3 # sfi -- slice-based facility interface
12 from lxml import etree
13 from StringIO import StringIO
14 from types import StringTypes, ListType
15 from optparse import OptionParser
16 from sfa.trust.certificate import Keypair, Certificate
17 from sfa.trust.credential import Credential
18 from sfa.util.sfaticket import SfaTicket
19 from sfa.util.record import *
20 from sfa.util.namespace import *
21 from sfa.util.xmlrpcprotocol import ServerException
22 import sfa.util.xmlrpcprotocol as xmlrpcprotocol
23 from sfa.util.config import Config
27 # utility methods here
29 def display_rspec(rspec, format='rspec'):
31 tree = etree.parse(StringIO(rspec))
33 result = root.xpath("./network/site/node/hostname/text()")
34 elif format in ['ip']:
35 # The IP address is not yet part of the new RSpec
36 # so this doesn't do anything yet.
37 tree = etree.parse(StringIO(rspec))
39 result = root.xpath("./network/site/node/ipv4/text()")
46 def display_list(results):
47 for result in results:
51 def display_records(recordList, dump=False):
52 ''' Print all fields in the record'''
53 for record in recordList:
54 display_record(record, dump)
56 def display_record(record, dump=False):
60 info = record.getdict()
61 print "%s (%s)" % (info['hrn'], info['type'])
65 def filter_records(type, records):
67 for record in records:
68 if (record['type'] == type) or (type == "all"):
69 filtered_records.append(record)
70 return filtered_records
74 def save_rspec_to_file(rspec, filename):
75 if not filename.endswith(".rspec"):
76 filename = filename + ".rspec"
78 f = open(filename, 'w')
83 def save_records_to_file(filename, recordList):
85 for record in recordList:
87 save_record_to_file(filename + "." + str(index), record)
89 save_record_to_file(filename, record)
92 def save_record_to_file(filename, record):
93 if record['type'] in ['user']:
94 record = UserRecord(dict=record)
95 elif record['type'] in ['slice']:
96 record = SliceRecord(dict=record)
97 elif record['type'] in ['node']:
98 record = NodeRecord(dict=record)
99 elif record['type'] in ['authority', 'ma', 'sa']:
100 record = AuthorityRecord(dict=record)
102 record = SfaRecord(dict=record)
103 str = record.save_to_string()
104 file(filename, "w").write(str)
109 def load_record_from_file(filename):
110 str = file(filename, "r").read()
111 record = SfaRecord(string=str)
126 def create_cmd_parser(self, command, additional_cmdargs=None):
127 cmdargs = {"gid": "",
133 "aggregates": "[name]",
134 "registries": "[name]",
136 "resources": "[name]",
137 "create": "name rspec",
138 "get_trusted_certs": "cred",
139 "get_ticket": "name rspec",
140 "redeem_ticket": "ticket",
146 "GetVersion": "name",
147 "ListResources": "name",
148 "CreateSliver": "name",
149 "get_geni_aggregates": "name",
150 "DeleteSliver": "name",
151 "SliverStatus": "name",
152 "RenewSliver": "name",
156 if additional_cmdargs:
157 cmdargs.update(additional_cmdargs)
159 if command not in cmdargs:
160 print "Invalid command\n"
162 for key in cmdargs.keys():
167 parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
168 % (command, cmdargs[command]))
170 if command in ("resources"):
171 parser.add_option("-f", "--format", dest="format", type="choice",
172 help="display format ([xml]|dns|ip)", default="xml",
173 choices=("xml", "dns", "ip"))
174 parser.add_option("-a", "--aggregate", dest="aggregate",
175 default=None, help="aggregate hrn")
177 if command in ("create", "get_ticket"):
178 parser.add_option("-a", "--aggregate", dest="aggregate", default=None,
179 help="aggregate hrn")
181 if command in ("start", "stop", "reset", "delete", "slices"):
182 parser.add_option("-c", "--component", dest="component", default=None,
183 help="component hrn")
185 if command in ("list", "show", "remove"):
186 parser.add_option("-t", "--type", dest="type", type="choice",
187 help="type filter ([all]|user|slice|sa|ma|node|aggregate)",
188 choices=("all", "user", "slice", "sa", "ma", "node", "aggregate"),
191 if command in ("resources", "show", "list"):
192 parser.add_option("-o", "--output", dest="file",
193 help="output XML to file", metavar="FILE", default=None)
195 if command in ("show", "list"):
196 parser.add_option("-f", "--format", dest="format", type="choice",
197 help="display format ([text]|xml)", default="text",
198 choices=("text", "xml"))
200 if command in ("delegate"):
201 parser.add_option("-u", "--user",
202 action="store_true", dest="delegate_user", default=False,
203 help="delegate user credential")
204 parser.add_option("-s", "--slice", dest="delegate_slice",
205 help="delegate slice credential", metavar="HRN", default=None)
210 def create_parser(self):
212 # Generate command line parser
213 parser = OptionParser(usage="sfi [options] command [command_options] [command_args]",
214 description="Commands: gid,list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
215 parser.add_option("-g", "--geni_am", dest="geni_am",
216 help="geni am", metavar="URL", default=None)
217 parser.add_option("-r", "--registry", dest="registry",
218 help="root registry", metavar="URL", default=None)
219 parser.add_option("-s", "--slicemgr", dest="sm",
220 help="slice manager", metavar="URL", default=None)
221 default_sfi_dir = os.path.expanduser("~/.sfi/")
222 parser.add_option("-d", "--dir", dest="sfi_dir",
223 help="config & working directory - default is " + default_sfi_dir,
224 metavar="PATH", default=default_sfi_dir)
225 parser.add_option("-u", "--user", dest="user",
226 help="user name", metavar="HRN", default=None)
227 parser.add_option("-a", "--auth", dest="auth",
228 help="authority name", metavar="HRN", default=None)
229 parser.add_option("-v", "--verbose",
230 action="store_true", dest="verbose", default=False,
232 parser.add_option("-D", "--debug",
233 action="store_true", dest="debug", default=False,
234 help="Debug (xml-rpc) protocol messages")
235 parser.add_option("-p", "--protocol",
236 dest="protocol", default="xmlrpc",
237 help="RPC protocol (xmlrpc or soap)")
238 parser.add_option("-k", "--hashrequest",
239 action="store_true", dest="hashrequest", default=False,
240 help="Create a hash of the request that will be authenticated on the server")
241 parser.disable_interspersed_args()
247 # Establish Connection to SliceMgr and Registry Servers
249 def set_servers(self):
250 config_file = self.options.sfi_dir + os.sep + "sfi_config"
252 config = Config (config_file)
254 print "Failed to read configuration file", config_file
255 print "Make sure to remove the export clauses and to add quotes"
256 if not self.options.verbose:
257 print "Re-run with -v for more details"
259 traceback.print_exc()
264 if (self.options.sm is not None):
265 sm_url = self.options.sm
266 elif hasattr(config, "SFI_SM"):
267 sm_url = config.SFI_SM
269 print "You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s" % config_file
273 if (self.options.registry is not None):
274 reg_url = self.options.registry
275 elif hasattr(config, "SFI_REGISTRY"):
276 reg_url = config.SFI_REGISTRY
278 print "You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file
282 if (self.options.geni_am is not None):
283 geni_am_url = self.options.geni_am
284 elif hasattr(config, "SFI_GENI_AM"):
285 geni_am_url = config.SFI_GENI_AM
288 if (self.options.user is not None):
289 self.user = self.options.user
290 elif hasattr(config, "SFI_USER"):
291 self.user = config.SFI_USER
293 print "You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file
297 if (self.options.auth is not None):
298 self.authority = self.options.auth
299 elif hasattr(config, "SFI_AUTH"):
300 self.authority = config.SFI_AUTH
302 print "You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file
308 if self.options.verbose :
309 print "Contacting Slice Manager at:", sm_url
310 print "Contacting Registry at:", reg_url
312 # Get key and certificate
313 key_file = self.get_key_file()
314 cert_file = self.get_cert_file(key_file)
315 self.key = Keypair(filename=key_file)
316 self.key_file = key_file
317 self.cert_file = cert_file
318 self.cert = Certificate(filename=cert_file)
319 # Establish connection to server(s)
320 self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file, self.options.debug)
321 self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file, self.options.debug)
322 self.geni_am = xmlrpcprotocol.get_server(geni_am_url, key_file, cert_file, self.options.debug)
327 # Get various credential and spec files
329 # Establishes limiting conventions
330 # - conflates MAs and SAs
331 # - assumes last token in slice name is unique
333 # Bootstraps credentials
334 # - bootstrap user credential from self-signed certificate
335 # - bootstrap authority credential from user credential
336 # - bootstrap slice credential from user credential
340 def get_key_file(self):
341 file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".pkey")
342 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".pkey")
343 if (os.path.isfile(file)):
346 print "Key file", file, "does not exist"
350 def get_cert_file(self, key_file):
352 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cert")
353 file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert")
354 if (os.path.isfile(file)):
357 k = Keypair(filename=key_file)
358 cert = Certificate(subject=self.user)
360 cert.set_issuer(k, self.user)
362 if self.options.verbose :
363 print "Writing self-signed certificate to", file
364 cert.save_to_file(file)
368 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".gid")
369 file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".gid")
370 if (os.path.isfile(file)):
371 gid = GID(filename=file)
374 cert_str = self.cert.save_to_string(save_parents=True)
375 gid_str = self.registry.get_gid(cert_str, self.user, "user")
376 gid = GID(string=gid_str)
377 if self.options.verbose:
378 print "Writing user gid to", file
379 gid.save_to_file(file, save_parents=True)
382 def get_user_cred(self):
383 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cred")
384 file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cred")
385 if (os.path.isfile(file)):
386 user_cred = Credential(filename=file)
389 # bootstrap user credential
390 cert_string = self.cert.save_to_string(save_parents=True)
391 user_name = self.user.replace(self.authority + ".", '')
392 if user_name.count(".") > 0:
393 user_name = user_name.replace(".", '_')
394 self.user = self.authority + "." + user_name
396 user_cred = self.registry.get_self_credential(cert_string, "user", self.user)
398 cred = Credential(string=user_cred)
399 cred.save_to_file(file, save_parents=True)
400 if self.options.verbose:
401 print "Writing user credential to", file
404 print "Failed to get user credential"
407 def get_auth_cred(self):
408 if not self.authority:
409 print "no authority specified. Use -a or set SF_AUTH"
412 file = os.path.join(self.options.sfi_dir, get_leaf("authority") + ".cred")
413 if (os.path.isfile(file)):
414 auth_cred = Credential(filename=file)
417 # bootstrap authority credential from user credential
418 user_cred = self.get_user_cred().save_to_string(save_parents=True)
419 auth_cred = self.registry.get_credential(user_cred, "authority", self.authority)
421 cred = Credential(string=auth_cred)
422 cred.save_to_file(file, save_parents=True)
423 if self.options.verbose:
424 print "Writing authority credential to", file
427 print "Failed to get authority credential"
430 def get_slice_cred(self, name):
431 file = os.path.join(self.options.sfi_dir, "slice_" + get_leaf(name) + ".cred")
432 if (os.path.isfile(file)):
433 slice_cred = Credential(filename=file)
436 # bootstrap slice credential from user credential
437 user_cred = self.get_user_cred().save_to_string(save_parents=True)
438 arg_list = [user_cred, "slice", name]
439 slice_cred_str = self.registry.get_credential(user_cred, "slice", name)
441 slice_cred = Credential(string=slice_cred_str)
442 slice_cred.save_to_file(file, save_parents=True)
443 if self.options.verbose:
444 print "Writing slice credential to", file
447 print "Failed to get slice credential"
450 def delegate_cred(self, cred, hrn, type='authority'):
451 # the gid and hrn of the object we are delegating
452 user_cred = Credential(string=cred)
453 object_gid = user_cred.get_gid_object()
454 object_hrn = object_gid.get_hrn()
455 #cred.set_delegate(True)
456 #if not cred.get_delegate():
457 # raise Exception, "Error: Object credential %(object_hrn)s does not have delegate bit set" % locals()
460 records = self.registry.resolve(cred, hrn)
461 records = filter_records(type, records)
464 raise Exception, "Error: Didn't find a %(type)s record for %(hrn)s" % locals()
466 # the gid of the user who will be delegated too
467 record = SfaRecord(dict=records[0])
468 delegee_gid = record.get_gid_object()
469 delegee_hrn = delegee_gid.get_hrn()
471 # the key and hrn of the user who will be delegating
472 user_key = Keypair(filename=self.get_key_file())
473 user_hrn = user_cred.get_gid_caller().get_hrn()
475 dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
476 dcred.set_gid_caller(delegee_gid)
477 dcred.set_gid_object(object_gid)
478 dcred.set_privileges(user_cred.get_privileges())
479 dcred.get_privileges().delegate_all_privileges(True)
482 # Save the issuer's gid to a file
483 fname = self.options.sfi_dir + os.sep + "gid_%d" % random.randint(0, 999999999)
485 f.write(user_cred.get_gid_caller().save_to_string())
487 dcred.set_issuer_keys(self.get_key_file(), fname)
490 dcred.set_parent(user_cred)
494 return dcred.save_to_string(save_parents=True)
496 def get_rspec_file(self, rspec):
497 if (os.path.isabs(rspec)):
500 file = os.path.join(self.options.sfi_dir, rspec)
501 if (os.path.isfile(file)):
504 print "No such rspec file", rspec
507 def get_record_file(self, record):
508 if (os.path.isabs(record)):
511 file = os.path.join(self.options.sfi_dir, record)
512 if (os.path.isfile(file)):
515 print "No such registry record file", record
518 def load_publickey_string(self, fn):
520 key_string = f.read()
522 # if the filename is a private key file, then extract the public key
523 if "PRIVATE KEY" in key_string:
524 outfn = tempfile.mktemp()
525 cmd = "openssl rsa -in " + fn + " -pubout -outform PEM -out " + outfn
528 key_string = f.read()
533 def get_component_server_from_hrn(self, hrn):
534 # direct connection to the nodes component manager interface
535 user_cred = self.get_user_cred().save_to_string(save_parents=True)
536 records = self.registry.resolve(user_cred, hrn)
537 records = filter_records('node', records)
539 print "No such component:", opts.component
542 url = "https://%s:%s" % (record['hostname'], cm_port)
543 return xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.debug)
546 # Following functions implement the commands
548 # Registry-related commands
551 def dispatch(self, command, cmd_opts, cmd_args):
552 getattr(self, command)(cmd_opts, cmd_args)
554 def gid(self, opts, args):
556 print "GID: %s" % (gid.save_to_string(save_parents=True))
559 # list entires in named authority registry
560 def list(self, opts, args):
561 user_cred = self.get_user_cred().save_to_string(save_parents=True)
564 list = self.registry.list(user_cred, hrn)
566 raise Exception, "Not enough parameters for the 'list' command"
568 # filter on person, slice, site, node, etc.
569 # THis really should be in the self.filter_records funct def comment...
570 list = filter_records(opts.type, list)
572 print "%s (%s)" % (record['hrn'], record['type'])
575 if not file.startswith(os.sep):
576 file = os.path.join(self.options.sfi_dir, file)
577 save_records_to_file(file, list)
580 # show named registry record
581 def show(self, opts, args):
582 user_cred = self.get_user_cred().save_to_string(save_parents=True)
584 records = self.registry.resolve(user_cred, hrn)
585 records = filter_records(opts.type, records)
587 print "No record of type", opts.type
588 for record in records:
589 if record['type'] in ['user']:
590 record = UserRecord(dict=record)
591 elif record['type'] in ['slice']:
592 record = SliceRecord(dict=record)
593 elif record['type'] in ['node']:
594 record = NodeRecord(dict=record)
595 elif record['type'] in ['authority', 'ma', 'sa']:
596 record = AuthorityRecord(dict=record)
598 record = SfaRecord(dict=record)
599 if (opts.format == "text"):
602 print record.save_to_string()
606 if not file.startswith(os.sep):
607 file = os.path.join(self.options.sfi_dir, file)
608 save_records_to_file(file, records)
611 def delegate(self, opts, args):
612 user_cred = self.get_user_cred()
613 if opts.delegate_user:
614 object_cred = user_cred
615 elif opts.delegate_slice:
616 object_cred = self.get_slice_cred(opts.delegate_slice)
618 print "Must specify either --user or --slice <hrn>"
621 # the gid and hrn of the object we are delegating
622 object_gid = object_cred.get_gid_object()
623 object_hrn = object_gid.get_hrn()
625 if not object_cred.get_privileges().get_all_delegate():
626 print "Error: Object credential", object_hrn, "does not have delegate bit set"
629 records = self.registry.resolve(user_cred.save_to_string(save_parents=True), args[0])
630 records = filter_records("user", records)
633 print "Error: Didn't find a user record for", args[0]
636 # the gid of the user who will be delegated to
637 delegee_gid = GID(string=records[0]['gid'])
638 delegee_hrn = delegee_gid.get_hrn()
640 # the key and hrn of the user who will be delegating
641 user_key = Keypair(filename=self.get_key_file())
642 user_hrn = user_cred.get_gid_caller().get_hrn()
643 subject_string = "%s delegated to %s" % (object_hrn, delegee_hrn)
644 dcred = Credential(subject=subject_string)
645 dcred.set_gid_caller(delegee_gid)
646 dcred.set_gid_object(object_gid)
647 privs = object_cred.get_privileges()
648 dcred.set_privileges(object_cred.get_privileges())
649 dcred.get_privileges().delegate_all_privileges(True)
650 dcred.set_pubkey(object_gid.get_pubkey())
651 dcred.set_issuer(user_key, user_hrn)
652 dcred.set_parent(object_cred)
656 if opts.delegate_user:
657 dest_fn = os.path.join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_"
658 + get_leaf(object_hrn) + ".cred")
659 elif opts.delegate_slice:
660 dest_fn = os.path_join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_slice_"
661 + get_leaf(object_hrn) + ".cred")
663 dcred.save_to_file(dest_fn, save_parents=True)
665 print "delegated credential for", object_hrn, "to", delegee_hrn, "and wrote to", dest_fn
667 # removed named registry record
668 # - have to first retrieve the record to be removed
669 def remove(self, opts, args):
670 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
675 return self.registry.remove(auth_cred, type, hrn)
677 # add named registry record
678 def add(self, opts, args):
679 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
680 record_filepath = args[0]
681 rec_file = self.get_record_file(record_filepath)
682 record = load_record_from_file(rec_file).as_dict()
683 return self.registry.register(auth_cred, record)
685 # update named registry entry
686 def update(self, opts, args):
687 user_cred = self.get_user_cred()
688 rec_file = self.get_record_file(args[0])
689 record = load_record_from_file(rec_file)
690 if record['type'] == "user":
691 if record.get_name() == user_cred.get_gid_object().get_hrn():
692 cred = user_cred.save_to_string(save_parents=True)
694 cred = self.get_auth_cred().save_to_string(save_parents=True)
695 elif record['type'] in ["slice"]:
697 cred = self.get_slice_cred(record.get_name()).save_to_string(save_parents=True)
698 except ServerException, e:
699 # XXX smbaker -- once we have better error return codes, update this
700 # to do something better than a string compare
701 if "Permission error" in e.args[0]:
702 cred = self.get_auth_cred().save_to_string(save_parents=True)
705 elif record.get_type() in ["authority"]:
706 cred = self.get_auth_cred().save_to_string(save_parents=True)
707 elif record.get_type() == 'node':
708 cred = self.get_auth_cred().save_to_string(save_parents=True)
710 raise "unknown record type" + record.get_type()
711 record = record.as_dict()
712 return self.registry.update(cred, record)
714 def get_trusted_certs(self, opts, args):
716 return the trusted certs at this interface
718 trusted_certs = self.registry.get_trusted_certs()
719 for trusted_cert in trusted_certs:
720 cert = Certificate(string=trusted_cert)
721 print cert.get_subject()
724 def aggregates(self, opts, args):
726 return a list of details about known aggregates
728 user_cred = self.get_user_cred().save_to_string(save_parents=True)
733 result = self.registry.get_aggregates(user_cred, hrn)
737 def get_geni_aggregates(self, opts, args):
739 return a list of details about known aggregates
741 user_cred = self.get_user_cred().save_to_string(save_parents=True)
746 result = self.registry.get_geni_aggregates(user_cred, hrn)
751 def registries(self, opts, args):
753 return a list of details about known registries
755 user_cred = self.get_user_cred().save_to_string(save_parents=True)
759 result = self.registry.get_registries(user_cred, hrn)
765 # Slice-related commands
768 # list available nodes -- use 'resources' w/ no argument instead
770 # list instantiated slices
771 def slices(self, opts, args):
772 user_cred = self.get_user_cred().save_to_string(save_parents=True)
773 server = self.slicemgr
774 # direct connection to the nodes component manager interface
776 server = self.get_component_server_from_hrn(opts.component)
777 results = server.get_slices(user_cred)
778 display_list(results)
781 # show rspec for named slice
782 def resources(self, opts, args):
783 user_cred = self.get_user_cred().save_to_string(save_parents=True)
784 server = self.slicemgr
786 agg_hrn = opts.aggregate
787 aggregates = self.registry.get_aggregates(user_cred, agg_hrn)
789 raise Exception, "No such aggregate %s" % agg_hrn
790 aggregate = aggregates[0]
791 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
792 server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.debug)
794 cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
800 result = server.get_resources(cred, hrn)
803 display_rspec(result, format)
804 if (opts.file is not None):
806 if not file.startswith(os.sep):
807 file = os.path.join(self.options.sfi_dir, file)
808 save_rspec_to_file(result, file)
811 # created named slice with given rspec
812 def create(self, opts, args):
814 user_cred = self.get_user_cred()
815 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
816 rspec_file = self.get_rspec_file(args[1])
817 rspec = open(rspec_file).read()
818 server = self.slicemgr
820 aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
822 raise Exception, "No such aggregate %s" % opts.aggregate
823 aggregate = aggregates[0]
824 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
825 server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.debug)
826 return server.create_slice(slice_cred, slice_hrn, rspec)
828 # get a ticket for the specified slice
829 def get_ticket(self, opts, args):
830 slice_hrn, rspec_path = args[0], args[1]
831 user_cred = self.get_user_cred()
832 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
833 rspec_file = self.get_rspec_file(rspec_path)
834 rspec = open(rspec_file).read()
835 server = self.slicemgr
837 aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
839 raise Exception, "No such aggregate %s" % opts.aggregate
840 aggregate = aggregates[0]
841 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
842 server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.debug)
843 ticket_string = server.get_ticket(slice_cred, slice_hrn, rspec)
844 file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
845 print "writing ticket to ", file
846 ticket = SfaTicket(string=ticket_string)
847 ticket.save_to_file(filename=file, save_parents=True)
849 def redeem_ticket(self, opts, args):
850 ticket_file = args[0]
852 # get slice hrn from the ticket
853 # use this to get the right slice credential
854 ticket = SfaTicket(filename=ticket_file)
856 slice_hrn = ticket.gidObject.get_hrn()
857 #slice_hrn = ticket.attributes['slivers'][0]['hrn']
858 user_cred = self.get_user_cred()
859 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
861 # get a list of node hostnames from the RSpec
862 tree = etree.parse(StringIO(ticket.rspec))
863 root = tree.getroot()
864 hostnames = root.xpath("./network/site/node/hostname/text()")
866 # create an xmlrpc connection to the component manager at each of these
867 # components and gall redeem_ticket
869 for hostname in hostnames:
872 url = "https://%(hostname)s:%(cm_port)s" % locals()
873 print "Calling redeem_ticket at %(url)s " % locals(),
874 cm = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file, self.options.debug)
875 cm.redeem_ticket(slice_cred, ticket.save_to_string(save_parents=True))
877 except socket.gaierror:
879 print "Componet Manager not accepting requests"
881 print "Failed:", e.message
886 def delete(self, opts, args):
888 server = self.slicemgr
889 # direct connection to the nodes component manager interface
891 server = self.get_component_server_from_hrn(opts.component)
893 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
894 return server.delete_slice(slice_cred, slice_hrn)
897 def start(self, opts, args):
899 server = self.slicemgr
900 # direct connection to the nodes component manager interface
902 server = self.get_component_server_from_hrn(opts.component)
904 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
905 return server.start_slice(slice_cred, slice_hrn)
908 def stop(self, opts, args):
910 server = self.slicemgr
911 # direct connection to the nodes component manager interface
913 server = self.get_component_server_from_hrn(opts.component)
915 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
916 return server.stop_slice(slice_cred, slice_hrn)
919 def reset(self, opts, args):
921 server = self.slicemgr
922 # direct connection to the nodes component manager interface
924 server = self.get_component_server_from_hrn(opts.component)
925 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
926 return server.reset_slice(slice_cred, slice_hrn)
929 # GENI AM related calls
931 def GetVersion(self, opts, args):
932 server = self.geni_am
933 print server.GetVersion()
935 def ListResources(self, opts, args):
936 user_cred = self.get_user_cred().save_to_string(save_parents=True)
937 server = self.geni_am
938 call_options = {'geni_compressed': True}
943 cred = self.get_slice_cred(xrn).save_to_string(save_parents=True)
946 call_options['geni_slice_urn'] = xrn
948 rspec = server.ListResources([cred], call_options)
949 rspec = zlib.decompress(rspec.decode('base64'))
952 def CreateSliver(self, opts, args):
954 slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
955 rspec_file = self.get_rspec_file(args[1])
956 rspec = open(rspec_file).read()
957 server = self.geni_am
958 return server.CreateSliver(slice_xrn, [slice_cred], rspec, [])
960 def DeleteSliver(self, opts, args):
962 slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
963 server = self.geni_am
964 return server.DeleteSliver(slice_xrn, [slice_cred])
966 def SliverStatus(self, opts, args):
968 slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
969 server = self.geni_am
970 print server.SliverStatus(slice_xrn, [slice_cred])
972 def RenewSliver(self, opts, args):
974 slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
976 server = self.geni_am
977 return server.RenewSliver(slice_xrn, [slice_cred], time)
979 def Shutdown(self, opts, args):
981 slice_cred = self.get_slice_cred(slice_xrn).save_to_string(save_parents=True)
982 server = self.geni_am
983 return server.Shutdown(slice_xrn, [slice_cred])
986 # Main: parse arguments and dispatch to command
989 parser = self.create_parser()
990 (options, args) = parser.parse_args()
991 self.options = options
993 if options.hashrequest:
994 self.hashrequest = True
997 print "No command given. Use -h for help."
1001 (cmd_opts, cmd_args) = self.create_cmd_parser(command).parse_args(args[1:])
1002 if self.options.verbose :
1003 print "Registry %s, sm %s, dir %s, user %s, auth %s" % (options.registry, options.sm,
1004 options.sfi_dir, options.user,
1006 print "Command %s" % command
1007 if command in ("resources"):
1008 print "resources cmd_opts %s" % cmd_opts.format
1009 elif command in ("list", "show", "remove"):
1010 print "cmd_opts.type %s" % cmd_opts.type
1011 print "cmd_args %s" % cmd_args
1016 self.dispatch(command, cmd_opts, cmd_args)
1019 print "Command not found:", command
1024 if __name__ == "__main__":
git://git.onelab.eu / sfa.git / blob