aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Staessens <dimitri@ouroboros.rocks>2021-07-09 19:06:28 +0200
committerDimitri Staessens <dimitri@ouroboros.rocks>2021-07-09 19:09:59 +0200
commitc069a24e2587bf7be8ebbb418c7e987dd8dc4930 (patch)
treeaaf1100b74e45957e2ae048744e30854ea780f5e
parent5a5f1efdbe985bc5a6312217ef531a68f6a85fa7 (diff)
downloadrumba-c069a24e2587bf7be8ebbb418c7e987dd8dc4930.zip
rumba-c069a24e2587bf7be8ebbb418c7e987dd8dc4930.tar.gz
testbeds: Fix jfed support for recent CLI
This updates jfed support for some recent changes in the CLI. Since the new CLI requires writing the jfed password to a text file, I added an option to set it in the experiment description too. It will still prompt if not set. There is also an option to enable/disable the bastion server, as there has been some changes to its login.
-rw-r--r--rumba/prototypes/ouroboros.py3
-rw-r--r--rumba/ssh_support.py8
-rw-r--r--rumba/testbeds/jfed.py70
3 files changed, 56 insertions, 25 deletions
diff --git a/rumba/prototypes/ouroboros.py b/rumba/prototypes/ouroboros.py
index 58c8ac2..727a05c 100644
--- a/rumba/prototypes/ouroboros.py
+++ b/rumba/prototypes/ouroboros.py
@@ -170,7 +170,7 @@ class Experiment(mod.Experiment):
fs_loc = '/tmp/prototype'
- cmds = ["sudo apt-get install libprotobuf-c-dev --yes || true",
+ cmds = ["sudo DEBIAN_FRONTEND=noninteractive apt-get install libprotobuf-c-dev --yes || true",
"sudo rm -r " + fs_loc + " || true",
"git clone -b " + self.git_branch + " " + self.git_repo + \
" " + fs_loc,
@@ -362,7 +362,6 @@ class Experiment(mod.Experiment):
return d
-
def export_dif_bandwidth(self, filename, dif):
f = open(filename, 'w')
diff --git a/rumba/ssh_support.py b/rumba/ssh_support.py
index 7b3a163..e23a18e 100644
--- a/rumba/ssh_support.py
+++ b/rumba/ssh_support.py
@@ -89,6 +89,10 @@ def ssh_connect(hostname, port, username, password, time_out, proxy_server):
try:
proxy_client = None
if proxy_server is not None:
+ logger.debug('Using proxy server %s' % proxy_server)
+ # bastion changed to this username policy
+ if 'bastion' in proxy_server:
+ username = 'fff' + username
proxy_client = get_ssh_client()
# Assume port 22 for the proxy server for now
proxy_client.connect(proxy_server, 22, username, password,
@@ -402,9 +406,9 @@ def aptitude_install(testbed, node, packages):
return s
else:
def sudo(s):
- return 'sudo ' + s
+ return 'sudo' + s
- package_install = "apt-get install "
+ package_install = " DEBIAN_FRONTEND=noninteractive apt-get install "
for package in packages:
package_install += package + " "
package_install += "--yes"
diff --git a/rumba/testbeds/jfed.py b/rumba/testbeds/jfed.py
index 8affa1d..cf8f556 100644
--- a/rumba/testbeds/jfed.py
+++ b/rumba/testbeds/jfed.py
@@ -53,7 +53,7 @@ class Testbed(mod.Testbed):
def __init__(self, exp_name, username, cert_file, exp_hours="2",
proj_name="rumba", authority="wall2.ilabt.iminds.be",
image=None, image_custom=False, image_owner=None,
- use_physical_machines=None):
+ use_physical_machines=None, passwd=None, enable_wall_proxy=False):
"""
Initializes the testbed class.
@@ -67,11 +67,14 @@ class Testbed(mod.Testbed):
:param image_custom: Is the image a custom one?
:param image_owner: Creator of the image.
:param use_physical_machines: Try to allocate physical machines.
+ :param passwd: jFed password
.. note:: Supported authorities are wall1.ilabt.iminds.be,
wall2.ilabt.iminds.be, exogeni.net, exogeni.net:umassvmsite.
"""
- passwd = getpass.getpass(prompt="Password for certificate file: ")
+ if passwd is None:
+ passwd = getpass.getpass(prompt="Password for certificate file: ")
+
mod.Testbed.__init__(self,
exp_name,
username,
@@ -81,8 +84,11 @@ class Testbed(mod.Testbed):
self.cert_file = cert_file
self.exp_hours = exp_hours
self.if_id = dict()
+ self.enable_wall_proxy = enable_wall_proxy
self.rspec = os.path.join(mod.tmp_dir, self.exp_name + ".rspec")
self.manifest = os.path.join(mod.tmp_dir, self.exp_name + ".rrspec")
+ self.prop_file = os.path.join(mod.tmp_dir, self.exp_name + ".prop")
+ self.pwd_file = os.path.join(mod.tmp_dir, self.exp_name + ".pwd")
self.jfed_jar = os.path.join(mod.cache_dir,
'jfed_cli/experimenter-cli.jar')
self.executor = SSHExecutor(self)
@@ -171,7 +177,7 @@ class Testbed(mod.Testbed):
el.setAttribute("client_id", node.name)
if node.machine_type is None:
- if (self.use_physical_machines):
+ if self.use_physical_machines:
el.setAttribute("exclusive", "true")
else:
el.setAttribute("exclusive", "false")
@@ -185,7 +191,7 @@ class Testbed(mod.Testbed):
el2 = doc.createElement("sliver_type")
el.appendChild(el2)
- if (el.getAttribute("exclusive") == "true"):
+ if el.getAttribute("exclusive"):
el2.setAttribute("name", "raw-pc")
else:
el2.setAttribute("name", "default-vm")
@@ -230,9 +236,11 @@ class Testbed(mod.Testbed):
:param experiment: The experiment.
"""
try:
- subprocess.check_call(["java", "-jar", self.jfed_jar, "delete",
- "-S", self.proj_name, "-s", self.exp_name,
- "-p", self.cert_file, "-P", self.password])
+ subprocess.check_call(["java", "-jar",
+ self.jfed_jar, "delete",
+ "-c", self.prop_file,
+ "-S", self.proj_name,
+ "-s", self.exp_name])
except subprocess.CalledProcessError as e:
logger.error("jFed returned with error " + str(e.returncode))
raise
@@ -245,35 +253,55 @@ class Testbed(mod.Testbed):
"""
self._create_rspec(experiment)
- auth_name_r = self.auth_name.replace(".", "-")
-
for node in experiment.nodes:
node.ssh_config.username = self.username
node.ssh_config.password = self.password
+ logger.info("Writing jFed properties files")
+ try:
+ with open(self.pwd_file, "w") as _file:
+ _file.writelines([self.password + '\n'])
+ _file.close()
+
+ with open(self.prop_file, "w") as _file:
+ _file.writelines(["username = " + self.username + '\n',
+ "passwordFilename = " + self.pwd_file + '\n',
+ "pemKeyAndCertFilename = " + self.cert_file + '\n'])
+ _file.close()
+
+ except IOError as ex:
+ logger.error("Failed to write passwsord/properties file %s" % ex)
+
logger.info("Launching jFed...")
try:
- subprocess.check_call(["java", "-jar", self.jfed_jar, "create",
- "-S", self.proj_name, "--rspec",
- self.rspec, "-s", self.exp_name, "-p",
- self.cert_file, "-k",
- "usercert,userkeys,shareduserallkeys",
- "--create-slice", "--manifest",
- self.manifest, "-P", self.password,
- "-e", self.exp_hours])
+ cmd = ["java", "-jar", self.jfed_jar,
+ "create",
+ "-c", self.prop_file,
+ "-S", self.proj_name,
+ "--rspec", self.rspec,
+ "-s", self.exp_name,
+ "-k", "usercert,userkeys,shareduserallkeys",
+ "--create-slice",
+ "--manifest", self.manifest,
+ "-e", self.exp_hours]
+
+ logger.debug("jFed command: %s" % " ".join(cmd))
+
+ subprocess.check_call(cmd)
except subprocess.CalledProcessError as e:
logger.error("jFed returned with error " + str(e.returncode))
+ logger.warning("Note: jFed server requires clients to allow TLS 1.0")
+ logger.warning("Check your /etc/<java>/security/java.security file.")
raise
if "exogeni" in self.auth_name:
try:
subprocess.check_call(["java", "-jar", self.jfed_jar,
+ "-c", self.prop_file,
"manifest", "-S", self.proj_name,
"-s", self.exp_name,
- "-p", self.cert_file,
- "--manifest", self.manifest,
- "-P", self.password])
+ "--manifest", self.manifest])
except subprocess.CalledProcessError as e:
logger.error("jFed returned with error " + str(e.returncode))
raise
@@ -293,7 +321,7 @@ class Testbed(mod.Testbed):
if node_n is None:
logger.error("Didn't find node %s", n_name)
- if "wall" in self.auth_name:
+ if self.enable_wall_proxy and "wall" in self.auth_name:
node_n.ssh_config.proxy_server = "bastion.test.iminds.be"
s_node = xml_node.getElementsByTagName("services")[0]