GitLab

Add Subnet model containing Layer-3 characteristics for networks. Also,
extend IPPoolTable object to hold a reference to the Subnet that the
pool belongs to.
Signed-off-by: Dionysis Grigoropoulos <dgrig@grnet.gr>

Remove on delete CASCADE for floating IPs if the VirtualMachine is
deleted.

Install snf-vncauthproxy beforing installing Cyclades, because Cyclades
depends on vncauthproxy.

If Ganeti has not enabled 'plain' or 'drbd' disk template, then it
reports 'dfree' as None. Fix this corner case by treating None as 0.

Change the format of the 'attachment' attribute. Until now, each
attachment had an identifier of the form 'nic-$vm_id-$nic_id'. This
commit changes the identifier to just '$nic_id', since from now on
is unique for the lifetime of a NIC.

Fix bug introduced by rebasing, which resulted in NICs to be
sent twice.

Use NICs UUID instead of index to generate firewall tags. Make the
'set_firewall_profile' action to take the NICs ID as argument. Also,
update the firewall settings.

Do not process Ganeti NICs that do not have a valid ID and so are
unknown to Cyclades, because processing these NICs would require to
create them in DB and then rename them in Ganeti with the corresponding
identifier.

Also fix some typos

Override 'delete' method of NetworkInterface model, to clear the
'machine' flag of the corresponding NIC, if any.

Remove hard-coded timeouts from code and make them constants. Also do
not perform reconciliation for recent building NICs.

Parse the fields of the Ganeti command, to distinquish between
'CONNECT' and 'DISCONNECT' in case of 'OP_INSTANCE_SET_PARAMS'.

Make snf-ganeti-eventd send 'job_fields' for instance and network
opcodes, and modify the corresponding backend functions and
snf-dispatcher callbacks.

Callback functions of snf-dispatcher updated the NICs of a VM by
deleting all NICs from DB, and creating the new NICs that were described
in the message. However, since NICs have UUIDs, this is no longer
required. This commit update callbacks to update the NICs based on their
UUID.

Extend NetworkInterface model with the 'ip_type' attribute to show
whether the IP is a floating or fixed.
Signed-off-by: Christos Stavrakakis <cstavr@grnet.gr>

Since Ganeti 2.8, it is supported to refer to devices (NICs and Disks)
not only by their index but also by their name or UUID. This commit
updates Synnefo to refer to devices by their name. Synnefo will set the
name of the devices which will be a UUID. We do not use Ganeti's UUIDs
because the UUID can not be known, until the NIC is created in the VM.

Modify backend methods for connecting and removing a NIC from a VM, to
not refer to NICs by index, but use the NICs backend_uuid. Also, set the
name of the NIC to the backend_uuid, when creating a NIC.

API relevant methods, will create a NIC object in BUILDING state,
instead of creating the NIC when the message arrives from the backend.

Modify NetworkInterface model:
* remove 'dirty' attribute since it is no longer needed
* make index null, since when the NIC is in building state, the index
  can not be known.
* add property for getting the UUID of the NIC in the Ganeti backend.

Fix relevant tests.

From version 2.7, Ganeti returns the network's UUID field in nics
'networks' attribute. Instead use 'networks.names' attribute to get
the network name.

Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>

Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>

Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>

Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>

Use opportunistic locking, introduced in Ganeti 2.7, to allow parallel creation
of VMs in the Ganeti backend. When this option is set, Ganeti iallocator
will allocate the VM only to nodes that not locked (e.g. by other VM
creation). This may result in unbalanced clusters, but `hbal` can be
used to rebalance the clusters again.

* SimpleConfigReader has been removed. Use SimpleStore
* QUEUE_DIR has been moven from ganeti.constants to ganeti.pathutils
* _QueuedJob.Restore takes 2 more arguments
* Group info is returned as list instead of string

Skip check if there are no externally reserved IPs in the Ganeti
backend.

This is not needed any more because we have squeeze and wheezy ones
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>

When used remotely via ssh it produces a strange (stdin)= before
the real output.
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>

A typo and explicitely install drbd8-utils package for ganeti.
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>

ganeti-htools is a binary package that ends with amd64.deb
Thus we should not not search only for *all.deb
Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>

Signed-off-by: Dimitris Aragiorgis <dimara@grnet.gr>

test empty POST dict form submition

Prior to this commit astakos used the mod_shib2 EPPN header value as the
unique identifier for associating shibboleth idp users to astakos user entries.

This commit alters this behaviour and from now on astakos resloves unique
identifier from the REMOTE_USER header. REMOTE_USER is a header mod_shib2 sets
containing a value of the available shibboleth IdP metadata. The metadata
key (persistent-id or eppn in most common scenarios) used can be configured
from within shibboleth2.xml config file.

<ApplicationDefaults id="default" .... .... REMOTE_USER="persistent-id"...>

An additional setting ``ASTAKOS_SHIBBOLETH_MIGRATE_EPPN`` is added in order
to facilitate migration of existing EPPN entries to persistent-id/targeted-id
(or whichever metadata the REMOTE_USER maps to). When set to ``True``, after
each shibboleth login astakos will try to migrate the existing EPPN entry
by following the below mentioned steps:

* If no REMOTE_USER header exists or is empty, redirect to an error view.
  Otherwise continue to the next step.
* Resolve EPPN header and check if an account is currently associated with this
  EPPN.
* If user exists, retrieve user's shibboleth entry (AstakosUserAuthProvider
  instance) and replace stored identifier (EPPN) with the identifier contained
  in REMOTE_USER header.
* Continue to login or signup process using REMOTE_USER value as the unique
  user identifier that associates astakos user to the shibboleth account.