1. 21 Aug, 2012 3 commits
  2. 03 Aug, 2012 1 commit
  3. 25 Jul, 2012 1 commit
  4. 24 Jul, 2012 1 commit
    • Mike Hibler's avatar
      Add a 'disabled' field to the subbosses table. · e08bfeec
      Mike Hibler authored
      This allows us to more easily disable a subboss in the event of a temporary
      subboss outage (e.g., hardware failure). Previously we would have to remove
      the related rows from the DB and restore them later.
  5. 16 Jul, 2012 1 commit
  6. 05 Jul, 2012 1 commit
    • Mike Hibler's avatar
      Tmp hack to allow use of a 10Gb shared LAN. · ad2aac63
      Mike Hibler authored
      Til we have snmpit working on the Arista, we statically configure a single
      10Gb LAN and put one interface from each of the d820s into it.
      This is controlled by setting the node_attribute.shared_lan_* attributes
      for each node (ip,mask,mac,speed).
  7. 03 Jul, 2012 1 commit
    • Mike Hibler's avatar
      Tmp hack to allow use of a 10Gb shared LAN. · bcaeb971
      Mike Hibler authored
      Til we have snmpit working on the Arista, we statically configure a single
      10Gb LAN and put one interface from each of the d820s into it.
      This is controlled by setting the node_attribute.shared_lan_* attributes
      for each node (ip,mask,mac,speed).
  8. 06 Jun, 2012 1 commit
  9. 31 May, 2012 1 commit
  10. 21 May, 2012 1 commit
  11. 17 May, 2012 1 commit
    • Leigh B Stoller's avatar
      Return VGAONLY in the loadinfo clause, if set in the node_type_attributes · 2487c9db
      Leigh B Stoller authored
      or the node_attributes table.
      Note that I had to fix the query; the original select required that
      the key be in the node_type_attributes table, else it would fail to
      find it in the node_attributes table. In other words, I could not put
      vgaonly on a specific node unless there was a definition in the
      node_type_attributes table.
      I've changed the query to use a "union" of two selects; this query is
      intended to select certain attributes from node_type_attributes table,
      but allow them to be overridden by entries in the node_attributes
      table for the node making the request. The "union" of two selects,
      allow results from the second select on node_attributes to overwrite
      anything returned for the same key in the first select on
  12. 24 Apr, 2012 2 commits
  13. 29 Mar, 2012 1 commit
    • Mike Hibler's avatar
      Fix nonce calculation. · c1ff2263
      Mike Hibler authored
      Well, isn't that special. We had the arguments to memcpy backward (probably
      dating from the time when we use bcopy instead). So instead of copying bytes
      of goodness into the zeroed nonce buffer, we were copying bytes out.
      Net result: a nonce of zeros.
  14. 14 Mar, 2012 1 commit
    • Mike Hibler's avatar
      Pass through bootinfo flags on tmcc "bootwhat" command. · 3ca3abf6
      Mike Hibler authored
      bootwhat will now return a FLAGS=%d value corresponding to the flags
      field in the boot_what struct.
      NOTE: THIS REQUIRED A TMCD VERSION BUMP. We are now at version 35.
      The issue was backward compatibility with existing CD/dongle boot images
      which are overly strict in their parsing of the returned bootwhat values.
      Added a new boot_what flag (the whole point of this) to signify if the
      entity being returned is part of the "secure boot" path. This is used
      by the gPXE dongle to determine whether it needs to do a trusted boot
      path "sign-off" for the MFS it downloads. We used to use the name of
      the MFS as our heuristic for this.
      bootinfo uses the new tbdb.os_info osfeature "ontrustedboot" to determine
      whether to set the flag.
  15. 09 Mar, 2012 1 commit
    • Mike Hibler's avatar
      Add a node-default pxe_boot_path to go along with node-type-default. · 99a462a8
      Mike Hibler authored
      As if things weren't hairy enough for the pxe_boot_path, we need a per-node
      default value. This should not be confused with the next_pxe_boot_path or
      pxe_boot_path fields in the nodes table, which is a per-node value but only
      for the lifetime of the current experiment.
      We need this new field specifically so that we can switch some, but not all,
      of the d710s over to the TPM-aware pxeboot.
      For the record, the select order for setting the filename field in
      dhcpd.conf is:
       1. nodes.next_pxe_boot_path for node
       2. nodes.pxe_boot_path for node
       3. "pxe_boot_path" node_attribute for node
       4. "pxe_boot_path" node_type_attribute for node type
       5. don't set (i.e., use the dhcpd.conf global default).
  16. 16 Feb, 2012 1 commit
  17. 02 Feb, 2012 1 commit
  18. 23 Jan, 2012 1 commit
  19. 20 Jan, 2012 1 commit
    • Ryan Jackson's avatar
      Fix server info query for firewalls · 3bd39dbf
      Ryan Jackson authored
      Fixed the query for server name, ip, and mac so that it works with
      multiple subbosses.  Previously the query would fail due to the
      subquery returning multiple rows.
  20. 19 Jan, 2012 1 commit
    • Leigh B Stoller's avatar
      Deprecate the use of jailip in the nodes table, for local dynamic · 1a52760a
      Leigh B Stoller authored
      virtual nodes. We now create an interfaces table entry so that we do
      not special code to find the control network interface. This entry is
      delated along with the node entries when the experiment is swapped
      Of course, we still have existing nodes with jailip entries, so not
      much code was removed, but this saves me from having to add more
      special cases for XEN elabinelab, and at some point we can remove the
      deprecated code.
  21. 13 Jan, 2012 1 commit
  22. 12 Jan, 2012 2 commits
    • Ryan Jackson's avatar
      tmcd changes for Linux firewall support · df0c2e51
      Ryan Jackson authored
    • Leigh B Stoller's avatar
      The rest of the virt_node_attributes table support. You can do this in · 51552904
      Leigh B Stoller authored
      your NS file:
      	$node0 add-attribute jailip
      	$node0 add-attribute jailipmask
      to override the default jail ip assignment. Use this carefully of
      course since there is no checking yet.
      You can also do something like this:
      	$myboss add-attribute XEN_EXTRADISKS "disk1:10G,disk2:10G,disk3:10G"
      	$myops  add-attribute XEN_EXTRADISKS "disk1:4G,disk2:10G"
      which will add these extra disks to your xen containers. Note that
      this requires clientside changes from another commit to be installed
      in the XEN image.
  23. 10 Jan, 2012 1 commit
  24. 06 Jan, 2012 1 commit
  25. 13 Dec, 2011 1 commit
  26. 15 Nov, 2011 1 commit
    • Mike Hibler's avatar
      Further overhaul of firewall code. NOTE: required bump of tmcd version to 34. · 6a26b246
      Mike Hibler authored
      Firewalls now work with nodes which require a subboss. Had to introduce new
      firewall rules which skipped around the checks that no packets to/from
      node control net IPs should pass through the firewall, if the IP in question
      belongs to a subboss (since subboss is on the node control network). It
      actually checks for all Emulab servers (boss, ops, fs or any subboss),
      so the code should work for an Emulab install which has a non-segmented
      control network in which all servers were in the same subnet as the nodes.
      In addition to the new rules, we also had to pass in additional information
      via "tmcc firewallinfo" giving the IP/MAC of those server nodes that are on
      the node control network. We use this to establish ARP entries on the
      inside network so that nodes can find the servers. Since the existing
      client-side firewall code in libsetup.pm would blow up if it got a line
      that it didn't recognize, I had to bump the tmcd version number and add
      some conditional code to tmcd.c:dofwinfo() to not return the extra info for
      old versions.
      Added a couple of new firewall variables EMULAB_BOSSES and EMULAB_SERVERS
      that are used in the new rules. Fixed the support scripts in firewall/
      to properly initialize these variables.
      IMPORTANT: tmcd looks up boss, ops, fs, and subbosses in the interfaces
      table to find their IPs and MAC addresses. By default, we do not create
      such interface table entries for boss/ops/fs. We have them at Utah for
      other reasons. These entries are only needed if you have a non-segmented
      control network (or a subboss) and you want to firewall such nodes.
      The script to initialize the firewall variables (initfwvars.pl) will
      print out a warning for configurations that are affected and don't have
      the entries.
  27. 26 Oct, 2011 1 commit
  28. 04 Oct, 2011 1 commit
    • Mike Hibler's avatar
      Add node/node_type attribute "no_clflush". · fdfce71d
      Mike Hibler authored
      This is for FreeBSD to turn off use of the CLFLUSH instruction via the
      hw.clflush_disable loader var. We have encountered some opteron machines
      on which this causes problems.
      The attribute can be set for the node_type (via the web page for editing
      node types) or the node (via brute-force SQL hackary) to override whatever
      FreeBSD would do by default. This attribute is passed via tmcd to the
      diskloader MFS which will fixup the loader.conf file post-frisbee.
  29. 17 Aug, 2011 1 commit
  30. 11 Aug, 2011 1 commit
    • Mike Hibler's avatar
      Initial support for loading Windows7 .wim images via WinPE/ImageX. · ac711ea5
      Mike Hibler authored
      1. Support for "one-shot" PXE booting ala the one-shot osid. Switches to
         pxelinux to boot WinPE and then switch back after done. Painful now
         because we have to HUP dhcpd everytime we change the PXE path, but we
         may be able to fix this in the future by going all-pxelinux-all-the-time.
      2. Added pxe_select, analogous to os_select, for changing the pxe_boot_path
         including the one time path.
      3. Added the WIMRELOAD state machine to shepherd a node through the process.
         Still has some rough edges and may need refining.
  31. 10 Aug, 2011 1 commit
  32. 27 Jul, 2011 1 commit
  33. 26 Jul, 2011 1 commit
  34. 21 Jul, 2011 1 commit
  35. 20 Jul, 2011 1 commit
  36. 19 Jul, 2011 1 commit