# is up to date and accurate.
#
# 1) Import the existing planetlab database, creating the
-# appropriate SFA records. This is done by running the "sfa-import-plc.py" tool.
+# appropriate SFA records. This is done by running the "sfa-import.py" tool.
#
# 2) Create a "trusted_roots" directory and place the certificate of the root
# authority in that directory. Given the defaults in sfa-import-plc.py, this
# TODO: Can all three servers use the same "registry" certificate?
##
-# TCP ports for the three servers
-#registry_port=12345
-#aggregate_port=12346
-#slicemgr_port=12347
### xxx todo not in the config yet
component_port=12346
import os, os.path
from sfa.util.sfalogging import logger
from sfa.util.xrn import get_authority, hrn_to_urn
from sfa.util.config import Config
-import sfa.client.xmlrpcprotocol as xmlrpcprotocol
from sfa.trust.gid import GID
from sfa.trust.trustedroots import TrustedRoots
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.hierarchy import Hierarchy
from sfa.trust.gid import GID
-
from sfa.server.sfaapi import SfaApi
-
from sfa.server.registry import Registries
from sfa.server.aggregate import Aggregates
+from sfa.client.return_value import ReturnValue
# after http://www.erlenstar.demon.co.uk/unix/faq_2.html
def daemon():
devnull = os.open(os.devnull, os.O_RDWR)
os.dup2(devnull, 0)
# xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull
- crashlog = os.open('/var/log/httpd/sfa_access_log', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
+ logdir='/var/log/httpd'
+ # when installed in standalone we might not have httpd installed
+ if not os.path.isdir(logdir): os.mkdir('/var/log/httpd')
+ crashlog = os.open('%s/sfa_access_log'%logdir, os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
os.dup2(crashlog, 1)
os.dup2(crashlog, 2)
peer_gids = []
if not new_hrns:
return
-
trusted_certs_dir = api.config.get_trustedroots_dir()
- for new_hrn in new_hrns:
+ for new_hrn in new_hrns:
if not new_hrn: continue
# the gid for this interface should already be installed
if new_hrn == api.config.SFA_INTERFACE_HRN: continue
if 'sfa' not in server_version:
logger.info("get_trusted_certs: skipping non sfa aggregate: %s" % new_hrn)
continue
-
- trusted_gids = interface.get_trusted_certs()
+ trusted_gids = ReturnValue.get_value(interface.get_trusted_certs())
if trusted_gids:
# the gid we want should be the first one in the list,
# but lets make sure
message = "interface: %s\t" % (api.interface)
message += "unable to install trusted gid for %s" % \
(new_hrn)
- gid = GID(string=trusted_gids[0])
+ gid = GID(string=trusted_gid)
peer_gids.append(gid)
if gid.get_hrn() == new_hrn:
gid_filename = os.path.join(trusted_certs_dir, '%s.gid' % new_hrn)
Make sure there is a record in the registry for the specified gids.
Removes old records from the db.
"""
- # import SfaTable here so this module can be loaded by PlcComponentApi
- from sfa.util.table import SfaTable
- from sfa.util.record import SfaRecord
+ # import db stuff here here so this module can be loaded by PlcComponentApi
+ from sfa.storage.alchemy import dbsession
+ from sfa.storage.model import RegRecord
if not gids:
return
- table = SfaTable()
# get records that actually exist in the db
gid_urns = [gid.get_urn() for gid in gids]
hrns_expected = [gid.get_hrn() for gid in gids]
- records_found = table.find({'hrn': hrns_expected, 'pointer': -1})
+ records_found = dbsession.query(RegRecord).\
+ filter_by(pointer=-1).filter(RegRecord.hrn.in_(hrns_expected)).all()
# remove old records
for record in records_found:
- if record['hrn'] not in hrns_expected and \
- record['hrn'] != self.api.config.SFA_INTERFACE_HRN:
- table.remove(record)
+ if record.hrn not in hrns_expected and \
+ record.hrn != self.api.config.SFA_INTERFACE_HRN:
+ dbsession.delete(record)
# TODO: store urn in the db so we do this in 1 query
for gid in gids:
hrn, type = gid.get_hrn(), gid.get_type()
- record = table.find({'hrn': hrn, 'type': type, 'pointer': -1})
+ record = dbsession.query(RegRecord).filter_by(hrn=hrn, type=type,pointer=-1).first()
if not record:
- record = {
- 'hrn': hrn, 'type': type, 'pointer': -1,
- 'authority': get_authority(hrn),
- 'gid': gid.save_to_string(save_parents=True),
- }
- record = SfaRecord(dict=record)
- table.insert(record)
+ record = RegRecord (dict= {'type':type,
+ 'hrn': hrn,
+ 'authority': get_authority(hrn),
+ 'gid': gid.save_to_string(save_parents=True),
+ })
+ dbsession.add(record)
+ dbsession.commit()
def main():
# Generate command line parser
help="run component server", default=False)
parser.add_option("-t", "--trusted-certs", dest="trusted_certs", action="store_true",
help="refresh trusted certs", default=False)
- parser.add_option("-v", "--verbose", action="count", dest="verbose", default=0,
- help="verbose mode - cumulative")
parser.add_option("-d", "--daemon", dest="daemon", action="store_true",
help="Run as daemon.", default=False)
(options, args) = parser.parse_args()
config = Config()
- if config.SFA_API_DEBUG: pass
+ logger.setLevelFromOptVerbose(config.SFA_API_LOGLEVEL)
+
# ge the server's key and cert
hierarchy = Hierarchy()
auth_info = hierarchy.get_interface_auth_info()
server_key_file = auth_info.get_privkey_filename()
- server_cert_file = auth_info.get_gid_filename()
-
+ server_cert_file = auth_info.get_gid_filename()
# ensure interface cert is present in trusted roots dir
trusted_roots = TrustedRoots(config.get_trustedroots_dir())
trusted_roots.add_gid(GID(filename=server_cert_file))