X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fopenstack%2Fnova_driver.py;h=638811e9bcc61ddeec7873506da2bab19b769636;hb=b6dcfc034473c011988fba0d02bbeb6406925465;hp=2e1223397037a00054a91b38b4780d7c7dab0d68;hpb=30e2e0f1d80fe661602feb32c6cbd327490dd8dd;p=sfa.git diff --git a/sfa/openstack/nova_driver.py b/sfa/openstack/nova_driver.py index 2e122339..638811e9 100644 --- a/sfa/openstack/nova_driver.py +++ b/sfa/openstack/nova_driver.py @@ -9,8 +9,7 @@ from sfa.util.sfalogging import logger from sfa.util.defaultdict import defaultdict from sfa.util.sfatime import utcparse, datetime_to_string, datetime_to_epoch from sfa.util.xrn import Xrn, hrn_to_urn, get_leaf, urn_to_sliver_id -from sfa.planetlab.plxrn import PlXrn -from sfa.openstack.osxrn import OSXrn, hrn_to_os_slicename +from sfa.openstack.osxrn import OSXrn, hrn_to_os_slicename, hrn_to_os_tenant_name from sfa.util.cache import Cache from sfa.trust.credential import Credential # used to be used in get_ticket @@ -24,8 +23,6 @@ from sfa.managers.driver import Driver from sfa.openstack.shell import Shell from sfa.openstack.osaggregate import OSAggregate from sfa.planetlab.plslices import PlSlices -from sfa.util.osxrn import OSXrn - def list_to_dict(recs, key): """ @@ -67,49 +64,70 @@ class NovaDriver(Driver): ########## def register (self, sfa_record, hrn, pub_key): - type = sfa_record['type'] - #pl_record = self.sfa_fields_to_pl_fields(type dd , hrn, sfa_record) - - if type == 'slice': - # add slice description, name, researchers, PI - name = hrn_to_os_slicename(hrn) - researchers = sfa_record.get('researchers', []) - pis = sfa_record.get('pis', []) - project_manager = None - description = sfa_record.get('description', None) - if pis: - project_manager = Xrn(pis[0], 'user').get_leaf() - elif researchers: - project_manager = Xrn(researchers[0], 'user').get_leaf() - if not project_manager: - err_string = "Cannot create a project without a project manager. " + \ - "Please specify at least one PI or researcher for project: " + \ - name - raise SfaInvalidArgument(err_string) - - users = [Xrn(user, 'user').get_leaf() for user in \ - pis + researchers] - self.shell.auth_manager.create_project(name, project_manager, description, users) - - elif type == 'user': - # add person roles, projects and keys - name = Xrn(hrn).get_leaf() - self.shell.auth_manager.create_user(name) - projects = sfa_records.get('slices', []) - for project in projects: - project_name = Xrn(project).get_leaf() - self.shell.auth_manager.add_to_project(name, project_name) - keys = sfa_records.get('keys', []) - for key in keys: - key_dict = { - 'user_id': name, - 'name': name, - 'public': key, - } - self.shell.db.key_pair_create(key_dict) - - return name + if sfa_record['type'] == 'slice': + record = self.register_slice(sfa_record, hrn) + elif sfa_record['type'] == 'user': + record = self.register_user(sfa_record, hrn, pub_key) + elif sfa_record['type'].startswith('authority'): + record = self.register_authority(sfa_record, hrn) + # We should be returning the records id as a pointer but + # this is a string and the records table expects this to be an + # int. + #return record.id + return -1 + + def register_slice(self, sfa_record, hrn): + # add slice description, name, researchers, PI + name = hrn_to_os_tenant_name(hrn) + description = sfa_record.get('description', None) + self.shell.auth_manager.tenants.create(name, description) + tenant = self.shell.auth_manager.tenants.find(name=name) + auth_hrn = OSXrn(xrn=hrn, type='slice').get_authority_hrn() + parent_tenant_name = OSXrn(xrn=auth_hrn, type='slice').get_tenant_name() + parent_tenant = self.shell.auth_manager.tenants.find(name=parent_tenant_name) + researchers = sfa_record.get('researchers', []) + for researcher in researchers: + name = Xrn(researcher).get_leaf() + user = self.shell.auth_manager.users.find(name=name) + self.shell.auth_manager.roles.add_user_role(user, 'user', tenant) + + pis = sfa_record.get('pis', []) + for pi in pis: + name = Xrn(pi).get_leaf() + user = self.shell.auth_manager.users.find(name=name) + self.shell.auth_manager.roles.add_user_role(user, 'pi', tenant) + self.shell.auth_manager.roles.add_user_role(user, 'pi', parent_tenant) + + return tenant + + def register_user(self, sfa_record, hrn, pub_key): + # add person roles, projects and keys + email = sfa_record.get('email', None) + xrn = Xrn(hrn) + name = xrn.get_leaf() + auth_hrn = xrn.get_authority_hrn() + tenant_name = OSXrn(xrn=auth_hrn, type='authority').get_tenant_name() + tenant = self.shell.auth_manager.tenants.find(name=tenant_name) + self.shell.auth_manager.users.create(name, email=email, tenant_id=tenant.id) + user = self.shell.auth_manager.users.find(name=name) + slices = sfa_records.get('slices', []) + for slice in projects: + slice_tenant_name = OSXrn(xrn=slice, type='slice').get_tenant_name() + slice_tenant = self.shell.auth_manager.tenants.find(name=slice_tenant_name) + self.shell.auth_manager.roles.add_user_role(user, slice_tenant, 'user') + keys = sfa_records.get('keys', []) + for key in keys: + keyname = OSXrn(xrn=hrn, type='user').get_slicename() + self.shell.nova_client.keypairs.create(keyname, key) + return user + + def register_authority(self, sfa_record, hrn): + name = OSXrn(xrn=hrn, type='authority').get_tenant_name() + self.shell.auth_manager.tenants.create(name, sfa_record.get('description', '')) + tenant = self.shell.auth_manager.tenants.find(name=name) + return tenant + ########## # xxx actually old_sfa_record comes filled with plc stuff as well in the original code @@ -164,29 +182,16 @@ class NovaDriver(Driver): records = [records] for record in records: - os_record = None if record['type'] == 'user': - name = Xrn(record['hrn']).get_leaf() - os_record = self.shell.auth_manager.get_user(name) - projects = self.shell.db.project_get_by_user(name) - record['slices'] = [self.hrn + "." + proj.name for \ - proj in projects] - record['roles'] = self.shell.db.user_get_roles(name) - keys = self.shell.db.key_pair_get_all_by_user(name) - record['keys'] = [key.public_key for key in keys] + record = self.fill_user_record_info(record) elif record['type'] == 'slice': - name = hrn_to_os_slicename(record['hrn']) - os_record = self.shell.auth_manager.get_project(name) - record['description'] = os_record.description - record['PI'] = [self.hrn + "." + os_record.project_manager.name] - record['geni_creator'] = record['PI'] - record['researcher'] = [self.hrn + "." + user for \ - user in os_record.member_ids] + record = self.fill_slice_record_info(record) + elif record['type'].startswith('authority'): + record = self.fill_auth_record_info(record) else: continue record['geni_urn'] = hrn_to_urn(record['hrn'], record['type']) record['geni_certificate'] = record['gid'] - record['name'] = os_record.name #if os_record.created_at is not None: # record['date_created'] = datetime_to_string(utcparse(os_record.created_at)) #if os_record.updated_at is not None: @@ -194,6 +199,94 @@ class NovaDriver(Driver): return records + def fill_user_record_info(self, record): + xrn = Xrn(record['hrn']) + name = xrn.get_leaf() + record['name'] = name + user = self.shell.auth_manager.users.find(name=name) + record['email'] = user.email + tenant = self.shell.auth_manager.tenants.find(id=user.tenantId) + slices = [] + all_tenants = self.shell.auth_manager.tenants.list() + for tmp_tenant in all_tenants: + if tmp_tenant.name.startswith(tenant.name +"."): + for tmp_user in tmp_tenant.list_users(): + if tmp_user.name == user.name: + slice_hrn = ".".join([self.hrn, tmp_tenant.name]) + slices.append(slice_hrn) + record['slices'] = slices + roles = self.shell.auth_manager.roles.roles_for_user(user, tenant) + record['roles'] = [role.name for role in roles] + keys = self.shell.nova_manager.keypairs.findall(name=record['hrn']) + record['keys'] = [key.public_key for key in keys] + return record + + def fill_slice_record_info(self, record): + tenant_name = hrn_to_os_tenant_name(record['hrn']) + tenant = self.shell.auth_manager.tenants.find(name=tenant_name) + parent_tenant_name = OSXrn(xrn=tenant_name).get_authority_hrn() + parent_tenant = self.shell.auth_manager.tenants.find(name=parent_tenant_name) + researchers = [] + pis = [] + + # look for users and pis in slice tenant + for user in tenant.list_users(): + for role in self.shell.auth_manager.roles.roles_for_user(user, tenant): + if role.name.lower() == 'pi': + user_tenant = self.shell.auth_manager.tenants.find(id=user.tenantId) + hrn = ".".join([self.hrn, user_tenant.name, user.name]) + pis.append(hrn) + elif role.name.lower() in ['user', 'member']: + user_tenant = self.shell.auth_manager.tenants.find(id=user.tenantId) + hrn = ".".join([self.hrn, user_tenant.name, user.name]) + researchers.append(hrn) + + # look for pis in the slice's parent (site/organization) tenant + for user in parent_tenant.list_users(): + for role in self.shell.auth_manager.roles.roles_for_user(user, parent_tenant): + if role.name.lower() == 'pi': + user_tenant = self.shell.auth_manager.tenants.find(id=user.tenantId) + hrn = ".".join([self.hrn, user_tenant.name, user.name]) + pis.append(hrn) + record['name'] = tenant_name + record['description'] = tenant.description + record['PI'] = pis + if pis: + record['geni_creator'] = pis[0] + else: + record['geni_creator'] = None + record['researcher'] = researchers + return record + + def fill_auth_record_info(self, record): + tenant_name = hrn_to_os_tenant_name(record['hrn']) + tenant = self.shell.auth_manager.tenants.find(name=tenant_name) + researchers = [] + pis = [] + + # look for users and pis in slice tenant + for user in tenant.list_users(): + for role in self.shell.auth_manager.roles.roles_for_user(user, tenant): + hrn = ".".join([self.hrn, tenant.name, user.name]) + if role.name.lower() == 'pi': + pis.append(hrn) + elif role.name.lower() in ['user', 'member']: + researchers.append(hrn) + + # look for slices + slices = [] + all_tenants = self.shell.auth_manager.tenants.list() + for tmp_tenant in all_tenants: + if tmp_tenant.name.startswith(tenant.name+"."): + slices.append(".".join([self.hrn, tmp_tenant.name])) + + record['name'] = tenant_name + record['description'] = tenant.description + record['PI'] = pis + record['enabled'] = tenant.enabled + record['researchers'] = researchers + record['slices'] = slices + return record #################### # plcapi works by changes, compute what needs to be added/deleted @@ -319,9 +412,11 @@ class NovaDriver(Driver): res['geni_urn'] = sliver_id if instance.vm_state == 'running': - res['boot_state'] = 'ready'; + res['boot_state'] = 'ready' + res['geni_status'] = 'ready' else: res['boot_state'] = 'unknown' + res['geni_status'] = 'unknown' resources.append(res) result['geni_status'] = top_level_status