1 ### $Id: slices.py 15842 2009-11-22 09:56:13Z anil $
2 ### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/plc/slices.py $
9 from types import StringTypes
10 from sfa.util.namespace import *
11 from sfa.util.rspec import *
12 from sfa.util.specdict import *
13 from sfa.util.faults import *
14 from sfa.util.record import SfaRecord
15 from sfa.util.policy import Policy
16 from sfa.util.record import *
17 from sfa.util.sfaticket import SfaTicket
18 from sfa.util.debug import log
19 from sfa.plc.slices import Slices
20 from sfa.trust.credential import Credential
21 import sfa.plc.peers as peers
22 from sfa.plc.network import *
23 from sfa.plc.api import SfaAPI
24 from sfa.plc.slices import *
27 def __get_registry_objects(slice_xrn, creds, users):
31 hrn, type = urn_to_hrn(slice_xrn)
33 hrn_auth = get_authority(hrn)
35 # Build up objects that an SFA registry would return if SFA
36 # could contact the slice's registry directly
44 site['name'] = 'geni.%s' % hrn_auth
45 site['enabled'] = True
46 site['max_slices'] = 100
49 # Is it okay if this login base is the same as one already at this myplc site?
50 # Do we need uniqueness? Should use hrn_auth instead of just the leaf perhaps?
51 site['login_base'] = get_leaf(hrn_auth)
52 site['abbreviated_name'] = hrn
53 site['max_slivers'] = 1000
54 reg_objects['site'] = site
57 slice['expires'] = int(mktime(Credential(string=creds[0]).get_lifetime().timetuple()))
59 slice['name'] = site['login_base'] + "_" + get_leaf(hrn)
61 slice['description'] = hrn
63 reg_objects['slice_record'] = slice
65 reg_objects['users'] = {}
68 hrn, _ = urn_to_hrn(user['urn'])
69 user['email'] = hrn + "@geni.net"
70 user['first_name'] = hrn
71 user['last_name'] = hrn
72 reg_objects['users'][user['email']] = user
76 def __get_hostnames(nodes):
79 hostnames.append(node.hostname)
86 version['geni_api'] = 1
89 def slice_status(api, slice_xrn, creds):
91 result['geni_urn'] = slice_xrn
92 result['geni_status'] = 'unknown'
93 result['geni_resources'] = {}
96 def create_slice(api, slice_xrn, creds, rspec, users):
98 Create the sliver[s] (slice) at this aggregate.
99 Verify HRN and initialize the slice record in PLC if necessary.
102 reg_objects = __get_registry_objects(slice_xrn, creds, users)
104 hrn, type = urn_to_hrn(slice_xrn)
107 peer = slices.get_peer(hrn)
108 sfa_peer = slices.get_sfa_peer(hrn)
109 registry = api.registries[api.hrn]
110 credential = api.getCredential()
111 site_id, remote_site_id = slices.verify_site(registry, credential, hrn,
112 peer, sfa_peer, reg_objects)
114 slice = slices.verify_slice(registry, credential, hrn, site_id,
115 remote_site_id, peer, sfa_peer, reg_objects)
117 network = Network(api)
119 slice = network.get_slice(api, hrn)
120 current = __get_hostnames(slice.get_nodes())
122 network.addRSpec(rspec, api.config.SFA_AGGREGATE_RSPEC_SCHEMA)
123 request = __get_hostnames(network.nodesWithSlivers())
125 # remove nodes not in rspec
126 deleted_nodes = list(set(current).difference(request))
128 # add nodes from rspec
129 added_nodes = list(set(request).difference(current))
132 api.plshell.UnBindObjectFromPeer(api.plauth, 'slice', slice.id, peer)
134 api.plshell.AddSliceToNodes(api.plauth, slice.name, added_nodes)
135 api.plshell.DeleteSliceFromNodes(api.plauth, slice.name, deleted_nodes)
137 network.updateSliceTags()
140 api.plshell.BindObjectToPeer(api.plauth, 'slice', slice.id, peer,
143 # print network.toxml()
148 def renew_slice(api, xrn, creds, exipration_time):
149 hrn, type = urn_to_hrn(xrn)
150 slicename = hrn_to_pl_slicename(hrn)
151 slices = api.plshell.GetSlices(api.plauth, {'name': slicename}, ['slice_id'])
153 raise RecordNotFound(hrn)
155 slice['expires'] = expiration_time
156 api.plshell.UpdateSlice(api.plauth, slice['slice_id'], slice)
159 def start_slice(api, xrn):
160 hrn, type = urn_to_hrn(xrn)
161 slicename = hrn_to_pl_slicename(hrn)
162 slices = api.plshell.GetSlices(api.plauth, {'name': slicename}, ['slice_id'])
164 raise RecordNotFound(hrn)
166 attributes = api.plshell.GetSliceTags(api.plauth, {'slice_id': slice_id, 'name': 'enabled'}, ['slice_attribute_id'])
167 attribute_id = attributes[0]['slice_attribute_id']
168 api.plshell.UpdateSliceTag(api.plauth, attribute_id, "1" )
172 def stop_slice(api, xrn, creds):
173 hrn, type = urn_to_hrn(xrn)
174 slicename = hrn_to_pl_slicename(hrn)
175 slices = api.plshell.GetSlices(api.plauth, {'name': slicename}, ['slice_id'])
177 raise RecordNotFound(hrn)
178 slice_id = slices[0]['slice_id']
179 attributes = api.plshell.GetSliceTags(api.plauth, {'slice_id': slice_id, 'name': 'enabled'}, ['slice_attribute_id'])
180 attribute_id = attributes[0]['slice_attribute_id']
181 api.plshell.UpdateSliceTag(api.plauth, attribute_id, "0")
184 def reset_slice(api, xrn):
185 # XX not implemented at this interface
188 def delete_slice(api, xrn, creds):
189 hrn, type = urn_to_hrn(xrn)
190 slicename = hrn_to_pl_slicename(hrn)
191 slices = api.plshell.GetSlices(api.plauth, {'name': slicename})
196 # determine if this is a peer slice
197 peer = peers.get_peer(api, hrn)
199 api.plshell.UnBindObjectFromPeer(api.plauth, 'slice', slice['slice_id'], peer)
200 api.plshell.DeleteSliceFromNodes(api.plauth, slicename, slice['node_ids'])
202 api.plshell.BindObjectToPeer(api.plauth, 'slice', slice['slice_id'], peer, slice['peer_slice_id'])
206 # look in cache first
208 slices = api.cache.get('slices')
213 slices = api.plshell.GetSlices(api.plauth, {'peer_id': None}, ['name'])
214 slice_hrns = [slicename_to_hrn(api.hrn, slice['name']) for slice in slices]
215 slice_urns = [hrn_to_urn(slice_hrn, 'slice') for slice_hrn in slice_hrns]
219 api.cache.add('slices', slice_urns)
223 def get_rspec(api, creds, options):
224 # get slice's hrn from options
225 xrn = options.get('geni_slice_urn', None)
226 hrn, type = urn_to_hrn(xrn)
228 # get hrn of the original caller
229 origin_hrn = options.get('origin_hrn', None)
231 origin_hrn = Credential(string=creds[0]).get_gid_caller().get_hrn()
233 # look in cache first
234 if api.cache and not xrn:
235 rspec = api.cache.get('nodes')
239 network = Network(api)
241 if network.get_slice(api, hrn):
244 rspec = network.toxml()
247 if api.cache and not xrn:
248 api.cache.add('nodes', rspec)
253 def get_ticket(api, xrn, rspec, origin_hrn=None, reg_objects=None):
255 slice_hrn, type = urn_to_hrn(xrn)
257 peer = slices.get_peer(slice_hrn)
258 sfa_peer = slices.get_sfa_peer(slice_hrn)
260 # get the slice record
261 registry = api.registries[api.hrn]
262 credential = api.getCredential()
263 records = registry.resolve(credential, xrn)
265 # similar to create_slice, we must verify that the required records exist
266 # at this aggregate before we can issue a ticket
267 site_id, remote_site_id = slices.verify_site(registry, credential, slice_hrn,
268 peer, sfa_peer, reg_objects)
269 slice = slices.verify_slice(registry, credential, slice_hrn, site_id,
270 remote_site_id, peer, sfa_peer, reg_objects)
272 # make sure we get a local slice record
274 for tmp_record in records:
275 if tmp_record['type'] == 'slice' and \
276 not tmp_record['peer_authority']:
277 record = SliceRecord(dict=tmp_record)
279 raise RecordNotFound(slice_hrn)
282 slivers = Slices(api).get_slivers(slice_hrn)
284 raise SliverDoesNotExist(slice_hrn)
289 'timestamp': int(time.time()),
290 'initscripts': initscripts,
295 object_gid = record.get_gid_object()
296 new_ticket = SfaTicket(subject = object_gid.get_subject())
297 new_ticket.set_gid_caller(api.auth.client_gid)
298 new_ticket.set_gid_object(object_gid)
299 new_ticket.set_issuer(key=api.key, subject=api.hrn)
300 new_ticket.set_pubkey(object_gid.get_pubkey())
301 new_ticket.set_attributes(data)
302 new_ticket.set_rspec(rspec)
303 #new_ticket.set_parent(api.auth.hierarchy.get_auth_ticket(auth_hrn))
307 return new_ticket.save_to_string(save_parents=True)
314 rspec = get_rspec(api, "plc.princeton.sapan", None)
315 #rspec = get_rspec(api, "plc.princeton.coblitz", None)
316 #rspec = get_rspec(api, "plc.pl.sirius", None)
319 f = open(sys.argv[1])
322 create_slice(api, "plc.princeton.sapan", xml)
324 if __name__ == "__main__":