1. 06 Nov, 2018 1 commit
  2. 05 Nov, 2018 6 commits
    • Leigh Stoller's avatar
      Working Mellanox user alloc switch support (issue #445): · 95e7bded
      Leigh Stoller authored
      * The primary problem with the mellanox is that the install image does a
        kexec out of ONIE into Linux, spends 30+ minutes doing stuff, and then
        reboots. This throws the reload state machine out of whack cause we do
        not get a chance to send the RELOADDONE state. So ... some change to
        rc.testbed and rc.reload on the USB dongle: the ONIE MFS sends
        RELOADING and writes a flag file to the ONIE partition on the
        "disk" (not the usb). Then the kexec into MLNX, the install happens,
        and reboots. The next boot into ONIE sees the flag file, erases it and
        sends REDLOADDONE. Waits for a bit, and then continues on the normal
        path. This abuses stated in that there a whiny messages in the stated
        log file, but I am immune to stated whining.
      
      * Another item of note is that the switch DHCPs, but only to get the IP
        info, there is no ability to give it an initial config file like we
        can with the Dell switches. The main problem here is that the switch
        comes up with its default login/password which is obviously well known
        cause its in the manual. That means there is a window where the switch
        is vulnerable, but since we block the switches from the public side,
        this is not a serious problem. As soon as we can get in (sshd is
        running) we login and update the config with passwords, keys,
        etc.
      
      * Other changes to the machine dependent osload library module, I had
        done some of this before switching to the Dells way back when, but it
        needed to be updated/completed.
      95e7bded
    • Leigh Stoller's avatar
      Changes to how we handle/report mapping failures that also fail the · 11074445
      Leigh Stoller authored
      empty testbed test.
      
      Prior to this commit, we were not invoking the empty testbed case
      consitently. Now we do, but that exposed another problem; reporting that
      to the error to the Portal in a meaningful way. Basically, we can report
      a different error code for an impossible to map error, but then we lose
      the info we store now about what the actual failure was (which we show
      to the user with additional helpful info). Since we cannot (easily)
      change the Geni API for CreateSliver(), I have elected to continue the
      practice of returning the specific error codes (which also go into the
      database for long term historical info), and add more helpful text that
      for the Portal user that explains clearly that the mapping is impossible
      on the target cluster. This extra text also go into the database in the
      attached message field, so we ccan come back later and post process if
      we decide to do something different.
      11074445
    • Leigh Stoller's avatar
    • Leigh Stoller's avatar
      7eeaa0fc
    • Leigh Stoller's avatar
      Allow NTPSERVER override in the NS file. · 849432e1
      Leigh Stoller authored
      849432e1
    • Leigh Stoller's avatar
  3. 30 Oct, 2018 5 commits
  4. 29 Oct, 2018 2 commits
  5. 26 Oct, 2018 10 commits
  6. 25 Oct, 2018 10 commits
    • Aleksander Maricq's avatar
      Add defs file for amaricq · 2f41610c
      Aleksander Maricq authored
      2f41610c
    • Leigh Stoller's avatar
    • David Johnson's avatar
      Replace the Docker entrypoint/cmd/env implementation for augmented images. · a986a085
      David Johnson authored
      (Also, add support for user to change container entrypoint at runtime.
      Note also that the server side now stores the entrypoint/cmd/env
      attributes as base64url-encoded virt_node_attributes, so that we can
      just use the existing table_regex for those values.)
      
      We add a new runit service (/etc/service/dockerentrypoint) to
      clientside/tmcc/linux/docker/dockerfiles/common to handle the
      entrypoint/cmd/env/workingdir/user emulation.  From the comments:
      
        Docker's semantics for ENTRYPOINT/CMD vary depending on if those
        values are specified as arrays of string, or simple as single strings
        (which must be interpreted by /bin/sh -c).
      
        Handling all the quoting possibilities in the shell is a major pain.
        So, this script handles the basic stuff (in particular, sourcing env
        vars, because we want the shell to interpret them!) -- then execs our
        perl companion script (run.pl) to deal with the entrypoint/command
        files that libvnode_docker::emulabizeImage and
        libvnode_docker::vnodeCreate populated.
      
        libvnode_docker creates these single-line files in /etc/emulab/docker
        as either string:hexstr(<entrypoint-or-cmd-string>), or
        array:hexstr(a[0]),hexstr(a[1])... .  This allows us to preserve the
        original type of the image's entrypoint/cmd as well as the runtime
        entrypoint/cmd, and to preserve the exact bytes for the eventual final
        call to exec.
      
        The static files builtin to an emulabized image are
        /etc/emulab/docker/{entrypoint.image,cmd.image}, and those created
        dynamically at runtime if user changes the entrypoint or cmd are
        bind-mounted to /etc/emulab/docker{entrypoint.runtime,cmd.runtime}.
      
        Given the presence (or absence!) of those files, this script
        implements the emulation, based upon the content in those files.
      a986a085
    • David Johnson's avatar
      993e9f8c
    • David Johnson's avatar
      e48155a7
    • Mike Hibler's avatar
      Tweaks for 2018Q4 port set. · f3dc1bfe
      Mike Hibler authored
      f3dc1bfe
    • Leigh Stoller's avatar
      Minor fix to repo based profile update. · 671c9a48
      Leigh Stoller authored
      671c9a48
    • Leigh Stoller's avatar
      Turn on image tracking. · d43e6a81
      Leigh Stoller authored
      d43e6a81
    • Mike Hibler's avatar
    • Mike Hibler's avatar
      Introduce a full port of m2crypto rather than a wrapper. · 7257198b
      Mike Hibler authored
      The full port is fixed at version 0.29.1. The latest version that was
      wraped, version 0.30.1 has problems with unicode to "string" conversions.
      This explicitly caused an exception from the m2crypto SWIG stubs for libssl.
      Even after fixing that, we still could not verify a certificate due to apparent
      missing chars in strings.
      7257198b
  7. 24 Oct, 2018 3 commits
    • Leigh Stoller's avatar
      Fixes for DeleteNodes(): · c14472f9
      Leigh Stoller authored
      * When deleting a lan can there is only one interface left, need to go
        back and delete the interface from the last node. Else its a malformed
        rpsec (which we have been ignoring), but it was passing through to the
        manifest, which made it a malformed manifest.
      
      * But a later bug was causing that now removed interface to sneak back
        in via the old copy of the manifest in the database.
      
      * Also fix a bug that was causing multiple versions of the site_info
        element to get inserted during an update.
      
      * Remove code that updates the manifest in the DB, use the existing
        Aggregate->UpdateManifest() method instead.
      c14472f9
    • Mike Hibler's avatar
      Changes for Arduino I did a while back. · c2387c9b
      Mike Hibler authored
      Avoid gratuituous serial line signal changes when opening up the USB
      device for the Arduino. Otherwise, the Arduino will reset its state.
      c2387c9b
    • Leigh Stoller's avatar
      Minor fix; we let users delete profiles (or versions) while there is an · e234b170
      Leigh Stoller authored
      experiment running that uses that profile. A small bug here prevented
      the Terminate button from getting enabled. In general though, I wonder
      if we should not allow a profile to be deleted while its instantiated. :-)
      e234b170
  8. 23 Oct, 2018 3 commits