Commit fb85c44d authored by Leigh Stoller's avatar Leigh Stoller

More OPSVM changes; now boss can be a XEN VM. The wrinkle here is that

if we need to assign a routable IP to boss, we also need a routable IP
for the OPS VM, and the easiest way to do that is with an address
pool (count=1). Also changes to pass that IP address to the XEN
clientside code so that it alters the antispoofing firewall rules
that every XEN VM gets.
parent efc63462
......@@ -688,15 +688,6 @@ sub DumpDBGoo()
die("*** $0:\n".
" Could not chmod $statedir\n");
#
# No place else for this; when ops is a vm on boss, need to generate
# a proper IP that is routable on the control network.
#
my $attributes = $experiment->GetElabInElabAttrs();
die("*** $0:\n".
" Could not get elabinelab attributes\n")
if (!defined($attributes));
#
# These tables are dumped completely.
#
......
#
# Copyright (c) 2004-2018 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
# This file is part of the Emulab network testbed software.
#
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
#
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
# License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this file. If not, see <http://www.gnu.org/licenses/>.
#
# }}}
#
#
# This file is intended to be included into another NS file. It is not
# a stand alone file.
#
set myboss [$ns node]
tb-set-node-inner-elab-role $myboss boss+fs+router
tb-set-elabinelab-attribute CONFIG_OPSVM 1
tb-set-elabinelab-attribute OPSNODE myops
set srvtype pcvm
set nodetype pcslow
tb-set-colocate-factor 2
tb-set-node-failure-action $myboss "nonfatal"
if {[info exists ::TBCOMPAT::elabinelab_hardware("boss")]} {
namespace eval TBCOMPAT {
tb-set-hardware $myboss $elabinelab_hardware("boss")
if {$elabinelab_hardware("boss") == "d820-vm"} {
$myboss add-desire "d820-explicit" 1.0
}
}
} else {
tb-set-hardware $myboss $srvtype
}
if {[info exists ::TBCOMPAT::elabinelab_fixnodes("boss")]} {
namespace eval TBCOMPAT {
tb-fix-node $myboss $elabinelab_fixnodes("boss")
}
}
# Deal with tarfiles
set myboss_tarfiles ""
if {${::TBCOMPAT::elabinelab_source_tarfile} != ""} {
append myboss_tarfiles "/usr/src ${::TBCOMPAT::elabinelab_source_tarfile}"
}
if {[info exists ::TBCOMPAT::elabinelab_tarfiles("boss")]} {
if {$myboss_tarfiles != ""} {
append myboss_tarfiles " "
}
namespace eval TBCOMPAT {
append myboss_tarfiles $elabinelab_tarfiles("boss")
}
}
if {$myboss_tarfiles != ""} {
tb-set-node-tarfiles $myboss $myboss_tarfiles
}
#
# This is passed in by the parser, when wrapping an existing experiment.
# The parser wrapper gets info about the wrapped experiment and passes it
# along in the TBCOMPAT namespace.
#
if { ${::TBCOMPAT::elabinelab_maxpcs} != 0 } {
set maxpcs ${::TBCOMPAT::elabinelab_maxpcs}
} else {
set maxpcs 0
}
set lanstr "myboss "
for {set i 1} {$i <= $maxpcs} {incr i} {
set name "mypc${i}"
set $name [$ns node]
append lanstr "[set $name] "
tb-set-node-inner-elab-role [set $name] node
if {[info exists ::TBCOMPAT::elabinelab_nodeos($name)]} {
namespace eval TBCOMPAT {
tb-set-node-os [set $name] $elabinelab_nodeos($name)
}
}
#
# This does not work! I have no idea why, I hate TCL!
#
if {[info exists ::TBCOMPAT::elabinelab_fixnodes($name)]} {
namespace eval TBCOMPAT {
tb-fix-node [set $name] $elabinelab_fixnodes($name)
}
} elseif {[info exists ::TBCOMPAT::elabinelab_hardware($name)]} {
namespace eval TBCOMPAT {
tb-set-hardware [set $name] $elabinelab_hardware($name)
}
} else {
tb-set-hardware [set $name] $nodetype
}
}
if { ${::GLOBALS::elabinelab_singlenet} == 0 } {
set publiclan [$ns make-lan $lanstr 100Mb 0ms]
tb-set-ip-lan $myboss $publiclan 10.200.1.252
for {set i 1} {$i <= $maxpcs} {incr i} {
set name "mypc${i}"
tb-set-ip-lan [set $name] $publiclan 10.200.1.$i
}
}
set xenos XEN46-64-STD
if {[info exists ::TBCOMPAT::elabinelab_nodeos("xenhost")]} {
namespace eval TBCOMPAT {
set xenos $elabinelab_nodeos("xenhost")
}
}
if {[info exists ::TBCOMPAT::elabinelab_nodeos("boss")]} {
namespace eval TBCOMPAT {
tb-set-node-os $myboss $elabinelab_nodeos("boss") $xenos
}
} else {
tb-set-node-os $myboss FBSD111-64-STD $xenos
}
#
# Special stuff to set the IP and mask for the xen nodes. Temporary
# until we have a well defined method to assign publically routable
# addresses to containers.
#
set bossip [tb-get-elabinelab-role-attribute "boss" "BOSS_JAILIP"]
if { $bossip != {} } {
set bossipmask [tb-get-elabinelab-role-attribute "boss" "BOSS_JAILIPMASK"]
if { $bossipmask != {} } {
$myboss add-attribute "jailip" $bossip
$myboss add-attribute "jailipmask" $bossipmask
}
} else {
set routable [tb-get-elabinelab-role-attribute "boss" "ROUTABLE_IP"]
if { $routable != {} } {
$myboss add-attribute "routable_control_ip" "true"
}
}
set bossfw [tb-get-elabinelab-role-attribute "boss" "CONFIG_FIREWALL_BOSS"]
if { $bossfw != {} } {
$myboss add-attribute XEN_IPFWKERNEL yes
}
#
# We need to tell the XEN host to bump the size of partition four. In GB
#
$myboss add-attribute XEN_EXTRAFS 50
# Tell XEN setup the image we want to load in slice 2 for the OPS jail.
$myboss add-attribute XEN_SLICE2IMAGE emulab-ops/FBSD111-64-STD
# Need to make sure that rc.mkelab sees this too. It does the actual load.
tb-set-elabinelab-role-attribute "boss" OPSVM_IMAGE emulab-ops/FBSD111-64-STD
#
# CPUs.
# XXX can only support more than 1 right now with FreeBSD 10.0.
#
set bosscpus [tb-get-elabinelab-role-attribute "boss" "XEN_CORES"]
if { $bosscpus != {} } {
$myboss add-attribute XEN_CORES $bosscpus
} else {
$myboss add-attribute XEN_CORES 1
}
#
# Memory.
# XXX note default of 1000 rather than 1024 so it maps on pc3000?
#
set bossmem [tb-get-elabinelab-role-attribute "boss" "XEN_MEMSIZE"]
if { $bossmem != {} } {
$myboss add-attribute XEN_MEMSIZE $bossmem
} else {
$myboss add-attribute XEN_MEMSIZE 1000
}
# -*- tcl -*-
#
# Copyright (c) 2000-2016 University of Utah and the Flux Group.
# Copyright (c) 2000-2018 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
......@@ -931,6 +931,14 @@ Simulator instproc run {} {
}
}
if [info exists ::TBCOMPAT::virt_address_pools] {
set fields [list "pool_id" "count"]
foreach key [array names ::TBCOMPAT::virt_address_pools] {
$self spitxml_data "virt_address_allocation" \
$fields [list $key $::TBCOMPAT::virt_address_pools($key)]
}
}
$self spitxml_finish
}
......
# -*- tcl -*-
#
# Copyright (c) 2000-2016 University of Utah and the Flux Group.
# Copyright (c) 2000-2018 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
......@@ -192,6 +192,9 @@ namespace eval TBCOMPAT {
variable EINEVALUE {^([-\w\.\+\,\s\/:\@]+)$}
variable EINEORDER {^\d+$}
# Address Pool.
variable virt_address_pools
# virt blobs stuff
variable vblob_id_count 0
variable virt_blobs {}
......@@ -573,6 +576,12 @@ proc tb-set-node-service {service args} {
}
}
proc tb-add-address-pool {id count} {
var_import ::TBCOMPAT::virt_address_pools
set virt_address_pools($id) $count
}
proc tb-add-node-service-hook {service args} {
var_import ::TBCOMPAT::servicenames
var_import ::TBCOMPAT::servicepoints
......
#!/usr/bin/perl -w
#
# Copyright (c) 2000-2017 University of Utah and the Flux Group.
# Copyright (c) 2000-2018 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
......@@ -1117,6 +1117,14 @@ sub doSwapin($) {
$stackarg = "-S $perexpstack --skip-supplied";
}
# Need this early in case elabinelab OPS is a VM on boss on a XEN VM.
if ($elabinelab && ($type == REAL || $type == MODIFY)) {
if ($experiment->AssignElabInElabOpsIP()) {
tberror "Failed to allocate IP for elabinelab OPSVM\n";
return 1;
}
}
#
# When doing a modify, we have to compare vlans to determine which
# vlans actually changed and need to be deleted, before processing
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment