+ return cred
+
+def get_trusted_certs(registry=None, verbose=False):
+ """
+ refresh our list of trusted certs.
+ """
+ # define useful variables
+ config = Config()
+ data_dir = config.data_path
+ trusted_certs_dir = config.get_trustedroots_dir()
+ keyfile = data_dir + os.sep + "server.key"
+ certfile = data_dir + os.sep + "server.cert"
+ node_gid_file = config_dir + os.sep + "node.gid"
+ node_gid = GID(filename=node_gid_file)
+ hrn = node_gid.get_hrn()
+ # get credential
+ cred = get_credential(registry=registry, verbose=verbose)
+ # make sure server key cert pair exists
+ create_server_keypair(keyfile=keyfile, certfile=certfile, hrn=hrn, verbose=verbose)
+ registry = get_server(url=registry, keyfile=keyfile, certfile=certfile)
+ # get the trusted certs and save them in the right place
+ if verbose:
+ print "Getting trusted certs from registry"
+ trusted_certs = registry.get_trusted_certs(cred)
+ trusted_gid_names = []
+ for gid_str in trusted_certs:
+ gid = GID(string=gid_str)
+ gid.decode()
+ trusted_gid_names.append(gid.get_hrn())
+ gid_filename = trusted_certs_dir + os.sep + gid.get_hrn() + ".gid"
+ if verbose:
+ print "Writing GID for %s as %s" % (gid.get_hrn(), gid_filename)
+ gid.save_to_file(gid_filename, save_parents=True)
+
+ # remove old certs
+ all_gids_names = os.listdir(trusted_certs_dir)
+ for gid_name in all_gids_names:
+ if gid_name not in trusted_gid_names:
+ os.unlink(trusted_certs_dir + os.sep + gid_name)
+
+def get_gids(registry=None, verbose=False):
+ """
+ Get the gid for all instantiated slices on this node and store it
+ in /etc/sfa/slice.gid in the slice's filesystem
+ """
+ # define useful variables
+ config = Config()
+ data_dir = config.data_path
+ trusted_certs_dir = config.get_trustedroots_dir()
+ keyfile = data_dir + os.sep + "server.key"
+ certfile = data_dir + os.sep + "server.cert"
+ node_gid_file = config_dir + os.sep + "node.gid"
+ node_gid = GID(filename=node_gid_file)
+ hrn = node_gid.get_hrn()
+ interface_hrn = config.SFA_INTERFACE_HRN
+ # get credential
+ cred = get_credential(registry=registry, verbose=verbose)
+ # make sure server key cert pair exists
+ create_server_keypair(keyfile=keyfile, certfile=certfile, hrn=hrn, verbose=verbose)
+ registry = get_server(url=registry, keyfile=keyfile, certfile=certfile)
+
+ if verbose:
+ print "Getting current slices on this node"
+ # get a list of slices on this node
+ from sfa.plc.api import ComponentAPI
+ api = ComponentAPI()
+ slicenames = api.nodemanger.GetXIDs().keys()
+ slicename_to_hrn = lambda name: ".".join([interface_hrn, name.replace('_', '.')])
+ hrns = map(slicename_to_hrn, slicenames)
+
+ if verbose:
+ print "Getting gids for slices on this node from registry"
+ # get the gids
+ # and save them in the right palce
+ records = registry.get_gids(cred, hrns)
+ for record in records:
+ # if this isnt a slice record skip it
+ if not record['type'] == 'slice':
+ continue
+ slicename = misc.hrn_to_pl_slicename(record['hrn'])
+ # if this slice isnt really instatiated skip it
+ if not os.path.exists("/vservers/%(slicename)s" % locals()):
+ continue
+
+ # save the slice gid in /etc/sfa/ in the vservers filesystem
+ vserver_path = "/vserver/%(slicename)s" % locals()
+ gid = record['gid']
+ slice_gid_filename = os.sep.join([vserver_path, config_dir, "slice.gid"])
+ if verbose:
+ print "Saving GID for %(slicename)s as %(slice_gid_filename)s" % locals()
+ GID(string=gid).save_to_file(slice_gid_filename, save_parents=True)
+ # save the node gid in /etc/sfa
+ node_gid_filename = os.sep.join([vserver_path, config_dir, "node.gid"])
+ if verbose:
+ print "Saving node GID for %(slicename)s as %(slice_gid_filename)s" % locals()
+ node_gid.save_to_file(node_gid_filename, save_parents=True)
+
+
+def dispatch(options, args):
+
+ create_default_dirs()
+ if options.key:
+ if verbose:
+ print "Getting the component's pkey"
+ get_node_key(options.registry, options.verbose)
+ if options.certs:
+ if options.verbose:
+ print "Getting the component's trusted certs"
+ get_certs(options.verbose)
+ if options.gids:
+ if options.verbose:
+ print "Geting the component's GIDs"
+ get_gids(options.verbose)