Commit 81a2a88a authored by Mike Hibler's avatar Mike Hibler

Merge branch 'master' into newports

parents 480fdc70 aea8a3a1
......@@ -1648,12 +1648,22 @@ sub Lockdown($$)
my $authority = $self->GetGeniAuthority();
my $slice = $self->instance()->GetGeniSlice();
my $context = APT_Geni::GeniContext();
my $oldexpires;
return undef
if (! (defined($authority) &&
defined($slice) && defined($context)));
#
# If the slice is expired, then the credential we generate will
# not be valid. So extend the slice so we can clear the lockdown.
#
if ($clear && $slice->IsExpired()) {
$oldexpires = $slice->expires();
$slice->SetExpiration(time() + 3600);
}
my $slice_credential = APT_Geni::GenAuthCredential($slice);
return undef
goto bad
if (! defined($slice_credential));
my $args = {
......@@ -1665,7 +1675,14 @@ sub Lockdown($$)
my $cmurl = $authority->url();
$cmurl =~ s/protogeni/protogeni\/stoller/ if ($usemydevtree);
return Genixmlrpc::CallMethod($cmurl, $context, "Lockdown", $args);
my $response = Genixmlrpc::CallMethod($cmurl, $context, "Lockdown", $args);
$slice->SetExpiration($oldexpires)
if (defined($oldexpires));
return $response;
bad:
$slice->SetExpiration($oldexpires)
if (defined($oldexpires));
return undef;
}
#
......
......@@ -824,7 +824,8 @@ sub CheckNodeConstraints($$$)
}
if (defined($image_urn)) {
if ($image_urn =~ /UBUNTU14\-10\-64\-OS/) {
if ($image_urn =~ /UBUNTU14\-10\-64\-OS/ ||
$image_urn =~ /UBUNTU15\-04\-64\-OS/) {
return 0;
}
elsif ($iscloudlab &&
......@@ -1025,7 +1026,8 @@ sub SetSites($$$$)
if (!exists($interface_map{$client_id}));
my $site_mid = $interface_map{$client_id};
GeniXML::AddManagerToLink($ref, $sitemap->{$site_mid});
GeniXML::AddManagerToLink($ref, $sitemap->{$site_mid})
if (!exists($linksites{$sitemap->{$site_mid}}));
$linksites{$sitemap->{$site_mid}} = 1;
}
# if more then one site for a link, must use the stitcher.
......
......@@ -253,6 +253,16 @@ sub DoSnapshot()
$imagename = $profile->name();
}
}
#
# Make sure a valid imagename. This a local test of course, but this
# only works on IG aggregates anyway.
#
if (! TBcheck_dbslot($imagename, "images",
"imagename", TBDB_CHECKDBSLOT_ERROR)) {
$imagename = $profile->profileid();
$imagename .= "." . $node_id
if (defined($node_id));
}
#
# Sanity checks.
......@@ -789,6 +799,7 @@ sub DoTerminate()
sub DoExtend()
{
my $force = 0;
my $lockdown = 0;
usage()
if (!@ARGV);
......@@ -830,6 +841,12 @@ sub DoExtend()
# Save in case of error.
my $oldexpires = $slice->expires();
# Lockdown on admin extensions longer then XX days.
if (defined($this_user) && $this_user->IsAdmin() &&
($seconds / (24 * 60 * 60)) > 10) {
$lockdown = 1
}
# Need to update slice before creating new credential.
$slice->AddToExpiration($seconds);
my $new_expires = $slice->ExpirationGMT();
......@@ -888,8 +905,7 @@ sub DoExtend()
}
}
# Lockdown.
if (defined($this_user) && $this_user->IsAdmin() &&
($seconds / (24 * 60 * 60)) > 10) {
if ($lockdown) {
if (DoLockdownInternal("set", "admin")) {
SENDMAIL($TBOPS,
"Failed to lock down APT Instance",
......@@ -1046,6 +1062,7 @@ sub DoRebootOrReload($)
}
my %sliver_urns = ();
my %node_ids = ();
my @slivers = ();
foreach my $obj ($instance->AggregateList()) {
my $manifest = GeniXML::Parse($obj->manifest());
......@@ -1070,6 +1087,7 @@ sub DoRebootOrReload($)
push(@slivers, $obj);
}
push(@{ $sliver_urns{$obj->aggregate_urn()} }, $sliver_urn);
$node_ids{$sliver_urn} = $client_id;
}
}
}
......@@ -1099,9 +1117,6 @@ sub DoRebootOrReload($)
my @urns = @{ $sliver_urns{$sliver->aggregate_urn()} };
my $errmsg;
# Clear this so that web interface will not update it.
$webtask->sliverstatus({});
my $response = $sliver->SliverAction(\$errmsg, $which, @urns);
if (!defined($response)) {
$errmsg = "RPC Error calling SliverAction";
......@@ -1119,6 +1134,16 @@ sub DoRebootOrReload($)
$errmsg = $response->output();
goto bad;
}
# Tell the web interface something is different. Real status will
# come later when the monitor starts up.
if ($webtask->sliverstatus()) {
my $blob = $webtask->sliverstatus();
foreach my $urn (@urns) {
my $node_id = $node_ids{$urn};
$blob->{$node_id}->{'status'} = "changing";
}
$webtask->sliverstatus($blob);
}
return 0;
bad:
print STDERR "$errmsg\n";
......
......@@ -7005,18 +7005,6 @@ outfiles="$outfiles Makeconf GNUmakefile \
install/libinstall.pm install/update-install install/update-testbed \
mote/GNUmakefile mote/tbuisp mote/tbsgmotepower mote/newmote \
mote/sgtools/GNUmakefile \
robots/GNUmakefile robots/tbsetdest/GNUmakefile \
robots/mtp/GNUmakefile robots/emc/GNUmakefile \
robots/emc/test_emcd.sh robots/emc/loclistener \
robots/vmcd/GNUmakefile robots/vmcd/test_vmc-client.sh \
robots/rmcd/GNUmakefile robots/primotion/GNUmakefile \
robots/primotion/test_gorobot.sh robots/primotion/dgrobot/GNUmakefile \
robots/mezzanine/GNUmakefile robots/mezzanine/rtk2/GNUmakefile \
robots/mezzanine/libfg/GNUmakefile \
robots/mezzanine/libmezz/GNUmakefile \
robots/mezzanine/mezzanine/GNUmakefile \
robots/tracker/GNUmakefile \
robots/mezzanine/mezzcal/GNUmakefile robots/robomonitord \
wiki/GNUmakefile wiki/addwikiuser wiki/wikiproxy \
wiki/usertemplate wiki/webhometemplate wiki/LocalSite.cfg \
wiki/delwikiuser wiki/setwikigroups wiki/addwikiproj \
......
......@@ -1374,18 +1374,6 @@ outfiles="$outfiles Makeconf GNUmakefile \
install/libinstall.pm install/update-install install/update-testbed \
mote/GNUmakefile mote/tbuisp mote/tbsgmotepower mote/newmote \
mote/sgtools/GNUmakefile \
robots/GNUmakefile robots/tbsetdest/GNUmakefile \
robots/mtp/GNUmakefile robots/emc/GNUmakefile \
robots/emc/test_emcd.sh robots/emc/loclistener \
robots/vmcd/GNUmakefile robots/vmcd/test_vmc-client.sh \
robots/rmcd/GNUmakefile robots/primotion/GNUmakefile \
robots/primotion/test_gorobot.sh robots/primotion/dgrobot/GNUmakefile \
robots/mezzanine/GNUmakefile robots/mezzanine/rtk2/GNUmakefile \
robots/mezzanine/libfg/GNUmakefile \
robots/mezzanine/libmezz/GNUmakefile \
robots/mezzanine/mezzanine/GNUmakefile \
robots/tracker/GNUmakefile \
robots/mezzanine/mezzcal/GNUmakefile robots/robomonitord \
protogeni/GNUmakefile protogeni/security/GNUmakefile \
protogeni/xmlrpc/GNUmakefile protogeni/lib/GNUmakefile \
protogeni/scripts/GNUmakefile protogeni/etc/GNUmakefile \
......
......@@ -2293,7 +2293,7 @@ sub TempImageFile($)
my $name = $self->imagename();
if ($self->IsDirPath()) {
return $path . $name . ".ddz" . ($vers ? ":$vers" : "") . ".tmp";
return $path . $name . ".ndz" . ($vers ? ":$vers" : "") . ".tmp";
}
return $path . ".tmp";
}
......
......@@ -808,6 +808,7 @@ sub GetTicketAuxAux($$$$$$$$$$)
my %external_nodemap = ();
my %external_linkmap = ();
my %external_vportmap = ();
my %external_lanrefs = ();
# Always do this to avoid buildup.
$slice_experiment->ClearBackupState();
......@@ -2032,7 +2033,6 @@ sub GetTicketAuxAux($$$$$$$$$$)
}
my $edgecount = 0;
my $irefcount = 0;
foreach my $ref (@interfaces) {
my $node_nickname = GeniXML::GetInterfaceNodeId($ref);
......@@ -2042,7 +2042,6 @@ sub GetTicketAuxAux($$$$$$$$$$)
if (! GeniXML::IsVersion0($ref) && defined($iface_id)) {
$node_nickname = $iface2node{$iface_id};
}
$irefcount++;
#
# Look for links that are really lans; one of the interfaces
......@@ -2067,10 +2066,17 @@ sub GetTicketAuxAux($$$$$$$$$$)
# the user has specified something impossible.
#
if (exists($external_nodemap{$node_nickname})) {
next
if ($irefcount > 2);
my $external_noderef = $external_nodemap{$node_nickname};
my $manager_id = GeniXML::GetManagerId($external_noderef);
#
# There might be multiple external interfaces for the same
# lan in the case of "stitch to lan". We only care about the
# first one we see for each external stitch point.
#
next
if (exists($external_lanrefs{"${lanname}:${manager_id}"}));
my $stitchpath = GeniStitch->Lookup($lanname, $rspec);
if (! defined($stitchpath)) {
$response =
......@@ -2152,7 +2158,7 @@ sub GetTicketAuxAux($$$$$$$$$$)
$iface_vport = $external_vportmap{$node_nickname};
$external_vportmap{$node_nickname} += 1;
$external_linkmap{$lanname} = $linkref;
$external_lanrefs{"${lanname}:${manager_id}"} = $external_noderef;
# Allow rspec to provide IP for other side.
$ip = GeniXML::GetIp($ref, $external_noderef);
}
......
......@@ -190,6 +190,8 @@ CREATE TABLE `apt_instances` (
`servername` tinytext,
`monitor_pid` int(11) default '0',
`logfileid` varchar(40) default NULL,
`cert` mediumtext,
`privkey` mediumtext,
`rspec` mediumtext,
`params` mediumtext,
`manifest` mediumtext,
......
#
# APT stuff
#
use strict;
use libdb;
sub DoUpdate($$$)
{
my ($dbhandle, $dbname, $version) = @_;
if (!DBSlotExists("apt_instances", "cert")) {
DBQueryFatal("alter table apt_instances add ".
" `cert` mediumtext after logfileid");
}
if (!DBSlotExists("apt_instances", "privkey")) {
DBQueryFatal("alter table apt_instances add ".
" `privkey` mediumtext after cert");
}
return 0;
}
1;
# Local Variables:
# mode:perl
# End:
......@@ -46,6 +46,7 @@ use OSinfo;
use English;
use event;
use Data::Dumper;
use File::stat;
use IO::Handle;
use overload ('""' => 'Stringify');
......@@ -57,6 +58,7 @@ my $ELABINELAB = @ELABINELAB@;
my $PROJROOT = "@PROJROOT_DIR@";
my $WITHPROVENANCE= @IMAGEPROVENANCE@;
my $WITHDELTAS = @IMAGEDELTAS@;
my $IMAGEINFO = "$TB/sbin/imageinfo";
# Paths to binaries
my $TBUISP = "$TB/bin/tbuisp";
......@@ -1185,7 +1187,60 @@ sub WaitTillReloadDone($$$$$@)
return @failed;
}
#
# Grab the size and update the database.
#
sub GetImageSize($$$)
{
my ($self, $image, $node) = @_;
my $imagesize = 0;
my $imagepath = $image->FullImageFile();
#
# Perform a few validity checks: imageid should have a file name
# and that file should exist.
#
if (!defined($imagepath)) {
tberror "No filename associated with $image!";
return -1;
}
if (! -R $imagepath) {
#
# There are two reasons why a legit image might not be readable.
# One is that we are in an elabinelab and the image has just not
# been downloaded yet. The other is that we are attempting to
# access a shared (via the grantimage mechanism) image which the
# caller cannot directly access.
#
# For either case, making a proxy query request via frisbee will
# tell us whether the image is accessible and, if so, its size.
# "imageinfo" makes that call for us.
#
my $frisimageid = $image->pid() . "/" . $image->imagename();
my $sizestr = `$IMAGEINFO -qs -N $node $frisimageid`;
if ($sizestr =~ /^(\d+)$/) {
$imagesize = $1;
} else {
tberror "$image: access not allowed or image does not exist.";
return -1;
}
} else {
$imagesize = stat($imagepath)->size;
}
#
# A zero-length image cannot be right and will result in much confusion
# if allowed to pass: the image load will succeed, but the disk will be
# unchanged, making it appear that os_load loaded the default image.
#
if ($imagesize == 0) {
tberror "$imagepath is empty!";
return -1;
}
$image->SetFullSize($imagesize);
return 0;
}
#
# Return two array references (possbily empty) of:
......@@ -1730,8 +1785,14 @@ sub _CheckImages($$)
# always prefer the full image if we have it.
#
if (! ($image->HaveFullImage() || $image->HaveDeltaImage())) {
tberror "$image: no full or delta image file!";
return -1;
#
# This should be an error, but until we run imagevalidate
# over all images, we want to do it here.
#
if ($self->GetImageSize($image, $nodeobject)) {
tberror "$nodeobject: no full or delta image file!";
goto failednode;
}
}
if (! ($image->size() || $image->deltasize())) {
tberror "$image: no size info!";
......@@ -1994,8 +2055,8 @@ sub UpdatePartitions($$)
my $partname = "part${i}_osid";
my $partvers = "part${i}_vers";
my $osid = $rowref->{$partname};
my $vers = $rowref->{$partvers};
my $osid = $image->DBData()->{$partname};
my $vers = $image->DBData()->{$partvers};
if (defined($osid)) {
my $osinfo = OSinfo->Lookup($osid, $vers);
if (!defined($osinfo)) {
......@@ -2479,12 +2540,11 @@ sub SetupReload($$)
}
my $imageid = $images[0]->imageid();
my $osid = $image->default_osid();
my $osid = $images[0]->default_osid();
#
# Get the path to the image
#
my $path = $image->path();
my $path = $images[0]->path();
#
# Tell stated that we're about to start reloading
......@@ -2521,12 +2581,12 @@ sub Reload($$)
my @images = @{$self->GetImages($nodeobject)};
my $imageid = $images[0]->imageid();
my $osid = $image->default_osid();
my $osid = $images[0]->default_osid();
#
# Get the path to the image
#
my $path = $image->path();
my $path = $images[0]->path();
TBSetNodeEventState($node_id,TBDB_NODESTATE_RELOADING);
......
......@@ -318,7 +318,7 @@ sub SetupReload($$)
my @images = @{$self->GetImages($nodeobject)};
my $newimageid = $images[0]->imageid();
my $newpart = $images[0]->loadpart();
my $newosid = $image->default_osid();
my $newosid = $images[0]->default_osid();
if (@images > 1) {
tbwarn "$self ($node_id): switches can load only one image; using first!";
......
......@@ -628,6 +628,10 @@ my $isglobal = $image->global();
my $usepath = 0;
my $isdataset = $image->isdataset();
my $hackprefix= $PROJROOT . "/" . $image->pid() . "/images/";
if ($image->IsDirPath()) {
# Add in the directory.
$hackprefix .= basename($image->path()) . "/";
}
#
# If we are creating a signature file for this image, get the
......@@ -1340,17 +1344,23 @@ if ($delta && $deltapct > 0 && defined($logfile)) {
#
# The upload completed okay, so move the files into place so that
# imagevalidate finds them in the correct place.
#
if (system("/bin/mv -f $filename " .
($delta ?
$image->DeltaImageFile() : $image->FullImageFile()))) {
# imagevalidate finds them in the correct place. We have to watch for
# the case that usepath=1 (target is in /usr/testbed); we do not want
# to rename them to the target (will not work anyway), they have to
# stay in /proj. More succintly, we always move the new files to the
# hackprefix location.
#
if (system("/bin/mv -f $filename $hackprefix" .
basename(($delta ?
$image->DeltaImageFile() :
$image->FullImageFile())))) {
fatal("Could not move new image file into place");
}
if ($dstsigfile &&
system("/bin/mv -f $dstsigfile " .
($delta ?
$image->FullImageSigFile() : $image->FullImageSigFile()))) {
system("/bin/mv -f $dstsigfile $hackprefix" .
basename(($delta ?
$image->FullImageSigFile() :
$image->FullImageSigFile())))) {
fatal("Could not move new signature file into place");
}
......@@ -1366,15 +1376,12 @@ my $cname = "$imagepid/$imagename";
$cname .= ":$version"
if ($doprovenance);
my $tbopsmsg = "";
if ($isglobal && $usepath) {
if ($isglobal && ($usepath || $doprovenance)) {
$tbopsmsg =
"Did not update DB state for global image $cname\n".
"since image was written to '$filename' instead of $TB/images.\n".
($doprovenance ?
"Please run imagerelease when ready for release:\n".
" imagerelease -q $cname\n" :
"Move image into place and run:\n".
" $imagevalidate -u $cname\n");
"since image was written to '$filename' instead of $TB/images.\n\n".
"Please run imagerelease when ready for release:\n".
" imagerelease -q $cname\n";
}
elsif (system("$imagevalidate -u $cname") != 0) {
$tbopsmsg =
......
......@@ -179,7 +179,7 @@ if ($version0->path() =~ /^\/usr\/testbed/) {
my $vers0src = "$PROJROOT/" . $image->pid() . "/images/";
if ($version0->IsDirPath()) {
# Add in the directory.
$vers0src .= basename($version0->path());
$vers0src .= basename($version0->path()) . "/";
}
#
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment