Commit 53b37adb authored by Leigh Stoller's avatar Leigh Stoller

Some minor changes to Srikanth Raju's EC2 Meta support, before merge.

Disabled by default, enabled on Utah Emulab for testing.
parent f52a02c5
......@@ -288,7 +288,9 @@ sub vz_init {
#
# Prepare the root context. Run once at boot.
#
sub vz_rootPreConfig {
sub vz_rootPreConfig($)
{
my $bossip = shift;
#
# Only want to do this once, so use file in /var/run, which
# is cleared at boot.
......
......@@ -111,7 +111,6 @@ my $BRCTL = "brctl";
my $IFCONFIG = "/sbin/ifconfig";
my $ETHTOOL = "/sbin/ethtool";
my $ROUTE = "/sbin/route";
my $IP = "/sbin/ip";
my $SYSCTL = "/sbin/sysctl";
my $VLANCONFIG = "/sbin/vconfig";
my $MODPROBE = "/sbin/modprobe";
......@@ -168,7 +167,7 @@ sub VGNAME() { return $VGNAME; }
##
# Maximum vnodes per physical host, used to size memory and disks
my $MAX_VNODES = 16;
my $MAX_VNODES = 32;
# Minimum GB of disk per vnode
my $MIN_GB_DISK = 6;
......@@ -357,6 +356,14 @@ sub rootPreConfig($)
# This says to forward traffic across the bridge.
mysystem("$IPTABLES -A FORWARD ".
"-m physdev --physdev-in $cnet_iface -j ACCEPT");
# Set up for metadata server for ec2 support
print "Setting up redirection for meta server...\n";
mysystem("$IPBIN addr add 169.254.169.254/32 ".
" scope global dev $cnet_iface");
mysystem("$IPTABLES -t nat -A PREROUTING -d 169.254.169.254/32 " .
" -p tcp -m tcp --dport 80 -j DNAT ".
" --to-destination ${bossip}:8787");
}
else {
if (!existsBridge($BRIDGENAME)) {
......@@ -468,12 +475,6 @@ sub rootPreConfig($)
if ($debug);
createDHCP();
# Set up for metadata server for ec2 support
print "Setting up redirection for meta server...\n";
mysystem("$IP addr add 169.254.169.254/32 scope global dev $cnet_iface");
mysystem("$IPTABLES -t nat -A PREROUTING -d 169.254.169.254/32 -p tcp " .
"-m tcp --dport 80 -j DNAT --to-destination " . $bossip . ":8787");
print "Creating scratch FS ...\n";
if (createExtraFS($EXTRAFS, $VGNAME, "50G")) {
TBScriptUnlock();
......
This diff is collapsed.
......@@ -274,6 +274,7 @@ AC_SUBST(FIREWALL_BOSS_LOCALRULETMPL)
AC_SUBST(FIREWALL_OPS_LOCALRULETMPL)
AC_SUBST(SPEWFROMOPS)
AC_SUBST(NOSITECHECKIN)
AC_SUBST(EC2META_ENABLE)
#
# Offer both versions of the email addresses that have the @ escaped
......@@ -399,6 +400,7 @@ FIREWALL_BOSS_LOCALRULETMPL=""
FIREWALL_OPS_LOCALRULETMPL=""
SPEWFROMOPS=0
NOSITECHECKIN=0
EC2META_ENABLE=0
#
# XXX You really don't want to change these!
......
#
# Add pool monitor.
#
use strict;
use libinstall;
use installvars;
my $LOGFILE = "$TBROOT/log/tmcd-meta.log";
sub InstallUpdate($$)
{
my ($version, $phase) = @_;
#
# If something should run in the pre-install phase.
#
if ($phase eq "pre") {
Phase "ec2meta", "Adding EC2 Meta Server support", sub {
Phase "syslog.conf", "Updating $SYSLOG_CONF", sub {
DoneIfEdited($SYSLOG_CONF);
BackUpFileFatal($SYSLOG_CONF);
AppendToFileFatal($SYSLOG_CONF,
"!tmcd-meta", "*.*\t\t\t\t\t\t$LOGDIR/tmcd-meta.log");
};
Phase "logfile", "Creating $LOGFILE", sub {
DoneIfExists($LOGFILE);
CreateFileFatal($LOGFILE);
ExecQuietFatal("$CHGRP tbadmin $LOGFILE");
ExecQuietFatal("$CHMOD 640 $LOGFILE");
};
Phase "newsyslog", "Updating $NEWSYSLOG_CONF", sub {
DoneIfEdited($NEWSYSLOG_CONF);
BackUpFileFatal($NEWSYSLOG_CONF);
AppendToFileFatal($NEWSYSLOG_CONF,
"$LOGFILE 640 7 1000 * Z");
};
Phase "syslogd", "Restarting syslogd", sub {
HUPDaemon("syslog");
};
};
}
#
# If something should run in the post-install phase.
#
if ($phase eq "post") {
}
return 0;
}
1;
# Local Variables:
# mode:perl
# End:
#!/usr/local/bin/python
#
# Copyright (c) 2012-2013 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
# This file is part of the Emulab network testbed software.
#
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
#
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
# License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this file. If not, see <http://www.gnu.org/licenses/>.
#
# }}}
#
from BaseHTTPServer import HTTPServer
from BaseHTTPServer import BaseHTTPRequestHandler
import urlparse
import traceback
import os
import sys
import syslog
import socket
import re
# Configure variables
TBDIR = "@prefix@"
TBFACIL = "@TBLOGFACIL@"
AVAIL = "@THISHOMEBASE@"
# When debugging, runs in foreground printing to stdout instead of syslog
debug = 0
TBPATH = os.path.join(TBDIR, "lib")
if TBPATH not in sys.path:
sys.path.append(TBPATH)
......@@ -18,40 +46,30 @@ if TBPATH not in sys.path:
from libdb import *
# This requires Python 2.6+
class Ec2MetaHandler(BaseHTTPRequestHandler):
def __init__(self, req, ca, huh):
facil = "LOG_" + TBFACIL.upper()
syslog.openlog("tmcd-meta", syslog.LOG_PID, getattr(syslog,facil))
BaseHTTPRequestHandler.__init__(self,req,ca,huh)
def log_message(self, format, *args):
outtext = format
alen = len(args)
if alen == 0:
outtext = format
elif alen == 1:
outtext = format % (args[0])
elif alen == 2:
outtext = format % (args[0], args[1])
elif alen == 3:
outtext = format % (args[0], args[1], args[2])
elif alen == 4:
outtext = format % (args[0], args[1], args[2], args[3])
elif alen == 5:
outtext = format % (args[0], args[1], args[2], args[3],
args[4])
##
# Log a message to stdout, if in debug mode, otherwise write to syslog.
#
# @param msg The message to log.
#
def logit(self, msg):
if debug:
print msg
pass
else:
outtext = "Too many format strings"
syslog.syslog(syslog.LOG_INFO, msg);
pass
return
# All this retardness is because someone decided that
# that format string functionality was ONLY exposed
# through a shitty operator(%) and not through a real
# function, so now its impossible to use it with *args
# because of some restrictive front end checks, meh
syslog.syslog(outtext)
# Override so we can use above function.
def log_message(self, format, *args):
self.logit(format%args)
return
def do_GET(self):
parsed_path = urlparse.urlparse(self.path)
......@@ -85,8 +103,10 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
return
def listmetas(self, metas):
message = "\n".join(map(lambda x: x + "/" if (x == "public-keys" or not(callable(metas[x]))) else x,
metas.keys()));
message = "\n".join(map(lambda x: x + "/"
if (x == "public-keys" or
not(callable(metas[x])))
else x, metas.keys()));
return message
def handle_req(self, arg, metas):
......@@ -129,7 +149,6 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
def doavail(self, args):
return AVAIL
def domacs(self, args):
#TODO
return "324AF"
......@@ -191,7 +210,10 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
#TODO: Verify ig idx is within limits
return "openssh-key"
elif len(args) == 2:
val = int(args[0])
val = args[0]
# Always check args before using in query!
if not re.match("^[\d]*$", val):
return ""
ip = self.client_address[0]
rows = DBQueryWarn("select * from "
"((select user_pubkeys.pubkey from user_pubkeys "
......@@ -229,11 +251,25 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
"public-keys": dopublic_keys },
"user-data" : do_userdata
}
pass
#
# Check for debug flag.
#
if len(sys.argv) > 1 and sys.argv[1] == "-d":
debug = 1
pass
if __name__ == '__main__':
from BaseHTTPServer import HTTPServer
import socket
#
# Daemonize when not running in debug mode.
#
if not debug:
#
# Connect to syslog.
#
syslog.openlog("tmcd-meta", syslog.LOG_PID,
getattr(syslog, "LOG_" + string.upper(TBFACIL)))
syslog.syslog(syslog.LOG_INFO, "EC2 Meta server starting up");
#
# Daemonize. We redirect our output into a log file cause I have no
......@@ -241,7 +277,7 @@ if __name__ == '__main__':
# Lifted from xmlrpc/sslxmlrpc_server.py.in
#
try:
fp = open(TBDIR + "/log/tmcd-meta.log", "a");
fp = open(TBDIR + "/log/ec2meta.log", "a");
sys.stdout = fp
sys.stderr = fp
sys.stdin.close();
......@@ -259,8 +295,6 @@ if __name__ == '__main__':
os.setsid();
pass
server = HTTPServer((socket.gethostbyname(socket.gethostname()), 8787),
Ec2MetaHandler)
server.serve_forever()
server = HTTPServer((socket.gethostbyname(socket.gethostname()), 8787),
Ec2MetaHandler)
server.serve_forever()
#!/bin/sh
#
# Copyright (c) 2001-2010 University of Utah and the Flux Group.
# Copyright (c) 2001-2013 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
......@@ -23,6 +23,7 @@
#
DIR=@prefix@/sbin
EC2META_ENABLE=@EC2META_ENABLE@
if [ -f /var/run/tmcd.pid ]
then
......@@ -38,6 +39,8 @@ fi
sleep 1
${DIR}/Ec2MetaServer.py
if test $EC2META_ENABLE -ne 0; then
${DIR}/Ec2MetaServer.py
fi
${DIR}/tmcd -i @BOSSNODE_IP@
exit 0
#!/usr/bin/ruby
#
# Copyright (c) 2012-2013 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
# This file is part of the Emulab network testbed software.
#
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
#
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
# License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this file. If not, see <http://www.gnu.org/licenses/>.
#
# }}}
#
$: << File.dirname(__FILE__)
require 'GrubConf'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment