4 from StringIO import StringIO
8 from sfa.trust.sfaticket import SfaTicket
9 from sfa.trust.credential import Credential
11 from sfa.util.sfalogging import logger
12 from sfa.util.xrn import Xrn, urn_to_hrn
13 from sfa.util.version import version_core
14 from sfa.util.callids import Callids
16 from sfa.server.threadmanager import ThreadManager
18 from sfa.rspecs.rspec_converter import RSpecConverter
19 from sfa.rspecs.version_manager import VersionManager
20 from sfa.rspecs.rspec import RSpec
21 from sfa.client.client_helper import sfa_to_pg_users_arg
29 def _call_id_supported(self, api, server):
31 Returns true if server support the optional call_id arg, false otherwise.
33 server_version = api.get_cached_server_version(server)
35 if 'sfa' in server_version:
36 code_tag = server_version['code_tag']
37 code_tag_parts = code_tag.split("-")
39 version_parts = code_tag_parts[0].split(".")
40 major, minor = version_parts[0:2]
41 rev = code_tag_parts[1]
43 if int(minor) > 0 or int(rev) > 20:
47 # we have specialized xmlrpclib.ServerProxy to remember the input url
48 # OTOH it's not clear if we're only dealing with XMLRPCServerProxy instances
49 def get_serverproxy_url (self, server):
51 return server.get_url()
53 logger.warning("GetVersion, falling back to xmlrpclib.ServerProxy internals")
54 return server._ServerProxy__host + server._ServerProxy__handler
56 def GetVersion(self, api):
57 # peers explicitly in aggregates.xml
58 peers =dict ([ (peername,self.get_serverproxy_url(v)) for (peername,v) in api.aggregates.iteritems()
59 if peername != api.hrn])
60 version_manager = VersionManager()
61 ad_rspec_versions = []
62 request_rspec_versions = []
63 for rspec_version in version_manager.versions:
64 if rspec_version.content_type in ['*', 'ad']:
65 ad_rspec_versions.append(rspec_version.to_dict())
66 if rspec_version.content_type in ['*', 'request']:
67 request_rspec_versions.append(rspec_version.to_dict())
68 default_rspec_version = version_manager.get_version("sfa 1").to_dict()
69 xrn=Xrn(api.hrn, 'authority+sa')
70 version_more = {'interface':'slicemgr',
71 'hrn' : xrn.get_hrn(),
72 'urn' : xrn.get_urn(),
74 'request_rspec_versions': request_rspec_versions,
75 'ad_rspec_versions': ad_rspec_versions,
76 'default_ad_rspec': default_rspec_version
78 sm_version=version_core(version_more)
79 # local aggregate if present needs to have localhost resolved
80 if api.hrn in api.aggregates:
81 local_am_url=self.get_serverproxy_url(api.aggregates[api.hrn])
82 sm_version['peers'][api.hrn]=local_am_url.replace('localhost',sm_version['hostname'])
85 def drop_slicemgr_stats(self, rspec):
87 stats_elements = rspec.xml.xpath('//statistics')
88 for node in stats_elements:
89 node.getparent().remove(node)
91 logger.warn("drop_slicemgr_stats failed: %s " % (str(e)))
93 def add_slicemgr_stat(self, rspec, callname, aggname, elapsed, status, exc_info=None):
95 stats_tags = rspec.xml.xpath('//statistics[@call="%s"]' % callname)
97 stats_tag = stats_tags[0]
99 stats_tag = etree.SubElement(rspec.xml.root, "statistics", call=callname)
101 stat_tag = etree.SubElement(stats_tag, "aggregate", name=str(aggname), elapsed=str(elapsed), status=str(status))
104 exc_tag = etree.SubElement(stat_tag, "exc_info", name=str(exc_info[1]))
106 # formats the traceback as one big text blob
107 #exc_tag.text = "\n".join(traceback.format_exception(exc_info[0], exc_info[1], exc_info[2]))
109 # formats the traceback as a set of xml elements
110 tb = traceback.extract_tb(exc_info[2])
112 exc_frame = etree.SubElement(exc_tag, "tb_frame", filename=str(item[0]), line=str(item[1]), func=str(item[2]), code=str(item[3]))
115 logger.warn("add_slicemgr_stat failed on %s: %s" %(aggname, str(e)))
117 def ListResources(self, api, creds, options, call_id):
118 version_manager = VersionManager()
119 def _ListResources(aggregate, server, credential, opts, call_id):
122 args = [credential, my_opts]
125 if self._call_id_supported(api, server):
127 version = api.get_cached_server_version(server)
128 # force ProtoGENI aggregates to give us a v2 RSpec
129 if 'sfa' not in version.keys():
130 my_opts['rspec_version'] = version_manager.get_version('ProtoGENI 2').to_dict()
131 rspec = server.ListResources(*args)
132 return {"aggregate": aggregate, "rspec": rspec, "elapsed": time.time()-tStart, "status": "success"}
134 api.logger.log_exc("ListResources failed at %s" %(server.url))
135 return {"aggregate": aggregate, "elapsed": time.time()-tStart, "status": "exception", "exc_info": sys.exc_info()}
137 if Callids().already_handled(call_id): return ""
139 # get slice's hrn from options
140 xrn = options.get('geni_slice_urn', '')
141 (hrn, type) = urn_to_hrn(xrn)
142 if 'geni_compressed' in options:
143 del(options['geni_compressed'])
145 # get the rspec's return format from options
146 rspec_version = version_manager.get_version(options.get('rspec_version'))
147 version_string = "rspec_%s" % (rspec_version.to_string())
149 # look in cache first
150 if self.caching and api.cache and not xrn:
151 rspec = api.cache.get(version_string)
155 # get the callers hrn
156 valid_cred = api.auth.checkCredentials(creds, 'listnodes', hrn)[0]
157 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
159 # attempt to use delegated credential first
160 cred = api.getDelegatedCredential(creds)
162 cred = api.getCredential()
163 threads = ThreadManager()
164 for aggregate in api.aggregates:
165 # prevent infinite loop. Dont send request back to caller
166 # unless the caller is the aggregate's SM
167 if caller_hrn == aggregate and aggregate != api.hrn:
170 # get the rspec from the aggregate
171 interface = api.aggregates[aggregate]
172 server = api.server_proxy(interface, cred)
173 threads.run(_ListResources, aggregate, server, [cred], options, call_id)
176 results = threads.get_results()
177 rspec_version = version_manager.get_version(options.get('rspec_version'))
179 result_version = version_manager._get_version(rspec_version.type, rspec_version.version, 'manifest')
181 result_version = version_manager._get_version(rspec_version.type, rspec_version.version, 'ad')
182 rspec = RSpec(version=result_version)
183 for result in results:
184 self.add_slicemgr_stat(rspec, "ListResources", result["aggregate"], result["elapsed"], result["status"], result.get("exc_info",None))
185 if result["status"]=="success":
187 rspec.version.merge(result["rspec"])
189 api.logger.log_exc("SM.ListResources: Failed to merge aggregate rspec")
192 if self.caching and api.cache and not xrn:
193 api.cache.add(version_string, rspec.toxml())
198 def CreateSliver(self, api, xrn, creds, rspec_str, users, call_id):
200 version_manager = VersionManager()
201 def _CreateSliver(aggregate, server, xrn, credential, rspec, users, call_id):
204 # Need to call GetVersion at an aggregate to determine the supported
205 # rspec type/format beofre calling CreateSliver at an Aggregate.
206 server_version = api.get_cached_server_version(server)
207 requested_users = users
208 if 'sfa' not in server_version and 'geni_api' in server_version:
209 # sfa aggregtes support both sfa and pg rspecs, no need to convert
210 # if aggregate supports sfa rspecs. otherwise convert to pg rspec
211 rspec = RSpec(RSpecConverter.to_pg_rspec(rspec, 'request'))
212 filter = {'component_manager_id': server_version['urn']}
214 rspec = rspec.toxml()
215 requested_users = sfa_to_pg_users_arg(users)
216 args = [xrn, credential, rspec, requested_users]
217 if self._call_id_supported(api, server):
219 rspec = server.CreateSliver(*args)
220 return {"aggregate": aggregate, "rspec": rspec, "elapsed": time.time()-tStart, "status": "success"}
222 logger.log_exc('Something wrong in _CreateSliver with URL %s'%server.url)
223 return {"aggregate": aggregate, "elapsed": time.time()-tStart, "status": "exception", "exc_info": sys.exc_info()}
225 if Callids().already_handled(call_id): return ""
226 # Validate the RSpec against PlanetLab's schema --disabled for now
227 # The schema used here needs to aggregate the PL and VINI schemas
228 # schema = "/var/www/html/schemas/pl.rng"
229 rspec = RSpec(rspec_str)
232 # rspec.validate(schema)
234 # if there is a <statistics> section, the aggregates don't care about it,
236 self.drop_slicemgr_stats(rspec)
238 # attempt to use delegated credential first
239 cred = api.getDelegatedCredential(creds)
241 cred = api.getCredential()
243 # get the callers hrn
244 hrn, type = urn_to_hrn(xrn)
245 valid_cred = api.auth.checkCredentials(creds, 'createsliver', hrn)[0]
246 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
247 threads = ThreadManager()
248 for aggregate in api.aggregates:
249 # prevent infinite loop. Dont send request back to caller
250 # unless the caller is the aggregate's SM
251 if caller_hrn == aggregate and aggregate != api.hrn:
253 interface = api.aggregates[aggregate]
254 server = api.server_proxy(interface, cred)
255 # Just send entire RSpec to each aggregate
256 threads.run(_CreateSliver, aggregate, server, xrn, [cred], rspec.toxml(), users, call_id)
258 results = threads.get_results()
259 manifest_version = version_manager._get_version(rspec.version.type, rspec.version.version, 'manifest')
260 result_rspec = RSpec(version=manifest_version)
261 for result in results:
262 self.add_slicemgr_stat(result_rspec, "CreateSliver", result["aggregate"], result["elapsed"], result["status"], result.get("exc_info",None))
263 if result["status"]=="success":
265 result_rspec.version.merge(result["rspec"])
267 api.logger.log_exc("SM.CreateSliver: Failed to merge aggregate rspec")
268 return result_rspec.toxml()
270 def RenewSliver(self, api, xrn, creds, expiration_time, call_id):
271 def _RenewSliver(server, xrn, creds, expiration_time, call_id):
272 server_version = api.get_cached_server_version(server)
273 args = [xrn, creds, expiration_time, call_id]
274 if self._call_id_supported(api, server):
276 return server.RenewSliver(*args)
278 if Callids().already_handled(call_id): return True
280 (hrn, type) = urn_to_hrn(xrn)
281 # get the callers hrn
282 valid_cred = api.auth.checkCredentials(creds, 'renewsliver', hrn)[0]
283 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
285 # attempt to use delegated credential first
286 cred = api.getDelegatedCredential(creds)
288 cred = api.getCredential()
289 threads = ThreadManager()
290 for aggregate in api.aggregates:
291 # prevent infinite loop. Dont send request back to caller
292 # unless the caller is the aggregate's SM
293 if caller_hrn == aggregate and aggregate != api.hrn:
295 interface = api.aggregates[aggregate]
296 server = api.server_proxy(interface, cred)
297 threads.run(_RenewSliver, server, xrn, [cred], expiration_time, call_id)
299 return reduce (lambda x,y: x and y, threads.get_results() , True)
301 def DeleteSliver(self, api, xrn, creds, call_id):
302 def _DeleteSliver(server, xrn, creds, call_id):
303 server_version = api.get_cached_server_version(server)
305 if self._call_id_supported(api, server):
307 return server.DeleteSliver(*args)
309 if Callids().already_handled(call_id): return ""
310 (hrn, type) = urn_to_hrn(xrn)
311 # get the callers hrn
312 valid_cred = api.auth.checkCredentials(creds, 'deletesliver', hrn)[0]
313 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
315 # attempt to use delegated credential first
316 cred = api.getDelegatedCredential(creds)
318 cred = api.getCredential()
319 threads = ThreadManager()
320 for aggregate in api.aggregates:
321 # prevent infinite loop. Dont send request back to caller
322 # unless the caller is the aggregate's SM
323 if caller_hrn == aggregate and aggregate != api.hrn:
325 interface = api.aggregates[aggregate]
326 server = api.server_proxy(interface, cred)
327 threads.run(_DeleteSliver, server, xrn, [cred], call_id)
328 threads.get_results()
332 # first draft at a merging SliverStatus
333 def SliverStatus(self, api, slice_xrn, creds, call_id):
334 def _SliverStatus(server, xrn, creds, call_id):
335 server_version = api.get_cached_server_version(server)
337 if self._call_id_supported(api, server):
339 return server.SliverStatus(*args)
341 if Callids().already_handled(call_id): return {}
342 # attempt to use delegated credential first
343 cred = api.getDelegatedCredential(creds)
345 cred = api.getCredential()
346 threads = ThreadManager()
347 for aggregate in api.aggregates:
348 interface = api.aggregates[aggregate]
349 server = api.server_proxy(interface, cred)
350 threads.run (_SliverStatus, server, slice_xrn, [cred], call_id)
351 results = threads.get_results()
353 # get rid of any void result - e.g. when call_id was hit where by convention we return {}
354 results = [ result for result in results if result and result['geni_resources']]
356 # do not try to combine if there's no result
357 if not results : return {}
359 # otherwise let's merge stuff
362 # mmh, it is expected that all results carry the same urn
363 overall['geni_urn'] = results[0]['geni_urn']
364 overall['pl_login'] = results[0]['pl_login']
365 # append all geni_resources
366 overall['geni_resources'] = \
367 reduce (lambda x,y: x+y, [ result['geni_resources'] for result in results] , [])
368 overall['status'] = 'unknown'
369 if overall['geni_resources']:
370 overall['status'] = 'ready'
374 def ListSlices(self, api, creds, call_id):
375 def _ListSlices(server, creds, call_id):
376 server_version = api.get_cached_server_version(server)
378 if self._call_id_supported(api, server):
380 return server.ListSlices(*args)
382 if Callids().already_handled(call_id): return []
384 # look in cache first
385 if self.caching and api.cache:
386 slices = api.cache.get('slices')
390 # get the callers hrn
391 valid_cred = api.auth.checkCredentials(creds, 'listslices', None)[0]
392 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
394 # attempt to use delegated credential first
395 cred= api.getDelegatedCredential(creds)
397 cred = api.getCredential()
398 threads = ThreadManager()
399 # fetch from aggregates
400 for aggregate in api.aggregates:
401 # prevent infinite loop. Dont send request back to caller
402 # unless the caller is the aggregate's SM
403 if caller_hrn == aggregate and aggregate != api.hrn:
405 interface = api.aggregates[aggregate]
406 server = api.server_proxy(interface, cred)
407 threads.run(_ListSlices, server, [cred], call_id)
410 results = threads.get_results()
412 for result in results:
413 slices.extend(result)
416 if self.caching and api.cache:
417 api.cache.add('slices', slices)
422 def get_ticket(self, api, xrn, creds, rspec, users):
423 slice_hrn, type = urn_to_hrn(xrn)
424 # get the netspecs contained within the clients rspec
425 aggregate_rspecs = {}
426 tree= etree.parse(StringIO(rspec))
427 elements = tree.findall('./network')
428 for element in elements:
429 aggregate_hrn = element.values()[0]
430 aggregate_rspecs[aggregate_hrn] = rspec
432 # get the callers hrn
433 valid_cred = api.auth.checkCredentials(creds, 'getticket', slice_hrn)[0]
434 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
436 # attempt to use delegated credential first
437 cred = api.getDelegatedCredential(creds)
439 cred = api.getCredential()
440 threads = ThreadManager()
441 for (aggregate, aggregate_rspec) in aggregate_rspecs.iteritems():
442 # prevent infinite loop. Dont send request back to caller
443 # unless the caller is the aggregate's SM
444 if caller_hrn == aggregate and aggregate != api.hrn:
447 interface = api.aggregates[aggregate]
448 server = api.server_proxy(interface, cred)
449 threads.run(server.GetTicket, xrn, [cred], aggregate_rspec, users)
451 results = threads.get_results()
453 # gather information from each ticket
458 for result in results:
459 agg_ticket = SfaTicket(string=result)
460 attrs = agg_ticket.get_attributes()
462 object_gid = agg_ticket.get_gid_object()
464 rspec = RSpec(agg_ticket.get_rspec())
466 rspec.version.merge(agg_ticket.get_rspec())
467 initscripts.extend(attrs.get('initscripts', []))
468 slivers.extend(attrs.get('slivers', []))
471 attributes = {'initscripts': initscripts,
474 # create a new ticket
475 ticket = SfaTicket(subject = slice_hrn)
476 ticket.set_gid_caller(api.auth.client_gid)
477 ticket.set_issuer(key=api.key, subject=api.hrn)
478 ticket.set_gid_object(object_gid)
479 ticket.set_pubkey(object_gid.get_pubkey())
480 #new_ticket.set_parent(api.auth.hierarchy.get_auth_ticket(auth_hrn))
481 ticket.set_attributes(attributes)
482 ticket.set_rspec(rspec.toxml())
485 return ticket.save_to_string(save_parents=True)
487 def start_slice(self, api, xrn, creds):
488 hrn, type = urn_to_hrn(xrn)
490 # get the callers hrn
491 valid_cred = api.auth.checkCredentials(creds, 'startslice', hrn)[0]
492 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
494 # attempt to use delegated credential first
495 cred = api.getDelegatedCredential(creds)
497 cred = api.getCredential()
498 threads = ThreadManager()
499 for aggregate in api.aggregates:
500 # prevent infinite loop. Dont send request back to caller
501 # unless the caller is the aggregate's SM
502 if caller_hrn == aggregate and aggregate != api.hrn:
504 interface = api.aggregates[aggregate]
505 server = api.server_proxy(interface, cred)
506 threads.run(server.Start, xrn, cred)
507 threads.get_results()
510 def stop_slice(self, api, xrn, creds):
511 hrn, type = urn_to_hrn(xrn)
513 # get the callers hrn
514 valid_cred = api.auth.checkCredentials(creds, 'stopslice', hrn)[0]
515 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
517 # attempt to use delegated credential first
518 cred = api.getDelegatedCredential(creds)
520 cred = api.getCredential()
521 threads = ThreadManager()
522 for aggregate in api.aggregates:
523 # prevent infinite loop. Dont send request back to caller
524 # unless the caller is the aggregate's SM
525 if caller_hrn == aggregate and aggregate != api.hrn:
527 interface = api.aggregates[aggregate]
528 server = api.server_proxy(interface, cred)
529 threads.run(server.Stop, xrn, cred)
530 threads.get_results()
533 def reset_slice(self, api, xrn):
539 def shutdown(self, api, xrn, creds):
545 def status(self, api, xrn, creds):