• Leigh Stoller's avatar
    ElabinElab changes: · 956b1d0d
    Leigh Stoller authored
    * sslxmlrpc_server.py: A rather gross hack that needs more thought;
      pass the client IP address to the emulabserver class instantiation,
      which is passed along to the new elabinelab module ...
    
    * emulabserver.py: A new class called elabinelab which exports some methods
      that are to be used by an inner elab. At present, the IP address of the
      client is passed along and a bunch of checks are made that restrict the
      client to the inner emulab boss node, with the credentials of the
      creator of the inner emulab. In other words, the ssl certificate of the
      elabinelab creator is placed on the inner boss, and all proxy
      operations are invoked with this certificate (as the creator) and
      only from the inner boss node.
    
      The elabinelab class currently exports two methods; a power method
      to power cycle an inner node; the command is handed of the power
      command, which does the permission checks. Of course, the inner boss
      does its permission checks, but ultimately, the outer boss will
      allow the power cycle only if the client is allowed to power cycle the
      node.
    
      The other method exported is a vlans command to setup and destroy a
      set of vlans for an inner experiment. Permissions checks are modeled as
      above, with everything passed out to new snmpit.proxy script, which
      then invokes plain snmpit.
    956b1d0d
sslxmlrpc_server.py.in 13.1 KB