3 # sfi -- slice-based facility interface
10 from types import StringTypes, ListType
11 from optparse import OptionParser
12 from sfa.trust.certificate import Keypair, Certificate
13 from sfa.trust.credential import Credential
14 from sfa.util.geniclient import GeniClient
15 from sfa.util.sfaticket import SfaTicket
16 from sfa.util.record import *
17 from sfa.util.misc import *
18 from sfa.util.rspec import RSpec
19 from sfa.util.xmlrpcprotocol import ServerException
20 import sfa.util.xmlrpcprotocol as xmlrpcprotocol
21 from sfa.util.config import Config
23 # utility methods here
25 def display_rspec(rspec, format = 'rspec'):
28 spec.parseString(rspec)
30 nodespecs = spec.getDictsByTagName('NodeSpec')
31 for nodespec in nodespecs:
32 if nodespec.has_key('name') and nodespec['name']:
33 if isinstance(nodespec['name'], ListType):
34 hostnames.extend(nodespec['name'])
35 elif isinstance(nodespec['name'], StringTypes):
36 hostnames.append(nodespec['name'])
38 elif format in ['ip']:
40 spec.parseString(rspec)
42 ifspecs = spec.getDictsByTagName('IfSpec')
43 for ifspec in ifspecs:
44 if ifspec.has_key('addr') and ifspec['addr']:
45 ips.append(ifspec['addr'])
53 def display_list(results):
54 for result in results:
58 def display_records(recordList, dump = False):
59 ''' Print all fields in the record'''
60 for record in recordList:
61 display_record(record, dump)
63 def display_record(record, dump = False):
67 info = record.getdict()
68 print "%s (%s)" % (info['hrn'], info['type'])
72 def filter_records(type, records):
74 for record in records:
75 if (record['type'] == type) or (type == "all"):
76 filtered_records.append(record)
77 return filtered_records
81 def save_rspec_to_file(rspec, filename):
82 if not filename.endswith(".rspec"):
83 filename = filename + ".rspec"
85 f = open(filename, 'w')
90 def save_records_to_file(filename, recordList):
92 for record in recordList:
94 save_record_to_file(filename + "." + str(index), record)
96 save_record_to_file(filename, record)
99 def save_record_to_file(filename, record):
100 if record['type'] in ['user']:
101 record = UserRecord(dict = record)
102 elif record['type'] in ['slice']:
103 record = SliceRecord(dict = record)
104 elif record['type'] in ['node']:
105 record = NodeRecord(dict = record)
106 elif record['type'] in ['authority', 'ma', 'sa']:
107 record = AuthorityRecord(dict = record)
109 record = GeniRecord(dict = record)
110 str = record.save_to_string()
111 file(filename, "w").write(str)
116 def load_record_from_file(filename):
117 str = file(filename, "r").read()
118 record = GeniRecord(string=str)
132 def create_cmd_parser(self,command, additional_cmdargs = None):
133 cmdargs = {"gid": "",
139 "aggregates": "[name]",
140 "registries": "[name]",
142 "resources": "[name]",
143 "create": "name rspec",
144 "get_trusted_certs": "cred",
145 "get_ticket": "name rspec",
146 "redeem_ticket": "ticket",
154 if additional_cmdargs:
155 cmdargs.update(additional_cmdargs)
157 if command not in cmdargs:
158 print "Invalid command\n"
160 for key in cmdargs.keys():
165 parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
166 % (command, cmdargs[command]))
168 if command in ("resources"):
169 parser.add_option("-f", "--format", dest="format",type="choice",
170 help="display format ([xml]|dns|ip)",default="xml",
171 choices=("xml","dns","ip"))
172 parser.add_option("-a", "--aggregate", dest="aggregate",
173 default=None, help="aggregate hrn")
175 if command in ("create", "get_ticket"):
176 parser.add_option("-a", "--aggregate", dest="aggregate",default=None,
177 help="aggregate hrn")
179 if command in ("list", "show", "remove"):
180 parser.add_option("-t", "--type", dest="type",type="choice",
181 help="type filter ([all]|user|slice|sa|ma|node|aggregate)",
182 choices=("all","user","slice","sa","ma","node","aggregate"),
185 if command in ("resources", "show", "list"):
186 parser.add_option("-o", "--output", dest="file",
187 help="output XML to file", metavar="FILE", default=None)
189 if command in ("show", "list"):
190 parser.add_option("-f", "--format", dest="format", type="choice",
191 help="display format ([text]|xml)",default="text",
192 choices=("text","xml"))
194 if command in ("delegate"):
195 parser.add_option("-u", "--user",
196 action="store_true", dest="delegate_user", default=False,
197 help="delegate user credential")
198 parser.add_option("-s", "--slice", dest="delegate_slice",
199 help="delegate slice credential", metavar="HRN", default=None)
203 def create_parser(self):
205 # Generate command line parser
206 parser = OptionParser(usage="sfi [options] command [command_options] [command_args]",
207 description="Commands: gid,list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
208 parser.add_option("-r", "--registry", dest="registry",
209 help="root registry", metavar="URL", default=None)
210 parser.add_option("-s", "--slicemgr", dest="sm",
211 help="slice manager", metavar="URL", default=None)
212 default_sfi_dir=os.path.expanduser("~/.sfi/")
213 parser.add_option("-d", "--dir", dest="sfi_dir",
214 help="config & working directory - default is " + default_sfi_dir,
215 metavar="PATH", default = default_sfi_dir)
216 parser.add_option("-u", "--user", dest="user",
217 help="user name", metavar="HRN", default=None)
218 parser.add_option("-a", "--auth", dest="auth",
219 help="authority name", metavar="HRN", default=None)
220 parser.add_option("-v", "--verbose",
221 action="store_true", dest="verbose", default=False,
223 parser.add_option("-p", "--protocol",
224 dest="protocol", default="xmlrpc",
225 help="RPC protocol (xmlrpc or soap)")
226 parser.add_option("-k", "--hashrequest",
227 action="store_true", dest="hashrequest", default=False,
228 help="Create a hash of the request that will be authenticated on the server")
229 parser.disable_interspersed_args()
235 # Establish Connection to SliceMgr and Registry Servers
237 def set_servers(self):
238 config_file = self.options.sfi_dir + os.sep + "sfi_config"
240 config = Config (config_file)
242 print "Failed to read configuration file",config_file
243 print "Make sure to remove the export clauses and to add quotes"
244 if not self.options.verbose:
245 print "Re-run with -v for more details"
247 traceback.print_exc()
252 if (self.options.sm is not None):
253 sm_url = self.options.sm
254 elif hasattr(config,"SFI_SM"):
255 sm_url = config.SFI_SM
257 print "You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s"%config_file
261 if (self.options.registry is not None):
262 reg_url = self.options.registry
263 elif hasattr(config,"SFI_REGISTRY"):
264 reg_url = config.SFI_REGISTRY
266 print "You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s"%config_file
270 if (self.options.user is not None):
271 self.user = self.options.user
272 elif hasattr(config,"SFI_USER"):
273 self.user = config.SFI_USER
275 print "You need to set e.g. SFI_USER='plc.princeton.username' in %s"%config_file
279 if (self.options.auth is not None):
280 self.authority = self.options.auth
281 elif hasattr(config,"SFI_AUTH"):
282 self.authority = config.SFI_AUTH
284 print "You need to set e.g. SFI_AUTH='plc.princeton' in %s"%config_file
290 if self.options.verbose :
291 print "Contacting Slice Manager at:", sm_url
292 print "Contacting Registry at:", reg_url
294 # Get key and certificate
295 key_file = self.get_key_file()
296 cert_file = self.get_cert_file(key_file)
297 self.key = Keypair(filename=key_file)
298 self.key_file = key_file
299 self.cert_file = cert_file
300 self.cert = Certificate(filename=cert_file)
301 # Establish connection to server(s)
302 #self.slicemgr = GeniClient(sm_url, key_file, cert_file, self.options.protocol)
303 #self.registry = GeniClient(reg_url, key_file, cert_file, self.options.protocol)
304 self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file)
305 self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file)
309 # Get various credential and spec files
311 # Establishes limiting conventions
312 # - conflates MAs and SAs
313 # - assumes last token in slice name is unique
315 # Bootstraps credentials
316 # - bootstrap user credential from self-signed certificate
317 # - bootstrap authority credential from user credential
318 # - bootstrap slice credential from user credential
322 def get_key_file(self):
323 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".pkey")
324 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".pkey")
325 if (os.path.isfile(file)):
328 print "Key file", file, "does not exist"
332 def get_cert_file(self,key_file):
334 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cert")
335 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert")
336 if (os.path.isfile(file)):
339 k = Keypair(filename = key_file)
340 cert = Certificate(subject=self.user)
342 cert.set_issuer(k, self.user)
344 if self.options.verbose :
345 print "Writing self-signed certificate to", file
346 cert.save_to_file(file)
350 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".gid")
351 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".gid")
352 if (os.path.isfile(file)):
353 gid = GID(filename=file)
356 cert_str = self.cert.save_to_string(save_parents=True)
359 request_hash = self.key.compute_hash([cert_str, self.user, "user"])
360 gid_str = self.registry.get_gid(cert_str, self.user, "user", request_hash)
361 gid = GID(string=gid_str)
362 if self.options.verbose:
363 print "Writing user gid to", file
364 gid.save_to_file(file, save_parents=True)
367 def get_user_cred(self):
368 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cred")
369 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cred")
370 if (os.path.isfile(file)):
371 user_cred = Credential(filename=file)
374 # bootstrap user credential
375 cert_string = self.cert.save_to_string(save_parents=True)
378 request_hash = self.key.compute_hash([cert_string, "user", self.user])
379 user_name=self.user.replace(self.authority+".", '')
380 if user_name.count(".") > 0:
381 user_name = user_name.replace(".", '_')
382 self.user=self.authority + "." + user_name
383 user_cred = self.registry.get_self_credential(cert_string, "user", self.user, request_hash)
385 cred = Credential(string=user_cred)
386 cred.save_to_file(file, save_parents=True)
387 if self.options.verbose:
388 print "Writing user credential to", file
391 print "Failed to get user credential"
394 def get_auth_cred(self):
395 if not self.authority:
396 print "no authority specified. Use -a or set SF_AUTH"
399 file = os.path.join(self.options.sfi_dir, get_leaf("authority") +".cred")
400 if (os.path.isfile(file)):
401 auth_cred = Credential(filename=file)
404 # bootstrap authority credential from user credential
405 user_cred = self.get_user_cred().save_to_string(save_parents=True)
408 request_hash = self.key.compute_hash([user_cred, "authority", self.authority])
409 auth_cred = self.registry.get_credential(user_cred, "authority", self.authority, request_hash)
411 cred = Credential(string=auth_cred)
412 cred.save_to_file(file, save_parents=True)
413 if self.options.verbose:
414 print "Writing authority credential to", file
417 print "Failed to get authority credential"
420 def get_slice_cred(self,name):
421 file = os.path.join(self.options.sfi_dir, "slice_" + get_leaf(name) + ".cred")
422 if (os.path.isfile(file)):
423 slice_cred = Credential(filename=file)
426 # bootstrap slice credential from user credential
427 user_cred = self.get_user_cred().save_to_string(save_parents=True)
428 arg_list = [user_cred, "slice", name]
431 request_hash = self.key.compute_hash(arg_list)
432 slice_cred_str = self.registry.get_credential(user_cred, "slice", name, request_hash)
434 slice_cred = Credential(string=slice_cred_str)
435 slice_cred.save_to_file(file, save_parents=True)
436 if self.options.verbose:
437 print "Writing slice credential to", file
440 print "Failed to get slice credential"
443 def delegate_cred(self,cred, hrn, type = 'authority'):
444 # the gid and hrn of the object we are delegating
445 object_gid = cred.get_gid_object()
446 object_hrn = object_gid.get_hrn()
447 cred.set_delegate(True)
448 if not cred.get_delegate():
449 raise Exception, "Error: Object credential %(object_hrn)s does not have delegate bit set" % locals()
452 records = self.registry.resolve(cred, hrn)
453 records = filter_records(type, records)
456 raise Exception, "Error: Didn't find a %(type)s record for %(hrn)s" % locals()
458 # the gid of the user who will be delegated too
459 delegee_gid = records[0].get_gid_object()
460 delegee_hrn = delegee_gid.get_hrn()
462 # the key and hrn of the user who will be delegating
463 user_key = Keypair(filename = self.get_key_file())
464 user_hrn = cred.get_gid_caller().get_hrn()
466 dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
467 dcred.set_gid_caller(delegee_gid)
468 dcred.set_gid_object(object_gid)
469 dcred.set_privileges(cred.get_privileges())
470 dcred.set_delegate(True)
471 dcred.set_pubkey(object_gid.get_pubkey())
472 dcred.set_issuer(user_key, user_hrn)
473 dcred.set_parent(cred)
479 def get_rspec_file(self,rspec):
480 if (os.path.isabs(rspec)):
483 file = os.path.join(self.options.sfi_dir, rspec)
484 if (os.path.isfile(file)):
487 print "No such rspec file", rspec
490 def get_record_file(self,record):
491 if (os.path.isabs(record)):
494 file = os.path.join(self.options.sfi_dir, record)
495 if (os.path.isfile(file)):
498 print "No such registry record file", record
501 def load_publickey_string(self,fn):
503 key_string = f.read()
505 # if the filename is a private key file, then extract the public key
506 if "PRIVATE KEY" in key_string:
507 outfn = tempfile.mktemp()
508 cmd = "openssl rsa -in " + fn + " -pubout -outform PEM -out " + outfn
511 key_string = f.read()
517 # Following functions implement the commands
519 # Registry-related commands
522 def dispatch(self,command, cmd_opts, cmd_args):
523 getattr(self,command)(cmd_opts, cmd_args)
525 def gid(self, opts, args):
527 print "GID: %s" % (gid.save_to_string(save_parents=True))
530 # list entires in named authority registry
531 def list(self,opts, args):
532 user_cred = self.get_user_cred().save_to_string(save_parents=True)
536 request_hash = self.key.compute_hash([user_cred, hrn])
538 list = self.registry.list(user_cred, hrn, request_hash)
540 raise Exception, "Not enough parameters for the 'list' command"
542 # filter on person, slice, site, node, etc.
543 # THis really should be in the self.filter_records funct def comment...
544 list = filter_records(opts.type, list)
546 print "%s (%s)" % (record['hrn'], record['type'])
549 if not file.startswith(os.sep):
550 file = os.path.join(self.options.sfi_dir, file)
551 save_records_to_file(file, list)
554 # show named registry record
555 def show(self,opts, args):
556 user_cred = self.get_user_cred().save_to_string(save_parents=True)
560 request_hash = self.key.compute_hash([user_cred, hrn])
561 records = self.registry.resolve(user_cred, hrn, request_hash)
562 records = filter_records(opts.type, records)
564 print "No record of type", opts.type
565 for record in records:
566 if record['type'] in ['user']:
567 record = UserRecord(dict = record)
568 elif record['type'] in ['slice']:
569 record = SliceRecord(dict = record)
570 elif record['type'] in ['node']:
571 record = NodeRecord(dict = record)
572 elif record['type'] in ['authority', 'ma', 'sa']:
573 record = AuthorityRecord(dict = record)
575 record = GeniRecord(dict = record)
576 if (opts.format=="text"):
579 print record.save_to_string()
583 if not file.startswith(os.sep):
584 file = os.path.join(self.options.sfi_dir, file)
585 save_records_to_file(file, records)
588 def delegate(self,opts, args):
589 user_cred = self.get_user_cred()
590 if opts.delegate_user:
591 object_cred = user_cred
592 elif opts.delegate_slice:
593 object_cred = self.get_slice_cred(opts.delegate_slice)
595 print "Must specify either --user or --slice <hrn>"
598 # the gid and hrn of the object we are delegating
599 object_gid = object_cred.get_gid_object()
600 object_hrn = object_gid.get_hrn()
602 if not object_cred.get_delegate():
603 print "Error: Object credential", object_hrn, "does not have delegate bit set"
606 records = self.registry.resolve(user_cred, args[0])
607 records = filter_records("user", records)
610 print "Error: Didn't find a user record for", args[0]
613 # the gid of the user who will be delegated too
614 delegee_gid = records[0].get_gid_object()
615 delegee_hrn = delegee_gid.get_hrn()
617 # the key and hrn of the user who will be delegating
618 user_key = Keypair(filename = self.get_key_file())
619 user_hrn = user_cred.get_gid_caller().get_hrn()
621 dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
622 dcred.set_gid_caller(delegee_gid)
623 dcred.set_gid_object(object_gid)
624 dcred.set_privileges(object_cred.get_privileges())
625 dcred.set_delegate(True)
626 dcred.set_pubkey(object_gid.get_pubkey())
627 dcred.set_issuer(user_key, user_hrn)
628 dcred.set_parent(object_cred)
632 if opts.delegate_user:
633 dest_fn = os.path.join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_"
634 + get_leaf(object_hrn) + ".cred")
635 elif opts.delegate_slice:
636 dest_fn = os.path_join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_slice_"
637 + get_leaf(object_hrn) + ".cred")
639 dcred.save_to_file(dest_fn, save_parents = True)
641 print "delegated credential for", object_hrn, "to", delegee_hrn, "and wrote to", dest_fn
643 # removed named registry record
644 # - have to first retrieve the record to be removed
645 def remove(self,opts, args):
646 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
653 arg_list = [auth_cred, type, hrn]
654 request_hash = self.key.compute_hash(arg_list)
655 return self.registry.remove(auth_cred, type, hrn, request_hash)
657 # add named registry record
658 def add(self,opts, args):
659 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
660 record_filepath = args[0]
661 rec_file = self.get_record_file(record_filepath)
662 record = load_record_from_file(rec_file).as_dict()
665 arg_list = [auth_cred]
666 request_hash = self.key.compute_hash(arg_list)
667 return self.registry.register(auth_cred, record, request_hash)
669 # update named registry entry
670 def update(self,opts, args):
671 user_cred = self.get_user_cred()
672 rec_file = self.get_record_file(args[0])
673 record = load_record_from_file(rec_file)
674 if record['type'] == "user":
675 if record.get_name() == user_cred.get_gid_object().get_hrn():
676 cred = user_cred.save_to_string(save_parents=True)
678 cred = self.get_auth_cred().save_to_string(save_parents=True)
679 elif record['type'] in ["slice"]:
681 cred = self.get_slice_cred(record.get_name()).save_to_string(save_parents=True)
682 except ServerException, e:
683 # XXX smbaker -- once we have better error return codes, update this
684 # to do something better than a string compare
685 if "Permission error" in e.args[0]:
686 cred = self.get_auth_cred().save_to_string(save_parents=True)
689 elif record.get_type() in ["authority"]:
690 cred = self.get_auth_cred().save_to_string(save_parents=True)
691 elif record.get_type() == 'node':
692 cred = self.get_auth_cred().save_to_string(save_parents=True)
694 raise "unknown record type" + record.get_type()
695 record = record.as_dict()
699 request_hash = self.key.compute_hash(arg_list)
700 return self.registry.update(cred, record, request_hash)
702 def get_trusted_certs(self, opts, args):
704 return the trusted certs at this interface
706 trusted_certs = self.registry.get_trusted_certs()
707 for trusted_cert in trusted_certs:
708 cert = Certificate(string=trusted_cert)
709 print cert.get_subject()
712 def aggregates(self, opts, args):
714 return a list of details about known aggregates
716 user_cred = self.get_user_cred().save_to_string(save_parents=True)
722 arg_list = [user_cred, hrn]
723 request_hash = self.key.compute_hash(arg_list)
724 result = self.registry.get_aggregates(user_cred, hrn, request_hash)
728 def registries(self, opts, args):
730 return a list of details about known registries
732 user_cred = self.get_user_cred().save_to_string(save_parents=True)
738 arg_list = [user_cred, hrn]
739 request_hash = self.key.compute_hash(arg_list)
740 result = self.registry.get_registries(user_cred, hrn, request_hash)
746 # Slice-related commands
749 # list available nodes -- use 'resources' w/ no argument instead
751 # list instantiated slices
752 def slices(self,opts, args):
753 user_cred = self.get_user_cred().save_to_string(save_parents=True)
756 arg_list = [user_cred]
757 request_hash = self.key.compute_hash(arg_list)
758 results = self.slicemgr.get_slices(user_cred, request_hash)
759 display_list(results)
762 # show rspec for named slice
763 def resources(self,opts, args):
764 user_cred = self.get_user_cred().save_to_string(save_parents=True)
765 server = self.slicemgr
767 agg_hrn = opts.aggregate
768 arg_list = [user_cred, agg_hrn]
769 request_hash = self.key.compute_hash(arg_list)
770 aggregates = self.registry.get_aggregates(user_cred, agg_hrn, request_hash)
772 raise Exception, "No such aggregate %s" % agg_hrn
773 aggregate = aggregates[0]
774 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
775 server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
777 cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
785 arg_list = [cred, hrn]
786 request_hash = self.key.compute_hash(arg_list)
787 result = server.get_resources(cred, hrn, request_hash)
790 display_rspec(result, format)
791 if (opts.file is not None):
793 if not file.startswith(os.sep):
794 file = os.path.join(self.options.sfi_dir, file)
795 save_rspec_to_file(result, file)
798 # created named slice with given rspec
799 def create(self,opts, args):
801 user_cred = self.get_user_cred()
802 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
803 rspec_file = self.get_rspec_file(args[1])
804 rspec=open(rspec_file).read()
805 server = self.slicemgr
807 aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
809 raise Exception, "No such aggregate %s" % opts.aggregate
810 aggregate = aggregates[0]
811 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
812 server = GeniClient(url, self.key_file, self.cert_file, self.options.protocol)
815 arg_list = [slice_cred, slice_hrn, rspec]
816 request_hash = self.key.compute_hash(arg_list)
817 return server.create_slice(slice_cred, slice_hrn, rspec, request_hash)
819 # get a ticket for the specified slice
820 def get_ticket(self, opts, args):
821 slice_hrn, rspec_path = args[0], args[1]
822 user_cred = self.get_user_cred()
823 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
824 rspec_file = self.get_rspec_file(rspec_path)
825 rspec=open(rspec_file).read()
826 server = self.slicemgr
828 aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
830 raise Exception, "No such aggregate %s" % opts.aggregate
831 aggregate = aggregates[0]
832 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
833 server = GeniClient(url, self.key_file, self.cert_file, self.options.protocol)
836 arg_list = [slice_cred, slice_hrn, rspec]
837 request_hash = self.key.compute_hash(arg_list)
838 ticket_string = server.get_ticket(slice_cred, slice_hrn, rspec, request_hash)
839 file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
840 print "writing ticket to ", file
841 ticket = SfaTicket(string=ticket_string)
842 ticket.save_to_file(filename=file, save_parents=True)
844 def redeem_ticket(self, opts, args):
845 ticket_file = args[0]
847 # get slice hrn from the ticket
848 # use this to get the right slice credential
849 ticket = SfaTicket(filename=ticket_file)
851 slice_hrn = ticket.attributes['slivers'][0]['hrn']
852 user_cred = self.get_user_cred()
853 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
855 # get a list node hostnames from the nodespecs in the rspec
857 rspec.parseString(ticket.rspec)
858 nodespecs = rspec.getDictsByTagName('NodeSpec')
859 hostnames = [nodespec['name'] for nodespec in nodespecs]
861 # create an xmlrpc connection to the component manager at each of these
862 # components and gall redeem_ticket
864 for hostname in hostnames:
867 url = "https://%(hostname)s:%(cm_port)s" % locals()
868 print "Calling get_ticket at %(url)s " % locals(),
869 cm = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
870 cm.redeem_ticket(slice_cred, ticket.save_to_string(save_parents=True))
872 except socket.gaierror:
874 print "Componet Manager not accepting requests"
876 print "Failed:", e.message
881 def delete(self,opts, args):
883 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
886 arg_list = [slice_cred, slice_hrn]
887 request_hash = self.key.compute_hash(arg_list)
888 return self.slicemgr.delete_slice(slice_cred, slice_hrn, request_hash)
891 def start(self,opts, args):
893 slice_cred = self.get_slice_cred(args[0])
896 arg_list = [slice_cred, slice_hrn]
897 request_hash = self.key.compute_hash(arg_list)
898 return self.slicemgr.start_slice(slice_cred, slice_hrn, request_hash)
901 def stop(self,opts, args):
903 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
906 arg_list = [slice_cred, slice_hrn]
907 request_hash = self.key.compute_hash(arg_list)
908 return self.slicemgr.stop_slice(slice_cred, slice_hrn, request_hash)
911 def reset(self,opts, args):
913 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
916 arg_list = [slice_cred, slice_hrn]
917 request_hash = self.key.compute_hash(arg_list)
918 return self.slicemgr.reset_slice(slice_cred, slice_hrn, request_hash)
921 # Main: parse arguments and dispatch to command
924 parser = self.create_parser()
925 (options, args) = parser.parse_args()
926 self.options = options
928 if options.hashrequest:
929 self.hashrequest=True
932 print "No command given. Use -h for help."
936 (cmd_opts, cmd_args) = self.create_cmd_parser(command).parse_args(args[1:])
937 if self.options.verbose :
938 print "Registry %s, sm %s, dir %s, user %s, auth %s" % (options.registry, options.sm,
939 options.sfi_dir, options.user,
941 print "Command %s" %command
942 if command in ("resources"):
943 print "resources cmd_opts %s" %cmd_opts.format
944 elif command in ("list","show","remove"):
945 print "cmd_opts.type %s" %cmd_opts.type
946 print "cmd_args %s" %cmd_args
951 self.dispatch(command, cmd_opts, cmd_args)
954 print "Command not found:", command
959 if __name__=="__main__":