3 # sfi -- slice-based facility interface
11 from types import StringTypes, ListType
12 from optparse import OptionParser
13 from sfa.trust.certificate import Keypair, Certificate
14 from sfa.trust.credential import Credential
15 from sfa.util.geniclient import GeniClient
16 from sfa.util.sfaticket import SfaTicket
17 from sfa.util.record import *
18 from sfa.util.misc import *
19 from sfa.util.rspec import RSpec
20 from sfa.util.xmlrpcprotocol import ServerException
21 import sfa.util.xmlrpcprotocol as xmlrpcprotocol
22 from sfa.util.config import Config
24 # utility methods here
26 def display_rspec(rspec, format = 'rspec'):
29 spec.parseString(rspec)
31 nodespecs = spec.getDictsByTagName('NodeSpec')
32 for nodespec in nodespecs:
33 if nodespec.has_key('name') and nodespec['name']:
34 if isinstance(nodespec['name'], ListType):
35 hostnames.extend(nodespec['name'])
36 elif isinstance(nodespec['name'], StringTypes):
37 hostnames.append(nodespec['name'])
39 elif format in ['ip']:
41 spec.parseString(rspec)
43 ifspecs = spec.getDictsByTagName('IfSpec')
44 for ifspec in ifspecs:
45 if ifspec.has_key('addr') and ifspec['addr']:
46 ips.append(ifspec['addr'])
54 def display_list(results):
55 for result in results:
59 def display_records(recordList, dump = False):
60 ''' Print all fields in the record'''
61 for record in recordList:
62 display_record(record, dump)
64 def display_record(record, dump = False):
68 info = record.getdict()
69 print "%s (%s)" % (info['hrn'], info['type'])
73 def filter_records(type, records):
75 for record in records:
76 if (record['type'] == type) or (type == "all"):
77 filtered_records.append(record)
78 return filtered_records
82 def save_rspec_to_file(rspec, filename):
83 if not filename.endswith(".rspec"):
84 filename = filename + ".rspec"
86 f = open(filename, 'w')
91 def save_records_to_file(filename, recordList):
93 for record in recordList:
95 save_record_to_file(filename + "." + str(index), record)
97 save_record_to_file(filename, record)
100 def save_record_to_file(filename, record):
101 if record['type'] in ['user']:
102 record = UserRecord(dict = record)
103 elif record['type'] in ['slice']:
104 record = SliceRecord(dict = record)
105 elif record['type'] in ['node']:
106 record = NodeRecord(dict = record)
107 elif record['type'] in ['authority', 'ma', 'sa']:
108 record = AuthorityRecord(dict = record)
110 record = GeniRecord(dict = record)
111 str = record.save_to_string()
112 file(filename, "w").write(str)
117 def load_record_from_file(filename):
118 str = file(filename, "r").read()
119 record = GeniRecord(string=str)
133 def create_cmd_parser(self,command, additional_cmdargs = None):
134 cmdargs = {"gid": "",
140 "aggregates": "[name]",
141 "registries": "[name]",
143 "resources": "[name]",
144 "create": "name rspec",
145 "get_trusted_certs": "cred",
146 "get_ticket": "name rspec",
147 "redeem_ticket": "ticket",
155 if additional_cmdargs:
156 cmdargs.update(additional_cmdargs)
158 if command not in cmdargs:
159 print "Invalid command\n"
161 for key in cmdargs.keys():
166 parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
167 % (command, cmdargs[command]))
169 if command in ("resources"):
170 parser.add_option("-f", "--format", dest="format",type="choice",
171 help="display format ([xml]|dns|ip)",default="xml",
172 choices=("xml","dns","ip"))
173 parser.add_option("-a", "--aggregate", dest="aggregate",
174 default=None, help="aggregate hrn")
176 if command in ("create", "get_ticket"):
177 parser.add_option("-a", "--aggregate", dest="aggregate",default=None,
178 help="aggregate hrn")
180 if command in ("start", "stop", "reset", "delete", "slices"):
181 parser.add_option("-c", "--component", dest="component",default=None,
182 help="component hrn")
184 if command in ("list", "show", "remove"):
185 parser.add_option("-t", "--type", dest="type",type="choice",
186 help="type filter ([all]|user|slice|sa|ma|node|aggregate)",
187 choices=("all","user","slice","sa","ma","node","aggregate"),
190 if command in ("resources", "show", "list"):
191 parser.add_option("-o", "--output", dest="file",
192 help="output XML to file", metavar="FILE", default=None)
194 if command in ("show", "list"):
195 parser.add_option("-f", "--format", dest="format", type="choice",
196 help="display format ([text]|xml)",default="text",
197 choices=("text","xml"))
199 if command in ("delegate"):
200 parser.add_option("-u", "--user",
201 action="store_true", dest="delegate_user", default=False,
202 help="delegate user credential")
203 parser.add_option("-s", "--slice", dest="delegate_slice",
204 help="delegate slice credential", metavar="HRN", default=None)
208 def create_parser(self):
210 # Generate command line parser
211 parser = OptionParser(usage="sfi [options] command [command_options] [command_args]",
212 description="Commands: gid,list,show,remove,add,update,nodes,slices,resources,create,delete,start,stop,reset")
213 parser.add_option("-r", "--registry", dest="registry",
214 help="root registry", metavar="URL", default=None)
215 parser.add_option("-s", "--slicemgr", dest="sm",
216 help="slice manager", metavar="URL", default=None)
217 default_sfi_dir=os.path.expanduser("~/.sfi/")
218 parser.add_option("-d", "--dir", dest="sfi_dir",
219 help="config & working directory - default is " + default_sfi_dir,
220 metavar="PATH", default = default_sfi_dir)
221 parser.add_option("-u", "--user", dest="user",
222 help="user name", metavar="HRN", default=None)
223 parser.add_option("-a", "--auth", dest="auth",
224 help="authority name", metavar="HRN", default=None)
225 parser.add_option("-v", "--verbose",
226 action="store_true", dest="verbose", default=False,
228 parser.add_option("-p", "--protocol",
229 dest="protocol", default="xmlrpc",
230 help="RPC protocol (xmlrpc or soap)")
231 parser.add_option("-k", "--hashrequest",
232 action="store_true", dest="hashrequest", default=False,
233 help="Create a hash of the request that will be authenticated on the server")
234 parser.disable_interspersed_args()
240 # Establish Connection to SliceMgr and Registry Servers
242 def set_servers(self):
243 config_file = self.options.sfi_dir + os.sep + "sfi_config"
245 config = Config (config_file)
247 print "Failed to read configuration file",config_file
248 print "Make sure to remove the export clauses and to add quotes"
249 if not self.options.verbose:
250 print "Re-run with -v for more details"
252 traceback.print_exc()
257 if (self.options.sm is not None):
258 sm_url = self.options.sm
259 elif hasattr(config,"SFI_SM"):
260 sm_url = config.SFI_SM
262 print "You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s"%config_file
266 if (self.options.registry is not None):
267 reg_url = self.options.registry
268 elif hasattr(config,"SFI_REGISTRY"):
269 reg_url = config.SFI_REGISTRY
271 print "You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s"%config_file
275 if (self.options.user is not None):
276 self.user = self.options.user
277 elif hasattr(config,"SFI_USER"):
278 self.user = config.SFI_USER
280 print "You need to set e.g. SFI_USER='plc.princeton.username' in %s"%config_file
284 if (self.options.auth is not None):
285 self.authority = self.options.auth
286 elif hasattr(config,"SFI_AUTH"):
287 self.authority = config.SFI_AUTH
289 print "You need to set e.g. SFI_AUTH='plc.princeton' in %s"%config_file
295 if self.options.verbose :
296 print "Contacting Slice Manager at:", sm_url
297 print "Contacting Registry at:", reg_url
299 # Get key and certificate
300 key_file = self.get_key_file()
301 cert_file = self.get_cert_file(key_file)
302 self.key = Keypair(filename=key_file)
303 self.key_file = key_file
304 self.cert_file = cert_file
305 self.cert = Certificate(filename=cert_file)
306 # Establish connection to server(s)
307 #self.slicemgr = GeniClient(sm_url, key_file, cert_file, self.options.protocol)
308 #self.registry = GeniClient(reg_url, key_file, cert_file, self.options.protocol)
309 self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file)
310 self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file)
314 # Get various credential and spec files
316 # Establishes limiting conventions
317 # - conflates MAs and SAs
318 # - assumes last token in slice name is unique
320 # Bootstraps credentials
321 # - bootstrap user credential from self-signed certificate
322 # - bootstrap authority credential from user credential
323 # - bootstrap slice credential from user credential
327 def get_key_file(self):
328 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".pkey")
329 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".pkey")
330 if (os.path.isfile(file)):
333 print "Key file", file, "does not exist"
337 def get_cert_file(self,key_file):
339 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cert")
340 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cert")
341 if (os.path.isfile(file)):
344 k = Keypair(filename = key_file)
345 cert = Certificate(subject=self.user)
347 cert.set_issuer(k, self.user)
349 if self.options.verbose :
350 print "Writing self-signed certificate to", file
351 cert.save_to_file(file)
355 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".gid")
356 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".gid")
357 if (os.path.isfile(file)):
358 gid = GID(filename=file)
361 cert_str = self.cert.save_to_string(save_parents=True)
364 request_hash = self.key.compute_hash([cert_str, self.user, "user"])
365 gid_str = self.registry.get_gid(cert_str, self.user, "user", request_hash)
366 gid = GID(string=gid_str)
367 if self.options.verbose:
368 print "Writing user gid to", file
369 gid.save_to_file(file, save_parents=True)
372 def get_user_cred(self):
373 #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".cred")
374 file=os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".cred")
375 if (os.path.isfile(file)):
376 user_cred = Credential(filename=file)
379 # bootstrap user credential
380 cert_string = self.cert.save_to_string(save_parents=True)
383 request_hash = self.key.compute_hash([cert_string, "user", self.user])
384 user_name=self.user.replace(self.authority+".", '')
385 if user_name.count(".") > 0:
386 user_name = user_name.replace(".", '_')
387 self.user=self.authority + "." + user_name
388 user_cred = self.registry.get_self_credential(cert_string, "user", self.user, request_hash)
390 cred = Credential(string=user_cred)
391 cred.save_to_file(file, save_parents=True)
392 if self.options.verbose:
393 print "Writing user credential to", file
396 print "Failed to get user credential"
399 def get_auth_cred(self):
400 if not self.authority:
401 print "no authority specified. Use -a or set SF_AUTH"
404 file = os.path.join(self.options.sfi_dir, get_leaf("authority") +".cred")
405 if (os.path.isfile(file)):
406 auth_cred = Credential(filename=file)
409 # bootstrap authority credential from user credential
410 user_cred = self.get_user_cred().save_to_string(save_parents=True)
413 request_hash = self.key.compute_hash([user_cred, "authority", self.authority])
414 auth_cred = self.registry.get_credential(user_cred, "authority", self.authority, request_hash)
416 cred = Credential(string=auth_cred)
417 cred.save_to_file(file, save_parents=True)
418 if self.options.verbose:
419 print "Writing authority credential to", file
422 print "Failed to get authority credential"
425 def get_slice_cred(self,name):
426 file = os.path.join(self.options.sfi_dir, "slice_" + get_leaf(name) + ".cred")
427 if (os.path.isfile(file)):
428 slice_cred = Credential(filename=file)
431 # bootstrap slice credential from user credential
432 user_cred = self.get_user_cred().save_to_string(save_parents=True)
433 arg_list = [user_cred, "slice", name]
436 request_hash = self.key.compute_hash(arg_list)
437 slice_cred_str = self.registry.get_credential(user_cred, "slice", name, request_hash)
439 slice_cred = Credential(string=slice_cred_str)
440 slice_cred.save_to_file(file, save_parents=True)
441 if self.options.verbose:
442 print "Writing slice credential to", file
445 print "Failed to get slice credential"
448 def delegate_cred(self,cred, hrn, type = 'authority'):
449 # the gid and hrn of the object we are delegating
450 object_gid = cred.get_gid_object()
451 object_hrn = object_gid.get_hrn()
452 cred.set_delegate(True)
453 if not cred.get_delegate():
454 raise Exception, "Error: Object credential %(object_hrn)s does not have delegate bit set" % locals()
457 records = self.registry.resolve(cred, hrn)
458 records = filter_records(type, records)
461 raise Exception, "Error: Didn't find a %(type)s record for %(hrn)s" % locals()
463 # the gid of the user who will be delegated too
464 delegee_gid = records[0].get_gid_object()
465 delegee_hrn = delegee_gid.get_hrn()
467 # the key and hrn of the user who will be delegating
468 user_key = Keypair(filename = self.get_key_file())
469 user_hrn = cred.get_gid_caller().get_hrn()
471 dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
472 dcred.set_gid_caller(delegee_gid)
473 dcred.set_gid_object(object_gid)
474 dcred.set_privileges(cred.get_privileges())
475 dcred.set_delegate(True)
476 dcred.set_pubkey(object_gid.get_pubkey())
477 dcred.set_issuer(user_key, user_hrn)
478 dcred.set_parent(cred)
484 def get_rspec_file(self,rspec):
485 if (os.path.isabs(rspec)):
488 file = os.path.join(self.options.sfi_dir, rspec)
489 if (os.path.isfile(file)):
492 print "No such rspec file", rspec
495 def get_record_file(self,record):
496 if (os.path.isabs(record)):
499 file = os.path.join(self.options.sfi_dir, record)
500 if (os.path.isfile(file)):
503 print "No such registry record file", record
506 def load_publickey_string(self,fn):
508 key_string = f.read()
510 # if the filename is a private key file, then extract the public key
511 if "PRIVATE KEY" in key_string:
512 outfn = tempfile.mktemp()
513 cmd = "openssl rsa -in " + fn + " -pubout -outform PEM -out " + outfn
516 key_string = f.read()
521 def get_component_server_from_hrn(self, hrn):
522 # direct connection to the nodes component manager interface
523 user_cred = self.get_user_cred().save_to_string(save_parents=True)
524 request_hash = self.key.compute_hash([user_cred, hrn])
525 records = self.registry.resolve(user_cred, hrn, request_hash)
526 records = filter_records('node', records)
528 print "No such component:", opts.component
531 url = "https://%s:%s" % (record['hostname'], cm_port)
532 return xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
535 # Following functions implement the commands
537 # Registry-related commands
540 def dispatch(self,command, cmd_opts, cmd_args):
541 getattr(self,command)(cmd_opts, cmd_args)
543 def gid(self, opts, args):
545 print "GID: %s" % (gid.save_to_string(save_parents=True))
548 # list entires in named authority registry
549 def list(self,opts, args):
550 user_cred = self.get_user_cred().save_to_string(save_parents=True)
554 request_hash = self.key.compute_hash([user_cred, hrn])
556 list = self.registry.list(user_cred, hrn, request_hash)
558 raise Exception, "Not enough parameters for the 'list' command"
560 # filter on person, slice, site, node, etc.
561 # THis really should be in the self.filter_records funct def comment...
562 list = filter_records(opts.type, list)
564 print "%s (%s)" % (record['hrn'], record['type'])
567 if not file.startswith(os.sep):
568 file = os.path.join(self.options.sfi_dir, file)
569 save_records_to_file(file, list)
572 # show named registry record
573 def show(self,opts, args):
574 user_cred = self.get_user_cred().save_to_string(save_parents=True)
578 request_hash = self.key.compute_hash([user_cred, hrn])
579 records = self.registry.resolve(user_cred, hrn, request_hash)
580 records = filter_records(opts.type, records)
582 print "No record of type", opts.type
583 for record in records:
584 if record['type'] in ['user']:
585 record = UserRecord(dict = record)
586 elif record['type'] in ['slice']:
587 record = SliceRecord(dict = record)
588 elif record['type'] in ['node']:
589 record = NodeRecord(dict = record)
590 elif record['type'] in ['authority', 'ma', 'sa']:
591 record = AuthorityRecord(dict = record)
593 record = GeniRecord(dict = record)
594 if (opts.format=="text"):
597 print record.save_to_string()
601 if not file.startswith(os.sep):
602 file = os.path.join(self.options.sfi_dir, file)
603 save_records_to_file(file, records)
606 def delegate(self,opts, args):
607 user_cred = self.get_user_cred()
608 if opts.delegate_user:
609 object_cred = user_cred
610 elif opts.delegate_slice:
611 object_cred = self.get_slice_cred(opts.delegate_slice)
613 print "Must specify either --user or --slice <hrn>"
616 # the gid and hrn of the object we are delegating
617 object_gid = object_cred.get_gid_object()
618 object_hrn = object_gid.get_hrn()
620 if not object_cred.get_delegate():
621 print "Error: Object credential", object_hrn, "does not have delegate bit set"
624 records = self.registry.resolve(user_cred, args[0])
625 records = filter_records("user", records)
628 print "Error: Didn't find a user record for", args[0]
631 # the gid of the user who will be delegated too
632 delegee_gid = records[0].get_gid_object()
633 delegee_hrn = delegee_gid.get_hrn()
635 # the key and hrn of the user who will be delegating
636 user_key = Keypair(filename = self.get_key_file())
637 user_hrn = user_cred.get_gid_caller().get_hrn()
639 dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
640 dcred.set_gid_caller(delegee_gid)
641 dcred.set_gid_object(object_gid)
642 dcred.set_privileges(object_cred.get_privileges())
643 dcred.set_delegate(True)
644 dcred.set_pubkey(object_gid.get_pubkey())
645 dcred.set_issuer(user_key, user_hrn)
646 dcred.set_parent(object_cred)
650 if opts.delegate_user:
651 dest_fn = os.path.join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_"
652 + get_leaf(object_hrn) + ".cred")
653 elif opts.delegate_slice:
654 dest_fn = os.path_join(self.options.sfi_dir, get_leaf(delegee_hrn) + "_slice_"
655 + get_leaf(object_hrn) + ".cred")
657 dcred.save_to_file(dest_fn, save_parents = True)
659 print "delegated credential for", object_hrn, "to", delegee_hrn, "and wrote to", dest_fn
661 # removed named registry record
662 # - have to first retrieve the record to be removed
663 def remove(self,opts, args):
664 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
671 arg_list = [auth_cred, type, hrn]
672 request_hash = self.key.compute_hash(arg_list)
673 return self.registry.remove(auth_cred, type, hrn, request_hash)
675 # add named registry record
676 def add(self,opts, args):
677 auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
678 record_filepath = args[0]
679 rec_file = self.get_record_file(record_filepath)
680 record = load_record_from_file(rec_file).as_dict()
683 arg_list = [auth_cred]
684 request_hash = self.key.compute_hash(arg_list)
685 return self.registry.register(auth_cred, record, request_hash)
687 # update named registry entry
688 def update(self,opts, args):
689 user_cred = self.get_user_cred()
690 rec_file = self.get_record_file(args[0])
691 record = load_record_from_file(rec_file)
692 if record['type'] == "user":
693 if record.get_name() == user_cred.get_gid_object().get_hrn():
694 cred = user_cred.save_to_string(save_parents=True)
696 cred = self.get_auth_cred().save_to_string(save_parents=True)
697 elif record['type'] in ["slice"]:
699 cred = self.get_slice_cred(record.get_name()).save_to_string(save_parents=True)
700 except ServerException, e:
701 # XXX smbaker -- once we have better error return codes, update this
702 # to do something better than a string compare
703 if "Permission error" in e.args[0]:
704 cred = self.get_auth_cred().save_to_string(save_parents=True)
707 elif record.get_type() in ["authority"]:
708 cred = self.get_auth_cred().save_to_string(save_parents=True)
709 elif record.get_type() == 'node':
710 cred = self.get_auth_cred().save_to_string(save_parents=True)
712 raise "unknown record type" + record.get_type()
713 record = record.as_dict()
717 request_hash = self.key.compute_hash(arg_list)
718 return self.registry.update(cred, record, request_hash)
720 def get_trusted_certs(self, opts, args):
722 return the trusted certs at this interface
724 trusted_certs = self.registry.get_trusted_certs()
725 for trusted_cert in trusted_certs:
726 cert = Certificate(string=trusted_cert)
727 print cert.get_subject()
730 def aggregates(self, opts, args):
732 return a list of details about known aggregates
734 user_cred = self.get_user_cred().save_to_string(save_parents=True)
740 arg_list = [user_cred, hrn]
741 request_hash = self.key.compute_hash(arg_list)
742 result = self.registry.get_aggregates(user_cred, hrn, request_hash)
746 def registries(self, opts, args):
748 return a list of details about known registries
750 user_cred = self.get_user_cred().save_to_string(save_parents=True)
756 arg_list = [user_cred, hrn]
757 request_hash = self.key.compute_hash(arg_list)
758 result = self.registry.get_registries(user_cred, hrn, request_hash)
764 # Slice-related commands
767 # list available nodes -- use 'resources' w/ no argument instead
769 # list instantiated slices
770 def slices(self,opts, args):
771 user_cred = self.get_user_cred().save_to_string(save_parents=True)
774 arg_list = [user_cred]
775 request_hash = self.key.compute_hash(arg_list)
777 server = self.slicemgr
778 # direct connection to the nodes component manager interface
780 server = self.get_component_server_from_hrn(opts.component)
781 results = server.get_slices(user_cred, request_hash)
782 display_list(results)
785 # show rspec for named slice
786 def resources(self,opts, args):
787 user_cred = self.get_user_cred().save_to_string(save_parents=True)
788 server = self.slicemgr
790 agg_hrn = opts.aggregate
791 arg_list = [user_cred, agg_hrn]
792 request_hash = self.key.compute_hash(arg_list)
793 aggregates = self.registry.get_aggregates(user_cred, agg_hrn, request_hash)
795 raise Exception, "No such aggregate %s" % agg_hrn
796 aggregate = aggregates[0]
797 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
798 server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
800 cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
808 arg_list = [cred, hrn]
809 request_hash = self.key.compute_hash(arg_list)
810 result = server.get_resources(cred, hrn, request_hash)
813 display_rspec(result, format)
814 if (opts.file is not None):
816 if not file.startswith(os.sep):
817 file = os.path.join(self.options.sfi_dir, file)
818 save_rspec_to_file(result, file)
821 # created named slice with given rspec
822 def create(self,opts, args):
824 user_cred = self.get_user_cred()
825 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
826 rspec_file = self.get_rspec_file(args[1])
827 rspec=open(rspec_file).read()
828 server = self.slicemgr
830 aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
832 raise Exception, "No such aggregate %s" % opts.aggregate
833 aggregate = aggregates[0]
834 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
835 server = GeniClient(url, self.key_file, self.cert_file, self.options.protocol)
838 arg_list = [slice_cred, slice_hrn, rspec]
839 request_hash = self.key.compute_hash(arg_list)
840 return server.create_slice(slice_cred, slice_hrn, rspec, request_hash)
842 # get a ticket for the specified slice
843 def get_ticket(self, opts, args):
844 slice_hrn, rspec_path = args[0], args[1]
845 user_cred = self.get_user_cred()
846 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
847 rspec_file = self.get_rspec_file(rspec_path)
848 rspec=open(rspec_file).read()
849 server = self.slicemgr
851 aggregates = self.registry.get_aggregates(user_cred, opts.aggregate)
853 raise Exception, "No such aggregate %s" % opts.aggregate
854 aggregate = aggregates[0]
855 url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
856 server = GeniClient(url, self.key_file, self.cert_file, self.options.protocol)
859 arg_list = [slice_cred, slice_hrn, rspec]
860 request_hash = self.key.compute_hash(arg_list)
861 ticket_string = server.get_ticket(slice_cred, slice_hrn, rspec, request_hash)
862 file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
863 print "writing ticket to ", file
864 ticket = SfaTicket(string=ticket_string)
865 ticket.save_to_file(filename=file, save_parents=True)
867 def redeem_ticket(self, opts, args):
868 ticket_file = args[0]
870 # get slice hrn from the ticket
871 # use this to get the right slice credential
872 ticket = SfaTicket(filename=ticket_file)
874 slice_hrn = ticket.attributes['slivers'][0]['hrn']
875 user_cred = self.get_user_cred()
876 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
878 # get a list node hostnames from the nodespecs in the rspec
880 rspec.parseString(ticket.rspec)
881 nodespecs = rspec.getDictsByTagName('NodeSpec')
882 hostnames = [nodespec['name'] for nodespec in nodespecs]
884 # create an xmlrpc connection to the component manager at each of these
885 # components and gall redeem_ticket
887 for hostname in hostnames:
890 url = "https://%(hostname)s:%(cm_port)s" % locals()
891 print "Calling get_ticket at %(url)s " % locals(),
892 cm = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
893 cm.redeem_ticket(slice_cred, ticket.save_to_string(save_parents=True))
895 except socket.gaierror:
897 print "Componet Manager not accepting requests"
899 print "Failed:", e.message
904 def delete(self,opts, args):
906 server = self.slicemgr
907 # direct connection to the nodes component manager interface
909 server = self.get_component_server_from_hrn(opts.component)
911 slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
914 arg_list = [slice_cred, slice_hrn]
915 request_hash = self.key.compute_hash(arg_list)
916 return server.delete_slice(slice_cred, slice_hrn, request_hash)
919 def start(self,opts, args):
921 server = self.slicemgr
922 # direct connection to the nodes component manager interface
924 server = self.get_component_server_from_hrn(opts.component)
926 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
929 arg_list = [slice_cred, slice_hrn]
930 request_hash = self.key.compute_hash(arg_list)
931 return server.start_slice(slice_cred, slice_hrn, request_hash)
934 def stop(self,opts, args):
936 server = self.slicemgr
937 # direct connection to the nodes component manager interface
939 server = self.get_component_server_from_hrn(opts.component)
941 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
944 arg_list = [slice_cred, slice_hrn]
945 request_hash = self.key.compute_hash(arg_list)
946 return server.stop_slice(slice_cred, slice_hrn, request_hash)
949 def reset(self,opts, args):
951 server = self.slicemgr
952 # direct connection to the nodes component manager interface
954 server = self.get_component_server_from_hrn(opts.component)
955 slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
958 arg_list = [slice_cred, slice_hrn]
959 request_hash = self.key.compute_hash(arg_list)
960 return server.reset_slice(slice_cred, slice_hrn, request_hash)
963 # Main: parse arguments and dispatch to command
966 parser = self.create_parser()
967 (options, args) = parser.parse_args()
968 self.options = options
970 if options.hashrequest:
971 self.hashrequest=True
974 print "No command given. Use -h for help."
978 (cmd_opts, cmd_args) = self.create_cmd_parser(command).parse_args(args[1:])
979 if self.options.verbose :
980 print "Registry %s, sm %s, dir %s, user %s, auth %s" % (options.registry, options.sm,
981 options.sfi_dir, options.user,
983 print "Command %s" %command
984 if command in ("resources"):
985 print "resources cmd_opts %s" %cmd_opts.format
986 elif command in ("list","show","remove"):
987 print "cmd_opts.type %s" %cmd_opts.type
988 print "cmd_args %s" %cmd_args
993 self.dispatch(command, cmd_opts, cmd_args)
996 print "Command not found:", command
1001 if __name__=="__main__":