+# $Id$
+# $URL$
import time
from PLC.Faults import *
from PLC.Filter import Filter
from PLC.Auth import Auth
from PLC.Nodes import Node, Nodes
-from PLC.NodeNetworks import NodeNetwork, NodeNetworks
+from PLC.Interfaces import Interface, Interfaces
from PLC.NodeGroups import NodeGroup, NodeGroups
from PLC.ConfFiles import ConfFile, ConfFiles
from PLC.Slices import Slice, Slices
-#from PLC.ForeignSlices import ForeignSlice, ForeignSlices
from PLC.Persons import Person, Persons
+from PLC.Sites import Sites
+from PLC.Roles import Roles
from PLC.Keys import Key, Keys
-from PLC.SliceAttributes import SliceAttribute, SliceAttributes
+from PLC.SliceTags import SliceTag, SliceTags
+from PLC.InitScripts import InitScript, InitScripts
-class GetSlivers(Method):
+# XXX used to check if slice expiration time is sane
+MAXINT = 2L**31-1
+
+def get_slivers(api, slice_filter, node = None):
+ # Get slice information
+ slices = Slices(api, slice_filter, ['slice_id', 'name', 'instantiation', 'expires', 'person_ids', 'slice_tag_ids'])
+
+ # Build up list of users and slice attributes
+ person_ids = set()
+ slice_tag_ids = set()
+ for slice in slices:
+ person_ids.update(slice['person_ids'])
+ slice_tag_ids.update(slice['slice_tag_ids'])
+
+ # Get user information
+ all_persons = Persons(api, {'person_id':person_ids,'enabled':True}, ['person_id', 'enabled', 'key_ids']).dict()
+
+ # Build up list of keys
+ key_ids = set()
+ for person in all_persons.values():
+ key_ids.update(person['key_ids'])
+
+ # Get user account keys
+ all_keys = Keys(api, key_ids, ['key_id', 'key', 'key_type']).dict()
+
+ # Get slice attributes
+ all_slice_tags = SliceTags(api, slice_tag_ids).dict()
+
+ slivers = []
+ for slice in slices:
+ keys = []
+ for person_id in slice['person_ids']:
+ if person_id in all_persons:
+ person = all_persons[person_id]
+ if not person['enabled']:
+ continue
+ for key_id in person['key_ids']:
+ if key_id in all_keys:
+ key = all_keys[key_id]
+ keys += [{'key_type': key['key_type'],
+ 'key': key['key']}]
+
+ attributes = []
+
+ # All (per-node and global) attributes for this slice
+ slice_tags = []
+ for slice_tag_id in slice['slice_tag_ids']:
+ if slice_tag_id in all_slice_tags:
+ slice_tags.append(all_slice_tags[slice_tag_id])
+
+ # Per-node sliver attributes take precedence over global
+ # slice attributes, so set them first.
+ # Then comes nodegroup slice attributes
+ # Followed by global slice attributes
+ sliver_attributes = []
+
+ if node is not None:
+ for sliver_attribute in filter(lambda a: a['node_id'] == node['node_id'], slice_tags):
+ sliver_attributes.append(sliver_attribute['tagname'])
+ attributes.append({'tagname': sliver_attribute['tagname'],
+ 'value': sliver_attribute['value']})
+
+ # set nodegroup slice attributes
+ for slice_tag in filter(lambda a: a['nodegroup_id'] in node['nodegroup_ids'], slice_tags):
+ # Do not set any nodegroup slice attributes for
+ # which there is at least one sliver attribute
+ # already set.
+ if slice_tag not in slice_tags:
+ attributes.append({'tagname': slice_tag['tagname'],
+ 'value': slice_tag['value']})
+
+ for slice_tag in filter(lambda a: a['node_id'] is None, slice_tags):
+ # Do not set any global slice attributes for
+ # which there is at least one sliver attribute
+ # already set.
+ if slice_tag['tagname'] not in sliver_attributes:
+ attributes.append({'tagname': slice_tag['tagname'],
+ 'value': slice_tag['value']})
+
+ # XXX Sanity check; though technically this should be a system invariant
+ # checked with an assertion
+ if slice['expires'] > MAXINT: slice['expires']= MAXINT
+
+ slivers.append({
+ 'name': slice['name'],
+ 'slice_id': slice['slice_id'],
+ 'instantiation': slice['instantiation'],
+ 'expires': slice['expires'],
+ 'keys': keys,
+ 'attributes': attributes
+ })
+
+ return slivers
+
+class v43GetSlivers(Method):
"""
- Returns an array of structs representing nodes and their slivers
- (slices bound to nodes). If node_filter is specified, only
- information about the specified nodes will be returned. If
- node_filter is not specified and called by a node, only
- information about the caller will be returned.
+ Returns a struct containing information about the specified node
+ (or calling node, if called by a node and node_id_or_hostname is
+ not specified), including the current set of slivers bound to the
+ node.
All of the information returned by this call can be gathered from
- other calls, e.g. GetNodes, GetNodeNetworks, GetSlices, etc. This
- function exists primarily for the benefit of Node Manager and
- Federation Manager.
+ other calls, e.g. GetNodes, GetInterfaces, GetSlices, etc. This
+ function exists almost solely for the benefit of Node Manager.
"""
roles = ['admin', 'node']
accepts = [
Auth(),
- Mixed([Mixed(Node.fields['node_id'],
- Node.fields['hostname'])],
- Filter(Node.fields)),
+ Mixed(Node.fields['node_id'],
+ Node.fields['hostname']),
]
- returns = [{
+ returns = {
'timestamp': Parameter(int, "Timestamp of this call, in seconds since UNIX epoch"),
'node_id': Node.fields['node_id'],
'hostname': Node.fields['hostname'],
- 'networks': [NodeNetwork.fields],
- 'groups': [NodeGroup.fields['name']],
+ 'networks': [Interface.fields],
+ 'groups': [NodeGroup.fields['groupname']],
'conf_files': [ConfFile.fields],
+ 'initscripts': [InitScript.fields],
+ 'accounts': [{
+ 'name': Parameter(str, "unix style account name", max = 254),
+ 'keys': [{
+ 'key_type': Key.fields['key_type'],
+ 'key': Key.fields['key']
+ }],
+ }],
'slivers': [{
'name': Slice.fields['name'],
'slice_id': Slice.fields['slice_id'],
'key': Key.fields['key']
}],
'attributes': [{
- 'name': SliceAttribute.fields['name'],
- 'value': SliceAttribute.fields['value']
+ 'tagname': SliceTag.fields['tagname'],
+ 'value': SliceTag.fields['value']
}]
}]
- }]
+ }
- def call(self, auth, node_filter = None):
- timestamp = int(time.time())
+ def call(self, auth, node_id_or_hostname = None):
+ timestamp = int(time.time())
- if node_filter is None and isinstance(self.caller, Node):
- all_nodes = {self.caller['node_id']: self.caller}
+ # Get node
+ if node_id_or_hostname is None:
+ if isinstance(self.caller, Node):
+ node = self.caller
+ else:
+ raise PLCInvalidArgument, "'node_id_or_hostname' not specified"
else:
- all_nodes = Nodes(self.api, node_filter).dict()
+ nodes = Nodes(self.api, [node_id_or_hostname])
+ if not nodes:
+ raise PLCInvalidArgument, "No such node"
+ node = nodes[0]
- # Get default slices
- system_slice_attributes = SliceAttributes(self.api, {'name': 'system', 'value': '1'}).dict()
- system_slice_ids = [slice_attribute['slice_id'] for slice_attribute in system_slice_attributes.values()]
- system_slice_ids = dict.fromkeys(system_slice_ids)
-
- all_nodenetwork_ids = set()
- all_nodegroup_ids = set()
- all_slice_ids = set(system_slice_ids.keys())
- for node_id, node in all_nodes.iteritems():
- all_nodenetwork_ids.update(node['nodenetwork_ids'])
- all_nodegroup_ids.update(node['nodegroup_ids'])
- #all_slice_ids.update(node['slice_ids'])
-
- # Get nodenetwork information
- all_nodenetworks = NodeNetworks(self.api, all_nodenetwork_ids).dict()
+ if node['peer_id'] is not None:
+ raise PLCInvalidArgument, "Not a local node"
+
+ # Get interface information
+ networks = Interfaces(self.api, node['interface_ids'])
# Get node group information
- all_nodegroups = NodeGroups(self.api, all_nodegroup_ids).dict()
+ nodegroups = NodeGroups(self.api, node['nodegroup_ids']).dict('groupname')
+ groups = nodegroups.keys()
- # Get (enabled) configuration files
+ # Get all (enabled) configuration files
all_conf_files = ConfFiles(self.api, {'enabled': True}).dict()
+ conf_files = {}
- # Get slice information
- all_slices = Slices(self.api, all_slice_ids).dict()
+ # Global configuration files are the default. If multiple
+ # entries for the same global configuration file exist, it is
+ # undefined which one takes precedence.
+ for conf_file in all_conf_files.values():
+ if not conf_file['node_ids'] and not conf_file['nodegroup_ids']:
+ conf_files[conf_file['dest']] = conf_file
+
+ # Node group configuration files take precedence over global
+ # ones. If a node belongs to multiple node groups for which
+ # the same configuration file is defined, it is undefined
+ # which one takes precedence.
+ for nodegroup in nodegroups.values():
+ for conf_file_id in nodegroup['conf_file_ids']:
+ if conf_file_id in all_conf_files:
+ conf_file = all_conf_files[conf_file_id]
+ conf_files[conf_file['dest']] = conf_file
+
+ # Node configuration files take precedence over node group
+ # configuration files.
+ for conf_file_id in node['conf_file_ids']:
+ if conf_file_id in all_conf_files:
+ conf_file = all_conf_files[conf_file_id]
+ conf_files[conf_file['dest']] = conf_file
- person_ids = set()
- slice_attribute_ids = set()
- for slice_id, slice in all_slices.iteritems():
- ### still missing in foreign slices
- if slice.get('person_ids'):
- person_ids.update(slice['person_ids'])
- ### still missing in foreign slices
- if slice.get('slice_attribute_ids'):
- slice_attribute_ids.update(slice['slice_attribute_ids'])
+ # Get all (enabled) initscripts
+ initscripts = InitScripts(self.api, {'enabled': True})
- # Get user information
- all_persons = Persons(self.api, person_ids).dict()
+ # Get system slices
+ system_slice_tags = SliceTags(self.api, {'tagname': 'system', 'value': '1'}).dict('slice_id')
+ system_slice_ids = system_slice_tags.keys()
+
+ # Get nm-controller slices
+ controller_and_delegated_slices = Slices(self.api, {'instantiation': ['nm-controller', 'delegated']}, ['slice_id']).dict('slice_id')
+ controller_and_delegated_slice_ids = controller_and_delegated_slices.keys()
+ slice_ids = system_slice_ids + controller_and_delegated_slice_ids + node['slice_ids']
- key_ids = set()
- for person_id, person in all_persons.iteritems():
- key_ids.update(person['key_ids'])
+ slivers = get_slivers(self.api, slice_ids, node)
- # Get user account keys
- all_keys = Keys(self.api, key_ids).dict()
+ # get the special accounts and keys needed for the node
+ # root
+ # site_admin
+ accounts = []
+ if False and 'site_id' not in node:
+ nodes = Nodes(self.api, node['node_id'])
+ node = nodes[0]
- # Get slice attributes
- all_slice_attributes = SliceAttributes(self.api, slice_attribute_ids).dict()
-
- nodes = []
- for node_id, node in all_nodes.iteritems():
- networks = [all_nodenetworks[nodenetwork_id] for nodenetwork_id in node['nodenetwork_ids']]
- nodegroups = [all_nodegroups[nodegroup_id] for nodegroup_id in node['nodegroup_ids']]
- groups = [nodegroup['name'] for nodegroup in nodegroups]
-
- # If multiple entries for the same global configuration
- # file exist, it is undefined which one takes precedence.
- conf_files = {}
- for conf_file in all_conf_files.values():
- if not conf_file['node_ids'] and not conf_file['nodegroup_ids']:
- conf_files[conf_file['dest']] = conf_file
-
- # If a node belongs to multiple node
- # groups for which the same configuration file is defined,
- # it is undefined which one takes precedence.
- for nodegroup in nodegroups:
- for conf_file_id in nodegroup['conf_file_ids']:
- if conf_file_id in all_conf_files:
- conf_files[conf_file['dest']] = all_conf_files[conf_file_id]
-
- # Node configuration files always take precedence over
- # node group configuration files.
- for conf_file_id in node['conf_file_ids']:
- if conf_file_id in all_conf_files:
- conf_files[conf_file['dest']] = all_conf_files[conf_file_id]
-
- # filter out any slices in this nodes slice_id list that may be invalid
- # (i.e. expired slices)
- slice_ids = dict.fromkeys(filter(lambda slice_id: slice_id in all_slice_ids, node['slice_ids']))
-
- # If not a foreign node, add all of our default system
- # slices to it.
- if node['peer_id'] is None:
- slice_ids.update(system_slice_ids)
-
- slivers = []
-
- for slice in map(lambda id: all_slices[id], slice_ids.keys()):
- keys = []
- ### still missing in foreign slices
- try:
- for person in map(lambda id: all_persons[id], slice['person_ids']):
- keys += [{'key_type': all_keys[key_id]['key_type'],
- 'key': all_keys[key_id]['key']} \
- for key_id in person['key_ids']]
- except:
- keys += [{'key_type':'missing',
- 'key':'key caching not implemented yet'}]
-
- sliver_attributes = []
- attributes = []
- ### still missing in foreign slices
- try:
- slice_attributes = map(lambda id: all_slice_attributes[id],
- slice['slice_attribute_ids'])
-
- # Per-node sliver attributes take precedence over
- # global slice attributes, so set them first.
- for sliver_attribute in filter(lambda a: a['node_id'] == node_id, slice_attributes):
- sliver_attributes.append(sliver_attribute['name'])
- attributes.append({'name': sliver_attribute['name'],
- 'value': sliver_attribute['value']})
-
- for slice_attribute in filter(lambda a: a['node_id'] is None, slice_attributes):
- # Do not set any global slice attributes for
- # which there is at least one sliver attribute
- # already set.
- if slice_attribute['name'] not in sliver_attributes:
- attributes.append({'name': slice_attribute['name'],
- 'value': slice_attribute['value']})
- except Exception, err:
- attributes=[{'name':'attributes caching','value':'not implemented yet'}]
-
- slivers.append({
- 'name': slice['name'],
- 'slice_id': slice['slice_id'],
- 'instantiation': slice['instantiation'],
- 'expires': slice['expires'],
- 'keys': keys,
- 'attributes': attributes
- })
-
- nodes.append({
- 'timestamp': timestamp,
- 'node_id': node['node_id'],
- 'hostname': node['hostname'],
- 'networks': networks,
- 'groups': groups,
- 'conf_files': conf_files.values(),
- 'slivers': slivers
- })
-
- return nodes
+ # used in conjunction with reduce to flatten lists, like in
+ # reduce ( reduce_flatten_list, [ [1] , [2,3] ], []) => [ 1,2,3 ]
+ def reduce_flatten_list (x,y): return x+y
+
+ def get_site_roles_keys(site_id_or_name,roles):
+ site = Sites (self.api,site_id_or_name,['person_ids'])[0]
+ persons = Persons(self.api,{'person_id':site['person_ids'], 'enabled':True},
+ ['roles','key_ids','enabled'] )
+ key_ids = []
+ for role in roles:
+ key_ids.extend(reduce (reduce_flatten_list, [ p['key_ids'] for p in persons if role in p['roles'] ], []))
+ return [ key['key'] for key in Keys (self.api, key_ids) if key['key_type']=='ssh']
+
+ def get_all_admin_keys():
+ # get all admins key_ids and flatten them into a list of key_ids
+ key_ids = reduce (reduce_flatten_list,
+ [ p['key_ids'] for p in \
+ Persons(self.api,{'peer_id':None,'enabled':True}, \
+ ['roles','key_ids','enabled']) \
+ if 'admin' in p['roles'] ],
+ # starting point for reduce in case there's no admin - I know..
+ [])
+ # fetch the corresponding keys, and extract the 'key' part into a list
+ # this does not return duplicates
+ return [ key['key'] for key in Keys (self.api, key_ids) if key['key_type']=='ssh']
+
+ # 'site_admin' account setup
+ personsitekeys=get_site_roles_keys(node['site_id'],['pi','tech'])
+ accounts.append({'name':'site_admin','keys':personsitekeys})
+
+ # 'root' account setup on nodes from all 'admin' users
+ personsitekeys=get_all_admin_keys()
+ accounts.append({'name':'root','keys':personsitekeys})
+
+ node.update_last_contact()
+
+ return {
+ 'timestamp': timestamp,
+ 'node_id': node['node_id'],
+ 'hostname': node['hostname'],
+ 'networks': networks,
+ 'groups': groups,
+ 'conf_files': conf_files.values(),
+ 'initscripts': initscripts,
+ 'slivers': slivers,
+ 'accounts': accounts
+ }
+
+class v42GetSlivers(v43GetSlivers):
+ """
+ Legacy wrapper for v43GetSlivers.
+ """
+
+ def call(self, auth, node_id_or_hostname = None):
+ result = v43GetSlivers.call(self,auth,node_id_or_hostname)
+ networks = result['networks']
+
+ for i in range(0,len(networks)):
+ network = networks[i]
+ if network.has_key("interface_id"):
+ network['nodenetwork_id']=network['interface_id']
+ if network.has_key("interface_tag_ids"):
+ network['nodenetwork_setting_ids']=network['interface_tag_ids']
+ networks[i]=network
+
+ result['networks']=networks
+ return result
+
+class GetSlivers(v42GetSlivers):
+ """
+ Returns a struct containing information about the specified node
+ (or calling node, if called by a node and node_id_or_hostname is
+ not specified), including the current set of slivers bound to the
+ node.
+
+ All of the information returned by this call can be gathered from
+ other calls, e.g. GetNodes, GetInterfaces, GetSlices, etc. This
+ function exists almost solely for the benefit of Node Manager.
+ """
+
+ pass