3 # sfi -- slice-based facility interface
13 from lxml import etree
14 from StringIO import StringIO
15 from types import StringTypes, ListType
16 from optparse import OptionParser
17 from sfa.trust.certificate import Keypair, Certificate
18 from sfa.trust.credential import Credential
19 from sfa.util.sfaticket import SfaTicket
20 from sfa.util.record import *
21 from sfa.util.namespace import *
22 from sfa.util.xmlrpcprotocol import ServerException
23 import sfa.util.xmlrpcprotocol as xmlrpcprotocol
24 from sfa.util.config import Config
30 # utility methods here
32 def display_rspec(rspec, format='rspec'):
34 tree = etree.parse(StringIO(rspec))
36 result = root.xpath("./network/site/node/hostname/text()")
37 elif format in ['ip']:
38 # The IP address is not yet part of the new RSpec
39 # so this doesn't do anything yet.
40 tree = etree.parse(StringIO(rspec))
42 result = root.xpath("./network/site/node/ipv4/text()")
49 def display_list(results):
50 for result in results:
54 def display_records(recordList, dump=False):
55 ''' Print all fields in the record'''
56 for record in recordList:
57 display_record(record, dump)
59 def display_record(record, dump=False):
63 info = record.getdict()
64 print "%s (%s)" % (info['hrn'], info['type'])
68 def filter_records(type, records):
70 for record in records:
71 if (record['type'] == type) or (type == "all"):
72 filtered_records.append(record)
73 return filtered_records
77 def save_rspec_to_file(rspec, filename):
78 if not filename.endswith(".rspec"):
79 filename = filename + ".rspec"
81 f = open(filename, 'w')
86 def save_records_to_file(filename, recordList):
88 for record in recordList:
90 save_record_to_file(filename + "." + str(index), record)
92 save_record_to_file(filename, record)
95 def save_record_to_file(filename, record):
96 if record['type'] in ['user']:
97 record = UserRecord(dict=record)
98 elif record['type'] in ['slice']:
99 record = SliceRecord(dict=record)
100 elif record['type'] in ['node']:
101 record = NodeRecord(dict=record)
102 elif record['type'] in ['authority', 'ma', 'sa']:
103 record = AuthorityRecord(dict=record)
105 record = SfaRecord(dict=record)
106 str = record.save_to_string()
107 file(filename, "w").write(str)
112 def load_record_from_file(filename):
113 str = file(filename, "r").read()
114 record = SfaRecord(string=str)
129 def create_cmd_parser(self, command, additional_cmdargs=None):
130 cmdargs = {"gid": "",
136 "aggregates": "[name]",
137 "registries": "[name]",
139 "resources": "[name]",
140 "create": "name rspec",
141 "get_trusted_certs": "cred",
142 "get_ticket": "name rspec",
143 "redeem_ticket": "ticket",
149 "GetVersion": "name",
150 "ListResources": "name",
151 "CreateSliver": "name",
152 "get_geni_aggregates": "name",
153 "DeleteSliver": "name",
154 "SliverStatus": "name",
155 "RenewSliver": "name",
159 if additional_cmdargs:
160 cmdargs.update(additional_cmdargs)
162 if command not in cmdargs:
163 print "Invalid command\n"
165 for key in cmdargs.keys():
170 parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
171 % (command, cmdargs[command]))
173 if command in ("resources"):
174 parser.add_option("-f", "--format", dest="format", type="choice",
175 help="display format ([xml]|dns|ip)", default="xml",
176 choices=("xml", "dns", "ip"))
178 if command in ("resources", "slices", "create", "delete", "start", "stop", "get_ticket"):
179 parser.add_option("-a", "--aggregate", dest="aggregate",
180 default=None, help="aggregate host")
181 parser.add_option("-p", "--port", dest="port",
182 default=AGGREGATE_PORT, help="aggregate port")
184 if command in ("start", "stop", "reset", "delete", "slices"):
185 parser.add_option("-c", "--component", dest="component", default=None,
186 help="component hrn")
188 if command in ("list", "show", "remove"):
189 parser.add_option("-t", "--type", dest="type", type="choice",
190 help="type filter ([all]|user|slice|sa|ma|node|aggregate)",
191 choices=("all", "user", "slice", "sa", "ma", "node", "aggregate"),
194 if command in ("resources", "show", "list"):
195 parser.add_option("-o", "--output", dest="file",
196 help="output XML to file", metavar="FILE", default=None)
198 if command in ("show", "list"):
199 parser.add_option("-f", "--format", dest="format", type="choice",
200 help="display format ([text]|xml)", default="text",
201 choices=("text", "xml"))
203 if command in ("delegate"):
204 parser.add_option("-u", "--user",
205 action="store_true", dest="delegate_user", default=False,
206 help="delegate user credential")
207 parser.add_option("-s", "--slice", dest="delegate_slice",
208 help="delegate slice credential", metavar="HRN", default=None)
213 def create_parser(self):
215 # Generate command line parser
216 parser = OptionParser(usage="sfi [options] command [command_options] [command_args]",
217 description="Commands: gid,list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
218 parser.add_option("-g", "--geni_am", dest="geni_am",
219 help="geni am", metavar="URL", default=None)
220 parser.add_option("-r", "--registry", dest="registry",
221 help="root registry", metavar="URL", default=None)
222 parser.add_option("-s", "--slicemgr", dest="sm",
223 help="slice manager", metavar="URL", default=None)
224 default_sfi_dir = os.path.expanduser("~/.sfi/")
225 parser.add_option("-d", "--dir", dest="sfi_dir",
226 help="config & working directory - default is " + default_sfi_dir,
227 metavar="PATH", default=default_sfi_dir)
228 parser.add_option("-u", "--user", dest="user",
229 help="user name", metavar="HRN", default=None)
230 parser.add_option("-a", "--auth", dest="auth",
231 help="authority name", metavar="HRN", default=None)
232 parser.add_option("-v", "--verbose",
233 action="store_true", dest="verbose", default=False,
235 parser.add_option("-D", "--debug",
236 action="store_true", dest="debug", default=False,
237 help="Debug (xml-rpc) protocol messages")
238 parser.add_option("-p", "--protocol",
239 dest="protocol", default="xmlrpc",
240 help="RPC protocol (xmlrpc or soap)")
241 parser.add_option("-k", "--hashrequest",
242 action="store_true", dest="hashrequest", default=False,
243 help="Create a hash of the request that will be authenticated on the server")
244 parser.disable_interspersed_args()
250 # Establish Connection to SliceMgr and Registry Servers
252 def set_servers(self):
253 config_file = self.options.sfi_dir + os.sep + "sfi_config"
255 config = Config (config_file)
257 print "Failed to read configuration file", config_file
258 print "Make sure to remove the export clauses and to add quotes"
259 if not self.options.verbose:
260 print "Re-run with -v for more details"
262 traceback.print_exc()
267 if (self.options.sm is not None):
268 sm_url = self.options.sm
269 elif hasattr(config, "SFI_SM"):
270 sm_url = config.SFI_SM
272 print "You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s" % config_file
276 if (self.options.registry is not None):
277 reg_url = self.options.registry
278 elif hasattr(config, "SFI_REGISTRY"):
279 reg_url = config.SFI_REGISTRY
281 print "You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file
285 if (self.options.geni_am is not None):
286 geni_am_url = self.options.geni_am
287 elif hasattr(config, "SFI_GENI_AM"):
288 geni_am_url = config.SFI_GENI_AM
291 if (self.options.user is not None):
292 self.user = self.options.user
293 elif hasattr(config, "SFI_USER"):
294 self.user = config.SFI_USER
296 print "You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file
300 if (self.options.auth is not None):
301 self.authority = self.options.auth
302 elif hasattr(config, "SFI_AUTH"):
303 self.authority = config.SFI_AUTH
305 print "You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file
311 if self.options.verbose :
312 print "Contacting Slice Manager at:", sm_url
313 print "Contacting Registry at:", reg_url
315 # Get key and certificate
316 key_file = self.get_key_file()
317 cert_file = self.get_cert_file(key_file)
318 self.key = Keypair(filename=key_file)
319 self.key_file = key_file
320 self.cert_file = cert_file
321 self.cert = Certificate(filename=cert_file)
322 # Establish connection to server(s)
323 self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file, self.options.debug)
324 self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file, self.options.debug)
325 self.geni_am = xmlrpcprotocol.get_server(geni_am_url, key_file, cert_file, self.options.debug)
330 # Get various credential and spec files
332 # Establishes limiting conventions
333 # - conflates MAs and SAs
334 # - assumes last token in slice name is unique
336 # Bootstraps credentials
337 # - bootstrap user credential from self-signed certificate
338 # - bootstrap authority credential from user credential
339 # - bootstrap slice credential from user credential
343 def get_key_file(self):
344 file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".pkey")
345 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".pkey")
346 if (os.path.isfile(file)):
349 print "Key file", file, "does not exist"
353 def get_cert_file(self, key_file):
355 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cert")
356 file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert")
357 if (os.path.isfile(file)):
360 k = Keypair(filename=key_file)
361 cert = Certificate(subject=self.user)
363 cert.set_issuer(k, self.user)
365 if self.options.verbose :
366 print "Writing self-signed certificate to", file
367 cert.save_to_file(file)
371 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".gid")
372 file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".gid")
373 if (os.path.isfile(file)):
374 gid = GID(filename=file)
377 cert_str = self.cert.save_to_string(save_parents=True)
378 gid_str = self.registry.get_gid(cert_str, self.user, "user")
379 gid = GID(string=gid_str)
380 if self.options.verbose:
381 print "Writing user gid to", file
382 gid.save_to_file(file, save_parents=True)
385 def get_cached_credential(self, file):
387 Return a cached credential only if it hasn't expired.
389 if (os.path.isfile(file)):
390 credential = Credential(filename=file)
391 # make sure it isnt expired
392 if not credential.get_lifetime or \
393 datetime.datetime.today() < credential.get_lifefime():
397 def get_user_cred(self):
398 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cred")
399 file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cred")
401 user_cred = self.get_cached_credential(file)
405 # bootstrap user credential
406 cert_string = self.cert.save_to_string(save_parents=True)
407 user_name = self.user.replace(self.authority + ".", '')
408 if user_name.count(".") > 0:
409 user_name = user_name.replace(".", '_')
410 self.user = self.authority + "." + user_name
412 user_cred = self.registry.get_self_credential(cert_string, "user", self.user)
414 cred = Credential(string=user_cred)
415 cred.save_to_file(file, save_parents=True)
416 if self.options.verbose:
417 print "Writing user credential to", file
420 print "Failed to get user credential"
423 def get_auth_cred(self):
424 if not self.authority:
425 print "no authority specified. Use -a or set SF_AUTH"
428 file = os.path.join(self.options.sfi_dir, get_leaf("authority") + ".cred")
429 auth_cred = self.get_cached_credential(file)
433 # bootstrap authority credential from user credential
434 user_cred = self.get_user_cred().save_to_string(save_parents=True)
435 auth_cred = self.registry.get_credential(user_cred, "authority", self.authority)
437 cred = Credential(string=auth_cred)
438 cred.save_to_file(file, save_parents=True)
439 if self.options.verbose:
440 print "Writing authority credential to", file
443 print "Failed to get authority credential"
446 def get_slice_cred(self, name):
447 file = os.path.join(self.options.sfi_dir, "slice_" + get_leaf(name) + ".cred")
448 slice_cred = self.get_cached_credential(file)
452 # bootstrap slice credential from user credential
453 user_cred = self.get_user_cred().save_to_string(save_parents=True)
454 arg_list = [user_cred, "slice", name]
455 slice_cred_str = self.registry.get_credential(user_cred, "slice", name)
457 slice_cred = Credential(string=slice_cred_str)
458 slice_cred.save_to_file(file, save_parents=True)
459 if self.options.verbose:
460 print "Writing slice credential to", file
463 print "Failed to get slice credential"
466 def delegate_cred(self, cred, hrn, type='authority'):
467 # the gid and hrn of the object we are delegating
468 user_cred = Credential(string=cred)
469 object_gid = user_cred.get_gid_object()
470 object_hrn = object_gid.get_hrn()
471 #cred.set_delegate(True)
472 #if not cred.get_delegate():
473 # raise Exception, "Error: Object credential %(object_hrn)s does not have delegate bit set" % locals()
476 records = self.registry.resolve(cred, hrn)
477 records = filter_records(type, records)
480 raise Exception, "Error: Didn't find a %(type)s record for %(hrn)s" % locals()
482 # the gid of the user who will be delegated too
483 record = SfaRecord(dict=records[0])
484 delegee_gid = record.get_gid_object()
485 delegee_hrn = delegee_gid.get_hrn()
487 # the key and hrn of the user who will be delegating
488 user_key = Keypair(filename=self.get_key_file())
489 user_hrn = user_cred.get_gid_caller().get_hrn()
491 dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
492 dcred.set_gid_caller(delegee_gid)
493 dcred.set_gid_object(object_gid)
494 dcred.set_privileges(user_cred.get_privileges())
495 dcred.get_privileges().delegate_all_privileges(True)
498 # Save the issuer's gid to a file
499 fname = self.options.sfi_dir + os.sep + "gid_%d" % random.randint(0, 999999999)
501 f.write(user_cred.get_gid_caller().save_to_string())
503 dcred.set_issuer_keys(self.get_key_file(), fname)
506 dcred.set_parent(user_cred)
510 return dcred.save_to_string(save_parents=True)
512 def get_rspec_file(self, rspec):
513 if (os.path.isabs(rspec)):
516 file = os.path.join(self.options.sfi_dir, rspec)
517 if (os.path.isfile(file)):
520 print "No such rspec file", rspec
523 def get_record_file(self, record):
524 if (os.path.isabs(record)):
527 file = os.path.join(self.options.sfi_dir, record)
528 if (os.path.isfile(file)):
531 print "No such registry record file", record
534 def load_publickey_string(self, fn):
536 key_string = f.read()
538 # if the filename is a private key file, then extract the public key
539 if "PRIVATE KEY" in key_string:
540 outfn = tempfile.mktemp()
541 cmd = "openssl rsa -in " + fn + " -pubout -outform PEM -out " + outfn
544 key_string = f.read()
549 def get_component_server_from_hrn(self, hrn):
550 # direct connection to the nodes component manager interface
551 user_cred = self.get_user_cred().save_to_string(save_parents=True)
552 records = self.registry.resolve(user_cred, hrn)
553 records = filter_records('node', records)
555 print "No such component:", opts.component
558 return self.get_server(record['hostname'], CM_PORT, self.key_file, \
559 self.cert_file, self.options.debug)
561 def get_server(self, host, port, keyfile, certfile, debug):
563 Return an instnace of an xmlrpc server connection
565 url = "http://%s:%s" % (host, port)
566 return xmlrpcprotocol.get_server(url, keyfile, certfile, debug)
568 #==========================================================================
569 # Following functions implement the commands
571 # Registry-related commands
572 #==========================================================================
574 def dispatch(self, command, cmd_opts, cmd_args):
575 getattr(self, command)(cmd_opts, cmd_args)
577 def gid(self, opts, args):
579 print "GID: %s" % (gid.save_to_string(save_parents=True))
582 # list entires in named authority registry
583 def list(self, opts, args):
584 user_cred = self.get_user_cred().save_to_string(save_parents=True)
587 list = self.registry.list(user_cred, hrn)
589 raise Exception, "Not enough parameters for the 'list' command"
591 # filter on person, slice, site, node, etc.
592 # THis really should be in the self.filter_records funct def comment...
593 list = filter_records(opts.type, list)
595 print "%s (%s)" % (record['hrn'], record['type'])
598 if not file.startswith(os.sep):
599 file = os.path.join(self.options.sfi_dir, file)
600 save_records_to_file(file, list)
603 # show named registry record
604 def show(self, opts, args):
605 user_cred = self.get_user_cred().save_to_string(save_parents=True)
607 records = self.registry.resolve(user_cred, hrn)
608 records = filter_records(opts.type, records)
610 print "No record of type", opts.type
611 for record in records:
612 if record['type'] in ['user']:
613 record = UserRecord(dict=record)
614 elif record['type'] in ['slice']:
615 record = SliceRecord(dict=record)
616 elif record['type'] in ['node']:
617 record = NodeRecord(dict=record)
618 elif record['type'] in ['authority', 'ma', 'sa']:
619 record = AuthorityRecord(dict=record)
621 record = SfaRecord(dict=record)
622 if (opts.format == "text"):
625 print record.save_to_string()
629 if not file.startswith(os.sep):
630 file = os.path.join(self.options.sfi_dir, file)
631 save_records_to_file(file, records)
634 def delegate(self, opts, args):
635 user_cred = self.get_user_cred()
636 if opts.delegate_user:
637 object_cred = user_cred
638 elif opts.delegate_slice:
639 object_cred = self.get_slice_cred(opts.delegate_slice)
641 print "Must specify either --user or --slice <hrn>"
644 # the gid and hrn of the object we are delegating
645 object_gid = object_cred.get_gid_object()
646 object_hrn = object_gid.get_hrn()
648 if not object_cred.get_privileges().get_all_delegate():
649 print "Error: Object credential", object_hrn, "does not have delegate bit set"
652 records = self.registry.resolve(user_cred.save_to_string(save_parents=True), args[0])
653 records = filter_records("user", records)
656 print "Error: Didn't find a user record for", args[0]
659 # the gid of the user who will be delegated to
660 delegee_gid = GID(string=records[0]['gid'])
661 delegee_hrn = delegee_gid.get_hrn()
663 # the key and hrn of the user who will be delegating
664 user_key = Keypair(filename=self.get_key_file())
665 user_hrn = user_cred.get_gid_caller().get_hrn()
666 subject_string = "%s delegated to %s" % (object_hrn, delegee_hrn)
667 dcred = Credential(subject=subject_string)
668 dcred.set_gid_caller(delegee_gid)
669 dcred.set_gid_object(object_gid)
670 privs = object_cred.get_privileges()
671 dcred.set_privileges(object_cred.get_privileges())
672 dcred.get_privileges().delegate_all_privileges(True)
673 dcred.set_pubkey(object_gid.get_pubkey())
674 dcred.set_issuer(user_key, user_hrn)
675 dcred.set_parent(object_cred)
679 if opts.delegate_user:
680 dest_fn = os.path.join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_"
681 + get_leaf(object_hrn) + ".cred")
682 elif opts.delegate_slice:
683 dest_fn = os.path_join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_slice_"
684 + get_leaf(object_hrn) + ".cred")
686 dcred.save_to_file(dest_fn, save_parents=True)
688 print "delegated credential for", object_hrn, "to", delegee_hrn, "and wrote to", dest_fn
690 # removed named registry record
691 # - have to first retrieve the record to be removed
692 def remove(self, opts, args):
693 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
698 return self.registry.remove(auth_cred, type, hrn)
700 # add named registry record
701 def add(self, opts, args):
702 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
703 record_filepath = args[0]
704 rec_file = self.get_record_file(record_filepath)
705 record = load_record_from_file(rec_file).as_dict()
706 return self.registry.register(auth_cred, record)
708 # update named registry entry
709 def update(self, opts, args):
710 user_cred = self.get_user_cred()
711 rec_file = self.get_record_file(args[0])
712 record = load_record_from_file(rec_file)
713 if record['type'] == "user":
714 if record.get_name() == user_cred.get_gid_object().get_hrn():
715 cred = user_cred.save_to_string(save_parents=True)
717 cred = self.get_auth_cred().save_to_string(save_parents=True)
718 elif record['type'] in ["slice"]:
720 cred = self.get_slice_cred(record.get_name()).save_to_string(save_parents=True)
721 except ServerException, e:
722 # XXX smbaker -- once we have better error return codes, update this
723 # to do something better than a string compare
724 if "Permission error" in e.args[0]:
725 cred = self.get_auth_cred().save_to_string(save_parents=True)
728 elif record.get_type() in ["authority"]:
729 cred = self.get_auth_cred().save_to_string(save_parents=True)
730 elif record.get_type() == 'node':
731 cred = self.get_auth_cred().save_to_string(save_parents=True)
733 raise "unknown record type" + record.get_type()
734 record = record.as_dict()
735 return self.registry.update(cred, record)
737 def get_trusted_certs(self, opts, args):
739 return the trusted certs at this interface
741 trusted_certs = self.registry.get_trusted_certs()
742 for trusted_cert in trusted_certs:
743 cert = Certificate(string=trusted_cert)
744 print cert.get_subject()
747 def aggregates(self, opts, args):
749 return a list of details about known aggregates
751 user_cred = self.get_user_cred().save_to_string(save_parents=True)
756 result = self.registry.get_aggregates(user_cred, hrn)
760 def get_geni_aggregates(self, opts, args):
762 return a list of details about known aggregates
764 user_cred = self.get_user_cred().save_to_string(save_parents=True)
769 result = self.registry.get_geni_aggregates(user_cred, hrn)
774 def registries(self, opts, args):
776 return a list of details about known registries
778 user_cred = self.get_user_cred().save_to_string(save_parents=True)
782 result = self.registry.get_registries(user_cred, hrn)
787 # ==================================================================
788 # Slice-related commands
789 # ==================================================================
792 # list instantiated slices
793 def slices(self, opts, args):
795 list instantiated slices
797 user_cred = self.get_user_cred().save_to_string(save_parents=True)
798 server = self.slicemgr
800 server = self.get_server(opts.aggregate, opts.port, self.key_file, \
801 self.cert_file, self.options.debug)
802 # direct connection to the nodes component manager interface
804 server = self.get_component_server_from_hrn(opts.component)
805 results = server.get_slices(user_cred)
806 display_list(results)
809 # show rspec for named slice
810 def resources(self, opts, args):
811 user_cred = self.get_user_cred().save_to_string(save_parents=True)
812 server = self.slicemgr
814 server = self.get_server(opts.aggregate, opts.port, self.key_file, \
815 self.cert_file, self.options.debug)
817 cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
823 result = server.get_resources(cred, hrn)
826 display_rspec(result, format)
827 if (opts.file is not None):
829 if not file.startswith(os.sep):
830 file = os.path.join(self.options.sfi_dir, file)
831 save_rspec_to_file(result, file)
834 # created named slice with given rspec
835 def create(self, opts, args):
837 user_cred = self.get_user_cred()
838 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
839 rspec_file = self.get_rspec_file(args[1])
840 rspec = open(rspec_file).read()
841 server = self.slicemgr
844 server = self.get_server(opts.aggregate, opts.port, self.key_file, \
845 self.cert_file, self.options.debug)
847 return server.create_slice(slice_cred, slice_hrn, rspec)
849 # get a ticket for the specified slice
850 def get_ticket(self, opts, args):
851 slice_hrn, rspec_path = args[0], args[1]
852 user_cred = self.get_user_cred()
853 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
854 rspec_file = self.get_rspec_file(rspec_path)
855 rspec = open(rspec_file).read()
856 server = self.slicemgr
858 server = self.get_server(opts.aggregate, opts.port, self.key_file, \
859 self.cert_file, self.options.debug)
860 ticket_string = server.get_ticket(slice_cred, slice_hrn, rspec)
861 file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
862 print "writing ticket to ", file
863 ticket = SfaTicket(string=ticket_string)
864 ticket.save_to_file(filename=file, save_parents=True)
866 def redeem_ticket(self, opts, args):
867 ticket_file = args[0]
869 # get slice hrn from the ticket
870 # use this to get the right slice credential
871 ticket = SfaTicket(filename=ticket_file)
873 slice_hrn = ticket.gidObject.get_hrn()
874 #slice_hrn = ticket.attributes['slivers'][0]['hrn']
875 user_cred = self.get_user_cred()
876 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
878 # get a list of node hostnames from the RSpec
879 tree = etree.parse(StringIO(ticket.rspec))
880 root = tree.getroot()
881 hostnames = root.xpath("./network/site/node/hostname/text()")
883 # create an xmlrpc connection to the component manager at each of these
884 # components and gall redeem_ticket
886 for hostname in hostnames:
888 print "Calling redeem_ticket at %(hostname)s " % locals(),
889 server = self.get_server(hostname, CM_PORT, self.key_file, \
890 self.cert_file, self.options.debug)
891 server.redeem_ticket(slice_cred, ticket.save_to_string(save_parents=True))
893 except socket.gaierror:
895 print "Componet Manager not accepting requests"
897 print "Failed:", e.message
901 def delete(self, opts, args):
903 server = self.slicemgr
905 server = self.get_server(opts.aggregate, opts.port, self.key_file, \
906 self.cert_file, self.options.debug)
907 # direct connection to the nodes component manager interface
909 server = self.get_component_server_from_hrn(opts.component)
910 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
911 return server.delete_slice(slice_cred, slice_hrn)
914 def start(self, opts, args):
916 server = self.slicemgr
917 # direct connection to an aggregagte
919 server = self.get_server(opts.aggregate, opts.port, self.key_file, \
920 self.cert_file, self.options.debug)
922 server = self.get_component_server_from_hrn(opts.component)
923 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
924 return server.start_slice(slice_cred, slice_hrn)
927 def stop(self, opts, args):
929 server = self.slicemgr
930 # direct connection to an aggregate
932 server = self.get_server(opts.aggregate, opts.port, self.key_file, \
933 self.cert_file, self.options.debug)
934 # direct connection to the nodes component manager interface
936 server = self.get_component_server_from_hrn(opts.component)
937 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
938 return server.stop_slice(slice_cred, slice_hrn)
941 def reset(self, opts, args):
943 server = self.slicemgr
944 # direct connection to the nodes component manager interface
946 server = self.get_component_server_from_hrn(opts.component)
947 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
948 return server.reset_slice(slice_cred, slice_hrn)
951 # =====================================================================
952 # GENI AM related calls
953 # =====================================================================
955 def GetVersion(self, opts, args):
956 server = self.geni_am
957 print server.GetVersion()
959 def ListResources(self, opts, args):
960 user_cred = self.get_user_cred().save_to_string(save_parents=True)
961 server = self.geni_am
962 call_options = {'geni_compressed': True}
967 cred = self.get_slice_cred(xrn).save_to_string(save_parents=True)
970 call_options['geni_slice_urn'] = xrn
972 rspec = server.ListResources([cred], call_options)
973 rspec = zlib.decompress(rspec.decode('base64'))
976 def CreateSliver(self, opts, args):
978 slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
979 rspec_file = self.get_rspec_file(args[1])
980 rspec = open(rspec_file).read()
981 server = self.geni_am
982 return server.CreateSliver(slice_xrn, [slice_cred], rspec, [])
984 def DeleteSliver(self, opts, args):
986 slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
987 server = self.geni_am
988 return server.DeleteSliver(slice_xrn, [slice_cred])
990 def SliverStatus(self, opts, args):
992 slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
993 server = self.geni_am
994 print server.SliverStatus(slice_xrn, [slice_cred])
996 def RenewSliver(self, opts, args):
998 slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
1000 server = self.geni_am
1001 return server.RenewSliver(slice_xrn, [slice_cred], time)
1003 def Shutdown(self, opts, args):
1005 slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
1006 server = self.geni_am
1007 return server.Shutdown(slice_xrn, [slice_cred])
1010 # Main: parse arguments and dispatch to command
1013 parser = self.create_parser()
1014 (options, args) = parser.parse_args()
1015 self.options = options
1017 if options.hashrequest:
1018 self.hashrequest = True
1021 print "No command given. Use -h for help."
1025 (cmd_opts, cmd_args) = self.create_cmd_parser(command).parse_args(args[1:])
1026 if self.options.verbose :
1027 print "Registry %s, sm %s, dir %s, user %s, auth %s" % (options.registry, options.sm,
1028 options.sfi_dir, options.user,
1030 print "Command %s" % command
1031 if command in ("resources"):
1032 print "resources cmd_opts %s" % cmd_opts.format
1033 elif command in ("list", "show", "remove"):
1034 print "cmd_opts.type %s" % cmd_opts.type
1035 print "cmd_args %s" % cmd_args
1040 self.dispatch(command, cmd_opts, cmd_args)
1043 print "Command not found:", command
1048 if __name__ == "__main__":
git://git.onelab.eu / sfa.git / blob