source: fedkit/active_config.pl @ 88dbe63

axis_examplecompt_changesinfo-opsversion-3.01version-3.02
Last change on this file since 88dbe63 was 73e0a61, checked in by Ted Faber <faber@…>, 15 years ago

PG works (w/o routing)

  • Property mode set to 100644
File size: 3.4 KB
Line 
1#!/usr/bin/perl
2
3use strict;
4
5use gateway_lib;
6
7use IO::File;
8
9use Getopt::Long;
10
11my $ssh_pubkey;
12my $ssh_privkey;
13my $tunnelip;
14my $peer;
15my $fedkit_dir= "/usr/local/federation";
16my $perl = "/usr/bin/perl";
17my $iface_file = "/var/emulab/boot/ifmap";
18my $ssh = "/usr/bin/ssh";
19my $ssh_port = 22;
20my $use_file;
21
22my %opts = (
23    'ssh_pubkey=s' => \$ssh_pubkey,
24    'ssh_privkey=s' => \$ssh_privkey,
25    'tunnelip' => \$tunnelip,
26    'peer=s' => \$peer,
27    'fedkit=s' => \$fedkit_dir,
28    'perl=s' => \$perl,
29    'interfaces=s' => \$iface_file,
30    'ssh=s' => \$ssh,
31    'ssh_port=s' => \$ssh_port,
32    'use_file' => \$use_file,
33);
34
35exit(20) unless GetOptions(%opts);
36
37gateway_lib::read_config(gateway_lib::config_filename(), \%opts)
38    if $use_file;
39
40my $tunnelparam = $tunnelip ? '--tunnelip' : '';
41
42system("$perl -I$fedkit_dir/lib $fedkit_dir/bin/prep_gateway.pl --peer=$peer " .
43    "--ssh_pubkey=$ssh_pubkey $tunnelparam");
44exit(20) if $?;
45
46
47print "Waiting for ssh on $peer\n";
48gateway_lib::wait_for_port($peer, 22, 60*60) || 
49    die "ssh never came up on $peer\n";
50print "Making sure ssh permissions are reset\n";
51gateway_lib::testcmd_repeat("$ssh -o \"StrictHostKeyChecking no\" " .
52    "-i $ssh_privkey $peer ls", 5*60);
53
54if (my $f = new IO::File($iface_file)) {
55    my $ifnum = 0;
56    while (<$f>) {
57        /([[:alnum:]]+)\s+([\d\.]+)/ && do {
58            my ($iface, $addr) = ($1, $2);
59
60            my $cmd = "$ssh -w $ifnum:$ifnum -p $ssh_port " . 
61                "-o \"Tunnel ethernet\" -o \"StrictHostKeyChecking no\" " .
62                "-i $ssh_privkey $peer perl -I$fedkit_dir/lib ".
63                "$fedkit_dir/bin/setup_bridge.pl --tapno=$ifnum --dest=$addr &";
64            system($cmd);
65            die if $?;
66            gateway_lib::bind_tap_to_iface($ifnum, $iface, $addr);
67            $ifnum++;
68        };
69    }
70    $f->close();
71}
72else {
73    warn "Can't open $iface_file: $!\n";
74}
75exit(0);
76
77=pod
78
79=head1 NAME
80
81B<active_config.pl> - Configure an active connectivity gateway under the DETER Federation Architecture
82
83=head1 OPTIONS
84
85=over 8
86
87=item B<fedkit=>I<install_dir>
88
89Directory in which this software is installed.  Generally not needed.
90
91=item B<interfaces=>I<interface table>
92
93A list of interfaces to forward data on of the form:
94
95=begin text
96
97iface ip_addr
98
99=end text
100
101The interface is the operating system name of the interface and the IP address
102is given in standard dotted decimal notation.  Other characters on a line are
103ignored.
104
105=item B<peer=>I<hostname>
106
107The other gateway providing forwarding.
108
109=item B<perl=>I<perl_binary>
110 
111Location of the perl binary.  Usually unneeded.
112
113=item B<ssh=>I<ssh_binary>
114
115The pathname of the ssh binary.  Unusally unnecessary.
116
117=item B<ssh_pubkey=>I<keyfile>
118
119A public to install as authorized.
120
121=item B<ssh_privkey=>I<identity_file>
122
123The identity to use for remote access
124
125=item B<tunnelip>
126
127True if the testbed uses the DETER tunnelip extension to provide external
128connectivity information
129
130=item B<use_file>
131
132If given read additional parameters from the file in
133/proj/I<project>/exp/I<experiment/tmp/I<hostname>.gw/conf where those are the
134current testbed project and experiment and the hostname is before the first
135dot.  The file is option: value.
136
137
138=back
139
140=head1 SYNOPSIS
141
142B<active_config.pl> initiates the active side of the connectivity connection,
143which is to say that it:
144
145=over 4
146
147=item *
148
149Installs local keys and reconfigures that local ssh system to do link layer
150tunneling.
151
152=item *
153
154Starts a tunnel for each interface in the given interface table, both locally
155and remotely.
156
157=back
158
159=head1 AUTHORS
160
161Ted Faber <faber@isi.edu>
162
163=cut
Note: See TracBrowser for help on using the repository browser.