1. 20 Oct, 2008 1 commit
    • Mike Hibler's avatar
      Started getting a strange RPC timeout from ops when trying to do the · 6c6b2ee2
      Mike Hibler authored
      "umount -A -t nfs".  As far as I can tell, the umount really works even with
      the error.  I also cannot reproduce this manually.  Since we always intended
      for a failure of this step to be non-fatal, I actually made it that way.
      
      Why go after the root cause when you can treat the symptom!
      6c6b2ee2
  2. 17 Oct, 2008 1 commit
  3. 15 Oct, 2008 1 commit
  4. 06 Oct, 2008 1 commit
  5. 25 Sep, 2008 7 commits
  6. 23 Sep, 2008 1 commit
  7. 22 Sep, 2008 3 commits
  8. 19 Sep, 2008 1 commit
  9. 10 Sep, 2008 3 commits
  10. 09 Sep, 2008 1 commit
  11. 03 Sep, 2008 3 commits
  12. 29 Aug, 2008 4 commits
    • Leigh B. Stoller's avatar
      16bccb22
    • Leigh B. Stoller's avatar
      abc77681
    • Leigh B. Stoller's avatar
      7d3a83a0
    • Leigh B. Stoller's avatar
      A set up small changes for GENI. · f28bbfa6
      Leigh B. Stoller authored
      * Hacky tmcd redirection. If the reserved table slot tmcd_redirect is
        set, return redirect spec that tells the client tmcc to drop the
        connection and retry the server at the new location, using the vnode
        id that is part of the redirection string. Note that tmcd_redirect
        is set on the remote emulab by the Geni startsliver code.
      
      * Neuter the privkey stuff that we require of remote nodes. In fact,
        its already only required for RON nodes, and rather then yet another
        exception, just kill it. It offers us nothing.
      
      * Neuter the ssl client verification. This is where we verify the
        client certificate has a CN field with the type of the node equal to
        type the DB says it is. This is also a pointless check since is
        offers us nothing additional; the client certificate already had to
        be signed by us. Tired of adding special cases to the code for each
        new node type.
      
      * Temporary neutering of the requirement that all remote nodes use ssl
        to talk to tmcd. The problem here is that remote nodes on other
        testbeds will not have the proper certificate on their images, and
        so they will not be able to talk to our tmcd. Since we do not return
        anything sensitive via tmcd, I have relaxed this requirement for
        now, and changed the check so that functions with newly added flag
        F_REMREQSSL will not be allowed unless it is ssl. For the protogeni
        code this will do since I only need a few things.
      
      * For tmcd on the remote testbeds, there is new code in doaccounts
        that will return accounts and ssh keys from the nonlocal users
        table.  This table is set up by the Geni libraries during sliver
        creation (from the registry entry for the slice).
      f28bbfa6
  13. 28 Aug, 2008 1 commit
  14. 27 Aug, 2008 4 commits
  15. 26 Aug, 2008 1 commit
  16. 22 Aug, 2008 2 commits
  17. 21 Aug, 2008 3 commits
    • David Johnson's avatar
      db8a085b
    • David Johnson's avatar
    • David Johnson's avatar
      Add a new client side script, osconfig, that can update an MFS or a · dc10d326
      David Johnson authored
      frisbee-loaded slice based on a tarball downloaded from boss.  For now,
      the tarball is dynamically created by boss based on params sent to the
      osconfig_dump.php script; it is populated with files and a MANIFEST based
      on the files and constraints in the osconfig_* tables, which are pretty
      self-explanatory.  Transport is not secure, nor intended to be -- nodes on
      the control net or widearea nodes auth'd with a privkey can grab stuff
      destined to them based on their IP addr.  For the MFS case, the tarball is
      unpacked and the MANIFEST entries are executed/copied/extracted, and
      (nearly all of) the client side is re-run.  For the slicefix case, we just
      execute/copy/extract the MANIFEST entries in the mounted slice... there
      are some useful env vars set for scripts to use.
      
      If this mechanism ever becomes generally useful, or we're pushing big update
      tarballs, we'll have to add a caching mechanism (doh).  Right now, it's just
      for dongle-booted nodes or widearea nodes on which we cannot update the
      physical boot media without much pain; as well as for making major whacks
      to frisbee-loaded slices, which we need for the widearea case.
      
      Also, call this from rc.cdboot (to update a "read-only" (real media is
      mounted ro, but other parts of the fs are rw via unionfs or mfs) MFS),
      and from slicefix.
      
      NOTE: the client side osconfig script does not get installed from the
      makefile; this is intentional.  This script should not be placed in our
      local tftp'd MFSes, at least until there's some need for it!
      dc10d326
  18. 20 Aug, 2008 2 commits