[sfa.git] / sfa / server / sfa-server.py

#!/usr/bin/python
#
### $Id$
### $URL$
#
# GENI PLC Wrapper
#
# This wrapper implements the Geni Registry and Slice Interfaces on PLC.
# Depending on command line options, it starts some combination of a
# Registry, an Aggregate Manager, and a Slice Manager.
#
# There are several items that need to be done before starting the wrapper
# server.
#
# NOTE:  Many configuration settings, including the PLC maintenance account
# credentials, URI of the PLCAPI, and PLC DB URI and admin credentials are initialized
# from your MyPLC configuration (/etc/planetlab/plc_config*).  Please make sure this information
# is up to date and accurate.
#
# 1) Import the existing planetlab database, creating the
#    appropriate geni records. This is done by running the "sfa-import-plc.py" tool.
#
# 2) Create a "trusted_roots" directory and place the certificate of the root
#    authority in that directory. Given the defaults in sfa-import-plc.py, this
#    certificate would be named "planetlab.gid". For example,
#
#    mkdir trusted_roots; cp authorities/planetlab.gid trusted_roots/
#
# TODO: Can all three servers use the same "registry" certificate?
##

# TCP ports for the three servers
registry_port=12345
aggregate_port=12346
slicemgr_port=12347

import os, os.path
import sys
from optparse import OptionParser

from sfa.trust.trustedroot import TrustedRootList
from sfa.trust.certificate import Keypair, Certificate

from sfa.server.registry import Registry
from sfa.server.aggregate import Aggregate
from sfa.server.slicemgr import SliceMgr
from sfa.trust.hierarchy import Hierarchy
from sfa.util.config import Config
from sfa.util.report import trace

# after http://www.erlenstar.demon.co.uk/unix/faq_2.html
def daemon():
    """Daemonize the current process."""
    if os.fork() != 0: os._exit(0)
    os.setsid()
    if os.fork() != 0: os._exit(0)
    os.umask(0)
    devnull = os.open(os.devnull, os.O_RDWR)
    os.dup2(devnull, 0)
    # xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull
    crashlog = os.open('/var/log/sfa.daemon', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
    os.dup2(crashlog, 1)
    os.dup2(crashlog, 2)

def main():
    # xxx get rid of globals - name consistently CamelCase or under_score
    global AuthHierarchy
    global TrustedRoots
    global registry_port
    global aggregate_port
    global slicemgr_port

    # Generate command line parser
    parser = OptionParser(usage="sfa-server [options]")
    parser.add_option("-r", "--registry", dest="registry", action="store_true",
         help="run registry server", default=False)
    parser.add_option("-s", "--slicemgr", dest="sm", action="store_true",
         help="run slice manager", default=False)
    parser.add_option("-a", "--aggregate", dest="am", action="store_true",
         help="run aggregate manager", default=False)
    parser.add_option("-v", "--verbose", dest="verbose", action="store_true", 
         help="verbose mode", default=False)
    parser.add_option("-d", "--daemon", dest="daemon", action="store_true",
         help="Run as daemon.", default=False)
    (options, args) = parser.parse_args()

    config = Config()
    hierarchy = Hierarchy()
    trusted_roots = TrustedRootList(config.get_trustedroots_dir())
    server_key_file = os.path.join(hierarchy.basedir, "server.key")
    server_cert_file = os.path.join(hierarhy.basedir, "server.cert")
    # XX TODO: Subject should be the interfaces's hrn
    subject = "registry" 
    if (options.daemon):  daemon()
    
    # check if the server's private key exists. If it doesnt,
    # get the right one from the authorities directory. If it cant be
    # found in the authorities directory, generate a random one
    if not os.path.exists(server_key_file):
        hrn = config.SFA_INTERFACE_HRN.lower()
        key_file = os.sep.join([hierarchy.basedir, hrn, hrn+".pkey"])
        if not os.path.exists(key_file):
            # if it doesnt exist then this is probably a fresh interface
            # with no records. Generate a random keypair for now
            trace("server's public key not found in %s" % key_file)
            trace("generating a random server key pair")
            key = Keypair(create=True)
            key.save_to_file(server_key_file)
            cert = Certificate(subject=subject)
            cert.set_issuer(key=key, subject=subject)
            cert.set_pubkey(key)
            cert.sign()
            cert.save_to_file(server_cert_file)

        else:
            # the pkey was found in the authorites directory. lets 
            # copy it to where the server key should be and generate
            # the cert
            key = Keypair(filename=key_file)
            key.save_to_file(server_key_file)
            cert = Certificate(subject=subject)
            cert.set_issuer(key=key, subject=subject)
            cert.set_pubkey(key)
            cert.sign()
            cert.save_to_file(server_cert_file)
             

    # If private key exists and cert doesnt, recreate cert
    if (os.path.exists(server_key_file)) and (not os.path.exists(server_cert_file)):
        key = Keypair(filename=server_key_file)
        cert = Certificate(subject=subject)
        cert.set_issuer(key=key, subject=subject)
        cert.set_pubkey(key)
        cert.sign()
        cert.save_to_file(server_cert_file)

    # start registry server
    if (options.registry):
        r = Registry("", registry_port, server_key_file, server_cert_file)
        r.start()

    # start aggregate manager
    if (options.am):
        a = Aggregate("", aggregate_port, server_key_file, server_cert_file)
        a.start()

    # start slice manager
    if (options.sm):
        s = SliceMgr("", slicemgr_port, server_key_file, server_cert_file)
        s.start()

if __name__ == "__main__":
    main()