import time
import xmlrpclib
+from types import StringTypes, ListType
from geni.util.geniserver import GeniServer
from geni.util.geniclient import *
from geni.util.cert import Keypair, Certificate
GeniServer.__init__(self, ip, port, key_file, cert_file)
self.key_file = key_file
self.cert_file = cert_file
- self.conf = Config(config)
- self.basedir = self.conf.GENI_BASE_DIR + os.sep
+ self.config = Config(config)
+ self.basedir = self.config.GENI_BASE_DIR + os.sep
self.server_basedir = self.basedir + os.sep + "geni" + os.sep
- self.hrn = self.conf.GENI_INTERFACE_HRN
+ self.hrn = self.config.GENI_INTERFACE_HRN
nodes_file = os.sep.join([self.server_basedir, 'agg.' + self.hrn + '.components'])
self.nodes = SimpleStorage(nodes_file)
self.slices = SimpleStorage(slices_file)
self.slices.load()
- policy_file = os.sep.join([self.server_basedir, 'agg.policy'])
- self.policy = SimpleStorage(policy_file)
+ policy_file = os.sep.join([self.server_basedir, 'agg.' + self.hrn + '.policy'])
+ self.policy = SimpleStorage(policy_file, {'whitelist': [], 'blacklist': []})
self.policy.load()
timestamp_file = os.sep.join([self.server_basedir, 'agg.' + self.hrn + '.timestamp'])
self.timestamp = SimpleStorage(timestamp_file)
+ # How long before we refresh nodes cache
self.nodes_ttl = 1
self.connectPLC()
# connect to registry using GeniClient
address = self.config.GENI_REGISTRY_HOSTNAME
port = self.config.GENI_REGISTRY_PORT
- url = 'https://%(address)s:%(port)s' % locals()
+ url = 'http://%(address)s:%(port)s' % locals()
self.registry = GeniClient(url, self.key_file, self.cert_file)
Connect to the plc api interface. First attempt to impor thte shell, if that fails
try to connect to the xmlrpc server.
"""
- self.auth = {'Username': self.conf.GENI_PLC_USER,
+ self.auth = {'Username': self.config.GENI_PLC_USER,
'AuthMethod': 'password',
- 'AuthString': self.conf.GENI_PLC_PASSWORD}
+ 'AuthString': self.config.GENI_PLC_PASSWORD}
try:
# try to import PLC.Shell directly
- sys.path.append(self.conf.GENI_PLC_SHELL_PATH)
+ sys.path.append(self.config.GENI_PLC_SHELL_PATH)
import PLC.Shell
self.shell = PLC.Shell.Shell(globals())
self.shell.AuthCheck()
except ImportError:
# connect to plc api via xmlrpc
- plc_host = self.conf.GENI_PLC_HOST
- plc_port = self.conf.GENI_PLC_PORT
- plc_api_path = self.conf.GENI_PLC_API_PATH
+ plc_host = self.config.GENI_PLC_HOST
+ plc_port = self.config.GENI_PLC_PORT
+ plc_api_path = self.config.GENI_PLC_API_PATH
url = "https://%(plc_host)s:%(plc_port)s/%(plc_api_path)s/" % locals()
- self.auth = {'Username': self.conf.GENI_PLC_USER,
+ self.auth = {'Username': self.config.GENI_PLC_USER,
'AuthMethod': 'password',
- 'AuthString': self.conf.GENI_PLC_PASSWORD}
+ 'AuthString': self.config.GENI_PLC_PASSWORD}
self.shell = xmlrpclib.Server(url, verbose = 0, allow_none = True)
self.shell.AuthCheck(self.auth)
credential from registry.
"""
- self_cred_filename = self.server_basedir + os.sep + "agg." + self.hrn + ".cred"
ma_cred_filename = self.server_basedir + os.sep + "agg." + self.hrn + ".ma.cred"
# see if this file exists
try:
- cred = Credential(filename = ma_cred_filename)
- self.credential = cred.save_to_string()
+ self.credential = Credential(filename = ma_cred_filename)
except IOError:
- # get self credential
- self_cred = self.registry.get_credential(None, 'ma', self.hrn)
- self_credential = Credential(string = self_cred)
- self_credential.save_to_file(self_cred_filename)
+ self.credential = self.getCredentialFromRegistry()
+
+ def getCredentialFromRegistry(self):
+ """
+ Get our current credential from the registry
+ """
+ # get self credential
+ self_cred_filename = self.server_basedir + os.sep + "agg." + self.hrn + ".cred"
+ self_cred = self.registry.get_credential(None, 'ma', self.hrn)
+ self_cred.save_to_file(self_cred_filename, save_parents = True)
+
+
+ # get ma credential
+ ma_cred_filename = self.server_basedir + os.sep + "agg." + self.hrn + ".ma.cred"
+ ma_cred = self.registry.get_credential(self_cred, 'ma', self.hrn)
+ ma_cred.save_to_file(ma_cred_filename, save_parents=True)
+ return ma_cred
- # get ma credential
- ma_cred = self.registry.get_gredential(self_cred)
- ma_credential = Credential(string = ma_cred)
- ma_credential.save_to_file(ma_cred_filename)
- self.credential = ma_cred
def hostname_to_hrn(self, login_base, hostname):
"""
"""
Convert hrn to planetlab name.
"""
- slicename = slicename.replace("_", ".")
- return ".".join([self.hrn, slicename])
+ parts = slicename.split("_")
+ slice_hrn = ".".join([self.hrn, parts[0]]) + "." + "_".join(parts[1:])
+
+ return slice_hrn
def refresh_components(self):
"""
- Update the cached list of nodes.
+ Update the cached list of nodes and save in 4 differnt formats
+ (rspec, dns, ip)
"""
- # resolve component hostnames
- nodes = self.shell.GetNodes(self.auth, {}, ['hostname', 'site_id'])
-
- # resolve site login_bases
- site_ids = [node['site_id'] for node in nodes]
- sites = self.shell.GetSites(self.auth, site_ids, ['site_id', 'login_base'])
- site_dict = {}
- for site in sites:
- site_dict[site['site_id']] = site['login_base']
-
- # convert plc names to geni hrn
- nodedict = {}
- for node in nodes:
- node_hrn = self.hostname_to_hrn(site_dict[node['site_id']], node['hostname'])
- # apply policy.
- # Do not allow nodes found in blacklist, only allow nodes found in whitelist
- if self.polciy['whitelist'] and node_hrn not in self.polciy['whitelist']:
- continue
- if self.polciy['blacklist'] and node_hrn in self.policy['blacklist']:
- continue
- nodedict[node_hrn] = node['hostname']
+
+ # get node list in rspec format
+ rspec = Rspec()
+ rspec.parseString(self.get_rspec(self.hrn, 'aggregate'))
+
+ # filter nodes according to policy
+ rspec.filter('NodeSpec', 'name', blacklist=self.policy['blacklist'], whitelist=self.policy['whitelist'])
+
+ # extract ifspecs from rspec to get ip's
+ ips = []
+ ifspecs = rspec.getDictsByTagName('IfSpec')
+ for ifspec in ifspecs:
+ if ifspec.has_key('addr') and ifspec['addr']:
+ ips.append(ifspec['addr'])
+
+ # extract nodespecs from rspec to get dns names
+ hostnames = []
+ nodespecs = rspec.getDictsByTagName('NodeSpec')
+ for nodespec in nodespecs:
+ if nodespec.has_key('name') and nodespec['name']:
+ hostnames.append(nodespec['name'])
+
- self.nodes = SimpleStorage(self.nodes.db_filename, nodedict)
+ node_details = {}
+ node_details['rspec'] = rspec.toxml()
+ node_details['ip'] = ips
+ node_details['dns'] = hostnames
+ # save state
+ self.nodes = SimpleStorage(self.nodes.db_filename, node_details)
self.nodes.write()
+
# update timestamp and threshold
self.timestamp['timestamp'] = datetime.datetime.now()
delta = datetime.timedelta(hours=self.nodes_ttl)
self.policy.load()
- def get_components(self):
+ def getNodes(self, format = 'rspec'):
"""
Return a list of components at this aggregate.
"""
+ valid_formats = ['rspec', 'hrn', 'dns', 'ip']
+ if not format:
+ format = 'rspec'
+ if format not in valid_formats:
+ raise Exception, "Invalid format specified, must be one of the following: %s" \
+ % ", ".join(valid_formats)
+
# Reload components list
now = datetime.datetime.now()
#self.load_components()
self.refresh_components()
elif now < self.threshold and not self.nodes.keys():
self.load_components()
- return self.nodes.keys()
-
+ return self.nodes[format]
+
+ def getSlices(self):
+ """
+ Return a list of instnatiated managed by this slice manager.
+ """
+
+ slices = self.shell.GetSlices(self.auth, {}, ['name'])
+ slice_hrns = [self.slicename_to_hrn(slice['name']) for slice in slices]
+
+ return slice_hrns
+
def get_rspec(self, hrn, type):
"""
Get resource information from PLC
# Get the required nodes
if type in ['aggregate']:
nodes = self.shell.GetNodes(self.auth)
+ try: linkspecs = self.shell.GetLinkSpecs() # if call is supported
+ except: linkspecs = []
elif type in ['slice']:
slicename = hrn_to_pl_slicename(hrn)
slices = self.shell.GetSlices(self.auth, [slicename])
node_ids = slices[0]['node_ids']
nodes = self.shell.GetNodes(self.auth, node_ids)
+ # Filter out whitelisted nodes
+ public_nodes = lambda n: n.has_key('slice_ids_whitelist') and not n['slice_ids_whitelist']
+ nodes = filter(public_nodes, nodes)
+
# Get all network interfaces
interface_ids = []
for node in nodes:
node['interfaces'].append(interface_dict[nodenetwork_id])
# convert and threshold to ints
- timestamp = self.timestamp['timestamp']
- start_time = int(self.timestamp['timestamp'].strftime("%s"))
- end_time = int(self.threshold.strftime("%s"))
+ if self.timestamp.has_key('timestamp') and self.timestamp['timestamp']:
+ timestamp = self.timestamp['timestamp']
+ threshold = self.threshold
+ else:
+ timestamp = datetime.datetime.now()
+ delta = datetime.timedelta(hours=self.nodes_ttl)
+ threshold = timestamp + delta
+
+
+ start_time = int(timestamp.strftime("%s"))
+ end_time = int(threshold.strftime("%s"))
duration = end_time - start_time
# create the plc dict
- networks = {'nodes': nodes, 'name': self.hrn, 'start_time': start_time, 'duration': duration}
+ networks = [{'nodes': nodes,
+ 'links': linkspecs,
+ 'name': self.hrn,
+ 'start_time': start_time,
+ 'duration': duration}]
resources = {'networks': networks, 'start_time': start_time, 'duration': duration}
# convert the plc dict to an rspec dict
- resouceDict = RspecDict(resources)
-
+ resourceDict = RspecDict(resources)
# convert the rspec dict to xml
rspec = Rspec()
rspec.parseDict(resourceDict)
return rspec.toxml()
- def get_resources(self, slice_hrn):
+ def getResources(self, slice_hrn):
"""
Return the current rspec for the specified slice.
"""
- slicename = hrn_to_plcslicename(slice_hrn)
- rspec = self.get_rspec(slicenamem, 'slice')
+ rspec = self.get_rspec(slice_hrn, 'slice')
return rspec
- def create_slice(self, slice_hrn, rspec, attributes = []):
+
+ def getTicket(self, hrn, rspec):
"""
- Instantiate the specified slice according to whats defined in the rspec.
+ Retrieve a ticket. This operation is currently implemented on PLC
+ only (see SFA, engineering decisions); it is not implemented on
+ components.
+
+ @param name name of the slice to retrieve a ticket for
+ @param rspec resource specification dictionary
+ @return the string representation of a ticket object
"""
+ #self.registry.get_ticket(name, rspec)
+
+ return
+
+ def createSlice(self, slice_hrn, rspec, attributes = []):
+ """
+ Instantiate the specified slice according to whats defined in the rspec.
+ """
+
+ spec = Rspec(rspec)
# save slice state locally
# we can assume that spec object has been validated so its safer to
# save this instead of the unvalidated rspec the user gave us
self.slices[slice_hrn] = spec.toxml()
self.slices.write()
-
- # extract node list from rspec
- slicename = self.hrn_to_plcslicename(slice_hrn)
- spec = Rspec(rspec)
- nodespecs = spec.getDictsByTagName('NodeSpec')
- nodes = [nodespec['name'] for nodespec in nodespecs]
-
- # add slice to nodes at plc
- self.shell.AddSliceToNodes(self.auth, slicename, nodes)
- for attribute in attributes:
- type, value, node, nodegroup = attribute['type'], attribute['value'], attribute['node'], attribute['nodegroup']
- shell.AddSliceAttribute(self.auth, slicename, type, value, node, nodegroup)
-
- # XX contact the registry to get the list of users on this slice and
- # their keys.
- slice_record = self.registry.resolve(self.credential, slice_hrn)
- #person_records = slice_record['users']
- # for person in person_record:
- # email = person['email']
- # self.shell.AddPersonToSlice(self.auth, email, slicename)
-
-
- return 1
-
- def update_slice(self, slice_hrn, rspec, attributes = []):
- """
- Update the specified slice.
- """
+
# Get slice info
- slicename = self.hrn_to_plcslicename(slice_hrn)
+ slicename = hrn_to_pl_slicename(slice_hrn)
slices = self.shell.GetSlices(self.auth, [slicename], ['node_ids'])
- if not slice:
- raise RecordNotFound(slice_hrn)
- slice = slices[0]
+ if not slices:
+ parts = slicename.split("_")
+ login_base = parts[0]
+ slice_record = self.registry.resolve(self.cred, slice_hrn)
+ slice_info = slice_record.as_dict()
+ slice = slice_info['pl_info']
+
+ # if site doesnt exist add it
+ sites = self.shell.GetSites(self.auth, [login_base])
+ if not sites:
+ authority = get_authority(slice_hrn)
+ site_record = self.registry.reolve(self.cred, authority)
+ site_info = site_record.as_dict()
+ site = site_info['pl_info']
+
+ # add the site
+ site.pop('site_id')
+ site_id = self.shell.AddSite(self.auth, site)
+ else:
+ site = sites[0]
+
+ self.shell.AddSlice(self.auth, slice_info)
+ else:
+ slice = slices[0]
+
+ # get the list of valid slice users from the registry and make
+ # they are added to the slice
+ slice_records = self.registry.resolve(self.credential, slice_hrn)
+ if not slice_records:
+ raise Error, "record for %s not found" % slice_hrn
+ slice_record = slice_records[0]
+ slice_record_dict = slice_record.as_dict()
+ geni_info = slice_record_dict['geni_info']
+ researchers = geni_info['researcher']
+ for researcher in researchers:
+ person_records = self.registry.resolve(self.credential, researcher)
+ if not person_records:
+ pass
+ person_record = person_records[0]
+ person_dict = person_record.as_dict()['plc_info']
+ persons = self.shell.GetPersons(self.auth, [person_dict['email']], ['person_id', 'key_ids'])
+
+ # Create the person record
+ if not persons:
+ self.shell.AddPerson(self.auth, person_dict)
+ self.shell.AddPersonToSlice(self.auth, person_dict['email'], login_base)
+ # Add this person's public keys
+ for personkey in person_dict['keys']:
+ key = {'type': 'ssh', 'key': personkey}
+ self.shellAddPersonKey(self.auth, person_dict['email'], key)
+
# find out where this slice is currently running
- nodes = self.shell.GetNodes(self.auth, slice['node_ids'], ['hostname'])
- hostnames = [node['hostname'] for node in nodes]
+ nodelist = self.shell.GetNodes(self.auth, slice['node_ids'], ['hostname'])
+ hostnames = [node['hostname'] for node in nodelist]
# get netspec details
- spec = Rspec(rspec)
nodespecs = spec.getDictsByTagName('NodeSpec')
- nodes = [nodespec['name'] for nodespec in nodespecs]
-
+ nodes = []
+ for nodespec in nodespecs:
+ if isinstance(nodespec['name'], list):
+ nodes.extend(nodespec['name'])
+ elif isinstance(nodespec['name'], StringTypes):
+ nodes.append(nodespec['name'])
+
# save slice state locally
# we can assume that spec object has been validated so its safer to
# save this instead of the unvalidated rspec the user gave us
self.slices.write()
# remove nodes not in rspec
- delete_nodes = set(hostnames).difference(nodes)
+ deleted_nodes = list(set(hostnames).difference(nodes))
# add nodes from rspec
- added_nodes = set(nodes).difference(hostnames)
+ added_nodes = list(set(nodes).difference(hostnames))
- shell.AddSliceToNodes(self.auth, slicename, added_nodes)
- shell.DeleteSliceFromNodes(self.auth, slicename, deleted_nodes)
+ self.shell.AddSliceToNodes(self.auth, slicename, added_nodes)
+ self.shell.DeleteSliceFromNodes(self.auth, slicename, deleted_nodes)
- for attribute in attributes:
- type, value, node, nodegroup = attribute['type'], attribute['value'], attribute['node'], attribute['nodegroup']
- shell.AddSliceAttribute(self.auth, slicename, type, value, node, nodegroup)
-
- # contact registry to get slice users and add them to the slice
- slice_record = self.registry.resolve(self.credential, slice_hrn)
- # persons = slice_record['users']
-
- #for person in persons:
- # shell.AddPersonToSlice(person['email'], slice_name)
+ return 1
+ def updateSlice(self, slice_hrn, rspec, attributes = []):
+ return self.create_slice(slice_hrn, rspec, attributes)
- def delete_slice_(self, slice_hrn):
+ def deleteSlice(self, slice_hrn):
"""
Remove this slice from all components it was previouly associated with and
free up the resources it was using.
self.slices.pop(slice_hrn)
self.slices.write()
- slicename = self.hrn_to_plcslicename(slice_hrn)
- slices = shell.GetSlices(self.auth, [slicename])
- if not slice:
+ slicename = hrn_to_pl_slicename(slice_hrn)
+ slices = self.shell.GetSlices(self.auth, [slicename])
+ if not slices:
return 1
slice = slices[0]
- shell.DeleteSliceFromNodes(self.auth, slicename, slice['node_ids'])
+ self.shell.DeleteSliceFromNodes(self.auth, slicename, slice['node_ids'])
return 1
- def start_slice(self, slice_hrn):
+ def startSlice(self, slice_hrn):
"""
Stop the slice at plc.
"""
- slicename = hrn_to_plcslicename(slice_hrn)
+ slicename = hrn_to_pl_slicename(slice_hrn)
slices = self.shell.GetSlices(self.auth, {'name': slicename}, ['slice_id'])
if not slices:
#raise RecordNotFound(slice_hrn)
self.shell.UpdateSliceAttribute(self.auth, attribute_id, "1" )
return 1
- def stop_slice(self, slice_hrn):
+ def stopSlice(self, slice_hrn):
"""
Stop the slice at plc
"""
- slicename = hrn_to_plcslicename(slice_hrn)
+ slicename = hrn_to_pl_slicename(slice_hrn)
slices = self.shell.GetSlices(self.auth, {'name': slicename}, ['slice_id'])
if not slices:
#raise RecordNotFound(slice_hrn)
return 1
- def reset_slice(self, slice_hrn):
+ def resetSlice(self, slice_hrn):
"""
Reset the slice
"""
# XX not yet implemented
return 1
- def get_policy(self):
+ def getPolicy(self):
"""
Return this aggregates policy.
"""
## Server methods here for now
##############################
- def components(self):
- return self.get_components()
- #def slices(self):
- # return self.get_slices()
+ # XX fix rights, should be function name defined in
+ # privilege_table (from util/rights.py)
+ def list_nodes(self, cred):
+ self.decode_authentication(cred, 'listnodes')
+ return self.getNodes()
- def resources(self, cred, hrn):
- self.decode_authentication(cred, 'info')
- self.verify_object_belongs_to_me(hrn)
+ def list_slices(self, cred):
+ self.decode_authentication(cred, 'listslices')
+ return self.getSlices()
- return self.get_resources(hrn)
+ def get_resources(self, cred, hrn = None):
+ self.decode_authentication(cred, 'listnodes')
+ if not hrn:
+ return self.getNodes()
+ else:
+ return self.getResources(hrn)
- def createSlice(self, cred, hrn, rspec):
- self.decode_authentication(cred, 'embed')
- self.verify_object_belongs_to_me(hrn)
- return self.create_slice(hrn)
+ def get_ticket(self, cred, hrn, rspec):
+ self.decode_authentication(cred, 'getticket')
+ return self.getTicket(hrn, rspec)
+
+ def get_policy(self, cred):
+ self.decode_authentication(cred, 'getpolicy')
+ return self.getPolicy()
- def updateSlice(self, cred, hrn, rspec):
- self.decode_authentication(cred, 'embed')
- self.verify_object_belongs_to_me(hrn)
- return self.update_slice(hrn)
+ def create_slice(self, cred, hrn, rspec):
+ self.decode_authentication(cred, 'createslice')
+ return self.createSlice(hrn, rspec)
- def deleteSlice(self, cred, hrn):
- self.decode_authentication(cred, 'embed')
- self.verify_object_belongs_to_me(hrn)
- return self.delete_slice(hrn)
+ def update_slice(self, cred, hrn, rspec):
+ self.decode_authentication(cred, 'updateslice')
+ return self.updateSlice(hrn)
- def startSlice(self, cred, hrn):
- self.decode_authentication(cred, 'control')
- return self.start_slice(hrn)
+ def delete_slice(self, cred, hrn):
+ self.decode_authentication(cred, 'deleteslice')
+ return self.deleteSlice(hrn)
- def stopSlice(self, cred, hrn):
- self.decode_authentication(cred, 'control')
- return self.stop(hrn)
+ def start_slice(self, cred, hrn):
+ self.decode_authentication(cred, 'startslice')
+ return self.startSlice(hrn)
- def resetSlice(self, cred, hrn):
- self.decode_authentication(cred, 'control')
- return self.reset(hrn)
+ def stop_slice(self, cred, hrn):
+ self.decode_authentication(cred, 'stopslice')
+ return self.stopSlice(hrn)
- def policy(self, cred):
- self.decode_authentication(cred, 'info')
- return self.get_policy()
+ def reset_slice(self, cred, hrn):
+ self.decode_authentication(cred, 'resetslice')
+ return self.resetSlice(hrn)
def register_functions(self):
GeniServer.register_functions(self)
# Aggregate interface methods
- self.server.register_function(self.components)
- #self.server.register_function(self.slices)
- self.server.register_function(self.resources)
- self.server.register_function(self.createSlice)
- self.server.register_function(self.deleteSlice)
- self.server.register_function(self.startSlice)
- self.server.register_function(self.stopSlice)
- self.server.register_function(self.resetSlice)
- self.server.register_function(self.policy)
+ self.server.register_function(self.list_nodes)
+ self.server.register_function(self.list_slices)
+ self.server.register_function(self.get_resources)
+ self.server.register_function(self.get_policy)
+ self.server.register_function(self.create_slice)
+ self.server.register_function(self.update_slice)
+ self.server.register_function(self.delete_slice)
+ self.server.register_function(self.start_slice)
+ self.server.register_function(self.stop_slice)
+ self.server.register_function(self.reset_slice)
git://git.onelab.eu / sfa.git / blobdiff