X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fclient%2Fsfi.py;h=579d38eec457ec27098d12fc64fd00a39cc25c71;hb=refs%2Fheads%2Frspec_extension;hp=a70590b5bfc6ac21f5984f25944764f78545cbf8;hpb=b55c56eb6fd30c34257b2c5bee26fdc60fafecc8;p=sfa.git diff --git a/sfa/client/sfi.py b/sfa/client/sfi.py index a70590b5..579d38ee 100755 --- a/sfa/client/sfi.py +++ b/sfa/client/sfi.py @@ -23,7 +23,6 @@ from sfa.trust.credential import Credential from sfa.util.sfaticket import SfaTicket from sfa.util.record import SfaRecord, UserRecord, SliceRecord, NodeRecord, AuthorityRecord from sfa.util.xrn import Xrn, get_leaf, get_authority, hrn_to_urn -from sfa.util.xmlrpcprotocol import ServerException import sfa.util.xmlrpcprotocol as xmlrpcprotocol from sfa.util.config import Config from sfa.util.version import version_core @@ -118,6 +117,8 @@ def load_record_from_file(filename): return record +import uuid +def unique_call_id(): return uuid.uuid4().urn class Sfi: @@ -203,9 +204,15 @@ class Sfi: default="all") # display formats if command in ("resources"): + parser.add_option("-r", "--rspec-version", dest="rspec_version", default="SFA 1", + help="schema type and version of resulting RSpec") parser.add_option("-f", "--format", dest="format", type="choice", help="display format ([xml]|dns|ip)", default="xml", choices=("xml", "dns", "ip")) + #panos: a new option to define the type of information about resources a user is interested in + parser.add_option("-i", "--info", dest="info", + help="optional component information", default=None) + if command in ("resources", "show", "list"): parser.add_option("-o", "--output", dest="file", @@ -224,6 +231,10 @@ class Sfi: help="delegate slice credential", metavar="HRN", default=None) if command in ("version"): + parser.add_option("-a", "--aggregate", dest="aggregate", + default=None, help="aggregate host") + parser.add_option("-p", "--port", dest="port", + default=AGGREGATE_PORT, help="aggregate port") parser.add_option("-R","--registry-version", action="store_true", dest="version_registry", default=False, help="probe registry version instead of slicemgr") @@ -333,7 +344,7 @@ class Sfi: self.key = Keypair(filename=key_file) self.key_file = key_file self.cert_file = cert_file - self.cert = Certificate(filename=cert_file) + self.cert = GID(filename=cert_file) # Establish connection to server(s) self.logger.info("Contacting Registry at: %s"%self.reg_url) self.registry = xmlrpcprotocol.get_server(self.reg_url, key_file, cert_file, self.options) @@ -367,27 +378,36 @@ class Sfi: def get_cert_file(self, key_file): - file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert") - if (os.path.isfile(file)): - # use existing cert if it exists - return file - else: - try: - # attempt to use gid as the cert. - gid = self._get_gid() - self.logger.info("Writing certificate to %s"%file) - gid.save_to_file(file) - except: - # generate self signed certificate - k = Keypair(filename=key_file) - cert = Certificate(subject=self.user) - cert.set_pubkey(k) - cert.set_issuer(k, self.user) - cert.sign() - self.logger.info("Writing self-signed certificate to %s"%file) - cert.save_to_file(file) - - return file + cert_file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert") + if (os.path.isfile(cert_file)): + # we'd perfer to use Registry issued certs instead of self signed certs. + # if this is a Registry cert (GID) then we are done + gid = GID(filename=cert_file) + if gid.get_urn(): + return cert_file + + # generate self signed certificate + k = Keypair(filename=key_file) + cert = Certificate(subject=self.user) + cert.set_pubkey(k) + cert.set_issuer(k, self.user) + cert.sign() + self.logger.info("Writing self-signed certificate to %s"%cert_file) + cert.save_to_file(cert_file) + # try to get registry issued cert + try: + self.logger.info("Getting Registry issued cert") + self.read_config() + # *hack. need to set registyr before _get_gid() is called + self.registry = xmlrpcprotocol.get_server(self.reg_url, key_file, cert_file, self.options) + gid = self._get_gid(type='user') + self.registry = None + self.logger.info("Writing certificate to %s"%cert_file) + gid.save_to_file(cert_file) + except: + self.logger.info("Failed to download Registry issued cert") + + return cert_file def get_cached_gid(self, file): """ @@ -410,7 +430,7 @@ class Sfi: self.logger.debug("Sfi.get_gid-> %s",gid.save_to_string(save_parents=True)) return gid - def _get_gid(self, hrn=None): + def _get_gid(self, hrn=None, type=None): """ git_gid helper. Retrive the gid from the registry and save it to file. """ @@ -423,7 +443,12 @@ class Sfi: if not gid: user_cred = self.get_user_cred() records = self.registry.Resolve(hrn, user_cred.save_to_string(save_parents=True)) - if not records: + record = None + if type: + for rec in records: + if type == record['type']: + record = rec + if not record: raise RecordNotFound(args[0]) gid = GID(string=records[0]['gid']) self.logger.info("Writing gid to %s"%gidfile) @@ -493,7 +518,7 @@ class Sfi: if (os.path.isfile(file)): return file else: - self.logger.critical("No such rspec file"%rspec) + self.logger.critical("No such rspec file %s"%rspec) sys.exit(1) def get_record_file(self, record): @@ -715,7 +740,7 @@ class Sfi: elif record['type'] in ["slice"]: try: cred = self.get_slice_cred(record.get_name()).save_to_string(save_parents=True) - except ServerException, e: + except xmlrpcprotocol.ServerException, e: # XXX smbaker -- once we have better error return codes, update this # to do something better than a string compare if "Permission error" in e.args[0]: @@ -781,7 +806,7 @@ class Sfi: else: server = self.get_server_from_opts(opts) version=server.GetVersion() - for (k,v) in version.items(): + for (k,v) in version.iteritems(): print "%-20s: %s"%(k,v) # list instantiated slices @@ -795,6 +820,7 @@ class Sfi: delegated_cred = self.delegate_cred(user_cred, get_authority(self.authority)) creds.append(delegated_cred) server = self.get_server_from_opts(opts) + #results = server.ListSlices(creds, unique_call_id()) results = server.ListSlices(creds) display_list(results) return @@ -809,7 +835,7 @@ class Sfi: if args: cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True) hrn = args[0] - call_options = {'geni_slice_urn': hrn_to_urn(hrn, 'slice')} + call_options = {'geni_slice_urn': hrn_to_urn(hrn, 'slice')} else: cred = user_cred hrn = None @@ -817,8 +843,13 @@ class Sfi: creds = [cred] if opts.delegate: delegated_cred = self.delegate_cred(cred, get_authority(self.authority)) - creds.append(delegated_cred) - result = server.ListResources(creds, call_options) + creds.append(delegated_cred) + if opts.rspec_version: + call_options['rspec_version'] = opts.rspec_version + #panos add info options + if opts.info: + call_options['info'] = opts.info + result = server.ListResources(creds, call_options,unique_call_id()) format = opts.format if opts.file is None: display_rspec(result, format) @@ -841,8 +872,31 @@ class Sfi: creds.append(delegated_cred) rspec_file = self.get_rspec_file(args[1]) rspec = open(rspec_file).read() + + # users = [ + # { urn: urn:publicid:IDN+emulab.net+user+alice + # keys: [, ] + # }] + users = [] server = self.get_server_from_opts(opts) - result = server.CreateSliver(slice_urn, creds, rspec, []) + version = server.GetVersion() + if 'sfa' not in version: + # need to pass along user keys if this request is going to a ProtoGENI aggregate + # ProtoGeni Aggregates will only install the keys of the user that is issuing the + # request. So we will only pass in one user that contains the keys for all + # users of the slice + user = {'urn': user_cred.get_gid_caller().get_urn(), + 'keys': []} + slice_record = self.registry.Resolve(slice_urn, creds) + if slice_record and 'researchers' in slice_record: + user_hrns = slice_record['researchers'] + user_urns = [hrn_to_urn(hrn, 'user') for hrn in user_hrns] + user_records = self.registry.Resolve(user_urns, creds) + for user_record in user_records: + if 'keys' in user_record: + user['keys'].extend(user_record['keys']) + users.append(user) + result = server.CreateSliver(slice_urn, creds, rspec, users, unique_call_id()) print result return result @@ -909,7 +963,7 @@ class Sfi: delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) creds.append(delegated_cred) server = self.get_server_from_opts(opts) - return server.DeleteSliver(slice_urn, creds) + return server.DeleteSliver(slice_urn, creds, unique_call_id()) # start named slice def start(self, opts, args): @@ -957,7 +1011,7 @@ class Sfi: delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) creds.append(delegated_cred) time = args[1] - return server.RenewSliver(slice_urn, creds, time) + return server.RenewSliver(slice_urn, creds, time, unique_call_id()) def status(self, opts, args): @@ -969,7 +1023,7 @@ class Sfi: delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority)) creds.append(delegated_cred) server = self.get_server_from_opts(opts) - print server.SliverStatus(slice_urn, creds) + print server.SliverStatus(slice_urn, creds, unique_call_id()) def shutdown(self, opts, args):