1 # command line interface
6 from geni.util.cert import *
7 from geni.util.geniclient import *
8 from geni.util.geniticket import *
10 long_opts = ["keyfile=", "help", "outfile=", "credfile=", "ticketfile=",
11 "username=", "email=", "ip=", "dns=", "dump_parents", "server=",
14 # default command line options
40 server_url = "https://localhost:12345/"
43 parts = hrn.split(".")
\r
47 print "syntax: cli <options> command <args>"
49 print " --username ... username (or hrn) of user making call"
50 print " --outfile ... save response to a file"
51 print " --credfile ... credential of user making call (or 'None')"
52 print " --keyfile ... private key file of user making call"
53 print " --ticketfile ... filename of ticket (for redeemticket)"
54 print " --email ... email address (for registering users)"
55 print " --ip ... IP address (for registering nodes)"
56 print " --dns ... DNS address (for registering nodes)"
57 print " --dump_parents ... dump parents"
58 print " --server ... geni server (registry/component) to connect to"
59 print " --filter <type> ... filter the results of a list operation (user | slice | node ...)"
60 print " --short ... list records in short format (name only)"
62 print " resolve <hrn>"
63 print " dumpCredential <filename>"
64 print " dumpGid <filename>"
65 print " getCredential <type> <hrn>"
68 print " createKey <filename>"
69 print " createGid <hrn> <uuid|None> <pubkey_fn>"
70 print " register <type> <hrn> <gid_filename>"
71 print " remove <type> <hrn>"
72 print " update <type> <hrn>"
77 def process_options():
81 global cert_file, cred_file
82 global key_file, out_file, ticket_file
83 global uuid, pkey_fn, gid_fn, email, gid_pkey_fn, ip, dns
90 (options, args) = getopt.getopt(sys.argv[1:], '', long_opts)
98 elif name == "--username":
100 elif name == "--outfile":
102 elif name == "--credfile":
104 elif name == "--certfile":
106 elif name == "--keyfile":
108 elif name == "--ticketfile":
110 elif name == "--email":
114 elif name == "--dns":
116 elif name == "--dump_parents":
118 elif name == "--server":
120 elif name == "--filter":
122 elif name == "--short":
126 print "no operation specified"
131 if opname == "resolve":
133 print "syntax: resolve <hrn>"
137 elif opname == "getCredential":
139 print "syntax: getcredential <type> <hrn>"
144 elif opname == "list":
146 print "syntax: list <hrn>"
151 elif opname == "createGid":
153 print "syntax: createGid <hrn> <uuid|None> <pubkey_fn>"
159 gid_pkey_fn = args[3]
161 elif opname == "register":
163 print "syntax: register <type> <hrn> <gid_filename>"
168 elif opname == "remove":
170 print "syntax: remove <type> <hrn>"
174 elif opname == "update":
176 print "syntax: update <type> <hrn>"
180 elif opname == "getTicket":
182 print "syntax: getTicket <hrn>"
186 elif opname == "dumpGid":
188 print "syntax: dumpGid <filename>"
192 leaf_name = get_leaf(username)
194 if cert_file == None:
195 cert_file = leaf_name + ".cert"
198 key_file = leaf_name + ".pkey"
200 if cred_file == None:
201 cred_file = leaf_name + ".cred"
204 print " server:", server_url
205 print " username:", username
206 print "cert_file:", cert_file
207 print " key_file:", key_file
208 print "cred_file:", cred_file
209 print "operation:", opname
212 print " out_file:", out_file
214 def get_authority(x):
216 return ".".join(parts[:3])
218 def dumpCredential():
222 gid = GID(filename = dump_fn)
225 # creates a self-signed certificate and private key
227 k = Keypair(create=True)
234 ik = Keypair(create=True)
237 print "writing private key to", key_file
238 k.save_to_file(key_file)
240 #cert = Certificate(subject=username)
242 #cert.set_issuer(ik, iname)
244 #print "writing self-signed cert to", cert_file
245 #cert.save_to_file(cert_file)
247 def load_publickey_string(fn):
249 key_string = f.read()
251 # if the filename is a private key file, then extract the public key
252 if "PRIVATE KEY" in key_string:
253 outfn = tempfile.mktemp()
254 cmd = "openssl rsa -in " + fn + " -pubout -outform PEM -out " + outfn
257 key_string = f.read()
268 # if the operation is not a local operation, then create a geniclient to
270 if (opname != "dumpCredential") and (opname != "help") and (opname != "createKey") and (opname != "dumpGid"):
271 if not os.path.exists(key_file):
272 print "key file", key_file, "does not exist"
274 if not os.path.exists(cert_file):
275 k = Keypair(filename = key_file)
276 cert = Certificate(subject=username)
278 cert.set_issuer(k, username)
280 print "writing self-signed cert to", cert_file
281 cert.save_to_file(cert_file)
282 client = GeniClient(server_url, key_file, cert_file)
284 # if a cred_file was specified, then load the credential
285 if (cred_file=="None") or (opname == "help") or (opname == "createKey") or \
286 (opname == "redeemTicket") or (opname == "dumpCredential") or (opname == "dumpGid"):
289 cred = Credential(filename = cred_file)
291 if opname == "dumpCredential":
294 elif opname == "dumpGid":
297 elif opname == "help":
300 elif opname == "createKey":
303 elif (opname == "resolve"):
304 result = client.resolve(cred, hrn)
306 for record in result:
308 record.dump(dump_parents=dump_parents)
312 elif (opname == "getCredential"):
313 result = client.get_credential(cred, type, hrn)
316 result.dump(dump_parents=dump_parents)
318 file(out_file, "w").write(result.save_to_string(save_parents=True))
322 elif (opname == "list"):
323 result = client.list(cred, hrn)
326 result = [r for r in result if r.type==filter]
328 for record in result:
330 print " ", record.get_name()
332 record.dump(dump_parents=dump_parents)
336 elif (opname == "createGid"):
337 # try loading it from a private or a public key file
338 pkey_string = load_publickey_string(gid_pkey_fn)
340 gid = client.create_gid(cred, hrn, uuid, pkey_string)
343 gid.dump(dump_parents=dump_parents)
345 file(out_file,"w").write(gid.save_to_string(save_parents=True))
349 elif (opname == "register"):
353 print "ERROR: must specify --email <addr> when registering users"
354 geni_info['email'] = email
358 print "ERROR: must specify --ip <addr> when registering nodes"
361 print "ERROR: must specify --dns <addr> when registering nodes"
362 geni_info['dns'] = dns
364 gid = GID(filename=gid_fn)
365 record = GeniRecord(name=hrn, gid=gid, type=type, pointer=-1)
366 record.set_geni_info(geni_info)
368 result = client.register(cred, record)
370 elif (opname == "remove"):
371 client.remove(cred, type, hrn)
373 elif (opname == "update"):
374 record_list = client.resolve(cred, hrn)
376 print "no records match hrn"
378 matching_records = []
379 for record in record_list:
380 if record.get_type() == type:
381 matching_records.append(record)
383 if not matching_records:
384 print "records match hrn, but no records match type"
386 for record in matching_records:
387 geni_info = record.get_geni_info()
390 geni_info['email'] = email
394 geni_info['dns'] = dns
396 client.update(cred, record)
398 elif (opname == "stopSlice"):
399 client.stop_slice(cred)
401 elif (opname == "startSlice"):
402 client.start_slice(cred)
404 elif (opname == "resetSlice"):
405 client.reset_slice(cred)
407 elif (opname == "deleteSlice"):
408 client.delete_slice(cred)
410 elif (opname == "listSlices"):
411 result = client.list_slices(cred)
413 print "\n".join(result)
415 file(out_file,"w").write("\n".join(result))
417 elif (opname == "getTicket"):
418 result = client.get_ticket(cred, hrn, {})
421 result.dump(dump_parents=dump_parents)
423 file(out_file,"w").write(result.save_to_string(save_parents=True))
427 elif (opname == "redeemTicket"):
428 ticket = Ticket(filename = ticket_file)
429 result = client.redeem_ticket(ticket)
432 print "unknown operation: " + opname
434 if __name__=="__main__":