Commit 6ba4e6a3 authored by Mike Hibler's avatar Mike Hibler

Checkpoint feeble progress on VINI kernel.

It doesn't look promising that I will be back to it this week, sigh...
parent 29924187
This diff is collapsed.
......@@ -24,6 +24,16 @@ use libtmcc;
#
# Questions:
#
# How to setup the virtual networks?
#
# * vservers provides localhost virtualization
# * use etun devices to give vif inside and outside of vserver
# * bridge outside etuns together as appropriate, possibly including
# phys interfaces
#
# Optimizations:
# * if link is p2p and all "on node", just use etun pair w/no bridge
#
#
# Create a jailed environment. There are some stub files stored in
......@@ -76,6 +86,12 @@ STDERR->autoflush(1);
my $JAILCNET = "172.16.0.0";
my $JAILCNETMASK = "255.240.0.0";
my $USEPROXY = 1;
my $USECHPID = 0;
if ($USECHPID) {
$USEPROXY = 0;
}
#
# Locals
#
......@@ -87,7 +103,7 @@ my $VSERVERDIR = "/vservers";
my $JAILCONFIG = "jailconfig";
my @ROOTCPDIRS = ("etc", "root");
my @ROOTMKDIRS = ("dev", "tmp", "var", "usr", "proc", "users", "lib",
"bin", "sbin", "home");
"bin", "sbin", "home", "local");
my @ROOTMNTDIRS = ("bin", "sbin", "usr", "lib");
my @EMUVARDIRS = ("logs", "db", "jails", "boot", "lock");
my $IP;
......@@ -262,7 +278,9 @@ else {
mkvserver("$vnodeid");
}
TBDebugTimeStamp("mkjail done with root fs");
startproxy("$vnodeid");
if ($USEPROXY) {
startproxy("$vnodeid");
}
#
# Start the vserver. If all goes well, this will exit cleanly, with the
......@@ -313,7 +331,7 @@ if ($jailpid) {
undef($jailpid);
last;
}
if ($kidpid == $tmccpid) {
if ($USEPROXY && $kidpid == $tmccpid) {
print("TMCC proxy exited with status $?. Restarting ...\n");
startproxy("$vnodeid");
next;
......@@ -349,10 +367,34 @@ sub mkvserver($)
$interface = "nodev:0.0.0.0/0";
}
my $enetifs = "";
#
# XXX still need code to create etun devices outside the vserver.
# To create a pair you do:
# echo etun0,etun1 > /sys/module/etun/parameters/newif
# To destroy do:
# echo etun0 > /sys/module/etun/parameters/delif
# (just need to specify one end). Apparently you can call these things
# whatever you want (e.g., "veth").
#
# Then configure the IFs with appropriate IPs.
#
if (0) {
foreach my $ip (@jailips) {
my $iface = `$BINDIR/findif -i $ip`;
chomp($iface);
if (!$iface) {
fatal("Could not find interface for jailIP $ip");
}
$enetifs .= " --interface ${iface}:${ip}/24";
}
}
# Create the skeleton vserver. It will be mostly empty.
mysystem("$VSERVER $vnodeid build --force -m skeleton ".
"--hostname $jailhostname --interface $interface ".
"--flags persistent");
"$enetifs --flags persistent");
# The filesystem for the vserver lands here.
my $vdir = $VDIR;
......@@ -368,10 +410,19 @@ sub mkvserver($)
TBDebugTimeStamp("mkvserver: Copying root cp dirs done!");
#
# Set vserver "capabilities".
# Set vserver capabilities and flags
#
# Allows binding to TCP/UDP sockets below 1024
mysystem("echo 'NET_BIND_SERVICE' > $cdir/bcapabilities");
# NET_BIND_SERVICE: Allows binding to TCP/UDP sockets below 1024
# LBACK_REMAP: Virtualize the loopback device
# HIDE_LBACK: Hide real address used for loopback
# HIDE_NETIF: Hide "foreign" network interfaces
mysystem("echo 'NET_BIND_SERVICE' >> $cdir/bcapabilities");
mysystem("echo 'LBACK_REMAP' >> $cdir/nflags");
mysystem("echo 'HIDE_LBACK' >> $cdir/nflags");
mysystem("echo 'HIDE_NETIF' >> $cdir/nflags");
# XXX needed to do clone with CLONE_NEWNET
mysystem("echo 'SYS_ADMIN' >> $cdir/bcapabilities");
#
# Clean out some stuff from /etc.
......@@ -433,9 +484,11 @@ sub mkvserver($)
#
# Some security stuff; remove files that would enable it to talk to
# tmcd directly (only imortant on remote nodes). Must go through proxy.
# tmcd directly (only important on remote nodes). Must go through proxy.
#
mysystem("rm -f $vdir/$ETCDIR/*.pem");
if ($USEPROXY) {
mysystem("rm -f $vdir/$ETCDIR/*.pem");
}
#
# Now a bunch of stuff to set up a nice environment in the jail.
......@@ -446,6 +499,15 @@ sub mkvserver($)
mysystem("ln -s ../../init.d/sshd $vdir/etc/rc6.d/K80sshd");
mysystem("cp -p $ETCVSERVER/rc.invserver $vdir/etc/rc3.d/S99invserver");
mysystem("cp -p $ETCVSERVER/rc.invserver $vdir/etc/rc6.d/K99invserver");
if ($USECHPID) {
#
# this script comes from tmcd/linux/vserver0.sh
# assumes chpid and vserver1.sh have been installed in $BINDIR
# (not part of makefile yet)
#
mysystem("ln -s ../../init.d/chpid $vdir/etc/rc3.d/S00chpid");
mysystem("ln -s ../../init.d/chpid $vdir/etc/rc6.d/K00chpid");
}
# Kill anything that uses /dev/console in syslog; will not work.
mysystem("sed -i.bak ".
......@@ -810,4 +872,3 @@ sub mysystem($)
fatal("Command failed: $? - $command");
}
}
......@@ -106,7 +106,7 @@ sub DoBoot()
# setup to proceed in parallel (okay, at most two are going to partially
# overlap, but that is better then nothing at all!
#
TBDebugTimeStamp("rc.injail starting watchdog");
TBDebugTimeStamp("rc.invserver starting watchdog");
if (-x "$BINDIR/watchdog") {
print("Starting testbed watchdog daemon\n");
system("$BINDIR/watchdog start");
......@@ -119,13 +119,13 @@ sub DoBoot()
# This is where we run all of the config scripts. These talk to the
# DB and setup the node the way it is supposed to be.
#
TBDebugTimeStamp("rc.injail running config scripts");
TBDebugTimeStamp("rc.invserver running config scripts");
print("Running config scripts\n");
system("$RCDIR/rc.config boot");
if ($?) {
BootFatal("Error running $RCDIR/rc.config");
}
TBDebugTimeStamp("rc.injail done running config scripts");
TBDebugTimeStamp("rc.invserver done running config scripts");
# Linktest daemon now runs inside jails.
if (-x "$RCDIR/rc.linktest") {
......
......@@ -106,7 +106,7 @@ sub DoBoot()
# setup to proceed in parallel (okay, at most two are going to partially
# overlap, but that is better then nothing at all!
#
TBDebugTimeStamp("rc.injail starting watchdog");
TBDebugTimeStamp("rc.invserver starting watchdog");
if (-x "$BINDIR/watchdog") {
print("Starting testbed watchdog daemon\n");
system("$BINDIR/watchdog start");
......@@ -119,13 +119,13 @@ sub DoBoot()
# This is where we run all of the config scripts. These talk to the
# DB and setup the node the way it is supposed to be.
#
TBDebugTimeStamp("rc.injail running config scripts");
TBDebugTimeStamp("rc.invserver running config scripts");
print("Running config scripts\n");
system("$RCDIR/rc.config boot");
if ($?) {
BootFatal("Error running $RCDIR/rc.config");
}
TBDebugTimeStamp("rc.injail done running config scripts");
TBDebugTimeStamp("rc.invserver done running config scripts");
# Linktest daemon now runs inside jails.
if (-x "$RCDIR/rc.linktest") {
......
#!/bin/sh
#
# Gak we have to do another level of clone to get into an environment with
# virtualized networking. This is set to be the first and only script run
# when a vserver starts.
#
action=$1
. /etc/init.d/functions
. /etc/emulab/paths.sh
RETVAL=0
case "$action" in
start)
$BINDIR/chpid -i -h -n /bin/sh $BINDIR/vserver/vserver1.sh
RETVAL=$?
;;
stop)
# no idea what to do here yet
kill 0
;;
*)
echo "No can do action \"$1\" bubba"
RETVAL=1
;;
esac
exit $RETVAL
#!/bin/sh
#
# This is the script run by chpid once it has cloned.
# We run all the normal startup scripts.
#
# Now find out what the current and what the previous runlevel are.
argv1="$1"
set `/sbin/runlevel`
runlevel=$2
previous=$1
export runlevel previous
. /etc/init.d/functions
. /etc/emulab/paths.sh
# check a file to be a correct runlevel script
check_runlevel ()
{
# Do not redo the chpid!
[ "$1" = "/etc/rc$runlevel.d/S00chpid" ] && return 1
# Check if the file exists at all.
[ -x "$1" ] || return 1
is_ignored_file "$1" && return 1
return 0
}
RETVAL=0
# Now run the START scripts.
for i in /etc/rc$runlevel.d/S* ; do
check_runlevel "$i" || continue
# Check if the subsystem is already up.
subsys=${i#/etc/rc$runlevel.d/S??}
[ -f /var/lock/subsys/$subsys -o -f /var/lock/subsys/$subsys.init ] \
&& continue
update_boot_stage "$subsys"
# Bring the subsystem up.
if [ "$subsys" = "halt" -o "$subsys" = "reboot" ]; then
export LC_ALL=C
exec $i start
fi
if LC_ALL=C egrep -q "^..*init.d/functions" $i \
|| [ "$subsys" = "single" -o "$subsys" = "local" ]; then
$i start
else
action $"Starting $subsys: " $i start
fi
done
exit $RETVAL
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment