X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fclient%2Fsfi.py;h=13653420f27e6aebfbfd7bddfb05780715732f69;hb=99e9f96209b9ebfd1853e7b8902a1a0fe893eaa2;hp=d299b89bd7c771f909459530c3bab455a749f59d;hpb=cf07c59aedcfdab710c777d6ebbc06bb2c5b9415;p=sfa.git diff --git a/sfa/client/sfi.py b/sfa/client/sfi.py index d299b89b..13653420 100755 --- a/sfa/client/sfi.py +++ b/sfa/client/sfi.py @@ -14,15 +14,18 @@ from lxml import etree from StringIO import StringIO from types import StringTypes, ListType from optparse import OptionParser +import zlib + +from sfa.util.sfalogging import sfa_logger,sfa_logger_goes_to_console from sfa.trust.certificate import Keypair, Certificate +from sfa.trust.gid import GID from sfa.trust.credential import Credential from sfa.util.sfaticket import SfaTicket -from sfa.util.record import * -from sfa.util.namespace import * +from sfa.util.record import SfaRecord, UserRecord, SliceRecord, NodeRecord, AuthorityRecord +from sfa.util.namespace import get_leaf, get_authority, hrn_to_urn from sfa.util.xmlrpcprotocol import ServerException import sfa.util.xmlrpcprotocol as xmlrpcprotocol from sfa.util.config import Config -import zlib AGGREGATE_PORT=12346 CM_PORT=12346 @@ -117,12 +120,15 @@ def load_record_from_file(filename): class Sfi: - slicemgr = None - registry = None - user = None - authority = None - options = None - hashrequest = False + def __init__ (self): + self.slicemgr = None + self.registry = None + self.user = None + self.authority = None + self.options = None + self.hashrequest = False + sfa_logger_goes_to_console() + self.logger=sfa_logger() def create_cmd_parser(self, command, additional_cmdargs=None): cmdargs = {"list": "name", @@ -154,24 +160,28 @@ class Sfi: cmdargs.update(additional_cmdargs) if command not in cmdargs: - print "Invalid command\n" - print "Commands: ", - for key in cmdargs.keys(): - print key + ",", - print "" + msg="Invalid command\n" + msg+="Commands: " + msg += ','.join(cmdargs.keys()) + self.logger.critical(msg) sys.exit(2) parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \ % (command, cmdargs[command])) # user specifies remote aggregate/sm/component - if command in ("resources", "slices", "create", "delete", "start", "stop", "restart", "get_ticket", "redeem_ticket"): + if command in ("resources", "slices", "create", "delete", "start", "stop", + "restart", "shutdown", "get_ticket", "renew", "status"): parser.add_option("-a", "--aggregate", dest="aggregate", default=None, help="aggregate host") parser.add_option("-p", "--port", dest="port", default=AGGREGATE_PORT, help="aggregate port") parser.add_option("-c", "--component", dest="component", default=None, help="component hrn") + parser.add_option("-d", "--delegate", dest="delegate", default=None, + action="store_true", + help="Include a credential delegated to the user's root"+\ + "authority in set of credentials for this call") # registy filter option if command in ("list", "show", "remove"): @@ -221,14 +231,12 @@ class Sfi: help="user name", metavar="HRN", default=None) parser.add_option("-a", "--auth", dest="auth", help="authority name", metavar="HRN", default=None) - parser.add_option("-v", "--verbose", - action="store_true", dest="verbose", default=False, - help="verbose mode") + parser.add_option("-v", "--verbose", action="count", dest="verbose", default=0, + help="verbose mode - cumulative") parser.add_option("-D", "--debug", action="store_true", dest="debug", default=False, help="Debug (xml-rpc) protocol messages") - parser.add_option("-p", "--protocol", - dest="protocol", default="xmlrpc", + parser.add_option("-p", "--protocol", dest="protocol", default="xmlrpc", help="RPC protocol (xmlrpc or soap)") parser.add_option("-k", "--hashrequest", action="store_true", dest="hashrequest", default=False, @@ -246,12 +254,12 @@ class Sfi: try: config = Config (config_file) except: - print "Failed to read configuration file", config_file - print "Make sure to remove the export clauses and to add quotes" - if not self.options.verbose: - print "Re-run with -v for more details" + self.logger.critical("Failed to read configuration file %s"%config_file) + self.logger.info("Make sure to remove the export clauses and to add quotes") + if self.options.verbose==0: + self.logger.info("Re-run with -v for more details") else: - traceback.print_exc() + self.logger.log_exc("Could not read config file %s"%config_file) sys.exit(1) errors = 0 @@ -261,7 +269,7 @@ class Sfi: elif hasattr(config, "SFI_SM"): sm_url = config.SFI_SM else: - print "You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s" % config_file + self.logger.error("You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s" % config_file) errors += 1 # Set Registry URL @@ -270,7 +278,7 @@ class Sfi: elif hasattr(config, "SFI_REGISTRY"): reg_url = config.SFI_REGISTRY else: - print "You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file + self.logger.errors("You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file) errors += 1 @@ -280,7 +288,7 @@ class Sfi: elif hasattr(config, "SFI_USER"): self.user = config.SFI_USER else: - print "You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file + self.logger.errors("You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file) errors += 1 # Set authority HRN @@ -289,15 +297,12 @@ class Sfi: elif hasattr(config, "SFI_AUTH"): self.authority = config.SFI_AUTH else: - print "You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file + self.logger.error("You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file) errors += 1 if errors: sys.exit(1) - if self.options.verbose : - print "Contacting Slice Manager at:", sm_url - print "Contacting Registry at:", reg_url # Get key and certificate key_file = self.get_key_file() @@ -307,8 +312,10 @@ class Sfi: self.cert_file = cert_file self.cert = Certificate(filename=cert_file) # Establish connection to server(s) - self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file, self.options.debug) - self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file, self.options.debug) + self.logger.info("Contacting Registry at: %s"%reg_url) + self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file, self.options) + self.logger.info("Contacting Slice Manager at: %s"%sm_url) + self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file, self.options) return @@ -332,7 +339,7 @@ class Sfi: if (os.path.isfile(file)): return file else: - print "Key file", file, "does not exist" + self.logger.error("Key file %s does not exist"%file) sys.exit(-1) return @@ -348,8 +355,7 @@ class Sfi: cert.set_pubkey(k) cert.set_issuer(k, self.user) cert.sign() - if self.options.verbose : - print "Writing self-signed certificate to", file + self.logger.info("Writing self-signed certificate to %s"%file) cert.save_to_file(file) return file @@ -367,7 +373,7 @@ class Sfi: if args: hrn = args[0] gid = self._get_gid(hrn) - print gid.save_to_string(save_parents=True) + self.logger.debug("Sfi.get_gid-> %s",gid.save_to_string(save_parents=True)) return gid def _get_gid(self, hrn=None): @@ -382,8 +388,7 @@ class Sfi: if not records: raise RecordNotFound(args[0]) gid = GID(string=records[0]['gid']) - if self.options.verbose: - print "Writing gid to ", gidfile + self.logger.info("Writing gid to %s"%gidfile) gid.save_to_file(filename=gidfile) return gid @@ -395,8 +400,8 @@ class Sfi: if (os.path.isfile(file)): credential = Credential(filename=file) # make sure it isnt expired - if not credential.get_lifetime or \ - datetime.datetime.today() < credential.get_lifetime(): + if not credential.get_expiration or \ + datetime.datetime.today() < credential.get_expiration(): return credential return None @@ -407,7 +412,7 @@ class Sfi: def get_auth_cred(self): if not self.authority: - print "no authority specified. Use -a or set SF_AUTH" + self.logger.critical("no authority specified. Use -a or set SF_AUTH") sys.exit(-1) file = os.path.join(self.options.sfi_dir, get_leaf("authority") + ".cred") return self.get_cred(file, 'authority', self.authority) @@ -426,20 +431,19 @@ class Sfi: if user_name.count(".") > 0: user_name = user_name.replace(".", '_') self.user = self.authority + "." + user_name - cred_str = self.registry.get_self_credential(cert_string, "user", hrn) + cred_str = self.registry.GetSelfCredential(cert_string, hrn, "user") else: # bootstrap slice credential from user credential user_cred = self.get_user_cred().save_to_string(save_parents=True) - cred_str = self.registry.get_credential(user_cred, type, hrn) + cred_str = self.registry.GetCredential(user_cred, hrn, type) if not cred_str: - print "Failed to get %s credential" % (type) + self.logger.critical("Failed to get %s credential" % type) sys.exit(-1) cred = Credential(string=cred_str) cred.save_to_file(file, save_parents=True) - if self.options.verbose: - print "Writing %s credential to %s" %(type, file) + self.logger.info("Writing %s credential to %s" %(type, file)) return cred @@ -452,7 +456,7 @@ class Sfi: if (os.path.isfile(file)): return file else: - print "No such rspec file", rspec + self.logger.critical("No such rspec file"%rspec) sys.exit(1) def get_record_file(self, record): @@ -463,7 +467,7 @@ class Sfi: if (os.path.isfile(file)): return file else: - print "No such registry record file", record + self.logger.critical("No such registry record file %s"%record) sys.exit(1) def load_publickey_string(self, fn): @@ -487,18 +491,18 @@ class Sfi: records = self.registry.Resolve(hrn, user_cred) records = filter_records('node', records) if not records: - print "No such component:", opts.component + self.logger.warning("No such component:%r"% opts.component) record = records[0] return self.get_server(record['hostname'], CM_PORT, self.key_file, \ - self.cert_file, self.options.debug) + self.cert_file, self.options) - def get_server(self, host, port, keyfile, certfile, debug): + def get_server(self, host, port, keyfile, certfile): """ Return an instnace of an xmlrpc server connection """ url = "http://%s:%s" % (host, port) - return xmlrpcprotocol.get_server(url, keyfile, certfile, debug) + return xmlrpcprotocol.get_server(url, keyfile, certfile, self.options) def get_server_from_opts(self, opts): """ @@ -508,8 +512,7 @@ class Sfi: server = self.slicemgr # direct connection to an aggregate if hasattr(opts, 'aggregate') and opts.aggregate: - server = self.get_server(opts.aggregate, opts.port, self.key_file, \ - self.cert_file, self.options.debug) + server = self.get_server(opts.aggregate, opts.port, self.key_file, self.cert_file) # direct connection to the nodes component manager interface if hasattr(opts, 'component') and opts.component: server = self.get_component_server_from_hrn(opts.component) @@ -522,7 +525,7 @@ class Sfi: #========================================================================== def dispatch(self, command, cmd_opts, cmd_args): - getattr(self, command)(cmd_opts, cmd_args) + return getattr(self, command)(cmd_opts, cmd_args) # list entires in named authority registry def list(self, opts, args): @@ -586,7 +589,7 @@ class Sfi: slice_cred = self.get_slice_cred(opts.delegate_slice) cred = self.delegate_cred(slice_cred, delegee_hrn) else: - print "Must specify either --user or --slice " + self.logger.warning("Must specify either --user or --slice ") return delegated_cred = Credential(string=cred) object_hrn = delegated_cred.get_gid_object().get_hrn() @@ -599,7 +602,7 @@ class Sfi: delegated_cred.save_to_file(dest_fn, save_parents=True) - print "delegated credential for", object_hrn, "to", delegee_hrn, "and wrote to", dest_fn + self.logger.info("delegated credential for %s to %s and wrote to %s"%(object_hrn, delegee_hrn,dest_fn)) def delegate_cred(self, object_cred, hrn): # the gid and hrn of the object we are delegating @@ -609,7 +612,7 @@ class Sfi: object_hrn = object_gid.get_hrn() if not object_cred.get_privileges().get_all_delegate(): - print "Error: Object credential", object_hrn, "does not have delegate bit set" + self.logger.error("Object credential %s does not have delegate bit set"%object_hrn) return # the delegating user's gid @@ -678,7 +681,7 @@ class Sfi: trusted_certs = self.registry.get_trusted_certs() for trusted_cert in trusted_certs: cert = Certificate(string=trusted_cert) - print cert.get_subject() + self.logger.debug('Sfi.get_trusted_certs -> %r'%cert.get_subject()) return def aggregates(self, opts, args): @@ -723,8 +726,10 @@ class Sfi: list instantiated slices """ user_cred = self.get_user_cred().save_to_string(save_parents=True) - delegated_cred = self.delegate_cred(user_cred, get_authority(self.authority)) - creds = [user_cred, delegated_cred] + creds = [user_cred] + if opts.delegate: + delegated_cred = self.delegate_cred(user_cred, get_authority(self.authority)) + creds.append(delegated_cred) server = self.get_server_from_opts(opts) results = server.ListSlices(creds) display_list(results) @@ -745,8 +750,10 @@ class Sfi: cred = user_cred hrn = None - delegated_cred = self.delegate_cred(cred, get_authority(self.authority)) - creds = [cred, delegated_cred] + creds = [cred] + if opts.delegate: + delegated_cred = self.delegate_cred(cred, get_authority(self.authority)) + creds.append(delegated_cred) result = server.ListResources(creds, call_options) format = opts.format display_rspec(result, format) @@ -763,8 +770,10 @@ class Sfi: slice_urn = hrn_to_urn(slice_hrn, 'slice') user_cred = self.get_user_cred() slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True) - delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) - creds = [slice_cred, delegated_cred] + creds = [slice_cred] + if opts.delegate: + delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) + creds.append(delegated_cred) rspec_file = self.get_rspec_file(args[1]) rspec = open(rspec_file).read() server = self.get_server_from_opts(opts) @@ -778,14 +787,16 @@ class Sfi: slice_urn = hrn_to_urn(slice_hrn, 'slice') user_cred = self.get_user_cred() slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True) - delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) - creds = [slice_cred, delegated_cred] + creds = [slice_cred] + if opts.delegate: + delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) + creds.append(delegated_cred) rspec_file = self.get_rspec_file(rspec_path) rspec = open(rspec_file).read() server = self.get_server_from_opts(opts) ticket_string = server.GetTicket(slice_urn, creds, rspec, []) file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket") - print "writing ticket to ", file + self.logger.info("writing ticket to %s"%file) ticket = SfaTicket(string=ticket_string) ticket.save_to_file(filename=file, save_parents=True) @@ -812,16 +823,15 @@ class Sfi: connections = {} for hostname in hostnames: try: - print "Calling redeem_ticket at %(hostname)s " % locals(), + self.logger.info("Calling redeem_ticket at %(hostname)s " % locals()) server = self.get_server(hostname, CM_PORT, self.key_file, \ self.cert_file, self.options.debug) server.RedeemTicket(ticket.save_to_string(save_parents=True), slice_cred) - print "Success" + self.logger.info("Success") except socket.gaierror: - print "Failed:", - print "Componet Manager not accepting requests" + self.logger.error("redeem_ticket failed: Component Manager not accepting requests") except Exception, e: - print "Failed:", e.message + self.logger.log_exc(e.message) return # delete named slice @@ -829,8 +839,10 @@ class Sfi: slice_hrn = args[0] slice_urn = hrn_to_urn(slice_hrn, 'slice') slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True) - delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) - creds = [slice_cred, delegated_cred] + creds = [slice_cred] + if opts.delegate: + delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) + creds.append(delegated_cred) server = self.get_server_from_opts(opts) return server.DeleteSliver(slice_urn, creds) @@ -839,8 +851,10 @@ class Sfi: slice_hrn = args[0] slice_urn = hrn_to_urn(slice_hrn, 'slice') slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True) - delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) - creds = [slice_cred, delegated_cred] + creds = [slice_cred] + if opts.delegate: + delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) + creds.append(delegated_cred) server = self.get_server_from_opts(opts) return server.Start(slice_urn, creds) @@ -849,8 +863,10 @@ class Sfi: slice_hrn = args[0] slice_urn = hrn_to_urn(slice_hrn, 'slice') slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True) - delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) - creds = [slice_cred, delegated_cred] + creds = [slice_cred] + if opts.delegate: + delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) + creds.append(delegated_cred) server = self.get_server_from_opts(opts) return server.Stop(slice_urn, creds) @@ -860,8 +876,10 @@ class Sfi: slice_urn = hrn_to_urn(slice_hrn, 'slice') server = self.get_server_from_opts(opts) slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True) - delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) - creds = [slice_cred, delegated_cred] + creds = [slice_cred] + if opts.delegate: + delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) + creds.append(delegated_cred) return server.reset_slice(creds, slice_urn) def renew(self, opts, args): @@ -869,8 +887,10 @@ class Sfi: slice_urn = hrn_to_urn(slice_hrn, 'slice') server = self.get_server_from_opts(opts) slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True) - delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) - creds = [slice_cred, delegated_cred] + creds = [slice_cred] + if opts.delegate: + delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) + creds.append(delegated_cred) time = args[1] return server.RenewSliver(slice_urn, creds, time) @@ -879,8 +899,10 @@ class Sfi: slice_hrn = args[0] slice_urn = hrn_to_urn(slice_hrn, 'slice') slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True) - delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) - creds = [slice_cred, delegated_cred] + creds = [slice_cred] + if opts.delegate: + delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) + creds.append(delegated_cred) server = self.get_server_from_opts(opts) print server.SliverStatus(slice_urn, creds) @@ -889,11 +911,14 @@ class Sfi: slice_hrn = args[0] slice_urn = hrn_to_urn(slice_hrn, 'slice') slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True) - delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) - + creds = [slice_cred] + if opts.delegate: + delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) + creds.append(delegated_cred) server = self.get_server_from_opts(opts) - return server.Shutdown(slice_urn, [slice_cred]) + return server.Shutdown(slice_urn, creds) + # # Main: parse arguments and dispatch to command # @@ -901,37 +926,34 @@ class Sfi: parser = self.create_parser() (options, args) = parser.parse_args() self.options = options - + + self.logger.setLevelFromOptVerbose(self.options.verbose) if options.hashrequest: self.hashrequest = True if len(args) <= 0: - print "No command given. Use -h for help." - return - 1 + self.logger.critical("No command given. Use -h for help.") + return -1 command = args[0] (cmd_opts, cmd_args) = self.create_cmd_parser(command).parse_args(args[1:]) - if self.options.verbose : - print "Registry %s, sm %s, dir %s, user %s, auth %s" % (options.registry, options.sm, - options.sfi_dir, options.user, - options.auth) - print "Command %s" % command - if command in ("resources"): - print "resources cmd_opts %s" % cmd_opts.format - elif command in ("list", "show", "remove"): - print "cmd_opts.type %s" % cmd_opts.type - print "cmd_args %s" % cmd_args - + self.set_servers() + self.logger.info("Command=%s" % command) + if command in ("resources"): + self.logger.debug("resources cmd_opts %s" % cmd_opts.format) + elif command in ("list", "show", "remove"): + self.logger.debug("cmd_opts.type %s" % cmd_opts.type) + self.logger.debug('cmd_args %s',cmd_args) + try: self.dispatch(command, cmd_opts, cmd_args) except KeyError: - raise - print "Command not found:", command + self.logger.critical ("Unknown command %s"%command) sys.exit(1) return if __name__ == "__main__": - Sfi().main() + Sfi().main()