| 313 | === User login information - Manifest Rspec Extension === |
| 314 | Many GENI reservable resources allow experimenters to log in to the resource to control it. |
| 315 | Aggregates shall use a new RSpec extension to include all login information in manifest RSpecs. This extension is version controlled in the GENI RSpec git repository. |
| 316 | |
| 317 | The extension adds information to the `<services>` tag, which already has the `<login>` tag. |
| 318 | |
| 319 | The `<login>` tag tells you the kind of authentication (ssh), the port, and the username. |
| 320 | The new extension adds an entry per login username |
| 321 | - URN of the user |
| 322 | - 1+ public SSH keys that can be used under that login |
| 323 | |
| 324 | Note that 1 of the `<user:services_user login>`s in the extension duplicates the default username already in the base `<login>` tag. The extension allows specifying the keys usable with that login username. |
| 325 | |
| 326 | EG: |
| 327 | {{{ |
| 328 | ....... |
| 329 | <services> |
| 330 | <login authentication="ssh-keys" hostname="pc27.emulab.net" port="22" username="flooby"/> |
| 331 | <ssh-user:services_user login="flooby" user_urn="http://urn:publicid:IDN+jonlab.tbres.emulab.net+user+flooby"> |
| 332 | <ssh-user:public_key>asdfasdfasdf;lkasdf=foo@bar</ssh-user:public_key> |
| 333 | <ssh-user:public_key>asdfasdfasdf;lkjasdf;lasdf=foobar@barfoo</ssh-user:public_key> |
| 334 | </ssh-user:services_user> |
| 335 | <ssh-user:services_user login="io" user_urn="http://urn:publicid:IDN+jonlab.tbres.emulab.net+user+io"> |
| 336 | <ssh-user:public_key>asdfasdfasdf;lkasdf=foo@bar</ssh-user:public_key> |
| 337 | <ssh-user:public_key>asdfasdfasdf;lkjasdf;lasdf=foobar@barfoo</ssh-user:public_key> |
| 338 | </ssh-user:services_user> |
| 339 | </services> |
| 340 | }}} |
| 341 | |
| 342 | And the RNC schema: |
| 343 | {{{ |
| 344 | # An extension for describing user login credentials in the manifest |
| 345 | |
| 346 | default namespace = "http://www.protogeni.net/resources/rspec/ext/ssh_user/1" |
| 347 | |
| 348 | # This is meant to extend the services element |
| 349 | Services = element services_user { |
| 350 | attribute login { string } & |
| 351 | attribute user_urn { string }? & |
| 352 | element public_key { string }* |
| 353 | } |
| 354 | |
| 355 | # Both of the above are start elements. |
| 356 | start = Services |
| 357 | }}} |
| 358 | |