# is up to date and accurate.
#
# 1) Import the existing planetlab database, creating the
# is up to date and accurate.
#
# 1) Import the existing planetlab database, creating the
#
# 2) Create a "trusted_roots" directory and place the certificate of the root
# authority in that directory. Given the defaults in sfa-import-plc.py, this
#
# 2) Create a "trusted_roots" directory and place the certificate of the root
# authority in that directory. Given the defaults in sfa-import-plc.py, this
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.hierarchy import Hierarchy
from sfa.trust.gid import GID
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.hierarchy import Hierarchy
from sfa.trust.gid import GID
from sfa.server.sfaapi import SfaApi
from sfa.server.registry import Registries
from sfa.server.aggregate import Aggregates
from sfa.server.sfaapi import SfaApi
from sfa.server.registry import Registries
from sfa.server.aggregate import Aggregates
- # xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull
- logdir='/var/log/httpd'
+ # xxx fixme - this is just to make sure that nothing gets stupidly lost -
+ # should use devnull
+ logdir = '/var/log/httpd'
- if not os.path.isdir(logdir): os.mkdir('/var/log/httpd')
- crashlog = os.open('%s/sfa_access_log'%logdir, os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
+ if not os.path.isdir(logdir):
+ os.mkdir('/var/log/httpd')
+ crashlog = os.open('%s/sfa_access_log' % logdir, os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
# There should be a gid file in /etc/sfa/trusted_roots for every
# peer registry found in in the registries.xml config file. If there
# are any missing gids, request a new one from the peer registry.
# There should be a gid file in /etc/sfa/trusted_roots for every
# peer registry found in in the registries.xml config file. If there
# are any missing gids, request a new one from the peer registry.
registries = Registries()
aggregates = Aggregates()
interfaces = dict(registries.items() + aggregates.items())
registries = Registries()
aggregates = Aggregates()
interfaces = dict(registries.items() + aggregates.items())
- interface = interfaces[new_hrn].server_proxy(server_key_file, server_cert_file, timeout=30)
+ interface = interfaces[new_hrn].server_proxy(
+ server_key_file, server_cert_file, timeout=30)
# skip non sfa aggregates
server_version = api.get_cached_server_version(interface)
if 'sfa' not in server_version:
# skip non sfa aggregates
server_version = api.get_cached_server_version(interface)
if 'sfa' not in server_version:
gid.save_to_file(gid_filename, save_parents=True)
message = "installed trusted cert for %s" % new_hrn
# log the message
api.logger.info(message)
except:
message = "interface: %s\tunable to install trusted gid for %s" % \
gid.save_to_file(gid_filename, save_parents=True)
message = "installed trusted cert for %s" % new_hrn
# log the message
api.logger.info(message)
except:
message = "interface: %s\tunable to install trusted gid for %s" % \
api.logger.log_exc(message)
# doesnt matter witch one
update_cert_records(peer_gids)
api.logger.log_exc(message)
# doesnt matter witch one
update_cert_records(peer_gids)
def update_cert_records(gids):
"""
Make sure there is a record in the registry for the specified gids.
Removes old records from the db.
"""
def update_cert_records(gids):
"""
Make sure there is a record in the registry for the specified gids.
Removes old records from the db.
"""
- # import SfaTable here so this module can be loaded by PlcComponentApi
- from sfa.storage.alchemy import dbsession
- from sfa.storage.persistentobjs import RegRecord
+ # import db stuff here here so this module can be loaded by PlcComponentApi
+ from sfa.storage.alchemy import global_dbsession
+ from sfa.storage.model import RegRecord
+ dbsession = global_dbsession
if not gids:
return
# get records that actually exist in the db
gid_urns = [gid.get_urn() for gid in gids]
hrns_expected = [gid.get_hrn() for gid in gids]
records_found = dbsession.query(RegRecord).\
if not gids:
return
# get records that actually exist in the db
gid_urns = [gid.get_urn() for gid in gids]
hrns_expected = [gid.get_hrn() for gid in gids]
records_found = dbsession.query(RegRecord).\
- record = dbsession.query(RegRecord).filter_by(hrn=hrn, type=type,pointer=-1).first()
+ record = dbsession.query(RegRecord).filter_by(
+ hrn=hrn, type=type, pointer=-1).first()
- record = RegRecord (type=type)
- record.set_from_dict (
- { 'hrn': hrn,
- 'authority': get_authority(hrn),
- 'gid': gid.save_to_string(save_parents=True),
- })
+ record = RegRecord(dict={'type': type,
+ 'hrn': hrn,
+ 'authority': get_authority(hrn),
+ 'gid': gid.save_to_string(save_parents=True),
+ })
def main():
# Generate command line parser
parser = OptionParser(usage="sfa-start.py [options]")
parser.add_option("-r", "--registry", dest="registry", action="store_true",
def main():
# Generate command line parser
parser = OptionParser(usage="sfa-start.py [options]")
parser.add_option("-r", "--registry", dest="registry", action="store_true",
parser.add_option("-s", "--slicemgr", dest="sm", action="store_true",
parser.add_option("-s", "--slicemgr", dest="sm", action="store_true",
parser.add_option("-a", "--aggregate", dest="am", action="store_true",
parser.add_option("-a", "--aggregate", dest="am", action="store_true",
parser.add_option("-c", "--component", dest="cm", action="store_true",
parser.add_option("-c", "--component", dest="cm", action="store_true",
parser.add_option("-t", "--trusted-certs", dest="trusted_certs", action="store_true",
parser.add_option("-t", "--trusted-certs", dest="trusted_certs", action="store_true",
parser.add_option("-d", "--daemon", dest="daemon", action="store_true",
parser.add_option("-d", "--daemon", dest="daemon", action="store_true",
# ensure interface cert is present in trusted roots dir
trusted_roots = TrustedRoots(config.get_trustedroots_dir())
trusted_roots.add_gid(GID(filename=server_cert_file))
# ensure interface cert is present in trusted roots dir
trusted_roots = TrustedRoots(config.get_trustedroots_dir())
trusted_roots.add_gid(GID(filename=server_cert_file))
- r = Registry("", config.SFA_REGISTRY_PORT, server_key_file, server_cert_file)
+ r = Registry("", config.SFA_REGISTRY_PORT,
+ server_key_file, server_cert_file)
- a = Aggregate("", config.SFA_AGGREGATE_PORT, server_key_file, server_cert_file)
+ a = Aggregate("", config.SFA_AGGREGATE_PORT,
+ server_key_file, server_cert_file)
- c = Component("", config.component_port, server_key_file, server_cert_file)
+ c = Component("", config.component_port,
+ server_key_file, server_cert_file)
# c = Component("", config.SFA_COMPONENT_PORT, server_key_file, server_cert_file)
c.start()
# c = Component("", config.SFA_COMPONENT_PORT, server_key_file, server_cert_file)
c.start()