X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=plugins%2Fsliverauth.py;h=e840a4d5fe319deb6f4f0419dfac87d353c7209f;hb=d3a3b2d3ea98e72183d1cb5497c38badaa0c5863;hp=2207dbe46c7c358877f9190543bcbe9c557b85b5;hpb=eaf8b192f2476c375b11b751689f0570a2a0d778;p=nodemanager.git diff --git a/plugins/sliverauth.py b/plugins/sliverauth.py index 2207dbe..e840a4d 100644 --- a/plugins/sliverauth.py +++ b/plugins/sliverauth.py @@ -1,5 +1,9 @@ #!/usr/bin/python -tt # vim:set ts=4 sw=4 expandtab: +# +# $Id$ +# $URL$ +# # NodeManager plugin to empower slivers to make API calls """ @@ -12,45 +16,67 @@ import os import random import string import tempfile +import time import logger import tools def start(options, conf): - logger.log("sliverauth plugin starting up...") + logger.log("sliverauth: plugin starting up...") def SetSliverTag(plc, slice, tagname, value): node_id = tools.node_id() - slivertags=plc.GetSliceTags({"name":slice,"node_id":node_id}) + slivertags=plc.GetSliceTags({"name":slice,"node_id":node_id,"tagname":tagname}) if len(slivertags)==0: - slivertag_id=plc.AddSliceTag(slice,tagname,value,node_id) + # looks like GetSlivers reports about delegated/nm-controller slices that do *not* belong to this node + # and this is something that AddSliceTag does not like + try: + slivertag_id=plc.AddSliceTag(slice,tagname,value,node_id) + except: + logger.log ("sliverauth: SetSliverTag - CAUGHT exception for (probably delegated) slice=%(slice)s tag=%(tagname)s node_id=%(node_id)d"%locals()) + pass else: slivertag_id=slivertags[0]['slice_tag_id'] plc.UpdateSliceTag(slivertag_id,value) -def GetSlivers(plc, data, conf): +def GetSlivers(data, config, plc): + if 'OVERRIDES' in dir(config): + if config.OVERRIDES.get('sliverauth') == '-1': + logger.log("sliverauth: Disabled", 2) + return + if 'slivers' not in data: - logger.log("sliverauth: getslivers data lack's sliver information. IGNORING!") + logger.log_missing_data("sliverauth.GetSlivers", 'slivers') return - random.seed(42) for sliver in data['slivers']: + path = '/vservers/%s' % sliver['name'] + if not os.path.exists(path): + # ignore all non-plc-instantiated slivers + instantiation = sliver.get('instantiation','') + if instantiation == 'plc-instantiated': + logger.log("sliverauth: plc-instantiated slice %s does not yet exist. IGNORING!" % sliver['name']) + continue + found_hmac = False for attribute in sliver['attributes']: - name = attribute.get('tagname',attribute.get('name','')) + name = attribute.get('tagname',attribute.get('name','')) if name == 'hmac': found_hmac = True hmac = attribute['value'] break if not found_hmac: + # XXX need a better random seed?! + random.seed(time.time()) d = [random.choice(string.letters) for x in xrange(32)] hmac = "".join(d) SetSliverTag(plc,sliver['name'],'hmac',hmac) + logger.log("sliverauth: setting %s hmac" % sliver['name']) path = '/vservers/%s/etc/planetlab' % sliver['name'] if os.path.exists(path): - keyfile = '%s/key' % path + keyfile = '%s/key' % path oldhmac = '' if os.path.exists(keyfile): f = open(keyfile,'r') @@ -65,6 +91,6 @@ def GetSlivers(plc, data, conf): if os.path.exists(keyfile): os.unlink(keyfile) os.rename(name,keyfile) + logger.log("sliverauth: writing hmac to %s " % keyfile) os.chmod(keyfile,0400) -