3 # sfi -- slice-based facility interface
12 from types import StringTypes, ListType
13 from optparse import OptionParser
14 from sfa.trust.certificate import Keypair, Certificate
15 from sfa.trust.credential import Credential
16 from sfa.util.sfaticket import SfaTicket
17 from sfa.util.record import *
18 from sfa.util.namespace import *
19 from sfa.util.rspec import RSpec
20 from sfa.util.xmlrpcprotocol import ServerException
21 import sfa.util.xmlrpcprotocol as xmlrpcprotocol
22 from sfa.util.config import Config
25 # utility methods here
27 def display_rspec(rspec, format = 'rspec'):
30 spec.parseString(rspec)
32 nodespecs = spec.getDictsByTagName('NodeSpec')
33 for nodespec in nodespecs:
34 if nodespec.has_key('name') and nodespec['name']:
35 if isinstance(nodespec['name'], ListType):
36 hostnames.extend(nodespec['name'])
37 elif isinstance(nodespec['name'], StringTypes):
38 hostnames.append(nodespec['name'])
40 elif format in ['ip']:
42 spec.parseString(rspec)
44 ifspecs = spec.getDictsByTagName('IfSpec')
45 for ifspec in ifspecs:
46 if ifspec.has_key('addr') and ifspec['addr']:
47 ips.append(ifspec['addr'])
55 def display_list(results):
56 for result in results:
60 def display_records(recordList, dump = False):
61 ''' Print all fields in the record'''
62 for record in recordList:
63 display_record(record, dump)
65 def display_record(record, dump = False):
69 info = record.getdict()
70 print "%s (%s)" % (info['hrn'], info['type'])
74 def filter_records(type, records):
76 for record in records:
77 if (record['type'] == type) or (type == "all"):
78 filtered_records.append(record)
79 return filtered_records
83 def save_rspec_to_file(rspec, filename):
84 if not filename.endswith(".rspec"):
85 filename = filename + ".rspec"
87 f = open(filename, 'w')
92 def save_records_to_file(filename, recordList):
94 for record in recordList:
96 save_record_to_file(filename + "." + str(index), record)
98 save_record_to_file(filename, record)
101 def save_record_to_file(filename, record):
102 if record['type'] in ['user']:
103 record = UserRecord(dict = record)
104 elif record['type'] in ['slice']:
105 record = SliceRecord(dict = record)
106 elif record['type'] in ['node']:
107 record = NodeRecord(dict = record)
108 elif record['type'] in ['authority', 'ma', 'sa']:
109 record = AuthorityRecord(dict = record)
111 record = SfaRecord(dict = record)
112 str = record.save_to_string()
113 file(filename, "w").write(str)
118 def load_record_from_file(filename):
119 str = file(filename, "r").read()
120 record = SfaRecord(string=str)
135 def create_cmd_parser(self,command, additional_cmdargs = None):
136 cmdargs = {"gid": "",
142 "aggregates": "[name]",
143 "registries": "[name]",
145 "resources": "[name]",
146 "create": "name rspec",
147 "get_trusted_certs": "cred",
148 "get_ticket": "name rspec",
149 "redeem_ticket": "ticket",
155 "GetVersion": "name",
156 "ListResources": "name",
157 "CreateSliver": "name",
158 "get_geni_aggregates": "name"
161 if additional_cmdargs:
162 cmdargs.update(additional_cmdargs)
164 if command not in cmdargs:
165 print "Invalid command\n"
167 for key in cmdargs.keys():
172 parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
173 % (command, cmdargs[command]))
175 if command in ("resources"):
176 parser.add_option("-f", "--format", dest="format",type="choice",
177 help="display format ([xml]|dns|ip)",default="xml",
178 choices=("xml","dns","ip"))
179 parser.add_option("-a", "--aggregate", dest="aggregate",
180 default=None, help="aggregate hrn")
182 if command in ("create", "get_ticket"):
183 parser.add_option("-a", "--aggregate", dest="aggregate",default=None,
184 help="aggregate hrn")
186 if command in ("start", "stop", "reset", "delete", "slices"):
187 parser.add_option("-c", "--component", dest="component",default=None,
188 help="component hrn")
190 if command in ("list", "show", "remove"):
191 parser.add_option("-t", "--type", dest="type",type="choice",
192 help="type filter ([all]|user|slice|sa|ma|node|aggregate)",
193 choices=("all","user","slice","sa","ma","node","aggregate"),
196 if command in ("resources", "show", "list"):
197 parser.add_option("-o", "--output", dest="file",
198 help="output XML to file", metavar="FILE", default=None)
200 if command in ("show", "list"):
201 parser.add_option("-f", "--format", dest="format", type="choice",
202 help="display format ([text]|xml)",default="text",
203 choices=("text","xml"))
205 if command in ("delegate"):
206 parser.add_option("-u", "--user",
207 action="store_true", dest="delegate_user", default=False,
208 help="delegate user credential")
209 parser.add_option("-s", "--slice", dest="delegate_slice",
210 help="delegate slice credential", metavar="HRN", default=None)
215 def create_parser(self):
217 # Generate command line parser
218 parser = OptionParser(usage="sfi [options] command [command_options] [command_args]",
219 description="Commands: gid,list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
220 parser.add_option("-g", "--geni_am", dest="geni_am",
221 help="geni am", metavar="URL", default=None)
222 parser.add_option("-r", "--registry", dest="registry",
223 help="root registry", metavar="URL", default=None)
224 parser.add_option("-s", "--slicemgr", dest="sm",
225 help="slice manager", metavar="URL", default=None)
226 default_sfi_dir=os.path.expanduser("~/.sfi/")
227 parser.add_option("-d", "--dir", dest="sfi_dir",
228 help="config & working directory - default is " + default_sfi_dir,
229 metavar="PATH", default = default_sfi_dir)
230 parser.add_option("-u", "--user", dest="user",
231 help="user name", metavar="HRN", default=None)
232 parser.add_option("-a", "--auth", dest="auth",
233 help="authority name", metavar="HRN", default=None)
234 parser.add_option("-v", "--verbose",
235 action="store_true", dest="verbose", default=False,
237 parser.add_option("-p", "--protocol",
238 dest="protocol", default="xmlrpc",
239 help="RPC protocol (xmlrpc or soap)")
240 parser.add_option("-k", "--hashrequest",
241 action="store_true", dest="hashrequest", default=False,
242 help="Create a hash of the request that will be authenticated on the server")
243 parser.disable_interspersed_args()
249 # Establish Connection to SliceMgr and Registry Servers
251 def set_servers(self):
252 config_file = self.options.sfi_dir + os.sep + "sfi_config"
254 config = Config (config_file)
256 print "Failed to read configuration file",config_file
257 print "Make sure to remove the export clauses and to add quotes"
258 if not self.options.verbose:
259 print "Re-run with -v for more details"
261 traceback.print_exc()
266 if (self.options.sm is not None):
267 sm_url = self.options.sm
268 elif hasattr(config,"SFI_SM"):
269 sm_url = config.SFI_SM
271 print "You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s"%config_file
275 if (self.options.registry is not None):
276 reg_url = self.options.registry
277 elif hasattr(config,"SFI_REGISTRY"):
278 reg_url = config.SFI_REGISTRY
280 print "You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s"%config_file
284 if (self.options.geni_am is not None):
285 geni_am_url = self.options.geni_am
286 elif hasattr(config,"SFI_GENI_AM"):
287 geni_am_url = config.SFI_GENI_AM
290 if (self.options.user is not None):
291 self.user = self.options.user
292 elif hasattr(config,"SFI_USER"):
293 self.user = config.SFI_USER
295 print "You need to set e.g. SFI_USER='plc.princeton.username' in %s"%config_file
299 if (self.options.auth is not None):
300 self.authority = self.options.auth
301 elif hasattr(config,"SFI_AUTH"):
302 self.authority = config.SFI_AUTH
304 print "You need to set e.g. SFI_AUTH='plc.princeton' in %s"%config_file
310 if self.options.verbose :
311 print "Contacting Slice Manager at:", sm_url
312 print "Contacting Registry at:", reg_url
314 # Get key and certificate
315 key_file = self.get_key_file()
316 cert_file = self.get_cert_file(key_file)
317 self.key = Keypair(filename=key_file)
318 self.key_file = key_file
319 self.cert_file = cert_file
320 self.cert = Certificate(filename=cert_file)
321 # Establish connection to server(s)
322 self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file)
323 self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file)
324 self.geni_am = xmlrpcprotocol.get_server(geni_am_url, key_file, cert_file)
328 # Get various credential and spec files
330 # Establishes limiting conventions
331 # - conflates MAs and SAs
332 # - assumes last token in slice name is unique
334 # Bootstraps credentials
335 # - bootstrap user credential from self-signed certificate
336 # - bootstrap authority credential from user credential
337 # - bootstrap slice credential from user credential
341 def get_key_file(self):
342 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".pkey")
343 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".pkey")
344 if (os.path.isfile(file)):
347 print "Key file", file, "does not exist"
351 def get_cert_file(self,key_file):
353 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cert")
354 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert")
355 if (os.path.isfile(file)):
358 k = Keypair(filename = key_file)
359 cert = Certificate(subject=self.user)
361 cert.set_issuer(k, self.user)
363 if self.options.verbose :
364 print "Writing self-signed certificate to", file
365 cert.save_to_file(file)
369 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".gid")
370 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".gid")
371 if (os.path.isfile(file)):
372 gid = GID(filename=file)
375 cert_str = self.cert.save_to_string(save_parents=True)
376 gid_str = self.registry.get_gid(cert_str, self.user, "user")
377 gid = GID(string=gid_str)
378 if self.options.verbose:
379 print "Writing user gid to", file
380 gid.save_to_file(file, save_parents=True)
383 def get_user_cred(self):
384 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cred")
385 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cred")
386 if (os.path.isfile(file)):
387 user_cred = Credential(filename=file)
390 # bootstrap user credential
391 cert_string = self.cert.save_to_string(save_parents=True)
392 user_name=self.user.replace(self.authority+".", '')
393 if user_name.count(".") > 0:
394 user_name = user_name.replace(".", '_')
395 self.user=self.authority + "." + user_name
397 user_cred = self.registry.get_self_credential(cert_string, "user", self.user)
399 cred = Credential(string=user_cred)
400 cred.save_to_file(file, save_parents=True)
401 if self.options.verbose:
402 print "Writing user credential to", file
405 print "Failed to get user credential"
408 def get_auth_cred(self):
409 if not self.authority:
410 print "no authority specified. Use -a or set SF_AUTH"
413 file = os.path.join(self.options.sfi_dir, get_leaf("authority") +".cred")
414 if (os.path.isfile(file)):
415 auth_cred = Credential(filename=file)
418 # bootstrap authority credential from user credential
419 user_cred = self.get_user_cred().save_to_string(save_parents=True)
420 auth_cred = self.registry.get_credential(user_cred, "authority", self.authority)
422 cred = Credential(string=auth_cred)
423 cred.save_to_file(file, save_parents=True)
424 if self.options.verbose:
425 print "Writing authority credential to", file
428 print "Failed to get authority credential"
431 def get_slice_cred(self,name):
432 file = os.path.join(self.options.sfi_dir, "slice_" + get_leaf(name) + ".cred")
433 if (os.path.isfile(file)):
434 slice_cred = Credential(filename=file)
437 # bootstrap slice credential from user credential
438 user_cred = self.get_user_cred().save_to_string(save_parents=True)
439 arg_list = [user_cred, "slice", name]
440 slice_cred_str = self.registry.get_credential(user_cred, "slice", name)
442 slice_cred = Credential(string=slice_cred_str)
443 slice_cred.save_to_file(file, save_parents=True)
444 if self.options.verbose:
445 print "Writing slice credential to", file
448 print "Failed to get slice credential"
451 def delegate_cred(self,cred, hrn, type = 'authority'):
452 # the gid and hrn of the object we are delegating
453 user_cred = Credential(string=cred)
454 object_gid = user_cred.get_gid_object()
455 object_hrn = object_gid.get_hrn()
456 #cred.set_delegate(True)
457 #if not cred.get_delegate():
458 # raise Exception, "Error: Object credential %(object_hrn)s does not have delegate bit set" % locals()
461 records = self.registry.resolve(cred, hrn)
462 records = filter_records(type, records)
465 raise Exception, "Error: Didn't find a %(type)s record for %(hrn)s" % locals()
467 # the gid of the user who will be delegated too
468 record = SfaRecord(dict=records[0])
469 delegee_gid = record.get_gid_object()
470 delegee_hrn = delegee_gid.get_hrn()
472 # the key and hrn of the user who will be delegating
473 user_key = Keypair(filename = self.get_key_file())
474 user_hrn = user_cred.get_gid_caller().get_hrn()
476 dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
477 dcred.set_gid_caller(delegee_gid)
478 dcred.set_gid_object(object_gid)
479 dcred.set_privileges(user_cred.get_privileges())
480 dcred.get_privileges().delegate_all_privileges(True)
483 # Save the issuer's gid to a file
484 fname = self.options.sfi_dir + os.sep + "gid_%d" % random.randint(0,999999999)
486 f.write(user_cred.get_gid_caller().save_to_string())
488 dcred.set_issuer_keys(self.get_key_file(), fname)
491 dcred.set_parent(user_cred)
495 return dcred.save_to_string(save_parents=True)
497 def get_rspec_file(self,rspec):
498 if (os.path.isabs(rspec)):
501 file = os.path.join(self.options.sfi_dir, rspec)
502 if (os.path.isfile(file)):
505 print "No such rspec file", rspec
508 def get_record_file(self,record):
509 if (os.path.isabs(record)):
512 file = os.path.join(self.options.sfi_dir, record)
513 if (os.path.isfile(file)):
516 print "No such registry record file", record
519 def load_publickey_string(self,fn):
521 key_string = f.read()
523 # if the filename is a private key file, then extract the public key
524 if "PRIVATE KEY" in key_string:
525 outfn = tempfile.mktemp()
526 cmd = "openssl rsa -in " + fn + " -pubout -outform PEM -out " + outfn
529 key_string = f.read()
534 def get_component_server_from_hrn(self, hrn):
535 # direct connection to the nodes component manager interface
536 user_cred = self.get_user_cred().save_to_string(save_parents=True)
537 records = self.registry.resolve(user_cred, hrn)
538 records = filter_records('node', records)
540 print "No such component:", opts.component
543 url = "https://%s:%s" % (record['hostname'], cm_port)
544 return xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
547 # Following functions implement the commands
549 # Registry-related commands
552 def dispatch(self,command, cmd_opts, cmd_args):
553 getattr(self,command)(cmd_opts, cmd_args)
555 def gid(self, opts, args):
557 print "GID: %s" % (gid.save_to_string(save_parents=True))
560 # list entires in named authority registry
561 def list(self,opts, args):
562 user_cred = self.get_user_cred().save_to_string(save_parents=True)
565 list = self.registry.list(user_cred, hrn)
567 raise Exception, "Not enough parameters for the 'list' command"
569 # filter on person, slice, site, node, etc.
570 # THis really should be in the self.filter_records funct def comment...
571 list = filter_records(opts.type, list)
573 print "%s (%s)" % (record['hrn'], record['type'])
576 if not file.startswith(os.sep):
577 file = os.path.join(self.options.sfi_dir, file)
578 save_records_to_file(file, list)
581 # show named registry record
582 def show(self,opts, args):
583 user_cred = self.get_user_cred().save_to_string(save_parents=True)
585 records = self.registry.resolve(user_cred, hrn)
586 records = filter_records(opts.type, records)
588 print "No record of type", opts.type
589 for record in records:
590 if record['type'] in ['user']:
591 record = UserRecord(dict = record)
592 elif record['type'] in ['slice']:
593 record = SliceRecord(dict = record)
594 elif record['type'] in ['node']:
595 record = NodeRecord(dict = record)
596 elif record['type'] in ['authority', 'ma', 'sa']:
597 record = AuthorityRecord(dict = record)
599 record = SfaRecord(dict = record)
600 if (opts.format=="text"):
603 print record.save_to_string()
607 if not file.startswith(os.sep):
608 file = os.path.join(self.options.sfi_dir, file)
609 save_records_to_file(file, records)
612 def delegate(self,opts, args):
613 user_cred = self.get_user_cred()
614 if opts.delegate_user:
615 object_cred = user_cred
616 elif opts.delegate_slice:
617 object_cred = self.get_slice_cred(opts.delegate_slice)
619 print "Must specify either --user or --slice <hrn>"
622 # the gid and hrn of the object we are delegating
623 object_gid = object_cred.get_gid_object()
624 object_hrn = object_gid.get_hrn()
626 if not object_cred.get_privileges().get_all_delegate():
627 print "Error: Object credential", object_hrn, "does not have delegate bit set"
630 records = self.registry.resolve(user_cred.save_to_string(save_parents=True), args[0])
631 records = filter_records("user", records)
634 print "Error: Didn't find a user record for", args[0]
637 # the gid of the user who will be delegated to
638 delegee_gid = GID(string=records[0]['gid'])
639 delegee_hrn = delegee_gid.get_hrn()
641 # the key and hrn of the user who will be delegating
642 user_key = Keypair(filename = self.get_key_file())
643 user_hrn = user_cred.get_gid_caller().get_hrn()
644 subject_string = "%s delegated to %s" % (object_hrn, delegee_hrn)
645 dcred = Credential(subject=subject_string)
646 dcred.set_gid_caller(delegee_gid)
647 dcred.set_gid_object(object_gid)
648 privs = object_cred.get_privileges()
649 dcred.set_privileges(object_cred.get_privileges())
650 dcred.get_privileges().delegate_all_privileges(True)
651 dcred.set_pubkey(object_gid.get_pubkey())
652 dcred.set_issuer(user_key, user_hrn)
653 dcred.set_parent(object_cred)
657 if opts.delegate_user:
658 dest_fn = os.path.join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_"
659 + get_leaf(object_hrn) + ".cred")
660 elif opts.delegate_slice:
661 dest_fn = os.path_join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_slice_"
662 + get_leaf(object_hrn) + ".cred")
664 dcred.save_to_file(dest_fn, save_parents = True)
666 print "delegated credential for", object_hrn, "to", delegee_hrn, "and wrote to", dest_fn
668 # removed named registry record
669 # - have to first retrieve the record to be removed
670 def remove(self,opts, args):
671 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
676 return self.registry.remove(auth_cred, type, hrn)
678 # add named registry record
679 def add(self,opts, args):
680 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
681 record_filepath = args[0]
682 rec_file = self.get_record_file(record_filepath)
683 record = load_record_from_file(rec_file).as_dict()
684 return self.registry.register(auth_cred, record)
686 # update named registry entry
687 def update(self,opts, args):
688 user_cred = self.get_user_cred()
689 rec_file = self.get_record_file(args[0])
690 record = load_record_from_file(rec_file)
691 if record['type'] == "user":
692 if record.get_name() == user_cred.get_gid_object().get_hrn():
693 cred = user_cred.save_to_string(save_parents=True)
695 cred = self.get_auth_cred().save_to_string(save_parents=True)
696 elif record['type'] in ["slice"]:
698 cred = self.get_slice_cred(record.get_name()).save_to_string(save_parents=True)
699 except ServerException, e:
700 # XXX smbaker -- once we have better error return codes, update this
701 # to do something better than a string compare
702 if "Permission error" in e.args[0]:
703 cred = self.get_auth_cred().save_to_string(save_parents=True)
706 elif record.get_type() in ["authority"]:
707 cred = self.get_auth_cred().save_to_string(save_parents=True)
708 elif record.get_type() == 'node':
709 cred = self.get_auth_cred().save_to_string(save_parents=True)
711 raise "unknown record type" + record.get_type()
712 record = record.as_dict()
713 return self.registry.update(cred, record)
715 def get_trusted_certs(self, opts, args):
717 return the trusted certs at this interface
719 trusted_certs = self.registry.get_trusted_certs()
720 for trusted_cert in trusted_certs:
721 cert = Certificate(string=trusted_cert)
722 print cert.get_subject()
725 def aggregates(self, opts, args):
727 return a list of details about known aggregates
729 user_cred = self.get_user_cred().save_to_string(save_parents=True)
734 result = self.registry.get_aggregates(user_cred, hrn)
738 def get_geni_aggregates(self, opts, args):
740 return a list of details about known aggregates
742 user_cred = self.get_user_cred().save_to_string(save_parents=True)
747 result = self.registry.get_geni_aggregates(user_cred, hrn)
752 def registries(self, opts, args):
754 return a list of details about known registries
756 user_cred = self.get_user_cred().save_to_string(save_parents=True)
760 result = self.registry.get_registries(user_cred, hrn)
766 # Slice-related commands
769 # list available nodes -- use 'resources' w/ no argument instead
771 # list instantiated slices
772 def slices(self,opts, args):
773 user_cred = self.get_user_cred().save_to_string(save_parents=True)
774 server = self.slicemgr
775 # direct connection to the nodes component manager interface
777 server = self.get_component_server_from_hrn(opts.component)
778 results = server.get_slices(user_cred)
779 display_list(results)
782 # show rspec for named slice
783 def resources(self,opts, args):
784 user_cred = self.get_user_cred().save_to_string(save_parents=True)
785 server = self.slicemgr
787 agg_hrn = opts.aggregate
788 aggregates = self.registry.get_aggregates(user_cred, agg_hrn)
790 raise Exception, "No such aggregate %s" % agg_hrn
791 aggregate = aggregates[0]
792 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
793 server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
795 cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
801 result = server.get_resources(cred, hrn)
804 display_rspec(result, format)
805 if (opts.file is not None):
807 if not file.startswith(os.sep):
808 file = os.path.join(self.options.sfi_dir, file)
809 save_rspec_to_file(result, file)
812 # created named slice with given rspec
813 def create(self,opts, args):
815 user_cred = self.get_user_cred()
816 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
817 rspec_file = self.get_rspec_file(args[1])
818 rspec=open(rspec_file).read()
819 server = self.slicemgr
821 aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
823 raise Exception, "No such aggregate %s" % opts.aggregate
824 aggregate = aggregates[0]
825 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
826 server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.protocol)
827 return server.create_slice(slice_cred, slice_hrn, rspec)
829 # get a ticket for the specified slice
830 def get_ticket(self, opts, args):
831 slice_hrn, rspec_path = args[0], args[1]
832 user_cred = self.get_user_cred()
833 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
834 rspec_file = self.get_rspec_file(rspec_path)
835 rspec=open(rspec_file).read()
836 server = self.slicemgr
838 aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
840 raise Exception, "No such aggregate %s" % opts.aggregate
841 aggregate = aggregates[0]
842 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
843 server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.protocol)
844 ticket_string = server.get_ticket(slice_cred, slice_hrn, rspec)
845 file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
846 print "writing ticket to ", file
847 ticket = SfaTicket(string=ticket_string)
848 ticket.save_to_file(filename=file, save_parents=True)
850 def redeem_ticket(self, opts, args):
851 ticket_file = args[0]
853 # get slice hrn from the ticket
854 # use this to get the right slice credential
855 ticket = SfaTicket(filename=ticket_file)
857 slice_hrn=ticket.gidObject.get_hrn()
858 #slice_hrn = ticket.attributes['slivers'][0]['hrn']
859 user_cred = self.get_user_cred()
860 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
862 # get a list node hostnames from the nodespecs in the rspec
864 rspec.parseString(ticket.rspec)
865 nodespecs = rspec.getDictsByTagName('NodeSpec')
866 hostnames = [nodespec['name'] for nodespec in nodespecs]
868 # create an xmlrpc connection to the component manager at each of these
869 # components and gall redeem_ticket
871 for hostname in hostnames:
874 url = "https://%(hostname)s:%(cm_port)s" % locals()
875 print "Calling redeem_ticket at %(url)s " % locals(),
876 cm = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
877 cm.redeem_ticket(slice_cred, ticket.save_to_string(save_parents=True))
879 except socket.gaierror:
881 print "Componet Manager not accepting requests"
883 print "Failed:", e.message
888 def delete(self,opts, args):
890 server = self.slicemgr
891 # direct connection to the nodes component manager interface
893 server = self.get_component_server_from_hrn(opts.component)
895 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
896 return server.delete_slice(slice_cred, slice_hrn)
899 def start(self,opts, args):
901 server = self.slicemgr
902 # direct connection to the nodes component manager interface
904 server = self.get_component_server_from_hrn(opts.component)
906 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
907 return server.start_slice(slice_cred, slice_hrn)
910 def stop(self,opts, args):
912 server = self.slicemgr
913 # direct connection to the nodes component manager interface
915 server = self.get_component_server_from_hrn(opts.component)
917 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
918 return server.stop_slice(slice_cred, slice_hrn)
921 def reset(self,opts, args):
923 server = self.slicemgr
924 # direct connection to the nodes component manager interface
926 server = self.get_component_server_from_hrn(opts.component)
927 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
928 return server.reset_slice(slice_cred, slice_hrn)
931 # GENI AM related calls
933 def GetVersion(self,opts,args):
934 server = self.geni_am
935 print server.GetVersion()
937 def ListResources(self,opts,args):
938 user_cred = self.get_user_cred().save_to_string(save_parents=True)
939 server = self.geni_am
940 call_options = {'geni_compressed': True}
945 cred = self.get_slice_cred(xrn).save_to_string(save_parents=True)
948 call_options['geni_slice_urn'] = xrn
950 rspec = server.ListResources([user_cred], call_options)
951 rspec = zlib.decompress(rspec.decode('base64'))
954 def CreateSliver(self,opts,args):
956 user_cred = self.get_user_cred()
957 slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
958 rspec_file = self.get_rspec_file(args[1])
959 rspec = open(rspec_file).read()
960 server = self.geni_am
961 return server.CreateSliver(slice_xrn, [slice_cred], rspec)
963 # Main: parse arguments and dispatch to command
966 parser = self.create_parser()
967 (options, args) = parser.parse_args()
968 self.options = options
970 if options.hashrequest:
971 self.hashrequest=True
974 print "No command given. Use -h for help."
978 (cmd_opts, cmd_args) = self.create_cmd_parser(command).parse_args(args[1:])
979 if self.options.verbose :
980 print "Registry %s, sm %s, dir %s, user %s, auth %s" % (options.registry, options.sm,
981 options.sfi_dir, options.user,
983 print "Command %s" %command
984 if command in ("resources"):
985 print "resources cmd_opts %s" %cmd_opts.format
986 elif command in ("list","show","remove"):
987 print "cmd_opts.type %s" %cmd_opts.type
988 print "cmd_args %s" %cmd_args
993 self.dispatch(command, cmd_opts, cmd_args)
996 print "Command not found:", command
1001 if __name__=="__main__":