • Leigh B Stoller's avatar
      Minor bug fix. · 5b15bc8b
      Leigh B Stoller authored
    • Leigh B Stoller's avatar
      Changes to idle handling in ProtoGeni slivers · ec076c05
      Leigh B Stoller authored
      When a new sliver is created, they are given a relatively short
      lifetime. This is the value of protogeni/initial_sliver_lifetime and
      defaults to six hours.
      A user may renew a sliver for up to the number of days in
      protogeni/max_sliver_lifetime (defaults to 90 days), except in Utah
      where it is 5 days (Emulab, Utah Rack, Utah DDC Rack).
      The CM daemon idle code looks for idle slivers. An idle sliver is one
      in which 50% of the physical nodes have been idle for three hours.
      (protogeni/idlecheck_threshold). At this point an email message is
      sent to the sliver creator.
      If the sitevar protogeni/idlecheck_norenew is set, then the email
      threatens to mark the sliver as unrenewable if it stays idle. Then, at
      2 * protogeni/idlecheck_threshold, if the sliver is still idle, the
      sliver is marked as unrenewable. No matter what the user does at this
      point, he will not be able to renew the sliver and it will expire out
      If protogeni/idlecheck_norenew is no set, behaviour remains as it is
      now; a followup message is sent every 24 hours.
      There is a new backend script called "setexpiration" that allows an
      aggregate admin person to override the settings on a per-slice basis
      so that users who have a need for a long running sliver do not have to
      continually renew and/or bypas the max_sliver_lifetime setting. For
      boss> wap setexpiration -e YYYY-MM-DD mysliceurn
      will extend the termination date to the given date. To restore the
      default behavour:
      boss> wap setexpiration -E mysliceurn
      Note that idle checks are still made. To turn off idle checks for
      a slice:
      boss> wap setexpiration -i mysliceurn
      To turn then back on:
      boss> wap setexpiration -I mysliceurn
  6. 09 Aug, 2013 6 commits
    • Leigh B Stoller's avatar
    • Leigh B Stoller's avatar
      Remove code that extends slice lifetime, and fix underlying bug. · 60a34cdf
      Leigh B Stoller authored
      We currrently have a few cases where a slice record exists, but
      no sliver, and so Renew was failing. Since we store all of the
      expiration in the slice record, we do not actually need to have
      an aggregate, so remove the check.
    • Leigh B Stoller's avatar
      Add setexpiration script. · 8b6d018c
      Leigh B Stoller authored
    • Leigh B Stoller's avatar
      New script to set geni_slice expiration_max,renew_limit, and idle. · 5c417cf4
      Leigh B Stoller authored
      Usage: setexpiration [-f] [-m <time> | -M] [-e <datetime> | -E] [-i | -I] <slice>
        -f      - Force operation even it makes no sense.
        -m      - Max increment time for a renew. In minutes.
                  Use zero to allow anything. Use "null" to clear.
                  Use "NN days" or "NN hours" also.
        -M      - Clear max increment time for a renew.
        -e      - Termination date; sliver may not be renewed past this
                  date. Use standard date format (YYYY-MM-DD HH:MM:SS)
        -E      - Clear max termination date.
        -i      - Set 'idle ignore'; no idle checks or email.
        -I      - Turn idle checks back on.
    • Leigh B Stoller's avatar
    • Leigh B Stoller's avatar
      I added two new actions to PerformOperationalAction, which appear to · cfd1974a
      Leigh B Stoller authored
      work fine when the nodes are behaving themselves.
      1) geni_update_users: Takes a slice credential and a keys argument. Can
        only be invoked when the sliver is in the started/geni_ready state.
        Moves the slice to the geni_updating_users state until all of the
        nodes have completed the update, at which time the sliver moves back
        to started/geni_ready.
      2) geni_updating_users_cancel: We can assume that some nodes will be whacky
        and will not perform the update when told to. This cancels the
        update and moves the sliver back to started/geni_ready.
      A couple of notes:
      * The current emulab node update time is about three minutes; the
        sliver is in this new state for that time and cannot be restarted or
        stopped. It can of course be deleted.
      * Should we allow restart while in the updating phase? We could, but
        then I need more bookkeeping.
      * Some nodes might not be running the watch dog, or might not even be
        an emulab image, so the operation will never end, not until
        canceled. I could add a timeout, but that will require a monitor or
        adding DB state to store the start time.
  7. 08 Aug, 2013 1 commit
  8. 23 Jul, 2013 2 commits
    • Leigh B Stoller's avatar
      Minor bug fix. · a1207790
      Leigh B Stoller authored
    • Leigh B Stoller's avatar
      ABAC Speaksfor credential support. · 60274694
      Leigh B Stoller authored
      The CM can now receive either an ABAC or a non-ABAC speaksfor
      credential in the list of credentials. Thanks to Gary for getting
      libabac built on boss so that I could use it! The AM probably needs a
      little bit more work since it has a few V3 places where it does not
      invoke CMV2 directly, but that should be easy to fix; all of the AMV2
      functions will work tough.
      Caveat; I don't bother to look at the speaksfor option; if we get a
      speaksfor credential, I figure it was cause the user wants to use it!
      I added a hacky script called genspeaksfor to create a proper speaks
      for credential that allows me to speak for another user. For example:
      	genspeaksfor -a urn:publicid:IDN+emulab.net+user+leebee \
      which generates an ABAC speaks for credential that allows me to spead
      for leebee. To use the PG test scripts with this credential:
      	createsliver.py* -S speaksfor.cred -s slice.cred
      Where slice.cred is a plain slice credential issued to leebee and then
      given to me via an out of band mechanism (:-).
  9. 22 Jul, 2013 5 commits
  10. 19 Jul, 2013 1 commit
  11. 17 Jul, 2013 1 commit
  12. 11 Jul, 2013 7 commits
    • Leigh B Stoller's avatar
      Implement speaksfor (non-abac) support. · 8d53b3fd
      Leigh B Stoller authored
      CM V2 (and thus the AM) now accept a type=speaksfor credential along
      with regular credentials. When supplied, the speaksfor caller must be
      equal to the owner of the speaksfor credential and the target must be
      equal to the owner of the regular credential(s). All operations take
      place in the context of the spokenfor user.
      Added speaksfor slots to geni_slices,geni_aggregates and geni_tickets.
      Also to the history table. But these are just the most recent data.
      Each transaction is logged as normal, and the metadata now includes
      the speaksfor data and the log always includes all of the credentials.
      For testing, there is a new script in the scripts directory to
      generate a speaksfor credential. Not installed since it is really
      a hack. But to create one:
        perl genspeaksfor urn:publicid:IDN+emulab.net+user+leebee \
      which generates a speaksfor credential that says stoller is speaking
      for leebee.
      Given a slice credential issued to leebee, the test scripts can be
      invoked as follows (by stoller):
        createsliver.py -S speaksfor.cred -s slice.cred -c leebee.cred
      A copy of leebee's self credential is needed simply cause of the test
      script's desire to talk to the SA (which does not support speaksfor).
      Not otherwise needed.
      Oh, not tested on the AM interface yet.
    • Leigh B Stoller's avatar
      Speaksfor changes; full logging of all destructive operations. · 748f2f66
      Leigh B Stoller authored
      Also an upcall to add speaksfor metadata to logfile.
    • Leigh B Stoller's avatar
      Utility script to generate a speaksfor (non-abac) credential. · a625848e
      Leigh B Stoller authored
      In this prototype, a speaksfor credential has type=speaksfor,
      owner=speaker/tool, target=user, and is signed by the user.
    • Leigh B Stoller's avatar
      Minor changes to Tunnel functions. · f4c339ec
      Leigh B Stoller authored
    • Leigh B Stoller's avatar
    • Leigh B Stoller's avatar
    • Leigh B Stoller's avatar
      Minor changes to support speaksfor (non-abac) operation. · 0b65e129
      Leigh B Stoller authored
      Add -S option to supply a speaksfor credential.
      Other small changes to prevent superfluous calls to SA, which
      does not support speaksfor.
  13. 08 Jul, 2013 2 commits
  14. 04 Jul, 2013 1 commit
  15. 02 Jul, 2013 1 commit