Changeset 2b35261 for fedkit


Ignore:
Timestamp:
Feb 1, 2010 10:43:24 AM (15 years ago)
Author:
Ted Faber <faber@…>
Branches:
axis_example, compt_changes, info-ops, master, version-3.01, version-3.02
Children:
b73cc45
Parents:
2edec46
Message:

Initial docs

Location:
fedkit
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • fedkit/active_config.pl

    r2edec46 r2b35261  
    5555$f->close();
    5656exit(0);
     57
     58=pod
     59
     60=head1 NAME
     61
     62B<active_config.pl> - Configure an active connectivity gateway under the DETER Federation Architecture
     63
     64=head1 OPTIONS
     65
     66=over 8
     67
     68=item B<fedkit=>I<install_dir>
     69
     70Directory in which this software is installed.  Generally not needed.
     71
     72=item B<interfaces=>I<interface table>
     73
     74A list of interfaces to forward data on of the form:
     75
     76=begin text
     77
     78iface ip_addr
     79
     80=end text
     81
     82The interface is the operating system name of the interface and the IP address
     83is given in standard dotted decimal notation.  Other characters on a line are
     84ignored.
     85
     86=item B<peer=>I<hostname>
     87
     88The other gateway providing forwarding.
     89
     90=item B<perl=>I<perl_binary>
     91 
     92Location of the perl binary.  Usually unneeded.
     93
     94=item B<ssh=>I<ssh_binary>
     95
     96The pathname of the ssh binary.  Unusally unnecessary.
     97
     98=item B<ssh_pubkey=>I<keyfile>
     99
     100A public to install as authorized.
     101
     102=item B<ssh_privkey=>I<identity_file>
     103
     104The identity to use for remote access
     105
     106=item B<tunnelip>
     107
     108True if the testbed uses the DETER tunnelip extension to provide external
     109connectivity information
     110
     111=back
     112
     113=head1 SYNOPSIS
     114
     115B<active_config.pl> initiates the active side of the connectivity connection,
     116which is to say that it:
     117
     118=over 4
     119
     120=item *
     121
     122Installs local keys and reconfigures that local ssh system to do link layer
     123tunneling.
     124
     125=item *
     126
     127Starts a tunnel for each interface in the given interface table, both locally
     128and remotely.
     129
     130=back
     131
     132=head1 AUTHORS
     133
     134Ted Faber <faber@isi.edu>
     135
     136=cut
  • fedkit/combo_active.pl

    r2edec46 r2b35261  
    4949    "--ssh=$ssh $portparam");
    5050exit(20) if $?;
     51
     52=pod
     53
     54=head1 NAME
     55
     56B<combo_active.pl> - Do both the active configuration of a connectiveity gateway and service port forwarding.
     57
     58=head1 OPTIONS
     59
     60=over 8
     61
     62=item B<fedkit=>I<install_dir>
     63
     64Directory in which this software is installed.  Generally not needed.
     65
     66=item B<interfaces=>I<interface table>
     67
     68A list of interfaces to forward data on of the form:
     69
     70=begin text
     71
     72iface ip_addr
     73
     74=end text
     75
     76The interface is the operating system name of the interface and the IP address
     77is given in standard dotted decimal notation.  Other characters on a line are
     78ignored.
     79
     80=item B<peer=>I<hostname>
     81
     82The other gateway providing forwarding.
     83
     84=item B<perl=>I<perl_binary>
     85 
     86Location of the perl binary.  Usually unneeded.
     87
     88=item B<port=>I<port_spec>
     89
     90Forward the given port.  The port is specified as
     91for B<port_forward.pl>
     92
     93=item B<ssh=>I<ssh_binary>
     94
     95The pathname of the ssh binary.  Unusally unnecessary.
     96
     97=item B<ssh_pubkey=>I<keyfile>
     98
     99A public to install as authorized.
     100
     101=item B<ssh_privkey=>I<identity_file>
     102
     103The identity to use for remote access
     104
     105=item B<tunnelip>
     106
     107True if the testbed uses the DETER tunnelip extension to provide external
     108connectivity information
     109
     110=back
     111
     112=head1 SYNOPSIS
     113
     114Call B<active_config.pl> and B<port_forward.pl> with the relevant parameters.
     115
     116
     117=head1 AUTHORS
     118
     119Ted Faber <faber@isi.edu>
     120
     121=cut
  • fedkit/gateway_lib.pm

    r2edec46 r2b35261  
    33package gateway_lib;
    44
     5# Package stuff to keep the caller's namespace clean, but allow additions if
     6# they need it.
    57require Exporter;
    68@ISA=qw(Exporter);
     
    1719use File::Copy;
    1820
     21# Standard locations of these commands (FreeBSD)
    1922my $IFCONFIG = "/sbin/ifconfig";
    2023my $ROUTE = "/sbin/route";
     
    2225my $FINDIF = "/usr/local/etc/emulab/findif";
    2326
     27# Takes an ssh config file and a reference to a hash of keys whose values must
     28# be set a specific way.  Replaces existing entries with the set values.
    2429sub set_sshd_params {
    2530    my($keys, $file) = @_;
     
    4449}
    4550
     51# Append the given keyfile to the given authorised key file.
    4652sub import_key {
    4753    my($keyfile, $authkeys) = @_;
     
    5763}
    5864
    59 
     65# Keep trying to look up the given hostname until successful.  If timeout is
     66# given, die after waiting that long.  If sleep is given, wait that many
     67# seconds between attempts (defaults to 5). 
    6068sub wait_for_DNS {
    61     my($name, $timeout) = @_;
     69    my($name, $timeout, $sleep) = @_;
    6270    my $start = time();
     71    $sleep = 5 unless $sleep;
    6372    my @rv;
    6473
     
    6776        die "Timeout waiting for DNS to get $name\n"
    6877            if ($timeout && time() - $start > $timeout);
    69     }
    70 }
    71 
     78        sleep($sleep) unless @rv;
     79    }
     80}
     81
     82# Get the external access parameters (interface, address, netmask, mac address,
     83# and next hop router) from tmcd in Emulabs that support the DETER tunnelip
     84# extension.
    7285sub deter_tunnelip {
    7386    # To parse tmcc
     
    8093
    8194
    82     # Parse out the info about tunnelips
     95    # Parse out the info about tunnelips.  Format is usually one line of
     96    # ATTR=VALUE.  Multiple lines are possible.
    8397    $tmcc->reader("$TMCC tunnelip");
    8498    while (<$tmcc>) {
     
    101115}
    102116
     117
     118# Configure the given interface with the given IP address and netmask.
    103119sub configure_outgoing_iface {
    104     my ($interface, $ip, $netmask, $mac) = @_;
     120    my ($interface, $ip, $netmask) = @_;
    105121
    106122    my @ifconfig = ($IFCONFIG, $interface, $ip);
     
    111127}
    112128
     129# Add a route to the destination through the router.  If wait is given, do not
     130# attempt to add the route until DNS has the hostname in it.  If timeout is
     131# given, only wait that many seconds for DNS to acquire it.
    113132sub add_route {
    114133    my($routedest, $router, $wait, $timeout) = @_;
     
    138157}
    139158
     159# Connect the tap($tapno) interface to $iface at the link level.  Remove any IP
     160# addresses assigned to interface to avoid confusing the routing system.  We're
     161# very tolerant of errors as the bridge and other interfaces may already exist
     162# when this is called.
    140163sub bind_tap_to_iface {
    141164    my($tapno, $iface) = @_;
     
    163186}
    164187
     188# Return the IP addresses accociated with this interface (as a list)
    165189sub iface_to_addr {
    166190    my($iface) = @_;
     
    176200}
    177201
     202# Return the interface that packets to this host (IP or DNS) would be sent on.
    178203sub dest_to_iface {
    179204    my($dest) =@_;
     
    193218}
    194219
     220# Return the interface bound to this IP address.  If there are more than one,
     221# the first one returned by ifconfig is the one returned.
    195222sub addr_to_iface {
    196223    my($addr) = @_;
  • fedkit/prep_gateway.pl

    r2edec46 r2b35261  
    3333        gateway_lib::deter_tunnelip();
    3434
    35     gateway_lib::configure_outgoing_iface($interface, $ip, $netmask, $mac);
     35    gateway_lib::configure_outgoing_iface($interface, $ip, $netmask);
    3636    # Add the route to a peer.  Wait up to an hour for the peer's IP address to
    3737    # appear in the DNS.
     
    4040
    4141exit(0);
     42
     43=pod
     44
     45=head1 NAME
     46
     47B<prep_tunnel.pl> - Prepare a tunnel node for use as either a service or connectivity gateway.
     48
     49=head1 OPTIONS
     50
     51=over 8
     52
     53=item B<peer=>I<hostname>
     54
     55The other gateway providing forwarding.
     56
     57=item B<ssh_pubkey=>I<keyfile>
     58
     59A public to install as authorized.
     60
     61=item B<tunnelip>
     62
     63True if the testbed uses the DETER tunnelip extension to provide external
     64connectivity information
     65
     66=back
     67
     68=head1 SYNOPSIS
     69
     70B<prep_gateway.pl> laods the necessary kernel modules for low-level bridging
     71configures the local sshd to allow it, restarts that sshd, and installs the
     72given key in root's authorized keys.
     73
     74If the gateway supports DETER gateway, it setablishes outside connectivity and
     75adds a host rout to the given peer.
     76
     77=head1 AUTHORS
     78
     79Ted Faber <faber@isi.edu>
     80
     81=cut
Note: See TracChangeset for help on using the changeset viewer.