import StringIO
import getafsgroups
-sys.stderr = StringIO.StringIO()
+errio = StringIO.StringIO()
+sys.stderr = errio
sys.path.append('/home/ecprice/.local/lib/python2.5/site-packages')
from Cheetah.Template import Template
MAX_VMS_TOTAL = 10
MAX_VMS_ACTIVE = 4
-def getMachinesByOwner(owner):
- """Return the machines owned by a given owner."""
+def getMachinesByOwner(user, machine=None):
+ """Return the machines owned by the same as a machine.
+
+ If the machine is None, return the machines owned by the same
+ user.
+ """
+ if machine:
+ owner = machine.owner
+ else:
+ owner = user.username
return Machine.select_by(owner=owner)
-def maxMemory(user, machine=None):
+def maxMemory(user, machine=None, on=True):
"""Return the maximum memory for a machine or a user.
If machine is None, return the memory available for a new
machine. Else, return the maximum that machine can have.
- on is a dictionary from machines to booleans, whether a machine is
- on. If None, it is recomputed. XXX make this global?
+ on is whether the machine should be turned on. If false, the max
+ memory for the machine to change to, if it is left off, is
+ returned.
"""
-
- machines = getMachinesByOwner(user.username)
+ if not on:
+ return MAX_MEMORY_SINGLE
+ machines = getMachinesByOwner(user, machine)
active_machines = [x for x in machines if g.uptimes[x]]
mem_usage = sum([x.memory for x in active_machines if x != machine])
return min(MAX_MEMORY_SINGLE, MAX_MEMORY_TOTAL-mem_usage)
def maxDisk(user, machine=None):
- machines = getMachinesByOwner(user.username)
+ machines = getMachinesByOwner(user, machine)
disk_usage = sum([sum([y.size for y in x.disks])
for x in machines if x != machine])
return min(MAX_DISK_SINGLE, MAX_DISK_TOTAL-disk_usage/1024.)
def canAddVm(user):
- machines = getMachinesByOwner(user.username)
+ machines = getMachinesByOwner(user)
active_machines = [x for x in machines if g.uptimes[x]]
return (len(machines) < MAX_VMS_TOTAL and
len(active_machines) < MAX_VMS_ACTIVE)
def haveAccess(user, machine):
- """Return whether a user has access to a machine"""
+ """Return whether a user has adminstrative access to a machine"""
+ if user.username == 'moo':
+ return True
+ if user.username in (machine.administrator, machine.owner):
+ return True
+ if getafsgroups.checkAfsGroup(user.username, machine.administrator, 'athena.mit.edu'): #XXX Cell?
+ return True
+ if getafsgroups.checkLockerOwner(user.username, machine.owner):
+ return True
+ return owns(user, machine)
+
+def owns(user, machine):
+ """Return whether a user owns a machine"""
if user.username == 'moo':
return True
- return getafsgroups.checkLockerOwner(user.username,machine.owner)
+ return getafsgroups.checkLockerOwner(user.username, machine.owner)
def error(op, user, fields, err, emsg):
"""Print an error page when a CodeError occurs"""
p.wait()
return p.stdout.read(), p.stderr.read()
if p.wait():
- raise CodeError('ERROR on remctl %s: %s' %
- (args, p.stderr.read()))
+ print >> sys.stderr, 'Error on remctl', args, ':'
+ print >> sys.stderr, p.stderr.read()
+ raise CodeError('ERROR on remctl')
return p.stdout.read()
def lvcreate(machine, disk):
id of the CD (e.g. 'gutsy_i386')
"""
if cdtype is not None:
- remctl('web', 'vmboot', machine.name,
+ remctl('control', machine.name, 'create',
cdtype)
else:
- remctl('web', 'vmboot', machine.name)
+ remctl('control', machine.name, 'create')
def registerMachine(machine):
"""Register a machine to be controlled by the web interface"""
Gets and parses xm list --long
"""
- value_string, err_string = remctl('list-long', machine.name, err=True)
+ value_string, err_string = remctl('control', machine.name, 'list-long', err=True)
if 'Unknown command' in err_string:
raise CodeError("ERROR in remctl list-long %s is not registered" % (machine.name,))
elif 'does not exist' in err_string:
machine.name = name
machine.memory = memory
machine.owner = user.username
+ machine.administrator = user.username
machine.contact = user.email
machine.uuid = uuidToString(randomUUID())
machine.boot_off_cd = True
return machine
-def validMemory(user, memory, machine=None):
- """Parse and validate limits for memory for a given user and machine."""
+def validMemory(user, memory, machine=None, on=True):
+ """Parse and validate limits for memory for a given user and machine.
+
+ on is whether the memory must be valid after the machine is
+ switched on.
+ """
try:
memory = int(memory)
if memory < MIN_MEMORY_SINGLE:
except ValueError:
raise InvalidInput('memory', memory,
"Minimum %s MB" % MIN_MEMORY_SINGLE)
- if memory > maxMemory(user, machine):
+ if memory > maxMemory(user, machine, on):
raise InvalidInput('memory', memory,
'Maximum %s MB' % maxMemory(user, machine))
return memory
"Already exists")
memory = fields.getfirst('memory')
- memory = validMemory(user, memory)
+ memory = validMemory(user, memory, on=True)
disk = fields.getfirst('disk')
disk = validDisk(user, disk)
def deleteVM(machine):
"""Delete a VM."""
- try:
- remctl('destroy', machine.name)
- except:
- pass
+ remctl('control', machine.name, 'destroy', err=True)
transaction = ctx.current.create_transaction()
delete_disk_pairs = [(machine.name, d.guest_device_name) for d in machine.disks]
try:
raise CodeError("Invalid action '%s'" % action)
if action == 'Reboot':
if cdrom is not None:
- remctl('reboot', machine.name, cdrom)
+ remctl('control', machine.name, 'reboot', cdrom)
else:
- remctl('reboot', machine.name)
+ remctl('control', machine.name, 'reboot')
elif action == 'Power on':
if maxMemory(user) < machine.memory:
raise InvalidInput('action', 'Power on',
"You don't have enough free RAM quota to turn on this machine")
bootMachine(machine, cdrom)
elif action == 'Power off':
- remctl('destroy', machine.name)
+ remctl('control', machine.name, 'destroy')
elif action == 'Shutdown':
- remctl('shutdown', machine.name)
+ remctl('control', machine.name, 'shutdown')
elif action == 'Delete VM':
deleteVM(machine)
print >> sys.stderr, time.time()-start_time
machine=machine)
return Template(file="command.tmpl", searchList=[d, global_dict])
-def testOwner(user, owner, machine=None):
- if not getafsgroups.checkLockerOwner(user.username, owner):
- raise InvalidInput('owner', owner,
- "Invalid")
- return owner
+def testAdmin(user, admin, machine):
+ if admin in (None, machine.administrator):
+ return None
+ if admin == user.username:
+ return admin
+ if getafsgroups.checkAfsGroup(user.username, admin, 'athena.mit.edu'):
+ return admin
+ if getafsgroups.checkAfsGroup(user.username, 'system:'+admin, 'athena.mit.edu'):
+ return 'system:'+admin
+ raise InvalidInput('admin', admin,
+ 'You must control the group you move it to')
+
+def testOwner(user, owner, machine):
+ if owner in (None, machine.owner):
+ return None
+ #XXX should you be able to transfer ownership if you don't already own it?
+ #if not owns(user, machine):
+ # raise InvalidInput('owner', owner, "You don't own this machine, so you can't transfer ownership")
+ value = getafsgroups.checkLockerOwner(user.username, owner, verbose=True)
+ if value == True:
+ return owner
+ raise InvalidInput('owner', owner, value)
def testContact(user, contact, machine=None):
- if contact != user.email:
- raise InvalidInput('contact', contact,
- "Invalid")
+ if contact in (None, machine.contact):
+ return None
+ if not re.match("^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", contact, re.I):
+ raise InvalidInput('contact', contact, "Not a valid email")
return contact
def testDisk(user, disksize, machine=None):
return disksize
def testName(user, name, machine=None):
- if Machine.select_by(name=name) == []:
- return name
- if name == machine.name:
+ if name in (None, machine.name):
+ return None
+ if not Machine.select_by(name=name):
return name
- raise InvalidInput('name', name,
- "Already taken")
+ raise InvalidInput('name', name, "Already taken")
def testHostname(user, hostname, machine):
for nic in machine.nics:
if hostname == nic.hostname:
return hostname
# check if doesn't already exist
- if NIC.select_by(hostname=hostname) == []:
- return hostname
- raise InvalidInput('hostname', hostname,
- "Different from before")
-
+ if NIC.select_by(hostname=hostname):
+ raise InvalidInput('hostname', hostname,
+ "Already exists")
+ if not re.match("^[A-Z0-9-]{1,22}$", hostname, re.I):
+ raise InvalidInput('hostname', hostname, "Not a valid hostname; must only use number, letters, and dashes.")
+ return hostname
def modify(user, fields):
"""Handler for modifying attributes of a machine."""
- #XXX not written yet
+ olddisk = {}
transaction = ctx.current.create_transaction()
try:
machine = testMachineId(user, fields.getfirst('machine_id'))
owner = testOwner(user, fields.getfirst('owner'), machine)
- contact = testContact(user, fields.getfirst('contact'))
- hostname = testHostname(owner, fields.getfirst('hostname'),
- machine)
+ admin = testAdmin(user, fields.getfirst('administrator'), machine)
+ contact = testContact(user, fields.getfirst('contact'), machine)
+ hostname = testHostname(owner, fields.getfirst('hostname'), machine)
name = testName(user, fields.getfirst('name'), machine)
oldname = machine.name
command="modify"
- olddisk = {}
memory = fields.getfirst('memory')
if memory is not None:
- memory = validMemory(user, memory, machine)
- else:
- memory = machine.memory
- if memory != machine.memory:
+ memory = validMemory(user, memory, machine, on=False)
machine.memory = memory
-
+
disksize = testDisk(user, fields.getfirst('disk'))
if disksize is not None:
disksize = validDisk(user, disksize, machine)
- else:
- disksize = machine.disks[0].size
- for disk in machine.disks:
- olddisk[disk.guest_device_name] = disk.size
- disk.size = disksize
- ctx.current.save(disk)
+ disk = machine.disks[0]
+ if disk.size != disksize:
+ olddisk[disk.guest_device_name] = disksize
+ disk.size = disksize
+ ctx.current.save(disk)
- # XXX all NICs get same hostname on change? Interface doesn't support more.
- for nic in machine.nics:
+ # XXX first NIC gets hostname on change? Interface doesn't support more.
+ for nic in machine.nics[:1]:
nic.hostname = hostname
ctx.current.save(nic)
- if owner != machine.owner:
+ if owner is not None:
machine.owner = owner
- if name != machine.name:
+ if name is not None:
machine.name = name
+ if admin is not None:
+ machine.administrator = admin
+ if contact is not None:
+ machine.contact = contact
ctx.current.save(machine)
transaction.commit()
except:
transaction.rollback()
raise
- remctl("web", "moveregister", oldname, name)
- for disk in machine.disks:
- # XXX all disks get the same size on change? Interface doesn't support more.
- if disk.size != olddisk[disk.guest_device_name]:
- remctl("web", "lvresize", oldname, disk.guest_device_name, str(disk.size))
- if oldname != name:
+ for diskname in olddisk:
+ remctl("web", "lvresize", oldname, diskname, str(olddisk[diskname]))
+ if name is not None:
+ for disk in machine.disks:
remctl("web", "lvrename", oldname, disk.guest_device_name, name)
+ remctl("web", "moveregister", oldname, name)
d = dict(user=user,
command=command,
machine=machine)
ParaVM machines use Xen's emulation of virtualization features. You
want an HVM virtualized machine.""",
cpu_weight="""Don't ask us! We're as mystified as you are.""",
- owner="""The Owner must be the name of a locker that you are an AFS
-administrator of. In particular, you or an AFS group you are a member
-of must have AFS rlidwka bits on the locker. You can check see who
-administers the LOCKER locker using the command 'fs la /mit/LOCKER' on
-Athena.)""")
+ owner="""The owner field is used to determine <a href="help?subject=quotas">quotas</a>. It must be the name
+of a locker that you are an AFS administrator of. In particular, you
+or an AFS group you are a member of must have AFS rlidwka bits on the
+locker. You can check see who administers the LOCKER locker using the
+command 'fs la /mit/LOCKER' on Athena.) See also <a href="help?subject=administrator">administrator</a>.""",
+ administrator="""The administrator field determines who can access the console and power on and off the machine. This can be either a user or a moira group.""",
+ quotas="""Quotas are determined on a per-locker basis. Each
+quota may have a maximum of 512 megabytes of active ram, 50 gigabytes of disk, and 4 active machines."""
+
+ )
+ if not subjects:
+ subjects = sorted(mapping.keys())
+
d = dict(user=user,
simple=simple,
subjects=subjects,
on_poweroff on_crash on_xend_start on_xend_stop bootloader""".split()
display_fields = [('name', 'Name'),
('owner', 'Owner'),
+ ('administrator', 'Administrator'),
('contact', 'Contact'),
('type', 'Type'),
'NIC_INFO',
machine_info['name'] = machine.name
machine_info['type'] = machine.type.hvm and 'HVM' or 'ParaVM'
machine_info['owner'] = machine.owner
+ machine_info['administrator'] = machine.administrator
machine_info['contact'] = machine.contact
nic_fields = getNicInfo(machine_info, machine)
u.email = 'nobody'
connect('postgres://sipb-xen@sipb-xen-dev/sipb_xen')
operation = os.environ.get('PATH_INFO', '')
-# print 'Content-Type: text/plain\n'
-# print operation
if not operation:
print "Status: 301 Moved Permanently"
print 'Location: ' + os.environ['SCRIPT_NAME']+'/\n'
try:
output = fun(u, fields)
print 'Content-Type: text/html\n'
- sys.stderr.seek(0)
- e = sys.stderr.read()
+ sys.stderr=sys.stdout
+ errio.seek(0)
+ e = errio.read()
if e:
output = str(output)
output = output.replace('<body>', '<body><p>STDERR:</p><pre>'+e+'</pre>')
print output
except CodeError, err:
print 'Content-Type: text/html\n'
- sys.stderr.seek(0)
- e = sys.stderr.read()
sys.stderr=sys.stdout
+ errio.seek(0)
+ e = errio.read()
print error(operation, u, fields, err, e)
except InvalidInput, err:
print 'Content-Type: text/html\n'
- sys.stderr.seek(0)
- e = sys.stderr.read()
sys.stderr=sys.stdout
+ errio.seek(0)
+ e = errio.read()
print invalidInput(operation, u, fields, err, e)
except:
print 'Content-Type: text/plain\n'
- sys.stderr.seek(0)
- e = sys.stderr.read()
+ sys.stderr=sys.stdout
+ errio.seek(0)
+ e = errio.read()
print e
print '----'
- sys.stderr = sys.stdout
raise
projects / invirt/packages/invirt-web.git / blobdiff