Commit 97ccfb43 authored by Leigh B Stoller's avatar Leigh B Stoller

Split max_sliver_lifetime sitevar into max_sliver_lifetime (for the

CM) and max_slice_lifetime (for the SA) so that slice credentials and
slivers can have max different expirations. This is so a CM can can
limit easily limit slivers so they do not hang out for months doing
nothing.
parent 26a219b9
......@@ -418,22 +418,27 @@ sub Register($)
# Do we need a policy limit?
# A sitevar controls the sliver lifetime.
#
my $max_sliver_lifetime = 0;
if (!libEmulab::GetSiteVar('protogeni/max_sliver_lifetime',
\$max_sliver_lifetime)) {
my $max_slice_lifetime = 0;
if (!libEmulab::GetSiteVar('protogeni/max_slice_lifetime',
\$max_slice_lifetime)) {
# Cannot get the value, default it to 90 days.
$max_sliver_lifetime = 90;
$max_slice_lifetime = 90;
}
my $diff = $when - time();
if ($diff < (60 * 5) || $diff > (3600 * 24 * $max_sliver_lifetime)) {
$message = "valid_until out of range";
if ($diff < (60 * 5)) {
$message = "such a short life for a slice? More time please.";
goto bad;
}
elsif ($diff > (3600 * 24 * $max_slice_lifetime)) {
$message = "expiration is greater then the maximum number ".
"of minutes " . (60 * 24 * $max_slice_lifetime);
goto bad;
}
bad:
if (defined($message)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef, $message);
return GeniResponse->Create(GENIRESPONSE_ERROR,
undef, $message);
}
$expires = $when;
}
......@@ -864,17 +869,22 @@ sub RenewSlice($)
# Do we need a policy limit?
# A sitevar controls the sliver lifetime.
#
my $max_sliver_lifetime = 0;
if (!libEmulab::GetSiteVar('protogeni/max_sliver_lifetime',
\$max_sliver_lifetime)) {
my $max_slice_lifetime = 0;
if (!libEmulab::GetSiteVar('protogeni/max_slice_lifetime',
\$max_slice_lifetime)) {
# Cannot get the value, default it to 90 days.
$max_sliver_lifetime = 90;
$max_slice_lifetime = 90;
}
my $diff = $when - time();
if ($diff < (60 * 5) || $diff > (3600 * 24 * $max_sliver_lifetime)) {
$message = "expiration out of range";
if ($diff < (60 * 5)) {
$message = "such a short life for a slice? More time please.";
goto bad;
}
elsif ($diff > (3600 * 24 * $max_slice_lifetime)) {
$message = "expiration is greater then the maximum number of minutes ".
(60 * 24 * $max_slice_lifetime);
goto bad;
}
if ($when < time()) {
......
......@@ -82,7 +82,8 @@ INSERT INTO sitevariables VALUES ('general/joinproject/admincheck','1','0','When
INSERT INTO sitevariables VALUES ('protogeni/allow_externalusers','1','1','When set, external users may allocate slivers on your testbed.',0);
INSERT INTO sitevariables VALUES ('protogeni/max_externalnodes',NULL,'1024','When set, external users may allocate slivers on your testbed.',0);
INSERT INTO sitevariables VALUES ('protogeni/cm_uuid','28a10955-aa00-11dd-ad1f-001143e453fe','','The UUID of the local Component Manager.',0);
INSERT INTO sitevariables VALUES ('protogeni/max_sliver_lifetime','90','90','The maximum sliver lifetime. When set limits the lifetime of a sliver.',0);
INSERT INTO sitevariables VALUES ('protogeni/max_sliver_lifetime','90','90','The maximum sliver lifetime. When set limits the lifetime of a sliver on your CM. Also see protogeni/max_slice_lifetime.',0);
INSERT INTO sitevariables VALUES ('protogeni/max_slice_lifetime','90','90','The maximum slice credential lifetime. When set limits the lifetime of a slice credential. Also see protogeni/max_sliver_lifetime.',0);
INSERT INTO sitevariables VALUES ('protogeni/max_components','-1','-1','Maximum number of components that can be allocated. -1 indicates any number of components can be allocated.',0);
INSERT INTO sitevariables VALUES ('general/minpoolsize','3','1','The Minimum size of the shared pool',0);
INSERT INTO sitevariables VALUES ('general/maxpoolsize','5','1','The maximum size of the shared pool',0);
......
#
# Add new sitevar for protogeni.
#
use strict;
use libdb;
sub DoUpdate($$$)
{
my ($dbhandle, $dbname, $version) = @_;
if (!TBSiteVarExists("protogeni/max_slice_lifetime")) {
DBQueryFatal("insert into `sitevariables` values " .
"('protogeni/max_slice_lifetime', '90', '90', " .
"'The maximum slice credential lifetime. When set limits the " .
"lifetime of a slice credential. ".
"Also see protogeni/max_sliver_lifetime.',0)");
}
DBQueryFatal("update sitevariables set description = " .
"'The maximum sliver lifetime. When set limits the lifetime " .
"of a sliver on your CM. ".
"Also see protogeni/max_slice_lifetime.' ".
"where name = 'protogeni/max_sliver_lifetime'");
return 0;
}
1;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment