1. 06 Aug, 2014 1 commit
  2. 10 Jul, 2014 1 commit
  3. 09 Jul, 2014 1 commit
  4. 01 Jul, 2014 1 commit
  5. 20 Jun, 2013 1 commit
    • Leigh Stoller's avatar
      A big set of changes to how we create XEN guest disks. · fbc26aea
      Leigh Stoller authored
      Prior to this commit, XEN guests disks were single partition, no MBR,
      the bits dumped into the lvm. This makes a snapshot of a XEN node,
      look completely different then a physical disk image, especially if
      users want more disk space (mkextrafs) inside the guest, and then want
      to take a snapshot of that, and then run it on a physical node (which
      was not possible).
      
      With these changes, guests now use the same MBR layout as our version
      two MBR, which makes them interchangeable with physical disk images.
      In fact, the goal is to be able to switch back and forth as needed,
      based on physical resource availability.
      fbc26aea
  6. 16 May, 2013 1 commit
  7. 14 May, 2013 1 commit
    • Leigh Stoller's avatar
      Add prototype EC2 image import plumbing. · 980aa180
      Leigh Stoller authored
      To create a new descriptor that will be an import from EC2 (and thus
      run under XEN), add ?ec2=1 to newimage_ez.php3. Eventually will link
      it in someplace. The form will create a XEN based VM, but instead of
      node to snapshot from, provide user@host for the EC2 instance.
      
      On the image snapshot page, instead of node use user@host for the EC2
      instance.
      
      The backend script (create_image) will call over to ops and invoke
      Srikanth's code. I have called that script ec2import-image.pl. See
      create_image for how arguments are passed to the script.
      980aa180
  8. 24 Sep, 2012 1 commit
    • Eric Eide's avatar
      Replace license symbols with {{{ }}}-enclosed license blocks. · 6df609a9
      Eric Eide authored
      This commit is intended to makes the license status of Emulab and
      ProtoGENI source files more clear.  It replaces license symbols like
      "EMULAB-COPYRIGHT" and "GENIPUBLIC-COPYRIGHT" with {{{ }}}-delimited
      blocks that contain actual license statements.
      
      This change was driven by the fact that today, most people acquire and
      track Emulab and ProtoGENI sources via git.
      
      Before the Emulab source code was kept in git, the Flux Research Group
      at the University of Utah would roll distributions by making tar
      files.  As part of that process, the Flux Group would replace the
      license symbols in the source files with actual license statements.
      
      When the Flux Group moved to git, people outside of the group started
      to see the source files with the "unexpanded" symbols.  This meant
      that people acquired source files without actual license statements in
      them.  All the relevant files had Utah *copyright* statements in them,
      but without the expanded *license* statements, the licensing status of
      the source files was unclear.
      
      This commit is intended to clear up that confusion.
      
      Most Utah-copyrighted files in the Emulab source tree are distributed
      under the terms of the Affero GNU General Public License, version 3
      (AGPLv3).
      
      Most Utah-copyrighted files related to ProtoGENI are distributed under
      the terms of the GENI Public License, which is a BSD-like open-source
      license.
      
      Some Utah-copyrighted files in the Emulab source tree are distributed
      under the terms of the GNU Lesser General Public License, version 2.1
      (LGPL).
      6df609a9
  9. 27 Aug, 2012 1 commit
    • Leigh Stoller's avatar
      Add support for creating snapshot images of OpenVZ containers via the · fdd08bb4
      Leigh Stoller authored
      web interface.
      
      Most of this commit is about making it easier to create the
      descriptors (of any kind) The newimageid_ez page now takes an optional
      node_id on which to base the new descriptor; most of the fields are
      initialized.
      
      You can also provide optional imageid and osinfo arguments, which
      allows for slightly less info to be initialized.
      
      Then on the ShowNode page, the link to create an image will take you
      to the snapshot image page if the user has write access to the image,
      otherwise to the newimageid_iz page to create and snapshot a new
      image descriptor.
      fdd08bb4
  10. 06 Sep, 2011 1 commit
  11. 30 Aug, 2011 1 commit
  12. 28 Mar, 2007 1 commit
  13. 12 Feb, 2007 1 commit
    • Leigh Stoller's avatar
      * Replace the argument processing code in all pages. Currently we rely on · 48acc8e3
      Leigh Stoller authored
        register_globals=1 to turn POST/GET/COOKIES arguments in local variables.
        This is known to be a terrible security risk, and we keep saying we are
        going to fix it, and now I am. In order to accomplish this on a
        transitional basis (since I don't want the entire web interface to stop
        working while I debug it), and because the code just needs the cleanup, I
        am doing it like this: Each page will sport new declarations at the top:
      
      	RequiredPageArguments("experiment", PAGEARG_EXPERIMENT,
                                    "template",   PAGEARG_TEMPLATE,
                                    "instance",   PAGEARG_INSTANCE,
                                    "metadata",   PAGEARG_METADATA,
                                    "osinfo",     PAGEARG_OSINFO,
                                    "image",      PAGEARG_IMAGE,
                                    "project",    PAGEARG_PROJECT,
                                    "group",      PAGEARG_GROUP,
                                    "user",       PAGEARG_USER,
      			      "node",       PAGEARG_NODE,
      			      "yesno",      PAGEARG_BOOLEAN,
      			      "message",    PAGEARG_STRING,
      			      "age",        PAGEARG_INTEGER,
                                    "cost",       PAGEARG_NUMERIC,
                                    "formfields", PAGEARG_ARRAY,
                                    "unknown",    PAGEARG_ANYTHING);
      
      	OptionalPageArguments("canceled", PAGEARG_BOOLEAN);
      
        The first token in each pair is the name of the global variable to
        set, and the second token is the type. So, for "experiment" we look at
        the URL for a pid/eid or exptidx, etc, sanity check them (safe for a
        DB query), and then try to find that experiment in the DB. If it maps
        to an experiment, set global variable $experiment to the object. Since
        its a required argument, produce an error if not supplied. Similar
        treatment for optional arguments, with the obvious difference.
      
        The goal is to have ALL argument processing in one place, consistent,
        and correct. I've found numerous places where we leak unchecked
        arguments into queries. It also cuts out a lot of duplicated code.
      
      * To make the above easier to deal with, I've been replacing lots of
        hardcoded URLS in the code of the form:
      
      	foo.php3?pid=$pid&eid=$eid ...
      
        with
      
              CreateURL("foo", $experiment)
      
        which creates and returns the neccessary url string, by looking at
        the type of its arguments (experiment, template, instance, etc.)
      
        Eventually plan to replace them all so that URL handling throughout
        the code is all defined in one place (all the new URL code is in
        url_defs.php).
      
      * I have cranked up error reporting to tell me anytime a variable is
        used before it is initialized, plus a bunch of other stuff that PHP
        deems improper. Think of it like -Wall ... and boy we get a lot of
        warnings.  A very large percentage of the diffs are to fix all these
        warnings.
      
        The warnings are currently going to /usr/testbed/log/php-errors.log,
        and I'll be adding a script to capture them each night and mail them
        to tbops. This file also gets errors (this will be a change for
        developers; rather then seeing errors and warnings dumped in the
        middle of web pages, they will go to this file instead).
      
      * Major refactoring of the code. More objects (nodes, images, osids).
        Moving tons of queries into the objects in the hopes of someday
        getting to a point where we can split the web interface onto a
        different server.  Lots of general cleanup.
      48acc8e3
  14. 18 Jan, 2007 1 commit
  15. 09 Jan, 2007 1 commit
  16. 20 Dec, 2006 1 commit
  17. 13 Mar, 2006 2 commits
    • Leigh Stoller's avatar
      A couple minor tweaks to allow taking snapshots of global images, · 026d4c32
      Leigh Stoller authored
      which are stored in /proj/$pid/images since they cannot go directly
      to boss. They need to be copied back of course, but only admins
      can create global images anyway.
      026d4c32
    • Leigh Stoller's avatar
      A set of changes to run "prepare" on a node just prior to an image · d8f8f9b4
      Leigh Stoller authored
      being taken.
      
      The basic strategy is to have node_reboot (when -p option supplied)
      invoke a special command on the node that will cause the shutdown
      procedure to run prepare as it goes single user, but before the
      network is turned off and the machine rebooted. The output of the
      prepare run is capture and send back via the tmcd BOOTLOG command and
      stored in the DB, so that create_image can dump that to the logfile
      (so that the person taking the image can know for certain that the
      prepare ran and finished okay).
      
      On linux this is pretty easy to arrange since reboot is actually
      shutdown and shutdown runs the K scripts in /etc/rc.d/rc6.d, and at
      the end the node is basically single user mode. I just added a new
      script to run prepare and send back the output.
      
      On FreeBSD this is a lot harder since there are no decent hooks.
      Instead, I had to hack up init (see tmcd/freebsd/init/{4,5,6}) with
      some simple code that looks for a command to run instead of going to a
      single user shell. The command (script) runs prepare, sends the output
      back to tmcd, and then does a real reboot.
      
      Okay, so how to get -p passed to node_reboot? I hacked up the
      libadminmfs code slightly to do that, with new 'prepare' argument
      option. This may not be the best approach; might have to do this as a
      real state transition if problems develop. I will wait and see.
      
      Also, I changed www/loadimage.php3 to spew the output of the
      create_image to the browser.
      d8f8f9b4
  18. 10 Sep, 2004 1 commit
    • Leigh Stoller's avatar
      Small change to suexec code. This change has the potential for creating · 7e731fba
      Leigh Stoller authored
      unanticipated breakage. If that happens, just need to back out the
      changes under the "suexec-stuff" tag. However, the better solution will
      probably be to fix the PHP scripts that break by adding the proper
      groups in the call to suexec (in the web page, see below) or by fixing
      the backend Perl script that breaks.
      
      This fix is primarily to address the problem of some users being in more
      groups (cause of subgroups) then the max number of groups allowed
      (NGROUPS).  The groups that really mattered (say, for creating an
      experiment in a subgroup) could be left out cause they were at the end
      of the list.
      
      * suexec.c: Change how groups are handled. Instead of taking a single
        gid argument (the gid to setgid as), now takes a comma separated list
        of groups. Further, instead of doing a setgroups to the user's entire
        group list as specified in the groups file (getgroups), setgroups to
        just the groups listed on the command line, plus the user's primary
        group from the password file (this is to prevent potential breakage
        with accessing files from the users homedir, although might not really
        be necessary).
      
        This change is somewhat rational in the sense that in our case, suexec
        is not being used to run arbitrary user code (CGIs), but only to run
        specific scripts that we say should be run. The environment for
        running those scripts can be more tightly controlled then it would
        otherwise need to be if running some random CGI the user has in his
        public html directory.
      
      * www: Change the gid argument to SUEXEC() in a number of scripts so
        that the project and subgroup are explicitly given to suexec, as
        described above. For example, in beginexp:
      
      	SUEXEC(gid, "$pid,$unix_gid", ....);
      
        Aside: note that project names (pid) are always one to one with their
        unix group name, but subgroup names are not, and *always* have to be
        looked up in the DB, hence the "unix_gid" argument.
      
        Script breakage should require nothing more then adding the proper
        group to the list as above.
      7e731fba
  19. 13 Apr, 2004 1 commit
    • Leigh Stoller's avatar
      Do not allow images that are marked global to be created via the · 95b185bd
      Leigh Stoller authored
      create_image script. Also check path; filename must translate to a path
      on /proj, /users, or /groups since the image is actually written from
      the node, and those are the only places it makes sense to write them to.
      
      Minor change to web interface; email error messages to user *and* to
      tbops; was going only to tbops.
      95b185bd
  20. 16 Apr, 2003 2 commits
    • Chad Barb's avatar
      · ae02e458
      Chad Barb authored
      Alright...
      'dump' -> 'snapshot'.
      
      <pedantic>
      Also, since we're inventing a verb, we invent usage too.
      What works most of the time is
      "snapshot *into* an image descriptor",
      but for places where that won't work
      (a good example is where you'd otherwise have to
       say 'snapshotting' or 'snapshotted'), we instead
      "Obtain a snapshot *for* an image descriptor."
      (or "are obtaining", or "obtained".)
      </pedantic>
      ae02e458
    • Chad Barb's avatar
      · 765b6028
      Chad Barb authored
      Changed language:
       + 'load' becomes 'dump'
       + 'create from <node>' becomes 'obtain from <node>'
      765b6028
  21. 15 Apr, 2003 1 commit
    • Chad Barb's avatar
      · daa2534b
      Chad Barb authored
      + Added web page to do post-create loading of image from node.
      
      + Added menu item for page to Show Image Descriptor submenu.
      
      + Changed warning in newimageid_ez.php3 to suit new reality.
      daa2534b