Commit 53b37adb authored by Leigh B Stoller's avatar Leigh B Stoller

Some minor changes to Srikanth Raju's EC2 Meta support, before merge.

Disabled by default, enabled on Utah Emulab for testing.
parent f52a02c5
...@@ -288,7 +288,9 @@ sub vz_init { ...@@ -288,7 +288,9 @@ sub vz_init {
# #
# Prepare the root context. Run once at boot. # Prepare the root context. Run once at boot.
# #
sub vz_rootPreConfig { sub vz_rootPreConfig($)
{
my $bossip = shift;
# #
# Only want to do this once, so use file in /var/run, which # Only want to do this once, so use file in /var/run, which
# is cleared at boot. # is cleared at boot.
......
...@@ -111,7 +111,6 @@ my $BRCTL = "brctl"; ...@@ -111,7 +111,6 @@ my $BRCTL = "brctl";
my $IFCONFIG = "/sbin/ifconfig"; my $IFCONFIG = "/sbin/ifconfig";
my $ETHTOOL = "/sbin/ethtool"; my $ETHTOOL = "/sbin/ethtool";
my $ROUTE = "/sbin/route"; my $ROUTE = "/sbin/route";
my $IP = "/sbin/ip";
my $SYSCTL = "/sbin/sysctl"; my $SYSCTL = "/sbin/sysctl";
my $VLANCONFIG = "/sbin/vconfig"; my $VLANCONFIG = "/sbin/vconfig";
my $MODPROBE = "/sbin/modprobe"; my $MODPROBE = "/sbin/modprobe";
...@@ -168,7 +167,7 @@ sub VGNAME() { return $VGNAME; } ...@@ -168,7 +167,7 @@ sub VGNAME() { return $VGNAME; }
## ##
# Maximum vnodes per physical host, used to size memory and disks # Maximum vnodes per physical host, used to size memory and disks
my $MAX_VNODES = 16; my $MAX_VNODES = 32;
# Minimum GB of disk per vnode # Minimum GB of disk per vnode
my $MIN_GB_DISK = 6; my $MIN_GB_DISK = 6;
...@@ -357,6 +356,14 @@ sub rootPreConfig($) ...@@ -357,6 +356,14 @@ sub rootPreConfig($)
# This says to forward traffic across the bridge. # This says to forward traffic across the bridge.
mysystem("$IPTABLES -A FORWARD ". mysystem("$IPTABLES -A FORWARD ".
"-m physdev --physdev-in $cnet_iface -j ACCEPT"); "-m physdev --physdev-in $cnet_iface -j ACCEPT");
# Set up for metadata server for ec2 support
print "Setting up redirection for meta server...\n";
mysystem("$IPBIN addr add 169.254.169.254/32 ".
" scope global dev $cnet_iface");
mysystem("$IPTABLES -t nat -A PREROUTING -d 169.254.169.254/32 " .
" -p tcp -m tcp --dport 80 -j DNAT ".
" --to-destination ${bossip}:8787");
} }
else { else {
if (!existsBridge($BRIDGENAME)) { if (!existsBridge($BRIDGENAME)) {
...@@ -468,12 +475,6 @@ sub rootPreConfig($) ...@@ -468,12 +475,6 @@ sub rootPreConfig($)
if ($debug); if ($debug);
createDHCP(); createDHCP();
# Set up for metadata server for ec2 support
print "Setting up redirection for meta server...\n";
mysystem("$IP addr add 169.254.169.254/32 scope global dev $cnet_iface");
mysystem("$IPTABLES -t nat -A PREROUTING -d 169.254.169.254/32 -p tcp " .
"-m tcp --dport 80 -j DNAT --to-destination " . $bossip . ":8787");
print "Creating scratch FS ...\n"; print "Creating scratch FS ...\n";
if (createExtraFS($EXTRAFS, $VGNAME, "50G")) { if (createExtraFS($EXTRAFS, $VGNAME, "50G")) {
TBScriptUnlock(); TBScriptUnlock();
......
This diff is collapsed.
...@@ -274,6 +274,7 @@ AC_SUBST(FIREWALL_BOSS_LOCALRULETMPL) ...@@ -274,6 +274,7 @@ AC_SUBST(FIREWALL_BOSS_LOCALRULETMPL)
AC_SUBST(FIREWALL_OPS_LOCALRULETMPL) AC_SUBST(FIREWALL_OPS_LOCALRULETMPL)
AC_SUBST(SPEWFROMOPS) AC_SUBST(SPEWFROMOPS)
AC_SUBST(NOSITECHECKIN) AC_SUBST(NOSITECHECKIN)
AC_SUBST(EC2META_ENABLE)
# #
# Offer both versions of the email addresses that have the @ escaped # Offer both versions of the email addresses that have the @ escaped
...@@ -399,6 +400,7 @@ FIREWALL_BOSS_LOCALRULETMPL="" ...@@ -399,6 +400,7 @@ FIREWALL_BOSS_LOCALRULETMPL=""
FIREWALL_OPS_LOCALRULETMPL="" FIREWALL_OPS_LOCALRULETMPL=""
SPEWFROMOPS=0 SPEWFROMOPS=0
NOSITECHECKIN=0 NOSITECHECKIN=0
EC2META_ENABLE=0
# #
# XXX You really don't want to change these! # XXX You really don't want to change these!
......
#
# Add pool monitor.
#
use strict;
use libinstall;
use installvars;
my $LOGFILE = "$TBROOT/log/tmcd-meta.log";
sub InstallUpdate($$)
{
my ($version, $phase) = @_;
#
# If something should run in the pre-install phase.
#
if ($phase eq "pre") {
Phase "ec2meta", "Adding EC2 Meta Server support", sub {
Phase "syslog.conf", "Updating $SYSLOG_CONF", sub {
DoneIfEdited($SYSLOG_CONF);
BackUpFileFatal($SYSLOG_CONF);
AppendToFileFatal($SYSLOG_CONF,
"!tmcd-meta", "*.*\t\t\t\t\t\t$LOGDIR/tmcd-meta.log");
};
Phase "logfile", "Creating $LOGFILE", sub {
DoneIfExists($LOGFILE);
CreateFileFatal($LOGFILE);
ExecQuietFatal("$CHGRP tbadmin $LOGFILE");
ExecQuietFatal("$CHMOD 640 $LOGFILE");
};
Phase "newsyslog", "Updating $NEWSYSLOG_CONF", sub {
DoneIfEdited($NEWSYSLOG_CONF);
BackUpFileFatal($NEWSYSLOG_CONF);
AppendToFileFatal($NEWSYSLOG_CONF,
"$LOGFILE 640 7 1000 * Z");
};
Phase "syslogd", "Restarting syslogd", sub {
HUPDaemon("syslog");
};
};
}
#
# If something should run in the post-install phase.
#
if ($phase eq "post") {
}
return 0;
}
1;
# Local Variables:
# mode:perl
# End:
#!/usr/local/bin/python #!/usr/local/bin/python
#
# Copyright (c) 2012-2013 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
# This file is part of the Emulab network testbed software.
#
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
#
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
# License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this file. If not, see <http://www.gnu.org/licenses/>.
#
# }}}
#
from BaseHTTPServer import HTTPServer
from BaseHTTPServer import BaseHTTPRequestHandler from BaseHTTPServer import BaseHTTPRequestHandler
import urlparse import urlparse
import traceback import traceback
import os import os
import sys import sys
import syslog import syslog
import socket
import re
# Configure variables # Configure variables
TBDIR = "@prefix@" TBDIR = "@prefix@"
TBFACIL = "@TBLOGFACIL@" TBFACIL = "@TBLOGFACIL@"
AVAIL = "@THISHOMEBASE@" AVAIL = "@THISHOMEBASE@"
# When debugging, runs in foreground printing to stdout instead of syslog
debug = 0
TBPATH = os.path.join(TBDIR, "lib") TBPATH = os.path.join(TBDIR, "lib")
if TBPATH not in sys.path: if TBPATH not in sys.path:
sys.path.append(TBPATH) sys.path.append(TBPATH)
...@@ -18,40 +46,30 @@ if TBPATH not in sys.path: ...@@ -18,40 +46,30 @@ if TBPATH not in sys.path:
from libdb import * from libdb import *
# This requires Python 2.6+ # This requires Python 2.6+
class Ec2MetaHandler(BaseHTTPRequestHandler): class Ec2MetaHandler(BaseHTTPRequestHandler):
def __init__(self, req, ca, huh): def __init__(self, req, ca, huh):
facil = "LOG_" + TBFACIL.upper()
syslog.openlog("tmcd-meta", syslog.LOG_PID, getattr(syslog,facil))
BaseHTTPRequestHandler.__init__(self,req,ca,huh) BaseHTTPRequestHandler.__init__(self,req,ca,huh)
def log_message(self, format, *args): ##
outtext = format # Log a message to stdout, if in debug mode, otherwise write to syslog.
alen = len(args) #
if alen == 0: # @param msg The message to log.
outtext = format #
elif alen == 1: def logit(self, msg):
outtext = format % (args[0]) if debug:
elif alen == 2: print msg
outtext = format % (args[0], args[1]) pass
elif alen == 3:
outtext = format % (args[0], args[1], args[2])
elif alen == 4:
outtext = format % (args[0], args[1], args[2], args[3])
elif alen == 5:
outtext = format % (args[0], args[1], args[2], args[3],
args[4])
else: else:
outtext = "Too many format strings" syslog.syslog(syslog.LOG_INFO, msg);
pass
return
# All this retardness is because someone decided that # Override so we can use above function.
# that format string functionality was ONLY exposed def log_message(self, format, *args):
# through a shitty operator(%) and not through a real self.logit(format%args)
# function, so now its impossible to use it with *args return
# because of some restrictive front end checks, meh
syslog.syslog(outtext)
def do_GET(self): def do_GET(self):
parsed_path = urlparse.urlparse(self.path) parsed_path = urlparse.urlparse(self.path)
...@@ -85,8 +103,10 @@ class Ec2MetaHandler(BaseHTTPRequestHandler): ...@@ -85,8 +103,10 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
return return
def listmetas(self, metas): def listmetas(self, metas):
message = "\n".join(map(lambda x: x + "/" if (x == "public-keys" or not(callable(metas[x]))) else x, message = "\n".join(map(lambda x: x + "/"
metas.keys())); if (x == "public-keys" or
not(callable(metas[x])))
else x, metas.keys()));
return message return message
def handle_req(self, arg, metas): def handle_req(self, arg, metas):
...@@ -129,7 +149,6 @@ class Ec2MetaHandler(BaseHTTPRequestHandler): ...@@ -129,7 +149,6 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
def doavail(self, args): def doavail(self, args):
return AVAIL return AVAIL
def domacs(self, args): def domacs(self, args):
#TODO #TODO
return "324AF" return "324AF"
...@@ -191,7 +210,10 @@ class Ec2MetaHandler(BaseHTTPRequestHandler): ...@@ -191,7 +210,10 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
#TODO: Verify ig idx is within limits #TODO: Verify ig idx is within limits
return "openssh-key" return "openssh-key"
elif len(args) == 2: elif len(args) == 2:
val = int(args[0]) val = args[0]
# Always check args before using in query!
if not re.match("^[\d]*$", val):
return ""
ip = self.client_address[0] ip = self.client_address[0]
rows = DBQueryWarn("select * from " rows = DBQueryWarn("select * from "
"((select user_pubkeys.pubkey from user_pubkeys " "((select user_pubkeys.pubkey from user_pubkeys "
...@@ -229,11 +251,25 @@ class Ec2MetaHandler(BaseHTTPRequestHandler): ...@@ -229,11 +251,25 @@ class Ec2MetaHandler(BaseHTTPRequestHandler):
"public-keys": dopublic_keys }, "public-keys": dopublic_keys },
"user-data" : do_userdata "user-data" : do_userdata
} }
pass
#
# Check for debug flag.
#
if len(sys.argv) > 1 and sys.argv[1] == "-d":
debug = 1
pass
if __name__ == '__main__': #
from BaseHTTPServer import HTTPServer # Daemonize when not running in debug mode.
import socket #
if not debug:
#
# Connect to syslog.
#
syslog.openlog("tmcd-meta", syslog.LOG_PID,
getattr(syslog, "LOG_" + string.upper(TBFACIL)))
syslog.syslog(syslog.LOG_INFO, "EC2 Meta server starting up");
# #
# Daemonize. We redirect our output into a log file cause I have no # Daemonize. We redirect our output into a log file cause I have no
...@@ -241,7 +277,7 @@ if __name__ == '__main__': ...@@ -241,7 +277,7 @@ if __name__ == '__main__':
# Lifted from xmlrpc/sslxmlrpc_server.py.in # Lifted from xmlrpc/sslxmlrpc_server.py.in
# #
try: try:
fp = open(TBDIR + "/log/tmcd-meta.log", "a"); fp = open(TBDIR + "/log/ec2meta.log", "a");
sys.stdout = fp sys.stdout = fp
sys.stderr = fp sys.stderr = fp
sys.stdin.close(); sys.stdin.close();
...@@ -259,8 +295,6 @@ if __name__ == '__main__': ...@@ -259,8 +295,6 @@ if __name__ == '__main__':
os.setsid(); os.setsid();
pass pass
server = HTTPServer((socket.gethostbyname(socket.gethostname()), 8787), server = HTTPServer((socket.gethostbyname(socket.gethostname()), 8787),
Ec2MetaHandler) Ec2MetaHandler)
server.serve_forever() server.serve_forever()
#!/bin/sh #!/bin/sh
# #
# Copyright (c) 2001-2010 University of Utah and the Flux Group. # Copyright (c) 2001-2013 University of Utah and the Flux Group.
# #
# {{{EMULAB-LICENSE # {{{EMULAB-LICENSE
# #
...@@ -23,6 +23,7 @@ ...@@ -23,6 +23,7 @@
# #
DIR=@prefix@/sbin DIR=@prefix@/sbin
EC2META_ENABLE=@EC2META_ENABLE@
if [ -f /var/run/tmcd.pid ] if [ -f /var/run/tmcd.pid ]
then then
...@@ -38,6 +39,8 @@ fi ...@@ -38,6 +39,8 @@ fi
sleep 1 sleep 1
${DIR}/Ec2MetaServer.py if test $EC2META_ENABLE -ne 0; then
${DIR}/Ec2MetaServer.py
fi
${DIR}/tmcd -i @BOSSNODE_IP@ ${DIR}/tmcd -i @BOSSNODE_IP@
exit 0 exit 0
#!/usr/bin/ruby #!/usr/bin/ruby
#
# Copyright (c) 2012-2013 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
# This file is part of the Emulab network testbed software.
#
# This file is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or (at
# your option) any later version.
#
# This file is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
# License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this file. If not, see <http://www.gnu.org/licenses/>.
#
# }}}
#
$: << File.dirname(__FILE__) $: << File.dirname(__FILE__)
require 'GrubConf' require 'GrubConf'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment