8 # This wrapper implements the Geni Registry and Slice Interfaces on PLC.
9 # Depending on command line options, it starts some combination of a
10 # Registry, an Aggregate Manager, and a Slice Manager.
12 # There are several items that need to be done before starting the wrapper
15 # NOTE: Many configuration settings, including the PLC maintenance account
16 # credentials, URI of the PLCAPI, and PLC DB URI and admin credentials are initialized
17 # from your MyPLC configuration (/etc/planetlab/plc_config*). Please make sure this information
18 # is up to date and accurate.
20 # 1) Import the existing planetlab database, creating the
21 # appropriate geni records. This is done by running the "sfa-import-plc.py" tool.
23 # 2) Create a "trusted_roots" directory and place the certificate of the root
24 # authority in that directory. Given the defaults in sfa-import-plc.py, this
25 # certificate would be named "planetlab.gid". For example,
27 # mkdir trusted_roots; cp authorities/planetlab.gid trusted_roots/
29 # TODO: Can all three servers use the same "registry" certificate?
32 # TCP ports for the three servers
39 from optparse import OptionParser
41 from sfa.trust.trustedroot import TrustedRootList
42 from sfa.trust.certificate import Keypair, Certificate
44 from sfa.server.registry import Registry
45 from sfa.server.aggregate import Aggregate
46 from sfa.server.slicemgr import SliceMgr
47 from sfa.trust.hierarchy import Hierarchy
48 from sfa.util.config import Config
49 from sfa.util.report import trace
51 # after http://www.erlenstar.demon.co.uk/unix/faq_2.html
53 """Daemonize the current process."""
54 if os.fork() != 0: os._exit(0)
56 if os.fork() != 0: os._exit(0)
58 devnull = os.open(os.devnull, os.O_RDWR)
60 # xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull
61 crashlog = os.open('/var/log/sfa.daemon', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644)
66 # xxx get rid of globals - name consistently CamelCase or under_score
73 # Generate command line parser
74 parser = OptionParser(usage="sfa-server [options]")
75 parser.add_option("-r", "--registry", dest="registry", action="store_true",
76 help="run registry server", default=False)
77 parser.add_option("-s", "--slicemgr", dest="sm", action="store_true",
78 help="run slice manager", default=False)
79 parser.add_option("-a", "--aggregate", dest="am", action="store_true",
80 help="run aggregate manager", default=False)
81 parser.add_option("-v", "--verbose", dest="verbose", action="store_true",
82 help="verbose mode", default=False)
83 parser.add_option("-d", "--daemon", dest="daemon", action="store_true",
84 help="Run as daemon.", default=False)
85 (options, args) = parser.parse_args()
88 hierarchy = Hierarchy()
89 trusted_roots = TrustedRootList(config.get_trustedroots_dir())
90 server_key_file = os.path.join(hierarchy.basedir, "server.key")
91 server_cert_file = os.path.join(hierarhy.basedir, "server.cert")
92 # XX TODO: Subject should be the interfaces's hrn
94 if (options.daemon): daemon()
96 # check if the server's private key exists. If it doesnt,
97 # get the right one from the authorities directory. If it cant be
98 # found in the authorities directory, generate a random one
99 if not os.path.exists(server_key_file):
100 hrn = config.SFA_INTERFACE_HRN.lower()
101 key_file = os.sep.join([hierarchy.basedir, hrn, hrn+".pkey"])
102 if not os.path.exists(key_file):
103 # if it doesnt exist then this is probably a fresh interface
104 # with no records. Generate a random keypair for now
105 trace("server's public key not found in %s" % key_file)
106 trace("generating a random server key pair")
107 key = Keypair(create=True)
108 key.save_to_file(server_key_file)
109 cert = Certificate(subject=subject)
110 cert.set_issuer(key=key, subject=subject)
113 cert.save_to_file(server_cert_file)
116 # the pkey was found in the authorites directory. lets
117 # copy it to where the server key should be and generate
119 key = Keypair(filename=key_file)
120 key.save_to_file(server_key_file)
121 cert = Certificate(subject=subject)
122 cert.set_issuer(key=key, subject=subject)
125 cert.save_to_file(server_cert_file)
128 # If private key exists and cert doesnt, recreate cert
129 if (os.path.exists(server_key_file)) and (not os.path.exists(server_cert_file)):
130 key = Keypair(filename=server_key_file)
131 cert = Certificate(subject=subject)
132 cert.set_issuer(key=key, subject=subject)
135 cert.save_to_file(server_cert_file)
137 # start registry server
138 if (options.registry):
139 r = Registry("", registry_port, server_key_file, server_cert_file)
142 # start aggregate manager
144 a = Aggregate("", aggregate_port, server_key_file, server_cert_file)
147 # start slice manager
149 s = SliceMgr("", slicemgr_port, server_key_file, server_cert_file)
152 if __name__ == "__main__":