import datetime
#
from sfa.util.faults import MissingSfaInfo, UnknownSfaType, \
- RecordNotFound, SfaNotImplemented, SliverDoesNotExist, SearchFailed
+ RecordNotFound, SfaNotImplemented, SliverDoesNotExist, SearchFailed, \
+ UnsupportedOperation, Forbidden
from sfa.util.sfalogging import logger
from sfa.util.defaultdict import defaultdict
from sfa.util.sfatime import utcparse, datetime_to_string, datetime_to_epoch
# one would think the driver should not need to mess with the SFA db, but..
from sfa.storage.alchemy import dbsession
-from sfa.storage.model import RegRecord
+from sfa.storage.model import RegRecord, SliverAllocation
+from sfa.trust.credential import Credential
# used to be used in get_ticket
#from sfa.trust.sfaticket import SfaTicket
if PlDriver.cache is None:
PlDriver.cache = Cache()
self.cache = PlDriver.cache
+
+ def sliver_to_slice_xrn(self, xrn):
+ sliver_id_parts = Xrn(xrn).get_sliver_id_parts()
+ filter = {}
+ try:
+ filter['slice_id'] = int(sliver_id_parts[0])
+ except ValueError:
+ fliter['name'] = sliver_id_parts[0]
+ slices = self.shell.GetSlices(filter)
+ if not slices:
+ raise Forbidden("Unable to locate slice record for sliver: %s" % xrn)
+ slice = slices[0]
+ slice_xrn = PlXrn(auth=self.hrn, slicename=slice['name'])
+ return slice_xrn
+ def check_sliver_credentials(self, creds, urns):
+ # build list of cred object hrns
+ slice_cred_names = []
+ for cred in creds:
+ slice_cred_hrn = Credential(cred=cred).get_gid_object().get_hrn()
+ slice_cred_names.append(PlXrn(xrn=slice_cred_hrn).pl_slicename())
+
+ # look up slice name of slivers listed in urns arg
+ slice_ids = []
+ for urn in urns:
+ sliver_id_parts = Xrn(xrn=urn).get_sliver_id_parts()
+ try:
+ slice_ids.append(int(sliver_id_parts[0]))
+ except ValueError:
+ pass
+
+ if not slice_ids:
+ raise Forbidden("sliver urn not provided")
+
+ slices = self.shell.GetSlices(slice_ids)
+ sliver_names = [slice['name'] for slice in slices]
+
+ # make sure we have a credential for every specified sliver ierd
+ for sliver_name in sliver_names:
+ if sliver_name not in slice_cred_names:
+ msg = "Valid credential not found for target: %s" % sliver_name
+ raise Forbidden(msg)
+
########################################
########## registry oriented
########################################
if not persons:
for key in ['first_name','last_name']:
if key not in sfa_record: sfa_record[key]='*from*sfa*'
- pointer = self.shell.AddPerson(dict(sfa_record))
+ # AddPerson does not allow everything to be set
+ can_add = ['first_name', 'last_name', 'title','email', 'password', 'phone', 'url', 'bio']
+ add_person_dict=dict ( [ (k,sfa_record[k]) for k in sfa_record if k in can_add ] )
+ pointer = self.shell.AddPerson(add_person_dict)
else:
pointer = persons[0]['person_id']
self.shell.AddPersonKey(pointer, {'key_type' : 'ssh', 'key' : pub_key})
elif type == 'node':
- login_base = PlXrn(xrn=sfa_record['authority'],type='node').pl_login_base()
+ login_base = PlXrn(xrn=sfa_record['authority'],type='authority').pl_login_base()
nodes = self.shell.GetNodes([pl_record['hostname']])
if not nodes:
pointer = self.shell.AddNode(login_base, pl_record)
def update (self, old_sfa_record, new_sfa_record, hrn, new_key):
pointer = old_sfa_record['pointer']
type = old_sfa_record['type']
+ new_key_pointer = None
# new_key implemented for users only
if new_key and type not in [ 'user' ]:
keys = person['key_ids']
keys = self.shell.GetKeys(person['key_ids'])
- # Delete all stale keys
key_exists = False
for key in keys:
- if new_key != key['key']:
- self.shell.DeleteKey(key['key_id'])
- else:
+ if new_key == key['key']:
key_exists = True
+ new_key_pointer = key['key_id']
+ break
if not key_exists:
- self.shell.AddPersonKey(pointer, {'key_type': 'ssh', 'key': new_key})
+ new_key_pointer = self.shell.AddPersonKey(pointer, {'key_type': 'ssh', 'key': new_key})
elif type == "node":
self.shell.UpdateNode(pointer, new_sfa_record)
- return True
+ return (pointer, new_key_pointer)
##########
def status (self, urns, options={}):
aggregate = PlAggregate(self)
desc = aggregate.describe(urns)
- return desc['geni_slivers']
+ status = {'geni_urn': desc['geni_urn'],
+ 'geni_slivers': desc['geni_slivers']}
+ return status
- # find out where this slice is currently running
- slicename = hrn_to_pl_slicename(slice_hrn)
-
- slices = self.shell.GetSlices([slicename], ['slice_id', 'node_ids','person_ids','name','expires'])
- if len(slices) == 0:
- raise SliverDoesNotExist("%s (used %s as slicename internally)" % (slice_hrn, slicename))
- slice = slices[0]
-
- # report about the local nodes only
- nodes = self.shell.GetNodes({'node_id':slice['node_ids'],'peer_id':None},
- ['node_id', 'hostname', 'site_id', 'boot_state', 'last_contact'])
-
- if len(nodes) == 0:
- raise SliverDoesNotExist("You have not allocated any slivers here")
-
- # get login info
- user = {}
- if slice['person_ids']:
- persons = self.shell.GetPersons(slice['person_ids'], ['key_ids'])
- key_ids = [key_id for person in persons for key_id in person['key_ids']]
- person_keys = self.shell.GetKeys(key_ids)
- keys = [key['key'] for key in person_keys]
-
- user.update({'urn': slice_urn,
- 'login': slice['name'],
- 'protocol': ['ssh'],
- 'port': ['22'],
- 'keys': keys})
-
- site_ids = [node['site_id'] for node in nodes]
-
- result = {}
- result['geni_urn'] = slice_urn
- result['pl_login'] = slice['name']
- result['pl_expires'] = datetime_to_string(utcparse(slice['expires']))
- result['geni_expires'] = datetime_to_string(utcparse(slice['expires']))
-
- resources = []
- for node in nodes:
- res = {}
- res['pl_hostname'] = node['hostname']
- res['pl_boot_state'] = node['boot_state']
- res['pl_last_contact'] = node['last_contact']
- res['geni_expires'] = datetime_to_string(utcparse(slice['expires']))
- if node['last_contact'] is not None:
-
- res['pl_last_contact'] = datetime_to_string(utcparse(node['last_contact']))
- sliver_id = "%s:%s" % (slice['slice_id'], node['node_id'])
- sliver_xrn = Xrn(slice_urn, id = sliver_id)
- sliver_xrn.set_authority(self.hrn)
- res['geni_urn'] = sliver_xrn.get_urn()
- if node['boot_state'] == 'boot':
- res['geni_status'] = 'ready'
- else:
- res['geni_status'] = 'failed'
- res['geni_allocation_status'] = 'geni_provisioned'
-
- res['geni_error'] = ''
- res['users'] = [user]
- resources.append(res)
-
- result['geni_resources'] = resources
- return result
-
- def allocate (self, urn, rspec_string, options={}):
+ def allocate (self, urn, rspec_string, expiration, options={}):
xrn = Xrn(urn)
aggregate = PlAggregate(self)
slices = PlSlices(self)
# ensure site record exists
site = slices.verify_site(xrn.hrn, slice_record, peer, sfa_peer, options=options)
# ensure slice record exists
- slice = slices.verify_slice(xrn.hrn, slice_record, peer, sfa_peer, options=options)
+ slice = slices.verify_slice(xrn.hrn, slice_record, peer, sfa_peer, expiration=expiration, options=options)
# ensure person records exists
- persons = slices.verify_persons(xrn.hrn, slice, users, peer, sfa_peer, options=options)
+ #persons = slices.verify_persons(xrn.hrn, slice, users, peer, sfa_peer, options=options)
# ensure slice attributes exists
slices.verify_slice_attributes(slice, requested_attributes, options=options)
-
+
# add/remove slice from nodes
- requested_slivers = []
- for node in rspec.version.get_nodes_with_slivers():
- hostname = None
- if node.get('component_name'):
- hostname = node.get('component_name').strip()
- elif node.get('component_id'):
- hostname = xrn_to_hostname(node.get('component_id').strip())
- if hostname:
- requested_slivers.append(hostname)
- nodes = slices.verify_slice_nodes(slice, requested_slivers, peer)
-
+ request_nodes = rspec.version.get_nodes_with_slivers()
+ nodes = slices.verify_slice_nodes(urn, slice, request_nodes, peer)
+
# add/remove links links
slices.verify_slice_links(slice, rspec.version.get_link_requests(), nodes)
# add/remove leases
- requested_leases = []
- kept_leases = []
- for lease in rspec.version.get_leases():
- requested_lease = {}
- if not lease.get('lease_id'):
- requested_lease['hostname'] = xrn_to_hostname(lease.get('component_id').strip())
- requested_lease['start_time'] = lease.get('start_time')
- requested_lease['duration'] = lease.get('duration')
- else:
- kept_leases.append(int(lease['lease_id']))
- if requested_lease.get('hostname'):
- requested_leases.append(requested_lease)
+ try:
+ rspec_requested_leases = rspec.version.get_leases()
+ leases = slices.verify_slice_leases(slice, rspec_requested_leases, peer)
+ except:
+ pass
- leases = slices.verify_slice_leases(slice, requested_leases, kept_leases, peer)
-
# handle MyPLC peer association.
# only used by plc and ple.
- slices.handle_peer(site, slice, persons, peer)
+ slices.handle_peer(site, slice, None, peer)
return aggregate.describe([xrn.get_urn()], version=rspec.version)
def provision(self, urns, options={}):
- return self.describe(urns, None, options=options)
+ # update users
+ slices = PlSlices(self)
+ aggregate = PlAggregate(self)
+ slivers = aggregate.get_slivers(urns)
+ slice = slivers[0]
+ peer = slices.get_peer(slice['hrn'])
+ sfa_peer = slices.get_sfa_peer(slice['hrn'])
+ users = options.get('geni_users', [])
+ persons = slices.verify_persons(None, slice, users, peer, sfa_peer, options=options)
+ slices.handle_peer(None, None, persons, peer)
+ # update sliver allocation states and set them to geni_provisioned
+ sliver_ids = [sliver['sliver_id'] for sliver in slivers]
+ SliverAllocation.set_allocations(sliver_ids, 'geni_provisioned')
+ version_manager = VersionManager()
+ rspec_version = version_manager.get_version(options['geni_rspec_version'])
+ return self.describe(urns, rspec_version, options=options)
def delete(self, urns, options={}):
- names = []
- ids = []
- for urn in urns:
- xrn = PlXrn(xrn=urn, type='slice')
- names.append(xrn.pl_slicename())
- if xrn.id:
- ids.append(xrn.id)
- slices = self.shell.GetSlices({'name': names})
- if not slices:
- raise SearchFailed(urns)
- slice = slices[0]
- if ids:
- node_ids = ids
- else:
- node_ids = slice['node_ids']
- slice_hrn = PlXrn(auth=self.hrn, slicename=slice['name']).get_hrn()
- # determine if this is a peer slice
- # xxx I wonder if this would not need to use PlSlices.get_peer instead
- # in which case plc.peers could be deprecated as this here
- # is the only/last call to this last method in plc.peers
- peer = peers.get_peer(self, slice_hrn)
- try:
- if peer:
- self.shell.UnBindObjectFromPeer('slice', slice['slice_id'], peer)
- self.shell.DeleteSliceFromNodes(slice['slice_id'], node_ids)
- finally:
- if peer:
- self.shell.BindObjectToPeer('slice', slice['slice_id'], peer, slice['peer_slice_id'])
- return True
-
+ # collect sliver ids so we can update sliver allocation states after
+ # we remove the slivers.
+ aggregate = PlAggregate(self)
+ slivers = aggregate.get_slivers(urns)
+ if slivers:
+ slice_id = slivers[0]['slice_id']
+ node_ids = []
+ sliver_ids = []
+ for sliver in slivers:
+ node_ids.append(sliver['node_id'])
+ sliver_ids.append(sliver['sliver_id'])
+
+ # determine if this is a peer slice
+ # xxx I wonder if this would not need to use PlSlices.get_peer instead
+ # in which case plc.peers could be deprecated as this here
+ # is the only/last call to this last method in plc.peers
+ slice_hrn = PlXrn(auth=self.hrn, slicename=slivers[0]['name']).get_hrn()
+ peer = peers.get_peer(self, slice_hrn)
+ try:
+ if peer:
+ self.shell.UnBindObjectFromPeer('slice', slice_id, peer)
+
+ self.shell.DeleteSliceFromNodes(slice_id, node_ids)
+
+ # delete sliver allocation states
+ SliverAllocation.delete_allocations(sliver_ids)
+ finally:
+ if peer:
+ self.shell.BindObjectToPeer('slice', slice_id, peer, slice['peer_slice_id'])
+
+ # prepare return struct
+ geni_slivers = []
+ for sliver in slivers:
+ geni_slivers.append(
+ {'geni_sliver_urn': sliver['sliver_id'],
+ 'geni_allocation_status': 'geni_unallocated',
+ 'geni_expires': datetime_to_string(utcparse(sliver['expires']))})
+ return geni_slivers
+
def renew (self, urns, expiration_time, options={}):
- # we can only renew slices, not individual slivers. ignore sliver
- # ids in the urn
- names = []
- for urn in urns:
- xrn = PlXrn(xrn=urn, type='slice')
- names.append(xrn.pl_slicename())
- slices = self.shell.GetSlices(names, ['slice_id'])
- if not slices:
+ aggregate = PlAggregate(self)
+ slivers = aggregate.get_slivers(urns)
+ if not slivers:
raise SearchFailed(urns)
- slice = slices[0]
+ slice = slivers[0]
requested_time = utcparse(expiration_time)
record = {'expires': int(datetime_to_epoch(requested_time))}
- try:
- self.shell.UpdateSlice(slice['slice_id'], record)
- return True
- except:
- return False
+ self.shell.UpdateSlice(slice['slice_id'], record)
+ description = self.describe(urns, None, options)
+ return description['geni_slivers']
+
def perform_operational_action (self, urns, action, options={}):
# MyPLC doesn't support operational actions. Lets pretend like it
# supports start, but reject everything else.
action = action.lower()
- if action == 'geni_start':
- pass
- else:
+ if action not in ['geni_start']:
raise UnsupportedOperation(action)
+
+ # fault if sliver is not full allocated (operational status is geni_pending_allocation)
description = self.describe(urns, None, options)
- return description['geni_slivers']
+ for sliver in description['geni_slivers']:
+ if sliver['geni_operational_status'] == 'geni_pending_allocation':
+ raise UnsupportedOperation(action, "Sliver must be fully allocated (operational status is not geni_pending_allocation)")
+ #
+ # Perform Operational Action Here
+ #
+
+ geni_slivers = self.describe(urns, None, options)['geni_slivers']
+ return geni_slivers
# set the 'enabled' tag to 0
def shutdown (self, xrn, options={}):