    Leigh B Stoller's avatar
      A couple of changes to the apt daemon that I did a while back: · 6db95f98
      Leigh B Stoller authored
      1. Kill canceled instances; we allow users to "terminate" an instance
         while it is booting up, but we have to pend that till the lock is
         released. We do this with a canceled flag, similar to the Classic
         interface. But I never committed the apt_daemon changes that look for
         canceled instances and kills them!
      2. Look for stale st/lt datasets and delete them. A stale dataset is one
         that no longer exists at the remote cluster (cause its expiration was
         reached and it was reaped). We do not get notification at the Portal,
         and so those dangling datasets descriptors sit around confusing
         people (okay, confusing me and others of a similar vintage).
    Leigh B Stoller's avatar
      Fix to CreateDatasetCreds(); we do not need a credential for a local lease, · f74b1548
      Leigh B Stoller authored
      it goes through normal emulab permission checks.
    Leigh B Stoller's avatar
      NFS mount changes, still a work in progress, bound to change: · e369c1a8
      Leigh B Stoller authored
      * The Emulab portal now adds a toplevel element (Emulab namespace)
        directing the CM to use standard emulab mounts (read: /users).
        We clear that element from the other portals.
      * The CM looks for that tag, and allows it only if the caller is the local
        SA. The default for nfsmounts setting for geni experiment containers is
        "genidefault", but that is set to "emulabdefault" when allowed.
      * tmcd changes; no using nfsmounts slot instead of nonfsmounts. "none"
        means no mounts (duh), "emulabdefault" means standard mounts we all know
        and love, "genidefault" means no /users mounts.
        In addition, when we are doing emulabdefault mounts on a geni experiment
        node, we do not return accounts that are specified in the rspec, but
        rather we return the local project accounts only.
    Leigh B Stoller's avatar
      Some tweaks to credential handling: · 3ebffb34
      Leigh B Stoller authored
      1) Anytime we need to generate a slice credential, and the slice has
         expired, bump the slice expiration so we can create a valid credential
         and then reset the expiration. Consider if the slice expires but we
         missed it and its still active; we gotta be able to control it.
      2) From the beginning, we have done almost all RPC operations as the
         creator of the experiment. Made sense when the portal interface was not
         project aware, but now other users in the project can see and mess with
         experiments in their project. But we are still doing all the RPC
         operations as the creator of the experiment, which will need to change
         at some point, but in the short term I am seeing a lot of credential
         errors caused by an expired speaks-for credential for that creator (if
         they have not logged into the portal in a while). When this happens,
         lets generate a plain slice credential, issued to the SA, so that we can
         complete the operation. Eventually we have to make the backend project
         aware, and issue the operations as the web user doing the driving.
         Maybe as part of the larger portalization project.
    Leigh B Stoller's avatar
      A couple of fixes for guest users: · c363234d
      Leigh B Stoller authored
      1. Do not allow guest users to use anything but the APT cluster. We had
         talked about this a while back, and today it caused a problem:
      2. Because a guest tried to use the Mothership (cause of a URN in the
         profile), we had GeniUser lookup confusion. We store guest users in the
         geni-sa geni_users table, but because PROTOGENI_LOCALUSER=1, we end up
         creating a nonlocal account on the Geni path, and that conflicts.
         Changed how we do lookups.
    Leigh B Stoller's avatar
      Add support for cancelation; stopping an experiment setup early, instead of · 32c3d934
      Leigh B Stoller authored
      waiting till it finished setting up (or fails). This is really nice when a
      1000 node experiment has gone awry and it is pointless to wait for it to
      finish. When we do this, we mark the instance as canceled in the DB, and
      then wait for create_instance() to notice it. When it does, it stops
      waiting and invokes terminate with a new cancel option at the backend.
