Hi Brian,
The framework you need is there but Linux.pm hasn't been worked on yet. The
info at the following URL is pretty current:
http://cwiki.apache.org/confluence/display/VCL/Operating+System+Module+Interface+Specification
For the issues you mentioned, you'll need to implement 2 subroutines:
-grant_access()
-reserve()
These subs can call any other subs in the OS module or from a module it inherits
from. Once you implement these, the state modules (new.pm, reserve.pm, ...)
will bypass their calls to add users, configure ext_sshd, etc. via code like this:
reserved.pm:
if ($self->os->can("grant_access")) {
call $os->grant_access()...
}
elsif ($computer_type =~ /blade|virtualmachine/) {
call old subs out of utils.pm...
}
Your capture_prepare() and capture_start() subs will work for now, but they
should eventually be changed to a single sub named pre_capture(). Take a look
at pre_capture() in Windows_mod.pm and also the section in xCAT.pm where
pre_capture() is called. The provisioning engine's capture() sub calls
OS::pre_capture() and passes it the ending power state it desires. xCAT.pm
wants the computer to be shut down by pre_capture(), so the call is:
$self->os->pre_capture({end_state => 'off'}
Any other subs not listed on the page noted above can really be named anything
but it would be nice to try to align the sub names with Window_mod.pm. I think
it's best to work these subs out in Ubuntu.pm. Any subs which can be used by
any flavor of Linux should eventually be moved up to Linux.pm, and Ubuntu.pm
should inherit from Linux.pm.
I have begun describing the inheritance details here:
http://cwiki.apache.org/confluence/display/VCL/Operating+System+Module+Inheritance
Hope this helps,
Andy
Brian Bouterse wrote:
I've tried to add in an Ubuntu virtual machine into a VCL installation
using the latest code base and the esx.pm module. The VM gets
provisioned properly, VCL ssh's into the box, queries the public IP
properly, but fails to add the user and set their password.
I thought I could write an OS module to add the Ubuntu support, so I
created a Ubuntu.pm based on the existing Linux.pm since most of that
worked already for Ubuntu. As a reference for others, I installed this
Ubuntu.pm by doing the following modifications:
1) Insert a row into the module table with `perlpackage` equal to
'VCL::Module::OS::Ubuntu'
2) Insert a row into the OS table with `moduleid` equal to the id of the
entry from step 1 in the module table
3) Insert/Modify a row in the image table with `OSid` equal to the id of
the entry from step 2 in the OS table
Here is the log output showing what isn't working with this Ubuntu.pm
module as it manipulates an ubuntu VM:
2009-03-25 22:17:27|20858|113:13|reserved|reserved.pm:process(191)|user
acknowledged, remote IP: 76.182.122.192
2009-03-25 22:17:27|20858|113:13|reserved|reserved.pm:process(210)|blade
or virtual machine detected: virtualmachine
2009-03-25 22:17:27|20858|113:13|reserved|reserved.pm:process(264)|Linux
image detected: ubuntu
2009-03-25
22:17:27|20858|113:13|reserved|utils.pm:run_ssh_command(6691)|executing
SSH command on vcl12: /usr/sbin/useradd -u 101 -d /home/admin -m admin
-g ncsu
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6772)|run_ssh_command
output: useradd: unknown group ncsu
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6775)|SSH
command executed on vcl12: /usr/sbin/useradd -u 101 -d /home/admin -m
admin -g ncsu, returning (6, output)
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6691)|executing
SSH command on vcl12: cat /etc/passwd
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6772)|run_ssh_command
output: root:x:0:0:root:/root:/bin/bash
|20858|113:13|reserved| daemon:x:1:1:daemon:/usr/sbin:/bin/sh
|20858|113:13|reserved| bin:x:2:2:bin:/bin:/bin/sh
|20858|113:13|reserved| sys:x:3:3:sys:/dev:/bin/sh
|20858|113:13|reserved| sync:x:4:65534:sync:/bin:/bin/sync
|20858|113:13|reserved| games:x:5:60:games:/usr/games:/bin/sh
|20858|113:13|reserved| man:x:6:12:man:/var/cache/man:/bin/sh
|20858|113:13|reserved| lp:x:7:7:lp:/var/spool/lpd:/bin/sh
|20858|113:13|reserved| mail:x:8:8:mail:/var/mail:/bin/sh
|20858|113:13|reserved| news:x:9:9:news:/var/spool/news:/bin/sh
|20858|113:13|reserved| uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
|20858|113:13|reserved| proxy:x:13:13:proxy:/bin:/bin/sh
|20858|113:13|reserved| www-data:x:33:33:www-data:/var/www:/bin/sh
|20858|113:13|reserved| backup:x:34:34:backup:/var/backups:/bin/sh
|20858|113:13|reserved| list:x:38:38:Mailing List Manager:/var/list:/bin/sh
|20858|113:13|reserved| irc:x:39:39:ircd:/var/run/ircd:/bin/sh
|20858|113:13|reserved| gnats:x:41:41:Gnats Bug-Reporting System
(admin):/var/lib/gnats:/bin/sh
|20858|113:13|reserved| nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
|20858|113:13|reserved| libuuid:x:100:101::/var/lib/libuuid:/bin/sh
|20858|113:13|reserved| syslog:x:101:102::/home/syslog:/bin/false
|20858|113:13|reserved| klog:x:102:103::/home/klog:/bin/false
|20858|113:13|reserved| hplip:x:103:7:HPLIP system
user,,,:/var/run/hplip:/bin/false
|20858|113:13|reserved| avahi-autoipd:x:104:112:Avahi autoip
daemon,,,:/var/lib/avahi-autoipd:/bin/false
|20858|113:13|reserved| gdm:x:105:113:Gnome Display
Manager:/var/lib/gdm:/bin/false
|20858|113:13|reserved| pulse:x:106:115:PulseAudio
daemon,,,:/var/run/pulse:/bin/false
|20858|113:13|reserved| saned:x:107:118::/home/saned:/bin/false
|20858|113:13|reserved| messagebus:x:108:119::/var/run/dbus:/bin/false
|20858|113:13|reserved|
polkituser:x:109:120:PolicyKit,,,:/var/run/PolicyKit:/bin/false
|20858|113:13|reserved| avahi:x:110:121:Avahi mDNS
daemon,,,:/var/run/avahi-daemon:/bin/false
|20858|113:13|reserved| haldaemon:x:111:122:Hardware abstraction
layer,,,:/var/run/hald:/bin/false
|20858|113:13|reserved| tchaw:x:1000:1000:TC Ling,,,:/home/tchaw:/bin/bash
|20858|113:13|reserved| sshd:x:112:65534::/var/run/sshd:/usr/sbin/nologin
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6775)|SSH
command executed on vcl12: cat /etc/passwd, returning (0, output)
2009-03-25 22:17:28|20858|113:13|reserved|utils.pm:add_user(3093)|added
user account admin to vcl12
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6691)|executing
SSH command on vcl12: echo "AllowUsers admin" >>
/etc/ssh/external_sshd_config
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6772)|run_ssh_command
output: none
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6775)|SSH
command executed on vcl12: echo "AllowUsers admin" >>
/etc/ssh/external_sshd_config, returning (0, output)
2009-03-25 22:17:28|20858|113:13|reserved|utils.pm:add_user(3096)|added
AllowUsers admin to external_sshd_config
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6691)|executing
SSH command on vcl12: /etc/init.d/ext_sshd restart
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6772)|run_ssh_command
output: bash: /etc/init.d/ext_sshd: No such file or directory
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6775)|SSH
command executed on vcl12: /etc/init.d/ext_sshd restart, returning (127,
output)
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:add_user(3114)|started ext_sshd
on vcl12
2009-03-25 22:17:28|20858|113:13|reserved|reserved.pm:process(290)|user
admin added to vcl12
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:insertloadlog(5320)|inserted
computer=5, info, reserved: adding user and opening remote access port
for 76.182.122.192
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6691)|executing
SSH command on vcl12: echo 5wLstN | /usr/bin/passwd -f admin --stdin
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6772)|run_ssh_command
output: /usr/bin/passwd: invalid option -- 'f'
|20858|113:13|reserved| Usage: passwd [options] [LOGIN]
|20858|113:13|reserved| Options:
|20858|113:13|reserved| -a, --all report password
status on all accounts
|20858|113:13|reserved| -d, --delete delete the
password for the named account
|20858|113:13|reserved| -e, --expire force expire the
password for the named account
|20858|113:13|reserved| -h, --help display this
help message and exit
|20858|113:13|reserved| -k, --keep-tokens change password
only if expired
|20858|113:13|reserved| -i, --inactive INACTIVE set password
inactive after expiration
|20858|113:13|reserved| to INACTIVE
|20858|113:13|reserved| -l, --lock lock the named
account
|20858|113:13|reserved| -n, --mindays MIN_DAYS set minimum
number of days before password
|20858|113:13|reserved| change to MIN_DAYS
|20858|113:13|reserved| -q, --quiet quiet mode
|20858|113:13|reserved| -r, --repository REPOSITORY change password
in REPOSITORY repository
|20858|113:13|reserved| -S, --status report password
status on the named account
|20858|113:13|reserved| -u, --unlock unlock the named
account
|20858|113:13|reserved| -w, --warndays WARN_DAYS set expiration
warning days to WARN_DAYS
|20858|113:13|reserved| -x, --maxdays MAX_DAYS set maximim
number of days before password
|20858|113:13|reserved| change to MAX_DAYS
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:run_ssh_command(6775)|SSH
command executed on vcl12: echo 5wLstN | /usr/bin/passwd -f admin
--stdin, returning (6, output)
|20858|113:13|reserved| ---- WARNING ----
|20858|113:13|reserved| 2009-03-25
22:17:28|20858|113:13|reserved|reserved.pm:process(308)|could not change
linux password for admin on vcl12
|20858|113:13|reserved| ( 0) utils.pm, notify (line: 691)
|20858|113:13|reserved| (-1) reserved.pm, process (line: 308)
|20858|113:13|reserved| (-2) vcld, make_new_child (line: 600)
|20858|113:13|reserved| (-3) vcld, main (line: 347)
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:insertloadlog(5320)|inserted
computer=5, failed, reserved: could not change user password on node
2009-03-25
22:17:28|20858|113:13|reserved|reserved.pm:process(430)|retval_conn =
failed
2009-03-25
22:17:28|20858|113:13|reserved|reserved.pm:process(577)|failed to
reserve machine
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:update_request_state(2283)|request
113 state updated to: failed, laststate to: reserved
2009-03-25
22:17:28|20858|113:13|reserved|reserved.pm:process(579)|setting request
into failed state
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:update_computer_state(2325)|computer
5 state updated to: failed
2009-03-25
22:17:28|20858|113:13|reserved|reserved.pm:process(587)|setting
computerid 5 into failed state
2009-03-25 22:17:28|20858|113:13|reserved|reserved.pm:process(595)|log
id 50 was updated and ending set to failed
2009-03-25 22:17:28|20858|113:13|reserved|reserved.pm:process(602)|exiting
2009-03-25
22:17:28|20858|113:13|reserved|State.pm:DESTROY(439)|destructor called,
ref($self)=VCL::reserved
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:delete_computerloadlog_reservation(8032)|removing
computerloadlog entries matching loadstate = begin
2009-03-25
22:17:28|20858|113:13|reserved|utils.pm:delete_computerloadlog_reservation(8079)|deleted
rows from computerloadlog for reservation id=13
2009-03-25 22:17:28|20858|113:13|reserved|State.pm:DESTROY(442)|removed
computerloadlog rows with loadstate=begin for reservation
2009-03-25 22:17:28|20858|113:13|reserved|State.pm:DESTROY(450)|number
of database handles state process created: 1
2009-03-25 22:17:28|20858|113:13|reserved|State.pm:DESTROY(459)|process
has a database handle stored in $ENV{dbh}, attempting disconnect
2009-03-25
22:17:28|20858|113:13|reserved|State.pm:DESTROY(461)|$ENV{dbh}: database
disconnect successful
2009-03-25 22:17:28|19554|vcld:REAPER(750)|VCL process exited for
reservation 13
From doing some forensics on the deployed VM, here what I see isn't
working currently:
1) I have the same problem as Melba, `/usr/sbin/useradd -u 101 -d
/home/admin -m admin -g ncsu` fails " because useradd says unknown group
ncsu"
2) It cannot start /etc/init.d/ext_sshd because ext_sshd doesn't
exist. The log reports incorrectly that the "ext_sshd was started on
vcl12" This looks like a bug in utils.pm add_user.
3) The log reports incorrectly that the user "admin" was successfully
placed into the /etc/passwd file, but that isn't true. This looks like
a bug reserved.pm
4) The "admin" user's password isn't being set. This is the command
which fails: "echo 5wLstN | /usr/bin/passwd -f admin --stdin" The
problem is that on Ubuntu '-f' is an invalid option.
How can this be fixed?
More OS Modularization! The Ubuntu.pm file currently only has the
following three methods.
sub capture_prepare ()
sub capture_start ()
sub delete_user ()
What are the function names for things like .... {useradd, and services
management (ie ssh)} that I can use in my Ubuntu.pm file?
Best,
Brian
Brian Bouterse
Secure Open Systems Initiative
919.698.8796
--
Andy Kurth
Virtual Computing Lab
Office of Information Technology
North Carolina State University
andy_ku...@ncsu.edu
919.513.4090