3 # sfi -- slice-based facility interface
10 from types import StringTypes, ListType
11 from optparse import OptionParser
12 from sfa.trust.certificate import Keypair, Certificate
13 from sfa.trust.credential import Credential
14 from sfa.util.geniclient import GeniClient
15 from sfa.util.sfaticket import SfaTicket
16 from sfa.util.record import *
17 from sfa.util.misc import *
18 from sfa.util.rspec import RSpec
19 from sfa.util.xmlrpcprotocol import ServerException
20 import sfa.util.xmlrpcprotocol as xmlrpcprotocol
21 from sfa.util.config import Config
23 # utility methods here
25 def display_rspec(rspec, format = 'rspec'):
28 spec.parseString(rspec)
30 nodespecs = spec.getDictsByTagName('NodeSpec')
31 for nodespec in nodespecs:
32 if nodespec.has_key('name') and nodespec['name']:
33 if isinstance(nodespec['name'], ListType):
34 hostnames.extend(nodespec['name'])
35 elif isinstance(nodespec['name'], StringTypes):
36 hostnames.append(nodespec['name'])
38 elif format in ['ip']:
40 spec.parseString(rspec)
42 ifspecs = spec.getDictsByTagName('IfSpec')
43 for ifspec in ifspecs:
44 if ifspec.has_key('addr') and ifspec['addr']:
45 ips.append(ifspec['addr'])
53 def display_list(results):
54 for result in results:
58 def display_records(recordList, dump = False):
59 ''' Print all fields in the record'''
60 for record in recordList:
61 display_record(record, dump)
63 def display_record(record, dump = False):
67 info = record.getdict()
68 print "%s (%s)" % (info['hrn'], info['type'])
72 def filter_records(type, records):
74 for record in records:
75 if (record['type'] == type) or (type == "all"):
76 filtered_records.append(record)
77 return filtered_records
81 def save_rspec_to_file(rspec, filename):
82 if not filename.endswith(".rspec"):
83 filename = filename + ".rspec"
85 f = open(filename, 'w')
90 def save_records_to_file(filename, recordList):
92 for record in recordList:
94 save_record_to_file(filename + "." + str(index), record)
96 save_record_to_file(filename, record)
99 def save_record_to_file(filename, record):
100 if record['type'] in ['user']:
101 record = UserRecord(dict = record)
102 elif record['type'] in ['slice']:
103 record = SliceRecord(dict = record)
104 elif record['type'] in ['node']:
105 record = NodeRecord(dict = record)
106 elif record['type'] in ['authority', 'ma', 'sa']:
107 record = AuthorityRecord(dict = record)
109 record = GeniRecord(dict = record)
110 str = record.save_to_string()
111 file(filename, "w").write(str)
116 def load_record_from_file(filename):
117 str = file(filename, "r").read()
118 record = GeniRecord(string=str)
132 def create_cmd_parser(self,command, additional_cmdargs = None):
133 cmdargs = {"gid": "",
139 "aggregates": "[name]",
140 "registries": "[name]",
142 "resources": "[name]",
143 "create": "name rspec",
144 "get_trusted_certs": "cred",
145 "get_ticket": "name rspec",
146 "redeem_ticket": "ticket",
154 if additional_cmdargs:
155 cmdargs.update(additional_cmdargs)
157 if command not in cmdargs:
158 print "Invalid command\n"
160 for key in cmdargs.keys():
165 parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
166 % (command, cmdargs[command]))
168 if command in ("resources"):
169 parser.add_option("-f", "--format", dest="format",type="choice",
170 help="display format ([xml]|dns|ip)",default="xml",
171 choices=("xml","dns","ip"))
172 parser.add_option("-a", "--aggregate", dest="aggregate",
173 default=None, help="aggregate hrn")
175 if command in ("create", "get_ticket"):
176 parser.add_option("-a", "--aggregate", dest="aggregate",default=None,
177 help="aggregate hrn")
179 if command in ("start", "stop", "reset", "delete"):
180 parser.add_option("-c", "--component", dest="component",default=None,
181 help="component hrn")
183 if command in ("list", "show", "remove"):
184 parser.add_option("-t", "--type", dest="type",type="choice",
185 help="type filter ([all]|user|slice|sa|ma|node|aggregate)",
186 choices=("all","user","slice","sa","ma","node","aggregate"),
189 if command in ("resources", "show", "list"):
190 parser.add_option("-o", "--output", dest="file",
191 help="output XML to file", metavar="FILE", default=None)
193 if command in ("show", "list"):
194 parser.add_option("-f", "--format", dest="format", type="choice",
195 help="display format ([text]|xml)",default="text",
196 choices=("text","xml"))
198 if command in ("delegate"):
199 parser.add_option("-u", "--user",
200 action="store_true", dest="delegate_user", default=False,
201 help="delegate user credential")
202 parser.add_option("-s", "--slice", dest="delegate_slice",
203 help="delegate slice credential", metavar="HRN", default=None)
207 def create_parser(self):
209 # Generate command line parser
210 parser = OptionParser(usage="sfi [options] command [command_options] [command_args]",
211 description="Commands: gid,list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
212 parser.add_option("-r", "--registry", dest="registry",
213 help="root registry", metavar="URL", default=None)
214 parser.add_option("-s", "--slicemgr", dest="sm",
215 help="slice manager", metavar="URL", default=None)
216 default_sfi_dir=os.path.expanduser("~/.sfi/")
217 parser.add_option("-d", "--dir", dest="sfi_dir",
218 help="config & working directory - default is " + default_sfi_dir,
219 metavar="PATH", default = default_sfi_dir)
220 parser.add_option("-u", "--user", dest="user",
221 help="user name", metavar="HRN", default=None)
222 parser.add_option("-a", "--auth", dest="auth",
223 help="authority name", metavar="HRN", default=None)
224 parser.add_option("-v", "--verbose",
225 action="store_true", dest="verbose", default=False,
227 parser.add_option("-p", "--protocol",
228 dest="protocol", default="xmlrpc",
229 help="RPC protocol (xmlrpc or soap)")
230 parser.add_option("-k", "--hashrequest",
231 action="store_true", dest="hashrequest", default=False,
232 help="Create a hash of the request that will be authenticated on the server")
233 parser.disable_interspersed_args()
239 # Establish Connection to SliceMgr and Registry Servers
241 def set_servers(self):
242 config_file = self.options.sfi_dir + os.sep + "sfi_config"
244 config = Config (config_file)
246 print "Failed to read configuration file",config_file
247 print "Make sure to remove the export clauses and to add quotes"
248 if not self.options.verbose:
249 print "Re-run with -v for more details"
251 traceback.print_exc()
256 if (self.options.sm is not None):
257 sm_url = self.options.sm
258 elif hasattr(config,"SFI_SM"):
259 sm_url = config.SFI_SM
261 print "You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s"%config_file
265 if (self.options.registry is not None):
266 reg_url = self.options.registry
267 elif hasattr(config,"SFI_REGISTRY"):
268 reg_url = config.SFI_REGISTRY
270 print "You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s"%config_file
274 if (self.options.user is not None):
275 self.user = self.options.user
276 elif hasattr(config,"SFI_USER"):
277 self.user = config.SFI_USER
279 print "You need to set e.g. SFI_USER='plc.princeton.username' in %s"%config_file
283 if (self.options.auth is not None):
284 self.authority = self.options.auth
285 elif hasattr(config,"SFI_AUTH"):
286 self.authority = config.SFI_AUTH
288 print "You need to set e.g. SFI_AUTH='plc.princeton' in %s"%config_file
294 if self.options.verbose :
295 print "Contacting Slice Manager at:", sm_url
296 print "Contacting Registry at:", reg_url
298 # Get key and certificate
299 key_file = self.get_key_file()
300 cert_file = self.get_cert_file(key_file)
301 self.key = Keypair(filename=key_file)
302 self.key_file = key_file
303 self.cert_file = cert_file
304 self.cert = Certificate(filename=cert_file)
305 # Establish connection to server(s)
306 #self.slicemgr = GeniClient(sm_url, key_file, cert_file, self.options.protocol)
307 #self.registry = GeniClient(reg_url, key_file, cert_file, self.options.protocol)
308 self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file)
309 self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file)
313 # Get various credential and spec files
315 # Establishes limiting conventions
316 # - conflates MAs and SAs
317 # - assumes last token in slice name is unique
319 # Bootstraps credentials
320 # - bootstrap user credential from self-signed certificate
321 # - bootstrap authority credential from user credential
322 # - bootstrap slice credential from user credential
326 def get_key_file(self):
327 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".pkey")
328 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".pkey")
329 if (os.path.isfile(file)):
332 print "Key file", file, "does not exist"
336 def get_cert_file(self,key_file):
338 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cert")
339 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert")
340 if (os.path.isfile(file)):
343 k = Keypair(filename = key_file)
344 cert = Certificate(subject=self.user)
346 cert.set_issuer(k, self.user)
348 if self.options.verbose :
349 print "Writing self-signed certificate to", file
350 cert.save_to_file(file)
354 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".gid")
355 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".gid")
356 if (os.path.isfile(file)):
357 gid = GID(filename=file)
360 cert_str = self.cert.save_to_string(save_parents=True)
363 request_hash = self.key.compute_hash([cert_str, self.user, "user"])
364 gid_str = self.registry.get_gid(cert_str, self.user, "user", request_hash)
365 gid = GID(string=gid_str)
366 if self.options.verbose:
367 print "Writing user gid to", file
368 gid.save_to_file(file, save_parents=True)
371 def get_user_cred(self):
372 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cred")
373 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cred")
374 if (os.path.isfile(file)):
375 user_cred = Credential(filename=file)
378 # bootstrap user credential
379 cert_string = self.cert.save_to_string(save_parents=True)
382 request_hash = self.key.compute_hash([cert_string, "user", self.user])
383 user_name=self.user.replace(self.authority+".", '')
384 if user_name.count(".") > 0:
385 user_name = user_name.replace(".", '_')
386 self.user=self.authority + "." + user_name
387 user_cred = self.registry.get_self_credential(cert_string, "user", self.user, request_hash)
389 cred = Credential(string=user_cred)
390 cred.save_to_file(file, save_parents=True)
391 if self.options.verbose:
392 print "Writing user credential to", file
395 print "Failed to get user credential"
398 def get_auth_cred(self):
399 if not self.authority:
400 print "no authority specified. Use -a or set SF_AUTH"
403 file = os.path.join(self.options.sfi_dir, get_leaf("authority") +".cred")
404 if (os.path.isfile(file)):
405 auth_cred = Credential(filename=file)
408 # bootstrap authority credential from user credential
409 user_cred = self.get_user_cred().save_to_string(save_parents=True)
412 request_hash = self.key.compute_hash([user_cred, "authority", self.authority])
413 auth_cred = self.registry.get_credential(user_cred, "authority", self.authority, request_hash)
415 cred = Credential(string=auth_cred)
416 cred.save_to_file(file, save_parents=True)
417 if self.options.verbose:
418 print "Writing authority credential to", file
421 print "Failed to get authority credential"
424 def get_slice_cred(self,name):
425 file = os.path.join(self.options.sfi_dir, "slice_" + get_leaf(name) + ".cred")
426 if (os.path.isfile(file)):
427 slice_cred = Credential(filename=file)
430 # bootstrap slice credential from user credential
431 user_cred = self.get_user_cred().save_to_string(save_parents=True)
432 arg_list = [user_cred, "slice", name]
435 request_hash = self.key.compute_hash(arg_list)
436 slice_cred_str = self.registry.get_credential(user_cred, "slice", name, request_hash)
438 slice_cred = Credential(string=slice_cred_str)
439 slice_cred.save_to_file(file, save_parents=True)
440 if self.options.verbose:
441 print "Writing slice credential to", file
444 print "Failed to get slice credential"
447 def delegate_cred(self,cred, hrn, type = 'authority'):
448 # the gid and hrn of the object we are delegating
449 object_gid = cred.get_gid_object()
450 object_hrn = object_gid.get_hrn()
451 cred.set_delegate(True)
452 if not cred.get_delegate():
453 raise Exception, "Error: Object credential %(object_hrn)s does not have delegate bit set" % locals()
456 records = self.registry.resolve(cred, hrn)
457 records = filter_records(type, records)
460 raise Exception, "Error: Didn't find a %(type)s record for %(hrn)s" % locals()
462 # the gid of the user who will be delegated too
463 delegee_gid = records[0].get_gid_object()
464 delegee_hrn = delegee_gid.get_hrn()
466 # the key and hrn of the user who will be delegating
467 user_key = Keypair(filename = self.get_key_file())
468 user_hrn = cred.get_gid_caller().get_hrn()
470 dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
471 dcred.set_gid_caller(delegee_gid)
472 dcred.set_gid_object(object_gid)
473 dcred.set_privileges(cred.get_privileges())
474 dcred.set_delegate(True)
475 dcred.set_pubkey(object_gid.get_pubkey())
476 dcred.set_issuer(user_key, user_hrn)
477 dcred.set_parent(cred)
483 def get_rspec_file(self,rspec):
484 if (os.path.isabs(rspec)):
487 file = os.path.join(self.options.sfi_dir, rspec)
488 if (os.path.isfile(file)):
491 print "No such rspec file", rspec
494 def get_record_file(self,record):
495 if (os.path.isabs(record)):
498 file = os.path.join(self.options.sfi_dir, record)
499 if (os.path.isfile(file)):
502 print "No such registry record file", record
505 def load_publickey_string(self,fn):
507 key_string = f.read()
509 # if the filename is a private key file, then extract the public key
510 if "PRIVATE KEY" in key_string:
511 outfn = tempfile.mktemp()
512 cmd = "openssl rsa -in " + fn + " -pubout -outform PEM -out " + outfn
515 key_string = f.read()
520 def get_component_server_from_hrn(hrn):
521 # direct connection to the nodes component manager interface
522 user_cred = self.get_user_cred().save_to_string(save_parents=True)
523 request_hash = self.key.compute_hash([user_cred, hrn])
524 records = self.registry.resolve(user_cred, hrn, request_hash)
525 records = filter_records('node', records)
527 print "No such component:", opts.component
530 url = "https://%s:%s" % (record['hostname'], cm_port)
531 return xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
534 # Following functions implement the commands
536 # Registry-related commands
539 def dispatch(self,command, cmd_opts, cmd_args):
540 getattr(self,command)(cmd_opts, cmd_args)
542 def gid(self, opts, args):
544 print "GID: %s" % (gid.save_to_string(save_parents=True))
547 # list entires in named authority registry
548 def list(self,opts, args):
549 user_cred = self.get_user_cred().save_to_string(save_parents=True)
553 request_hash = self.key.compute_hash([user_cred, hrn])
555 list = self.registry.list(user_cred, hrn, request_hash)
557 raise Exception, "Not enough parameters for the 'list' command"
559 # filter on person, slice, site, node, etc.
560 # THis really should be in the self.filter_records funct def comment...
561 list = filter_records(opts.type, list)
563 print "%s (%s)" % (record['hrn'], record['type'])
566 if not file.startswith(os.sep):
567 file = os.path.join(self.options.sfi_dir, file)
568 save_records_to_file(file, list)
571 # show named registry record
572 def show(self,opts, args):
573 user_cred = self.get_user_cred().save_to_string(save_parents=True)
577 request_hash = self.key.compute_hash([user_cred, hrn])
578 records = self.registry.resolve(user_cred, hrn, request_hash)
579 records = filter_records(opts.type, records)
581 print "No record of type", opts.type
582 for record in records:
583 if record['type'] in ['user']:
584 record = UserRecord(dict = record)
585 elif record['type'] in ['slice']:
586 record = SliceRecord(dict = record)
587 elif record['type'] in ['node']:
588 record = NodeRecord(dict = record)
589 elif record['type'] in ['authority', 'ma', 'sa']:
590 record = AuthorityRecord(dict = record)
592 record = GeniRecord(dict = record)
593 if (opts.format=="text"):
596 print record.save_to_string()
600 if not file.startswith(os.sep):
601 file = os.path.join(self.options.sfi_dir, file)
602 save_records_to_file(file, records)
605 def delegate(self,opts, args):
606 user_cred = self.get_user_cred()
607 if opts.delegate_user:
608 object_cred = user_cred
609 elif opts.delegate_slice:
610 object_cred = self.get_slice_cred(opts.delegate_slice)
612 print "Must specify either --user or --slice <hrn>"
615 # the gid and hrn of the object we are delegating
616 object_gid = object_cred.get_gid_object()
617 object_hrn = object_gid.get_hrn()
619 if not object_cred.get_delegate():
620 print "Error: Object credential", object_hrn, "does not have delegate bit set"
623 records = self.registry.resolve(user_cred, args[0])
624 records = filter_records("user", records)
627 print "Error: Didn't find a user record for", args[0]
630 # the gid of the user who will be delegated too
631 delegee_gid = records[0].get_gid_object()
632 delegee_hrn = delegee_gid.get_hrn()
634 # the key and hrn of the user who will be delegating
635 user_key = Keypair(filename = self.get_key_file())
636 user_hrn = user_cred.get_gid_caller().get_hrn()
638 dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
639 dcred.set_gid_caller(delegee_gid)
640 dcred.set_gid_object(object_gid)
641 dcred.set_privileges(object_cred.get_privileges())
642 dcred.set_delegate(True)
643 dcred.set_pubkey(object_gid.get_pubkey())
644 dcred.set_issuer(user_key, user_hrn)
645 dcred.set_parent(object_cred)
649 if opts.delegate_user:
650 dest_fn = os.path.join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_"
651 + get_leaf(object_hrn) + ".cred")
652 elif opts.delegate_slice:
653 dest_fn = os.path_join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_slice_"
654 + get_leaf(object_hrn) + ".cred")
656 dcred.save_to_file(dest_fn, save_parents = True)
658 print "delegated credential for", object_hrn, "to", delegee_hrn, "and wrote to", dest_fn
660 # removed named registry record
661 # - have to first retrieve the record to be removed
662 def remove(self,opts, args):
663 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
670 arg_list = [auth_cred, type, hrn]
671 request_hash = self.key.compute_hash(arg_list)
672 return self.registry.remove(auth_cred, type, hrn, request_hash)
674 # add named registry record
675 def add(self,opts, args):
676 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
677 record_filepath = args[0]
678 rec_file = self.get_record_file(record_filepath)
679 record = load_record_from_file(rec_file).as_dict()
682 arg_list = [auth_cred]
683 request_hash = self.key.compute_hash(arg_list)
684 return self.registry.register(auth_cred, record, request_hash)
686 # update named registry entry
687 def update(self,opts, args):
688 user_cred = self.get_user_cred()
689 rec_file = self.get_record_file(args[0])
690 record = load_record_from_file(rec_file)
691 if record['type'] == "user":
692 if record.get_name() == user_cred.get_gid_object().get_hrn():
693 cred = user_cred.save_to_string(save_parents=True)
695 cred = self.get_auth_cred().save_to_string(save_parents=True)
696 elif record['type'] in ["slice"]:
698 cred = self.get_slice_cred(record.get_name()).save_to_string(save_parents=True)
699 except ServerException, e:
700 # XXX smbaker -- once we have better error return codes, update this
701 # to do something better than a string compare
702 if "Permission error" in e.args[0]:
703 cred = self.get_auth_cred().save_to_string(save_parents=True)
706 elif record.get_type() in ["authority"]:
707 cred = self.get_auth_cred().save_to_string(save_parents=True)
708 elif record.get_type() == 'node':
709 cred = self.get_auth_cred().save_to_string(save_parents=True)
711 raise "unknown record type" + record.get_type()
712 record = record.as_dict()
716 request_hash = self.key.compute_hash(arg_list)
717 return self.registry.update(cred, record, request_hash)
719 def get_trusted_certs(self, opts, args):
721 return the trusted certs at this interface
723 trusted_certs = self.registry.get_trusted_certs()
724 for trusted_cert in trusted_certs:
725 cert = Certificate(string=trusted_cert)
726 print cert.get_subject()
729 def aggregates(self, opts, args):
731 return a list of details about known aggregates
733 user_cred = self.get_user_cred().save_to_string(save_parents=True)
739 arg_list = [user_cred, hrn]
740 request_hash = self.key.compute_hash(arg_list)
741 result = self.registry.get_aggregates(user_cred, hrn, request_hash)
745 def registries(self, opts, args):
747 return a list of details about known registries
749 user_cred = self.get_user_cred().save_to_string(save_parents=True)
755 arg_list = [user_cred, hrn]
756 request_hash = self.key.compute_hash(arg_list)
757 result = self.registry.get_registries(user_cred, hrn, request_hash)
763 # Slice-related commands
766 # list available nodes -- use 'resources' w/ no argument instead
768 # list instantiated slices
769 def slices(self,opts, args):
770 user_cred = self.get_user_cred().save_to_string(save_parents=True)
773 arg_list = [user_cred]
774 request_hash = self.key.compute_hash(arg_list)
775 results = self.slicemgr.get_slices(user_cred, request_hash)
776 display_list(results)
779 # show rspec for named slice
780 def resources(self,opts, args):
781 user_cred = self.get_user_cred().save_to_string(save_parents=True)
782 server = self.slicemgr
784 agg_hrn = opts.aggregate
785 arg_list = [user_cred, agg_hrn]
786 request_hash = self.key.compute_hash(arg_list)
787 aggregates = self.registry.get_aggregates(user_cred, agg_hrn, request_hash)
789 raise Exception, "No such aggregate %s" % agg_hrn
790 aggregate = aggregates[0]
791 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
792 server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
794 cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
802 arg_list = [cred, hrn]
803 request_hash = self.key.compute_hash(arg_list)
804 result = server.get_resources(cred, hrn, request_hash)
807 display_rspec(result, format)
808 if (opts.file is not None):
810 if not file.startswith(os.sep):
811 file = os.path.join(self.options.sfi_dir, file)
812 save_rspec_to_file(result, file)
815 # created named slice with given rspec
816 def create(self,opts, args):
818 user_cred = self.get_user_cred()
819 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
820 rspec_file = self.get_rspec_file(args[1])
821 rspec=open(rspec_file).read()
822 server = self.slicemgr
824 aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
826 raise Exception, "No such aggregate %s" % opts.aggregate
827 aggregate = aggregates[0]
828 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
829 server = GeniClient(url, self.key_file, self.cert_file, self.options.protocol)
832 arg_list = [slice_cred, slice_hrn, rspec]
833 request_hash = self.key.compute_hash(arg_list)
834 return server.create_slice(slice_cred, slice_hrn, rspec, request_hash)
836 # get a ticket for the specified slice
837 def get_ticket(self, opts, args):
838 slice_hrn, rspec_path = args[0], args[1]
839 user_cred = self.get_user_cred()
840 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
841 rspec_file = self.get_rspec_file(rspec_path)
842 rspec=open(rspec_file).read()
843 server = self.slicemgr
845 aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
847 raise Exception, "No such aggregate %s" % opts.aggregate
848 aggregate = aggregates[0]
849 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
850 server = GeniClient(url, self.key_file, self.cert_file, self.options.protocol)
853 arg_list = [slice_cred, slice_hrn, rspec]
854 request_hash = self.key.compute_hash(arg_list)
855 ticket_string = server.get_ticket(slice_cred, slice_hrn, rspec, request_hash)
856 file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
857 print "writing ticket to ", file
858 ticket = SfaTicket(string=ticket_string)
859 ticket.save_to_file(filename=file, save_parents=True)
861 def redeem_ticket(self, opts, args):
862 ticket_file = args[0]
864 # get slice hrn from the ticket
865 # use this to get the right slice credential
866 ticket = SfaTicket(filename=ticket_file)
868 slice_hrn = ticket.attributes['slivers'][0]['hrn']
869 user_cred = self.get_user_cred()
870 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
872 # get a list node hostnames from the nodespecs in the rspec
874 rspec.parseString(ticket.rspec)
875 nodespecs = rspec.getDictsByTagName('NodeSpec')
876 hostnames = [nodespec['name'] for nodespec in nodespecs]
878 # create an xmlrpc connection to the component manager at each of these
879 # components and gall redeem_ticket
881 for hostname in hostnames:
884 url = "https://%(hostname)s:%(cm_port)s" % locals()
885 print "Calling get_ticket at %(url)s " % locals(),
886 cm = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
887 cm.redeem_ticket(slice_cred, ticket.save_to_string(save_parents=True))
889 except socket.gaierror:
891 print "Componet Manager not accepting requests"
893 print "Failed:", e.message
898 def delete(self,opts, args):
900 server = self.slicemgr
901 # direct connection to the nodes component manager interface
903 server = self.get_component_server_from_hrn(opts.component)
905 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
908 arg_list = [slice_cred, slice_hrn]
909 request_hash = self.key.compute_hash(arg_list)
910 return server.delete_slice(slice_cred, slice_hrn, request_hash)
913 def start(self,opts, args):
915 server = self.slicemgr
916 # direct connection to the nodes component manager interface
918 server = self.get_component_server_from_hrn(opts.component)
920 slice_cred = self.get_slice_cred(args[0])
923 arg_list = [slice_cred, slice_hrn]
924 request_hash = self.key.compute_hash(arg_list)
925 return server.start_slice(slice_cred, slice_hrn, request_hash)
928 def stop(self,opts, args):
930 server = self.slicemgr
931 # direct connection to the nodes component manager interface
933 server = self.get_component_server_from_hrn(opts.component)
935 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
938 arg_list = [slice_cred, slice_hrn]
939 request_hash = self.key.compute_hash(arg_list)
940 return server.stop_slice(slice_cred, slice_hrn, request_hash)
943 def reset(self,opts, args):
945 server = self.slicemgr
946 # direct connection to the nodes component manager interface
948 server = self.get_component_server_from_hrn(opts.component)
949 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
952 arg_list = [slice_cred, slice_hrn]
953 request_hash = self.key.compute_hash(arg_list)
954 return server.reset_slice(slice_cred, slice_hrn, request_hash)
957 # Main: parse arguments and dispatch to command
960 parser = self.create_parser()
961 (options, args) = parser.parse_args()
962 self.options = options
964 if options.hashrequest:
965 self.hashrequest=True
968 print "No command given. Use -h for help."
972 (cmd_opts, cmd_args) = self.create_cmd_parser(command).parse_args(args[1:])
973 if self.options.verbose :
974 print "Registry %s, sm %s, dir %s, user %s, auth %s" % (options.registry, options.sm,
975 options.sfi_dir, options.user,
977 print "Command %s" %command
978 if command in ("resources"):
979 print "resources cmd_opts %s" %cmd_opts.format
980 elif command in ("list","show","remove"):
981 print "cmd_opts.type %s" %cmd_opts.type
982 print "cmd_args %s" %cmd_args
987 self.dispatch(command, cmd_opts, cmd_args)
990 print "Command not found:", command
995 if __name__=="__main__":