From c069a24e2587bf7be8ebbb418c7e987dd8dc4930 Mon Sep 17 00:00:00 2001 From: Dimitri Staessens Date: Fri, 9 Jul 2021 19:06:28 +0200 Subject: testbeds: Fix jfed support for recent CLI This updates jfed support for some recent changes in the CLI. Since the new CLI requires writing the jfed password to a text file, I added an option to set it in the experiment description too. It will still prompt if not set. There is also an option to enable/disable the bastion server, as there has been some changes to its login. --- rumba/testbeds/jfed.py | 70 +++++++++++++++++++++++++++++++++++--------------- 1 file changed, 49 insertions(+), 21 deletions(-) (limited to 'rumba/testbeds/jfed.py') diff --git a/rumba/testbeds/jfed.py b/rumba/testbeds/jfed.py index 8affa1d..cf8f556 100644 --- a/rumba/testbeds/jfed.py +++ b/rumba/testbeds/jfed.py @@ -53,7 +53,7 @@ class Testbed(mod.Testbed): def __init__(self, exp_name, username, cert_file, exp_hours="2", proj_name="rumba", authority="wall2.ilabt.iminds.be", image=None, image_custom=False, image_owner=None, - use_physical_machines=None): + use_physical_machines=None, passwd=None, enable_wall_proxy=False): """ Initializes the testbed class. @@ -67,11 +67,14 @@ class Testbed(mod.Testbed): :param image_custom: Is the image a custom one? :param image_owner: Creator of the image. :param use_physical_machines: Try to allocate physical machines. + :param passwd: jFed password .. note:: Supported authorities are wall1.ilabt.iminds.be, wall2.ilabt.iminds.be, exogeni.net, exogeni.net:umassvmsite. """ - passwd = getpass.getpass(prompt="Password for certificate file: ") + if passwd is None: + passwd = getpass.getpass(prompt="Password for certificate file: ") + mod.Testbed.__init__(self, exp_name, username, @@ -81,8 +84,11 @@ class Testbed(mod.Testbed): self.cert_file = cert_file self.exp_hours = exp_hours self.if_id = dict() + self.enable_wall_proxy = enable_wall_proxy self.rspec = os.path.join(mod.tmp_dir, self.exp_name + ".rspec") self.manifest = os.path.join(mod.tmp_dir, self.exp_name + ".rrspec") + self.prop_file = os.path.join(mod.tmp_dir, self.exp_name + ".prop") + self.pwd_file = os.path.join(mod.tmp_dir, self.exp_name + ".pwd") self.jfed_jar = os.path.join(mod.cache_dir, 'jfed_cli/experimenter-cli.jar') self.executor = SSHExecutor(self) @@ -171,7 +177,7 @@ class Testbed(mod.Testbed): el.setAttribute("client_id", node.name) if node.machine_type is None: - if (self.use_physical_machines): + if self.use_physical_machines: el.setAttribute("exclusive", "true") else: el.setAttribute("exclusive", "false") @@ -185,7 +191,7 @@ class Testbed(mod.Testbed): el2 = doc.createElement("sliver_type") el.appendChild(el2) - if (el.getAttribute("exclusive") == "true"): + if el.getAttribute("exclusive"): el2.setAttribute("name", "raw-pc") else: el2.setAttribute("name", "default-vm") @@ -230,9 +236,11 @@ class Testbed(mod.Testbed): :param experiment: The experiment. """ try: - subprocess.check_call(["java", "-jar", self.jfed_jar, "delete", - "-S", self.proj_name, "-s", self.exp_name, - "-p", self.cert_file, "-P", self.password]) + subprocess.check_call(["java", "-jar", + self.jfed_jar, "delete", + "-c", self.prop_file, + "-S", self.proj_name, + "-s", self.exp_name]) except subprocess.CalledProcessError as e: logger.error("jFed returned with error " + str(e.returncode)) raise @@ -245,35 +253,55 @@ class Testbed(mod.Testbed): """ self._create_rspec(experiment) - auth_name_r = self.auth_name.replace(".", "-") - for node in experiment.nodes: node.ssh_config.username = self.username node.ssh_config.password = self.password + logger.info("Writing jFed properties files") + try: + with open(self.pwd_file, "w") as _file: + _file.writelines([self.password + '\n']) + _file.close() + + with open(self.prop_file, "w") as _file: + _file.writelines(["username = " + self.username + '\n', + "passwordFilename = " + self.pwd_file + '\n', + "pemKeyAndCertFilename = " + self.cert_file + '\n']) + _file.close() + + except IOError as ex: + logger.error("Failed to write passwsord/properties file %s" % ex) + logger.info("Launching jFed...") try: - subprocess.check_call(["java", "-jar", self.jfed_jar, "create", - "-S", self.proj_name, "--rspec", - self.rspec, "-s", self.exp_name, "-p", - self.cert_file, "-k", - "usercert,userkeys,shareduserallkeys", - "--create-slice", "--manifest", - self.manifest, "-P", self.password, - "-e", self.exp_hours]) + cmd = ["java", "-jar", self.jfed_jar, + "create", + "-c", self.prop_file, + "-S", self.proj_name, + "--rspec", self.rspec, + "-s", self.exp_name, + "-k", "usercert,userkeys,shareduserallkeys", + "--create-slice", + "--manifest", self.manifest, + "-e", self.exp_hours] + + logger.debug("jFed command: %s" % " ".join(cmd)) + + subprocess.check_call(cmd) except subprocess.CalledProcessError as e: logger.error("jFed returned with error " + str(e.returncode)) + logger.warning("Note: jFed server requires clients to allow TLS 1.0") + logger.warning("Check your /etc//security/java.security file.") raise if "exogeni" in self.auth_name: try: subprocess.check_call(["java", "-jar", self.jfed_jar, + "-c", self.prop_file, "manifest", "-S", self.proj_name, "-s", self.exp_name, - "-p", self.cert_file, - "--manifest", self.manifest, - "-P", self.password]) + "--manifest", self.manifest]) except subprocess.CalledProcessError as e: logger.error("jFed returned with error " + str(e.returncode)) raise @@ -293,7 +321,7 @@ class Testbed(mod.Testbed): if node_n is None: logger.error("Didn't find node %s", n_name) - if "wall" in self.auth_name: + if self.enable_wall_proxy and "wall" in self.auth_name: node_n.ssh_config.proxy_server = "bastion.test.iminds.be" s_node = xml_node.getElementsByTagName("services")[0] -- cgit v1.2.3