#!/usr/bin/python -tt
# vim:set ts=4 sw=4 expandtab:
+#
+# $Id$
+# $URL$
+#
# NodeManager plugin to empower slivers to make API calls
"""
import random
import string
import tempfile
+import time
import logger
import tools
def start(options, conf):
- # XXX REMOVE ME
- return
-
- logger.log("sliverauth plugin starting up...")
+ logger.log("sliverauth: plugin starting up...")
def SetSliverTag(plc, slice, tagname, value):
node_id = tools.node_id()
- slivertags=plc.GetSliceTags({"name":slice,"node_id":node_id})
+ slivertags=plc.GetSliceTags({"name":slice,"node_id":node_id,"tagname":tagname})
if len(slivertags)==0:
- slivertag_id=plc.AddSliceTag(slice,tagname,value,node_id)
+ # looks like GetSlivers reports about delegated/nm-controller slices that do *not* belong to this node
+ # and this is something that AddSliceTag does not like
+ try:
+ slivertag_id=plc.AddSliceTag(slice,tagname,value,node_id)
+ except:
+ logger.log ("sliverauth: SetSliverTag - CAUGHT exception for (probably delegated) slice=%(slice)s tag=%(tagname)s node_id=%(node_id)d"%locals())
+ pass
else:
slivertag_id=slivertags[0]['slice_tag_id']
plc.UpdateSliceTag(slivertag_id,value)
def GetSlivers(data, config, plc):
+ if 'OVERRIDES' in dir(config):
+ if config.OVERRIDES.get('sliverauth') == '-1':
+ logger.log("sliverauth: Disabled", 2)
+ return
+
if 'slivers' not in data:
- logger.log("sliverauth: getslivers data lack's sliver information. IGNORING!")
+ logger.log_missing_data("sliverauth.GetSlivers", 'slivers')
return
- random.seed(42)
for sliver in data['slivers']:
+ path = '/vservers/%s' % sliver['name']
+ if not os.path.exists(path):
+ # ignore all non-plc-instantiated slivers
+ instantiation = sliver.get('instantiation','')
+ if instantiation == 'plc-instantiated':
+ logger.log("sliverauth: plc-instantiated slice %s does not yet exist. IGNORING!" % sliver['name'])
+ continue
+
found_hmac = False
for attribute in sliver['attributes']:
name = attribute.get('tagname',attribute.get('name',''))
break
if not found_hmac:
+ # XXX need a better random seed?!
+ random.seed(time.time())
d = [random.choice(string.letters) for x in xrange(32)]
hmac = "".join(d)
SetSliverTag(plc,sliver['name'],'hmac',hmac)
+ logger.log("sliverauth: setting %s hmac" % sliver['name'])
path = '/vservers/%s/etc/planetlab' % sliver['name']
if os.path.exists(path):
- keyfile = '%s/key' % path
+ keyfile = '%s/key' % path
oldhmac = ''
if os.path.exists(keyfile):
f = open(keyfile,'r')
if os.path.exists(keyfile):
os.unlink(keyfile)
os.rename(name,keyfile)
+ logger.log("sliverauth: writing hmac to %s " % keyfile)
os.chmod(keyfile,0400)
-