8 # This wrapper implements the Geni Registry and Slice Interfaces on PLC.
9 # Depending on command line options, it starts some combination of a
10 # Registry, an Aggregate Manager, and a Slice Manager.
12 # There are several items that need to be done before starting the wrapper
15 # NOTE: Many configuration settings, including the PLC maintenance account
16 # credentials, URI of the PLCAPI, and PLC DB URI and admin credentials are initialized
17 # from your MyPLC configuration (/etc/planetlab/plc_config*). Please make sure this information
18 # is up to date and accurate.
20 # 1) Import the existing planetlab database, creating the
21 # appropriate geni records. This is done by running the "sfa-import-plc.py" tool.
23 # 2) Create a "trusted_roots" directory and place the certificate of the root
24 # authority in that directory. Given the defaults in sfa-import-plc.py, this
25 # certificate would be named "planetlab.gid". For example,
27 # mkdir trusted_roots; cp authorities/planetlab.gid trusted_roots/
29 # TODO: Can all three servers use the same "registry" certificate?
32 # TCP ports for the three servers
40 from optparse import OptionParser
41 from sfa.trust.trustedroot import TrustedRootList
42 from sfa.trust.certificate import Keypair, Certificate
43 from sfa.trust.hierarchy import Hierarchy
44 from sfa.util.config import Config
45 from sfa.util.report import trace
47 # after http://www.erlenstar.demon.co.uk/unix/faq_2.html
49 """Daemonize the current process."""
50 if os.fork() != 0: os._exit(0)
52 if os.fork() != 0: os._exit(0)
54 devnull = os.open(os.devnull, os.O_RDWR)
56 # xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull
57 crashlog = os.open('/var/log/sfa.daemon', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
61 def init_server_key(server_key_file, server_cert_file, config, hierarchy):
63 subject = config.SFA_INTERFACE_HRN
64 # check if the server's private key exists. If it doesnt,
65 # get the right one from the authorities directory. If it cant be
66 # found in the authorities directory, generate a random one
67 if not os.path.exists(server_key_file):
68 hrn = config.SFA_INTERFACE_HRN.lower()
69 hrn_parts = hrn.split(".")
71 pkey_filename = hrn+".pkey"
73 # sub authority's have "." in their hrn. This must
74 # be converted to os.path separator
75 if len(hrn_parts) > 0:
76 rel_key_path = hrn.replace(".", os.sep)
77 pkey_filename= hrn_parts[-1]+".pkey"
79 key_file = os.sep.join([hierarchy.basedir, rel_key_path, pkey_filename])
80 if not os.path.exists(key_file):
81 # if it doesnt exist then this is probably a fresh interface
82 # with no records. Generate a random keypair for now
83 trace("server's public key not found in %s" % key_file)
84 trace("generating a random server key pair")
85 key = Keypair(create=True)
86 key.save_to_file(server_key_file)
87 cert = Certificate(subject=subject)
88 cert.set_issuer(key=key, subject=subject)
91 cert.save_to_file(server_cert_file, save_parents=True)
94 # the pkey was found in the authorites directory. lets
95 # copy it to where the server key should be and generate
97 key = Keypair(filename=key_file)
98 key.save_to_file(server_key_file)
99 cert = Certificate(subject=subject)
100 cert.set_issuer(key=key, subject=subject)
103 cert.save_to_file(server_cert_file, save_parents=True)
106 # If private key exists and cert doesnt, recreate cert
107 if (os.path.exists(server_key_file)) and (not os.path.exists(server_cert_file)):
108 key = Keypair(filename=server_key_file)
109 cert = Certificate(subject=subject)
110 cert.set_issuer(key=key, subject=subject)
113 cert.save_to_file(server_cert_file)
116 # xxx get rid of globals - name consistently CamelCase or under_score
120 global aggregate_port
123 # Generate command line parser
124 parser = OptionParser(usage="sfa-server [options]")
125 parser.add_option("-r", "--registry", dest="registry", action="store_true",
126 help="run registry server", default=False)
127 parser.add_option("-s", "--slicemgr", dest="sm", action="store_true",
128 help="run slice manager", default=False)
129 parser.add_option("-a", "--aggregate", dest="am", action="store_true",
130 help="run aggregate manager", default=False)
131 parser.add_option("-c", "--component", dest="cm", action="store_true",
132 help="run component server", default=False)
133 parser.add_option("-v", "--verbose", dest="verbose", action="store_true",
134 help="verbose mode", default=False)
135 parser.add_option("-d", "--daemon", dest="daemon", action="store_true",
136 help="Run as daemon.", default=False)
137 (options, args) = parser.parse_args()
139 if (options.daemon): daemon()
142 hierarchy = Hierarchy()
143 trusted_roots = TrustedRootList(config.get_trustedroots_dir())
144 server_key_file = os.path.join(hierarchy.basedir, "server.key")
145 server_cert_file = os.path.join(hierarchy.basedir, "server.cert")
147 init_server_key(server_key_file, server_cert_file, config, hierarchy)
149 # start registry server
150 if (options.registry):
151 from sfa.server.registry import Registry
152 r = Registry("", registry_port, server_key_file, server_cert_file)
155 # start aggregate manager
157 from sfa.server.aggregate import Aggregate
158 a = Aggregate("", aggregate_port, server_key_file, server_cert_file)
161 # start slice manager
163 from sfa.server.slicemgr import SliceMgr
164 s = SliceMgr("", slicemgr_port, server_key_file, server_cert_file)
168 from sfa.server.component import Component
169 c = Component("", component_port, server_key_file, server_cert_file)
172 if __name__ == "__main__":