2 from __future__ import with_statement
4 # sfi -- slice-based facility interface
9 from optparse import OptionParser
10 from geni.util.cert import Keypair, Certificate
11 from geni.util.credential import Credential
12 from geni.util.geniclient import GeniClient, ServerException
13 from geni.util.gid import create_uuid
14 from geni.util.record import GeniRecord
16 sfi_dir = os.path.expanduser("~/.sfi/")
24 # Establish Connection to SliceMgr and Registry Servers
26 def set_servers(options):
33 if (options.sm is not None):
35 elif ("SFI_SM" in os.environ):
36 sm_url = os.environ["SFI_SM"]
38 print "No Known Slice Manager"
42 if (options.registry is not None):
43 reg_url = options.registry
44 elif ("SFI_REGISTRY" in os.environ):
45 reg_url = os.environ["SFI_REGISTRY"]
47 print "No Known Registry Server"
51 print "Contacting Slice Manager at:", sm_url
52 print "Contacting Registry at:", reg_url
55 if (options.user is not None):
57 elif ("SFI_USER" in os.environ):
58 user = os.environ["SFI_USER"]
60 print "No Known User Name"
64 if (options.auth is not None):
65 authority = options.auth
66 elif ("SFI_AUTH" in os.environ):
67 authority = os.environ["SFI_AUTH"]
71 # Get key and certificate
72 key_file = get_key_file()
73 cert_file = get_cert_file(key_file)
75 # Establish connection to server(s)
76 slicemgr = GeniClient(sm_url, key_file, cert_file)
77 registry = GeniClient(reg_url, key_file, cert_file)
81 # Get various credential and spec files
83 # Establishes limiting conventions
84 # - conflates MAs and SAs
85 # - assumes last token in slice name is unique
87 # Bootstraps credentials
88 # - bootstrap user credential from self-signed certificate
89 # - bootstrap authority credential from user credential
90 # - bootstrap slice credential from user credential
94 parts = name.split(".")
98 file = os.path.join(sfi_dir, get_leaf(user) + ".pkey")
99 if (os.path.isfile(file)):
102 print "Key file", file, "does not exist"
106 def get_cert_file(key_file):
109 file = os.path.join(sfi_dir, get_leaf(user) + ".cert")
110 if (os.path.isfile(file)):
113 k = Keypair(filename = key_file)
114 cert = Certificate(subject=user)
116 cert.set_issuer(k, user)
119 print "Writing self-signed certificate to", file
120 cert.save_to_file(file)
126 file = os.path.join(sfi_dir, get_leaf(user) + ".cred")
127 if (os.path.isfile(file)):
128 user_cred = Credential(filename=file)
131 # bootstrap user credential
132 user_cred = registry.get_credential(None, "user", user)
134 user_cred.save_to_file(file, save_parents=True)
136 print "Writing user credential to", file
139 print "Failed to get user credential"
146 print "no authority specified. Use -a or set SF_AUTH"
149 file = os.path.join(sfi_dir, get_leaf("authority") +".cred")
150 if (os.path.isfile(file)):
151 auth_cred = Credential(filename=file)
154 # bootstrap authority credential from user credential
155 user_cred = get_user_cred()
156 auth_cred = registry.get_credential(user_cred, "sa", authority)
158 auth_cred.save_to_file(file, save_parents=True)
160 print "Writing authority credential to", file
163 print "Failed to get authority credential"
166 def get_slice_cred(name):
167 file = os.path.join(sfi_dir, "slice_" + get_leaf(name) + ".cred")
168 if (os.path.isfile(file)):
169 slice_cred = Credential(filename=file)
172 # bootstrap slice credential from user credential
173 user_cred = get_user_cred()
174 slice_cred = registry.get_credential(user_cred, "slice", name)
176 slice_cred.save_to_file(file, save_parents=True)
178 print "Writing slice credential to", file
181 print "Failed to get slice credential"
184 def get_rspec_file(rspec):
185 if (os.path.isabs(rspec)):
188 file = os.path.join(sfi_dir, rspec)
189 if (os.path.isfile(file)):
192 print "No such rspec file", rspec
195 def get_record_file(record):
196 if (os.path.isabs(record)):
199 file = os.path.join(sfi_dir, record)
200 if (os.path.isfile(file)):
203 print "No such registry record file", record
206 def load_publickey_string(fn):
208 key_string = f.read()
210 # if the filename is a private key file, then extract the public key
211 if "PRIVATE KEY" in key_string:
212 outfn = tempfile.mktemp()
213 cmd = "openssl rsa -in " + fn + " -pubout -outform PEM -out " + outfn
216 key_string = f.read()
222 # Generate sub-command parser
224 def create_cmd_parser(command, additional_cmdargs = None):
225 cmdargs = {"list": "name",
233 "create": "name rspec",
240 if additional_cmdargs:
241 cmdargs.update(additional_cmdargs)
243 if command not in cmdargs:
244 print "Invalid command\n"
246 for key in cmdargs.keys():
251 parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
252 % (command, cmdargs[command]))
253 if command in ("nodes", "resources"):
254 parser.add_option("-f", "--format", dest="format",type="choice",
255 help="display format (dns|ip|rspec)",default="rspec",
256 choices=("dns","ip","rspec"))
257 if command in ("list", "show", "remove"):
258 parser.add_option("-t", "--type", dest="type",type="choice",
259 help="type filter (user|slice|sa|ma|node|aggregate)",
260 choices=("user","slice","sa","ma","node","aggregate", "all"),
262 if command in ("show", "list", "nodes", "resources"):
263 parser.add_option("-o", "--output", dest="file",
264 help="output XML to file", metavar="FILE", default=None)
268 # Generate command line parser
269 parser = OptionParser(usage="sfi [options] command [command_options] [command_args]",
270 description="Commands: list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
271 parser.add_option("-r", "--registry", dest="registry",
272 help="root registry", metavar="URL", default=None)
273 parser.add_option("-s", "--slicemgr", dest="sm",
274 help="slice manager", metavar="URL", default=None)
275 parser.add_option("-d", "--dir", dest="dir",
276 help="working directory", metavar="PATH", default = sfi_dir)
277 parser.add_option("-u", "--user", dest="user",
278 help="user name", metavar="HRN", default=None)
279 parser.add_option("-a", "--auth", dest="auth",
280 help="authority name", metavar="HRN", default=None)
281 parser.add_option("-v", "--verbose",
282 action="store_true", dest="verbose", default=False,
284 parser.disable_interspersed_args()
288 def dispatch(command, cmd_opts, cmd_args):
289 globals()[command](cmd_opts, cmd_args)
292 # Main: parse arguments and dispatch to command
297 parser = create_parser()
298 (options, args) = parser.parse_args()
301 print "No command given. Use -h for help."
305 (cmd_opts, cmd_args) = create_cmd_parser(command).parse_args(args[1:])
306 verbose = options.verbose
308 print options.registry, options.sm, options.dir, options.verbose,\
309 options.user, options.auth
311 if command in ("nodes", "resources"):
312 print cmd_opts.format
313 elif command in ("list","show","remove"):
320 dispatch(command, cmd_opts, cmd_args)
322 print "Command not found:", command
328 # Following functions implement the commands
330 # Registry-related commands
333 # list entires in named authority registry
334 def list(opts, args):
336 user_cred = get_user_cred()
337 list = registry.list(user_cred, args[0])
338 list = filter_records(opts.type, list)
339 display_records(list)
341 save_records_to_file(opts.file, list)
344 # show named registry record
345 def show(opts, args):
347 user_cred = get_user_cred()
348 records = registry.resolve(user_cred, args[0])
349 records = filter_records(opts.type, records)
351 print "No record of type", opts.type
352 display_records(records, True)
354 save_records_to_file(opts.file, records)
357 # removed named registry record
358 # - have to first retrieve the record to be removed
359 def remove(opts, args):
361 auth_cred = get_auth_cred()
362 return registry.remove(auth_cred, opts.type, args[0])
364 # add named registry record
367 auth_cred = get_auth_cred()
368 rec_file = get_record_file(args[0])
369 record = load_record_from_file(rec_file)
371 # check and see if we need to create a gid for this record. The creator
372 # of the record signals this by filling in the create_gid, create_gid_hrn,
373 # and create_gid_key members.
374 # (note: we'd use an unsigned GID in the record instead, but pyOpenSSL is
375 # broken and has no way for us to get the key back out of the gid)
376 geni_info = record.get_geni_info()
377 if "create_gid" in geni_info:
378 gid = registry.create_gid(auth_cred, geni_info["create_gid_hrn"], create_uuid(), geni_info["create_gid_key"])
381 del geni_info["create_gid"]
382 del geni_info["create_gid_hrn"]
383 del geni_info["create_gid_key"]
385 return registry.register(auth_cred, record)
387 # update named registry entry
388 def update(opts, args):
390 user_cred = get_user_cred()
391 rec_file = get_record_file(args[0])
392 record = load_record_from_file(rec_file)
394 if record.get_type() == "user":
395 if record.get_name() == user_cred.get_object_gid().get_hrn():
398 create = get_auth_cred()
399 elif record.get_type() in ["slice"]:
401 cred = get_slice_cred(record.get_name())
402 except ServerException, e:
403 if "PermissionError" in e.args[0]:
404 cred = get_auth_cred()
407 elif record.get_type() in ["sa", "ma", "node"]:
408 cred = get_auth_cred()
410 raise "unknown record type" + record.get_type()
412 return registry.update(cred, record)
415 # Slice-related commands
418 # list available nodes
419 def nodes(opts, args):
421 user_cred = get_user_cred()
425 context = opts.format
426 results = slicemgr.list_nodes(user_cred)
427 if opts.format in ['rspec']:
428 display_rspec(results)
430 display_list(results)
431 if (opts.file is not None):
432 rspec = slicemgr.list_nodes(user_cred)
433 save_rspec_to_file(rspec, opts.file)
436 # list instantiated slices
437 def slices(opts, args):
439 user_cred = get_user_cred()
440 results = slicemgr.list_slices(user_cred)
441 display_list(results)
444 # show rspec for named slice
445 def resources(opts, args):
448 slice_cred = get_slice_cred(args[0])
449 result = slicemgr.get_resources(slice_cred, args[0])
451 user_cred = get_user_cred()
452 result = slicemgr.get_resources(user_cred)
453 display_rspec(result)
454 if (opts.file is not None):
455 save_rspec_to_file(opts.file, result)
458 # created named slice with given rspec
459 def create(opts, args):
462 slice_cred = get_slice_cred(slice_hrn)
463 rspec_file = get_rspec_file(args[1])
464 with open(rspec_file) as f:
466 return slicemgr.create_slice(slice_cred, slice_hrn, rspec)
469 def delete(opts, args):
472 slice_cred = get_slice_cred(slice_hrn)
474 return slicemgr.delete_slice(slice_cred, slice_hrn)
477 def start(opts, args):
479 slice_cred = get_slice_cred(args[0])
480 return slicemgr.start_slice(slice_cred)
483 def stop(opts, args):
485 slice_cred = get_slice_cred(args[0])
486 return slicemgr.stop_slice(slice_cred)
489 def reset(opts, args):
491 slice_cred = get_slice_cred(args[0])
492 return slicemgr.reset_slice(slice_cred)
496 # Display, Save, and Filter RSpecs and Records
497 # - to be replace by EMF-generated routines
501 def display_rspec(rspec):
505 def display_list(results):
506 for result in results:
509 def save_rspec_to_file(rspec, filename):
510 if not filename.startswith(os.sep):
511 filename = sfi_dir + filename
512 if not filename.endswith(".rspec"):
513 filename = filename + ".rspec"
515 f = open(filename, 'w')
520 def display_records(recordList, dump = False):
521 for record in recordList:
522 display_record(record, dump)
524 def display_record(record, dump = False):
528 info = record.getdict()
529 print "%s (%s)" % (info['hrn'], info['type'])
532 def filter_records(type, records):
533 filtered_records = []
534 for record in records:
535 if (record.get_type() == type) or (type == "all"):
536 filtered_records.append(record)
537 return filtered_records
539 def save_records_to_file(filename, recordList):
541 for record in recordList:
543 save_record_to_file(filename + "." + str(index), record)
545 save_record_to_file(filename, record)
548 def save_record_to_file(filename, record):
549 if not filename.startswith(os.sep):
550 filename = sfi_dir + filename
551 print "saving record", record.name, "to file", filename
552 str = record.save_to_string()
553 file(filename, "w").write(str)
556 def load_record_from_file(filename):
557 str = file(filename, "r").read()
558 record = GeniRecord(string=str)
561 if __name__=="__main__":