allocated = manager.delete_slice(api, slice_xrn)
return allocated
-
\ No newline at end of file
+
+def SliverStatus(api, slice_xrn):
+ result = {}
+ result['geni_urn'] = slice_xrn
+ result['geni_status'] = 'unknown'
+ result['geni_resources'] = {}
+ return result
+
+def RenewSliver(api, slice_xrn, creds, renew_time):
+ return False
\ No newline at end of file
class DeleteSliver(Method):
"""
- Allocate resources to a slice. This operation is expected to
- start the allocated resources asynchornously after the operation
- has successfully completed. Callers can check on the status of
+ Delete sliver from a slice. Callers can check on the status of
the resources using SliverStatus.
@param slice_urn (string) URN of slice to allocate to
@param credentials ([string]) of credentials
- @param rspec (string) rspec to allocate
"""
interfaces = ['geni_am']
--- /dev/null
+from sfa.util.faults import *
+from sfa.util.namespace import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter
+from sfa.trust.credential import Credential
+from dateutil.parser import parse
+
+class RenewSliver(Method):
+ """
+ Renews the resources in a sliver, extending the lifetime of the slice.
+ @param slice_urn (string) URN of slice to renew
+ @param credentials ([string]) of credentials
+ @param expiration_time (string) requested time of expiration
+
+ """
+ interfaces = ['geni_am']
+ accepts = [
+ Parameter(str, "Slice URN"),
+ Parameter(type([str]), "List of credentials"),
+ Parameter(str, "Expiration time in RFC 3339 format")
+ ]
+ returns = Parameter(bool, "Success or Failure")
+
+ def call(self, slice_xrn, creds, expiration_time):
+ hrn, type = urn_to_hrn(slice_xrn)
+
+ self.api.logger.info("interface: %s\ttarget-hrn: %s\tcaller-creds: %s\tmethod-name: %s"%(self.api.interface, hrn, creds, self.name))
+
+ # Validate that at least one of the credentials is good enough
+ found = False
+ validCred = None
+ for cred in creds:
+ try:
+ self.api.auth.check(cred, 'renewsliver')
+ validCred = cred
+ found = True
+ break
+ except:
+ continue
+
+ if not found:
+ raise InsufficientRights('SliverStatus: Credentials either did not verify, were no longer valid, or did not have appropriate privileges')
+
+ # Validate that the time does not go beyond the credential's expiration time
+ requested_time = parse(expiration_time)
+ if requested_time > Credential(string=validCred).get_lifetime():
+ raise InsufficientRights('SliverStatus: Credential expires before requested expiration time')
+
+ manager_base = 'sfa.managers'
+
+ if self.api.interface in ['geni_am']:
+ mgr_type = self.api.config.SFA_GENI_AGGREGATE_TYPE
+ manager_module = manager_base + ".geni_am_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+ return manager.RenewSliver(self.api, slice_xrn, creds, expiration_time)
+
+ return ''
+
--- /dev/null
+from sfa.util.faults import *
+from sfa.util.namespace import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter
+
+class SliverStatus(Method):
+ """
+ Get the status of a sliver
+
+ @param slice_urn (string) URN of slice to allocate to
+ @param credentials ([string]) of credentials
+
+ """
+ interfaces = ['geni_am']
+ accepts = [
+ Parameter(str, "Slice URN"),
+ Parameter(type([str]), "List of credentials"),
+ ]
+ returns = Parameter(bool, "Success or Failure")
+
+ def call(self, slice_xrn, creds):
+ hrn, type = urn_to_hrn(slice_xrn)
+
+ self.api.logger.info("interface: %s\ttarget-hrn: %s\tcaller-creds: %s\tmethod-name: %s"%(self.api.interface, hrn, creds, self.name))
+
+ # Validate that at least one of the credentials is good enough
+ found = False
+ for cred in creds:
+ try:
+ self.api.auth.check(cred, 'sliverstatus')
+ found = True
+ break
+ except:
+ continue
+
+ if not found:
+ raise InsufficientRights('SliverStatus: Credentials either did not verify, were no longer valid, or did not have appropriate privileges')
+
+
+ manager_base = 'sfa.managers'
+
+ if self.api.interface in ['geni_am']:
+ mgr_type = self.api.config.SFA_GENI_AGGREGATE_TYPE
+ manager_module = manager_base + ".geni_am_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+ return manager.SliverStatus(self.api, slice_xrn, creds)
+
+ return ''
+
CreateSliver
get_geni_aggregates
DeleteSliver
+SliverStatus
+RenewSliver
""".split()
from sfa.util.faults import *
from sfa.util.sfalogging import logger
+from dateutil.parser import parse
-# Two years, in minutes
-DEFAULT_CREDENTIAL_LIFETIME = 1051200
+# Two years, in seconds
+DEFAULT_CREDENTIAL_LIFETIME = 60 * 60 * 24 * 365 * 2
# TODO:
#
# @param lifetime lifetime of credential
# . if lifeTime is a datetime object, it is used for the expiration time
- # . if lifeTime is an integer value, it is considered the number of minutes
+ # . if lifeTime is an integer value, it is considered the number of seconds
# remaining before expiration
def set_lifetime(self, lifeTime):
if isinstance(lifeTime, int):
- self.expiration = datetime.timedelta(seconds=lifeTime*60) + datetime.datetime.utcnow()
+ self.expiration = datetime.timedelta(seconds=lifeTime) + datetime.datetime.utcnow()
else:
self.expiration = lifeTime
##
- # get the lifetime of the credential (in minutes)
+ # get the lifetime of the credential (in datetime format)
def get_lifetime(self):
if not self.expiration:
append_sub(doc, cred, "target_urn", self.gidObject.get_urn())
append_sub(doc, cred, "uuid", "")
if not self.expiration:
- self.set_lifetime(3600)
+ self.set_lifetime(DEFAULT_CREDENTIAL_LIFETIME)
self.expiration = self.expiration.replace(microsecond=0)
append_sub(doc, cred, "expires", self.expiration.isoformat())
privileges = doc.createElement("privileges")
self.set_refid(cred.getAttribute("xml:id"))
- sz_expires = getTextNode(cred, "expires")
- if sz_expires != '':
- self.expiration = datetime.datetime.strptime(sz_expires, '%Y-%m-%dT%H:%M:%S')
- self.lifeTime = getTextNode(cred, "expires")
+ self.set_lifetime(parse(getTextNode(cred, "expires")))
self.gidCaller = GID(string=getTextNode(cred, "owner_gid"))
self.gidObject = GID(string=getTextNode(cred, "target_gid"))
"refresh": ["remove", "update"],
"resolve": ["resolve", "list", "getcredential", "listresources", "getversion"],
"sa": ["getticket", "redeemslice", "redeemticket", "createslice", "deleteslice", "updateslice",
- "getsliceresources", "getticket", "loanresources", "stopslice", "startslice",
- "deleteslice", "resetslice", "listslices", "listnodes", "getpolicy", "createsliver"],
+ "getsliceresources", "getticket", "loanresources", "stopslice", "startslice", "renewsliver",
+ "deleteslice", "resetslice", "listslices", "listnodes", "getpolicy", "createsliver", "sliverestatus"],
"embed": ["getticket", "redeemslice", "redeemticket", "createslice", "createsliver", "deleteslice", "updateslice", "getsliceresources"],
"bind": ["getticket", "loanresources", "redeemticket"],
"control": ["updateslice", "createslice", "createsliver", "stopslice", "startslice", "deleteslice", "resetslice", "getsliceresources", "getgids"],
return result
- ## delete slice
- #
- # @param cred a credential
- # @param hrn slice to delete
- def delete_slice(self, cred, hrn, caller_cred=None):
- result = self.server.delete_slice(cred.save_to_string(save_parents=True), hrn, caller_cred)
- return result
+
# ------------------------------------------------------------------------
# Slice Interface