4 from sfa.client.sfaserverproxy import SfaServerProxy
5 from sfa.planetlab.nodemanager import NodeManager
7 from sfa.trust.credential import Credential
8 from sfa.trust.certificate import Certificate, Keypair
9 from sfa.trust.gid import GID
14 class PlComponentDriver:
16 This class is the type for the toplevel 'api' object
17 when running the component manager inside a planetlab node.
18 As such it runs an SFA-compliant interface and thus inherits SfaApi
19 However the fact that we run inside a planetlab nodes requires
20 some tweaks as compared with a service running in the infrastructure.
23 def __init__(self, config):
24 self.nodemanager = NodeManager(config)
26 def sliver_exists(self):
27 sliver_dict = self.nodemanager.GetXIDs()
28 # xxx slicename is undefined
29 if slicename in sliver_dict.keys():
34 def get_registry(self):
35 addr, port = self.config.SFA_REGISTRY_HOST, self.config.SFA_REGISTRY_PORT
36 url = "http://%(addr)s:%(port)s" % locals()
37 # xxx this would require access to the api...
38 server = SfaServerProxy(url, self.key_file, self.cert_file)
41 def get_node_key(self):
42 # this call requires no authentication,
43 # so we can generate a random keypair here
45 (kfd, keyfile) = tempfile.mkstemp()
46 (cfd, certfile) = tempfile.mkstemp()
47 key = Keypair(create=True)
48 key.save_to_file(keyfile)
49 cert = Certificate(subject=subject)
50 cert.set_issuer(key=key, subject=subject)
53 cert.save_to_file(certfile)
54 registry = self.get_registry()
55 # the registry will scp the key onto the node
56 registry.get_key_from_incoming_ip()
58 # override the method in SfaApi
59 def getCredential(self):
61 Get our credential from a remote registry
63 path = self.config.SFA_DATA_DIR
64 config_dir = self.config.config_path
65 cred_filename = path + os.sep + 'node.cred'
67 credential = Credential(filename=cred_filename)
68 return credential.save_to_string(save_parents=True)
70 node_pkey_file = config_dir + os.sep + "node.key"
71 node_gid_file = config_dir + os.sep + "node.gid"
72 cert_filename = path + os.sep + 'server.cert'
73 if not os.path.exists(node_pkey_file) or \
74 not os.path.exists(node_gid_file):
78 gid = GID(filename=node_gid_file)
80 # get credential from registry
81 cert_str = Certificate(
82 filename=cert_filename).save_to_string(save_parents=True)
83 registry = self.get_registry()
84 cred = registry.GetSelfCredential(cert_str, hrn, 'node')
85 # xxx credfile is undefined
86 Credential(string=cred).save_to_file(credfile, save_parents=True)
90 def clean_key_cred(self):
92 remove the existing keypair and cred and generate new ones
94 files = ["server.key", "server.cert", "node.cred"]
96 # xxx KEYDIR is undefined, could be meant to be "/var/lib/sfa/"
97 # from sfa_component_setup.py
98 filepath = KEYDIR + os.sep + f
99 if os.path.isfile(filepath):
102 # install the new key pair
103 # GetCredential will take care of generating the new keypair