#!/usr/bin/python -tt
# vim:set ts=4 sw=4 expandtab:
#
-# $Id$
-# $URL$
-#
# NodeManager plugin for creating credentials in slivers
# (*) empower slivers to make API calls throught hmac
# (*) also create a ssh key - used by the OMF resource controller
# for authenticating itself with its Experiment Controller
-# xxx todo : a config option for turning these 2 things on or off ?
+# in order to avoid spamming the DB with huge amounts of such tags,
+# (*) slices need to have the 'enable_hmac' tag set
+# (*) or the 'omf_control' tag set, respectively
"""
Sliver authentication support for NodeManager.
logger.log("sliverauth: plc-instantiated slice %s does not yet exist. IGNORING!" % sliver['name'])
continue
- manage_hmac (plc, sliver)
+ system_slice = False
+ for chunk in sliver['attributes']:
+ if chunk['tagname'] == "system":
+ if chunk['value'] in (True, 1, '1') or chunk['value'].lower() == "true":
+ system_slice = True
for chunk in sliver['attributes']:
+ if chunk['tagname']=='enable_hmac' and not system_slice:
+ manage_hmac (plc, sliver)
+
if chunk['tagname']=='omf_control':
manage_sshkey (plc, sliver)
- break
def SetSliverTag(plc, slice, tagname, value):