[
https://issues.apache.org/jira/browse/VCL-862?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15375598#comment-15375598
]
ASF subversion and git services commented on VCL-862:
-----------------------------------------------------
Commit 1752533 from [email protected] in branch 'vcl/trunk'
[ https://svn.apache.org/r1752533 ]
VCL-862
Added subroutines to OS.pm:
get_current_image_tag
set_current_image_tag
set_post_load_status
get_post_load_status
set_tainted_status
get_tainted_status
Removed subroutine from OS.pm:
set_vcld_post_load_status
Removed call to set_vcld_post_load_status from each OS module.
Added call to set_post_load_status in image.pm after post_load is called when a
checkpoint is saved.
Added call to set_tainted_status in reserved.pm::process after the user
connection check is successful.
Added call to set_tainted_status in OS.pm::run_management_node_tools_scripts if
a post_reserve script gets executed. The logic is that the post_reserve script
does something specific to the reservation that may not be reverted if the
computer is sanitized. Added call to set_tainted_status to
Linux.pm::post_reserve and Windows.pm::post_reserve for the same reason.
Added call to get_tainted_status in reclaim.pm::process. If true, node is
always reloaded.
Removed 'computer_currentimage_vcld_post_load' from DataStructure.pm. It is no
longer being used. Removed call to
$self->data->set_computer_currentimage_vcld_post_load from
OS.pm::get_current_image_info.
Updated Provisioning.pm::node_status to call get_tainted_status and return
RELOAD if it is set. Reworked node_status and new.pm::reload_image to clean
things up.
Other
Added optional $suppress_key_missing_error argument to Windows.pm::reg_query.
Also added check for key or value which doesn't exist.
Added currently unused NFS-related subroutines to Windows.pm.
> Tag loaded image when request is reserved, inuse, or modified in any way
> other than a normal reload
> ---------------------------------------------------------------------------------------------------
>
> Key: VCL-862
> URL: https://issues.apache.org/jira/browse/VCL-862
> Project: VCL
> Issue Type: Improvement
> Components: vcld (backend)
> Reporter: Andy Kurth
> Assignee: Andy Kurth
> Fix For: 2.5
>
>
> It would be beneficial to tag the OS of a loaded computer once a request
> enters the reserved or inuse states. It would also be beneficial to tag a
> computer if anything is done to the computer which would not be done for a
> normal, non-cluster reservation. By tagging, I mean add something withing
> the computer's OS indicating the state. The easiest way to do this would be
> to add text to the _currentimage.txt_ file. We currently do this after the
> OS module's _post_load_ subroutine has run.
> The benefits would pertain to security and a consistent user experience. If
> for some reason, a computer gets put back into the _available_ state that had
> previously been reserved for a user but not fully sanitized or if the user
> logged in, the computer should be reloaded before being reserved for another
> user. This ordinarily wouldn't happen but is possible if one of the vcld
> processes abruptly dies or if the database is manipulated.
> Once a computer is reserved for a user, a line should be added to
> _currentimage.txt_. It could simply be a timestamp and the word _reserved_.
> If the computer is sanitized due to the user not acknowledging or connecting,
> the user accounts should be removed. Once completely sanitized, the line
> should be removed. If for any reason the computer isn't completely
> sanitized, the line would remain. Future reservation processes would see
> this and reload the computer.
> The same would be true if the user connects. An _inuse_ line would be added
> to _currentimage.txt_.
> The code should also check if anything alters the computer which would not
> ordinarily happen for a single-computer reservation such as cluster scripts
> being run. For example, an image could be a child image for a cluster. A
> user could make a reservation for the cluster image and something could be
> applied to the to the child computer. If the user never acknowledges, the
> child computer wouldn't be reloaded. It could be assigned to another cluster
> request with different computers for a different user. Inconsistent results
> could happen if the cluster scripts are run again.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
