2 # vim:set ts=4 sw=4 expandtab:
7 # NodeManager plugin to empower slivers to make API calls
10 Sliver authentication support for NodeManager.
24 def start(options, conf):
25 logger.log("sliverauth: plugin starting up...")
27 def SetSliverTag(plc, slice, tagname, value):
28 node_id = tools.node_id()
29 slivertags=plc.GetSliceTags({"name":slice,"node_id":node_id,"tagname":tagname})
30 if len(slivertags)==0:
31 # looks like GetSlivers reports about delegated/nm-controller slices that do *not* belong to this node
32 # and this is something that AddSliceTag does not like
34 slivertag_id=plc.AddSliceTag(slice,tagname,value,node_id)
36 logger.log ("sliverauth: SetSliverTag - CAUGHT exception for (probably delegated) slice=%(slice)s tag=%(tagname)s node_id=%(node_id)d"%locals())
39 slivertag_id=slivertags[0]['slice_tag_id']
40 plc.UpdateSliceTag(slivertag_id,value)
42 def GetSlivers(data, config, plc):
43 if 'OVERRIDES' in dir(config):
44 if config.OVERRIDES.get('sliverauth') == '-1':
45 logger.log("sliverauth: Disabled", 2)
48 if 'slivers' not in data:
49 logger.log_missing_data("sliverauth.GetSlivers", 'slivers')
52 for sliver in data['slivers']:
53 path = '/vservers/%s' % sliver['name']
54 if not os.path.exists(path):
55 # ignore all non-plc-instantiated slivers
56 instantiation = sliver.get('instantiation','')
57 if instantiation == 'plc-instantiated':
58 logger.log("sliverauth: plc-instantiated slice %s does not yet exist. IGNORING!" % sliver['name'])
62 for attribute in sliver['attributes']:
63 name = attribute.get('tagname',attribute.get('name',''))
66 hmac = attribute['value']
70 # XXX need a better random seed?!
71 random.seed(time.time())
72 d = [random.choice(string.letters) for x in xrange(32)]
74 SetSliverTag(plc,sliver['name'],'hmac',hmac)
75 logger.log("sliverauth: setting %s hmac" % sliver['name'])
77 path = '/vservers/%s/etc/planetlab' % sliver['name']
78 if os.path.exists(path):
79 keyfile = '%s/key' % path
81 if os.path.exists(keyfile):
87 # create a temporary file in the vserver
88 fd, name = tempfile.mkstemp('','key',path)
91 if os.path.exists(keyfile):
93 os.rename(name,keyfile)
94 logger.log("sliverauth: writing hmac to %s " % keyfile)
96 os.chmod(keyfile,0400)