-# Directory where SFA interfaces are installed
-SFA_BASE_DIR="/usr/share/sfa/"
-
# HRN
# Human readable name for the interfaces
SFA_INTERFACE_HRN="plc"
# PLC DB Password
SFA_PLC_DB_PASSWORD=''
+
+# Directory internal data gets stored
+# using /etc/sfa until gec5 but /usr/share/sfa would be a more reasonable choice
+SFA_BASE_DIR="/etc/sfa"
#! /usr/bin/env python
-from __future__ import with_statement
# sfi -- slice-based facility interface
self.credential = None
self.plshell = self.getPLCShell()
self.plshell_version = self.getPLCShellVersion()
- self.basedir = self.config.SFA_BASE_DIR + os.sep
- self.server_basedir = self.basedir + os.sep + "geni" + os.sep
self.hrn = self.config.SFA_INTERFACE_HRN
self.time_format = "%Y-%m-%d %H:%M:%S"
Get our credential from a remote registry using a geniclient connection
"""
type = 'authority'
- path = self.config.config_path
+ path = self.config.SFA_BASE_DIR
filename = ".".join([self.interface, self.hrn, type, "cred"])
cred_filename = path + os.sep + filename
try:
# see if this file exists
# XX This is really the aggregate's credential. Using this is easier than getting
# the registry's credential from iteslf (ssl errors).
- ma_cred_filename = self.server_basedir + os.sep + self.interface + self.hrn + ".ma.cred"
+ ma_cred_filename = self.config.SFA_BASE_DIR + os.sep + self.interface + self.hrn + ".ma.cred"
try:
self.credential = Credential(filename = ma_cred_filename)
except IOError:
self.api = api
self.ttl = ttl
self.threshold = None
- path = self.api.config.config_path
+ path = self.api.config.SFA_BASE_DIR
filename = ".".join([self.api.interface, self.api.hrn, "nodes"])
filepath = path + os.sep + filename
self.nodes_file = filepath
from sfa.util.record import *
from sfa.util.genitable import GeniTable
from sfa.util.misc import *
-from sfa.util.config import *
+from sfa.util.config import Config
from sfa.util.report import trace, error
from sfa.trust.certificate import convert_public_key, Keypair
from sfa.trust.hierarchy import *
from sfa.trust.gid import create_uuid
+config = Config()
+
# get PL account settings from config module
-pl_auth = get_pl_auth()
+plc_auth = config.get_plc_auth()
+shell = None
def connect_shell():
- global pl_auth, shell
-
- # get PL account settings from config module
- pl_auth = get_pl_auth()
+ global plc_auth
# connect to planetlab
- if "Url" in pl_auth:
+ if "Url" in plc_auth:
from sfa.plc.remoteshell import RemoteShell
shell = RemoteShell()
else:
import PLC.Shell
shell = PLC.Shell.Shell(globals = globals())
-
return shell
# connect to planetlab
#root_auth = "planetlab"
#level1_auth = "planetlab.us"
-config = Config()
root_auth = config.SFA_REGISTRY_ROOT_AUTH
level1_auth = config.SFA_REGISTRY_LEVEL1_AUTH
# get the user's private key from the SSH keys they have uploaded
# to planetlab
- keys = shell.GetKeys(pl_auth, key_ids)
+ keys = shell.GetKeys(plc_auth, key_ids)
key = keys[0]['key']
pkey =convert_public_key(key)
else:
if 'person_ids' in site:
for person_id in site['person_ids']:
- persons = shell.GetPersons(pl_auth, [person_id])
+ persons = shell.GetPersons(plc_auth, [person_id])
if persons:
try:
import_person(hrn, persons[0])
trace("Failed to import: %s (%s)" % (persons[0], e))
if 'slice_ids' in site:
for slice_id in site['slice_ids']:
- slices = shell.GetSlices(pl_auth, [slice_id])
+ slices = shell.GetSlices(plc_auth, [slice_id])
if slices:
try:
import_slice(hrn, slices[0])
trace("Failed to import: %s (%s)" % (slices[0], e))
if 'node_ids' in site:
for node_id in site['node_ids']:
- nodes = shell.GetNodes(pl_auth, [node_id])
+ nodes = shell.GetNodes(plc_auth, [node_id])
if nodes:
try:
import_node(hrn, nodes[0])
root = AuthHierarchy.get_auth_info(root_auth)
TrustedRoots.add_gid(root.get_gid_object())
- connect_shell()
-
- sites = shell.GetSites(pl_auth, {'peer_id': None})
+ sites = shell.GetSites(plc_auth, {'peer_id': None})
# create a fake internet2 site first
i2site = {'name': 'Internet2', 'abbreviated_name': 'I2',
'login_base': 'internet2', 'site_id': -1}
from sfa.trust.hierarchy import *
from sfa.util.record import *
from sfa.util.genitable import GeniTable
-from sfa.util.config import *
+from sfa.util.config import Config
def process_options():
process_options()
print "purging geni records from database"
- GeniTable.geni_records_purge(get_default_dbinfo())
+ GeniTable.geni_records_purge(Config().get_plc_dbinfo())
if __name__ == "__main__":
main()
self.api = api
self.ttl = ttl
self.threshold = None
- path = self.api.config.config_path
+ path = self.api.config.SFA_BASE_DIR
filename = ".".join([self.api.interface, self.api.hrn, "slices"])
filepath = path + os.sep + filename
self.slices_file = filepath
from sfa.trust.gid import GID, create_uuid
from sfa.util.misc import *
-from sfa.util.config import *
+from sfa.util.config import Config
from sfa.util.sfaticket import SfaTicket
##
def __init__(self, basedir = None):
if not basedir:
config = Config()
- basedir = os.path.join(config.config_path, "authorities")
+ basedir = os.path.join(config.SFA_BASE_DIR, "authorities")
self.basedir = basedir
##
# Given a hrn, return the filenames of the GID, private key, and dbinfo
# XXX TODO: think up a better way for the dbinfo to work
- dbinfo = get_default_dbinfo()
+ dbinfo = Config().get_plc_dbinfo()
dbinfo_file = file(dbinfo_filename, "w")
dbinfo_file.write(str(dbinfo))
dbinfo_file.close()
class TrustedRootList:
def __init__(self, dir=None):
if not dir:
- config = Config()
- dir = config.config_path + os.sep + 'trusted_roots'
+ # keep trusted roots in /etc/sfa
+ dir = Config().config_path + os.sep + 'trusted_roots'
self.basedir = dir
# create the directory to hold the files
raise IOError, "Could not find the configuration file: %s" % config_file
-def get_default_dbinfo():
- config = Config()
- dbinfo={
- 'dbname' : config.SFA_PLC_DB_NAME,
- 'address' : config.SFA_PLC_DB_HOST,
- 'port' : config.SFA_PLC_DB_PORT,
- 'user' : config.SFA_PLC_DB_USER,
- 'password' : config.SFA_PLC_DB_PASSWORD
- }
- return dbinfo
+ def get_plc_dbinfo(self):
+ return {
+ 'dbname' : self.SFA_PLC_DB_NAME,
+ 'address' : self.SFA_PLC_DB_HOST,
+ 'port' : self.SFA_PLC_DB_PORT,
+ 'user' : self.SFA_PLC_DB_USER,
+ 'password' : self.SFA_PLC_DB_PASSWORD
+ }
-##
-# Geniwrapper uses a PLCAPI connection to perform operations on the registry,
-# such as creating and deleting slices. This connection requires an account
-# on the PLC server with full administrator access.
-#
-# The Url parameter controls whether the connection uses PLCAPI directly (i.e.
-# Geniwrapper is located on the same machine as PLC), or uses a XMLRPC connection
-# to the PLC machine. If you wish to use the API directly, then remove the Url
-# field from the dictionary.
+ ##
+ # Geniwrapper uses a PLCAPI connection to perform operations on the registry,
+ # such as creating and deleting slices. This connection requires an account
+ # on the PLC server with full administrator access.
+ #
+ # The Url parameter controls whether the connection uses PLCAPI directly (i.e.
+ # Geniwrapper is located on the same machine as PLC), or uses a XMLRPC connection
+ # to the PLC machine. If you wish to use the API directly, then remove the Url
+ # field from the dictionary.
-def get_pl_auth():
- config = Config()
- pl_auth = {
- 'Username': config.SFA_PLC_USER,
- 'AuthMethod': 'capability',
- 'AuthString': config.SFA_PLC_PASSWORD,
- "Url": config.SFA_PLC_URL
- }
- return pl_auth
+ def get_plc_auth(self):
+ return {
+ 'AuthMethod': 'capability',
+ 'Username': self.SFA_PLC_USER,
+ 'AuthString': self.SFA_PLC_PASSWORD,
+ "Url": self.SFA_PLC_URL
+ }
def __init__(self, api):
self.api = api
- path = self.api.config.config_path
+ path = self.api.config.SFA_BASE_DIR
filename = ".".join([self.api.interface, self.api.hrn, "policy"])
filepath = path + os.sep + filename
self.policy_file = filepath