Eight ops pages ported

2019-07-04 - Progress - Tony Finch

This week I passed a halfway mark in porting web pages from the old IP Register web interface on Jackdaw to the "v3" web interface. The previous note on this topic was in May when the first ops page was ported to v3, back before the Beer Festival and the server patching work.

Goals of v3

There are two primary goals for the ipreg v3 web interface:

  • Move the web interface off Jackdaw

  • Make it possible to move the database off Jackdaw and Oracle and on to PostgreSQL

The move to PostgreSQL will allow us to change the schema, APIs, and web user interface more significantly. The "v4" label is for those longer term plans.

What v3 is not

This work does not change the user-visible structure of the ipreg web interface: there is the same set of ops pages, which do the same things, and report errors by dumping Oracle error codes into the web page.

The aim is for v3 to be just enough to get off Jackdaw, remaining compatible with API clients apart from the change of URL.

Hidden changes

In the previous article I outlined some of the changes to the framework code as it has moved off Jackdaw. A lot of this is necessary because of differences in how the web app authenticates to Oracle, and to support parallel running between Oracle and PostgreSQL while the back end is ported later on.

While refactoring and porting the ops pages to the new framework, it has become more clear where the trouble-spots are for moving the database to PostgreSQL. There will be more work needed to improve the separation between the web and database layers.

Visible changes

To make this project more rewarding, I am making some small improvements that should make the web pages nicer to look at and slightly less annoying to use. Minor things like:

  • Lists instead of drop-down menus for choosing things like IP addresses of multihomed boxes

  • More lenient handling of extra whitespace in input boxes, or trailing dots on domain names

  • Better autofocus and more useful default button

Example screenshots

So far I have ported the simpler pages. The idea is to get the hang of things and solve many of the probems in an easier setting, to avoid getting bogged down by having to deal with too much at once in the more complictated pages.

You can't try these out yourselves yet, because v3 is still in heavy development and often broken. But if you have any reactions, positive or negative, please let ip-register@uis.cam.ac.uk know!

old box_ops

For reference, here's the existing box_ops page on Jackdaw. (Click to embiggen any of these screenshots.)

new box ops

  • Top right, there is a small chevron which allows you to compactify or embiggen the Project Light header and footer. I am showing the pages in compact mode. (This chevron also works on the main www.dns.cam.ac.uk web site and the git.uis.cam.ac.uk server.)

  • Bottom middle in the footer is the DNS update time confirmation. (On www.dns.cam.ac.uk this slot has the page timestamp.)

  • The Project Light navigation menu has the links to the ops pages, and highlights the current page instead of disappearing it.

  • The sidebar has the other bits and bobs from the header of the old pages. The "connection" box bottom right might become more interesting during the port from Oracle to PostgreSQL.

  • Labels for mandatory fields are bold.

  • Press enter for the display action.

superuser box ops

Privileged users get a few extra options. I'm going to use my main account to take most of the screenshots so that I can show what the forms look like when populated.

Each edit button copies a record into the input fields below so that the record can be manipulated. In this example, I hit edit then del on the IPv4 address of a DNS server, which provoked an error from Oracle because of an aname constraint check.

[ This data is very stale - "ruff" is a clone of jackdaw that we are using for development work. So this example is from before the DNS server rename. Disregard any recent "last updated" notes in the screenshots below, because they are a result of me testing, they are not live data. ]

motd ops

The first and simplest page. When there is a message of the day it is displayed at the top of the sidebar.

vbox ops

The last and most complicated page so far.

aname ops

cname ops

mx ops

srv ops

I always found the old service_ops page more confusing than I would like. So, there is now a placeholder hint about the format of the srv name field, and the input boxes are now in the same order as in the DNS.

totp ops

Since the ipreg security revamp about two and a half years ago, we have used TOTP second factor authentication for privileged users to protect against compromise of UIS passwords. This page allows us to display a QR code for enrolling new devices for ourselves or each other. No, you don't get to see my QR code :-)

2nd factor authentication