Hannes Mehnert
65693ea188
revise the "--net=yyy" argument to (optionally) contain a service:bridge
...
it used to only contain service, and used the same string for the bridge. This
is not flexible enough to run off-the-shelf unikernels (configured for bridge
"service" and "management" on multi-homed servers). The old behaviour is the
new default (i.e. "--net=service" creates and attaches a tap device to bridge
"service", and passes "--net:service=tapYY" to the solo5 tender). But it is more
flexible now: "--net=service:other-bridge" will create a tap device attached to
"other-bridge" and pass "--net:service=tapYY" to the tender. This way, there's
no need to match bridge names on the actual server with network device names of
the unikernels.
NB: this is (mostly) backwards-compatible: the on-disk data structures are
versioned (and the version is bumped with this PR), an old albatross client can
send "create" commands to a new server. But a new client will get a parse error
from an old server - which is fine taking into consideration the deployment
base.
2020-03-25 16:09:23 +01:00
Hannes Mehnert
19a817e26c
cirrus: install pkgconf
2020-03-13 18:37:12 +01:00
Hannes Mehnert
a134218b64
use mirage-crypto and modern tls
2020-03-13 16:36:05 +01:00
Hannes Mehnert
22ce1fbdbc
Merge pull request #25 from hannesm/linux2
...
Linux support
2020-02-20 21:01:52 +01:00
Hannes Mehnert
da5ed22a14
compute uptime from now - started
2020-02-16 19:47:39 +01:00
Hannes Mehnert
ff59f05660
compatibility with x509 0.9.0
2020-02-16 16:33:19 +01:00
Hannes Mehnert
eebecd4a96
adjust cirrus for new location of create_package.sh
2019-11-27 11:28:38 +01:00
Hannes Mehnert
05ab18457b
systemd services, based on ee49c6240aa2cf2c9dac47eff6c751ce8c17efb5 by @cfcs
2019-11-27 11:27:55 +01:00
Hannes Mehnert
3dc21c037e
move FreeBSD packaging to packaging/FreeBSD
2019-11-27 11:27:55 +01:00
Hannes Mehnert
eccdaeafda
set umask in mkfifo
2019-11-27 11:27:55 +01:00
Hannes Mehnert
34817a2090
notes about brctl, could potentially be replaced by ip
2019-11-27 11:27:55 +01:00
Hannes Mehnert
6206e8681a
make dbdir and tmpdir platform-specific and overwritable by all command line utilities
2019-11-27 11:27:55 +01:00
Hannes Mehnert
56aa5545f8
basic cirrus on FreeBSD set
2019-11-27 11:27:25 +01:00
Hannes Mehnert
2d26a56c0d
Merge pull request #24 from hannesm/versioning
...
Versioning
2019-11-13 19:01:44 +01:00
Hannes Mehnert
13e731b78e
albatross tls: re-allow root in leaf certificate (i.e. root) to fix log and info commands via tls
...
this is an interaction of 057dbbf147
(allow multiple labels in leaf certificates) and a579a8e143
(print root as "." instead of "")
2019-11-11 23:20:03 +01:00
Hannes Mehnert
ff067255b0
albatrossd: acquire lock for restore
2019-11-11 23:20:03 +01:00
Hannes Mehnert
784429744c
versioning: revise it all, use a 'current' in Vmm_commands, all daemons reply with the received version on that particular stream
2019-11-11 23:20:03 +01:00
Hannes Mehnert
365a569b25
albatross_ca: compare request vs my version, write mine, bump to AV4
2019-11-11 19:18:48 +01:00
Hannes Mehnert
af04739575
albatross_ca: default to 1 day for leaf certificates, 1 year for intermediate policy_add certificates
2019-11-10 23:23:42 +01:00
Hannes Mehnert
b1272a75ec
create from state in series, not parallel to avoid communication mishappenings
...
the socket lock was removed in 58c34907
in favour of a global lock -- but the
bootup used an iter_p for create (which is usually called with the lock being
held by the caller)
2019-11-09 21:32:49 +01:00
Hannes Mehnert
bcb3efcb23
canonical tag is vm (historical reasons), let's unify
2019-11-09 20:52:39 +01:00
Hannes Mehnert
057dbbf147
revise naming freedom: multiple labels are allowed in certificate common names
...
influx may drop topmost label (if --drop-label provided)
2019-11-09 20:36:32 +01:00
Hannes Mehnert
ec9f00b39a
vmm_ring revise implementation
2019-10-29 20:42:51 +01:00
Hannes Mehnert
8a113e5ce0
revise log and console subscription protocol, require either since or count
2019-10-29 20:17:50 +01:00
Hannes Mehnert
90d1fd9d7d
console: use Lwt_unix.openfile (RDONLY; NONBLOCK) to open the fifo, followed
...
by Lwt_unix.wait_read (in read_console, called asynchronously in a fresh task)
and only then convert to a Lwt_io.t (of_fd ~mode:Input) -- thanks to @cfcs
This allows albatross to be run on Linux, where the former code lead to:
- open FIFO
- read <- EOF (although no writer was connected yet)
this works nicely around ocsigen/lwt#741
2019-10-27 23:23:54 +01:00
Hannes Mehnert
82782363b8
Vmm_unix.check_commands : unit -> (unit, [> `Msg of string ]) result - which
...
checks (platform-dependent) all required executables
Vmm_unix.prepare/exec execute solo5-{spt/hvt} depending on the image type
(solo5-elftool figures that out), use jsonm to parse output
Vmm_unix: use ip on linux, no longer ifconfig
2019-10-27 21:31:37 +01:00
Hannes Mehnert
01f6983325
cosmetics
2019-10-27 19:47:37 +01:00
Hannes Mehnert
1d33c17b53
use a variant for uname result, not strings
2019-10-27 19:43:54 +01:00
Hannes Mehnert
e1239366e1
travis: use docker, test on 4.08 and 4.09 as well
2019-10-15 20:25:44 +02:00
Hannes Mehnert
537c113a8a
albatross_log: a read-only mode to read a log file
2019-10-15 00:50:16 +02:00
Hannes Mehnert
47fef438e0
preserve backwards data compatibility
2019-10-15 00:49:58 +02:00
Hannes Mehnert
5b187999f1
restart: range 60..64 no restart, document all the exits
2019-10-14 11:05:22 +02:00
Hannes Mehnert
a579a8e143
root name is "." instead of ""
2019-10-13 13:40:17 +02:00
Hannes Mehnert
249796ce6f
minor
2019-10-12 02:30:21 +02:00
Hannes Mehnert
866cd9041a
move conn_metrics to Vmm_core
2019-10-12 02:15:44 +02:00
Hannes Mehnert
13edb22db3
bump wire version
2019-10-12 02:06:45 +02:00
Hannes Mehnert
c9820f3106
deterministic mac addresses!
2019-10-12 02:06:45 +02:00
Hannes Mehnert
0808c20583
restart on failure: add optional integer set which exit codes to restart on
2019-10-12 02:06:45 +02:00
Hannes Mehnert
6be9ebbc8b
revise tag and compression in unikernel config
2019-10-12 02:06:45 +02:00
Hannes Mehnert
520eab879e
minor api cleanup
2019-10-12 02:06:45 +02:00
Hannes Mehnert
58c3490782
restart on failure
2019-10-12 02:06:45 +02:00
Hannes Mehnert
f81a12bc4d
initial metrics
2019-10-12 02:06:38 +02:00
Hannes Mehnert
94912c21e4
changes for solo5 0.6
...
-- this is a breaking change in the wire protocol
2019-10-12 02:06:27 +02:00
Hannes Mehnert
a46538cabc
x509 API upgrade to 0.8.0
2019-10-12 02:06:16 +02:00
Hannes Mehnert
4787b0cf1f
remove unnecessary freebsd-specific teardown code (bhyvectl --destroy), since 0.6 reverted privdrop
2019-10-12 02:04:44 +02:00
Hannes Mehnert
2db9e0c15e
compression level is 9 for remote (bistro/request), and 0 for local now
2019-10-12 02:04:44 +02:00
Hannes Mehnert
da8dcef6a0
there's no need for albatross_x anymore, albatross keeps state itself these days
2019-10-12 02:04:44 +02:00
Hannes Mehnert
37ad18107e
something weird with decompress 1.0.0: getting Error: Library "decompress" not found. from dune @dinosaure
2019-10-12 02:04:44 +02:00
Hannes Mehnert
4ce52daea8
gather more statistics from kinfo_user (sys/user.h) on FreeBSD
...
- real time runtime information (in microsecs) ki_runtime
- start timeval ki_start
- count of copy-on-write fauls ki_cow
2019-10-12 02:04:44 +02:00
Hannes Mehnert
50ed6a8d1e
adapt to X509 0.7.0 API, minor comment and doc tweaks
2019-07-27 14:01:12 +02:00