Commit graph

270 commits

Author SHA1 Message Date
Hannes Mehnert 9191d2cf9a drop version AV0, AV1; refactor vmm_asn 2018-10-28 22:52:20 +01:00
Hannes Mehnert 0f9375dc29 use oid 42 again 2018-10-28 22:39:31 +01:00
Hannes Mehnert 947b82f4f0 vmm_tls: ensure that add_policy commands carry a non-empty name 2018-10-28 22:30:08 +01:00
Hannes Mehnert d08de432b6 use proper extension 2018-10-28 22:28:22 +01:00
Hannes Mehnert 34291dbe65 vmmp_request 2018-10-28 22:14:39 +01:00
Hannes Mehnert 40519afbb7 issue policy_add commands by vmmd_tls for certificate chain 2018-10-28 20:50:10 +01:00
Hannes Mehnert 6677e3f1cb close on exit for vmmd.sock 2018-10-28 20:49:42 +01:00
Hannes Mehnert 8ab37d6b3b resources: remove_vm and remove_policy - no need to intertwine into a single remove 2018-10-28 19:50:48 +01:00
Hannes Mehnert 7b8f2cf802 add policy does nothing when received policy is equal to stored one 2018-10-28 19:41:06 +01:00
Hannes Mehnert 296b7a9b01 vmmd_tls: close sockets appropriately 2018-10-28 19:19:38 +01:00
Hannes Mehnert 5e921d7345 skip empty common names in vmm_tls 2018-10-28 19:04:24 +01:00
Hannes Mehnert ea6b291ad0 vmmp_ca work 2018-10-28 18:30:02 +01:00
Hannes Mehnert 8f02d8263d wip: vmmc_bistro 2018-10-28 02:03:27 +02:00
Hannes Mehnert 1d999e47bf . 2018-10-26 23:23:17 +02:00
Hannes Mehnert 7bbfb2e9fa use vmm_cli 2018-10-26 22:34:43 +02:00
Hannes Mehnert cc29ddc98c minor packaging fixes 2018-10-26 21:30:54 +02:00
Hannes Mehnert a60f866f70 fewer lists, read replies (to sockets) in vmmd 2018-10-26 21:30:54 +02:00
Hannes Mehnert aa051d62cd vmmd_log: send ack on data receive 2018-10-26 21:30:54 +02:00
Hannes Mehnert 01f933702d move stuff around 2018-10-26 21:30:54 +02:00
Hannes Mehnert 85a507db54 whitelist commands accepted via tls certificate 2018-10-26 21:29:59 +02:00
Hannes Mehnert 992e1b0a2b - Vmm_ring is now polymorph (alows to store log_entry :D)
- Vmm_console/log/stats do not read multiple times
  console_add loops
  console_subscribe terminates (a stream of messages is sent)
  log data stream loops
  log_subscribe terminates (a stream of data is sent)
  stat_add loops
  stat_remove loops
  stat_subscribe terminates (a stream of stats is sent)
terminates means: reads once more, and closes socket after second read returned
loop processes further incoming data
2018-10-26 21:29:59 +02:00
Hannes Mehnert b55281d1e5 include version in log_entries on disk, read log file on startup (and write events to ring store) 2018-10-26 21:29:59 +02:00
Hannes Mehnert cdae37b0bf interface for vmm_ring 2018-10-26 21:29:59 +02:00
Hannes Mehnert 04367421bf since argument for log_subscribe and console_subscribe 2018-10-26 21:29:59 +02:00
Hannes Mehnert 698ccea4d0 4.07 travis 2018-10-26 21:29:59 +02:00
Hannes Mehnert 6467b9d54f remove unused import 2018-10-26 21:29:59 +02:00
Hannes Mehnert 89fea934a7 copyright 2018-10-26 21:29:59 +02:00
Hannes Mehnert a064c7f58e move more stuff around 2018-10-26 21:29:59 +02:00
Hannes Mehnert d513269453 move stuff into vmm_commands 2018-10-26 21:29:59 +02:00
Hannes Mehnert 6f18f1bfff type data for streamed thingies 2018-10-26 21:29:59 +02:00
Hannes Mehnert ce0c42fa77 more cleanups 2018-10-26 21:29:59 +02:00
Hannes Mehnert 46548418cd minor cleanup: stats type 2018-10-26 21:29:59 +02:00
Hannes Mehnert f3c67f626a more cleanups 2018-10-26 21:29:59 +02:00
Hannes Mehnert 611d234e1a remove dead code 2018-10-26 21:29:59 +02:00
Hannes Mehnert d896d89bba . 2018-10-26 21:29:59 +02:00
Hannes Mehnert f5ce2d8826 reuse commands from Vmm_asn.wire_commands for certificates 2018-10-26 21:29:59 +02:00
Hannes Mehnert d6c87bacde minor tweaks 2018-10-26 21:29:59 +02:00
Hannes Mehnert a08f35ee5e cleanups 2018-10-26 21:29:59 +02:00
Hannes Mehnert 811f3abc50 adjustments 2018-10-26 21:29:59 +02:00
Hannes Mehnert c399501a18 get rid of vm_config.vname 2018-10-26 21:29:59 +02:00
Hannes Mehnert 183d1c9e58 toplevel for tls endpoint, client fixes 2018-10-26 21:29:59 +02:00
Hannes Mehnert 0441b8ab25 tls endpoint 2018-10-26 21:29:59 +02:00
Hannes Mehnert f939ff5a58 influx stats 2018-10-26 21:29:59 +02:00
Hannes Mehnert 467debe303 rip prometheus reporter 2018-10-26 21:29:59 +02:00
Hannes Mehnert 1d4d7509dc remove vmm_wire, use asn.1 2018-10-26 21:29:59 +02:00
Hannes Mehnert 51a0344477 fix warnings 2018-10-26 21:29:59 +02:00
Hannes Mehnert 2239aafdb7 revive vmm_client 2018-10-26 21:29:59 +02:00
Hannes Mehnert bcb280aa00 refactor commands into vmm_commands 2018-10-26 21:29:59 +02:00
Hannes Mehnert efc043cd5c fix 'vmmc info' 2018-10-26 21:29:59 +02:00
Hannes Mehnert 182e2ae10c policies:
vmmc now has more subcommands
  - policy [-n name] returns all policies in name and below
  - add_policy [-n name] [--cpu cpuid] [--mem mem] [--bridge bridge] [--block size] adds a policy
  - remove [-n name] removes policy at name

policy is just the same which is in vmm_req_delegation, and vmm_resources now check them:
- you cannot insert a subpolicy violating the prefix
- you cannot insert a policy which would forbid current resource usage
- you cannot insert a policy with which any subpolicy would be invalid
- you can adjust (increase/decrease) a policy if the above invariants are kept

implement "force create" directly in vmmd: much nicer to
 - check resource constraints,
 - kill vm potentially,
 - and create a new vm,
all as single transaction.
2018-10-26 21:29:59 +02:00