diff --git a/.gitignore b/.gitignore index c44364a..ad17a0f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ _build -vmm.install +albatross.install +.merlin \ No newline at end of file diff --git a/README.md b/README.md index e5b04e3..554c438 100644 --- a/README.md +++ b/README.md @@ -27,46 +27,46 @@ access is done on a name basis - if access to `foo` is granted, `foo.hello`, Albatross consists of a set of binaries. Several daemons, which communicate in a request-response style over Unix domain sockets, are run in the host system: -- `vmmd`: privileged to create and destroy unikernels -- `vmmd_console`: reads the console output of unikernels -- `vmmd_log`: event log -- `vmmd_stats`: statistics gathering (rusage, ifstat, BHyve debug counters) -- `vmmd_tls`: remote deployment via TLS with client certificate, and proxies to local daemons -- `vmmd_tls_inetd`: remote deployment via TLS and inetd (alternative to `vmmd_tls`) -- `vmmd_influx`: statistic reporting from `vmmd_stats` to influx +- `albatrossd`: privileged to create and destroy unikernels +- `albatross_console`: reads the console output of unikernels +- `albatross_log`: event log +- `albatross_stats`: statistics gathering (rusage, ifstat, BHyve debug counters) +- `albatross_tls_endpoint`: remote deployment via TLS with client certificate, and proxies to local daemons +- `albatross_tls_inetd`: remote deployment via TLS and inetd (alternative to `albatross_tls_endpoint`) +- `albatross_influx`: statistic reporting from `albatross_stats` to influx -The main daemon is the privileged `vmmd`, which supervises unikernels. It opens +The main daemon is the privileged `albatrossd`, which supervises unikernels. It opens a listening Unix domain socket, reads the persisted unikernel configuration, starts these unikernels, and awaits commands. Access can be regulated by Unix file permissions, only those users who can write to that socket can send commands. -`Vmmd_console` does not keep any persistent state, but a ring buffer of console +`Albatross_console` does not keep any persistent state, but a ring buffer of console output from each unikernel. These messages can be retrieved by a client, as a stream of messages (history, and whenever a new line is output, it is send to the interested client). Each unikernel output can only be read by a single client, to avoid amplification of traffic if lots of clients are connected. -`Vmmd` sends a message to `vmmd_console` whenever a new unikernel is started, -upon reception `Vmmd_console` opens and reads the fifo which the unikernel will +`Albatrossd` sends a message to `albatross_console` whenever a new unikernel is started, +upon reception `albatross_console` opens and reads the fifo which the unikernel will write their standard output to. -`Vmmd_log` keeps a persistent event log for albatross, can be read by clients. +`Albatross_log` keeps a persistent event log for albatross, can be read by clients. -`Vmmd_stats` gathers periodically statistics (memory, CPU, network, hypervisor) +`Albatross_stats` gathers periodically statistics (memory, CPU, network, hypervisor) from all running unikernels. -`Vmmd_tls` and `vmmd_tls_inetd` listen on a TCP port, and proxy requests from +`Albatross_tls_endpoint` and `albatross_tls_inetd` listen on a TCP port, and proxy requests from remote clients to the respective daemons described above. They enforce client authentication, and use the commen names of the client certificate chain as administrative domain. The policies are embedded in CA certificates, the command is embedded in the leaf certificate. The following command-line applications for local and remote management are provided: -- `vmmc_local`: sends a command locally to the Unix domain sockets -- `vmmc_remote`: connects to a remote TLS endpoint and sends a command -- `vmmp_request`: creates a certificate signing request containing a command -- `vmmp_ca`: certificate authority operations: sign, generate, and revoke (NYI) -- `vmmc_bistro`: command line utility to execute a command remotely: request, sign, remote (do not use in production, requires CA key locally) +- `albatross_client_local`: sends a command locally to the Unix domain sockets +- `albatross_client_remote_tls`: connects to a remote TLS endpoint and sends a command +- `albatross_provision_request`: creates a certificate signing request containing a command +- `albatross_provision_ca`: certificate authority operations: sign, generate, and revoke (NYI) +- `albatross_client_bistro`: command line utility to execute a command remotely: request, sign, remote (do not use in production, requires CA key locally) ## Installation diff --git a/_tags b/_tags deleted file mode 100644 index e620759..0000000 --- a/_tags +++ /dev/null @@ -1,27 +0,0 @@ -true : bin_annot, safe_string, principal, color(always) -true : warn(+A-4-44-48) -true : package(rresult logs ipaddr bos hex ptime astring duration cstruct decompress) -"src" : include - -: package(lwt lwt.unix) -: package(lwt tls.lwt) -: package(x509) -: package(ptime.clock.os) -: package(asn1-combinators) - -: package(checkseum.c lwt.unix cmdliner logs.fmt fmt.cli logs.cli fmt.tty lwt ipaddr.unix asn1-combinators) -: package(ptime.clock.os) -: package(ptime.clock.os) -: package(ptime.clock.os) -: package(tls.lwt ptime.clock.os) -: link_vmm_stats -: link_vmm_stats - -: package(nocrypto tls.lwt nocrypto.lwt) -: package(nocrypto tls.lwt nocrypto.lwt) - -: package(nocrypto.unix ptime.clock.os x509) -: package(nocrypto.unix ptime.clock.os x509) - -: package(nocrypto.unix ptime.clock.os x509) - diff --git a/opam b/albatross.opam similarity index 83% rename from opam rename to albatross.opam index 6d8f739..3a83c72 100644 --- a/opam +++ b/albatross.opam @@ -7,9 +7,7 @@ bug-reports: "https://github.com/hannesm/albatross/issues" depends: [ "ocaml" {>= "4.05.0"} - "ocamlfind" {build} - "ocamlbuild" {build} - "topkg" {build} + "dune" {build} "lwt" {>= "3.0.0"} "ipaddr" {>= "2.9.0"} "hex" @@ -31,6 +29,7 @@ depends: [ ] build: [ - [ "ocaml" "pkg/pkg.ml" "build" "--pinned" "%{pinned}%" "--tests" "false" ] + ["dune" "subst"] {pinned} + ["dune" "build" "-p" name "-j" jobs] ] synopsis: "Albatross - orchestrate and manage MirageOS unikernels with Solo5" diff --git a/app/vmmc_bistro.ml b/client/albatross_client_bistro.ml similarity index 96% rename from app/vmmc_bistro.ml rename to client/albatross_client_bistro.ml index bd13c5b..a6568ae 100644 --- a/app/vmmc_bistro.ml +++ b/client/albatross_client_bistro.ml @@ -11,7 +11,7 @@ let read fd = Vmm_tls_lwt.read_tls fd >>= function | Error _ -> Lwt.return () | Ok wire -> - Vmm_cli.print_result version wire ; + Albatross_cli.print_result version wire ; loop () in loop () @@ -76,7 +76,7 @@ let remove_policy _ endp cert key ca name = jump endp cert key ca name (`Policy_cmd `Policy_remove) let add_policy _ endp cert key ca name vms memory cpus block bridges = - let p = Vmm_cli.policy vms memory cpus block bridges in + let p = Albatross_cli.policy vms memory cpus block bridges in jump endp cert key ca name (`Policy_cmd (`Policy_add p)) let info_ _ endp cert key ca name = @@ -86,7 +86,7 @@ let destroy _ endp cert key ca name = jump endp cert key ca name (`Unikernel_cmd `Unikernel_destroy) let create _ endp cert key ca force name image cpuid memory argv block network compression = - match Vmm_cli.create_vm force image cpuid memory argv block network compression with + match Albatross_cli.create_vm force image cpuid memory argv block network compression with | Ok cmd -> jump endp cert key ca name (`Unikernel_cmd cmd) | Error (`Msg msg) -> `Error (false, msg) @@ -114,7 +114,7 @@ let help _ _ man_format cmds = function | Some _ -> List.iter print_endline cmds; `Ok () open Cmdliner -open Vmm_cli +open Albatross_cli let server_ca = let doc = "The certificate authority used to verify the remote server." in @@ -254,13 +254,13 @@ let help_cmd = Term.info "help" ~doc ~man let default_cmd = - let doc = "VMM client and go to bistro" in + let doc = "Albatross client and go to bistro" in let man = [ `S "DESCRIPTION" ; `P "$(tname) executes the provided subcommand on a remote albatross" ] in Term.(ret (const help $ setup_log $ destination $ Term.man_format $ Term.choice_names $ Term.pure None)), - Term.info "vmmc_bistro" ~version:"%%VERSION_NUM%%" ~doc ~man + Term.info "albatross_client_bistro" ~version:"%%VERSION_NUM%%" ~doc ~man let cmds = [ help_cmd ; info_cmd ; policy_cmd ; remove_policy_cmd ; add_policy_cmd ; diff --git a/app/vmmc_local.ml b/client/albatross_client_local.ml similarity index 95% rename from app/vmmc_local.ml rename to client/albatross_client_local.ml index 2f901d4..5c1dabe 100644 --- a/app/vmmc_local.ml +++ b/client/albatross_client_local.ml @@ -17,7 +17,7 @@ let connect socket_path = let process fd = Vmm_lwt.read_wire fd >|= function | Error _ -> Error () - | Ok wire -> Ok (Vmm_cli.print_result version wire) + | Ok wire -> Ok (Albatross_cli.print_result version wire) let read fd = (* now we busy read and process output *) @@ -50,7 +50,7 @@ let remove_policy _ opt_socket name = jump opt_socket name (`Policy_cmd `Policy_remove) let add_policy _ opt_socket name vms memory cpus block bridges = - let p = Vmm_cli.policy vms memory cpus block bridges in + let p = Albatross_cli.policy vms memory cpus block bridges in jump opt_socket name (`Policy_cmd (`Policy_add p)) let info_ _ opt_socket name = @@ -60,7 +60,7 @@ let destroy _ opt_socket name = jump opt_socket name (`Unikernel_cmd `Unikernel_destroy) let create _ opt_socket force name image cpuid memory argv block network compression = - match Vmm_cli.create_vm force image cpuid memory argv block network compression with + match Albatross_cli.create_vm force image cpuid memory argv block network compression with | Ok cmd -> jump opt_socket name (`Unikernel_cmd cmd) | Error (`Msg msg) -> `Error (false, msg) @@ -94,7 +94,7 @@ let help _ _ man_format cmds = function | Some _ -> List.iter print_endline cmds; `Ok () open Cmdliner -open Vmm_cli +open Albatross_cli let socket = let doc = "Socket to connect to" in @@ -243,10 +243,10 @@ let default_cmd = let doc = "VMM local client" in let man = [ `S "DESCRIPTION" ; - `P "$(tname) connects to vmmd via a local socket" ] + `P "$(tname) connects to albatrossd via a local socket" ] in Term.(ret (const help $ setup_log $ socket $ Term.man_format $ Term.choice_names $ Term.pure None)), - Term.info "vmmc_local" ~version:"%%VERSION_NUM%%" ~doc ~man + Term.info "albatross_client_local" ~version:"%%VERSION_NUM%%" ~doc ~man let cmds = [ help_cmd ; info_cmd ; policy_cmd ; remove_policy_cmd ; add_policy_cmd ; diff --git a/app/vmmc_remote.ml b/client/albatross_client_remote_tls.ml similarity index 90% rename from app/vmmc_remote.ml rename to client/albatross_client_remote_tls.ml index 001ca3a..26353a8 100644 --- a/app/vmmc_remote.ml +++ b/client/albatross_client_remote_tls.ml @@ -8,7 +8,7 @@ let rec read_tls_write_cons t = Vmm_tls_lwt.read_tls t >>= function | Error _ -> Lwt.return_unit | Ok wire -> - Vmm_cli.print_result version wire ; + Albatross_cli.print_result version wire ; read_tls_write_cons t let client cas host port cert priv_key = @@ -45,7 +45,7 @@ let run_client _ cas cert key (host, port) = Lwt_main.run (client cas host port cert key) open Cmdliner -open Vmm_cli +open Albatross_cli let cas = let doc = "The full path to PEM encoded certificate authorities. Can either be a FILE or a DIRECTORY." in @@ -64,13 +64,13 @@ let destination = Arg.(required & pos 3 (some host_port) None & info [] ~docv:"HOST:PORT" ~doc) let cmd = - let doc = "VMM remote TLS client" in + let doc = "Albatross remote TLS client" in let man = [ `S "DESCRIPTION" ; - `P "$(tname) connects to a server and initiates a TLS handshake" ] + `P "$(tname) connects to an Albatross server and initiates a TLS handshake" ] in Term.(pure run_client $ setup_log $ cas $ client_cert $ client_key $ destination), - Term.info "vmmc_remote" ~version:"%%VERSION_NUM%%" ~doc ~man + Term.info "albatross_client_remote_tls" ~version:"%%VERSION_NUM%%" ~doc ~man let () = match Term.eval cmd diff --git a/client/dune b/client/dune new file mode 100644 index 0000000..d7c4c48 --- /dev/null +++ b/client/dune @@ -0,0 +1,20 @@ +(executable + (name albatross_client_bistro) + (public_name albatross-client-bistro) + (package albatross) + (modules albatross_client_bistro) + (libraries albatross.cli albatross albatross.tls)) + +(executable + (name albatross_client_local) + (public_name albatross-client-local) + (package albatross) + (modules albatross_client_local) + (libraries albatross.cli albatross)) + +(executable + (name albatross_client_remote_tls) + (public_name albatross-client-remote-tls) + (package albatross) + (modules albatross_client_remote_tls) + (libraries albatross.cli albatross albatross.tls)) diff --git a/app/vmm_cli.ml b/daemon/albatross_cli.ml similarity index 100% rename from app/vmm_cli.ml rename to daemon/albatross_cli.ml diff --git a/app/vmmd_console.ml b/daemon/albatross_console.ml similarity index 98% rename from app/vmmd_console.ml rename to daemon/albatross_console.ml index 7c01485..fd6f0d2 100644 --- a/app/vmmd_console.ml +++ b/daemon/albatross_console.ml @@ -174,7 +174,7 @@ let jump _ file = open Cmdliner -open Vmm_cli +open Albatross_cli let socket = let doc = "socket to use" in @@ -182,6 +182,6 @@ let socket = let cmd = Term.(ret (const jump $ setup_log $ socket)), - Term.info "vmmd_console" ~version:"%%VERSION_NUM%%" + Term.info "albatross_console" ~version:"%%VERSION_NUM%%" let () = match Term.eval cmd with `Ok () -> exit 0 | _ -> exit 1 diff --git a/app/vmmd_influx.ml b/daemon/albatross_influx.ml similarity index 97% rename from app/vmmd_influx.ml rename to daemon/albatross_influx.ml index 7e4b721..31c1d93 100644 --- a/app/vmmd_influx.ml +++ b/daemon/albatross_influx.ml @@ -293,7 +293,7 @@ let run_client _ socket (influxhost, influxport) vm = Lwt_main.run (client socket influxhost influxport vm) open Cmdliner -open Vmm_cli +open Albatross_cli let socket = let doc = "socket to use" in @@ -304,13 +304,13 @@ let influx = ~doc:"the influx hostname:port to connect to") let cmd = - let doc = "VMM InfluxDB connector" in + let doc = "Albatross Influx connector" in let man = [ `S "DESCRIPTION" ; - `P "$(tname) connects to a vmm stats socket, pulls statistics and pushes them via TCP to influxdb" ] + `P "$(tname) connects to a albatross stats socket, pulls statistics and pushes them via TCP to influxdb" ] in Term.(pure run_client $ setup_log $ socket $ influx $ opt_vm_name), - Term.info "vmmd_influx" ~version:"%%VERSION_NUM%%" ~doc ~man + Term.info "albatross_influx" ~version:"%%VERSION_NUM%%" ~doc ~man let () = match Term.eval cmd diff --git a/app/vmmd_log.ml b/daemon/albatross_log.ml similarity index 98% rename from app/vmmd_log.ml rename to daemon/albatross_log.ml index 641e4f1..b0f0901 100644 --- a/app/vmmd_log.ml +++ b/daemon/albatross_log.ml @@ -184,11 +184,10 @@ let jump _ file sock = Lwt.async (handle mvar ring cs addr) ; loop () in - loop ()) ; - `Ok () + loop ()) open Cmdliner -open Vmm_cli +open Albatross_cli let socket = let doc = "socket to use" in @@ -200,6 +199,6 @@ let file = let cmd = Term.(ret (const jump $ setup_log $ file $ socket)), - Term.info "vmm_log" ~version:"%%VERSION_NUM%%" + Term.info "albatross_log" ~version:"%%VERSION_NUM%%" let () = match Term.eval cmd with `Ok () -> exit 0 | _ -> exit 1 diff --git a/app/vmmd.ml b/daemon/albatrossd.ml similarity index 99% rename from app/vmmd.ml rename to daemon/albatrossd.ml index af40cc5..e834ff6 100644 --- a/app/vmmd.ml +++ b/daemon/albatrossd.ml @@ -1,6 +1,6 @@ (* (c) 2017 Hannes Mehnert, all rights reserved *) -open Vmm_cli +open Albatross_cli open Vmm_core @@ -246,6 +246,6 @@ open Cmdliner let cmd = Term.(const jump $ setup_log), - Term.info "vmmd" ~version:"%%VERSION_NUM%%" + Term.info "albatrossd" ~version:"%%VERSION_NUM%%" let () = match Term.eval cmd with `Ok () -> exit 0 | _ -> exit 1 diff --git a/daemon/dune b/daemon/dune new file mode 100644 index 0000000..65ace09 --- /dev/null +++ b/daemon/dune @@ -0,0 +1,34 @@ +(library + (name albatross_cli) + (public_name albatross.cli) + (wrapped false) + (modules albatross_cli) + (libraries checkseum.c albatross lwt.unix cmdliner logs.fmt logs.cli fmt.cli fmt.tty ipaddr.unix)) + +(executable + (name albatrossd) + (public_name albatrossd) + (package albatross) + (modules albatrossd) + (libraries albatross.cli albatross)) + +(executable + (name albatross_console) + (public_name albatross-console) + (package albatross) + (modules albatross_console) + (libraries albatross.cli albatross)) + +(executable + (name albatross_influx) + (public_name albatross-influx) + (package albatross) + (modules albatross_influx) + (libraries albatross.cli albatross)) + +(executable + (name albatross_log) + (public_name albatross-log) + (package albatross) + (modules albatross_log) + (libraries albatross.cli albatross)) diff --git a/dune-project b/dune-project new file mode 100644 index 0000000..f8765e1 --- /dev/null +++ b/dune-project @@ -0,0 +1,2 @@ +(lang dune 1.0) +(name albatross) diff --git a/myocamlbuild.ml b/myocamlbuild.ml deleted file mode 100644 index 2093954..0000000 --- a/myocamlbuild.ml +++ /dev/null @@ -1,26 +0,0 @@ -open Ocamlbuild_plugin - -let to_opt = List.fold_left (fun acc x -> [A "-ccopt"; A x] @ acc) [] -let ccopt = to_opt [ "-O3" ; "-Wall" ] - -let os = Ocamlbuild_pack.My_unix.run_and_read "uname -s" - -let vmm_lib = match os with -| "FreeBSD\n" -> [A "-cclib"; A "-lvmmapi"] -| _ -> [] - - -let () = - dispatch begin function - | After_rules -> - flag ["c"; "compile"] (S ccopt) ; - flag ["link"; "library"; "ocaml"; "byte"; "use_vmm_stats"] - (S ([A "-dllib"; A "-lvmm_stats_stubs"])); - flag ["link"; "library"; "ocaml"; "native"; "use_vmm_stats"] - (S ([A "-cclib"; A "-lvmm_stats_stubs"])); - flag ["link"; "ocaml"; "link_vmm_stats"] - (S ([A "app/libvmm_stats_stubs.a"] @ vmm_lib)); - dep ["link"; "ocaml"; "use_vmm_stats"] ["app/libvmm_stats_stubs.a"]; - dep ["link"; "ocaml"; "link_vmm_stats"] ["app/libvmm_stats_stubs.a"]; - | _ -> () - end diff --git a/packaging/MANIFEST b/packaging/MANIFEST index dc12c0e..6633c4e 100644 --- a/packaging/MANIFEST +++ b/packaging/MANIFEST @@ -41,8 +41,8 @@ EOD; mkdir -p /var/run/albatross/util /var/run/albatross/fifo chown albatross:albatross /var/run/albatross/util /var/run/albatross/fifo chmod 2760 /var/run/albatross/fifo -chgrp albatross /usr/local/libexec/albatross/vmmd -chmod 2700 /usr/local/libexec/albatross/vmmd +chgrp albatross /usr/local/libexec/albatross/albatrossd +chmod 2700 /usr/local/libexec/albatross/albatrossd EOD; post-deinstall = < - Ok [ - Pkg.bin "app/vmmd" ; - Pkg.bin "app/vmmd_console" ; - Pkg.bin "app/vmmd_log" ; - Pkg.bin "app/vmmd_stats" ; - Pkg.bin "app/vmmd_tls" ; - Pkg.bin "app/vmmd_tls_inetd" ; - Pkg.bin "app/vmmd_influx" ; - Pkg.bin "app/vmmc_local" ; - Pkg.bin "app/vmmc_remote" ; - Pkg.bin "app/vmmc_bistro" ; - Pkg.bin "app/vmmp_request" ; - Pkg.bin "app/vmmp_ca" ; - Pkg.test ~run:false "app/vmmc_stat" ; - ] diff --git a/app/vmm_provision.ml b/provision/albatross_provision.ml similarity index 100% rename from app/vmm_provision.ml rename to provision/albatross_provision.ml diff --git a/app/vmmp_ca.ml b/provision/albatross_provision_ca.ml similarity index 86% rename from app/vmmp_ca.ml rename to provision/albatross_provision_ca.ml index af0d661..b51d2a0 100644 --- a/app/vmmp_ca.ml +++ b/provision/albatross_provision_ca.ml @@ -53,7 +53,7 @@ let sign_csr dbname cacert key csr days = in Logs.app (fun m -> m "signing %a" Vmm_commands.pp cmd) ; Ok (ext :: exts) >>= fun extensions -> - Vmm_provision.sign ~dbname extensions issuer key csr (Duration.of_day days) + Albatross_provision.sign ~dbname extensions issuer key csr (Duration.of_day days) | Error e -> Error e let sign _ db cacert cakey csrname days = @@ -78,20 +78,20 @@ let help _ man_format cmds = function let generate _ name db days sname sdays = Nocrypto_entropy_unix.initialize () ; match - Vmm_provision.priv_key ~bits:4096 None name >>= fun key -> + Albatross_provision.priv_key ~bits:4096 None name >>= fun key -> let name = [ `CN name ] in let csr = X509.CA.request name key in - Vmm_provision.sign ~certname:"cacert" (d_exts ()) name key csr (Duration.of_day days) >>= fun () -> - Vmm_provision.priv_key None sname >>= fun skey -> + Albatross_provision.sign ~certname:"cacert" (d_exts ()) name key csr (Duration.of_day days) >>= fun () -> + Albatross_provision.priv_key None sname >>= fun skey -> let sname = [ `CN sname ] in let csr = X509.CA.request sname skey in - Vmm_provision.sign ~dbname:(Fpath.v db) s_exts name key csr (Duration.of_day sdays) + Albatross_provision.sign ~dbname:(Fpath.v db) s_exts name key csr (Duration.of_day sdays) with | Ok () -> `Ok () | Error (`Msg e) -> `Error (false, e) open Cmdliner -open Vmm_cli +open Albatross_cli let csr = let doc = "signing request" in @@ -123,7 +123,7 @@ let generate_cmd = [`S "DESCRIPTION"; `P "Generates a certificate authority."] in - Term.(ret (const generate $ setup_log $ Vmm_provision.nam $ db $ days $ sname $ sday)), + Term.(ret (const generate $ setup_log $ Albatross_provision.nam $ db $ days $ sname $ sday)), Term.info "generate" ~doc ~man let days = @@ -148,7 +148,7 @@ let help_cmd = let doc = "The topic to get help on. `topics' lists the topics." in Arg.(value & pos 0 (some string) None & info [] ~docv:"TOPIC" ~doc) in - let doc = "display help about vmmp_sign" in + let doc = "display help about albatross_priviion_ca" in let man = [`S "DESCRIPTION"; `P "Prints help about commands and subcommands"] @@ -157,13 +157,13 @@ let help_cmd = Term.info "help" ~doc ~man let default_cmd = - let doc = "VMM " in + let doc = "Albatross CA provisioning" in let man = [ `S "DESCRIPTION" ; - `P "$(tname) executes the provided subcommand on a remote albatross" ] + `P "$(tname) does CA operations (creation, sign, etc.)" ] in Term.(ret (const help $ setup_log $ Term.man_format $ Term.choice_names $ Term.pure None)), - Term.info "vmmp_ca" ~version:"%%VERSION_NUM%%" ~doc ~man + Term.info "albatross_provision_ca" ~version:"%%VERSION_NUM%%" ~doc ~man let cmds = [ help_cmd ; sign_cmd ; generate_cmd ; (* TODO revoke_cmd *)] diff --git a/app/vmmp_request.ml b/provision/albatross_provision_request.ml similarity index 91% rename from app/vmmp_request.ml rename to provision/albatross_provision_request.ml index 757e29e..db0d224 100644 --- a/app/vmmp_request.ml +++ b/provision/albatross_provision_request.ml @@ -1,6 +1,6 @@ (* (c) 2017, 2018 Hannes Mehnert, all rights reserved *) -open Vmm_provision +open Albatross_provision open Vmm_asn open Rresult.R.Infix @@ -32,7 +32,7 @@ let remove_policy _ name = jump name (`Policy_cmd `Policy_remove) let add_policy _ name vms memory cpus block bridges = - let p = Vmm_cli.policy vms memory cpus block bridges in + let p = Albatross_cli.policy vms memory cpus block bridges in jump name (`Policy_cmd (`Policy_add p)) let info_ _ name = jump name (`Unikernel_cmd `Unikernel_info) @@ -41,7 +41,7 @@ let destroy _ name = jump name (`Unikernel_cmd `Unikernel_destroy) let create _ force name image cpuid memory argv block network compression = - match Vmm_cli.create_vm force image cpuid memory argv block network compression with + match Albatross_cli.create_vm force image cpuid memory argv block network compression with | Ok cmd -> jump name (`Unikernel_cmd cmd) | Error (`Msg msg) -> `Error (false, msg) @@ -69,7 +69,7 @@ let help _ man_format cmds = function | Some _ -> List.iter print_endline cmds; `Ok () open Cmdliner -open Vmm_cli +open Albatross_cli let destroy_cmd = let doc = "destroys a virtual machine" in @@ -184,22 +184,22 @@ let help_cmd = let doc = "The topic to get help on. `topics' lists the topics." in Arg.(value & pos 0 (some string) None & info [] ~docv:"TOPIC" ~doc) in - let doc = "display help about vmmc" in + let doc = "display help about albatross provision request" in let man = [`S "DESCRIPTION"; - `P "Prints help about albatross local client commands and subcommands"] + `P "Prints help about albatross provision request commands and subcommands"] in Term.(ret (const help $ setup_log $ Term.man_format $ Term.choice_names $ topic)), Term.info "help" ~doc ~man let default_cmd = - let doc = "VMM local client" in + let doc = "Albatross provisioning request" in let man = [ `S "DESCRIPTION" ; - `P "$(tname) connects to vmmd via a local socket" ] + `P "$(tname) creates a certificate signing request for Albatross" ] in Term.(ret (const help $ setup_log $ Term.man_format $ Term.choice_names $ Term.pure None)), - Term.info "vmmp_request" ~version:"%%VERSION_NUM%%" ~doc ~man + Term.info "albatross_provision_request" ~version:"%%VERSION_NUM%%" ~doc ~man let cmds = [ help_cmd ; info_cmd ; policy_cmd ; remove_policy_cmd ; add_policy_cmd ; diff --git a/provision/dune b/provision/dune new file mode 100644 index 0000000..851ec87 --- /dev/null +++ b/provision/dune @@ -0,0 +1,21 @@ + +(library + (name albatross_provision) + (public_name albatross.provision) + (wrapped false) + (modules albatross_provision) + (libraries albatross.cli x509 nocrypto.unix)) + +(executable + (name albatross_provision_ca) + (public_name albatross-provision-ca) + (package albatross) + (modules albatross_provision_ca) + (libraries albatross.cli albatross.provision albatross x509)) + +(executable + (name albatross_provision_request) + (public_name albatross-provision-request) + (package albatross) + (modules albatross_provision_request) + (libraries albatross.cli albatross.provision albatross x509)) diff --git a/src/dune b/src/dune new file mode 100644 index 0000000..ea6d452 --- /dev/null +++ b/src/dune @@ -0,0 +1,6 @@ +(library + (name albatross) + (public_name albatross) + (wrapped false) + (libraries rresult logs ipaddr bos hex ptime astring duration cstruct + decompress lwt lwt.unix ptime.clock.os asn1-combinators)) \ No newline at end of file diff --git a/app/vmmc_stat.ml b/stats/albatross_stat_client.ml similarity index 92% rename from app/vmmc_stat.ml rename to stats/albatross_stat_client.ml index e3c2ddf..211db50 100644 --- a/app/vmmc_stat.ml +++ b/stats/albatross_stat_client.ml @@ -1,5 +1,5 @@ open Vmm_core -open Vmm_stats_pure +open Albatross_stats_pure let timer pid vmmapi = let rusage = sysctl_rusage pid in @@ -28,7 +28,7 @@ let jump _ pid name interval = None | Some vmctx -> Logs.info (fun m -> m "vmmapi_open succeeded for %s" name) ; - Vmm_stats_pure.fill_descr vmctx ; + fill_descr vmctx ; Some vmctx in let _ev = Lwt_engine.on_timer interval true (fun _e -> timer pid vmmapi) in @@ -36,7 +36,7 @@ let jump _ pid name interval = t) open Cmdliner -open Vmm_cli +open Albatross_cli let interval = let doc = "Interval between statistics gatherings (in seconds)" in @@ -52,6 +52,6 @@ let vmname = let cmd = Term.(ret (const jump $ setup_log $ pid $ vmname $ interval)), - Term.info "vmmd_stats" ~version:"%%VERSION_NUM%%" + Term.info "albatross_stat_client" ~version:"%%VERSION_NUM%%" let () = match Term.eval cmd with `Ok () -> exit 0 | _ -> exit 1 diff --git a/app/vmmd_stats.ml b/stats/albatross_stats.ml similarity index 96% rename from app/vmmd_stats.ml rename to stats/albatross_stats.ml index c5ae598..788c313 100644 --- a/app/vmmd_stats.ml +++ b/stats/albatross_stats.ml @@ -14,7 +14,7 @@ open Lwt.Infix -open Vmm_stats_pure +open Albatross_stats_pure let t = ref (empty ()) @@ -83,7 +83,7 @@ let jump _ file interval = loop ()) open Cmdliner -open Vmm_cli +open Albatross_cli let socket = let doc = "socket to use" in @@ -95,6 +95,6 @@ let interval = let cmd = Term.(ret (const jump $ setup_log $ socket $ interval)), - Term.info "vmmd_stats" ~version:"%%VERSION_NUM%%" + Term.info "albatross_stats" ~version:"%%VERSION_NUM%%" let () = match Term.eval cmd with `Ok () -> exit 0 | _ -> exit 1 diff --git a/app/vmm_stats_pure.ml b/stats/albatross_stats_pure.ml similarity index 100% rename from app/vmm_stats_pure.ml rename to stats/albatross_stats_pure.ml diff --git a/app/vmm_stats_stubs.c b/stats/albatross_stats_stubs.c similarity index 100% rename from app/vmm_stats_stubs.c rename to stats/albatross_stats_stubs.c diff --git a/stats/dune b/stats/dune new file mode 100644 index 0000000..4879890 --- /dev/null +++ b/stats/dune @@ -0,0 +1,32 @@ +(* -*- tuareg -*- *) + +let freebsd = try Sys.command "uname -s | grep -c FreeBSD > /dev/null" = 0 with _ -> false + +let () = + Jbuild_plugin.V1.send @@ Printf.sprintf {| +(library + (name albatross_stats) + (public_name albatross.stats) + (libraries albatross) + (wrapped false) + (c_names albatross_stats_stubs) + (modules albatross_stats_pure)) + +(executable + (name albatross_stats) + (public_name albatross-stats) + (package albatross) + (modules albatross_stats) + %s + (libraries albatross.cli albatross.stats albatross)) + +(executable + (name albatross_stat_client) + (public_name albatross-stat-client) + (package albatross) + (modules albatross_stat_client) + %s + (libraries albatross.cli albatross.stats albatross)) |} + (if freebsd then "(link_flags (-ccopt \"-lvmmapi\"))" else "") + (if freebsd then "(link_flags (-ccopt \"-lvmmapi\"))" else "") + diff --git a/app/vmmd_tls_common.ml b/tls/albatross_tls_common.ml similarity index 100% rename from app/vmmd_tls_common.ml rename to tls/albatross_tls_common.ml diff --git a/app/vmmd_tls.ml b/tls/albatross_tls_endpoint.ml similarity index 92% rename from app/vmmd_tls.ml rename to tls/albatross_tls_endpoint.ml index d08faaa..19f51c1 100644 --- a/app/vmmd_tls.ml +++ b/tls/albatross_tls_endpoint.ml @@ -2,7 +2,7 @@ open Lwt.Infix -open Vmmd_tls_common +open Albatross_tls_common let server_socket port = let open Lwt_unix in @@ -21,7 +21,7 @@ let jump _ cacert cert priv_key port = tls_config cacert cert priv_key >>= fun (config, ca) -> let rec loop () = Lwt.catch (fun () -> - Lwt_unix.accept socket >>= fun (fd, addr) -> + Lwt_unix.accept socket >>= fun (fd, _addr) -> Lwt.catch (fun () -> Tls_lwt.Unix.server_of_fd config fd) (fun exn -> @@ -52,7 +52,7 @@ let jump _ cacert cert priv_key port = loop ()) open Cmdliner -open Vmm_cli +open Albatross_cli let port = let doc = "TCP listen port" in @@ -60,6 +60,6 @@ let port = let cmd = Term.(ret (const jump $ setup_log $ cacert $ cert $ key $ port)), - Term.info "vmmd_tls" ~version:"%%VERSION_NUM%%" + Term.info "albatross_tls_endpoint" ~version:"%%VERSION_NUM%%" let () = match Term.eval cmd with `Ok () -> exit 0 | _ -> exit 1 diff --git a/app/vmmd_tls_inetd.ml b/tls/albatross_tls_inetd.ml similarity index 92% rename from app/vmmd_tls_inetd.ml rename to tls/albatross_tls_inetd.ml index 84be655..00d8f49 100644 --- a/app/vmmd_tls_inetd.ml +++ b/tls/albatross_tls_inetd.ml @@ -1,7 +1,7 @@ (* (c) 2018 Hannes Mehnert, all rights reserved *) open Lwt.Infix -open Vmmd_tls_common +open Albatross_tls_common let jump cacert cert priv_key = Sys.(set_signal sigpipe Signal_ignore) ; @@ -29,6 +29,6 @@ open Cmdliner let cmd = Term.(ret (const jump $ cacert $ cert $ key)), - Term.info "vmmd_tls_inetd" ~version:"%%VERSION_NUM%%" + Term.info "albatross_tls_inetd" ~version:"%%VERSION_NUM%%" let () = match Term.eval cmd with `Ok () -> exit 0 | _ -> exit 1 diff --git a/tls/dune b/tls/dune new file mode 100644 index 0000000..b7e989d --- /dev/null +++ b/tls/dune @@ -0,0 +1,26 @@ +(library + (name albatross_tls) + (public_name albatross.tls) + (wrapped false) + (modules vmm_tls vmm_tls_lwt) + (libraries albatross tls tls.lwt x509)) + +(library + (name albatross_tls_cli) + (wrapped false) + (modules albatross_tls_common) + (libraries albatross_cli albatross.tls)) + +(executable + (name albatross_tls_endpoint) + (public_name albatross-tls-endpoint) + (package albatross) + (modules albatross_tls_endpoint) + (libraries albatross_cli albatross_tls_cli albatross)) + +(executable + (name albatross_tls_inetd) + (public_name albatross-tls-inetd) + (package albatross) + (modules albatross_tls_inetd) + (libraries albatross_cli albatross_tls_cli albatross)) diff --git a/src/vmm_tls.ml b/tls/vmm_tls.ml similarity index 100% rename from src/vmm_tls.ml rename to tls/vmm_tls.ml diff --git a/src/vmm_tls.mli b/tls/vmm_tls.mli similarity index 100% rename from src/vmm_tls.mli rename to tls/vmm_tls.mli diff --git a/src/vmm_tls_lwt.ml b/tls/vmm_tls_lwt.ml similarity index 100% rename from src/vmm_tls_lwt.ml rename to tls/vmm_tls_lwt.ml diff --git a/src/vmm_tls_lwt.mli b/tls/vmm_tls_lwt.mli similarity index 100% rename from src/vmm_tls_lwt.mli rename to tls/vmm_tls_lwt.mli