sfa/openstack/nova_driver.py

   1 import time
   2 import datetime
   3
   4 from sfa.util.faults import MissingSfaInfo, UnknownSfaType, \
   5     RecordNotFound, SfaNotImplemented, SliverDoesNotExist, \
   6     SfaInvalidArgument
   7
   8 from sfa.util.sfalogging import logger
   9 from sfa.util.defaultdict import defaultdict
  10 from sfa.util.sfatime import utcparse, datetime_to_string, datetime_to_epoch
  11 from sfa.util.xrn import Xrn, hrn_to_urn, get_leaf, urn_to_sliver_id
  12 from sfa.planetlab.plxrn import PlXrn
  13 from sfa.openstack.osxrn import OSXrn, hrn_to_os_slicename
  14 from sfa.util.cache import Cache
  15 from sfa.trust.credential import Credential
  16 # used to be used in get_ticket
  17 #from sfa.trust.sfaticket import SfaTicket
  18
  19 from sfa.rspecs.version_manager import VersionManager
  20 from sfa.rspecs.rspec import RSpec
  21
  22 # the driver interface, mostly provides default behaviours
  23 from sfa.managers.driver import Driver
  24 from sfa.openstack.nova_shell import NovaShell
  25 from sfa.openstack.euca_shell import EucaShell
  26 from sfa.openstack.osaggregate import OSAggregate
  27 from sfa.planetlab.plslices import PlSlices
  28 from sfa.util.osxrn import OSXrn
  29
  30
  31 def list_to_dict(recs, key):
  32     """
  33     convert a list of dictionaries into a dictionary keyed on the
  34     specified dictionary key
  35     """
  36     return dict ( [ (rec[key],rec) for rec in recs ] )
  37
  38 #
  39 # PlShell is just an xmlrpc serverproxy where methods
  40 # can be sent as-is; it takes care of authentication
  41 # from the global config
  42 #
  43 class NovaDriver (Driver):
  44
  45     # the cache instance is a class member so it survives across incoming requests
  46     cache = None
  47
  48     def __init__ (self, config):
  49         Driver.__init__ (self, config)
  50         self.shell = NovaShell (config)
  51         self.euca_shell = EucaShell(config)
  52         self.cache=None
  53         if config.SFA_AGGREGATE_CACHING:
  54             if NovaDriver.cache is None:
  55                 NovaDriver.cache = Cache()
  56             self.cache = NovaDriver.cache
  57
  58     ########################################
  59     ########## registry oriented
  60     ########################################
  61
  62     ########## disabled users
  63     def is_enabled (self, record):
  64         # all records are enabled
  65         return True
  66
  67     def augment_records_with_testbed_info (self, sfa_records):
  68         return self.fill_record_info (sfa_records)
  69
  70     ##########
  71     def register (self, sfa_record, hrn, pub_key):
  72         type = sfa_record['type']
  73
  74         #pl_record = self.sfa_fields_to_pl_fields(type     dd , hrn, sfa_record)
  75
  76         if type == 'slice':
  77             # add slice description, name, researchers, PI
  78             name = hrn_to_os_slicename(hrn)
  79             researchers = sfa_record.get('researchers', [])
  80             pis = sfa_record.get('pis', [])
  81             project_manager = None
  82             description = sfa_record.get('description', None)
  83             if pis:
  84                 project_manager = Xrn(pis[0], 'user').get_leaf()
  85             elif researchers:
  86                 project_manager = Xrn(researchers[0], 'user').get_leaf()
  87             if not project_manager:
  88                 err_string = "Cannot create a project without a project manager. " + \
  89                              "Please specify at least one PI or researcher for project: " + \
  90                              name
  91                 raise SfaInvalidArgument(err_string)
  92
  93             users = [Xrn(user, 'user').get_leaf() for user in \
  94                      pis + researchers]
  95             self.shell.auth_manager.create_project(name, project_manager, description, users)
  96
  97         elif type == 'user':
  98             # add person roles, projects and keys
  99             name = Xrn(hrn).get_leaf()
 100             self.shell.auth_manager.create_user(name)
 101             projects = sfa_records.get('slices', [])
 102             for project in projects:
 103                 project_name = Xrn(project).get_leaf()
 104                 self.shell.auth_manager.add_to_project(name, project_name)
 105             keys = sfa_records.get('keys', [])
 106             for key in keys:
 107                 key_dict = {
 108                     'user_id': name,
 109                     'name': name,
 110                     'public': key,
 111                 }
 112                 self.shell.db.key_pair_create(key_dict)
 113
 114         return name
 115
 116     ##########
 117     # xxx actually old_sfa_record comes filled with plc stuff as well in the original code
 118     def update (self, old_sfa_record, new_sfa_record, hrn, new_key):
 119         type = new_sfa_record['type']
 120
 121         # new_key implemented for users only
 122         if new_key and type not in [ 'user' ]:
 123             raise UnknownSfaType(type)
 124
 125         elif type == "slice":
 126             # can update project manager and description
 127             name = hrn_to_os_slicename(hrn)
 128             researchers = sfa_record.get('researchers', [])
 129             pis = sfa_record.get('pis', [])
 130             project_manager = None
 131             description = sfa_record.get('description', None)
 132             if pis:
 133                 project_manager = Xrn(pis[0], 'user').get_leaf()
 134             elif researchers:
 135                 project_manager = Xrn(researchers[0], 'user').get_leaf()
 136             self.shell.auth_manager.modify_project(name, project_manager, description)
 137
 138         elif type == "user":
 139             # can techinally update access_key and secret_key,
 140             # but that is not in our scope, so we do nothing.
 141             pass
 142         return True
 143
 144
 145     ##########
 146     def remove (self, sfa_record):
 147         type=sfa_record['type']
 148         if type == 'user':
 149             name = Xrn(sfa_record['hrn']).get_leaf()
 150             if self.shell.auth_manager.get_user(name):
 151                 self.shell.auth_manager.delete_user(name)
 152         elif type == 'slice':
 153             name = hrn_to_os_slicename(sfa_record['hrn'])
 154             if self.shell.auth_manager.get_project(name):
 155                 self.shell.auth_manager.delete_project(name)
 156         return True
 157
 158
 159     ####################
 160     def fill_record_info(self, records):
 161         """
 162         Given a (list of) SFA record, fill in the PLC specific
 163         and SFA specific fields in the record.
 164         """
 165         if not isinstance(records, list):
 166             records = [records]
 167
 168         for record in records:
 169             os_record = None
 170             if record['type'] == 'user':
 171                 name = Xrn(record['hrn']).get_leaf()
 172                 os_record = self.shell.auth_manager.get_user(name)
 173                 projects = self.shell.db.project_get_by_user(name)
 174                 record['slices'] = [self.hrn + "." + proj.name for \
 175                                     proj in projects]
 176                 record['roles'] = self.shell.db.user_get_roles(name)
 177                 keys = self.shell.db.key_pair_get_all_by_user(name)
 178                 record['keys'] = [key.public_key for key in keys]
 179             elif record['type'] == 'slice':
 180                 name = hrn_to_os_slicename(record['hrn'])
 181                 os_record = self.shell.auth_manager.get_project(name)
 182                 record['description'] = os_record.description
 183                 record['PI'] = [self.hrn + "." + os_record.project_manager.name]
 184                 record['geni_creator'] = record['PI']
 185                 record['researcher'] = [self.hrn + "." + user for \
 186                                          user in os_record.member_ids]
 187             else:
 188                 continue
 189             record['geni_urn'] = hrn_to_urn(record['hrn'], record['type'])
 190             record['geni_certificate'] = record['gid']
 191             record['name'] = os_record.name
 192             #if os_record.created_at is not None:
 193             #    record['date_created'] = datetime_to_string(utcparse(os_record.created_at))
 194             #if os_record.updated_at is not None:
 195             #    record['last_updated'] = datetime_to_string(utcparse(os_record.updated_at))
 196
 197         return records
 198
 199
 200     ####################
 201     # plcapi works by changes, compute what needs to be added/deleted
 202     def update_relation (self, subject_type, target_type, subject_id, target_ids):
 203         # hard-wire the code for slice/user for now, could be smarter if needed
 204         if subject_type =='slice' and target_type == 'user':
 205             subject=self.shell.project_get(subject_id)[0]
 206             current_target_ids = [user.name for user in subject.members]
 207             add_target_ids = list ( set (target_ids).difference(current_target_ids))
 208             del_target_ids = list ( set (current_target_ids).difference(target_ids))
 209             logger.debug ("subject_id = %s (type=%s)"%(subject_id,type(subject_id)))
 210             for target_id in add_target_ids:
 211                 self.shell.project_add_member(target_id,subject_id)
 212                 logger.debug ("add_target_id = %s (type=%s)"%(target_id,type(target_id)))
 213             for target_id in del_target_ids:
 214                 logger.debug ("del_target_id = %s (type=%s)"%(target_id,type(target_id)))
 215                 self.shell.project_remove_member(target_id, subject_id)
 216         else:
 217             logger.info('unexpected relation to maintain, %s -> %s'%(subject_type,target_type))
 218
 219
 220     ########################################
 221     ########## aggregate oriented
 222     ########################################
 223
 224     def testbed_name (self): return "openstack"
 225
 226     # 'geni_request_rspec_versions' and 'geni_ad_rspec_versions' are mandatory
 227     def aggregate_version (self):
 228         version_manager = VersionManager()
 229         ad_rspec_versions = []
 230         request_rspec_versions = []
 231         for rspec_version in version_manager.versions:
 232             if rspec_version.content_type in ['*', 'ad']:
 233                 ad_rspec_versions.append(rspec_version.to_dict())
 234             if rspec_version.content_type in ['*', 'request']:
 235                 request_rspec_versions.append(rspec_version.to_dict())
 236         return {
 237             'testbed':self.testbed_name(),
 238             'geni_request_rspec_versions': request_rspec_versions,
 239             'geni_ad_rspec_versions': ad_rspec_versions,
 240             }
 241
 242     def list_slices (self, creds, options):
 243         # look in cache first
 244         if self.cache:
 245             slices = self.cache.get('slices')
 246             if slices:
 247                 logger.debug("OpenStackDriver.list_slices returns from cache")
 248                 return slices
 249
 250         # get data from db
 251         projs = self.shell.auth_manager.get_projects()
 252         slice_urns = [OSXrn(proj.name, 'slice').urn for proj in projs]
 253
 254         # cache the result
 255         if self.cache:
 256             logger.debug ("OpenStackDriver.list_slices stores value in cache")
 257             self.cache.add('slices', slice_urns)
 258
 259         return slice_urns
 260
 261     # first 2 args are None in case of resource discovery
 262     def list_resources (self, slice_urn, slice_hrn, creds, options):
 263         cached_requested = options.get('cached', True)
 264
 265         version_manager = VersionManager()
 266         # get the rspec's return format from options
 267         rspec_version = version_manager.get_version(options.get('geni_rspec_version'))
 268         version_string = "rspec_%s" % (rspec_version)
 269
 270         #panos adding the info option to the caching key (can be improved)
 271         if options.get('info'):
 272             version_string = version_string + "_"+options.get('info', 'default')
 273
 274         # look in cache first
 275         if cached_requested and self.cache and not slice_hrn:
 276             rspec = self.cache.get(version_string)
 277             if rspec:
 278                 logger.debug("OpenStackDriver.ListResources: returning cached advertisement")
 279                 return rspec
 280
 281         #panos: passing user-defined options
 282         #print "manager options = ",options
 283         aggregate = OSAggregate(self)
 284         rspec =  aggregate.get_rspec(slice_xrn=slice_urn, version=rspec_version,
 285                                      options=options)
 286
 287         # cache the result
 288         if self.cache and not slice_hrn:
 289             logger.debug("OpenStackDriver.ListResources: stores advertisement in cache")
 290             self.cache.add(version_string, rspec)
 291
 292         return rspec
 293
 294     def sliver_status (self, slice_urn, slice_hrn):
 295         # find out where this slice is currently running
 296         project_name = hrn_to_os_slicename(slice_hrn)
 297         project = self.shell.auth_manager.get_project(project_name)
 298         instances = self.shell.db.instance_get_all_by_project(project_name)
 299         if len(instances) == 0:
 300             raise SliverDoesNotExist("You have not allocated any slivers here")
 301
 302         result = {}
 303         top_level_status = 'unknown'
 304         if instances:
 305             top_level_status = 'ready'
 306         result['geni_urn'] = slice_urn
 307         result['plos_login'] = 'root'
 308         result['plos_expires'] = None
 309
 310         resources = []
 311         for instance in instances:
 312             res = {}
 313             # instances are accessed by ip, not hostname. We need to report the ip
 314             # somewhere so users know where to ssh to.
 315             res['plos_hostname'] = instance.hostname
 316             res['plos_created_at'] = datetime_to_string(utcparse(instance.created_at))
 317             res['plos_boot_state'] = instance.vm_state
 318             res['plos_sliver_type'] = instance.instance_type.name
 319             sliver_id =  Xrn(slice_urn).get_sliver_id(instance.project_id, \
 320                                                       instance.hostname, instance.id)
 321             res['geni_urn'] = sliver_id
 322
 323             if instance.vm_state == 'running':
 324                 res['boot_state'] = 'ready';
 325             else:
 326                 res['boot_state'] = 'unknown'
 327             resources.append(res)
 328
 329         result['geni_status'] = top_level_status
 330         result['geni_resources'] = resources
 331         return result
 332
 333     def create_sliver (self, slice_urn, slice_hrn, creds, rspec_string, users, options):
 334
 335         aggregate = OSAggregate(self)
 336         rspec = RSpec(rspec_string)
 337         instance_name = hrn_to_os_slicename(slice_hrn)
 338
 339         # assume first user is the caller and use their context
 340         # for the ec2/euca api connection. Also, use the first users
 341         # key as the project key.
 342         key_name = None
 343         if len(users) > 1:
 344             key_name = aggregate.create_instance_key(slice_hrn, users[0])
 345
 346         # collect public keys
 347         pubkeys = []
 348         for user in users:
 349             pubkeys.extend(user['keys'])
 350
 351         aggregate.run_instances(instance_name, rspec_string, key_name, pubkeys)
 352
 353         return aggregate.get_rspec(slice_xrn=slice_urn, version=rspec.version)
 354
 355     def delete_sliver (self, slice_urn, slice_hrn, creds, options):
 356         aggregate = OSAggregate(self)
 357         project_name = hrn_to_os_slicename(slice_hrn)
 358         return aggregate.delete_instances(project_name)
 359
 360     def update_sliver(self, slice_urn, slice_hrn, rspec, creds, options):
 361         name = hrn_to_os_slicename(slice_hrn)
 362         aggregate = OSAggregate(self)
 363         return aggregate.update_instances(name)
 364
 365     def renew_sliver (self, slice_urn, slice_hrn, creds, expiration_time, options):
 366         return True
 367
 368     def start_slice (self, slice_urn, slice_hrn, creds):
 369         return 1
 370
 371     def stop_slice (self, slice_urn, slice_hrn, creds):
 372         name = OSXrn(xrn=slice_urn).name
 373         aggregate = OSAggregate(self)
 374         return aggregate.stop_instances(name)
 375
 376     def reset_slice (self, slice_urn, slice_hrn, creds):
 377         raise SfaNotImplemented ("reset_slice not available at this interface")
 378
 379     # xxx this code is quite old and has not run for ages
 380     # it is obviously totally broken and needs a rewrite
 381     def get_ticket (self, slice_urn, slice_hrn, creds, rspec_string, options):
 382         raise SfaNotImplemented,"OpenStackDriver.get_ticket needs a rewrite"
 383 # please keep this code for future reference
 384 #        slices = PlSlices(self)
 385 #        peer = slices.get_peer(slice_hrn)
 386 #        sfa_peer = slices.get_sfa_peer(slice_hrn)
 387 #
 388 #        # get the slice record
 389 #        credential = api.getCredential()
 390 #        interface = api.registries[api.hrn]
 391 #        registry = api.server_proxy(interface, credential)
 392 #        records = registry.Resolve(xrn, credential)
 393 #
 394 #        # make sure we get a local slice record
 395 #        record = None
 396 #        for tmp_record in records:
 397 #            if tmp_record['type'] == 'slice' and \
 398 #               not tmp_record['peer_authority']:
 399 #    #Error (E0602, GetTicket): Undefined variable 'SliceRecord'
 400 #                slice_record = SliceRecord(dict=tmp_record)
 401 #        if not record:
 402 #            raise RecordNotFound(slice_hrn)
 403 #
 404 #        # similar to CreateSliver, we must verify that the required records exist
 405 #        # at this aggregate before we can issue a ticket
 406 #        # parse rspec
 407 #        rspec = RSpec(rspec_string)
 408 #        requested_attributes = rspec.version.get_slice_attributes()
 409 #
 410 #        # ensure site record exists
 411 #        site = slices.verify_site(slice_hrn, slice_record, peer, sfa_peer)
 412 #        # ensure slice record exists
 413 #        slice = slices.verify_slice(slice_hrn, slice_record, peer, sfa_peer)
 414 #        # ensure person records exists
 415 #    # xxx users is undefined in this context
 416 #        persons = slices.verify_persons(slice_hrn, slice, users, peer, sfa_peer)
 417 #        # ensure slice attributes exists
 418 #        slices.verify_slice_attributes(slice, requested_attributes)
 419 #
 420 #        # get sliver info
 421 #        slivers = slices.get_slivers(slice_hrn)
 422 #
 423 #        if not slivers:
 424 #            raise SliverDoesNotExist(slice_hrn)
 425 #
 426 #        # get initscripts
 427 #        initscripts = []
 428 #        data = {
 429 #            'timestamp': int(time.time()),
 430 #            'initscripts': initscripts,
 431 #            'slivers': slivers
 432 #        }
 433 #
 434 #        # create the ticket
 435 #        object_gid = record.get_gid_object()
 436 #        new_ticket = SfaTicket(subject = object_gid.get_subject())
 437 #        new_ticket.set_gid_caller(api.auth.client_gid)
 438 #        new_ticket.set_gid_object(object_gid)
 439 #        new_ticket.set_issuer(key=api.key, subject=self.hrn)
 440 #        new_ticket.set_pubkey(object_gid.get_pubkey())
 441 #        new_ticket.set_attributes(data)
 442 #        new_ticket.set_rspec(rspec)
 443 #        #new_ticket.set_parent(api.auth.hierarchy.get_auth_ticket(auth_hrn))
 444 #        new_ticket.encode()
 445 #        new_ticket.sign()
 446 #
 447 #        return new_ticket.save_to_string(save_parents=True)