1. 21 Aug, 2015 1 commit
  2. 19 Aug, 2015 1 commit
  3. 17 Aug, 2015 1 commit
  4. 13 Aug, 2015 5 commits
  5. 12 Aug, 2015 3 commits
    • Mike Hibler's avatar
      More tweaks. · 88a4a831
      Mike Hibler authored
      Loopback mount @TBROOT@/lib/geni-lib directory read-only in the jail.
      This way we don't have to copy geni-lib stuff into the base jail and worry
      about multiple versions. The version mounted in the jail can either be
      the standard version or a dev-tree version depending on which copy of the
      script is run.
      
      Create per-instance snapshots of the base jail rather than having one
      "current" snapshot that all instances used. Not as efficient, but allows
      us to update the base (e.g., with security fixes) without needing to
      remember to create a new "current" snapshot!
      
      Add -C option to just create a jail instance without running anything
      in it. Then you can use "jexec" to test stuff in the jail. Use the new
      -R option afterward to remove the instance.
      
      Try to sanitize the environment passed to the command script. We cannot
      just give it a "clean" environment because genilib passes stuff via the
      environment. So we get rid of SUDO_* and SSH_* and set the assorted USER*
      variables correctly. This may have to be refined depending on how much
      geni-lib scripts expect from the environment.
      88a4a831
    • Leigh Stoller's avatar
      Fix bug that was causing Snapshot to miss updating the disk image in the · 1a8c905c
      Leigh Stoller authored
      new profile version.
      1a8c905c
    • Leigh Stoller's avatar
      Return a better error to the user when the GPO Portal is offline, and · 879ca429
      Leigh Stoller authored
      we cannot get their project list, which causes create_instance to fail.
      879ca429
  6. 11 Aug, 2015 1 commit
    • Mike Hibler's avatar
      Two versions of a python jail for running geni-lib scripts. · 794fe4d4
      Mike Hibler authored
      genilib-iocage uses the FreeBSD "iocage" jail management package to
      setup a jail, run the script, and teardown the jail. Unfortunately,
      this version is really, really slow (11 seconds for a one-shot jail).
      
      So instead we will use genilib-jail which uses the template jail instance
      I built using iocage, but creates the one-off jails by using raw zfs and
      jail commands. It runs in about 1.3 seconds. genilib-iocage is left in
      case the author speeds it up someday.
      
      N.B. these are NOT plug in replacements for rungenilib.proxy.in.
      In particular, the new scripts run as root and don't do any validation
      of the caller or arguments. So genilib-jail will be called from rungenilib
      for now (though I have not done that part yet!)
      794fe4d4
  7. 05 Aug, 2015 1 commit
  8. 04 Aug, 2015 2 commits
  9. 30 Jul, 2015 2 commits
  10. 29 Jul, 2015 3 commits
  11. 27 Jul, 2015 2 commits
  12. 14 Jul, 2015 3 commits
  13. 13 Jul, 2015 1 commit
    • David Johnson's avatar
      Add geni-lib script parameter warnings/errors, groups, helpdocs. · c201620c
      David Johnson authored
      (The bulk of the code is in the parameter form formatter/decorator JS
      code; I only applied it to the wizard for now... but it's
      straightforward to copy it into the old parameter code ;))
      
      The portal can now render the parameter form in much more complex ways.
      It supports a notion of advanced parameter groups, a panel containing
      parameters that is closed by default but expandable; generic parameter
      groups; per-parameter detailed helpdocs in an expandable subpanel (and
      an expand-all-help link that will also expand all the parameter group
      panels), and error messages and warnings.  A summary of both errors and
      warnings is displayed at the top of the form, and specific error message
      details are displayed near parameters.  The error message display is
      flexible to generic user messages -- basically if the error is a proper
      geni-lib portal error/warning, but not a parameter error/warning, it
      will be displayed at the top of the parameter form (along with any
      others).  If it's an "improper" one, we'll still do our best to display
      it.  If you warn a user, you can provide a set of parameter values that
      "fix" the warning, and the Portal UI will change the form values and
      tell the user it did so.  You can't do this on error; the assumption is
      the user has to fix the error.
      
      Finally, the portal now tries to rungenilib in warnings-are-fatal mode
      the first time parameter bind (to generate rspec) is attempted.  If they
      go backwards to re-parameterize, warnings should be fatal again.  It's
      too hard to figure out when we should stop warnings-fatal mode; we can't
      block the user's progress if they really want to proceed in the face of
      warnings.
      c201620c
  14. 11 Jul, 2015 3 commits
  15. 08 Jul, 2015 1 commit
  16. 07 Jul, 2015 3 commits
  17. 06 Jul, 2015 1 commit
  18. 30 Jun, 2015 1 commit
  19. 25 Jun, 2015 2 commits
    • Leigh Stoller's avatar
      Minor bug fix, some extra debugging. · 3cfa7603
      Leigh Stoller authored
      3cfa7603
    • Leigh Stoller's avatar
      Add new options to CreateSliver/Provision; supply an x509 certificate and · 8be26639
      Leigh Stoller authored
      private key.
      
      The goal is to distribute an experiment wide certificate and private
      key. At the moment this is just a self signed x509 certificate and the
      accompanying rsa key. In PEM format. The same cert/key will be distributed
      across multiple aggregates.
      
      An openssh key pair can be trivially derived from the private key. Or the
      public part can be derived from the certificate. A quick google will show
      show.
      
      Initially, you will need to run tmcc directly to get them, using the
      geni_certificate and geni_key commands.
      8be26639
  20. 24 Jun, 2015 2 commits
  21. 23 Jun, 2015 1 commit