1. 29 Oct, 2014 1 commit
  2. 27 Aug, 2014 1 commit
    • Leigh B Stoller's avatar
      Large set of changes for using the Geni trusted signer tool, to · 980f6cbd
      Leigh B Stoller authored
      authenticate Geni users to CloudLab (who do not have Emulab accounts).
      CloudLab users must have an account to do anything (unlike APT which allows
      guest users). But instead of requiring them to go through the Emulab
      account creation (high bar), let then use their Geni credentials to prove
      who they are. We then build a local account for that new user, and save off
      the speaksfor credential so that we can act on their behalf when talking to
      the backend clusters (and their MA to get their ssh keys).
      
      These users do not have a local account password, so they cannot log into
      the web interface using the Emulab login page, nor do they have a shell on
      ops.
      
      Once authenticated, we put the appropriate cookies into the browser via
      javascript, so they can use the Cloud (okay, APT) web interface (they
      appear logged in).
      
      I make use of the nonlocal_id field of the users table, which was not being
      used for anything else. Officially, these are "nonlocal" users in the code
      (IsNonLocal()).
      
      When a nonlocal user instantiates a profile, we use their speaksfor
      credential to ask their home MA for their ssh keys, which we then store in
      the DB, and then provide to the aggregate via the CreateSliver call.
      Note that no provision has been made for users who edit their profile and
      add keys; I am not currently expecting these users to stumble into the web
      interface (yet).
      980f6cbd
  3. 02 Jun, 2014 1 commit
  4. 22 May, 2014 1 commit
    • Gary Wong's avatar
      Add GPO ops-monitoring support. · e9a21edc
      Gary Wong authored
      The pieces are:
      
       * A monitoring daemon (clientside/protogeni/shared-node-monitor), which
         runs in each Xen shared node dom0, and gathers node and interface
         statistics.  It communicates these over the event system with...
      
       * A listening daemon (event/monitoring/shared-node-listener), running
         on the local boss node, and inserts everything it hears into the
         MySQL database "monitoring".  This database is also used by...
      
       * A site-wide monitoring daemon (protogeni/scripts/mondbd), periodically
         polling the normal testbed database (nodes and interfaces tables) and
         copying snapshots of the important pieces into the monitoring database.
      
       * The monitoring database is also read by a WWW front end invoked as a
         WSGI process by Apache.  This front end is developed by the GPO and
         modified to work with ProtoGENI, and is maintained in an independent
         repository.
      e9a21edc
  5. 21 May, 2014 1 commit
  6. 22 Mar, 2014 1 commit
  7. 04 Mar, 2014 1 commit
    • Leigh B Stoller's avatar
      Replace old and crufty script to generate a max_sliver_lifetime · bd265b07
      Leigh B Stoller authored
      override credential. New script is less crufty, I think.
      
      Usage: genextendcred -t <days> [-e <days>] -s <slice> [-u <user> | -c <cert>]
             genextendcred -t <days> [-e <days>] -u <user> | -c <cert>
      Options:
        -s    - Slice to use. If no user, issue to slice creator.
                In the absence of a slice, the target is the CM, allowing
                the user to extend any of his slivers.
        -u    - Issue to user
        -c    - Issue to user via his public certificate
        -t    - How many days to allow extension for
        -e    - How many days before credential expires; default 5 days
      
       Note that the renewsliver.py and renewslice.pl test scripts now take
       one of these credentials as an extra argument.
      bd265b07
  8. 28 Feb, 2014 1 commit
  9. 02 Dec, 2013 1 commit
  10. 08 Oct, 2013 1 commit
  11. 09 Aug, 2013 1 commit
  12. 22 Jul, 2013 1 commit
  13. 11 Jul, 2013 1 commit
  14. 22 May, 2013 1 commit
  15. 22 Mar, 2013 1 commit
  16. 15 Feb, 2013 1 commit
  17. 14 Feb, 2013 1 commit
  18. 30 Jan, 2013 1 commit
  19. 26 Sep, 2012 1 commit
    • Jonathon Duerig's avatar
      Various fixes for AM API v3. · c49a1df9
      Jonathon Duerig authored
      All incoming rspecs are now validated with rspeclint.
      Multiple Create calls are now permitted.
      Slivers now have URNs at allocation time.
      Delete now returns a list of ex-slivers.
      Advertisement now specifies an operational state machine.
      Other minor fixes.
      c49a1df9
  20. 24 Sep, 2012 1 commit
    • Eric Eide's avatar
      Replace license symbols with {{{ }}}-enclosed license blocks. · 6df609a9
      Eric Eide authored
      This commit is intended to makes the license status of Emulab and
      ProtoGENI source files more clear.  It replaces license symbols like
      "EMULAB-COPYRIGHT" and "GENIPUBLIC-COPYRIGHT" with {{{ }}}-delimited
      blocks that contain actual license statements.
      
      This change was driven by the fact that today, most people acquire and
      track Emulab and ProtoGENI sources via git.
      
      Before the Emulab source code was kept in git, the Flux Research Group
      at the University of Utah would roll distributions by making tar
      files.  As part of that process, the Flux Group would replace the
      license symbols in the source files with actual license statements.
      
      When the Flux Group moved to git, people outside of the group started
      to see the source files with the "unexpanded" symbols.  This meant
      that people acquired source files without actual license statements in
      them.  All the relevant files had Utah *copyright* statements in them,
      but without the expanded *license* statements, the licensing status of
      the source files was unclear.
      
      This commit is intended to clear up that confusion.
      
      Most Utah-copyrighted files in the Emulab source tree are distributed
      under the terms of the Affero GNU General Public License, version 3
      (AGPLv3).
      
      Most Utah-copyrighted files related to ProtoGENI are distributed under
      the terms of the GENI Public License, which is a BSD-like open-source
      license.
      
      Some Utah-copyrighted files in the Emulab source tree are distributed
      under the terms of the GNU Lesser General Public License, version 2.1
      (LGPL).
      6df609a9
  21. 07 Sep, 2012 1 commit
  22. 17 Feb, 2012 1 commit
    • Leigh B Stoller's avatar
      Reorganize the protogeni installation code. · 99c1507e
      Leigh B Stoller authored
      * Split all of the certificate stuff out of initsite into initcerts so
        that it can be run independently, and when updating the IP/domain of
        a site.
      
      * Redo initsite in terms of libinstall. Fully automated now, no user
        intervention needed.
      
      * Regarding above statement, the new site no longer has to email the
        new CA certificate to us; a new web page is exported from the
        clearing house website that allows a new CA to be "provisionally"
        accepted; the new CA will be allowed to register their new protogeni
        certificates, but otherwise will have no access to anything else
        until someone at the ClearingHouse moves them from the unapproved to
        the approved column. 
      
      * New script called "cacontrol" that should be used from now on to
        manage the CA certificates. Also called from the web interface to
        provisionally install a new CA certificate into an "unapproved"
        bundle that is not distributed to other protogeni sites. Otherwise,
        cacontrol should be used as follows:
      
      	boss$ perl cacontrol -h
      	Usage: cacontrol [-a] [-n] [-d] <certfile>
      	       cacontrol [-n] [-d] -c <commonname>
      	       cacontrol [-n] [-d] -r <commonname>
      	Options
      	  -n     - Impotent mode; do not do anything for real
      	  -d     - Turn on debugging.
      	  -a     - Add certificate to approved list instead.
      	  -c     - Move certificate (commonname) to approved list.
      	  -r     - Remove certificate with given commonname.
      
        In the first form, add a new CA certificate to the unapproved list
        (this is the entrypoint used by the web page mentioned above). If
        you add the -a option, it goes right into the approved bundle
        (approved means it goes into the xmlsec directory and is exported to
        other sites).
      
        The second form is used to move a CA from the unapproved column to
        the approved colum.
      
        The third form is used to delete a CA certificate.
      
        NO MORE HAND EDITING OF THE FILES!
      99c1507e
  23. 07 Nov, 2011 1 commit
  24. 29 Jul, 2011 1 commit
  25. 18 Jul, 2011 1 commit
    • Gary Wong's avatar
      Add a "gencabundle" script to generate ProtoGENI CA certificate bundles. · 1a0dcebf
      Gary Wong authored
      It only makes sense to run this at the clearinghouse.  It brings both
      the local CA bundle and the bundle to be distributed to federates up
      to date with respect to .../etc/genicacerts/*.pem and
      .../etc/extracerts.bundle.
      
      Any time the sources are changed, just run this script.  The local bundle is
      ready immediately.  The federates will fetch the new version as they get
      around to it.
      1a0dcebf
  26. 07 Apr, 2011 1 commit
    • Leigh B Stoller's avatar
      Add delegation support to run on boss to make it easier for an admin · c50139c6
      Leigh B Stoller authored
      to delegate a credential to a user. Say you want to delegate a CH
      credential to a local user so they can lookup things:
      
      boss> getchcredential | delegatecredential 'urn:publicid:IDN+emulab.net+user+XXX' resolve:0
      
      This will spit out a delegated credential. Save that in a file and
      give to the user. The user then sends that along as the credential
      argument.
      c50139c6
  27. 30 Mar, 2011 1 commit
  28. 04 Feb, 2011 1 commit
  29. 04 Oct, 2010 1 commit
  30. 24 Jun, 2010 2 commits
  31. 23 Jun, 2010 1 commit
  32. 15 Jun, 2010 1 commit
  33. 15 Apr, 2010 1 commit
  34. 05 Mar, 2010 1 commit
  35. 18 Feb, 2010 1 commit
  36. 04 Feb, 2010 1 commit
    • Leigh B Stoller's avatar
      Big cleanup of GeniComponent stuff. Moved Resolve() into GeniComponent · b63cb055
      Leigh B Stoller authored
      since it has to be aware of the CM version. Add a Version() call to
      GeniAuthority with goes asks the CM what version it is exporting.
      Based on that, we know how to do a resolve of a component. Refactored
      the code that was used in GeniAggregate when creating tunnels, since
      that is where we have to Resolve components. This also turns up in
      cooked mode.
      
      Continuine moving towards a urn-only world. If a GeniAuthority or a
      GeniComponent does not have the URN set locally in the DB, go back to
      the clearinghouse and get it. Error if it is not known, and go bang on
      the remote site to update and rerun register_resources.
      b63cb055
  37. 02 Feb, 2010 1 commit
  38. 06 Jan, 2010 1 commit
    • Leigh B. Stoller's avatar
      Slice expiration changes. The crux of these changes: · 5c63cf86
      Leigh B. Stoller authored
      1. You cannot unregister a slice at the SA before it has expired. This
         will be annoying at times, but the alphanumeric namespace for slice
         ames is probably big enough for us.
      
      2. To renew a slice, the easiest approach is to call the Renew method
         at the SA, get a new credential for the slice, and then pass that
         to renew on the CMs where you have slivers.
      
      The changes address the problem of slice expiration.  Before this
      change, when registering a slice at the Slice Authority, there was no
      way to give it an expiration time. The SA just assigns a default
      (currently one hour). Then when asking for a ticket at a CM, you can
      specify a "valid_until" field in the rspec, which becomes the sliver
      expiration time at that CM. You can later (before it expires) "renew"
      the sliver, extending the time. Both the sliver and the slice will
      expire from the CM at that time.
      
      Further complicating things is that credentials also have an
      expiration time in them so that credentials are not valid forever. A
      slice credential picks up the expiration time that the SA assigned to
      the slice (mentioned in the first paragraph).
      
      A problem is that this arrangement allows you to extend the expiration
      of a sliver past the expiration of the slice that is recorded at the
      SA. This makes it impossible to expire slice records at the SA since
      if we did, and there were outstanding slivers, you could get into a
      situation where you would have no ability to access those slivers. (an
      admin person can always kill off the sliver).
      
      Remember, the SA cannot know for sure if there are any slivers out
      there, especially if they can exist past the expiration of the slice.
      
      The solution:
      
      * Provide a Renew call at the SA to update the slice expiration time.
        Also allow for an expiration time in the Register() call.
      
        The SA will need to abide by these three rules:
        1. Never issue slice credentials which expire later than the
           corresponding slice
        2. Never allow the slice expiration time to be moved earlier
        3. Never deregister slices before they expire [*].
      
      * Change the CM to not set the expiration of a sliver past the
        expiration of the slice credential; the credential expiration is an
        upper bound on the valid_until field of the rspec. Instead, one must
        first extend the slice at the SA, get a new slice credential, and
        use that to extend the sliver at the CM.
      
      * For consistency with the SA, the CM API will changed so that
        RenewSliver() becomes RenewSlice(), and it will require the
        slice credential.
      5c63cf86
  39. 02 Dec, 2009 1 commit