import datetime
import time
+import traceback
+import sys
+from types import StringTypes
from sfa.util.misc import *
from sfa.util.rspec import *
from sfa.util.specdict import *
self.api = api
self.ttl = ttl
self.threshold = None
- path = self.api.config.config_path
+ path = self.api.config.SFA_BASE_DIR
filename = ".".join([self.api.interface, self.api.hrn, "slices"])
filepath = path + os.sep + filename
self.slices_file = filepath
self.load()
+ def get_peer(self, hrn):
+ # Becaues of myplc federation, we first need to determine if this
+ # slice belongs to out local plc or a myplc peer. We will assume it
+ # is a local site, unless we find out otherwise
+ peer = None
+
+ # get this slice's authority (site)
+ slice_authority = get_authority(hrn)
+
+ # get this site's authority (sfa root authority or sub authority)
+ site_authority = get_authority(slice_authority).lower()
+
+ # check if we are already peered with this site_authority, if so
+ peers = self.api.plshell.GetPeers(self.api.plauth, {}, ['peer_id', 'peername', 'shortname', 'hrn_root'])
+ for peer_record in peers:
+ names = [name.lower() for name in peer_record.values() if isinstance(name, StringTypes)]
+ if site_authority in names:
+ peer = peer_record['shortname']
+
+ return peer
+
def refresh(self):
"""
Update the cached list of slices
self.delete_slice_smgr(hrn)
def delete_slice_aggregate(self, hrn):
+
slicename = hrn_to_pl_slicename(hrn)
- slices = self.api.plshell.GetSlices(self.api.plauth, {'peer_id': None, 'name': slicename})
+ slices = self.api.plshell.GetSlices(self.api.plauth, {'name': slicename})
if not slices:
return 1
slice = slices[0]
+ # determine if this is a peer slice
+ peer = self.get_peer(hrn)
+ if peer:
+ self.api.plshell.UnBindObjectFromPeer(self.api.plauth, 'slice', slice['slice_id'], peer)
self.api.plshell.DeleteSliceFromNodes(self.api.plauth, slicename, slice['node_ids'])
+ if peer:
+ self.api.plshell.BindObjectToPeer(self.api.plauth, 'slice', slice['slice_id'], peer, slice['peer_slice_id'])
return 1
def delete_slice_smgr(self, hrn):
credential = self.api.getCredential()
aggregates = Aggregates(self.api)
for aggregate in aggregates:
- aggregates[aggregate].delete_slice(credential, hrn)
+ try:
+ aggregates[aggregate].delete_slice(credential, hrn)
+ except:
+ print >> log, "Error calling list nodes at aggregate %s" % aggregate
+ traceback.print_exc(log)
+ exc_type, exc_value, exc_traceback = sys.exc_info()
+ print exc_type, exc_value, exc_traceback
def create_slice(self, hrn, rspec):
- # check our slice policy before we procede
+
+ # check our slice policy before we procede
whitelist = self.policy['slice_whitelist']
blacklist = self.policy['slice_blacklist']
-
+
if whitelist and hrn not in whitelist or \
blacklist and hrn in blacklist:
policy_file = self.policy.policy_file
print >> log, "Slice %(hrn)s not allowed by policy %(policy_file)s" % locals()
return 1
+
if self.api.interface in ['aggregate']:
self.create_slice_aggregate(hrn, rspec)
elif self.api.interface in ['slicemgr']:
self.create_slice_smgr(hrn, rspec)
-
- def create_slice_aggregate(self, hrn, rspec):
+
+ def create_slice_aggregate(self, hrn, rspec):
+
+ # Determine if this is a peer slice
+ peer = self.get_peer(hrn)
+
spec = Rspec(rspec)
# Get the slice record from geni
slice = {}
+ slice_record = None
registries = Registries(self.api)
registry = registries[self.api.hrn]
credential = self.api.getCredential()
records = registry.resolve(credential, hrn)
for record in records:
if record.get_type() in ['slice']:
- slice = record.as_dict()
- if not slice:
+ slice_record = record.as_dict()
+ if not slice_record:
raise RecordNotFound(hrn)
# Make sure slice exists at plc, if it doesnt add it
slicename = hrn_to_pl_slicename(hrn)
- slices = self.api.plshell.GetSlices(self.api.plauth, [slicename], ['node_ids'])
+ slices = self.api.plshell.GetSlices(self.api.plauth, [slicename], ['slice_id', 'node_ids'])
if not slices:
parts = slicename.split("_")
login_base = parts[0]
site = site_record.as_dict()
# add the site
- site.pop('site_id')
+ remote_site_id = site.pop('site_id')
site_id = self.api.plshell.AddSite(self.api.plauth, site)
+ # this belongs to a peer
+ if peer:
+ self.api.plshell.BindObjectToPeer(self.api.plauth, 'site', site_id, peer, remote_site_id)
else:
site = sites[0]
+ # create slice object
slice_fields = {}
slice_keys = ['name', 'url', 'description']
for key in slice_keys:
- if key in slice and slice[key]:
- slice_fields[key] = slice[key]
- self.api.plshell.AddSlice(self.api.plauth, slice_fields)
+ if key in slice_record and slice_record[key]:
+ slice_fields[key] = slice_record[key]
+
+ # add the slice
+ slice_id = self.api.plshell.AddSlice(self.api.plauth, slice_fields)
slice = slice_fields
- slice['node_ids'] = 0
+
+ #this belongs to a peer
+ if peer:
+ self.api.plshell.BindObjectToPeer(self.api.plauth, 'slice', slice_id, peer, slice_record['pointer'])
+ slice['node_ids'] = []
else:
- slice = slices[0]
+ slice = slices[0]
+ slice_id = slice['slice_id']
# get the list of valid slice users from the registry and make
# they are added to the slice
researchers = record.get('researcher', [])
# Create the person record
if not persons:
person_id=self.api.plshell.AddPerson(self.api.plauth, person_dict)
- self.api.plshell.UpdatePerson(self.api.plauth, person_id, {'enabled' : True})
+
+ # The line below enables the user account on the remote
+ # aggregate soon after it is created. without this the
+ # user key is not transfered to the slice (as GetSlivers
+ # returns key of only enabled users), which prevents the
+ # user from login to the slice. We may do additional checks
+ # before enabling the user.
+
+ self.api.plshell.UpdatePerson(self.api.plauth, person_id, {'enabled' : True})
+ if peer:
+ self.api.plshell.BindObjectToPeer(self.api.plauth, 'person', person_id, peer, person_record['pointer'])
key_ids = []
else:
+ person_id = persons[0]['person_id']
key_ids = persons[0]['key_ids']
- self.api.plshell.AddPersonToSlice(self.api.plauth, person_dict['email'], slicename)
+ # if this is a peer person, we must unbind them from the peer or PLCAPI will throw
+ # an error
+ if peer:
+ self.api.plshell.UnBindObjectFromPeer(self.api.plauth, 'person', person_id, peer)
+ self.api.plshell.AddPersonToSlice(self.api.plauth, person_dict['email'], slicename)
+ if peer:
+ self.api.plshell.BindObjectToPeer(self.api.plauth, 'person', person_id, peer, person_record['pointer'])
# Get this users local keys
keylist = self.api.plshell.GetKeys(self.api.plauth, key_ids, ['key'])
for personkey in person_dict['keys']:
if personkey not in keys:
key = {'key_type': 'ssh', 'key': personkey}
+ if peer:
+ self.api.plshell.UnBindObjectFromPeer(self.api.plauth, 'person', person_id, peer, person_record['pointer'])
self.api.plshell.AddPersonKey(self.api.plauth, person_dict['email'], key)
+ if peer:
+ self.api.plshell.BindObjectToPeer(self.api.plauth, 'person', person_id, peer, person_record['pointer'])
# find out where this slice is currently running
nodelist = self.api.plshell.GetNodes(self.api.plauth, slice['node_ids'], ['hostname'])
# add nodes from rspec
added_nodes = list(set(nodes).difference(hostnames))
+ if peer:
+ self.api.plshell.UnBindObjectFromPeer(self.api.plauth, 'slice', slice_id, peer)
self.api.plshell.AddSliceToNodes(self.api.plauth, slicename, added_nodes)
self.api.plshell.DeleteSliceFromNodes(self.api.plauth, slicename, deleted_nodes)
+ if peer:
+ self.api.plshell.BindObjectToPeer(self.api.plauth, 'slice', slice_id, peer, slice_record['pointer'])
return 1
# notify the aggregates
for aggregate in rspecs.keys():
try:
- aggregates[aggregate].create_slice(credential, hrn, rspecs[aggregate])
+ # send the whloe rspec to the local aggregate
+ if aggregate in [self.api.hrn]:
+ aggregates[aggregate].create_slice(credential, hrn, rspec)
+ else:
+ aggregates[aggregate].create_slice(credential, hrn, rspecs[aggregate])
except:
print >> log, "Error creating slice %(hrn)s at aggregate %(aggregate)s" % locals()
+ traceback.print_exc()
return 1