- # if we are directly connected to the aggregate then we can just
- # send them the rspec. if not, then we may be connected to an sm
- # thats connected to the aggregate
- if net_hrn in aggregates:
- # send the whloe rspec to the local aggregate
- if net_hrn in [api.hrn]:
- try:
- request_hash = None
- aggregates[net_hrn].create_slice(credential, hrn, \
- rspec, request_hash, caller_cred)
- except:
- arg_list = [credential,hrn,rspec]
- request_hash = api.key.compute_hash(arg_list)
- aggregates[net_hrn].create_slice(credential, hrn, \
- rspec, request_hash, caller_cred)
- else:
- try:
- request_hash = None
- aggregates[net_hrn].create_slice(credential, hrn, \
- rspecs[net_hrn], request_hash, caller_cred)
- except:
- arg_list = [credential,hrn,rspecs[net_hrn]]
- request_hash = api.key.compute_hash(arg_list)
- aggregates[net_hrn].create_slice(credential, hrn, \
- rspecs[net_hrn], request_hash, caller_cred)
- else:
- # lets forward this rspec to a sm that knows about the network
- arg_list = [credential, net_hrn]
- request_hash = api.compute_hash(arg_list)
- for aggregate in aggregates:
- try:
- network_found = aggregates[aggregate].get_aggregates(credential, net_hrn)
- except:
- network_found = aggregates[aggregate].get_aggregates(credential, net_hrn, request_hash)
- if network_networks:
- try:
- request_hash = None
- aggregates[aggregate].create_slice(credential, hrn, \
- rspecs[net_hrn], request_hash, caller_cred)
- except:
- arg_list = [credential, hrn, rspecs[net_hrn]]
- request_hash = api.key.compute_hash(arg_list)
- aggregates[aggregate].create_slice(credential, hrn, \
- rspecs[net_hrn], request_hash, caller_cred)
-
- except:
- print >> log, "Error creating slice %(hrn)s at aggregate %(net_hrn)s" % \
- locals()
- traceback.print_exc()
- return 1
-
-def start_slice(api, hrn, caller_cred=None):
- slicename = hrn_to_pl_slicename(hrn)
- slices = api.plshell.GetSlices(api.plauth, {'name': slicename}, ['slice_id'])
- if not slices:
- raise RecordNotFound(hrn)
- slice_id = slices[0]
- attributes = api.plshell.GetSliceTags(api.plauth, {'slice_id': slice_id, 'name': 'enabled'}, ['slice_attribute_id'])
- attribute_id = attreibutes[0]['slice_attribute_id']
- api.plshell.UpdateSliceTag(api.plauth, attribute_id, "1" )
+ tree = etree.parse(StringIO(rspec))
+ except etree.XMLSyntaxError:
+ message = str(sys.exc_info()[1])
+ raise InvalidRSpec(message)
+
+ relaxng_doc = etree.parse(schema)
+ relaxng = etree.RelaxNG(relaxng_doc)
+
+ if not relaxng(tree):
+ error = relaxng.error_log.last_error
+ message = "%s (line %s)" % (error.message, error.line)
+ raise InvalidRSpec(message)
+
+ # get the callers hrn
+ valid_cred = api.auth.checkCredentials(creds, 'createsliver', hrn)[0]
+ caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
+ # attempt to use delegated credential first
+ credential = api.getDelegatedCredential(creds)
+ if not credential:
+ credential = api.getCredential()
+ threads = ThreadManager()
+ for aggregate in api.aggregates:
+ # prevent infinite loop. Dont send request back to caller
+ # unless the caller is the aggregate's SM
+ if caller_hrn == aggregate and aggregate != api.hrn:
+ continue
+
+ # Just send entire RSpec to each aggregate
+ server = api.aggregates[aggregate]
+ threads.run(server.CreateSliver, xrn, credential, rspec, users)
+
+ results = threads.get_results()
+ merged_rspec = merge_rspecs(results)
+ return merged_rspec
+
+def renew_slice(api, xrn, creds, expiration_time):
+ hrn, type = urn_to_hrn(xrn)
+
+ # get the callers hrn
+ valid_cred = api.auth.checkCredentials(creds, 'renewesliver', hrn)[0]
+ caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
+ # attempt to use delegated credential first
+ credential = api.getDelegatedCredential(creds)
+ if not credential:
+ credential = api.getCredential()
+ threads = ThreadManager()
+ for aggregate in api.aggregates:
+ # prevent infinite loop. Dont send request back to caller
+ # unless the caller is the aggregate's SM
+ if caller_hrn == aggregate and aggregate != api.hrn:
+ continue
+
+ server = api.aggregates[aggregate]
+ threads.run(server.RenewSliver, xrn, credential, expiration_time)
+ threads.get_results()
+ return 1
+
+def get_ticket(api, xrn, creds, rspec, users):
+ slice_hrn, type = urn_to_hrn(xrn)
+ # get the netspecs contained within the clients rspec
+ aggregate_rspecs = {}
+ tree= etree.parse(StringIO(rspec))
+ elements = tree.findall('./network')
+ for element in elements:
+ aggregate_hrn = element.values()[0]
+ aggregate_rspecs[aggregate_hrn] = rspec
+
+ # get the callers hrn
+ valid_cred = api.auth.checkCredentials(creds, 'getticket', slice_hrn)[0]
+ caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
+ # attempt to use delegated credential first
+ credential = api.getDelegatedCredential(creds)
+ if not credential:
+ credential = api.getCredential()
+ threads = ThreadManager()
+ for aggregate, aggregate_rspec in aggregate_rspecs.items():
+ # prevent infinite loop. Dont send request back to caller
+ # unless the caller is the aggregate's SM
+ if caller_hrn == aggregate and aggregate != api.hrn:
+ continue
+ server = None
+ if aggregate in api.aggregates:
+ server = api.aggregates[aggregate]
+ else:
+ net_urn = hrn_to_urn(aggregate, 'authority')
+ # we may have a peer that knows about this aggregate
+ for agg in api.aggregates:
+ target_aggs = api.aggregates[agg].get_aggregates(credential, net_urn)
+ if not target_aggs or not 'hrn' in target_aggs[0]:
+ continue
+ # send the request to this address
+ url = target_aggs[0]['url']
+ server = xmlrpcprotocol.get_server(url, api.key_file, api.cert_file)
+ # aggregate found, no need to keep looping
+ break
+ if server is None:
+ continue
+ threads.run(server.GetTicket, xrn, credential, aggregate_rspec, users)
+
+ results = threads.get_results()
+
+ # gather information from each ticket
+ rspecs = []
+ initscripts = []
+ slivers = []
+ object_gid = None
+ for result in results:
+ agg_ticket = SfaTicket(string=result)
+ attrs = agg_ticket.get_attributes()
+ if not object_gid:
+ object_gid = agg_ticket.get_gid_object()
+ rspecs.append(agg_ticket.get_rspec())
+ initscripts.extend(attrs.get('initscripts', []))
+ slivers.extend(attrs.get('slivers', []))
+
+ # merge info
+ attributes = {'initscripts': initscripts,
+ 'slivers': slivers}
+ merged_rspec = merge_rspecs(rspecs)
+
+ # create a new ticket
+ ticket = SfaTicket(subject = slice_hrn)
+ ticket.set_gid_caller(api.auth.client_gid)
+ ticket.set_issuer(key=api.key, subject=api.hrn)
+ ticket.set_gid_object(object_gid)
+ ticket.set_pubkey(object_gid.get_pubkey())
+ #new_ticket.set_parent(api.auth.hierarchy.get_auth_ticket(auth_hrn))
+ ticket.set_attributes(attributes)
+ ticket.set_rspec(merged_rspec)
+ ticket.encode()
+ ticket.sign()
+ return ticket.save_to_string(save_parents=True)
+
+
+def delete_slice(api, xrn, creds):
+ hrn, type = urn_to_hrn(xrn)