Skip to content

Commit

Permalink
Merge pull request #15 from gfieni/master
Browse files Browse the repository at this point in the history 
VPN connection/configuration checks
  • Loading branch information
@gfieni
gfieni authored Apr 10, 2017
2 parents 838b8d4 + e95761e commit 9e2e3af
Show file tree
Hide file tree
Showing 3 changed files with 69 additions and 19 deletions.
50 changes: 31 additions & 19 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,11 @@ A Docker Machine driver for the Grid5000 testbed infrastructure. It can be used

You need a Grid5000 account to use this driver. See [this page](https://www.grid5000.fr/mediawiki/index.php/Grid5000:Get_an_account) to create an account.

## VPN
**You need to be connected to the Grid5000 VPN to create and access your Docker node.**
**Do not forget to configure your DNS or use OpenVPN DNS auto-configuration.**
**Please follow the instructions from the [Grid5000 Wiki](https://www.grid5000.fr/mediawiki/index.php/VPN).**

## Installation from GitHub releases
Binary releases for Linux, MacOS and Windows using x86/x86_64 CPU architectures are available in the [releases page](https://github.com/Spirals-Team/docker-machine-driver-g5k/releases).
You can use the following commands to install or upgrade the driver:
Expand Down Expand Up @@ -38,24 +43,31 @@ export PATH=$PATH:$GOPATH/bin

## How to use

### VPN
You need to be connected to the Grid5000 VPN to create and access your Docker node.
Do not forget to configure your DNS or use OpenVPN DNS auto-configuration.
Please follow the instructions from the [Grid5000 Wiki](https://www.grid5000.fr/mediawiki/index.php/VPN).

### Driver-specific options
The driver needs a few options to create a machine. Here is a list of the supported options:

| Option | Description | Default value | Required |
|------------------------------|---------------------------------------------------------|-----------------------|------------|
| `--g5k-username` | Your Grid5000 account username | | Yes |
| `--g5k-password` | Your Grid5000 account password | | Yes |
| `--g5k-site` | Site to reserve the resources on | | Yes |
| `--g5k-walltime` | Timelife of the machine | "1:00:00" | No |
| `--g5k-image` | Name of the image to deploy | "jessie-x64-min" | No |
| `--g5k-resource-properties` | Resource selection with OAR properties (SQL format) | | No |
| `--g5k-use-job-reservation` | Job ID to use (need to be an already existing job ID) | | No |
| `--g5k-host-to-provision` | Host to provision (host need to be already deployed) | | No |
### Driver-specific command line flags

#### Flags description
* **`--g5k-username` : Your Grid5000 account username (required)**
* **`--g5k-password` : Your Grid5000 account password (required)**
* **`--g5k-site` : Site where the reservation of the node will be made (required)**
* `--g5k-walltime` : Duration of the node reservation (format: "hh:mm:ss")
* `--g5k-image` : Name of the system image to deploy on the node (Operating system)
* `--g5k-resource-properties` : Resource selection with OAR properties (SQL format)
* `--g5k-use-job-reservation` : Job ID to use (need to be an already existing job ID)
* `--g5k-host-to-provision` : Host to provision (host need to be already deployed)
* `--g5k-skip-vpn-checks` : Skip the VPN client connection and DNS configuration checks (for particular use case only, you should not enable this flag in normal use)

#### Flags usage
| Option | Environment | Default value |
|--------------------------------|------------------------------|-----------------------|
| `--g5k-username` | `G5K_USERNAME` | |
| `--g5k-password` | `G5K_PASSWORD` | |
| `--g5k-site` | `G5K_SITE` | |
| `--g5k-walltime` | `G5K_WALLTIME` | "1:00:00" |
| `--g5k-image` | `G5K_IMAGE` | "jessie-x64-min" |
| `--g5k-resource-properties` | `G5K_RESOURCE_PROPERTIES` | |
| `--g5k-use-job-reservation` | `G5K_USE_JOB_RESERVATION` | |
| `--g5k-host-to-provision` | `G5K_HOST_TO_PROVISION` | |
| `--g5k-skip-vpn-checks` | `G5K_SKIP_VPN_CHECKS` | False |

#### Resource properties
You can use [OAR properties](http://oar.imag.fr/docs/2.5/user/usecases.html#using-properties) to only select a node that matches your hardware requirements.
Expand All @@ -64,7 +76,7 @@ If you give incorrect properties or no resource matches your request, you will g
Error with pre-create check: "[G5K_api] request failed: 400 Bad Request."
```

More informations about usage of OAR properties are available on the [Grid5000 Wiki](https://www.grid5000.fr/mediawiki/index.php/Advanced_OAR#Other_examples_using_properties).
More information about usage of OAR properties are available on the [Grid5000 Wiki](https://www.grid5000.fr/mediawiki/index.php/Advanced_OAR#Other_examples_using_properties).

### Provisioning examples
An example of node provisioning:
Expand Down
18 changes: 18 additions & 0 deletions driver/driver.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ type Driver struct {
G5kImage string
G5kResourceProperties string
G5kHostToProvision string
G5kSkipVpnChecks bool
SSHKeyPair *ssh.KeyPair
}

Expand Down Expand Up @@ -101,6 +102,12 @@ func (d *Driver) GetCreateFlags() []mcnflag.Flag {
Usage: "Host to provision (host need to be already deployed, because deployment step will be skipped)",
Value: "",
},

mcnflag.BoolFlag{
EnvVar: "G5K_SKIP_VPN_CHECKS",
Name: "g5k-skip-vpn-checks",
Usage: "Skip the VPN client connection and DNS configuration checks (for particular use case only, you should not enable this flag in normal use)",
},
}
}

Expand All @@ -114,6 +121,7 @@ func (d *Driver) SetConfigFromFlags(opts drivers.DriverOptions) error {
d.G5kResourceProperties = opts.String("g5k-resource-properties")
d.G5kJobID = opts.Int("g5k-use-job-reservation")
d.G5kHostToProvision = opts.String("g5k-host-to-provision")
d.G5kSkipVpnChecks = opts.Bool("g5k-skip-vpn-checks")

// Docker Swarm
d.BaseDriver.SetSwarmConfigFromFlags(opts)
Expand All @@ -133,6 +141,11 @@ func (d *Driver) SetConfigFromFlags(opts drivers.DriverOptions) error {
return fmt.Errorf("You must give the site you want to reserve the resources on")
}

// warn if user disable VPN check
if d.G5kSkipVpnChecks {
log.Warn("VPN client connection and DNS configuration checks are disabled")
}

return nil
}

Expand Down Expand Up @@ -206,6 +219,11 @@ func (d *Driver) GetState() (state.State, error) {

// PreCreateCheck check parameters and submit the job to Grid5000
func (d *Driver) PreCreateCheck() (err error) {
// check VPN connection if enabled
if err := d.checkVpnConnection(); !d.G5kSkipVpnChecks && (err != nil) {
return err
}

// create API client
d.G5kAPI = api.NewApi(d.G5kUsername, d.G5kPassword, d.G5kSite)

Expand Down
20 changes: 20 additions & 0 deletions driver/g5k.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,31 @@ package driver

import (
"fmt"
"net"

"golang.org/x/crypto/ssh"

"github.com/Spirals-Team/docker-machine-driver-g5k/api"
"github.com/docker/machine/libmachine/log"
)

// checkVpnConnection check if the VPN is connected and properly configured (DNS) by trying to connect to the site frontend SSH server using its hostname
func (d *Driver) checkVpnConnection() error {
// construct site frontend hostname
frontend := fmt.Sprintf("frontend.%s.grid5000.fr:22", d.G5kSite)

// try to connect to the frontend SSH server
sshConfig := &ssh.ClientConfig{}
_, err := ssh.Dial("tcp", frontend, sshConfig)

// we need to check if the error is network-related because the SSH Dial will always return an error due to the Authentication being not configured
if _, ok := err.(*net.OpError); ok {
return fmt.Errorf("Connection to frontend of '%s' site failed. Please check if the site is not undergoing maintenance and your VPN client is connected and properly configured (see driver documentation for more information)", d.G5kSite)
}

return nil
}

func (d *Driver) submitNewJobReservation() error {
// if a job ID is provided, skip job reservation
if d.G5kJobID != 0 {
Expand Down

0 comments on commit 9e2e3af

Please sign in to comment.