Commit 8ef78cae authored by Leigh Stoller's avatar Leigh Stoller

Small changes to make it easier to rebuild a geni rack by

using a different wiring file, and a bundle of existing certs.
parent 1688857c
......@@ -29,17 +29,19 @@ my $CONFIGVARS = "$PREFIX/configvars.txt";
my $RACKVARS = "$PREFIX/etc/genirack/variables.txt";
my $RACKIPS = "$PREFIX/etc/genirack/ips.txt";
my $RACKILO = "$PREFIX/etc/genirack/ilo.xml";
my $RACKWIRES = "$TOP_SRCDIR/install/genirack/wiring-A.xml";
my $RACKWIRES = "$PREFIX/etc/genirack/wiring.xml";
my $RACKWIRESDEF = "$TOP_SRCDIR/install/genirack/wiring-A.xml";
my $ILOPASSWORD = "$PREFIX/etc/ilo.pswd";
my $ELABPASSWORD = "$PREFIX/etc/elabman.pswd";
my $HPPASSWORD = "$PREFIX/etc/switch.pswd";
my $PORTSRC = "http://www.emulab.net/downloads/FreeBSD-9.0-ports.tar.gz";
if ($FBSD_MAJOR >= 10) {
$PORTSRC = "http://www.emulab.net/downloads/FreeBSD-10.0-ports.tar.gz";
$PORTSRC = "http://www.emulab.net/downloads/FreeBSD-10.".
$FBSD_MINOR . "-ports.tar.gz";
}
my $ZZZ = "/usr/local/etc/rc.d/zzz-inelab.sh";
my $DEFAULTOSID = "UBUNTU14-64-STD";
my @EXPORTEDOSIDS= ("FBSD82-STD", "UBUNTU12-64-STD", "UBUNTU14-64-STD");
my @EXPORTEDOSIDS= ("UBUNTU12-64-STD", "UBUNTU14-64-STD");
my $PGOSSITEVAR = "protogeni/default_osname";
my $CHPASS = "/usr/bin/chpass";
my $SSHTB = "$PREFIX/bin/sshtb";
......@@ -499,10 +501,13 @@ sub Install($$$)
PhaseSkip("already added")
if ($query_result->numrows);
# Allow for rack specific wiring file.
my $wiring = (-e $RACKWIRES ? $RACKWIRES : $RACKWIRESDEF);
ExecQuietFatal("cd $TOP_OBJDIR/install/genirack; ".
" $SUDO -u $PROTOUSER $WAP ".
" perl mknewconfig -i $ILOIP ".
" /tmp/output $RACKIPS $RACKILO $RACKWIRES");
" /tmp/output $RACKIPS $RACKILO $wiring");
PhaseFail("initilo.sh not generated")
if (! -e "/tmp/output/initilo.sh");
......
......@@ -7,6 +7,7 @@ use installvars;
use File::stat;
my $INITCERTS = "$PREFIX/sbin/protogeni/initcerts";
my $OLDCERTS = "/usr/emulabcerts";
sub Install($$$)
{
......@@ -44,7 +45,29 @@ sub Install($$$)
PhaseSkip("Protogeni installed")
if (-e "$ETCDIR/.protogeni_registered");
ExecQuietFatal("cd $TOP_OBJDIR/protogeni/scripts; perl ./initsite");
#
# This is for complete regen of an existing site, but we
# want to retain the old key/cert, as for a genirack rebuild.
#
my $extraopt = "";
if (-e "$OLDCERTS/genisa.pem" &&
-e "$OLDCERTS/genicm.pem" &&
-e "$OLDCERTS/genises.pem" &&
-e "$OLDCERTS/genirpc.pem") {
foreach my $name ("genicm.pem", "genisa.pem",
"genises.pem", "genirpc.pem") {
my $old = "$OLDCERTS/$name";
my $new = "$ETCDIR/$name";
ExecQuietFatal("$CP -p $old $new");
}
# Prevent reregistration of old certs.
$extraopt = "-n";
}
ExecQuietFatal("cd $TOP_OBJDIR/protogeni/scripts; ".
" perl ./initsite $extraopt");
PhaseSucceed("Protogeni installed");
};
Phase "version_info", "Initializing version_info table", sub {
......
......@@ -6,6 +6,8 @@ use libinstall;
use installvars;
my $APACHE_START = $APACHE_START_COMMAND;
my $OLDEMULABKEY = "/usr/emulabcerts/emulab.key";
my $OLDEMULABPEM = "/usr/emulabcerts/emulab.pem";
sub Install($$$)
{
......@@ -52,6 +54,18 @@ sub Install($$$)
}
Phase "sslgen", "Generating SSL certificates", sub {
DoneIfExists("$TOP_OBJDIR/ssl/$EMULAB_PEM");
#
# This is for complete regen of an existing site, but we
# want to retain the old key/cert, as for a genirack rebuild.
#
if (-e $OLDEMULABPEM && -e $OLDEMULABKEY && $PGENISUPPORT) {
ExecQuietFatal("$GMAKE -C $TOP_OBJDIR/ssl prebuild");
ExecQuietFatal("$CP -p $OLDEMULABKEY $TOP_OBJDIR/ssl");
ExecQuietFatal("$CP $OLDEMULABPEM $TOP_OBJDIR/ssl");
# Prevent reregistration of old certs.
ExecQuietFatal("$TOUCH $ETCDIR/.protogeni_federated");
}
ExecQuietFatal("$GMAKE -C $TOP_OBJDIR/ssl remote-site");
};
if ($isupdate) {
......
......@@ -12,7 +12,8 @@ my $RACKNTPCONF = "$TOP_SRCDIR/install/genirack/ntp.conf";
my $ETCNTPCONF = "/etc/ntp.conf";
my $PORTSRC = "http://www.emulab.net/downloads/FreeBSD-9.0-ports.tar.gz";
if ($FBSD_MAJOR >= 10) {
$PORTSRC = "http://www.emulab.net/downloads/FreeBSD-10.0-ports.tar.gz";
$PORTSRC = "http://www.emulab.net/downloads/FreeBSD-10.".
$FBSD_MINOR . "-ports.tar.gz";
}
sub Install($$$)
......
#!/usr/bin/perl -w
#
# Copyright (c) 2008-2014 University of Utah and the Flux Group.
# Copyright (c) 2008-2015 University of Utah and the Flux Group.
#
# {{{GENIPUBLIC-LICENSE
#
......@@ -40,9 +40,10 @@ sub usage()
print "Usage: initpgenisite\n";
exit(1);
}
my $optlist = "";
my $optlist = "n";
my $asch = @PROTOGENI_ISCLEARINGHOUSE@;
my $cflag = ($asch ? "-c" : "");
my $noregister = 0;
#
# Configure variables
......@@ -132,6 +133,9 @@ my %options = ();
if (! getopts($optlist, \%options)) {
usage();
}
if (defined($options{"n"})) {
$noregister = 1;
}
#
# People seem to miss this.
......@@ -148,7 +152,7 @@ if ($PGENIDOMAIN =~ /^unknown/i) {
if (system($FIXROOTCERT)) {
fatal("Could not fix root certificate");
}
else {
elsif (!$noregister) {
unlink( "$TB/etc/.protogeni_federated" );
}
......@@ -491,7 +495,7 @@ else {
};
}
if (!$asch) {
if (!$asch && !$noregister) {
#
# Register the certificates at the clearinghouse.
#
......
......@@ -56,7 +56,9 @@ include $(TESTBED_SRCDIR)/GNUmakerules
#
pems: emulab.pem server.pem client.pem
emulab.pem: dirsmade mkserial emulab.cnf emulab-geni.cnf emulab.key
prebuild: dirsmade emulab.cnf emulab-geni.cnf
emulab.pem: dirsmade emulab.cnf emulab-geni.cnf emulab.key
#
# Create the Certificate Authority.
# The certificate is installed on both boss and remote nodes.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment