git://git.onelab.eu / sfa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
get_slices is now ListSlices and supports call_id
[sfa.git] / sfa / client / sfi.py
diff --git a/sfa/client/sfi.py b/sfa/client/sfi.py
index 8592ec1..0107142 100755 (executable)
--- a/sfa/client/sfi.py
+++ b/sfa/client/sfi.py
@@ -9,20 +9,26 @@ import tempfile
 import traceback
 import socket
 import random
 import traceback
 import socket
 import random
+import datetime
 from lxml import etree
 from StringIO import StringIO
 from types import StringTypes, ListType
 from optparse import OptionParser
 from lxml import etree
 from StringIO import StringIO
 from types import StringTypes, ListType
 from optparse import OptionParser
+import zlib
+
+from sfa.util.sfalogging import sfa_logger,sfa_logger_goes_to_console
 from sfa.trust.certificate import Keypair, Certificate
 from sfa.trust.certificate import Keypair, Certificate
+from sfa.trust.gid import GID
 from sfa.trust.credential import Credential
 from sfa.util.sfaticket import SfaTicket
 from sfa.trust.credential import Credential
 from sfa.util.sfaticket import SfaTicket
-from sfa.util.record import *
-from sfa.util.namespace import *
-from sfa.util.xmlrpcprotocol import ServerException
+from sfa.util.record import SfaRecord, UserRecord, SliceRecord, NodeRecord, AuthorityRecord
+from sfa.util.xrn import Xrn, get_leaf, get_authority, hrn_to_urn
 import sfa.util.xmlrpcprotocol as xmlrpcprotocol
 from sfa.util.config import Config
 import sfa.util.xmlrpcprotocol as xmlrpcprotocol
 from sfa.util.config import Config
-import zlib
+from sfa.util.version import version_core
 
 
+AGGREGATE_PORT=12346
+CM_PORT=12346
 
 # utility methods here
 # display methods
 
 # utility methods here
 # display methods
@@ -47,7 +53,6 @@ def display_list(results):
     for result in results:
         print result
 
     for result in results:
         print result
 
-
 def display_records(recordList, dump=False):
     ''' Print all fields in the record'''
     for record in recordList:
 def display_records(recordList, dump=False):
     ''' Print all fields in the record'''
     for record in recordList:
@@ -112,30 +117,45 @@ def load_record_from_file(filename):
     return record
 
 
     return record
 
 
+import uuid
+def unique_call_id(): return uuid.uuid4().urn
 
 class Sfi:
 
 class Sfi:
+    
+    required_options=['verbose',  'debug',  'registry',  'sm',  'auth',  'user']
+
+    # dummy to meet Sfi's expectations for its 'options' field
+    # i.e. s/t we can do setattr on
+    class DummyOptions:
+        pass
 
 
-    geni_am = None
-    slicemgr = None
-    registry = None
-    user = None
-    authority = None
-    options = None
-    hashrequest = False
+    def __init__ (self,options=None):
+        if options is None: options=Sfi.DummyOptions()
+        for opt in Sfi.required_options:
+            if not hasattr(options,opt): setattr(options,opt,None)
+        if not hasattr(options,'sfi_dir'): options.sfi_dir=os.path.expanduser("~/.sfi/")
+        self.options = options
+        self.slicemgr = None
+        self.registry = None
+        self.user = None
+        self.authority = None
+        self.hashrequest = False
+        sfa_logger_goes_to_console()
+        self.logger=sfa_logger()
    
     def create_cmd_parser(self, command, additional_cmdargs=None):
    
     def create_cmd_parser(self, command, additional_cmdargs=None):
-        cmdargs = {"gid": "",
-                  "list": "name",
+        cmdargs = {"list": "authority",
                   "show": "name",
                   "remove": "name",
                   "add": "record",
                   "update": "record",
                   "aggregates": "[name]",
                   "registries": "[name]",
                   "show": "name",
                   "remove": "name",
                   "add": "record",
                   "update": "record",
                   "aggregates": "[name]",
                   "registries": "[name]",
+                  "get_gid": [],  
+                  "get_trusted_certs": "cred",
                   "slices": "",
                   "resources": "[name]",
                   "create": "name rspec",
                   "slices": "",
                   "resources": "[name]",
                   "create": "name rspec",
-                  "get_trusted_certs": "cred",
                   "get_ticket": "name rspec",
                   "redeem_ticket": "ticket",
                   "delete": "name",
                   "get_ticket": "name rspec",
                   "redeem_ticket": "ticket",
                   "delete": "name",
@@ -143,50 +163,50 @@ class Sfi:
                   "start": "name",
                   "stop": "name",
                   "delegate": "name",
                   "start": "name",
                   "stop": "name",
                   "delegate": "name",
-                  "GetVersion": "name",
-                  "ListResources": "name",
-                  "CreateSliver": "name",
-                  "get_geni_aggregates": "name",
-                  "DeleteSliver": "name",
-                  "SliverStatus": "name",
-                  "RenewSliver": "name",
-                  "Shutdown": "name"
+                  "status": "name",
+                  "renew": "name",
+                  "shutdown": "name",
+                  "version": "",  
                  }
 
         if additional_cmdargs:
             cmdargs.update(additional_cmdargs)
 
         if command not in cmdargs:
                  }
 
         if additional_cmdargs:
             cmdargs.update(additional_cmdargs)
 
         if command not in cmdargs:
-            print "Invalid command\n"
-            print "Commands: ",
-            for key in cmdargs.keys():
-                print key + ",",
-            print ""
+            msg="Invalid command\n"
+            msg+="Commands: "
+            msg += ','.join(cmdargs.keys())            
+            self.logger.critical(msg)
             sys.exit(2)
 
         parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
                                      % (command, cmdargs[command]))
 
             sys.exit(2)
 
         parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
                                      % (command, cmdargs[command]))
 
-        if command in ("resources"):
-            parser.add_option("-f", "--format", dest="format", type="choice",
-                             help="display format ([xml]|dns|ip)", default="xml",
-                             choices=("xml", "dns", "ip"))
+        # user specifies remote aggregate/sm/component                          
+        if command in ("resources", "slices", "create", "delete", "start", "stop", 
+                       "restart", "shutdown",  "get_ticket", "renew", "status"):
             parser.add_option("-a", "--aggregate", dest="aggregate",
             parser.add_option("-a", "--aggregate", dest="aggregate",
-                             default=None, help="aggregate hrn")
-
-        if command in ("create", "get_ticket"):
-            parser.add_option("-a", "--aggregate", dest="aggregate", default=None,
-                             help="aggregate hrn")
-
-        if command in ("start", "stop", "reset", "delete", "slices"):
+                             default=None, help="aggregate host")
+            parser.add_option("-p", "--port", dest="port",
+                             default=AGGREGATE_PORT, help="aggregate port")
             parser.add_option("-c", "--component", dest="component", default=None,
                              help="component hrn")
             parser.add_option("-c", "--component", dest="component", default=None,
                              help="component hrn")
-            
+            parser.add_option("-d", "--delegate", dest="delegate", default=None, 
+                             action="store_true",
+                             help="Include a credential delegated to the user's root"+\
+                                  "authority in set of credentials for this call")  
+        
+        # registy filter option    
         if command in ("list", "show", "remove"):
             parser.add_option("-t", "--type", dest="type", type="choice",
         if command in ("list", "show", "remove"):
             parser.add_option("-t", "--type", dest="type", type="choice",
-                            help="type filter ([all]|user|slice|sa|ma|node|aggregate)",
-                            choices=("all", "user", "slice", "sa", "ma", "node", "aggregate"),
+                            help="type filter ([all]|user|slice|authority|node|aggregate)",
+                            choices=("all", "user", "slice", "authority", "node", "aggregate"),
                             default="all")
                             default="all")
+        # display formats
+        if command in ("resources"):
+            parser.add_option("-f", "--format", dest="format", type="choice",
+                             help="display format ([xml]|dns|ip)", default="xml",
+                             choices=("xml", "dns", "ip"))
 
         if command in ("resources", "show", "list"):
            parser.add_option("-o", "--output", dest="file",
 
         if command in ("resources", "show", "list"):
            parser.add_option("-o", "--output", dest="file",
@@ -203,6 +223,14 @@ class Sfi:
                             help="delegate user credential")
            parser.add_option("-s", "--slice", dest="delegate_slice",
                             help="delegate slice credential", metavar="HRN", default=None)
                             help="delegate user credential")
            parser.add_option("-s", "--slice", dest="delegate_slice",
                             help="delegate slice credential", metavar="HRN", default=None)
+        
+        if command in ("version"):
+            parser.add_option("-R","--registry-version",
+                              action="store_true", dest="version_registry", default=False,
+                              help="probe registry version instead of slicemgr")
+            parser.add_option("-l","--local",
+                              action="store_true", dest="version_local", default=False,
+                              help="display version of the local client")
 
         return parser
 
 
         return parser
 
@@ -212,8 +240,6 @@ class Sfi:
         # Generate command line parser
         parser = OptionParser(usage="sfi [options] command [command_options] [command_args]",
                              description="Commands: gid,list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
         # Generate command line parser
         parser = OptionParser(usage="sfi [options] command [command_options] [command_args]",
                              description="Commands: gid,list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
-        parser.add_option("-g", "--geni_am", dest="geni_am",
-                          help="geni am", metavar="URL", default=None)
         parser.add_option("-r", "--registry", dest="registry",
                          help="root registry", metavar="URL", default=None)
         parser.add_option("-s", "--slicemgr", dest="sm",
         parser.add_option("-r", "--registry", dest="registry",
                          help="root registry", metavar="URL", default=None)
         parser.add_option("-s", "--slicemgr", dest="sm",
@@ -226,14 +252,12 @@ class Sfi:
                          help="user name", metavar="HRN", default=None)
         parser.add_option("-a", "--auth", dest="auth",
                          help="authority name", metavar="HRN", default=None)
                          help="user name", metavar="HRN", default=None)
         parser.add_option("-a", "--auth", dest="auth",
                          help="authority name", metavar="HRN", default=None)
-        parser.add_option("-v", "--verbose",
-                         action="store_true", dest="verbose", default=False,
-                         help="verbose mode")
+        parser.add_option("-v", "--verbose", action="count", dest="verbose", default=0,
+                         help="verbose mode - cumulative")
         parser.add_option("-D", "--debug",
                           action="store_true", dest="debug", default=False,
                           help="Debug (xml-rpc) protocol messages")
         parser.add_option("-D", "--debug",
                           action="store_true", dest="debug", default=False,
                           help="Debug (xml-rpc) protocol messages")
-        parser.add_option("-p", "--protocol",
-                         dest="protocol", default="xmlrpc",
+        parser.add_option("-p", "--protocol", dest="protocol", default="xmlrpc",
                          help="RPC protocol (xmlrpc or soap)")
         parser.add_option("-k", "--hashrequest",
                          action="store_true", dest="hashrequest", default=False,
                          help="RPC protocol (xmlrpc or soap)")
         parser.add_option("-k", "--hashrequest",
                          action="store_true", dest="hashrequest", default=False,
@@ -243,54 +267,46 @@ class Sfi:
         return parser
         
  
         return parser
         
  
-    #
-    # Establish Connection to SliceMgr and Registry Servers
-    #
-    def set_servers(self):
+    def read_config(self):
        config_file = self.options.sfi_dir + os.sep + "sfi_config"
        try:
           config = Config (config_file)
        except:
        config_file = self.options.sfi_dir + os.sep + "sfi_config"
        try:
           config = Config (config_file)
        except:
-          print "Failed to read configuration file", config_file
-          print "Make sure to remove the export clauses and to add quotes"
-          if not self.options.verbose:
-             print "Re-run with -v for more details"
+          self.logger.critical("Failed to read configuration file %s"%config_file)
+          self.logger.info("Make sure to remove the export clauses and to add quotes")
+          if self.options.verbose==0:
+              self.logger.info("Re-run with -v for more details")
           else:
           else:
-             traceback.print_exc()
+              self.logger.log_exc("Could not read config file %s"%config_file)
           sys.exit(1)
     
        errors = 0
        # Set SliceMgr URL
        if (self.options.sm is not None):
           sys.exit(1)
     
        errors = 0
        # Set SliceMgr URL
        if (self.options.sm is not None):
-          sm_url = self.options.sm
+          self.sm_url = self.options.sm
        elif hasattr(config, "SFI_SM"):
        elif hasattr(config, "SFI_SM"):
-          sm_url = config.SFI_SM
+          self.sm_url = config.SFI_SM
        else:
        else:
-          print "You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s" % config_file
+          self.logger.error("You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s" % config_file)
           errors += 1 
     
        # Set Registry URL
        if (self.options.registry is not None):
           errors += 1 
     
        # Set Registry URL
        if (self.options.registry is not None):
-          reg_url = self.options.registry
+          self.reg_url = self.options.registry
        elif hasattr(config, "SFI_REGISTRY"):
        elif hasattr(config, "SFI_REGISTRY"):
-          reg_url = config.SFI_REGISTRY
+          self.reg_url = config.SFI_REGISTRY
        else:
        else:
-          print "You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file
+          self.logger.errors("You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file)
           errors += 1 
           
 
           errors += 1 
           
 
-       if (self.options.geni_am is not None):
-           geni_am_url = self.options.geni_am
-       elif hasattr(config, "SFI_GENI_AM"):
-           geni_am_url = config.SFI_GENI_AM
-           
        # Set user HRN
        if (self.options.user is not None):
           self.user = self.options.user
        elif hasattr(config, "SFI_USER"):
           self.user = config.SFI_USER
        else:
        # Set user HRN
        if (self.options.user is not None):
           self.user = self.options.user
        elif hasattr(config, "SFI_USER"):
           self.user = config.SFI_USER
        else:
-          print "You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file
+          self.logger.errors("You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file)
           errors += 1 
     
        # Set authority HRN
           errors += 1 
     
        # Set authority HRN
@@ -299,16 +315,19 @@ class Sfi:
        elif hasattr(config, "SFI_AUTH"):
           self.authority = config.SFI_AUTH
        else:
        elif hasattr(config, "SFI_AUTH"):
           self.authority = config.SFI_AUTH
        else:
-          print "You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file
+          self.logger.error("You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file)
           errors += 1 
     
        if errors:
           sys.exit(1)
           errors += 1 
     
        if errors:
           sys.exit(1)
-    
-       if self.options.verbose :
-          print "Contacting Slice Manager at:", sm_url
-          print "Contacting Registry at:", reg_url
-    
+
+
+    #
+    # Establish Connection to SliceMgr and Registry Servers
+    #
+    def set_servers(self):
+
+       self.read_config() 
        # Get key and certificate
        key_file = self.get_key_file()
        cert_file = self.get_cert_file(key_file)
        # Get key and certificate
        key_file = self.get_key_file()
        cert_file = self.get_cert_file(key_file)
@@ -317,9 +336,10 @@ class Sfi:
        self.cert_file = cert_file
        self.cert = Certificate(filename=cert_file) 
        # Establish connection to server(s)
        self.cert_file = cert_file
        self.cert = Certificate(filename=cert_file) 
        # Establish connection to server(s)
-       self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file, self.options.debug)  
-       self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file, self.options.debug)
-       self.geni_am = xmlrpcprotocol.get_server(geni_am_url, key_file, cert_file, self.options.debug)
+       self.logger.info("Contacting Registry at: %s"%self.reg_url)
+       self.registry = xmlrpcprotocol.get_server(self.reg_url, key_file, cert_file, self.options)  
+       self.logger.info("Contacting Slice Manager at: %s"%self.sm_url)
+       self.slicemgr = xmlrpcprotocol.get_server(self.sm_url, key_file, cert_file, self.options)
 
        return
     
 
        return
     
@@ -339,159 +359,132 @@ class Sfi:
     
     def get_key_file(self):
        file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".pkey")
     
     def get_key_file(self):
        file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".pkey")
-       #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".pkey")
        if (os.path.isfile(file)):
           return file
        else:
        if (os.path.isfile(file)):
           return file
        else:
-          print "Key file", file, "does not exist"
+          self.logger.error("Key file %s does not exist"%file)
           sys.exit(-1)
        return
     
     def get_cert_file(self, key_file):
     
           sys.exit(-1)
        return
     
     def get_cert_file(self, key_file):
     
-       #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cert")
-       file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert")
-       if (os.path.isfile(file)):
-          return file
-       else:
-          k = Keypair(filename=key_file)
-          cert = Certificate(subject=self.user)
-          cert.set_pubkey(k)
-          cert.set_issuer(k, self.user)
-          cert.sign()
-          if self.options.verbose :
-             print "Writing self-signed certificate to", file
-          cert.save_to_file(file)
-          return file
-   
-    def get_gid(self):
-        #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".gid")
-        file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".gid")
+        file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert")
         if (os.path.isfile(file)):
         if (os.path.isfile(file)):
-            gid = GID(filename=file)
-            return gid
+            # use existing cert if it exists                     
+            return file
         else:
         else:
-            cert_str = self.cert.save_to_string(save_parents=True)
-            gid_str = self.registry.get_gid(cert_str, self.user, "user")
-            gid = GID(string=gid_str)
-            if self.options.verbose:
-                print "Writing user gid to", file
-            gid.save_to_file(file, save_parents=True)
-            return gid       
+            try:
+                # attempt to use gid as the cert.  
+                gid = self._get_gid()
+                self.logger.info("Writing certificate to %s"%file)
+                gid.save_to_file(file) 
+            except:
+                # generate self signed certificate
+                k = Keypair(filename=key_file)
+                cert = Certificate(subject=self.user)
+                cert.set_pubkey(k)
+                cert.set_issuer(k, self.user)
+                cert.sign()
+                self.logger.info("Writing self-signed certificate to %s"%file)
+                cert.save_to_file(file)
+            
+            return file
+
+    def get_cached_gid(self, file):
+        """
+        Return a cached gid    
+        """
+        gid = None 
+        if (os.path.isfile(file)):
+            gid = GID(filename=file)
+        return gid
+
+    # xxx opts unused
+    def get_gid(self, opts, args):
+        """
+        Get the specify gid and save it to file
+        """
+        hrn = None
+        if args:
+            hrn = args[0]
+        gid = self._get_gid(hrn)
+        self.logger.debug("Sfi.get_gid-> %s",gid.save_to_string(save_parents=True))
+        return gid
+
+    def _get_gid(self, hrn=None):
+        """
+        git_gid helper. Retrive the gid from the registry and save it to file.
+        """
+        
+        if not hrn:
+            hrn = self.user
+        gidfile = os.path.join(self.options.sfi_dir, hrn + ".gid")
+        gid = self.get_cached_gid(gidfile)
+        if not gid:
+            user_cred = self.get_user_cred()
+            records = self.registry.Resolve(hrn, user_cred.save_to_string(save_parents=True))
+            if not records:
+                raise RecordNotFound(args[0])
+            gid = GID(string=records[0]['gid'])
+            self.logger.info("Writing gid to %s"%gidfile)
+            gid.save_to_file(filename=gidfile)
+        return gid   
+                
+     
+    def get_cached_credential(self, file):
+        """
+        Return a cached credential only if it hasn't expired.
+        """
+        if (os.path.isfile(file)):
+            credential = Credential(filename=file)
+            # make sure it isnt expired 
+            if not credential.get_expiration or \
+               datetime.datetime.today() < credential.get_expiration():
+                return credential
+        return None 
  
     def get_user_cred(self):
  
     def get_user_cred(self):
-        #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cred")
         file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cred")
         file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cred")
-        if (os.path.isfile(file)):
-            user_cred = Credential(filename=file)
-            return user_cred
-        else:
-            # bootstrap user credential
-            cert_string = self.cert.save_to_string(save_parents=True)
-            user_name = self.user.replace(self.authority + ".", '')
-            if user_name.count(".") > 0:
-                user_name = user_name.replace(".", '_')
-                self.user = self.authority + "." + user_name
-
-            user_cred = self.registry.get_self_credential(cert_string, "user", self.user)
-            if user_cred:
-               cred = Credential(string=user_cred)
-               cred.save_to_file(file, save_parents=True)
-               if self.options.verbose:
-                    print "Writing user credential to", file
-               return cred
-            else:
-               print "Failed to get user credential"
-               sys.exit(-1)
-  
+        return self.get_cred(file, 'user', self.user)
+
     def get_auth_cred(self):
         if not self.authority:
     def get_auth_cred(self):
         if not self.authority:
-            print "no authority specified. Use -a or set SF_AUTH"
+            self.logger.critical("no authority specified. Use -a or set SF_AUTH")
             sys.exit(-1)
             sys.exit(-1)
-    
-        file = os.path.join(self.options.sfi_dir, get_leaf("authority") + ".cred")
-        if (os.path.isfile(file)):
-            auth_cred = Credential(filename=file)
-            return auth_cred
-        else:
-            # bootstrap authority credential from user credential
-            user_cred = self.get_user_cred().save_to_string(save_parents=True)
-            auth_cred = self.registry.get_credential(user_cred, "authority", self.authority)
-            if auth_cred:
-                cred = Credential(string=auth_cred)
-                cred.save_to_file(file, save_parents=True)
-                if self.options.verbose:
-                    print "Writing authority credential to", file
-                return cred
-            else:
-                print "Failed to get authority credential"
-                sys.exit(-1)
-    
+        file = os.path.join(self.options.sfi_dir, self.authority + ".cred")
+        return self.get_cred(file, 'authority', self.authority)
+
     def get_slice_cred(self, name):
         file = os.path.join(self.options.sfi_dir, "slice_" + get_leaf(name) + ".cred")
     def get_slice_cred(self, name):
         file = os.path.join(self.options.sfi_dir, "slice_" + get_leaf(name) + ".cred")
-        if (os.path.isfile(file)):
-            slice_cred = Credential(filename=file)
-            return slice_cred
-        else:
-            # bootstrap slice credential from user credential
-            user_cred = self.get_user_cred().save_to_string(save_parents=True)
-            arg_list = [user_cred, "slice", name]
-            slice_cred_str = self.registry.get_credential(user_cred, "slice", name)
-            if slice_cred_str:
-                slice_cred = Credential(string=slice_cred_str)
-                slice_cred.save_to_file(file, save_parents=True)
-                if self.options.verbose:
-                    print "Writing slice credential to", file
-                return slice_cred
+        return self.get_cred(file, 'slice', name)
+    def get_cred(self, file, type, hrn):
+        # attempt to load a cached credential 
+        cred = self.get_cached_credential(file)    
+        if not cred:
+            if type in ['user']:
+                cert_string = self.cert.save_to_string(save_parents=True)
+                user_name = self.user.replace(self.authority + ".", '')
+                if user_name.count(".") > 0:
+                    user_name = user_name.replace(".", '_')
+                    self.user = self.authority + "." + user_name
+                cred_str = self.registry.GetSelfCredential(cert_string, hrn, "user")
             else:
             else:
-                print "Failed to get slice credential"
+                # bootstrap slice credential from user credential
+                user_cred = self.get_user_cred().save_to_string(save_parents=True)
+                cred_str = self.registry.GetCredential(user_cred, hrn, type)
+            
+            if not cred_str:
+                self.logger.critical("Failed to get %s credential" % type)
                 sys.exit(-1)
                 sys.exit(-1)
-    
-    def delegate_cred(self, cred, hrn, type='authority'):
-        # the gid and hrn of the object we are delegating
-        user_cred = Credential(string=cred)
-        object_gid = user_cred.get_gid_object()
-        object_hrn = object_gid.get_hrn()
-        #cred.set_delegate(True)
-        #if not cred.get_delegate():
-        #    raise Exception, "Error: Object credential %(object_hrn)s does not have delegate bit set" % locals()
-           
-    
-        records = self.registry.resolve(cred, hrn)
-        records = filter_records(type, records)
-        
-        if not records:
-            raise Exception, "Error: Didn't find a %(type)s record for %(hrn)s" % locals()
-    
-        # the gid of the user who will be delegated too
-        record = SfaRecord(dict=records[0])
-        delegee_gid = record.get_gid_object()
-        delegee_hrn = delegee_gid.get_hrn()
-        
-        # the key and hrn of the user who will be delegating
-        user_key = Keypair(filename=self.get_key_file())
-        user_hrn = user_cred.get_gid_caller().get_hrn()
-    
-        dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
-        dcred.set_gid_caller(delegee_gid)
-        dcred.set_gid_object(object_gid)
-        dcred.set_privileges(user_cred.get_privileges())
-        dcred.get_privileges().delegate_all_privileges(True)
-        
+                
+            cred = Credential(string=cred_str)
+            cred.save_to_file(file, save_parents=True)
+            self.logger.info("Writing %s credential to %s" %(type, file))
 
 
-        # Save the issuer's gid to a file
-        fname = self.options.sfi_dir + os.sep + "gid_%d" % random.randint(0, 999999999)
-        f = open(fname, "w")
-        f.write(user_cred.get_gid_caller().save_to_string())
-        f.close()
-        dcred.set_issuer_keys(self.get_key_file(), fname)
-        os.remove(fname)
-        
-        dcred.set_parent(user_cred)
-        dcred.encode()
-        dcred.sign()
-    
-        return dcred.save_to_string(save_parents=True)
+        return cred
     
     def get_rspec_file(self, rspec):
        if (os.path.isabs(rspec)):
     
     def get_rspec_file(self, rspec):
        if (os.path.isabs(rspec)):
@@ -501,7 +494,7 @@ class Sfi:
        if (os.path.isfile(file)):
           return file
        else:
        if (os.path.isfile(file)):
           return file
        else:
-          print "No such rspec file", rspec
+          self.logger.critical("No such rspec file"%rspec)
           sys.exit(1)
     
     def get_record_file(self, record):
           sys.exit(1)
     
     def get_record_file(self, record):
@@ -512,7 +505,7 @@ class Sfi:
        if (os.path.isfile(file)):
           return file
        else:
        if (os.path.isfile(file)):
           return file
        else:
-          print "No such registry record file", record
+          self.logger.critical("No such registry record file %s"%record)
           sys.exit(1)
     
     def load_publickey_string(self, fn):
           sys.exit(1)
     
     def load_publickey_string(self, fn):
@@ -530,38 +523,62 @@ class Sfi:
     
        return key_string
 
     
        return key_string
 
+    # xxx opts undefined
     def get_component_server_from_hrn(self, hrn):
         # direct connection to the nodes component manager interface
         user_cred = self.get_user_cred().save_to_string(save_parents=True)
     def get_component_server_from_hrn(self, hrn):
         # direct connection to the nodes component manager interface
         user_cred = self.get_user_cred().save_to_string(save_parents=True)
-        records = self.registry.resolve(user_cred, hrn)
+        records = self.registry.Resolve(hrn, user_cred)
         records = filter_records('node', records)
         if not records:
         records = filter_records('node', records)
         if not records:
-            print "No such component:", opts.component
+            self.logger.warning("No such component:%r"% opts.component)
         record = records[0]
         record = records[0]
-        cm_port = "12346"
-        url = "https://%s:%s" % (record['hostname'], cm_port)
-        return xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.debug)
-    
-    #
+  
+        return self.get_server(record['hostname'], CM_PORT, self.key_file, self.cert_file)
+    def get_server(self, host, port, keyfile, certfile):
+        """
+        Return an instance of an xmlrpc server connection    
+        """
+        # port is appended onto the domain, before the path. Should look like:
+        # http://domain:port/path
+        host_parts = host.split('/')
+        host_parts[0] = host_parts[0] + ":" + str(port)
+        url =  "http://%s" %  "/".join(host_parts)    
+        return xmlrpcprotocol.get_server(url, keyfile, certfile, self.options)
+
+    # xxx opts could be retrieved in self.options
+    def get_server_from_opts(self, opts):
+        """
+        Return instance of an xmlrpc connection to a slice manager, aggregate
+        or component server depending on the specified opts
+        """
+        server = self.slicemgr
+        # direct connection to an aggregate
+        if hasattr(opts, 'aggregate') and opts.aggregate:
+            server = self.get_server(opts.aggregate, opts.port, self.key_file, self.cert_file)
+        # direct connection to the nodes component manager interface
+        if hasattr(opts, 'component') and opts.component:
+            server = self.get_component_server_from_hrn(opts.component)    
+        return server
+    #==========================================================================
     # Following functions implement the commands
     #
     # Registry-related commands
     # Following functions implement the commands
     #
     # Registry-related commands
-    #
+    #==========================================================================
   
     def dispatch(self, command, cmd_opts, cmd_args):
   
     def dispatch(self, command, cmd_opts, cmd_args):
-        getattr(self, command)(cmd_opts, cmd_args)
-    def gid(self, opts, args):
-        gid = self.get_gid()
-        print "GID: %s" % (gid.save_to_string(save_parents=True))
-        return   
+        return getattr(self, command)(cmd_opts, cmd_args)
  
     # list entires in named authority registry
     def list(self, opts, args):
  
     # list entires in named authority registry
     def list(self, opts, args):
-        user_cred = self.get_user_cred().save_to_string(save_parents=True)
+        if len(args)!= 1:
+            self.print_help()
+            sys.exit(1)
         hrn = args[0]
         hrn = args[0]
+        user_cred = self.get_user_cred().save_to_string(save_parents=True)
         try:
         try:
-            list = self.registry.list(user_cred, hrn)
+            list = self.registry.List(hrn, user_cred)
         except IndexError:
             raise Exception, "Not enough parameters for the 'list' command"
           
         except IndexError:
             raise Exception, "Not enough parameters for the 'list' command"
           
@@ -579,9 +596,12 @@ class Sfi:
     
     # show named registry record
     def show(self, opts, args):
     
     # show named registry record
     def show(self, opts, args):
-        user_cred = self.get_user_cred().save_to_string(save_parents=True)
+        if len(args)!= 1:
+            self.print_help()
+            sys.exit(1)
         hrn = args[0]
         hrn = args[0]
-        records = self.registry.resolve(user_cred, hrn)
+        user_cred = self.get_user_cred().save_to_string(save_parents=True)
+        records = self.registry.Resolve(hrn, user_cred)
         records = filter_records(opts.type, records)
         if not records:
             print "No record of type", opts.type
         records = filter_records(opts.type, records)
         if not records:
             print "No record of type", opts.type
@@ -609,82 +629,83 @@ class Sfi:
         return
     
     def delegate(self, opts, args):
         return
     
     def delegate(self, opts, args):
-       user_cred = self.get_user_cred()
-       if opts.delegate_user:
-           object_cred = user_cred
-       elif opts.delegate_slice:
-           object_cred = self.get_slice_cred(opts.delegate_slice)
-       else:
-           print "Must specify either --user or --slice <hrn>"
-           return
-    
-       # the gid and hrn of the object we are delegating
-       object_gid = object_cred.get_gid_object()
-       object_hrn = object_gid.get_hrn()
-    
-       if not object_cred.get_privileges().get_all_delegate():
-           print "Error: Object credential", object_hrn, "does not have delegate bit set"
-           return
-    
-       records = self.registry.resolve(user_cred.save_to_string(save_parents=True), args[0])
-       records = filter_records("user", records)
-    
-       if not records:
-           print "Error: Didn't find a user record for", args[0]
-           return
-    
-       # the gid of the user who will be delegated to
-       delegee_gid = GID(string=records[0]['gid'])
-       delegee_hrn = delegee_gid.get_hrn()
-   
-       # the key and hrn of the user who will be delegating
-       user_key = Keypair(filename=self.get_key_file())
-       user_hrn = user_cred.get_gid_caller().get_hrn()
-       subject_string = "%s delegated to %s" % (object_hrn, delegee_hrn)
-       dcred = Credential(subject=subject_string)
-       dcred.set_gid_caller(delegee_gid)
-       dcred.set_gid_object(object_gid)
-       privs = object_cred.get_privileges()
-       dcred.set_privileges(object_cred.get_privileges())
-       dcred.get_privileges().delegate_all_privileges(True)
-       dcred.set_pubkey(object_gid.get_pubkey())
-       dcred.set_issuer(user_key, user_hrn)
-       dcred.set_parent(object_cred)
-       dcred.encode()
-       dcred.sign()
-    
-       if opts.delegate_user:
-           dest_fn = os.path.join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_" 
+
+        delegee_hrn = args[0]
+        if opts.delegate_user:
+            user_cred = self.get_user_cred()
+            cred = self.delegate_cred(user_cred, delegee_hrn)
+        elif opts.delegate_slice:
+            slice_cred = self.get_slice_cred(opts.delegate_slice)
+            cred = self.delegate_cred(slice_cred, delegee_hrn)
+        else:
+            self.logger.warning("Must specify either --user or --slice <hrn>")
+            return
+        delegated_cred = Credential(string=cred)
+        object_hrn = delegated_cred.get_gid_object().get_hrn()
+        if opts.delegate_user:
+            dest_fn = os.path.join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_"
                                   + get_leaf(object_hrn) + ".cred")
                                   + get_leaf(object_hrn) + ".cred")
-       elif opts.delegate_slice:
-           dest_fn = os.path_join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_slice_" 
+        elif opts.delegate_slice:
+            dest_fn = os.path.join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_slice_"
                                   + get_leaf(object_hrn) + ".cred")
                                   + get_leaf(object_hrn) + ".cred")
+
+        delegated_cred.save_to_file(dest_fn, save_parents=True)
+
+        self.logger.info("delegated credential for %s to %s and wrote to %s"%(object_hrn, delegee_hrn,dest_fn))
     
     
-       dcred.save_to_file(dest_fn, save_parents=True)
-    
-       print "delegated credential for", object_hrn, "to", delegee_hrn, "and wrote to", dest_fn
+    def delegate_cred(self, object_cred, hrn):
+        # the gid and hrn of the object we are delegating
+        if isinstance(object_cred, str):
+            object_cred = Credential(string=object_cred) 
+        object_gid = object_cred.get_gid_object()
+        object_hrn = object_gid.get_hrn()
     
     
+        if not object_cred.get_privileges().get_all_delegate():
+            self.logger.error("Object credential %s does not have delegate bit set"%object_hrn)
+            return
+
+        # the delegating user's gid
+        caller_gid = self._get_gid(self.user)
+        caller_gidfile = os.path.join(self.options.sfi_dir, self.user + ".gid")
+  
+        # the gid of the user who will be delegated to
+        delegee_gid = self._get_gid(hrn)
+        delegee_hrn = delegee_gid.get_hrn()
+        delegee_gidfile = os.path.join(self.options.sfi_dir, delegee_hrn + ".gid")
+        delegee_gid.save_to_file(filename=delegee_gidfile)
+        dcred = object_cred.delegate(delegee_gidfile, self.get_key_file(), caller_gidfile)
+        return dcred.save_to_string(save_parents=True)
+     
     # removed named registry record
     #   - have to first retrieve the record to be removed
     def remove(self, opts, args):
         auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
     # removed named registry record
     #   - have to first retrieve the record to be removed
     def remove(self, opts, args):
         auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
+        if len(args)!=1:
+            self.print_help()
+            sys.exit(1)
         hrn = args[0]
         type = opts.type 
         if type in ['all']:
             type = '*'
         hrn = args[0]
         type = opts.type 
         if type in ['all']:
             type = '*'
-        return self.registry.remove(auth_cred, type, hrn)
+        return self.registry.Remove(hrn, auth_cred, type)
     
     # add named registry record
     def add(self, opts, args):
         auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
     
     # add named registry record
     def add(self, opts, args):
         auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
+        if len(args)!=1:
+            self.print_help()
+            sys.exit(1)
         record_filepath = args[0]
         rec_file = self.get_record_file(record_filepath)
         record = load_record_from_file(rec_file).as_dict()
         record_filepath = args[0]
         rec_file = self.get_record_file(record_filepath)
         record = load_record_from_file(rec_file).as_dict()
-        return self.registry.register(auth_cred, record)
+        return self.registry.Register(record, auth_cred)
     
     # update named registry entry
     def update(self, opts, args):
         user_cred = self.get_user_cred()
     
     # update named registry entry
     def update(self, opts, args):
         user_cred = self.get_user_cred()
+        if len(args)!=1:
+            self.print_help()
+            sys.exit(1)
         rec_file = self.get_record_file(args[0])
         record = load_record_from_file(rec_file)
         if record['type'] == "user":
         rec_file = self.get_record_file(args[0])
         record = load_record_from_file(rec_file)
         if record['type'] == "user":
@@ -695,7 +716,7 @@ class Sfi:
         elif record['type'] in ["slice"]:
             try:
                 cred = self.get_slice_cred(record.get_name()).save_to_string(save_parents=True)
         elif record['type'] in ["slice"]:
             try:
                 cred = self.get_slice_cred(record.get_name()).save_to_string(save_parents=True)
-            except ServerException, e:
+            except xmlrpcprotocol.ServerException, e:
                # XXX smbaker -- once we have better error return codes, update this
                # to do something better than a string compare
                if "Permission error" in e.args[0]:
                # XXX smbaker -- once we have better error return codes, update this
                # to do something better than a string compare
                if "Permission error" in e.args[0]:
@@ -709,16 +730,16 @@ class Sfi:
         else:
             raise "unknown record type" + record.get_type()
         record = record.as_dict()
         else:
             raise "unknown record type" + record.get_type()
         record = record.as_dict()
-        return self.registry.update(cred, record)
+        return self.registry.Update(record, cred)
   
     def get_trusted_certs(self, opts, args):
         """
   
     def get_trusted_certs(self, opts, args):
         """
-        return the trusted certs at this interface 
+        return uhe trusted certs at this interface 
         """ 
         trusted_certs = self.registry.get_trusted_certs()
         for trusted_cert in trusted_certs:
             cert = Certificate(string=trusted_cert)
         """ 
         trusted_certs = self.registry.get_trusted_certs()
         for trusted_cert in trusted_certs:
             cert = Certificate(string=trusted_cert)
-            print cert.get_subject()
+            self.logger.debug('Sfi.get_trusted_certs -> %r'%cert.get_subject())
         return 
 
     def aggregates(self, opts, args):
         return 
 
     def aggregates(self, opts, args):
@@ -734,20 +755,6 @@ class Sfi:
         display_list(result)
         return 
 
         display_list(result)
         return 
 
-    def get_geni_aggregates(self, opts, args):
-        """
-        return a list of details about known aggregates
-        """
-        user_cred = self.get_user_cred().save_to_string(save_parents=True)
-        hrn = None
-        if args:
-            hrn = args[0]
-
-        result = self.registry.get_geni_aggregates(user_cred, hrn)
-        display_list(result)
-        return 
-
-
     def registries(self, opts, args):
         """
         return a list of details about known registries
     def registries(self, opts, args):
         """
         return a list of details about known registries
@@ -761,20 +768,35 @@ class Sfi:
         return
 
  
         return
 
  
-    #
+    # ==================================================================
     # Slice-related commands
     # Slice-related commands
-    #
+    # ==================================================================
     
     
-    # list available nodes -- use 'resources' w/ no argument instead
+
+    def version(self, opts, args):
+        if opts.version_local:
+            version=version_core()
+        else:
+            if opts.version_registry:
+                server=self.registry
+            else:
+                server = self.get_server_from_opts(opts)
+            version=server.GetVersion()
+        for (k,v) in version.iteritems():
+            print "%-20s: %s"%(k,v)
 
     # list instantiated slices
     def slices(self, opts, args):
 
     # list instantiated slices
     def slices(self, opts, args):
+        """
+        list instantiated slices
+        """
         user_cred = self.get_user_cred().save_to_string(save_parents=True)
         user_cred = self.get_user_cred().save_to_string(save_parents=True)
-        server = self.slicemgr
-        # direct connection to the nodes component manager interface
-        if opts.component:
-            server = self.get_component_server_from_hrn(opts.component)
-        results = server.get_slices(user_cred)
+        creds = [user_cred]
+        if opts.delegate:
+            delegated_cred = self.delegate_cred(user_cred, get_authority(self.authority))
+            creds.append(delegated_cred)  
+        server = self.get_server_from_opts(opts)
+        results = server.ListSlices(creds, unique_call_id())
         display_list(results)
         return
     
         display_list(results)
         return
     
@@ -782,26 +804,26 @@ class Sfi:
     def resources(self, opts, args):
         user_cred = self.get_user_cred().save_to_string(save_parents=True)
         server = self.slicemgr
     def resources(self, opts, args):
         user_cred = self.get_user_cred().save_to_string(save_parents=True)
         server = self.slicemgr
-        if opts.aggregate:
-            agg_hrn = opts.aggregate
-            aggregates = self.registry.get_aggregates(user_cred, agg_hrn)
-            if not aggregates:
-                raise Exception, "No such aggregate %s" % agg_hrn
-            aggregate = aggregates[0]
-            url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])     
-            server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.debug)
+        call_options = {}
+        server = self.get_server_from_opts(opts)
+        
         if args:
             cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
             hrn = args[0]
         if args:
             cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
             hrn = args[0]
+            call_options = {'geni_slice_urn': hrn_to_urn(hrn, 'slice')}
         else:
             cred = user_cred
             hrn = None
         else:
             cred = user_cred
             hrn = None
-
-        result = server.get_resources(cred, hrn)
+     
+        creds = [cred]
+        if opts.delegate:
+            delegated_cred = self.delegate_cred(cred, get_authority(self.authority))
+            creds.append(delegated_cred) 
+        result = server.ListResources(creds, call_options,unique_call_id())
         format = opts.format
         format = opts.format
-       
-        display_rspec(result, format)
-        if (opts.file is not None):
+        if opts.file is None:
+            display_rspec(result, format)
+        else:
             file = opts.file
             if not file.startswith(os.sep):
                 file = os.path.join(self.options.sfi_dir, file)
             file = opts.file
             if not file.startswith(os.sep):
                 file = os.path.join(self.options.sfi_dir, file)
@@ -811,38 +833,36 @@ class Sfi:
     # created named slice with given rspec
     def create(self, opts, args):
         slice_hrn = args[0]
     # created named slice with given rspec
     def create(self, opts, args):
         slice_hrn = args[0]
+        slice_urn = hrn_to_urn(slice_hrn, 'slice') 
         user_cred = self.get_user_cred()
         slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
         user_cred = self.get_user_cred()
         slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
+        creds = [slice_cred]
+        if opts.delegate:
+            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+            creds.append(delegated_cred)
         rspec_file = self.get_rspec_file(args[1])
         rspec = open(rspec_file).read()
         rspec_file = self.get_rspec_file(args[1])
         rspec = open(rspec_file).read()
-        server = self.slicemgr
-        if opts.aggregate:
-            aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
-            if not aggregates:
-                raise Exception, "No such aggregate %s" % opts.aggregate
-            aggregate = aggregates[0]
-            url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
-            server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.debug)
-        return server.create_slice(slice_cred, slice_hrn, rspec)
+        server = self.get_server_from_opts(opts)
+        result =  server.CreateSliver(slice_urn, creds, rspec, [], unique_call_id())
+        print result
+        return result
 
     # get a ticket for the specified slice
     def get_ticket(self, opts, args):
         slice_hrn, rspec_path = args[0], args[1]
 
     # get a ticket for the specified slice
     def get_ticket(self, opts, args):
         slice_hrn, rspec_path = args[0], args[1]
+        slice_urn = hrn_to_urn(slice_hrn, 'slice')
         user_cred = self.get_user_cred()
         slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
         user_cred = self.get_user_cred()
         slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
+        creds = [slice_cred]
+        if opts.delegate:
+            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+            creds.append(delegated_cred)
         rspec_file = self.get_rspec_file(rspec_path) 
         rspec = open(rspec_file).read()
         rspec_file = self.get_rspec_file(rspec_path) 
         rspec = open(rspec_file).read()
-        server = self.slicemgr
-        if opts.aggregate:
-            aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
-            if not aggregates:
-                raise Exception, "No such aggregate %s" % opts.aggregate
-            aggregate = aggregates[0]
-            url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
-            server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.debug)
-        ticket_string = server.get_ticket(slice_cred, slice_hrn, rspec)
+        server = self.get_server_from_opts(opts)
+        ticket_string = server.GetTicket(slice_urn, creds, rspec, [])
         file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
         file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
-        print "writing ticket to ", file        
+        self.logger.info("writing ticket to %s"%file)
         ticket = SfaTicket(string=ticket_string)
         ticket.save_to_file(filename=file, save_parents=True)
 
         ticket = SfaTicket(string=ticket_string)
         ticket.save_to_file(filename=file, save_parents=True)
 
@@ -853,7 +873,8 @@ class Sfi:
         # use this to get the right slice credential 
         ticket = SfaTicket(filename=ticket_file)
         ticket.decode()
         # use this to get the right slice credential 
         ticket = SfaTicket(filename=ticket_file)
         ticket.decode()
-       slice_hrn = ticket.gidObject.get_hrn()
+        slice_hrn = ticket.gidObject.get_hrn()
+        slice_urn = hrn_to_urn(slice_hrn, 'slice') 
         #slice_hrn = ticket.attributes['slivers'][0]['hrn']
         user_cred = self.get_user_cred()
         slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
         #slice_hrn = ticket.attributes['slivers'][0]['hrn']
         user_cred = self.get_user_cred()
         slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
@@ -868,158 +889,141 @@ class Sfi:
         connections = {}
         for hostname in hostnames:
             try:
         connections = {}
         for hostname in hostnames:
             try:
-                cm_port = "12346" 
-                url = "https://%(hostname)s:%(cm_port)s" % locals() 
-                print "Calling redeem_ticket at %(url)s " % locals(),
-                cm = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.debug)
-                cm.redeem_ticket(slice_cred, ticket.save_to_string(save_parents=True))
-                print "Success"
+                self.logger.info("Calling redeem_ticket at %(hostname)s " % locals())
+                server = self.get_server(hostname, CM_PORT, self.key_file, \
+                                         self.cert_file, self.options.debug)
+                server.RedeemTicket(ticket.save_to_string(save_parents=True), slice_cred)
+                self.logger.info("Success")
             except socket.gaierror:
             except socket.gaierror:
-                print "Failed:",
-                print "Componet Manager not accepting requests" 
+                self.logger.error("redeem_ticket failed: Component Manager not accepting requests")
             except Exception, e:
             except Exception, e:
-                print "Failed:", e.message
-             
+                self.logger.log_exc(e.message)
         return
  
     # delete named slice
     def delete(self, opts, args):
         slice_hrn = args[0]
         return
  
     # delete named slice
     def delete(self, opts, args):
         slice_hrn = args[0]
-        server = self.slicemgr
-        # direct connection to the nodes component manager interface
-        if opts.component:
-            server = self.get_component_server_from_hrn(opts.component)
+        slice_urn = hrn_to_urn(slice_hrn, 'slice') 
         slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
         slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
-        return server.delete_slice(slice_cred, slice_hrn)
+        creds = [slice_cred]
+        if opts.delegate:
+            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+            creds.append(delegated_cred)
+        server = self.get_server_from_opts(opts)
+        return server.DeleteSliver(slice_urn, creds, unique_call_id())
     
     # start named slice
     def start(self, opts, args):
         slice_hrn = args[0]
     
     # start named slice
     def start(self, opts, args):
         slice_hrn = args[0]
-        server = self.slicemgr
-        # direct connection to the nodes component manager interface
-        if opts.component:
-            server = self.get_component_server_from_hrn(opts.component)
+        slice_urn = hrn_to_urn(slice_hrn, 'slice') 
         slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
         slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
-        return server.start_slice(slice_cred, slice_hrn)
+        creds = [slice_cred]
+        if opts.delegate:
+            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+            creds.append(delegated_cred)
+        server = self.get_server_from_opts(opts)
+        return server.Start(slice_urn, creds)
     
     # stop named slice
     def stop(self, opts, args):
         slice_hrn = args[0]
     
     # stop named slice
     def stop(self, opts, args):
         slice_hrn = args[0]
-        server = self.slicemgr
-        # direct connection to the nodes component manager interface
-        if opts.component:
-            server = self.get_component_server_from_hrn(opts.component)
-
+        slice_urn = hrn_to_urn(slice_hrn, 'slice') 
         slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
         slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
-        return server.stop_slice(slice_cred, slice_hrn)
+        creds = [slice_cred]
+        if opts.delegate:
+            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+            creds.append(delegated_cred)
+        server = self.get_server_from_opts(opts)
+        return server.Stop(slice_urn, creds)
     
     # reset named slice
     def reset(self, opts, args):
         slice_hrn = args[0]
     
     # reset named slice
     def reset(self, opts, args):
         slice_hrn = args[0]
-        server = self.slicemgr
-        # direct connection to the nodes component manager interface
-        if opts.component:
-            server = self.get_component_server_from_hrn(opts.component)
+        slice_urn = hrn_to_urn(slice_hrn, 'slice') 
+        server = self.get_server_from_opts(opts)
         slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
         slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
-        return server.reset_slice(slice_cred, slice_hrn)
+        creds = [slice_cred]
+        if opts.delegate:
+            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+            creds.append(delegated_cred)
+        return server.reset_slice(creds, slice_urn)
 
 
+    def renew(self, opts, args):
+        slice_hrn = args[0]
+        slice_urn = hrn_to_urn(slice_hrn, 'slice') 
+        server = self.get_server_from_opts(opts)
+        slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
+        creds = [slice_cred]
+        if opts.delegate:
+            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+            creds.append(delegated_cred)
+        time = args[1]
+        return server.RenewSliver(slice_urn, creds, time, unique_call_id())
 
 
-    # GENI AM related calls
 
 
-    def GetVersion(self, opts, args):
-        server = self.geni_am
-        print server.GetVersion()
+    def status(self, opts, args):
+        slice_hrn = args[0]
+        slice_urn = hrn_to_urn(slice_hrn, 'slice') 
+        slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
+        creds = [slice_cred]
+        if opts.delegate:
+            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+            creds.append(delegated_cred)
+        server = self.get_server_from_opts(opts)
+        print server.SliverStatus(slice_urn, creds)
 
 
-    def ListResources(self, opts, args):
-        user_cred = self.get_user_cred().save_to_string(save_parents=True)
-        server = self.geni_am
-        call_options = {'geni_compressed': True}
-        xrn = None
-        cred = user_cred
-        if args:
-            xrn = args[0]
-            cred = self.get_slice_cred(xrn).save_to_string(save_parents=True)
 
 
-        if xrn:
-            call_options['geni_slice_urn'] = xrn
-            
-        rspec = server.ListResources([cred], call_options)
-        rspec = zlib.decompress(rspec.decode('base64'))
-        print rspec
-        
-    def CreateSliver(self, opts, args):
-        slice_xrn = args[0]
-        slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
-        rspec_file = self.get_rspec_file(args[1])
-        rspec = open(rspec_file).read()
-        server = self.geni_am
-        return server.CreateSliver(slice_xrn, [slice_cred], rspec, [])
-    
-    def DeleteSliver(self, opts, args):
-        slice_xrn = args[0]
-        slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
-        server = self.geni_am
-        return server.DeleteSliver(slice_xrn, [slice_cred])    
-
-    def SliverStatus(self, opts, args):
-        slice_xrn = args[0]
-        slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
-        server = self.geni_am
-        print server.SliverStatus(slice_xrn, [slice_cred])
-    
-    def RenewSliver(self, opts, args):
-        slice_xrn = args[0]
-        slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
-        time = args[1]
-        server = self.geni_am
-        return server.RenewSliver(slice_xrn, [slice_cred], time)   
-
-    def Shutdown(self, opts, args):
-        slice_xrn = args[0]
-        slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
-        server = self.geni_am
-        return server.Shutdown(slice_xrn, [slice_cred])         
+    def shutdown(self, opts, args):
+        slice_hrn = args[0]
+        slice_urn = hrn_to_urn(slice_hrn, 'slice') 
+        slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
+        creds = [slice_cred]
+        if opts.delegate:
+            delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+            creds.append(delegated_cred)
+        server = self.get_server_from_opts(opts)
+        return server.Shutdown(slice_urn, creds)         
     
     
+    def print_help (self):
+        self.sfi_parser.print_help()
+        self.cmd_parser.print_help()
+
     #
     # Main: parse arguments and dispatch to command
     #
     def main(self):
     #
     # Main: parse arguments and dispatch to command
     #
     def main(self):
-        parser = self.create_parser()
-        (options, args) = parser.parse_args()
+        self.sfi_parser = self.create_parser()
+        (options, args) = self.sfi_parser.parse_args()
         self.options = options
         self.options = options
-   
+
+        self.logger.setLevelFromOptVerbose(self.options.verbose)
         if options.hashrequest:
             self.hashrequest = True
  
         if len(args) <= 0:
         if options.hashrequest:
             self.hashrequest = True
  
         if len(args) <= 0:
-            print "No command given. Use -h for help."
-            return - 1
+            self.logger.critical("No command given. Use -h for help.")
+            return -1
     
         command = args[0]
     
         command = args[0]
-        (cmd_opts, cmd_args) = self.create_cmd_parser(command).parse_args(args[1:])
-        if self.options.verbose :
-            print "Registry %s, sm %s, dir %s, user %s, auth %s" % (options.registry, options.sm,
-                                                                   options.sfi_dir, options.user,
-                                                                   options.auth)
-            print "Command %s" % command
-            if command in ("resources"):
-                print "resources cmd_opts %s" % cmd_opts.format
-            elif command in ("list", "show", "remove"):
-                print "cmd_opts.type %s" % cmd_opts.type
-            print "cmd_args %s" % cmd_args
-    
+        self.cmd_parser = self.create_cmd_parser(command)
+        (cmd_opts, cmd_args) = self.cmd_parser.parse_args(args[1:])
+
         self.set_servers()
     
         self.set_servers()
     
+        self.logger.info("Command=%s" % command)
+        if command in ("resources"):
+            self.logger.debug("resources cmd_opts %s" % cmd_opts.format)
+        elif command in ("list", "show", "remove"):
+            self.logger.debug("cmd_opts.type %s" % cmd_opts.type)
+        self.logger.debug('cmd_args %s',cmd_args)
+
         try:
             self.dispatch(command, cmd_opts, cmd_args)
         except KeyError:
         try:
             self.dispatch(command, cmd_opts, cmd_args)
         except KeyError:
-            raise 
-            print "Command not found:", command
+            self.logger.critical ("Unknown command %s"%command)
             sys.exit(1)
     
         return
     
 if __name__ == "__main__":
             sys.exit(1)
     
         return
     
 if __name__ == "__main__":
-   Sfi().main()
+    Sfi().main()
sfa