git://git.onelab.eu / nodemanager.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
blind and brutal 2to3
[nodemanager.git] / plugins / sfagids.py
diff --git a/plugins/sfagids.py b/plugins/sfagids.py
index 9b23fd5..a3e1813 100644 (file)
--- a/plugins/sfagids.py
+++ b/plugins/sfagids.py
@@ -1,17 +1,18 @@
 #!/usr/bin/python -tt
 # vim:set ts=4 sw=4 expandtab:
 #
 #!/usr/bin/python -tt
 # vim:set ts=4 sw=4 expandtab:
 #
-# $Id$
-# $URL$
-#
 # NodeManager plugin for installing SFA GID's in slivers
 # 
 
 import os
 # NodeManager plugin for installing SFA GID's in slivers
 # 
 
 import os
+import sys
+sys.path.append('/usr/share/NodeManager')
 import logger
 import logger
+import traceback
+import tempfile
 try:
     from sfa.util.namespace import *
 try:
     from sfa.util.namespace import *
-    from sfa.util.config import Config
+    from sfa.util.config import Config as SfaConfig
     import sfa.util.xmlrpcprotocol as xmlrpcprotocol
     from sfa.trust.certificate import Keypair, Certificate
     from sfa.trust.credential import Credential
     import sfa.util.xmlrpcprotocol as xmlrpcprotocol
     from sfa.trust.certificate import Keypair, Certificate
     from sfa.trust.credential import Credential
@@ -26,22 +27,26 @@ def start():
     logger.log("sfagid: plugin starting up ...")
     if not sfa:
         return
     logger.log("sfagid: plugin starting up ...")
     if not sfa:
         return
-    api = ComponentAPI()
-    api.get_node_key()
+    try:
+        keyfile, certfile = get_keypair(None)
+        api = ComponentAPI(key_file=keyfile, cert_file=certfile)
+        api.get_node_key()
+    except:
+        return
 
 def GetSlivers(data, config=None, plc=None):
     if not sfa:
         return 
 
     keyfile, certfile = get_keypair(config)
 
 def GetSlivers(data, config=None, plc=None):
     if not sfa:
         return 
 
     keyfile, certfile = get_keypair(config)
-    api = ComponentAPI(keyfile=keyfile, certfile=certfile)
+    api = ComponentAPI(key_file=keyfile, cert_file=certfile)
     slivers = [sliver['name'] for sliver in data['slivers']]
     install_gids(api, slivers)
     install_trusted_certs(api)
     
 def install_gids(api, slivers):
     # install node gid
     slivers = [sliver['name'] for sliver in data['slivers']]
     install_gids(api, slivers)
     install_trusted_certs(api)
     
 def install_gids(api, slivers):
     # install node gid
-    node_gid_path = config_dir + os.sep + "node.gid"
+    node_gid_file = api.config.config_path + os.sep + "node.gid"
     node_gid = GID(filename=node_gid_file)
     node_gid_str = node_gid.save_to_string(save_parents=True)    
     node_hrn = node_gid.get_hrn()    
     node_gid = GID(filename=node_gid_file)
     node_gid_str = node_gid.save_to_string(save_parents=True)    
     node_hrn = node_gid.get_hrn()    
@@ -50,7 +55,7 @@ def install_gids(api, slivers):
     interface_hrn = api.config.SFA_INTERFACE_HRN
     slice_gids = {}
     node_gids = {}
     interface_hrn = api.config.SFA_INTERFACE_HRN
     slice_gids = {}
     node_gids = {}
-    for sliver in slivers:
+    for slicename in slivers:
         slice_gid_filename = "/vservers/%s/etc/slice.gid" % slicename
         node_gid_filename = "/vservers/%s/etc/node.gid" % slicename
         if os.path.isfile(slice_gid_filename):
         slice_gid_filename = "/vservers/%s/etc/slice.gid" % slicename
         node_gid_filename = "/vservers/%s/etc/node.gid" % slicename
         if os.path.isfile(slice_gid_filename):
@@ -69,7 +74,8 @@ def install_gids(api, slivers):
     # get current gids from registry
     cred = api.getCredential()
     registry = api.get_registry()
     # get current gids from registry
     cred = api.getCredential()
     registry = api.get_registry()
-    records = registry.GetGids(cred, hrns)
+    #records = registry.GetGids(cred, hrns)
+    records = registry.get_gids(cred, hrns)
     for record in records:
         # skip if this isnt a slice record 
         if not record['type'] == 'slice':
     for record in records:
         # skip if this isnt a slice record 
         if not record['type'] == 'slice':
@@ -103,7 +109,7 @@ def install_trusted_certs(api):
         trusted_gid_names.append(relative_filename)
         gid_filename = trusted_certs_dir + os.sep + relative_filename
         if verbose:
         trusted_gid_names.append(relative_filename)
         gid_filename = trusted_certs_dir + os.sep + relative_filename
         if verbose:
-            print "Writing GID for %s as %s" % (gid.get_hrn(), gid_filename)
+            print("Writing GID for %s as %s" % (gid.get_hrn(), gid_filename))
         gid.save_to_file(gid_filename, save_parents=True)
 
     # remove old certs
         gid.save_to_file(gid_filename, save_parents=True)
 
     # remove old certs
@@ -111,13 +117,15 @@ def install_trusted_certs(api):
     for gid_name in all_gids_names:
         if gid_name not in trusted_gid_names:
             if verbose:
     for gid_name in all_gids_names:
         if gid_name not in trusted_gid_names:
             if verbose:
-                print "Removing old gid ", gid_name
+                print("Removing old gid ", gid_name)
             os.unlink(trusted_certs_dir + os.sep + gid_name)
     
 
             os.unlink(trusted_certs_dir + os.sep + gid_name)
     
 
+
+
 def get_keypair(config = None):
     if not config:
 def get_keypair(config = None):
     if not config:
-        config = Config()
+        config = SfaConfig()
     hierarchy = Hierarchy()
     key_dir= hierarchy.basedir
     data_dir = config.data_path
     hierarchy = Hierarchy()
     key_dir= hierarchy.basedir
     data_dir = config.data_path
@@ -128,8 +136,21 @@ def get_keypair(config = None):
     if os.path.exists(keyfile) and os.path.exists(certfile):
         return (keyfile, certfile)
 
     if os.path.exists(keyfile) and os.path.exists(certfile):
         return (keyfile, certfile)
 
-    # create server key and certificate
-    key = Keypair(filename=node_pkey_file)
+    # create temp keypair server key and certificate
+    (_, tmp_keyfile) = tempfile.mkstemp(suffix='.pkey', prefix='tmpkey', dir='/tmp')
+    (_, tmp_certfile) = tempfile.mkstemp(suffix='.cert', prefix='tmpcert', dir='/tmp') 
+    tmp_key = Keypair(create=True)
+    tmp_key.save_to_file(tmp_keyfile)
+    tmp_cert = Certificate(subject='subject')
+    tmp_cert.set_issuer(key=tmp_key, subject='subject')
+    tmp_cert.set_pubkey(tmp_key)
+    tmp_cert.save_to_file(tmp_certfile, save_parents=True)
+
+    # request real pkey from registry
+    api = ComponentAPI(key_file=tmp_keyfile, cert_file=tmp_certfile)
+    registry = api.get_registry()
+    registry.get_key()
+    key = Keypair(filename=keyfile)
     cert = Certificate(subject=hrn)
     cert.set_issuer(key=key, subject=hrn)
     cert.set_pubkey(key)
     cert = Certificate(subject=hrn)
     cert.set_issuer(key=key, subject=hrn)
     cert.set_pubkey(key)
nodemanager