sfa/plc/plccomponentapi.py

   1 import os
   2 import tempfile
   3
   4 import sfa.util.xmlrpcprotocol as xmlrpcprotocol
   5 from sfa.util.nodemanager import NodeManager
   6
   7 from sfa.trust.credential import Credential
   8 from sfa.trust.certificate import Certificate, Keypair
   9 from sfa.trust.gid import GID
  10
  11 from sfa.server.sfaapi import SfaApi
  12
  13 ####################
  14 class PlcComponentApi(SfaApi):
  15     """
  16     This class is the type for the toplevel 'api' object
  17     when running the component manager inside a planetlab node.
  18     As such it runs an SFA-compliant interface and thus inherits SfaApi
  19     However the fact that we run inside a planetlab nodes requires
  20     some tweaks as compared with a service running in the infrastructure.
  21     """
  22
  23     def __init__ (self, encoding="utf-8", methods='sfa.methods',
  24                   config = "/etc/sfa/sfa_config.py",
  25                   peer_cert = None, interface = None,
  26                   key_file = None, cert_file = None, cache = None):
  27         SfaApi.__init__(self, encoding=encoding, methods=methods,
  28                         config=config,
  29                         peer_cert=peer_cert, interface=interface,
  30                         key_file=key_file,
  31                         cert_file=cert_file, cache=cache)
  32
  33         self.nodemanager = NodeManager(self.config)
  34
  35     def sliver_exists(self):
  36         sliver_dict = self.nodemanager.GetXIDs()
  37         ### xxx slicename is undefined
  38         if slicename in sliver_dict.keys():
  39             return True
  40         else:
  41             return False
  42
  43     def get_registry(self):
  44         addr, port = self.config.SFA_REGISTRY_HOST, self.config.SFA_REGISTRY_PORT
  45         url = "http://%(addr)s:%(port)s" % locals()
  46         server = xmlrpcprotocol.get_server(url, self.key_file, self.cert_file)
  47         return server
  48
  49     def get_node_key(self):
  50         # this call requires no authentication,
  51         # so we can generate a random keypair here
  52         subject="component"
  53         (kfd, keyfile) = tempfile.mkstemp()
  54         (cfd, certfile) = tempfile.mkstemp()
  55         key = Keypair(create=True)
  56         key.save_to_file(keyfile)
  57         cert = Certificate(subject=subject)
  58         cert.set_issuer(key=key, subject=subject)
  59         cert.set_pubkey(key)
  60         cert.sign()
  61         cert.save_to_file(certfile)
  62         registry = self.get_registry()
  63         # the registry will scp the key onto the node
  64         registry.get_key()
  65
  66     # override the method in SfaApi
  67     def getCredential(self):
  68         """
  69         Get our credential from a remote registry
  70         """
  71         path = self.config.SFA_DATA_DIR
  72         config_dir = self.config.config_path
  73         cred_filename = path + os.sep + 'node.cred'
  74         try:
  75             credential = Credential(filename = cred_filename)
  76             return credential.save_to_string(save_parents=True)
  77         except IOError:
  78             node_pkey_file = config_dir + os.sep + "node.key"
  79             node_gid_file = config_dir + os.sep + "node.gid"
  80             cert_filename = path + os.sep + 'server.cert'
  81             if not os.path.exists(node_pkey_file) or \
  82                not os.path.exists(node_gid_file):
  83                 self.get_node_key()
  84
  85             # get node's hrn
  86             gid = GID(filename=node_gid_file)
  87             hrn = gid.get_hrn()
  88             # get credential from registry
  89             cert_str = Certificate(filename=cert_filename).save_to_string(save_parents=True)
  90             registry = self.get_registry()
  91             cred = registry.GetSelfCredential(cert_str, hrn, 'node')
  92             # xxx credfile is undefined
  93             Credential(string=cred).save_to_file(credfile, save_parents=True)
  94
  95             return cred
  96
  97     def clean_key_cred(self):
  98         """
  99         remove the existing keypair and cred  and generate new ones
 100         """
 101         files = ["server.key", "server.cert", "node.cred"]
 102         for f in files:
 103             # xxx KEYDIR is undefined, could be meant to be "/var/lib/sfa/" from sfa_component_setup.py
 104             filepath = KEYDIR + os.sep + f
 105             if os.path.isfile(filepath):
 106                 os.unlink(f)
 107
 108         # install the new key pair
 109         # GetCredential will take care of generating the new keypair
 110         # and credential
 111         self.get_node_key()
 112         self.getCredential()