Commit 4be204e0 authored by Keith Downie's avatar Keith Downie

Merge remote-tracking branch 'central/master'

parents 37c3d154 822ee940
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# Copyright (c) 2000-2011 University of Utah and the Flux Group. # Copyright (c) 2000-2011, 2014 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -41,6 +41,7 @@ my $debug = 0; ...@@ -41,6 +41,7 @@ my $debug = 0;
my $nonlocal= 0; my $nonlocal= 0;
my $impotent= 0; my $impotent= 0;
my $silent = 0; my $silent = 0;
my $viaAPT = 0;
my $resend; my $resend;
# #
...@@ -221,6 +222,11 @@ my $xmlparse = eval { XMLin($xmlfile, ...@@ -221,6 +222,11 @@ my $xmlparse = eval { XMLin($xmlfile,
fatal($@) fatal($@)
if ($@); if ($@);
# APT flag. Notice and delete.
if (exists($xmlparse->{'attribute'}->{"viaAPT"})) {
$viaAPT = 1;
delete($xmlparse->{'attribute'}->{"viaAPT"});
}
# #
# Make sure all the required arguments were provided. # Make sure all the required arguments were provided.
...@@ -326,8 +332,12 @@ if (exists($newproj_args{'newuser_xml'})) { ...@@ -326,8 +332,12 @@ if (exists($newproj_args{'newuser_xml'})) {
print $cmd . "\n" print $cmd . "\n"
if ($debug); if ($debug);
my $cmd_out = `$cmd`; my $cmd_out = `$cmd`;
UserError("Transient Error: (3, $?, $cmd) $cmd_out") if ($?) {
if ($?); if (($? >> 8) > 0) {
UserError($cmd_out);
}
fatal("Error creating new user: (3, $?, $cmd) $cmd_out");
}
# #
# Parse the last line of output. Ick. # Parse the last line of output. Ick.
...@@ -360,6 +370,9 @@ exit(0) ...@@ -360,6 +370,9 @@ exit(0)
my $new_pid = $newproj_args{'pid'}; my $new_pid = $newproj_args{'pid'};
delete($newproj_args{'pid'}); delete($newproj_args{'pid'});
delete($newproj_args{'head_uid'}); delete($newproj_args{'head_uid'});
# APT flag.
$newproj_args{'viaAPT'} = 1
if ($viaAPT);
my $newproj = Project->Create($new_pid, $leader, \%newproj_args); my $newproj = Project->Create($new_pid, $leader, \%newproj_args);
if (!defined($newproj)) { if (!defined($newproj)) {
......
#!/usr/bin/perl -w #!/usr/bin/perl -w
# #
# Copyright (c) 2000-2013 University of Utah and the Flux Group. # Copyright (c) 2000-2014 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -41,6 +41,7 @@ my $impotent= 0; ...@@ -41,6 +41,7 @@ my $impotent= 0;
my $type = ""; my $type = "";
my $silent = 0; my $silent = 0;
my $portal = 0; my $portal = 0;
my $viaAPT = 0;
my @keyfiles = (); my @keyfiles = ();
# #
...@@ -206,6 +207,20 @@ fatal($@) ...@@ -206,6 +207,20 @@ fatal($@)
print STDERR Dumper($xmlparse) print STDERR Dumper($xmlparse)
if ($debug); if ($debug);
# APT flag. Notice and delete.
if (exists($xmlparse->{'attribute'}->{"viaAPT"})) {
$viaAPT = 1;
delete($xmlparse->{'attribute'}->{"viaAPT"});
# Remove these, we do not require them on the APT path.
delete($required{"affiliation_abbreviation"});
delete($required{"phone"});
delete($required{"title"});
delete($required{"address"});
delete($required{"zip"});
delete($required{"wikiname"});
}
# #
# Make sure all the required arguments were provided. # Make sure all the required arguments were provided.
# #
...@@ -428,6 +443,9 @@ elsif ($type eq "wikionly") { ...@@ -428,6 +443,9 @@ elsif ($type eq "wikionly") {
elsif ($type eq "leader") { elsif ($type eq "leader") {
$flags = $User::NEWUSER_FLAGS_PROJLEADER; $flags = $User::NEWUSER_FLAGS_PROJLEADER;
} }
if ($viaAPT) {
$flags |= $User::NEWUSER_FLAGS_VIAAPT;
}
my $newuser = User->Create($new_uid, $flags, \%newuser_args); my $newuser = User->Create($new_uid, $flags, \%newuser_args);
if (!defined($newuser)) { if (!defined($newuser)) {
fatal("Could not create new user!"); fatal("Could not create new user!");
...@@ -500,7 +518,7 @@ SENDMAIL("$usr_name '$usr_uid' <$usr_email>", ...@@ -500,7 +518,7 @@ SENDMAIL("$usr_name '$usr_uid' <$usr_email>",
"Testbed Operations\n", "Testbed Operations\n",
"$TBAPPROVAL", "$TBAPPROVAL",
"Bcc: $TBAUDIT") "Bcc: $TBAUDIT")
if (!$silent); if (!($silent || $viaAPT));
# #
# Do we have a keyfile? If so, rerun addpubkey for real now that the # Do we have a keyfile? If so, rerun addpubkey for real now that the
......
...@@ -2002,6 +2002,9 @@ sub SetupBossNode($) ...@@ -2002,6 +2002,9 @@ sub SetupBossNode($)
# Copy over creators ssl certificate for XMLRPC. See below. # Copy over creators ssl certificate for XMLRPC. See below.
mysystem("cp -fp ~${creator}/.ssl/emulab.pem $stuffdir"); mysystem("cp -fp ~${creator}/.ssl/emulab.pem $stuffdir");
# Copy extra ssh pub key for adding to elabman.
mysystem("cp -fp ~${creator}/.ssh/elabinelab.pub $stuffdir")
if (-e "/users/${creator}/.ssh/elabinelab.pub");
# #
# Write the config variables out. genirack install phase needs it. # Write the config variables out. genirack install phase needs it.
...@@ -2484,6 +2487,10 @@ sub SetupBossNode($) ...@@ -2484,6 +2487,10 @@ sub SetupBossNode($)
mysystem("/etc/rc.sendmail start"); mysystem("/etc/rc.sendmail start");
} }
# Copy additional key into the install directory.
mysystem("cp -fp $stuffdir/elabinelab.pub $TBDIR/src/testbed/install")
if (-e "$stuffdir/elabinelab.pub");
# #
# INNER OPS DEPENDENCY: boss-install eventually wants to NFS mount # INNER OPS DEPENDENCY: boss-install eventually wants to NFS mount
# the filesystems on ops/fs, so at this point the ops/fs filesystems # the filesystems on ops/fs, so at this point the ops/fs filesystems
......
#!/usr/bin/perl -w #!/usr/bin/perl -w
# #
# Copyright (c) 2004-2013 University of Utah and the Flux Group. # Copyright (c) 2004-2014 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -405,6 +405,9 @@ sub process($$$$) ...@@ -405,6 +405,9 @@ sub process($$$$)
if (!exists($href->{'PERSIST'})) { if (!exists($href->{'PERSIST'})) {
$href->{'PERSIST'} = 0; $href->{'PERSIST'} = 0;
} }
if (!exists($href->{'PERMS'})) {
$href->{'PERMS'} = "RW";
}
} }
elsif ($class eq "local") { elsif ($class eq "local") {
if ($href->{'HOSTID'} ne "localhost" || if ($href->{'HOSTID'} ne "localhost" ||
...@@ -528,6 +531,9 @@ sub process($$$$) ...@@ -528,6 +531,9 @@ sub process($$$$)
if ($href->{'PERSIST'}) { if ($href->{'PERSIST'}) {
$msg .= " persistent"; $msg .= " persistent";
} }
if ($href->{'PERMS'} eq "RO") {
$msg .= " read-only";
}
print " $msg iSCSI node attached as $dev"; print " $msg iSCSI node attached as $dev";
} }
} }
...@@ -537,7 +543,11 @@ sub process($$$$) ...@@ -537,7 +543,11 @@ sub process($$$$)
} }
} }
if ($href->{'MOUNTPOINT'}) { if ($href->{'MOUNTPOINT'}) {
print " mounted on " . $href->{'MOUNTPOINT'}; my $w = "RW";
if ($href->{'PERMS'} eq "RO") {
$w = "RO";
}
print " mounted $w on " . $href->{'MOUNTPOINT'};
} }
print "\n"; print "\n";
} else { } else {
......
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# Copyright (c) 2008-2012 University of Utah and the Flux Group. # Copyright (c) 2008-2014 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -60,6 +60,7 @@ sub VNODE_PATH(;$) { ...@@ -60,6 +60,7 @@ sub VNODE_PATH(;$) {
my $VCNET_NET = "172.16.0.0"; my $VCNET_NET = "172.16.0.0";
my $VCNET_MASK = "255.240.0.0"; my $VCNET_MASK = "255.240.0.0";
my $VCNET_GW = "172.16.0.1"; my $VCNET_GW = "172.16.0.1";
my $VCNET_SLASHMASK = "12";
# #
# Find virtual control net iface info. Returns: # Find virtual control net iface info. Returns:
...@@ -67,5 +68,5 @@ my $VCNET_GW = "172.16.0.1"; ...@@ -67,5 +68,5 @@ my $VCNET_GW = "172.16.0.1";
# #
sub findVirtControlNet() sub findVirtControlNet()
{ {
return ($VCNET_NET, $VCNET_MASK, $VCNET_GW); return ($VCNET_NET, $VCNET_MASK, $VCNET_GW, $VCNET_SLASHMASK);
} }
#!/usr/bin/perl -w #!/usr/bin/perl -w
# #
# Copyright (c) 2009-2013 University of Utah and the Flux Group. # Copyright (c) 2009-2014 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -99,6 +99,7 @@ my $cleaning = 0; ...@@ -99,6 +99,7 @@ my $cleaning = 0;
my $rebooting = 0; my $rebooting = 0;
my $reload = 0; my $reload = 0;
my ($vmid,$vmtype,$ret,$err); my ($vmid,$vmtype,$ret,$err);
my $ISXENVM = (GENVNODETYPE() eq "xen" ? 1 : 0);
# Flags for leaveme. # Flags for leaveme.
my $LEAVEME_REBOOT = 0x1; my $LEAVEME_REBOOT = 0x1;
...@@ -136,6 +137,21 @@ if ($UID != 0) { ...@@ -136,6 +137,21 @@ if ($UID != 0) {
" Must be root to run this script!\n"); " Must be root to run this script!\n");
} }
#
# Deal with VIFROUTING flag from the server. Do this before we switch
# our vnode_id below since it is a physical host attribute. This will
# go away at some point.
#
my %attributes = ();
if (getnodeattributes(\%attributes)) {
die("*** $0:\n".
"Could not get node attributes");
}
if (exists($attributes{"xenvifrouting"})) {
# Gack, tell backend network scripts.
system("touch $ETCDIR/xenvifrouting");
}
# Tell the library what vnode we are messing with. # Tell the library what vnode we are messing with.
libsetup_setvnodeid($vnodeid); libsetup_setvnodeid($vnodeid);
...@@ -657,7 +673,7 @@ if (defined(VNCONFIG('SSHDPORT')) && VNCONFIG('SSHDPORT') ne "" && ...@@ -657,7 +673,7 @@ if (defined(VNCONFIG('SSHDPORT')) && VNCONFIG('SSHDPORT') ne "" &&
} }
# #
# Start the container. If all goes well, this will exit cleanly, with the # Start the container. If all goes well, this will exit cleanly, with
# it running in its new context. Still, lets protect it with a timer # it running in its new context. Still, lets protect it with a timer
# since it might get hung up inside and we do not want to get stuck here. # since it might get hung up inside and we do not want to get stuck here.
# #
...@@ -665,9 +681,11 @@ my $childpid = fork(); ...@@ -665,9 +681,11 @@ my $childpid = fork();
if ($childpid) { if ($childpid) {
my $timedout = 0; my $timedout = 0;
local $SIG{ALRM} = sub { kill("TERM", $childpid); $timedout = 1; }; local $SIG{ALRM} = sub { kill("TERM", $childpid); $timedout = 1; };
alarm 180; alarm 180
if (!INXENVM());
waitpid($childpid, 0); waitpid($childpid, 0);
alarm 0; alarm 0
if (!INXENVM());
# #
# If failure then cleanup. # If failure then cleanup.
......
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# Copyright (c) 2013 University of Utah and the Flux Group. # Copyright (c) 2013-2014 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -912,18 +912,26 @@ sub os_check_storage_element($$) ...@@ -912,18 +912,26 @@ sub os_check_storage_element($$)
if ($mpoint) { if ($mpoint) {
my $line = `$MOUNT | grep '^/dev/$dev on '`; my $line = `$MOUNT | grep '^/dev/$dev on '`;
if (!$line) { if (!$line) {
my $mopt = "";
my $fopt = "-p";
# check for RO export and adjust options accordingly
if (exists($href->{'PERMS'}) && $href->{'PERMS'} eq "RO") {
$mopt = "-o ro";
$fopt = "-n";
}
# the mountpoint should exist # the mountpoint should exist
if (! -d "$mpoint") { if (! -d "$mpoint") {
warn("*** $bsid: no mount point $mpoint\n"); warn("*** $bsid: no mount point $mpoint\n");
return -1; return -1;
} }
# fsck it in case of an abrupt shutdown # fsck it in case of an abrupt shutdown
if (mysystem("$FSCK -t ufs -p /dev/$dev $redir")) { if (mysystem("$FSCK $fopt -t ufs /dev/$dev $redir")) {
warn("*** $bsid: fsck of /dev/$dev failed\n"); warn("*** $bsid: fsck of /dev/$dev failed\n");
return -1; return -1;
} }
# and mount it if (mysystem("$MOUNT $mopt -t ufs /dev/$dev $mpoint $redir")) {
if (mysystem("$MOUNT -t ufs /dev/$dev $mpoint $redir")) {
warn("*** $bsid: could not mount /dev/$dev on $mpoint\n"); warn("*** $bsid: could not mount /dev/$dev on $mpoint\n");
return -1; return -1;
} }
...@@ -1098,6 +1106,9 @@ sub os_create_storage($$) ...@@ -1098,6 +1106,9 @@ sub os_create_storage($$)
return 0; return 0;
} }
my $mopt = "";
my $fopt = "-p";
if (exists($href->{'MOUNTPOINT'}) && !exists($href->{'MOUNTED'})) { if (exists($href->{'MOUNTPOINT'}) && !exists($href->{'MOUNTED'})) {
my $lv = $href->{'VOLNAME'}; my $lv = $href->{'VOLNAME'};
my $mdev = $href->{'LVDEV'}; my $mdev = $href->{'LVDEV'};
...@@ -1117,7 +1128,12 @@ sub os_create_storage($$) ...@@ -1117,7 +1128,12 @@ sub os_create_storage($$)
# #
if ($href->{'CLASS'} eq "SAN" && $href->{'PROTO'} eq "iSCSI" && if ($href->{'CLASS'} eq "SAN" && $href->{'PROTO'} eq "iSCSI" &&
$href->{'PERSIST'} != 0) { $href->{'PERSIST'} != 0) {
if (mysystem("$FSCK -t ufs -p $mdev $redir")) { # check for RO export and adjust options accordingly
if (exists($href->{'PERMS'}) && $href->{'PERMS'} eq "RO") {
$mopt = "-o ro";
$fopt = "-n";
}
if (mysystem("$FSCK $fopt -t ufs $mdev $redir")) {
warn("*** $lv: fsck of persistent store $mdev failed\n"); warn("*** $lv: fsck of persistent store $mdev failed\n");
return 0; return 0;
} }
...@@ -1158,7 +1174,7 @@ sub os_create_storage($$) ...@@ -1158,7 +1174,7 @@ sub os_create_storage($$)
return 0; return 0;
} }
} else { } else {
if (mysystem("$MOUNT -t ufs $mdev $mpoint $redir")) { if (mysystem("$MOUNT $mopt -t ufs $mdev $mpoint $redir")) {
warn("*** $lv: could not mount $mdev on $mpoint$logmsg\n"); warn("*** $lv: could not mount $mdev on $mpoint$logmsg\n");
return 0; return 0;
} }
......
...@@ -741,11 +741,16 @@ sub exportSlice($$$$) { ...@@ -741,11 +741,16 @@ sub exportSlice($$$$) {
return -1; return -1;
} }
my $perm = "rw";
if (exists($sconf->{'PERMS'}) && $sconf->{'PERMS'} eq "RO") {
$perm = "ro";
}
# Create iSCSI target # Create iSCSI target
my $serial = genSerial(); my $serial = genSerial();
eval { freenasRunCmd($FREENAS_CLI_VERB_IST_TARGET, eval { freenasRunCmd($FREENAS_CLI_VERB_IST_TARGET,
"add $iqn $serial $ISCSI_GLOBAL_PORTAL ". "add $iqn $serial $ISCSI_GLOBAL_PORTAL ".
"$tag Auto -1") }; "$tag Auto -1 flags=$perm") };
if ($@) { if ($@) {
warn("*** ERROR: blockstore_exportSlice: $volname: ". warn("*** ERROR: blockstore_exportSlice: $volname: ".
"Failed to create iSCSI target: $@"); "Failed to create iSCSI target: $@");
......
# #
# Copyright (c) 2000-2013 University of Utah and the Flux Group. # Copyright (c) 2000-2014 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -328,6 +328,7 @@ xen-install: dir-install ...@@ -328,6 +328,7 @@ xen-install: dir-install
$(INSTALL) -m 755 $(SRCDIR)/xen/interfaces $(SYSETCDIR)/network/ $(INSTALL) -m 755 $(SRCDIR)/xen/interfaces $(SYSETCDIR)/network/
$(INSTALL) -m 755 $(SRCDIR)/xen/emulab-cnet.pl $(SYSETCDIR)/xen/scripts/ $(INSTALL) -m 755 $(SRCDIR)/xen/emulab-cnet.pl $(SYSETCDIR)/xen/scripts/
$(INSTALL) -m 755 $(SRCDIR)/xen/emulab-enet.pl $(SYSETCDIR)/xen/scripts/ $(INSTALL) -m 755 $(SRCDIR)/xen/emulab-enet.pl $(SYSETCDIR)/xen/scripts/
$(INSTALL) -m 755 $(SRCDIR)/xen/vif-route-emulab $(SYSETCDIR)/xen/scripts/
$(INSTALL) -m 755 $(SRCDIR)/xen/emulab-tun.pl $(SYSETCDIR)/xen/scripts/ $(INSTALL) -m 755 $(SRCDIR)/xen/emulab-tun.pl $(SYSETCDIR)/xen/scripts/
$(INSTALL) -m 755 $(SRCDIR)/xen/create-image $(LBINDIR)/ $(INSTALL) -m 755 $(SRCDIR)/xen/create-image $(LBINDIR)/
$(INSTALL) -m 755 $(SRCDIR)/xen/mkimagecache $(BINDIR)/ $(INSTALL) -m 755 $(SRCDIR)/xen/mkimagecache $(BINDIR)/
......
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# Copyright (c) 2013 University of Utah and the Flux Group. # Copyright (c) 2013-2014 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -610,17 +610,26 @@ sub os_check_storage_element($$) ...@@ -610,17 +610,26 @@ sub os_check_storage_element($$)
if ($mpoint) { if ($mpoint) {
my $line = `$MOUNT | grep '^/dev/$dev on '`; my $line = `$MOUNT | grep '^/dev/$dev on '`;
if (!$line) { if (!$line) {
my $mopt = "";
my $fopt = "-p";
# check for RO export and adjust options accordingly
if (exists($href->{'PERMS'}) && $href->{'PERMS'} eq "RO") {
$mopt = "-o ro";
$fopt = "-n";
}
# the mountpoint should exist # the mountpoint should exist
if (! -d "$mpoint") { if (! -d "$mpoint") {
warn("*** $bsid: no mount point $mpoint\n"); warn("*** $bsid: no mount point $mpoint\n");
return -1; return -1;
} }
# fsck it in case of an abrupt shutdown # fsck it in case of an abrupt shutdown
if (mysystem("$FSCK -p /dev/$dev $redir")) { if (mysystem("$FSCK $fopt /dev/$dev $redir")) {
warn("*** $bsid: fsck of /dev/$dev failed\n"); warn("*** $bsid: fsck of /dev/$dev failed\n");
return -1; return -1;
} }
if (mysystem("$MOUNT /dev/$dev $mpoint $redir")) { if (mysystem("$MOUNT $mopt /dev/$dev $mpoint $redir")) {
warn("*** $bsid: could not mount /dev/$dev on $mpoint\n"); warn("*** $bsid: could not mount /dev/$dev on $mpoint\n");
return -1; return -1;
} }
...@@ -789,6 +798,9 @@ sub os_create_storage($$) ...@@ -789,6 +798,9 @@ sub os_create_storage($$)
return 0; return 0;
} }
my $mopt = "";
my $fopt = "-p";
if (exists($href->{'MOUNTPOINT'})) { if (exists($href->{'MOUNTPOINT'})) {
my $lv = $href->{'VOLNAME'}; my $lv = $href->{'VOLNAME'};
my $mdev = $href->{'LVDEV'}; my $mdev = $href->{'LVDEV'};
...@@ -808,6 +820,11 @@ sub os_create_storage($$) ...@@ -808,6 +820,11 @@ sub os_create_storage($$)
# #
if ($href->{'CLASS'} eq "SAN" && $href->{'PROTO'} eq "iSCSI" && if ($href->{'CLASS'} eq "SAN" && $href->{'PROTO'} eq "iSCSI" &&
$href->{'PERSIST'} != 0) { $href->{'PERSIST'} != 0) {
# check for RO export and adjust options accordingly
if (exists($href->{'PERMS'}) && $href->{'PERMS'} eq "RO") {
$mopt = "-o ro";
$fopt = "-n";
}
# figure out what the fstype is # figure out what the fstype is
$fstype = `blkid -s TYPE -o value $mdev`; $fstype = `blkid -s TYPE -o value $mdev`;
chomp($fstype); chomp($fstype);
...@@ -818,7 +835,7 @@ sub os_create_storage($$) ...@@ -818,7 +835,7 @@ sub os_create_storage($$)
$fstype = "ext4"; $fstype = "ext4";
} }
if (mysystem("$FSCK -p $mdev $redir")) { if (mysystem("$FSCK $fopt $mdev $redir")) {
warn("*** $lv: fsck of persistent store $mdev failed\n"); warn("*** $lv: fsck of persistent store $mdev failed\n");
return 0; return 0;
} }
...@@ -880,7 +897,7 @@ sub os_create_storage($$) ...@@ -880,7 +897,7 @@ sub os_create_storage($$)
return 0; return 0;
} }
} else { } else {
if (mysystem("$MOUNT -t $fstype $mdev $mpoint $redir")) { if (mysystem("$MOUNT $mopt -t $fstype $mdev $mpoint $redir")) {
warn("*** $lv: could not mount $mdev on $mpoint$logmsg\n"); warn("*** $lv: could not mount $mdev on $mpoint$logmsg\n");
return 0; return 0;
} }
......
#!/usr/bin/perl -w #!/usr/bin/perl -w
# #
# Copyright (c) 2000-2013 University of Utah and the Flux Group. # Copyright (c) 2000-2014 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -66,24 +66,29 @@ my $TMCD_PORT = 7777; ...@@ -66,24 +66,29 @@ my $TMCD_PORT = 7777;
my $SLOTHD_PORT = 8509; my $SLOTHD_PORT = 8509;
my $EVPROXY_PORT= 16505; my $EVPROXY_PORT= 16505;
my $IPTABLES = "/sbin/iptables"; my $IPTABLES = "/sbin/iptables";
my $ARPING = "/usr/bin/arping";
# For testing.
my $VIFROUTING = ((-e "$ETCDIR/xenvifrouting") ? 1 : 0);
usage() usage()
if (@ARGV < 4); if (@ARGV < 5);
my $vmid = shift(@ARGV); my $vmid = shift(@ARGV);
my $host_ip = shift(@ARGV); my $host_ip = shift(@ARGV);
my $vnode_id = shift(@ARGV); my $vnode_id = shift(@ARGV);
my $vnode_ip = shift(@ARGV); my $vnode_ip = shift(@ARGV);
my $vnode_mac = shift(@ARGV);
# The caller (xmcreate) puts this into the environment. # The caller (xmcreate) puts this into the environment.
my $vif = $ENV{'vif'}; my $vif = $ENV{'vif'};
my $XENBUS_PATH = $ENV{'XENBUS_PATH'}; my $XENBUS_PATH = $ENV{'XENBUS_PATH'};
my $bridge = `xenstore-read "$XENBUS_PATH/bridge"`; my $bridge = `xenstore-read "$XENBUS_PATH/bridge"`;
# #
# Well, this is interesting; we could get called with the XEN store # Well, this is interesting; we are called with the XEN store
# gone and so not able to find the bridge. vif-bridge does the same # gone and so not able to find the bridge. vif-bridge does the same
# thing and just ignores it! So if we cannot get, default to what # thing and just ignores it! So if we cannot get it, default to what
# currently think is the control network bridge. # currently think is the control network bridge, so that vif-bridge
# does not leave a bunch of iptables rules behind.
# #
if ($?) { if ($?) {
$bridge = "xenbr0"; $bridge = "xenbr0";
...@@ -154,18 +159,44 @@ sub Online() ...@@ -154,18 +159,44 @@ sub Online()
{ {
mysystem2("ifconfig $vif txqueuelen 256"); mysystem2("ifconfig $vif txqueuelen 256");
if ($VIFROUTING) {
#
# When using routing instead of bridging, we have to restart
# dhcp *after* the vif has been created so that dhcpd will
# start listening on it.
#
if (TBScriptLock("dhcpd", 0, 900) != TBSCRIPTLOCK_OKAY()) {
print STDERR "Could not get the dhcpd lock after a long time!\n";
return -1;
}
restartDHCP();
TBScriptUnlock();
#
# And this clears the arp caches.
#
mysystem("$ARPING -c 4 -A -I $bridge $vnode_ip");
}
# Prevent dhcp requests from leaving the physical host. # Prevent dhcp requests from leaving the physical host.
DoIPtables("-A FORWARD -o $bridge -m pkttype ". DoIPtables("-A FORWARD -o $bridge -m pkttype ".
"--pkt-type broadcast " . "--pkt-type broadcast " .
"-m physdev --physdev-in $vif --physdev-is-bridged ". "-m physdev --physdev-in $vif --physdev-is-bridged ".
"--physdev-out $outer_controlif -j DROP")