tmack@plc

Upgrade VINI using latest MyPLC 9-21-2007

Vini's MyPLC has been upgrade. This means that:

1) DB schema was converted and all existing data imported

2) API code was updated.

3) Web gui was already using drupal. Kept intack.  

 I will continue to keep the VINI backend (db/api) in sync PLC. 

GetSliceKeys 9-10-2007

Added new api method GetSliceKeys(). This methods returns an array of structs containing public key info for users in the specified slices. If slice_filter is specified and is an array of slice identifiers or slice names, or a struct of slice attributes, only slices matching the filter will be returned. If return_fields is specified, only the specified details will be returned.

Users may only query slices of which they are members. PIs may query any of the slices at their sites. Admins and nodes may query any slice. If a slice that cannot be queried is specified in slice_filter, details about that slice will not be returned.

 

Prototype:

GetSliceKeys(auth, slice_filter = None, return_fields = None)

Alpha PLC testing environment 8-31-2007

Alpha plc testing environment is now completey set up on yankee. It seems plc configuration errors and missing files (themes that we dont package in myplc rpm) prevented the gui from working before.

Be aware that this PLC interacts with the production database. Any actions you perfrom via the web/api will affect the production db.

Record when records were last updated 8-22-2007

It seem the api was neglecting to update the 'last_updated' field in the 'nodes', 'persons' and 'sites' database tables. This field was supposed to keep track of the last time an individual record was updated (i.e. the last time a node's bootstate was updated). This field is now being update.

 

Federation patches 7-24-2007

Recently merged in Thierry's patch which allows local plc to delete slice attributes set by peers.

Thierry is currently wroking on the policy engine regarding accepting slice attribute between peers.

 

Alpha testing environment for PLC 7-24-2007

The Alpha PLC environment is set up on Yankee and access the prodcution database. I've been using this environment to test development api code before releasing it production api servers. The plan is to use this environmet to test all myplc development code.

Everything except for the web gui is working, which may be fixed by updating some libraries.

 

Slice whitelist 7-24-2007

Added GetWhitelist() to the api. It acts just like GetNodes(), except it only returns nodes with a whitelist.

 

Slice whitelist July 12 2007

I recently added slice whitelisting functionality to the myplc api. This gives admins the ability to manage slice whitelists on specific nodes. Implementation details follow:

Database

I had to create a new table that stores the node slice white list relationship. This table is called 'node_slice_whitelist'. I also made an aggregate view ('node_slices_whitelist') for this table and added the aggregate view to the 'view_nodes' view so that the Node/Nodes api database entity has access to this data.

API

I had to update existing api database entities.

Nodes.py - added the 'slice_ids_whitelist' Parameter to Node.fields dictionary. This allows queries to view_nodes to return this field.

Slices.py - I added two helper methods to the Slice class, add_to_node_whitelist(), delte_from_node_whitelist().

I also had to update existing api methods.

AddSliceToNodes.py - make sure we check if the node has a whitelist before we attept to add a slice to it. If a whitelist exists, only allow slices on the whitelist to be added.

GetNodes.py - if not admin, only return nodes without a whitelist or nodes where users slice is on the whitelist

And finally I added some admin only methods for managing node whitelists.

AddSliceToNodesWhitelist.py

DelteSliceFromNodesWhitelist.py

 

Slice whitelist July 5 2007

Working on adding a slice white-list functionality to api. The goal is to be able to specify which slices are allowed on certain nodes. The results would be:

1) Nodes without a whitelist can be used by everyone.

2) Nodes with a whitelist will only accept slices on that whitelist. You have to be a member of a slice on that whitelist in order to see the node.

 

OneLab federation patches June 26 2007

- I had to update PyCurl.py in new_plc_api module to properly accept/use peer certificates.

- Added /usr/bin/refresh-peer.py script to myplc on guarddog and created a cron job which runs this every hour. I added the cron job to /plc/root/etc/plc.d/crond (generates /plc/root/etc/cron.d/plc.cron) which makes this job permanent across reboots.

refresh-peer keeps logs of its activity at /var/log/refresh-peer-PEERNAME.log. Access to these logs help Thierry monitor federation, so I set up access to them on the web at planet-lab.org/peers and secured it with htaccess. Thierry has set the same thing up on his plc so we could monitor each others logs.