3 # sfi -- slice-based facility interface
13 from lxml import etree
14 from StringIO import StringIO
15 from types import StringTypes, ListType
16 from optparse import OptionParser
20 from sfa.trust.certificate import Keypair, Certificate
21 from sfa.trust.credential import Credential
22 from sfa.util.sfaticket import SfaTicket
23 from sfa.util.record import SfaRecord, UserRecord, SliceRecord, NodeRecord, AuthorityRecord
24 from sfa.util.namespace import get_leaf, get_authority, hrn_to_urn
25 from sfa.util.xmlrpcprotocol import ServerException
26 import sfa.util.xmlrpcprotocol as xmlrpcprotocol
27 from sfa.util.config import Config
28 from sfa.util.sfalogging import console_logger
34 # utility methods here
36 def display_rspec(rspec, format='rspec'):
38 tree = etree.parse(StringIO(rspec))
40 result = root.xpath("./network/site/node/hostname/text()")
41 elif format in ['ip']:
42 # The IP address is not yet part of the new RSpec
43 # so this doesn't do anything yet.
44 tree = etree.parse(StringIO(rspec))
46 result = root.xpath("./network/site/node/ipv4/text()")
53 def display_list(results):
54 for result in results:
57 def display_records(recordList, dump=False):
58 ''' Print all fields in the record'''
59 for record in recordList:
60 display_record(record, dump)
62 def display_record(record, dump=False):
66 info = record.getdict()
67 print "%s (%s)" % (info['hrn'], info['type'])
71 def filter_records(type, records):
73 for record in records:
74 if (record['type'] == type) or (type == "all"):
75 filtered_records.append(record)
76 return filtered_records
80 def save_rspec_to_file(rspec, filename):
81 if not filename.endswith(".rspec"):
82 filename = filename + ".rspec"
84 f = open(filename, 'w')
89 def save_records_to_file(filename, recordList):
91 for record in recordList:
93 save_record_to_file(filename + "." + str(index), record)
95 save_record_to_file(filename, record)
98 def save_record_to_file(filename, record):
99 if record['type'] in ['user']:
100 record = UserRecord(dict=record)
101 elif record['type'] in ['slice']:
102 record = SliceRecord(dict=record)
103 elif record['type'] in ['node']:
104 record = NodeRecord(dict=record)
105 elif record['type'] in ['authority', 'ma', 'sa']:
106 record = AuthorityRecord(dict=record)
108 record = SfaRecord(dict=record)
109 str = record.save_to_string()
110 file(filename, "w").write(str)
115 def load_record_from_file(filename):
116 str = file(filename, "r").read()
117 record = SfaRecord(string=str)
128 self.authority = None
130 self.hashrequest = False
131 self.logger=console_logger
133 def create_cmd_parser(self, command, additional_cmdargs=None):
134 cmdargs = {"list": "name",
139 "aggregates": "[name]",
140 "registries": "[name]",
142 "get_trusted_certs": "cred",
144 "resources": "[name]",
145 "create": "name rspec",
146 "get_ticket": "name rspec",
147 "redeem_ticket": "ticket",
159 if additional_cmdargs:
160 cmdargs.update(additional_cmdargs)
162 if command not in cmdargs:
163 msg="Invalid command\n"
165 msg += ','.join(cmdargs.keys())
166 self.logger.critical(msg)
169 parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
170 % (command, cmdargs[command]))
172 # user specifies remote aggregate/sm/component
173 if command in ("resources", "slices", "create", "delete", "start", "stop",
174 "restart", "shutdown", "get_ticket", "renew", "status"):
175 parser.add_option("-a", "--aggregate", dest="aggregate",
176 default=None, help="aggregate host")
177 parser.add_option("-p", "--port", dest="port",
178 default=AGGREGATE_PORT, help="aggregate port")
179 parser.add_option("-c", "--component", dest="component", default=None,
180 help="component hrn")
181 parser.add_option("-d", "--delegate", dest="delegate", default=None,
183 help="Include a credential delegated to the user's root"+\
184 "authority in set of credentials for this call")
186 # registy filter option
187 if command in ("list", "show", "remove"):
188 parser.add_option("-t", "--type", dest="type", type="choice",
189 help="type filter ([all]|user|slice|authority|node|aggregate)",
190 choices=("all", "user", "slice", "authority", "node", "aggregate"),
193 if command in ("resources"):
194 parser.add_option("-f", "--format", dest="format", type="choice",
195 help="display format ([xml]|dns|ip)", default="xml",
196 choices=("xml", "dns", "ip"))
198 if command in ("resources", "show", "list"):
199 parser.add_option("-o", "--output", dest="file",
200 help="output XML to file", metavar="FILE", default=None)
202 if command in ("show", "list"):
203 parser.add_option("-f", "--format", dest="format", type="choice",
204 help="display format ([text]|xml)", default="text",
205 choices=("text", "xml"))
207 if command in ("delegate"):
208 parser.add_option("-u", "--user",
209 action="store_true", dest="delegate_user", default=False,
210 help="delegate user credential")
211 parser.add_option("-s", "--slice", dest="delegate_slice",
212 help="delegate slice credential", metavar="HRN", default=None)
217 def create_parser(self):
219 # Generate command line parser
220 parser = OptionParser(usage="sfi [options] command [command_options] [command_args]",
221 description="Commands: gid,list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
222 parser.add_option("-r", "--registry", dest="registry",
223 help="root registry", metavar="URL", default=None)
224 parser.add_option("-s", "--slicemgr", dest="sm",
225 help="slice manager", metavar="URL", default=None)
226 default_sfi_dir = os.path.expanduser("~/.sfi/")
227 parser.add_option("-d", "--dir", dest="sfi_dir",
228 help="config & working directory - default is " + default_sfi_dir,
229 metavar="PATH", default=default_sfi_dir)
230 parser.add_option("-u", "--user", dest="user",
231 help="user name", metavar="HRN", default=None)
232 parser.add_option("-a", "--auth", dest="auth",
233 help="authority name", metavar="HRN", default=None)
234 parser.add_option("-v", "--verbose",
235 action="store_true", dest="verbose", default=False,
237 parser.add_option("-D", "--debug",
238 action="store_true", dest="debug", default=False,
239 help="Debug (xml-rpc) protocol messages")
240 parser.add_option("-p", "--protocol",
241 dest="protocol", default="xmlrpc",
242 help="RPC protocol (xmlrpc or soap)")
243 parser.add_option("-k", "--hashrequest",
244 action="store_true", dest="hashrequest", default=False,
245 help="Create a hash of the request that will be authenticated on the server")
246 parser.disable_interspersed_args()
252 # Establish Connection to SliceMgr and Registry Servers
254 def set_servers(self):
255 config_file = self.options.sfi_dir + os.sep + "sfi_config"
257 config = Config (config_file)
259 self.logger.critical("Failed to read configuration file %s"%config_file)
260 self.logger.info("Make sure to remove the export clauses and to add quotes")
261 if not self.options.verbose:
262 self.logger.info("Re-run with -v for more details")
264 self.logger.log_exc("Could not read config file %s"%config_file)
269 if (self.options.sm is not None):
270 sm_url = self.options.sm
271 elif hasattr(config, "SFI_SM"):
272 sm_url = config.SFI_SM
274 self.logger.error("You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s" % config_file)
278 if (self.options.registry is not None):
279 reg_url = self.options.registry
280 elif hasattr(config, "SFI_REGISTRY"):
281 reg_url = config.SFI_REGISTRY
283 self.logger.errors("You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file)
288 if (self.options.user is not None):
289 self.user = self.options.user
290 elif hasattr(config, "SFI_USER"):
291 self.user = config.SFI_USER
293 self.logger.errors("You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file)
297 if (self.options.auth is not None):
298 self.authority = self.options.auth
299 elif hasattr(config, "SFI_AUTH"):
300 self.authority = config.SFI_AUTH
302 self.logger.error("You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file)
309 # Get key and certificate
310 key_file = self.get_key_file()
311 cert_file = self.get_cert_file(key_file)
312 self.key = Keypair(filename=key_file)
313 self.key_file = key_file
314 self.cert_file = cert_file
315 self.cert = Certificate(filename=cert_file)
316 # Establish connection to server(s)
317 self.logger.info("Contacting Registry at: %s"%reg_url)
318 self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file, self.options)
319 self.logger.info("Contacting Slice Manager at: %s"%sm_url)
320 self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file, self.options)
325 # Get various credential and spec files
327 # Establishes limiting conventions
328 # - conflates MAs and SAs
329 # - assumes last token in slice name is unique
331 # Bootstraps credentials
332 # - bootstrap user credential from self-signed certificate
333 # - bootstrap authority credential from user credential
334 # - bootstrap slice credential from user credential
338 def get_key_file(self):
339 file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".pkey")
340 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".pkey")
341 if (os.path.isfile(file)):
344 self.logger.error("Key file %s does not exist"%file)
348 def get_cert_file(self, key_file):
350 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cert")
351 file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert")
352 if (os.path.isfile(file)):
355 k = Keypair(filename=key_file)
356 cert = Certificate(subject=self.user)
358 cert.set_issuer(k, self.user)
360 self.logger.info("Writing self-signed certificate to %s"%file)
361 cert.save_to_file(file)
364 def get_cached_gid(self, file):
369 if (os.path.isfile(file)):
370 gid = GID(filename=file)
373 def get_gid(self, opts, args):
377 gid = self._get_gid(hrn)
378 self.logger.debug("Sfi.get_gid-> %s",gid.save_to_string(save_parents=True))
381 def _get_gid(self, hrn=None):
385 gidfile = os.path.join(self.options.sfi_dir, hrn + ".gid")
386 gid = self.get_cached_gid(gidfile)
388 user_cred = self.get_user_cred()
389 records = self.registry.Resolve(hrn, user_cred.save_to_string(save_parents=True))
391 raise RecordNotFound(args[0])
392 gid = GID(string=records[0]['gid'])
393 self.logger.info("Writing gid to %s"%gidfile)
394 gid.save_to_file(filename=gidfile)
398 def get_cached_credential(self, file):
400 Return a cached credential only if it hasn't expired.
402 if (os.path.isfile(file)):
403 credential = Credential(filename=file)
404 # make sure it isnt expired
405 if not credential.get_lifetime or \
406 datetime.datetime.today() < credential.get_lifetime():
410 def get_user_cred(self):
411 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cred")
412 file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cred")
413 return self.get_cred(file, 'user', self.user)
415 def get_auth_cred(self):
416 if not self.authority:
417 self.logger.critical("no authority specified. Use -a or set SF_AUTH")
419 file = os.path.join(self.options.sfi_dir, get_leaf("authority") + ".cred")
420 return self.get_cred(file, 'authority', self.authority)
422 def get_slice_cred(self, name):
423 file = os.path.join(self.options.sfi_dir, "slice_" + get_leaf(name) + ".cred")
424 return self.get_cred(file, 'slice', name)
426 def get_cred(self, file, type, hrn):
427 # attempt to load a cached credential
428 cred = self.get_cached_credential(file)
431 cert_string = self.cert.save_to_string(save_parents=True)
432 user_name = self.user.replace(self.authority + ".", '')
433 if user_name.count(".") > 0:
434 user_name = user_name.replace(".", '_')
435 self.user = self.authority + "." + user_name
436 cred_str = self.registry.get_self_credential(cert_string, "user", hrn)
438 # bootstrap slice credential from user credential
439 user_cred = self.get_user_cred().save_to_string(save_parents=True)
440 cred_str = self.registry.get_credential(user_cred, type, hrn)
443 self.logger.critical("Failed to get %s credential" % type)
446 cred = Credential(string=cred_str)
447 cred.save_to_file(file, save_parents=True)
448 self.logger.info("Writing %s credential to %s" %(type, file))
453 def get_rspec_file(self, rspec):
454 if (os.path.isabs(rspec)):
457 file = os.path.join(self.options.sfi_dir, rspec)
458 if (os.path.isfile(file)):
461 self.logger.critical("No such rspec file"%rspec)
464 def get_record_file(self, record):
465 if (os.path.isabs(record)):
468 file = os.path.join(self.options.sfi_dir, record)
469 if (os.path.isfile(file)):
472 self.logger.critical("No such registry record file %s"%record)
475 def load_publickey_string(self, fn):
477 key_string = f.read()
479 # if the filename is a private key file, then extract the public key
480 if "PRIVATE KEY" in key_string:
481 outfn = tempfile.mktemp()
482 cmd = "openssl rsa -in " + fn + " -pubout -outform PEM -out " + outfn
485 key_string = f.read()
490 def get_component_server_from_hrn(self, hrn):
491 # direct connection to the nodes component manager interface
492 user_cred = self.get_user_cred().save_to_string(save_parents=True)
493 records = self.registry.Resolve(hrn, user_cred)
494 records = filter_records('node', records)
496 self.logger.warning("No such component:%r"% opts.component)
499 return self.get_server(record['hostname'], CM_PORT, self.key_file, \
500 self.cert_file, self.options)
502 def get_server(self, host, port, keyfile, certfile):
504 Return an instnace of an xmlrpc server connection
506 url = "http://%s:%s" % (host, port)
507 return xmlrpcprotocol.get_server(url, keyfile, certfile, self.options)
509 def get_server_from_opts(self, opts):
511 Return instance of an xmlrpc connection to a slice manager, aggregate
512 or component server depending on the specified opts
514 server = self.slicemgr
515 # direct connection to an aggregate
516 if hasattr(opts, 'aggregate') and opts.aggregate:
517 server = self.get_server(opts.aggregate, opts.port, self.key_file, self.cert_file)
518 # direct connection to the nodes component manager interface
519 if hasattr(opts, 'component') and opts.component:
520 server = self.get_component_server_from_hrn(opts.component)
523 #==========================================================================
524 # Following functions implement the commands
526 # Registry-related commands
527 #==========================================================================
529 def dispatch(self, command, cmd_opts, cmd_args):
530 return getattr(self, command)(cmd_opts, cmd_args)
532 # list entires in named authority registry
533 def list(self, opts, args):
534 user_cred = self.get_user_cred().save_to_string(save_parents=True)
537 list = self.registry.List(hrn, user_cred)
539 raise Exception, "Not enough parameters for the 'list' command"
541 # filter on person, slice, site, node, etc.
542 # THis really should be in the self.filter_records funct def comment...
543 list = filter_records(opts.type, list)
545 print "%s (%s)" % (record['hrn'], record['type'])
548 if not file.startswith(os.sep):
549 file = os.path.join(self.options.sfi_dir, file)
550 save_records_to_file(file, list)
553 # show named registry record
554 def show(self, opts, args):
555 user_cred = self.get_user_cred().save_to_string(save_parents=True)
557 records = self.registry.Resolve(hrn, user_cred)
558 records = filter_records(opts.type, records)
560 print "No record of type", opts.type
561 for record in records:
562 if record['type'] in ['user']:
563 record = UserRecord(dict=record)
564 elif record['type'] in ['slice']:
565 record = SliceRecord(dict=record)
566 elif record['type'] in ['node']:
567 record = NodeRecord(dict=record)
568 elif record['type'] in ['authority', 'ma', 'sa']:
569 record = AuthorityRecord(dict=record)
571 record = SfaRecord(dict=record)
572 if (opts.format == "text"):
575 print record.save_to_string()
579 if not file.startswith(os.sep):
580 file = os.path.join(self.options.sfi_dir, file)
581 save_records_to_file(file, records)
584 def delegate(self, opts, args):
586 delegee_hrn = args[0]
587 if opts.delegate_user:
588 user_cred = self.get_user_cred()
589 cred = self.delegate_cred(user_cred, delegee_hrn)
590 elif opts.delegate_slice:
591 slice_cred = self.get_slice_cred(opts.delegate_slice)
592 cred = self.delegate_cred(slice_cred, delegee_hrn)
594 self.logger.warning("Must specify either --user or --slice <hrn>")
596 delegated_cred = Credential(string=cred)
597 object_hrn = delegated_cred.get_gid_object().get_hrn()
598 if opts.delegate_user:
599 dest_fn = os.path.join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_"
600 + get_leaf(object_hrn) + ".cred")
601 elif opts.delegate_slice:
602 dest_fn = os.path.join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_slice_"
603 + get_leaf(object_hrn) + ".cred")
605 delegated_cred.save_to_file(dest_fn, save_parents=True)
607 self.logger.info("delegated credential for %s to %s and wrote to %s"%(object_hrn, delegee_hrn,dest_fn))
609 def delegate_cred(self, object_cred, hrn):
610 # the gid and hrn of the object we are delegating
611 if isinstance(object_cred, str):
612 object_cred = Credential(string=object_cred)
613 object_gid = object_cred.get_gid_object()
614 object_hrn = object_gid.get_hrn()
616 if not object_cred.get_privileges().get_all_delegate():
617 self.logger.error("Object credential %s does not have delegate bit set"%object_hrn)
620 # the delegating user's gid
621 caller_gid = self._get_gid(self.user)
622 caller_gidfile = os.path.join(self.options.sfi_dir, self.user + ".gid")
624 # the gid of the user who will be delegated to
625 delegee_gid = self._get_gid(hrn)
626 delegee_hrn = delegee_gid.get_hrn()
627 delegee_gidfile = os.path.join(self.options.sfi_dir, delegee_hrn + ".gid")
628 delegee_gid.save_to_file(filename=delegee_gidfile)
629 dcred = object_cred.delegate(delegee_gidfile, self.get_key_file(), caller_gidfile)
630 return dcred.save_to_string(save_parents=True)
632 # removed named registry record
633 # - have to first retrieve the record to be removed
634 def remove(self, opts, args):
635 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
640 return self.registry.Remove(hrn, auth_cred, type)
642 # add named registry record
643 def add(self, opts, args):
644 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
645 record_filepath = args[0]
646 rec_file = self.get_record_file(record_filepath)
647 record = load_record_from_file(rec_file).as_dict()
648 return self.registry.Register(record, auth_cred)
650 # update named registry entry
651 def update(self, opts, args):
652 user_cred = self.get_user_cred()
653 rec_file = self.get_record_file(args[0])
654 record = load_record_from_file(rec_file)
655 if record['type'] == "user":
656 if record.get_name() == user_cred.get_gid_object().get_hrn():
657 cred = user_cred.save_to_string(save_parents=True)
659 cred = self.get_auth_cred().save_to_string(save_parents=True)
660 elif record['type'] in ["slice"]:
662 cred = self.get_slice_cred(record.get_name()).save_to_string(save_parents=True)
663 except ServerException, e:
664 # XXX smbaker -- once we have better error return codes, update this
665 # to do something better than a string compare
666 if "Permission error" in e.args[0]:
667 cred = self.get_auth_cred().save_to_string(save_parents=True)
670 elif record.get_type() in ["authority"]:
671 cred = self.get_auth_cred().save_to_string(save_parents=True)
672 elif record.get_type() == 'node':
673 cred = self.get_auth_cred().save_to_string(save_parents=True)
675 raise "unknown record type" + record.get_type()
676 record = record.as_dict()
677 return self.registry.Update(record, cred)
679 def get_trusted_certs(self, opts, args):
681 return uhe trusted certs at this interface
683 trusted_certs = self.registry.get_trusted_certs()
684 for trusted_cert in trusted_certs:
685 cert = Certificate(string=trusted_cert)
686 self.logger.debug('Sfi.get_trusted_certs -> %r'%cert.get_subject())
689 def aggregates(self, opts, args):
691 return a list of details about known aggregates
693 user_cred = self.get_user_cred().save_to_string(save_parents=True)
698 result = self.registry.get_aggregates(user_cred, hrn)
702 def registries(self, opts, args):
704 return a list of details about known registries
706 user_cred = self.get_user_cred().save_to_string(save_parents=True)
710 result = self.registry.get_registries(user_cred, hrn)
715 # ==================================================================
716 # Slice-related commands
717 # ==================================================================
720 def version(self, opts, args):
721 server = self.get_server_from_opts(opts)
723 print server.GetVersion()
725 # list instantiated slices
726 def slices(self, opts, args):
728 list instantiated slices
730 user_cred = self.get_user_cred().save_to_string(save_parents=True)
733 delegated_cred = self.delegate_cred(user_cred, get_authority(self.authority))
734 creds.append(delegated_cred)
735 server = self.get_server_from_opts(opts)
736 results = server.ListSlices(creds)
737 display_list(results)
740 # show rspec for named slice
741 def resources(self, opts, args):
742 user_cred = self.get_user_cred().save_to_string(save_parents=True)
743 server = self.slicemgr
745 server = self.get_server_from_opts(opts)
748 cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
750 call_options = {'geni_slice_urn': hrn_to_urn(hrn, 'slice')}
757 delegated_cred = self.delegate_cred(cred, get_authority(self.authority))
758 creds.append(delegated_cred)
759 result = server.ListResources(creds, call_options)
761 display_rspec(result, format)
762 if (opts.file is not None):
764 if not file.startswith(os.sep):
765 file = os.path.join(self.options.sfi_dir, file)
766 save_rspec_to_file(result, file)
769 # created named slice with given rspec
770 def create(self, opts, args):
772 slice_urn = hrn_to_urn(slice_hrn, 'slice')
773 user_cred = self.get_user_cred()
774 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
777 delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
778 creds.append(delegated_cred)
779 rspec_file = self.get_rspec_file(args[1])
780 rspec = open(rspec_file).read()
781 server = self.get_server_from_opts(opts)
782 result = server.CreateSliver(slice_urn, creds, rspec, [])
786 # get a ticket for the specified slice
787 def get_ticket(self, opts, args):
788 slice_hrn, rspec_path = args[0], args[1]
789 slice_urn = hrn_to_urn(slice_hrn, 'slice')
790 user_cred = self.get_user_cred()
791 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
794 delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
795 creds.append(delegated_cred)
796 rspec_file = self.get_rspec_file(rspec_path)
797 rspec = open(rspec_file).read()
798 server = self.get_server_from_opts(opts)
799 ticket_string = server.GetTicket(slice_urn, creds, rspec, [])
800 file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
801 self.logger.info("writing ticket to %s"%file)
802 ticket = SfaTicket(string=ticket_string)
803 ticket.save_to_file(filename=file, save_parents=True)
805 def redeem_ticket(self, opts, args):
806 ticket_file = args[0]
808 # get slice hrn from the ticket
809 # use this to get the right slice credential
810 ticket = SfaTicket(filename=ticket_file)
812 slice_hrn = ticket.gidObject.get_hrn()
813 slice_urn = hrn_to_urn(slice_hrn, 'slice')
814 #slice_hrn = ticket.attributes['slivers'][0]['hrn']
815 user_cred = self.get_user_cred()
816 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
818 # get a list of node hostnames from the RSpec
819 tree = etree.parse(StringIO(ticket.rspec))
820 root = tree.getroot()
821 hostnames = root.xpath("./network/site/node/hostname/text()")
823 # create an xmlrpc connection to the component manager at each of these
824 # components and gall redeem_ticket
826 for hostname in hostnames:
828 self.logger.info("Calling redeem_ticket at %(hostname)s " % locals())
829 server = self.get_server(hostname, CM_PORT, self.key_file, \
830 self.cert_file, self.options.debug)
831 server.RedeemTicket(ticket.save_to_string(save_parents=True), slice_cred)
832 self.logger.info("Success")
833 except socket.gaierror:
834 self.logger.error("redeem_ticket failed: Component Manager not accepting requests")
836 self.logger.log_exc(e.message)
840 def delete(self, opts, args):
842 slice_urn = hrn_to_urn(slice_hrn, 'slice')
843 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
846 delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
847 creds.append(delegated_cred)
848 server = self.get_server_from_opts(opts)
849 return server.DeleteSliver(slice_urn, creds)
852 def start(self, opts, args):
854 slice_urn = hrn_to_urn(slice_hrn, 'slice')
855 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
858 delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
859 creds.append(delegated_cred)
860 server = self.get_server_from_opts(opts)
861 return server.Start(slice_urn, creds)
864 def stop(self, opts, args):
866 slice_urn = hrn_to_urn(slice_hrn, 'slice')
867 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
870 delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
871 creds.append(delegated_cred)
872 server = self.get_server_from_opts(opts)
873 return server.Stop(slice_urn, creds)
876 def reset(self, opts, args):
878 slice_urn = hrn_to_urn(slice_hrn, 'slice')
879 server = self.get_server_from_opts(opts)
880 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
883 delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
884 creds.append(delegated_cred)
885 return server.reset_slice(creds, slice_urn)
887 def renew(self, opts, args):
889 slice_urn = hrn_to_urn(slice_hrn, 'slice')
890 server = self.get_server_from_opts(opts)
891 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
894 delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
895 creds.append(delegated_cred)
897 return server.RenewSliver(slice_urn, creds, time)
900 def status(self, opts, args):
902 slice_urn = hrn_to_urn(slice_hrn, 'slice')
903 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
906 delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
907 creds.append(delegated_cred)
908 server = self.get_server_from_opts(opts)
909 print server.SliverStatus(slice_urn, creds)
912 def shutdown(self, opts, args):
914 slice_urn = hrn_to_urn(slice_hrn, 'slice')
915 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
918 delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
919 creds.append(delegated_cred)
920 server = self.get_server_from_opts(opts)
921 return server.Shutdown(slice_urn, creds)
925 # Main: parse arguments and dispatch to command
928 parser = self.create_parser()
929 (options, args) = parser.parse_args()
930 self.options = options
932 if self.options.verbose: self.logger.setLevel(logging.DEBUG)
933 if options.hashrequest:
934 self.hashrequest = True
937 self.logger.critical("No command given. Use -h for help.")
941 (cmd_opts, cmd_args) = self.create_cmd_parser(command).parse_args(args[1:])
945 self.logger.info("Command %s" % command)
946 self.logger.info("dir %s, user %s, auth %s, reg %s, sm %s" % (
947 self. options.sfi_dir, self.options.user,self.options.auth,
948 self.options.registry, self.options.sm))
949 if command in ("resources"):
950 self.logger.debug("resources cmd_opts %s" % cmd_opts.format)
951 elif command in ("list", "show", "remove"):
952 self.logger.debug("cmd_opts.type %s" % cmd_opts.type)
953 self.logger.debug('cmd_args %s',cmd_args)
956 self.dispatch(command, cmd_opts, cmd_args)
958 self.logger.critical ("Unknown command %s"%command)
963 if __name__ == "__main__":