4 from StringIO import StringIO
5 from types import StringTypes
6 from copy import deepcopy
10 from sfa.util.sfalogging import logger
11 from sfa.util.rspecHelper import merge_rspecs
12 from sfa.util.xrn import Xrn, urn_to_hrn, hrn_to_urn
13 from sfa.util.plxrn import hrn_to_pl_slicename
14 from sfa.util.rspec import *
15 from sfa.util.specdict import *
16 from sfa.util.faults import *
17 from sfa.util.record import SfaRecord
18 from sfa.rspecs.pg_rspec import PGRSpec
19 from sfa.rspecs.sfa_rspec import SfaRSpec
20 from sfa.rspecs.rspec_converter import RSpecConverter
21 from sfa.rspecs.rspec_parser import parse_rspec
22 from sfa.rspecs.rspec_version import RSpecVersion
23 from sfa.rspecs.sfa_rspec import sfa_rspec_version
24 from sfa.rspecs.pg_rspec import pg_rspec_ad_version, pg_rspec_request_version
25 from sfa.util.policy import Policy
26 from sfa.util.prefixTree import prefixTree
27 from sfa.util.sfaticket import *
28 from sfa.trust.credential import Credential
29 from sfa.util.threadmanager import ThreadManager
30 import sfa.util.xmlrpcprotocol as xmlrpcprotocol
31 import sfa.plc.peers as peers
32 from sfa.util.version import version_core
33 from sfa.util.callids import Callids
36 def _call_id_supported(api, server):
38 Returns true if server support the optional call_id arg, false otherwise.
40 server_version = api.get_cached_server_version(server)
42 if 'sfa' in server_version:
43 code_tag = server_version['code_tag']
44 code_tag_parts = code_tag.split("-")
46 version_parts = code_tag_parts[0].split(".")
47 major, minor = version_parts[0], version_parts[1]
48 rev = code_tag_parts[1]
50 if int(minor) > 0 or int(rev) > 20:
54 # we have specialized xmlrpclib.ServerProxy to remember the input url
55 # OTOH it's not clear if we're only dealing with XMLRPCServerProxy instances
56 def get_serverproxy_url (server):
60 logger.warning("GetVersion, falling back to xmlrpclib.ServerProxy internals")
61 return server._ServerProxy__host + server._ServerProxy__handler
64 # peers explicitly in aggregates.xml
65 peers =dict ([ (peername,get_serverproxy_url(v)) for (peername,v) in api.aggregates.iteritems()
66 if peername != api.hrn])
68 request_rspec_versions = [dict(pg_rspec_request_version), dict(sfa_rspec_version)]
69 ad_rspec_versions = [dict(pg_rspec_ad_version), dict(sfa_rspec_version)]
70 version_more = {'interface':'slicemgr',
71 'hrn' : xrn.get_hrn(),
72 'urn' : xrn.get_urn(),
74 'request_rspec_versions': request_rspec_versions,
75 'ad_rspec_versions': ad_rspec_versions,
76 'default_ad_rspec': dict(sfa_rspec_version)
78 sm_version=version_core(version_more)
79 # local aggregate if present needs to have localhost resolved
80 if api.hrn in api.aggregates:
81 local_am_url=get_serverproxy_url(api.aggregates[api.hrn])
82 sm_version['peers'][api.hrn]=local_am_url.replace('localhost',sm_version['hostname'])
86 def ListResources(api, creds, options, call_id):
87 def _ListResources(server, credential, my_opts, call_id):
88 args = [credential, my_opts]
89 if _call_id_supported(api, server):
92 return server.ListResources(*args)
94 api.logger.warn("ListResources failed at %s: %s" %(server.url, str(e)))
96 if Callids().already_handled(call_id): return ""
98 # get slice's hrn from options
99 xrn = options.get('geni_slice_urn', '')
100 (hrn, type) = urn_to_hrn(xrn)
101 my_opts = copy(options)
102 my_opts['geni_compressed'] = False
103 if 'rspec_version' in my_opts:
104 del my_opts['rspec_version']
106 # get the rspec's return format from options
107 rspec_version = RSpecVersion(options.get('rspec_version'))
108 version_string = "rspec_%s" % (rspec_version.get_version_name())
110 # look in cache first
111 if caching and api.cache and not xrn:
112 rspec = api.cache.get(version_string)
116 # get the callers hrn
117 valid_cred = api.auth.checkCredentials(creds, 'listnodes', hrn)[0]
118 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
120 # attempt to use delegated credential first
121 credential = api.getDelegatedCredential(creds)
123 credential = api.getCredential()
124 credentials = [credential]
125 threads = ThreadManager()
126 for aggregate in api.aggregates:
127 # prevent infinite loop. Dont send request back to caller
128 # unless the caller is the aggregate's SM
129 if caller_hrn == aggregate and aggregate != api.hrn:
133 if aggregate == api.hrn:
136 # get the rspec from the aggregate
137 server = api.aggregates[aggregate]
138 #threads.run(server.ListResources, credentials, my_opts, call_id)
139 threads.run(_ListResources, server, credentials, my_opts, call_id)
141 results = threads.get_results()
142 rspec_version = RSpecVersion(my_opts.get('rspec_version'))
143 if rspec_version['type'] == pg_rspec_ad_version['type']:
147 for result in results:
151 api.logger.info("SM.ListResources: Failed to merge aggregate rspec")
154 if caching and api.cache and not xrn:
155 api.cache.add(version_string, rspec.toxml())
160 def CreateSliver(api, xrn, creds, rspec_str, users, call_id):
162 def _CreateSliver(server, xrn, credential, rspec, users, call_id):
164 # Need to call GetVersion at an aggregate to determine the supported
165 # rspec type/format beofre calling CreateSliver at an Aggregate.
166 server_version = api.get_cached_server_version(server)
167 if 'sfa' not in aggregate_version and 'geni_api' in aggregate_version:
168 # sfa aggregtes support both sfa and pg rspecs, no need to convert
169 # if aggregate supports sfa rspecs. otherwise convert to pg rspec
170 rspec = RSpecConverter.to_pg_rspec(rspec)
171 args = [xrn, credential, rspec, users]
172 if _call_id_supported(api, server):
175 return server.CreateSliver(*args)
177 api.logger.warn("CreateSliver failed at %s: %s" %(server.url, str(e)))
179 logger.log_exc('Something wrong in _CreateSliver')
181 if Callids().already_handled(call_id): return ""
182 # Validate the RSpec against PlanetLab's schema --disabled for now
183 # The schema used here needs to aggregate the PL and VINI schemas
184 # schema = "/var/www/html/schemas/pl.rng"
185 rspec = parse_rspec(rspec_str)
188 rspec.validate(schema)
190 # attempt to use delegated credential first
191 credential = api.getDelegatedCredential(creds)
193 credential = api.getCredential()
195 # get the callers hrn
196 hrn, type = urn_to_hrn(xrn)
197 valid_cred = api.auth.checkCredentials(creds, 'createsliver', hrn)[0]
198 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
199 threads = ThreadManager()
200 for aggregate in api.aggregates:
201 # prevent infinite loop. Dont send request back to caller
202 # unless the caller is the aggregate's SM
203 if caller_hrn == aggregate and aggregate != api.hrn:
205 server = api.aggregates[aggregate]
206 # Just send entire RSpec to each aggregate
207 threads.run(_CreateSliver, server, xrn, credential, rspec.toxml(), users, call_id)
209 results = threads.get_results()
211 for result in results:
215 def RenewSliver(api, xrn, creds, expiration_time, call_id):
216 def _RenewSliver(server, xrn, creds, expiration_time, call_id):
217 server_version = _get_server_version(api, server)
218 args = [xrn, creds, expiration_time, call_id]
219 if _call_id_supported(api, server):
221 return server.RenewSliver(*args)
223 if Callids().already_handled(call_id): return True
225 (hrn, type) = urn_to_hrn(xrn)
226 # get the callers hrn
227 valid_cred = api.auth.checkCredentials(creds, 'renewsliver', hrn)[0]
228 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
230 # attempt to use delegated credential first
231 credential = api.getDelegatedCredential(creds)
233 credential = api.getCredential()
234 threads = ThreadManager()
235 for aggregate in api.aggregates:
236 # prevent infinite loop. Dont send request back to caller
237 # unless the caller is the aggregate's SM
238 if caller_hrn == aggregate and aggregate != api.hrn:
240 server = api.aggregates[aggregate]
241 threads.run(_RenewSliver, server, xrn, [credential], expiration_time, call_id)
243 return reduce (lambda x,y: x and y, threads.get_results() , True)
245 def DeleteSliver(api, xrn, creds, call_id):
246 def _DeleteSliver(server, xrn, creds, call_id):
247 server_version = _get_server_version(api, server)
249 if _call_id_supported(api, server):
251 return server.DeleteSliver(*args)
253 if Callids().already_handled(call_id): return ""
254 (hrn, type) = urn_to_hrn(xrn)
255 # get the callers hrn
256 valid_cred = api.auth.checkCredentials(creds, 'deletesliver', hrn)[0]
257 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
259 # attempt to use delegated credential first
260 credential = api.getDelegatedCredential(creds)
262 credential = api.getCredential()
263 threads = ThreadManager()
264 for aggregate in api.aggregates:
265 # prevent infinite loop. Dont send request back to caller
266 # unless the caller is the aggregate's SM
267 if caller_hrn == aggregate and aggregate != api.hrn:
269 server = api.aggregates[aggregate]
270 threads.run(_DeleteSliver, server, xrn, credential, call_id)
271 threads.get_results()
275 # first draft at a merging SliverStatus
276 def SliverStatus(api, slice_xrn, creds, call_id):
277 def _SliverStatus(server, xrn, creds, call_id):
278 server_version = _get_server_version(api, server)
280 if _call_id_supported(api, server):
282 return server.SliverStatus(*args)
284 if Callids().already_handled(call_id): return {}
285 # attempt to use delegated credential first
286 credential = api.getDelegatedCredential(creds)
288 credential = api.getCredential()
289 threads = ThreadManager()
290 for aggregate in api.aggregates:
291 server = api.aggregates[aggregate]
292 threads.run (_SliverStatus, server, slice_xrn, credential, call_id)
293 results = threads.get_results()
295 # get rid of any void result - e.g. when call_id was hit where by convention we return {}
296 results = [ result for result in results if result and result['geni_resources']]
298 # do not try to combine if there's no result
299 if not results : return {}
301 # otherwise let's merge stuff
304 # mmh, it is expected that all results carry the same urn
305 overall['geni_urn'] = results[0]['geni_urn']
306 overall['pl_login'] = results[0]['pl_login']
307 # append all geni_resources
308 overall['geni_resources'] = \
309 reduce (lambda x,y: x+y, [ result['geni_resources'] for result in results] , [])
310 overall['status'] = 'unknown'
311 if overall['geni_resources']:
312 overall['status'] = 'ready'
318 def ListSlices(api, creds, call_id):
319 def _ListSlices(server, creds, call_id):
320 server_version = _get_server_version(api, server)
322 if _call_id_supported(api, server):
324 return server.ListSlices(*args)
326 if Callids().already_handled(call_id): return []
328 # look in cache first
329 if caching and api.cache:
330 slices = api.cache.get('slices')
334 # get the callers hrn
335 valid_cred = api.auth.checkCredentials(creds, 'listslices', None)[0]
336 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
338 # attempt to use delegated credential first
339 credential = api.getDelegatedCredential(creds)
341 credential = api.getCredential()
342 threads = ThreadManager()
343 # fetch from aggregates
344 for aggregate in api.aggregates:
345 # prevent infinite loop. Dont send request back to caller
346 # unless the caller is the aggregate's SM
347 if caller_hrn == aggregate and aggregate != api.hrn:
349 server = api.aggregates[aggregate]
350 threads.run(_ListSlices, server, credential, call_id)
353 results = threads.get_results()
355 for result in results:
356 slices.extend(result)
359 if caching and api.cache:
360 api.cache.add('slices', slices)
365 def get_ticket(api, xrn, creds, rspec, users):
366 slice_hrn, type = urn_to_hrn(xrn)
367 # get the netspecs contained within the clients rspec
368 aggregate_rspecs = {}
369 tree= etree.parse(StringIO(rspec))
370 elements = tree.findall('./network')
371 for element in elements:
372 aggregate_hrn = element.values()[0]
373 aggregate_rspecs[aggregate_hrn] = rspec
375 # get the callers hrn
376 valid_cred = api.auth.checkCredentials(creds, 'getticket', slice_hrn)[0]
377 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
379 # attempt to use delegated credential first
380 credential = api.getDelegatedCredential(creds)
382 credential = api.getCredential()
383 threads = ThreadManager()
384 for (aggregate, aggregate_rspec) in aggregate_rspecs.iteritems():
385 # prevent infinite loop. Dont send request back to caller
386 # unless the caller is the aggregate's SM
387 if caller_hrn == aggregate and aggregate != api.hrn:
390 if aggregate in api.aggregates:
391 server = api.aggregates[aggregate]
393 net_urn = hrn_to_urn(aggregate, 'authority')
394 # we may have a peer that knows about this aggregate
395 for agg in api.aggregates:
396 target_aggs = api.aggregates[agg].get_aggregates(credential, net_urn)
397 if not target_aggs or not 'hrn' in target_aggs[0]:
399 # send the request to this address
400 url = target_aggs[0]['url']
401 server = xmlrpcprotocol.get_server(url, api.key_file, api.cert_file)
402 # aggregate found, no need to keep looping
406 threads.run(server.GetTicket, xrn, credential, aggregate_rspec, users)
408 results = threads.get_results()
410 # gather information from each ticket
415 for result in results:
416 agg_ticket = SfaTicket(string=result)
417 attrs = agg_ticket.get_attributes()
419 object_gid = agg_ticket.get_gid_object()
420 rspecs.append(agg_ticket.get_rspec())
421 initscripts.extend(attrs.get('initscripts', []))
422 slivers.extend(attrs.get('slivers', []))
425 attributes = {'initscripts': initscripts,
427 merged_rspec = merge_rspecs(rspecs)
429 # create a new ticket
430 ticket = SfaTicket(subject = slice_hrn)
431 ticket.set_gid_caller(api.auth.client_gid)
432 ticket.set_issuer(key=api.key, subject=api.hrn)
433 ticket.set_gid_object(object_gid)
434 ticket.set_pubkey(object_gid.get_pubkey())
435 #new_ticket.set_parent(api.auth.hierarchy.get_auth_ticket(auth_hrn))
436 ticket.set_attributes(attributes)
437 ticket.set_rspec(merged_rspec)
440 return ticket.save_to_string(save_parents=True)
442 def start_slice(api, xrn, creds):
443 hrn, type = urn_to_hrn(xrn)
445 # get the callers hrn
446 valid_cred = api.auth.checkCredentials(creds, 'startslice', hrn)[0]
447 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
449 # attempt to use delegated credential first
450 credential = api.getDelegatedCredential(creds)
452 credential = api.getCredential()
453 threads = ThreadManager()
454 for aggregate in api.aggregates:
455 # prevent infinite loop. Dont send request back to caller
456 # unless the caller is the aggregate's SM
457 if caller_hrn == aggregate and aggregate != api.hrn:
459 server = api.aggregates[aggregate]
460 threads.run(server.Start, xrn, credential)
461 threads.get_results()
464 def stop_slice(api, xrn, creds):
465 hrn, type = urn_to_hrn(xrn)
467 # get the callers hrn
468 valid_cred = api.auth.checkCredentials(creds, 'stopslice', hrn)[0]
469 caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
471 # attempt to use delegated credential first
472 credential = api.getDelegatedCredential(creds)
474 credential = api.getCredential()
475 threads = ThreadManager()
476 for aggregate in api.aggregates:
477 # prevent infinite loop. Dont send request back to caller
478 # unless the caller is the aggregate's SM
479 if caller_hrn == aggregate and aggregate != api.hrn:
481 server = api.aggregates[aggregate]
482 threads.run(server.Stop, xrn, credential)
483 threads.get_results()
486 def reset_slice(api, xrn):
492 def shutdown(api, xrn, creds):
498 def status(api, xrn, creds):
506 r.parseFile(sys.argv[1])
508 CreateSliver(None,'plc.princeton.tmacktestslice',rspec,'create-slice-tmacktestslice')
510 if __name__ == "__main__":