Add metadata_utl and imagefile_url to the images table; this is to be
used with image export/import.

span experiments.

about dual vs equal trunking when doing experimental lans
on the control network.

Probe Cluster. The problem is that the IFB is a shared network that
every node attaches to, which can looks like an ethernet device that
can ifconfig'ed. In other words, one big lan.

But we still want the user to be able to create a lan so that they can
interact with it in thei NS file like any other network.

The NS syntax is:

	set lan2 [$ns make-lan "node1 node2 node3" * 0ms]
	tb-set-switch-fabric $lan2 "infiniband"

The switch fabric tells the backend to do IP assignment for the
specific global network. Yes, I tried to be a little but general
purpose. Lets see how this actually turns out.

This first commit treats the fabric as a single big lan on the same
subnet.

NOTE 1: Since the unroutable IP space is kinda small, but the Probe
Cluster is really big, we can easily run out of bits if we tried to do
assignment on virtual topos. Instead, fabrics get their IP allocation
at swapin time, and the allocations are deleted when the experiment is
swapped out. The rationale is that the number of swapped in
experiments is much much smaller then the number of possible topos
that can be loaded into the DB. Still might run out, but less likely.

The primary impact of above is that IP assignments can change from
one swap to another, but this is easy to deal with if the user is
scripting their experiment; the IP allocation is available via the
XMLRPC interface.

NOTE 2: The current code allocates from a single big network, which
makes it easy for users to mess each other up if they start doing
things by hand. Ultimately, we want each lan in each experinent to use
their own subnet, but that is going to take more work, so lets do it
in the second phase.

The definition of "network fabrics" is in the new network_fabrics
tables. As an example for probe:

	INSERT INTO `network_fabrics` set
		idx=NULL,
		name='ifband',
		created=now(),
		ipalloc=1, ipalloc_onenet=1,
		ipalloc_subnet='192.168.0.0',ipalloc_netmask='255.255.0.0'

This allows us to more easily disable a subboss in the event of a temporary
subboss outage (e.g., hardware failure). Previously we would have to remove
the related rows from the DB and restore them later.

and provide a web interface to look at them.

For InstaGeni, need to record and be able to search for history by
control net mac address. We now record this in the node_history table,
with corresponding change to the ShowNodeHistory web page.

The backend changes required are that we 1) actually generate a mac
address for VMs and stick it into the interfaces record, 2) return
that mac from tmcd in the jailconfig, and 3) have the openvz library
create the control net interface using that mac.

On the openvz image, needed to switch to using a control network
bridge for all interfaces (not just routable ones) so that traffic
leaves the node with the correct mac.

address that is assigned. For ProtoGeni.

We had a couple of different problems actually.

* We allow users to insert html into many DB fields (say, a project or
  experiment description).

* We did not sanitize that output when displaying back.

* We did not sanitize initial page arguments that were reflected in the
  output (say, in a form).

Since no one has the time to analyze every line of code, I took a couple of
shortcuts. The first is that I changed the regex table to not allow any <>
chars to go from the user into the DB. Brutal, but in fact there are only a
couple of places where a user legitimately needs them. For example, a
startup command that includes redirection. I handle those as special
cases. As more come up, we can fix them.

I did a quick pass through all of the forms, and made sure that we run
htmlspecialchars on everything including initial form args. This was not
too bad cause of the way all of the forms are structured, with a
"formfields" array.

I also removed a bunch of obsolete code and added an update script to
actually remove them from the www directory.

Lastly, I purged some XMLRPC code I did a long time ago in the Begin
Experiment path. Less complexity, easier to grok and fix.

	modified:   sql/database-fill.sql
	modified:   sql/dbfill-update.sql

Documentation to follow.

clone_image is a wrapper around newimageid_ez and create_image, that
simplifies the most common operation; creating a new imageid derived
from the image/os that is currently running in the node, and then
taking a snapshot of the node. So for example, if node pcXXX is
running image FREEBSD, and you want to create a custom image from that
node, all you need to do:

	boss> clone_image myfreebsd pcXXX

which will create the new descriptor, deriving everything from the
FREEBSD image on the node, and then take a snapshot from pcXXX. If
the descriptor already exists, just take the snapshot.

So what if you do:

	boss> clone_image FREEBSD pcXXX

well, the image is always looked up in the project the node is
currently attached to, so in fact a new descriptor is created in that
project, and you do not actually overwrite an image from some other
project. 

I've added some locking to images to prevent concurrent snapshots.
This seemed like a good idea since this script is going to be used
from the ProtoGeni interface. More on this in another commit.

them as an interface_type in the interfaces table, we should have
them.

This reverts commit a087c9e3.

Validate those SQL args!

NOTE: we also ensure that the reporting node is listed as a legit tip server
in the tipservers table. This means that capture may stop working on nodes
whose servers are not in the table! SQL update 291 will add any servers
listed in tiplines entries that are not in tipservers to prevent this breakage.

them to KEY.

Also, when calling with -A (showall) and -n (number of records),
lets not read the entire 5 million rows and then throw away everything
but the first 20. Takes about an hour.

In general this script needs some work.  Would also be nice to page
through records by specifying an index to start with.

Add cnet_ip and phys_nodeid slots, and change the type field enum
adding create and destroy.

shared, I mean that an experiment can request that a port be put into
a vlan belonging to another experiment. This started out as a hack to
support openflow enabled vlans in Geni, but then I got a request to
make it a little more general purpose. You all know how that goes.

Okay, say you have an experiment E1 in some project and that
experiment has a link or lan call "lan0". You want other experiments
to be able to stick ports in that vlan. On boss, you would do this
after E1 is swapped in:

boss> wap sharevlan -o testbed,E1 lan0 mysharedlan

The -o option says to make the vlan open to anyone; without that
option, only admins can swap in an experiment that requests a port in
lan0.  The token "mysharedlan" is just a level of indirection for the
NS file (or rspec).

Next you create a new experiment E2, and in your NS file:

	$ns make-portinvlan $n1 "mysharedlan"

which says to create a lan with a interface on node n1, in the vlan
named by the token mysharedlan. The token keeps specific pid/eids out
of the NS file. 

When E2 is swapped in, assign does its thing, and the selected port is
added to the members list for lan0 in testbed,E1 and then we call
snmpit with the syncvlansfromtables (-X) option to get the port added.

When E2 is swapped out, we undo the members list and call snmpit with
the -X option again.

The access issue is a bit of hack of course (open or admins) but I did
not want to invent a new permission mechanism (yet).

And of course, this is still a work in progress.

Previously a number of invalid transitions were allowed due to the way the
check was coded. Note that this change has no functional impact as detected
invalid transitions were allowed anyway. Essentially this just changes what
gets logged.

management interfaces more of a first class citizen instead of a
hack. New script:

management_iface -t <type> -a [key|pswd] [-s <switchinfo>]
                        <node_id> mac IP arg1 arg2
management_iface -r <node_id>
  -h       This message
  -t type  Management type; ilo, ilo2, drac
  -s info  Optional switch info; switch,card,port
  -s -     Search output of switchmac to find switch info
  -a pswd  Password auth; provide login and password.
  -a key   SSH key auth; provide login and key path.
  -r       Remove management interface from DB.

which adds the management interface to the database (interfaces,
outlets and outlets_remoteauth. Optionally adds the wires table
entry if you add -s option. Uses switchmac to find the switch info or
you can specify it on the command line. So for example, here is what I
did to add the ilo2 interface for a node:

management_iface -t ilo2 -a pswd -s - pc1 e8:39:35:ae:c9:7c \
                 155.98.34.100 elabman mypasswd
or
management_iface -t ilo2 -a key -s - pc1 e8:39:35:ae:c9:7c \
                 155.98.34.100 elabman /root/.ssh/somekey

Of course someone had to have added the elabman user and key or
password to the ilo config via its interface. 

* dhcpd_makeconf will add local node management interfaces to the
  config file. We can set them to dhcp instead of hardwiring the IP in
  the management interface.

* The DB changes add a management type to the enums in the interfaces
  and wires table, and updates the existing interface entries.