4 from StringIO import StringIO
8 from sfa.trust.sfaticket import SfaTicket
9 from sfa.trust.credential import Credential
11 from sfa.util.sfalogging import logger
12 from sfa.util.xrn import Xrn, urn_to_hrn
13 from sfa.util.version import version_core
14 from sfa.util.callids import Callids
15 from sfa.util.cache import Cache
17 from sfa.server.threadmanager import ThreadManager
19 from sfa.rspecs.rspec_converter import RSpecConverter
20 from sfa.rspecs.version_manager import VersionManager
21 from sfa.rspecs.rspec import RSpec
23 from sfa.client.client_helper import sfa_to_pg_users_arg
24 from sfa.client.return_value import ReturnValue
28 # the cache instance is a class member so it survives across incoming requests
31 def __init__ (self, config):
33 if config.SFA_SM_CACHING:
34 if SliceManager.cache is None:
35 SliceManager.cache = Cache()
36 self.cache = SliceManager.cache
38 def GetVersion(self, api, options):
39 # peers explicitly in aggregates.xml
40 peers =dict ([ (peername,interface.get_url()) for (peername,interface) in api.aggregates.iteritems()
41 if peername != api.hrn])
42 version_manager = VersionManager()
43 ad_rspec_versions = []
44 request_rspec_versions = []
45 cred_types = [{'geni_type': 'geni_sfa', 'geni_version': str(i)} for i in range(4)[-2:]]
46 for rspec_version in version_manager.versions:
47 if rspec_version.content_type in ['*', 'ad']:
48 ad_rspec_versions.append(rspec_version.to_dict())
49 if rspec_version.content_type in ['*', 'request']:
50 request_rspec_versions.append(rspec_version.to_dict())
51 xrn=Xrn(api.hrn, 'authority+sa')
53 'interface':'slicemgr',
56 'geni_api_versions': {'3': 'http://%s:%s' % (api.config.SFA_SM_HOST, api.config.SFA_SM_PORT)},
57 'hrn' : xrn.get_hrn(),
58 'urn' : xrn.get_urn(),
60 'geni_single_allocation': 0, # Accept operations that act on as subset of slivers in a given state.
61 'geni_allocate': 'geni_many',# Multiple slivers can exist and be incrementally added, including those which connect or overlap in some way.
62 'geni_credential_types': cred_types,
64 sm_version=version_core(version_more)
65 # local aggregate if present needs to have localhost resolved
66 if api.hrn in api.aggregates:
67 local_am_url=api.aggregates[api.hrn].get_url()
68 sm_version['peers'][api.hrn]=local_am_url.replace('localhost',sm_version['hostname'])
71 def drop_slicemgr_stats(self, rspec):
73 stats_elements = rspec.xml.xpath('//statistics')
74 for node in stats_elements:
75 node.getparent().remove(node)
77 logger.warn("drop_slicemgr_stats failed: %s " % (str(e)))
79 def add_slicemgr_stat(self, rspec, callname, aggname, elapsed, status, exc_info=None):
81 stats_tags = rspec.xml.xpath('//statistics[@call="%s"]' % callname)
83 stats_tag = stats_tags[0]
85 stats_tag = rspec.xml.root.add_element("statistics", call=callname)
87 stat_tag = stats_tag.add_element("aggregate", name=str(aggname),
88 elapsed=str(elapsed), status=str(status))
91 exc_tag = stat_tag.add_element("exc_info", name=str(exc_info[1]))
93 # formats the traceback as one big text blob
94 #exc_tag.text = "\n".join(traceback.format_exception(exc_info[0], exc_info[1], exc_info[2]))
96 # formats the traceback as a set of xml elements
97 tb = traceback.extract_tb(exc_info[2])
99 exc_frame = exc_tag.add_element("tb_frame", filename=str(item[0]),
100 line=str(item[1]), func=str(item[2]), code=str(item[3]))
103 logger.warn("add_slicemgr_stat failed on %s: %s" %(aggname, str(e)))
105 def ListResources(self, api, creds, options):
106 call_id = options.get('call_id')
107 if Callids().already_handled(call_id): return ""
109 version_manager = VersionManager()
111 def _ListResources(aggregate, server, credential, options):
112 forward_options = copy(options)
115 version = api.get_cached_server_version(server)
116 # force ProtoGENI aggregates to give us a v2 RSpec
117 if 'sfa' in version.keys():
118 forward_options['rspec_version'] = version_manager.get_version('SFA 1').to_dict()
120 forward_options['rspec_version'] = version_manager.get_version('GENI 3').to_dict()
121 forward_options['geni_rspec_version'] = {'type': 'geni', 'version': '3.0'}
122 rspec = server.ListResources(credential, forward_options)
123 return {"aggregate": aggregate, "rspec": rspec, "elapsed": time.time()-tStart, "status": "success"}
125 api.logger.log_exc("ListResources failed at %s" %(server.url))
126 return {"aggregate": aggregate, "elapsed": time.time()-tStart, "status": "exception", "exc_info": sys.exc_info()}
128 # get slice's hrn from options
129 xrn = options.get('geni_slice_urn', '')
130 (hrn, type) = urn_to_hrn(xrn)
131 if 'geni_compressed' in options:
132 del(options['geni_compressed'])
134 # get the rspec's return format from options
135 rspec_version = version_manager.get_version(options.get('geni_rspec_version'))
136 version_string = "rspec_%s" % (rspec_version)
138 # look in cache first
139 cached_requested = options.get('cached', True)
140 if not xrn and self.cache and cached_requested:
141 rspec = self.cache.get(version_string)
143 api.logger.debug("SliceManager.ListResources returns cached advertisement")
146 # get the callers hrn
147 valid_cred = api.auth.checkCredentials(creds, 'listnodes', hrn)[0]
148 caller_hrn = Credential(cred=valid_cred).get_gid_caller().get_hrn()
150 # attempt to use delegated credential first
151 cred = api.getDelegatedCredential(creds)
153 cred = api.getCredential()
154 threads = ThreadManager()
155 for aggregate in api.aggregates:
156 # prevent infinite loop. Dont send request back to caller
157 # unless the caller is the aggregate's SM
158 if caller_hrn == aggregate and aggregate != api.hrn:
161 # get the rspec from the aggregate
162 interface = api.aggregates[aggregate]
163 server = api.server_proxy(interface, cred)
164 threads.run(_ListResources, aggregate, server, [cred], options)
167 results = threads.get_results()
168 rspec_version = version_manager.get_version(options.get('geni_rspec_version'))
170 result_version = version_manager._get_version(rspec_version.type, rspec_version.version, 'manifest')
172 result_version = version_manager._get_version(rspec_version.type, rspec_version.version, 'ad')
173 rspec = RSpec(version=result_version)
174 for result in results:
175 self.add_slicemgr_stat(rspec, "ListResources", result["aggregate"], result["elapsed"],
176 result["status"], result.get("exc_info",None))
177 if result["status"]=="success":
179 rspec.version.merge(ReturnValue.get_value(result["rspec"]))
181 api.logger.log_exc("SM.ListResources: Failed to merge aggregate rspec")
184 if self.cache and not xrn:
185 api.logger.debug("SliceManager.ListResources caches advertisement")
186 self.cache.add(version_string, rspec.toxml())
191 def Allocate(self, api, xrn, creds, rspec_str, expiration, options):
192 call_id = options.get('call_id')
193 if Callids().already_handled(call_id): return ""
195 version_manager = VersionManager()
196 def _Allocate(aggregate, server, xrn, credential, rspec, expiration, options):
199 # Need to call GetVersion at an aggregate to determine the supported
200 # rspec type/format beofre calling CreateSliver at an Aggregate.
201 server_version = api.get_cached_server_version(server)
202 requested_users = users
203 if 'sfa' not in server_version and 'geni_api' in server_version:
204 # sfa aggregtes support both sfa and pg rspecs, no need to convert
205 # if aggregate supports sfa rspecs. otherwise convert to pg rspec
206 rspec = RSpec(RSpecConverter.to_pg_rspec(rspec, 'request'))
207 filter = {'component_manager_id': server_version['urn']}
209 rspec = rspec.toxml()
210 rspec = server.Allocate(xrn, credential, rspec, expiration, options)
211 return {"aggregate": aggregate, "rspec": rspec, "elapsed": time.time()-tStart, "status": "success"}
213 logger.log_exc('Something wrong in _Allocate with URL %s'%server.url)
214 return {"aggregate": aggregate, "elapsed": time.time()-tStart, "status": "exception", "exc_info": sys.exc_info()}
216 # Validate the RSpec against PlanetLab's schema --disabled for now
217 # The schema used here needs to aggregate the PL and VINI schemas
218 # schema = "/var/www/html/schemas/pl.rng"
219 rspec = RSpec(rspec_str)
222 # rspec.validate(schema)
224 # if there is a <statistics> section, the aggregates don't care about it,
226 self.drop_slicemgr_stats(rspec)
228 # attempt to use delegated credential first
229 cred = api.getDelegatedCredential(creds)
231 cred = api.getCredential()
233 # get the callers hrn
234 hrn, type = urn_to_hrn(xrn)
235 valid_cred = api.auth.checkCredentials(creds, 'createsliver', hrn)[0]
236 caller_hrn = Credential(cred=valid_cred).get_gid_caller().get_hrn()
237 threads = ThreadManager()
238 for aggregate in api.aggregates:
239 # prevent infinite loop. Dont send request back to caller
240 # unless the caller is the aggregate's SM
241 if caller_hrn == aggregate and aggregate != api.hrn:
243 interface = api.aggregates[aggregate]
244 server = api.server_proxy(interface, cred)
245 # Just send entire RSpec to each aggregate
246 threads.run(_Allocate, aggregate, server, xrn, [cred], rspec.toxml(), expiration, options)
248 results = threads.get_results()
249 manifest_version = version_manager._get_version(rspec.version.type, rspec.version.version, 'manifest')
250 result_rspec = RSpec(version=manifest_version)
254 for result in results:
255 self.add_slicemgr_stat(result_rspec, "Allocate", result["aggregate"], result["elapsed"],
256 result["status"], result.get("exc_info",None))
257 if result["status"]=="success":
259 geni_urn = result['result']['geni_urn']
260 result_rspec.version.merge(ReturnValue.get_value(result['result']['geni_rspec']))
261 geni_slivers.extend(result['result']['geni_slivers'])
263 api.logger.log_exc("SM.Allocate: Failed to merge aggregate rspec")
265 'geni_urn': geni_urn,
266 'geni_rspec': result_rspec.toxml(),
267 'geni_slivers': geni_slivers
271 def Provision(self, api, xrn, creds, options):
272 call_id = options.get('call_id')
273 if Callids().already_handled(call_id): return ""
275 version_manager = VersionManager()
276 def _Provision(aggregate, server, xrn, credential, options):
279 # Need to call GetVersion at an aggregate to determine the supported
280 # rspec type/format beofre calling CreateSliver at an Aggregate.
281 server_version = api.get_cached_server_version(server)
282 result = server.Provision(xrn, credential, options)
283 return {"aggregate": aggregate, "result": result, "elapsed": time.time()-tStart, "status": "success"}
285 logger.log_exc('Something wrong in _Allocate with URL %s'%server.url)
286 return {"aggregate": aggregate, "elapsed": time.time()-tStart, "status": "exception", "exc_info": sys.exc_info()}
288 # attempt to use delegated credential first
289 cred = api.getDelegatedCredential(creds)
291 cred = api.getCredential()
293 # get the callers hrn
294 valid_cred = api.auth.checkCredentials(creds, 'createsliver', xrn)[0]
295 caller_hrn = Credential(cred=valid_cred).get_gid_caller().get_hrn()
296 threads = ThreadManager()
297 for aggregate in api.aggregates:
298 # prevent infinite loop. Dont send request back to caller
299 # unless the caller is the aggregate's SM
300 if caller_hrn == aggregate and aggregate != api.hrn:
302 interface = api.aggregates[aggregate]
303 server = api.server_proxy(interface, cred)
304 # Just send entire RSpec to each aggregate
305 threads.run(_Provision, aggregate, server, xrn, [cred], options)
307 results = threads.get_results()
308 manifest_version = version_manager._get_version('GENI', '3', 'manifest')
309 result_rspec = RSpec(version=manifest_version)
312 for result in results:
313 self.add_slicemgr_stat(result_rspec, "Provision", result["aggregate"], result["elapsed"],
314 result["status"], result.get("exc_info",None))
315 if result["status"]=="success":
317 geni_urn = result['result']['geni_urn']
318 result_rspec.version.merge(ReturnValue.get_value(result['result']['geni_rspec']))
319 geni_slivers.extend(result['result']['geni_slivers'])
321 api.logger.log_exc("SM.Provision: Failed to merge aggregate rspec")
323 'geni_urn': geni_urn,
324 'geni_rspec': result_rspec.toxml(),
325 'geni_slivers': geni_slivers
330 def RenewSliver(self, api, xrn, creds, expiration_time, options):
331 call_id = options.get('call_id')
332 if Callids().already_handled(call_id): return True
334 def _RenewSliver(aggregate, server, xrn, creds, expiration_time, options):
336 result=server.RenewSliver(xrn, creds, expiration_time, options)
337 if type(result)!=dict:
338 result = {'code': {'geni_code': 0}, 'value': result}
339 result['aggregate'] = aggregate
342 logger.log_exc('Something wrong in _RenewSliver with URL %s'%server.url)
343 return {'aggregate': aggregate, 'exc_info': traceback.format_exc(),
344 'code': {'geni_code': -1},
345 'value': False, 'output': ""}
347 (hrn, urn_type) = urn_to_hrn(xrn)
348 # get the callers hrn
349 valid_cred = api.auth.checkCredentials(creds, 'renewsliver', hrn)[0]
350 caller_hrn = Credential(cred=valid_cred).get_gid_caller().get_hrn()
352 # attempt to use delegated credential first
353 cred = api.getDelegatedCredential(creds)
355 cred = api.getCredential(minimumExpiration=31*86400)
356 threads = ThreadManager()
357 for aggregate in api.aggregates:
358 # prevent infinite loop. Dont send request back to caller
359 # unless the caller is the aggregate's SM
360 if caller_hrn == aggregate and aggregate != api.hrn:
362 interface = api.aggregates[aggregate]
363 server = api.server_proxy(interface, cred)
364 threads.run(_RenewSliver, aggregate, server, xrn, [cred], expiration_time, options)
366 results = threads.get_results()
369 geni_output = ",".join([x.get('output',"") for x in results])
370 geni_value = reduce (lambda x,y: x and y, [result.get('value',False) for result in results], True)
371 for agg_result in results:
372 agg_geni_code = agg_result['code'].get('geni_code',0)
374 geni_code = agg_geni_code
376 results = {'aggregates': results, 'code': {'geni_code': geni_code}, 'value': geni_value, 'output': geni_output}
380 def DeleteSliver(self, api, xrn, creds, options):
381 call_id = options.get('call_id')
382 if Callids().already_handled(call_id): return ""
384 def _DeleteSliver(server, xrn, creds, options):
385 return server.DeleteSliver(xrn, creds, options)
387 (hrn, type) = urn_to_hrn(xrn)
388 # get the callers hrn
389 valid_cred = api.auth.checkCredentials(creds, 'deletesliver', hrn)[0]
390 caller_hrn = Credential(cred=valid_cred).get_gid_caller().get_hrn()
392 # attempt to use delegated credential first
393 cred = api.getDelegatedCredential(creds)
395 cred = api.getCredential()
396 threads = ThreadManager()
397 for aggregate in api.aggregates:
398 # prevent infinite loop. Dont send request back to caller
399 # unless the caller is the aggregate's SM
400 if caller_hrn == aggregate and aggregate != api.hrn:
402 interface = api.aggregates[aggregate]
403 server = api.server_proxy(interface, cred)
404 threads.run(_DeleteSliver, server, xrn, [cred], options)
405 threads.get_results()
409 # first draft at a merging SliverStatus
410 def Status(self, api, slice_xrn, creds, options):
411 def _Status(server, xrn, creds, options):
412 return server.Status(xrn, creds, options)
414 call_id = options.get('call_id')
415 if Callids().already_handled(call_id): return {}
416 # attempt to use delegated credential first
417 cred = api.getDelegatedCredential(creds)
419 cred = api.getCredential()
420 threads = ThreadManager()
421 for aggregate in api.aggregates:
422 interface = api.aggregates[aggregate]
423 server = api.server_proxy(interface, cred)
424 threads.run (_Status, server, slice_xrn, [cred], options)
425 results = [ReturnValue.get_value(result) for result in threads.get_results()]
427 # get rid of any void result - e.g. when call_id was hit, where by convention we return {}
428 results = [ result for result in results if result and result['geni_slivers']]
430 # do not try to combine if there's no result
431 if not results : return {}
433 # otherwise let's merge stuff
436 for result in results:
438 geni_urn = result['geni_urn']
439 geni_slivers.extend(result['result']['geni_slivers'])
441 api.logger.log_exc("SM.Provision: Failed to merge aggregate rspec")
443 'geni_urn': geni_urn,
444 'geni_slivers': geni_slivers
448 def Describe(self, api, xrns, creds, options):
449 def _Describe(server, xrn, creds, options):
450 return server.Describe(xrn, creds, options)
452 call_id = options.get('call_id')
453 if Callids().already_handled(call_id): return {}
454 # attempt to use delegated credential first
455 cred = api.getDelegatedCredential(creds)
457 cred = api.getCredential()
458 threads = ThreadManager()
459 for aggregate in api.aggregates:
460 interface = api.aggregates[aggregate]
461 server = api.server_proxy(interface, cred)
462 threads.run (_Describe, server, slice_xrn, [cred], options)
463 results = [ReturnValue.get_value(result) for result in threads.get_results()]
465 # get rid of any void result - e.g. when call_id was hit, where by convention we return {}
466 results = [ result for result in results if result and result.get('geni_urn')]
468 # do not try to combine if there's no result
469 if not results : return {}
471 # otherwise let's merge stuff
472 manifest_version = version_manager._get_version('GENI', '3', 'manifest')
473 result_rspec = RSpec(version=manifest_version)
476 for result in results:
478 geni_urn = result['geni_urn']
479 result_rspec.version.merge(ReturnValue.get_value(result['result']['geni_rspec']))
480 geni_slivers.extend(result['result']['geni_slivers'])
482 api.logger.log_exc("SM.Provision: Failed to merge aggregate rspec")
484 'geni_urn': geni_urn,
485 'geni_rspec': result_rspec.toxml(),
486 'geni_slivers': geni_slivers
489 def ListSlices(self, api, creds, options):
490 call_id = options.get('call_id')
491 if Callids().already_handled(call_id): return []
493 def _ListSlices(server, creds, options):
494 return server.ListSlices(creds, options)
496 # look in cache first
497 # xxx is this really frequent enough that it is worth being cached ?
499 slices = self.cache.get('slices')
501 api.logger.debug("SliceManager.ListSlices returns from cache")
504 # get the callers hrn
505 valid_cred = api.auth.checkCredentials(creds, 'listslices', None)[0]
506 caller_hrn = Credential(cred=valid_cred).get_gid_caller().get_hrn()
508 # attempt to use delegated credential first
509 cred= api.getDelegatedCredential(creds)
511 cred = api.getCredential()
512 threads = ThreadManager()
513 # fetch from aggregates
514 for aggregate in api.aggregates:
515 # prevent infinite loop. Dont send request back to caller
516 # unless the caller is the aggregate's SM
517 if caller_hrn == aggregate and aggregate != api.hrn:
519 interface = api.aggregates[aggregate]
520 server = api.server_proxy(interface, cred)
521 threads.run(_ListSlices, server, [cred], options)
524 results = [ReturnValue.get_value(result) for result in threads.get_results()]
526 for result in results:
527 slices.extend(result)
531 api.logger.debug("SliceManager.ListSlices caches value")
532 self.cache.add('slices', slices)
537 def GetTicket(self, api, xrn, creds, rspec, users, options):
538 slice_hrn, type = urn_to_hrn(xrn)
539 # get the netspecs contained within the clients rspec
540 aggregate_rspecs = {}
541 tree= etree.parse(StringIO(rspec))
542 elements = tree.findall('./network')
543 for element in elements:
544 aggregate_hrn = element.values()[0]
545 aggregate_rspecs[aggregate_hrn] = rspec
547 # get the callers hrn
548 valid_cred = api.auth.checkCredentials(creds, 'getticket', slice_hrn)[0]
549 caller_hrn = Credential(cred=valid_cred).get_gid_caller().get_hrn()
551 # attempt to use delegated credential first
552 cred = api.getDelegatedCredential(creds)
554 cred = api.getCredential()
555 threads = ThreadManager()
556 for (aggregate, aggregate_rspec) in aggregate_rspecs.iteritems():
557 # xxx sounds like using call_id here would be safer
558 # prevent infinite loop. Dont send request back to caller
559 # unless the caller is the aggregate's SM
560 if caller_hrn == aggregate and aggregate != api.hrn:
563 interface = api.aggregates[aggregate]
564 server = api.server_proxy(interface, cred)
565 threads.run(server.GetTicket, xrn, [cred], aggregate_rspec, users, options)
567 results = threads.get_results()
569 # gather information from each ticket
574 for result in results:
575 agg_ticket = SfaTicket(string=result)
576 attrs = agg_ticket.get_attributes()
578 object_gid = agg_ticket.get_gid_object()
580 rspec = RSpec(agg_ticket.get_rspec())
582 rspec.version.merge(agg_ticket.get_rspec())
583 initscripts.extend(attrs.get('initscripts', []))
584 slivers.extend(attrs.get('slivers', []))
587 attributes = {'initscripts': initscripts,
590 # create a new ticket
591 ticket = SfaTicket(subject = slice_hrn)
592 ticket.set_gid_caller(api.auth.client_gid)
593 ticket.set_issuer(key=api.key, subject=api.hrn)
594 ticket.set_gid_object(object_gid)
595 ticket.set_pubkey(object_gid.get_pubkey())
596 #new_ticket.set_parent(api.auth.hierarchy.get_auth_ticket(auth_hrn))
597 ticket.set_attributes(attributes)
598 ticket.set_rspec(rspec.toxml())
601 return ticket.save_to_string(save_parents=True)
603 def start_slice(self, api, xrn, creds):
604 hrn, type = urn_to_hrn(xrn)
606 # get the callers hrn
607 valid_cred = api.auth.checkCredentials(creds, 'startslice', hrn)[0]
608 caller_hrn = Credential(cred=valid_cred).get_gid_caller().get_hrn()
610 # attempt to use delegated credential first
611 cred = api.getDelegatedCredential(creds)
613 cred = api.getCredential()
614 threads = ThreadManager()
615 for aggregate in api.aggregates:
616 # prevent infinite loop. Dont send request back to caller
617 # unless the caller is the aggregate's SM
618 if caller_hrn == aggregate and aggregate != api.hrn:
620 interface = api.aggregates[aggregate]
621 server = api.server_proxy(interface, cred)
622 threads.run(server.Start, xrn, cred)
623 threads.get_results()
626 def Shutdown(self, api, xrn, creds, options={}):
628 # get the callers hrn
629 valid_cred = api.auth.checkCredentials(creds, 'stopslice', xrn.hrn)[0]
630 caller_hrn = Credential(cred=valid_cred).get_gid_caller().get_hrn()
632 # attempt to use delegated credential first
633 cred = api.getDelegatedCredential(creds)
635 cred = api.getCredential()
636 threads = ThreadManager()
637 for aggregate in api.aggregates:
638 # prevent infinite loop. Dont send request back to caller
639 # unless the caller is the aggregate's SM
640 if caller_hrn == aggregate and aggregate != api.hrn:
642 interface = api.aggregates[aggregate]
643 server = api.server_proxy(interface, cred)
644 threads.run(server.Shutdown, xrn.urn, cred)
645 threads.get_results()