"authority in set of credentials for this call")
# show_credential option
- if command in ("list","resources", "describe", "provision", "allocate", "add","update","remove","slices","delete","status","renew"):
+ if command in ("list","resources", "describe", "provision", "allocate", "add","update","remove","delete","status","renew"):
parser.add_option("-C","--credential",dest='show_credential',action='store_true',default=False,
help="show credential(s) used in human-readable form")
# registy filter option
if command in ("myslice"):
parser.add_option("-p","--password",dest='password',action='store',default=None,
help="specify mainfold password on the command line")
+ parser.add_option("-s", "--slice", dest="delegate_slices",action='append',default=[],
+ metavar="slice_hrn", help="delegate cred. for slice HRN")
+ parser.add_option("-a", "--auths", dest='delegate_auths',action='append',default=[],
+ metavar='auth_hrn', help="delegate PI cred for auth HRN")
return parser
self.private_key = client_bootstrap.private_key()
self.my_credential_string = client_bootstrap.my_credential_string ()
self.my_credential = {'geni_type': 'geni_sfa',
- 'geni_version': '3.0',
+ 'geni_version': '3',
'geni_value': self.my_credential_string}
self.my_gid = client_bootstrap.my_gid ()
self.client_bootstrap = client_bootstrap
def slice_credential(self, name):
return {'geni_type': 'geni_sfa',
- 'geni_version': '3.0',
+ 'geni_version': '3',
'geni_value': self.slice_credential_string(name)}
# xxx should be supported by sfaclientbootstrap as well
# Slice-related commands
# ==================================================================
- @register_command("","")
- def slices(self, options, args):
- "list instantiated slices (ListSlices) - returns urn's"
- server = self.sliceapi()
- # creds
- creds = [self.my_credential_string]
- # options and call_id when supported
- api_options = {}
- api_options['call_id']=unique_call_id()
- if options.show_credential:
- show_credentials(creds)
- result = server.ListSlices(creds, *self.ois(server,api_options))
- value = ReturnValue.get_value(result)
- if self.options.raw:
- save_raw_to_file(result, self.options.raw, self.options.rawformat, self.options.rawbanner)
- else:
- display_list(value)
- return
-
# show rspec for named slice
@register_command("","")
def resources(self, options, args):
# just request the version the client wants
api_options['geni_rspec_version'] = version_manager.get_version(options.rspec_version).to_dict()
else:
- api_options['geni_rspec_version'] = {'type': 'geni', 'version': '3.0'}
+ api_options['geni_rspec_version'] = {'type': 'geni', 'version': '3'}
else:
- api_options['geni_rspec_version'] = {'type': 'geni', 'version': '3.0'}
+ api_options['geni_rspec_version'] = {'type': 'geni', 'version': '3'}
result = server.ListResources (creds, api_options)
value = ReturnValue.get_value(result)
if self.options.raw:
'cached': True,
'info': options.info,
'list_leases': options.list_leases,
- 'geni_rspec_version': {'type': 'geni', 'version': '3.0'},
+ 'geni_rspec_version': {'type': 'geni', 'version': '3'},
}
if options.rspec_version:
version_manager = VersionManager()
# just request the version the client wants
api_options['geni_rspec_version'] = version_manager.get_version(options.rspec_version).to_dict()
else:
- api_options['geni_rspec_version'] = {'type': 'geni', 'version': '3.0'}
+ api_options['geni_rspec_version'] = {'type': 'geni', 'version': '3'}
urn = Xrn(args[0], type='slice').get_urn()
result = server.Describe([urn], creds, api_options)
value = ReturnValue.get_value(result)
rspec = open(rspec_file).read()
api_options = {}
api_options ['call_id'] = unique_call_id()
+ # users
+ sfa_users = []
+ geni_users = []
+ slice_records = self.registry().Resolve(slice_urn, [self.my_credential_string])
+ if slice_records and 'reg-researchers' in slice_records[0] and slice_records[0]['reg-researchers']!=[]:
+ slice_record = slice_records[0]
+ user_hrns = slice_record['reg-researchers']
+ user_urns = [hrn_to_urn(hrn, 'user') for hrn in user_hrns]
+ user_records = self.registry().Resolve(user_urns, [self.my_credential_string])
+ sfa_users = sfa_users_arg(user_records, slice_record)
+ geni_users = pg_users_arg(user_records)
+
+ api_options['sfa_users'] = sfa_users
+ api_options['geni_users'] = geni_users
+
result = server.Allocate(slice_urn, creds, rspec, api_options)
value = ReturnValue.get_value(result)
if self.options.raw:
# set the requtested rspec version
version_manager = VersionManager()
- rspec_version = version_manager._get_version('geni', '3.0').to_dict()
+ rspec_version = version_manager._get_version('geni', '3').to_dict()
api_options['geni_rspec_version'] = rspec_version
# users
# }]
users = []
slice_records = self.registry().Resolve(slice_urn, [self.my_credential_string])
- if slice_records and 'researcher' in slice_records[0] and slice_records[0]['researcher']!=[]:
+ if slice_records and 'reg-researchers' in slice_records[0] and slice_records[0]['reg-researchers']!=[]:
slice_record = slice_records[0]
- user_hrns = slice_record['researcher']
+ user_hrns = slice_record['reg-researchers']
user_urns = [hrn_to_urn(hrn, 'user') for hrn in user_hrns]
user_records = self.registry().Resolve(user_urns, [self.my_credential_string])
users = pg_users_arg(user_records)
if len(args)>0:
self.print_help()
sys.exit(1)
-
### the rough sketch goes like this
# (a) rain check for sufficient config in sfi_config
# we don't allow to override these settings for now
my_records=self.registry().Resolve(self.user,self.my_credential_string)
if len(my_records)!=1: print "Cannot Resolve %s -- exiting"%self.user; sys.exit(1)
my_record=my_records[0]
- my_auths = my_record['reg-pi-authorities']
- self.logger.info("Found %d authorities that we are PI for"%len(my_auths))
- self.logger.debug("They are %s"%(my_auths))
+ my_auths_all = my_record['reg-pi-authorities']
+ self.logger.info("Found %d authorities that we are PI for"%len(my_auths_all))
+ self.logger.debug("They are %s"%(my_auths_all))
+
+ my_auths = my_auths_all
+ if options.delegate_auths:
+ my_auths = list(set(my_auths_all).intersection(set(options.delegate_auths)))
+ self.logger.info("Delegate PI creds for authorities: %s"%my_auths )
# (c) get the set of slices that we are in
- my_slices=my_record['reg-slices']
- self.logger.info("Found %d slices that we are member of"%len(my_slices))
- self.logger.debug("They are: %s"%(my_slices))
+ my_slices_all=my_record['reg-slices']
+ self.logger.info("Found %d slices that we are member of"%len(my_slices_all))
+ self.logger.debug("They are: %s"%(my_slices_all))
+
+ my_slices = my_slices_all
+ if options.delegate_slices:
+ my_slices = list(set(my_slices_all).intersection(set(options.delegate_slices)))
+
+ self.logger.info("Delegate slice creds for slices: %s"%my_slices)
# (d) make sure we have *valid* credentials for all these
hrn_credentials=[]
if count_success != count_all: sys.exit(1)
return
-# Thierry: I'm turning this off as a command, no idea what it's used for
-# @register_command("cred","")
+ @register_command("cred","")
def trusted(self, options, args):
"""
return the trusted certs at this interface (get_trusted_certs)
"""
trusted_certs = self.registry().get_trusted_certs()
for trusted_cert in trusted_certs:
+ print "\n===========================================================\n"
gid = GID(string=trusted_cert)
gid.dump()
cert = Certificate(string=trusted_cert)
self.logger.debug('Sfi.trusted -> %r'%cert.get_subject())
+ print "Certificate:\n%s\n\n"%trusted_cert
return