Merge branch 'acb-develop'

Support safe browsing with VTN configuration, some cleanup of vSG synchronizer
diff --git a/xos/configurations/cord-pod/cdn/cmi-settings.sh b/xos/configurations/cord-pod/cdn/cmi-settings.sh
new file mode 100644
index 0000000..cf05a27
--- /dev/null
+++ b/xos/configurations/cord-pod/cdn/cmi-settings.sh
@@ -0,0 +1,7 @@
+# This holds the connection information necessary to talk to your CMI.
+# It will be used by setup-cmi.sh and ssh-cmi.sh
+
+COMPUTE_NODE=cp-2.smbaker-xos-vtn.xos-pg0.clemson.cloudlab.us
+MGMT_IP=172.27.0.17
+NODE_KEY=/root/setup/id_rsa.sh
+VM_KEY=cmi_id_rsa
diff --git a/xos/configurations/cord-pod/cdn/cmi.yaml b/xos/configurations/cord-pod/cdn/cmi.yaml
new file mode 100644
index 0000000..206f89b
--- /dev/null
+++ b/xos/configurations/cord-pod/cdn/cmi.yaml
@@ -0,0 +1,40 @@
+---
+- hosts: cmi
+  connection: ssh
+  user: root
+  vars:
+    eth_device: eth0
+    cmi_password: XOScdn123$
+    cmi_hostname: xos-cloudlab-cmi-vtn.opencloud.us
+    cmi_dns: 8.8.8.8
+    cdn_site: CoBlitz Test
+    cdn_short_name: cobtest
+    cdn_name: CoBlitz
+    gateway_ip: 10.124.0.1
+    gateway_mac: 00:8c:fa:5b:09:d8
+    node_hostname: xos-cloudlab-cmi-vtn.opencloud.us
+  tasks:
+#  - name: fix the networking
+#    shell: "{{ item }}"
+#    with_items:
+#      - ip route del default || true
+#      - ip route add default via {{ gateway_ip }}
+#      - arp -s {{ gateway_ip }} {{ gateway_mac }}
+
+#  - name: copy over setup answers
+#    template: src=templates/setup_answers.txt dest=/root/setup_answers.txt
+
+#  - name: run the setup script
+#    shell: /a/sbin/setup.sh < /root/setup_answers.txt
+
+  - name: fix onevapi CDNPrefix bug
+    shell: sed -i 's/hostname/str/g' /vservers/coplc/usr/share/cob_api/COB/PublicObjects/CDNPrefix.py
+
+  - name: fix onevapi OriginServer bug
+    shell: sed -i 's/attrToCheck = "edge_hosttype"/attrToCheck = "edge_hosttype_broken"/g' /vservers/coplc/usr/share/cob_api/COB/PublicObjects/OriginServer.py
+
+  - name: copy over cmi setup template
+    template: src=templates/setup_cmi_onevsh.sh dest=/vservers/coplc/root/setup_cmi_onevsh.sh
+
+  - name: copy over cmi node setup template
+    template: src=templates/setup_cmi_node.sh dest=/vservers/coplc/root/setup_cdmi_node.sh
diff --git a/xos/configurations/cord-pod/cdn/cmi_id_rsa.pub b/xos/configurations/cord-pod/cdn/cmi_id_rsa.pub
new file mode 100644
index 0000000..4acc08f
--- /dev/null
+++ b/xos/configurations/cord-pod/cdn/cmi_id_rsa.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+4THhqOmPNnFa/C/WbR7+BOvjJAZPRmB5d2c81CNHzkyk7OLaibEQ84Hkcaaj+KLQPKcyWhpyCLlXiaOufHQUqI4rKpFceEPpuaGRGvFrs6JRK1m3X+fj2Xw9Odg+SnJ+zHyJqwyh+8QTubFZfPXx0Gti5P6utkgzWqUmh0XuqC0JLVXBGs5M3ViIq7NemlUPcWPCLfsCzDMHMMvSeJfnT7+LB76YXqMNpmwyq9Dwv/MRd/8lV6C4q3ZmlwBBuXl4JxdUha6LtecLO+2Wdjoin+g3otCmgCnVZKAh2H1BLcZkHSy9ILs+vj22m8oB2ufyefP+R6Xsyne+G3kpJqWV smbaker@fc16-64.lan
diff --git a/xos/configurations/cord-pod/cdn/private/README b/xos/configurations/cord-pod/cdn/private/README
new file mode 100644
index 0000000..e5cfbc1
--- /dev/null
+++ b/xos/configurations/cord-pod/cdn/private/README
@@ -0,0 +1 @@
+Stuff in here is private and will not be uploaded to github. 
diff --git a/xos/configurations/cord-pod/cdn/setup-cmi.sh b/xos/configurations/cord-pod/cdn/setup-cmi.sh
new file mode 100644
index 0000000..5f18ddc
--- /dev/null
+++ b/xos/configurations/cord-pod/cdn/setup-cmi.sh
@@ -0,0 +1,20 @@
+#! /bin/bash
+
+source cmi-settings.sh
+
+#apt-get -y install sshpass
+
+echo "[ssh_connection]" > cmi.conf
+echo "ssh_args = -o \"ProxyCommand ssh -q -i $NODE_KEY -o StrictHostKeyChecking=no root@$COMPUTE_NODE nc $MGMT_IP 22\"" >> cmi.conf
+echo "scp_if_ssh = True" >> cmi.conf
+echo "pipelining = True" >> cmi.conf
+echo >> cmi.conf
+echo "[defaults]" >> cmi.conf
+echo "host_key_checking = False" >> cmi.conf
+
+echo "cmi ansible_ssh_private_key_file=$VM_KEY" > cmi.hosts
+
+export ANSIBLE_CONFIG=cmi.conf
+export ANSIBLE_HOSTS=cmi.hosts
+
+ansible-playbook -vvvv cmi.yaml
diff --git a/xos/configurations/cord-pod/cdn/ssh-cmi.sh b/xos/configurations/cord-pod/cdn/ssh-cmi.sh
new file mode 100644
index 0000000..15a0408
--- /dev/null
+++ b/xos/configurations/cord-pod/cdn/ssh-cmi.sh
@@ -0,0 +1,5 @@
+#! /bin/bash
+
+source ./cmi-settings.sh
+
+ssh -i $VM_KEY -o "ProxyCommand ssh -q -i $NODE_KEY -o StrictHostKeyChecking=no root@$COMPUTE_NODE nc $MGMT_IP 22" root@cmi
diff --git a/xos/configurations/cord-pod/cdn/templates/setup_answers.txt b/xos/configurations/cord-pod/cdn/templates/setup_answers.txt
new file mode 100644
index 0000000..1c20be9
--- /dev/null
+++ b/xos/configurations/cord-pod/cdn/templates/setup_answers.txt
@@ -0,0 +1,18 @@
+y
+{{ cmi_password }}
+{{ cmi_password }}
+n
+{{ eth_device }}
+y
+{{ cmi_hostname }}
+{{ eth_device }}
+
+
+{{ cdn_site }}
+{{ cdn_short_name }}
+{{ cmi_dns }}
+
+{{ cdn_name }}
+{{ cmi_password }}
+{{ cmi_password }}
+y
diff --git a/xos/configurations/cord-pod/cdn/templates/setup_cmi_node.sh b/xos/configurations/cord-pod/cdn/templates/setup_cmi_node.sh
new file mode 100644
index 0000000..4c1abed
--- /dev/null
+++ b/xos/configurations/cord-pod/cdn/templates/setup_cmi_node.sh
@@ -0,0 +1,12 @@
+site_id=GetSites()[0]["site_id"]
+nodeinfo = {'hostname': "{{ node_hostname }}", 'dns': "8.8.8.8"}
+n_id = AddNode(site_id, nodeinfo)
+mac = "DE:AD:BE:EF:00:01"
+interfacetemplate = {'mac': mac, 'kind': 'physical', 'method': 'static', 'is_primary': True, 'if_name': 'eth0'}
+i_id = AddInterface(n_id, interfacetemplate)
+ip_addr = "169.254.169.1" # TO DO: get this from Neutron in the future
+netmask = "255.255.255.254" # TO DO: get this from Neutron in the future
+ipinfo = {'ip_addr': ip_addr, 'netmask': netmask, 'type': 'ipv4'}
+ip_id = AddIpAddress(i_id, ipinfo)
+routeinfo = {'interface_id': i_id, 'next_hop': "127.0.0.127", 'subnet': '0.0.0.0', 'metric': 1}
+r_id = AddRoute(n_id, routeinfo)
diff --git a/xos/configurations/cord-pod/cdn/templates/setup_cmi_onevsh.sh b/xos/configurations/cord-pod/cdn/templates/setup_cmi_onevsh.sh
new file mode 100644
index 0000000..d5ef513
--- /dev/null
+++ b/xos/configurations/cord-pod/cdn/templates/setup_cmi_onevsh.sh
@@ -0,0 +1,4 @@
+sp=Create("ServiceProvider", {"account": "openstack", "name": "openstack", "enabled": True})
+cp=Create("ContentProvider", {"account": "test", "name": "test", "enabled": True, "service_provider_id": sp})
+ors=Create("OriginServer", {"url": "http://www.cs.arizona.edu/", "content_provider_id": cp, "service_type": "HyperCache"})
+pre=Create("CDNPrefix", {"service": "HyperCache", "enabled": True, "content_provider_id": cp, "cdn_prefix": "test.vicci.org", "default_origin_server": "http://www.cs.arizona.edu/"})