Commit 53b37adb authored by Leigh B Stoller's avatar Leigh B Stoller

Some minor changes to Srikanth Raju's EC2 Meta support, before merge.

Disabled by default, enabled on Utah Emulab for testing.
parent f52a02c5
......@@ -288,7 +288,9 @@ sub vz_init {
#
# Prepare the root context. Run once at boot.
#
sub vz_rootPreConfig {
sub vz_rootPreConfig($)
{
my $bossip = shift;
#
# Only want to do this once, so use file in /var/run, which
# is cleared at boot.
......
......@@ -111,7 +111,6 @@ my $BRCTL = "brctl";
my $IFCONFIG = "/sbin/ifconfig";
my $ETHTOOL = "/sbin/ethtool";
my $ROUTE = "/sbin/route";
my $IP = "/sbin/ip";
my $SYSCTL = "/sbin/sysctl";
my $VLANCONFIG = "/sbin/vconfig";
my $MODPROBE = "/sbin/modprobe";
......@@ -168,7 +167,7 @@ sub VGNAME() { return $VGNAME; }
##
# Maximum vnodes per physical host, used to size memory and disks
my $MAX_VNODES = 16;
my $MAX_VNODES = 32;
# Minimum GB of disk per vnode
my $MIN_GB_DISK = 6;
......@@ -357,6 +356,14 @@ sub rootPreConfig($)
# This says to forward traffic across the bridge.
mysystem("$IPTABLES -A FORWARD ".
"-m physdev --physdev-in $cnet_iface -j ACCEPT");
# Set up for metadata server for ec2 support
print "Setting up redirection for meta server...\n";
mysystem("$IPBIN addr add 169.254.169.254/32 ".
" scope global dev $cnet_iface");
mysystem("$IPTABLES -t nat -A PREROUTING -d 169.254.169.254/32 " .
" -p tcp -m tcp --dport 80 -j DNAT ".
" --to-destination ${bossip}:8787");
}
else {
if (!existsBridge($BRIDGENAME)) {
......@@ -468,12 +475,6 @@ sub rootPreConfig($)
if ($debug);
createDHCP();
# Set up for metadata server for ec2 support
print "Setting up redirection for meta server...\n";
mysystem("$IP addr add 169.254.169.254/32 scope global dev $cnet_iface");
mysystem("$IPTABLES -t nat -A PREROUTING -d 169.254.169.254/32 -p tcp " .
"-m tcp --dport 80 -j DNAT --to-destination " . $bossip . ":8787");
print "Creating scratch FS ...\n";
if (createExtraFS($EXTRAFS, $VGNAME, "50G")) {
TBScriptUnlock();
......
This source diff could not be displayed because it is too large. You can view the blob instead.
......@@ -274,6 +274,7 @@ AC_SUBST(FIREWALL_BOSS_LOCALRULETMPL)
AC_SUBST(FIREWALL_OPS_LOCALRULETMPL)
AC_SUBST(SPEWFROMOPS)
AC_SUBST(NOSITECHECKIN)
AC_SUBST(EC2META_ENABLE)
#
# Offer both versions of the email addresses that have the @ escaped
......@@ -399,6 +400,7 @@ FIREWALL_BOSS_LOCALRULETMPL=""
FIREWALL_OPS_LOCALRULETMPL=""
SPEWFROMOPS=0
NOSITECHECKIN=0
EC2META_ENABLE=0
#
# XXX You really don't want to change these!
......
#
# Add pool monitor.
#
use strict;
use libinstall;
use installvars;
my $LOGFILE = "$TBROOT/log/tmcd-meta.log";
sub InstallUpdate($$)
{
my ($version, $phase) = @_;
#
# If something should run in the pre-install phase.
#
if ($phase eq "pre") {
Phase "ec2meta", "Adding EC2 Meta Server support", sub {
Phase "syslog.conf", "Updating $SYSLOG_CONF", sub {
DoneIfEdited($SYSLOG_CONF);
BackUpFileFatal($SYSLOG_CONF);
AppendToFileFatal($SYSLOG_CONF,
"!tmcd-meta", "*.*\t\t\t\t\t\t$LOGDIR/tmcd-meta.log");
};
Phase "logfile", "Creating $LOGFILE", sub {
DoneIfExists($LOGFILE);
CreateFileFatal($LOGFILE);
ExecQuietFatal("$CHGRP tbadmin $LOGFILE");
ExecQuietFatal("$CHMOD 640 $LOGFILE");
};
Phase "newsyslog", "Updating $NEWSYSLOG_CONF", sub {
DoneIfEdited($NEWSYSLOG_CONF);
BackUpFileFatal($NEWSYSLOG_CONF);
AppendToFileFatal($NEWSYSLOG_CONF,
"$LOGFILE 640 7 1000 * Z");
};
Phase "syslogd", "Restarting syslogd", sub {
HUPDaemon("syslog");
};
};
}
#
# If something should run in the post-install phase.
#
if ($phase eq "post") {
}
return 0;
}
1;
# Local Variables:
# mode:perl
# End:
#!/usr/local/bin/python
#
# Copyright (c) 2012-2013 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
# This file is part of the Emulab network testbed software.
#
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
#
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
# License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this file. If not, see <http://www.gnu.org/licenses/>.
#
# }}}
#
from BaseHTTPServer import HTTPServer
from BaseHTTPServer import BaseHTTPRequestHandler
import urlparse
import traceback
import os
import sys
import syslog
import socket
import re
# Configure variables
TBDIR = "@prefix@"
TBFACIL = "@TBLOGFACIL@"
AVAIL = "@THISHOMEBASE@"
# When debugging, runs in foreground printing to stdout instead of syslog
debug = 0
TBPATH = os.path.join(TBDIR, "lib")
if TBPATH not in sys.path:
sys.path.append(TBPATH)
......@@ -18,40 +46,30 @@ if TBPATH not in sys.path:
from libdb import *
# This requires Python 2.6+
class Ec2MetaHandler(BaseHTTPRequestHandler):
def __init__(self, req, ca, huh):
facil = "LOG_" + TBFACIL.upper()
syslog.openlog("tmcd-meta", syslog.LOG_PID, getattr(syslog,facil))
BaseHTTPRequestHandler.__init__(self,req,ca,huh)
def log_message(self, format, *args):
outtext = format
alen = len(args)
if alen == 0:
outtext = format
elif alen == 1:
outtext = format % (args[0])
elif alen == 2:
outtext = format % (args[0], args[1])
elif alen == 3:
outtext = format % (args[0], args[1], args[2])
elif alen == 4:
outtext = format % (args[0], args[1], args[2], args[3])
elif alen == 5:
outtext = format % (args[0], args[1], args[2], args[3],
args[4])
##
# Log a message to stdout, if in debug mode, otherwise write to syslog.
#
# @param msg The message to log.
#
def logit(self, msg):
if debug:
print msg
pass
else:
outtext = "Too many format strings"
syslog.syslog(syslog.LOG_INFO, msg);
pass
return
# All this retardness is because someone decided that
# that format string functionality was ONLY exposed
# through a shitty operator(%) and not through a real
# function, so now its impossible to use it with *args
# because of some restrictive front end checks, meh
syslog.syslog(outtext)
# Override so we can use above function.
def log_message(self, format, *args):
self.logit(format%args)
return
def do_GET(self):
parsed_path = urlparse.urlparse(self.path)
......@@ -85,8 +103,10 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
return
def listmetas(self, metas):
message = "\n".join(map(lambda x: x + "/" if (x == "public-keys" or not(callable(metas[x]))) else x,
metas.keys()));
message = "\n".join(map(lambda x: x + "/"
if (x == "public-keys" or
not(callable(metas[x])))
else x, metas.keys()));
return message
def handle_req(self, arg, metas):
......@@ -129,7 +149,6 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
def doavail(self, args):
return AVAIL
def domacs(self, args):
#TODO
return "324AF"
......@@ -191,7 +210,10 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
#TODO: Verify ig idx is within limits
return "openssh-key"
elif len(args) == 2:
val = int(args[0])
val = args[0]
# Always check args before using in query!
if not re.match("^[\d]*$", val):
return ""
ip = self.client_address[0]
rows = DBQueryWarn("select * from "
"((select user_pubkeys.pubkey from user_pubkeys "
......@@ -229,11 +251,25 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
"public-keys": dopublic_keys },
"user-data" : do_userdata
}
pass
#
# Check for debug flag.
#
if len(sys.argv) > 1 and sys.argv[1] == "-d":
debug = 1
pass
if __name__ == '__main__':
from BaseHTTPServer import HTTPServer
import socket
#
# Daemonize when not running in debug mode.
#
if not debug:
#
# Connect to syslog.
#
syslog.openlog("tmcd-meta", syslog.LOG_PID,
getattr(syslog, "LOG_" + string.upper(TBFACIL)))
syslog.syslog(syslog.LOG_INFO, "EC2 Meta server starting up");
#
# Daemonize. We redirect our output into a log file cause I have no
......@@ -241,7 +277,7 @@ if __name__ == '__main__':
# Lifted from xmlrpc/sslxmlrpc_server.py.in
#
try:
fp = open(TBDIR + "/log/tmcd-meta.log", "a");
fp = open(TBDIR + "/log/ec2meta.log", "a");
sys.stdout = fp
sys.stderr = fp
sys.stdin.close();
......@@ -259,8 +295,6 @@ if __name__ == '__main__':
os.setsid();
pass
server = HTTPServer((socket.gethostbyname(socket.gethostname()), 8787),
Ec2MetaHandler)
server.serve_forever()
server = HTTPServer((socket.gethostbyname(socket.gethostname()), 8787),
Ec2MetaHandler)
server.serve_forever()
#!/bin/sh
#
# Copyright (c) 2001-2010 University of Utah and the Flux Group.
# Copyright (c) 2001-2013 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
......@@ -23,6 +23,7 @@
#
DIR=@prefix@/sbin
EC2META_ENABLE=@EC2META_ENABLE@
if [ -f /var/run/tmcd.pid ]
then
......@@ -38,6 +39,8 @@ fi
sleep 1
${DIR}/Ec2MetaServer.py
if test $EC2META_ENABLE -ne 0; then
${DIR}/Ec2MetaServer.py
fi
${DIR}/tmcd -i @BOSSNODE_IP@
exit 0
#!/usr/bin/ruby
#
# Copyright (c) 2012-2013 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
# This file is part of the Emulab network testbed software.
#
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
#
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
# License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this file. If not, see <http://www.gnu.org/licenses/>.
#
# }}}
#
$: << File.dirname(__FILE__)
require 'GrubConf'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment