2 # vim:set ts=4 sw=4 expandtab:
3 # NodeManager plugin to empower slivers to make API calls
6 Sliver authentication support for NodeManager.
20 def start(options, conf):
21 logger.log("sliverauth plugin starting up...")
23 def SetSliverTag(plc, slice, tagname, value):
24 node_id = tools.node_id()
25 slivertags=plc.GetSliceTags({"name":slice,"node_id":node_id,"tagname":tagname})
26 if len(slivertags)==0:
27 # looks like GetSlivers reports about delegated/nm-controller slices that do *not* belong to this node
28 # and this is something that AddSliceTag does not like
30 slivertag_id=plc.AddSliceTag(slice,tagname,value,node_id)
32 logger.log ("SetSliverTag - CAUGHT exception for (probably delegated) slice=%(slice)s tag=%(tagname)s node_id=%(node_id)d"%locals())
35 slivertag_id=slivertags[0]['slice_tag_id']
36 plc.UpdateSliceTag(slivertag_id,value)
38 def GetSlivers(data, config, plc):
39 if 'OVERRIDES' in dir(config):
40 if config.OVERRIDES.get('sliverauth') == '-1':
41 logger.log("sliverauth: Disabled", 2)
44 if 'slivers' not in data:
45 logger.log("sliverauth: getslivers data lack's sliver information. IGNORING!")
48 for sliver in data['slivers']:
50 for attribute in sliver['attributes']:
51 name = attribute.get('tagname',attribute.get('name',''))
54 hmac = attribute['value']
58 # XXX need a better random seed?!
59 random.seed(time.time())
60 d = [random.choice(string.letters) for x in xrange(32)]
62 SetSliverTag(plc,sliver['name'],'hmac',hmac)
63 logger.log("sliverauth setting %s hmac" % sliver['name'])
65 path = '/vservers/%s/etc/planetlab' % sliver['name']
66 if os.path.exists(path):
67 keyfile = '%s/key' % path
69 if os.path.exists(keyfile):
75 # create a temporary file in the vserver
76 fd, name = tempfile.mkstemp('','key',path)
79 if os.path.exists(keyfile):
81 os.rename(name,keyfile)
82 logger.log("sliverauth writing hmac to %s " % keyfile)
84 os.chmod(keyfile,0400)