however, this remains as-is in all importers, as well as sfaclientlib/manifolduploader
24 files changed:
self.options = options
self.user = None
self.authority = None
self.options = options
self.user = None
self.authority = None
- self.logger = logger
- self.logger.enable_console()
+ logger.enable_console()
# various auxiliary material that we keep at hand
self.command = None
# need to call this other than just 'config' as we have a
# various auxiliary material that we keep at hand
self.command = None
# need to call this other than just 'config' as we have a
msg = "Invalid command\n"
msg += "Commands: "
msg += ','.join(commands_list)
msg = "Invalid command\n"
msg += "Commands: "
msg += ','.join(commands_list)
- self.logger.critical(msg)
sys.exit(2)
# retrieve args_string
sys.exit(2)
# retrieve args_string
sys.exit(1)
self.options = options
sys.exit(1)
self.options = options
- self.logger.setLevelFromOptVerbose(self.options.verbose)
+ logger.setLevelFromOptVerbose(self.options.verbose)
- self.logger.critical("No command given. Use -h for help.")
+ logger.critical("No command given. Use -h for help.")
self.print_commands_help(options)
return -1
self.print_commands_help(options)
return -1
self.read_config()
self.bootstrap()
self.read_config()
self.bootstrap()
- self.logger.debug("Command={}".format(self.command))
+ logger.debug("Command={}".format(self.command))
try:
retcod = self.dispatch(command, command_options, command_args)
except SystemExit:
return 1
except:
try:
retcod = self.dispatch(command, command_options, command_args)
except SystemExit:
return 1
except:
- self.logger.log_exc("sfi command {} failed".format(command))
+ logger.log_exc("sfi command {} failed".format(command))
config.save(config_file)
except:
config.save(config_file)
except:
"Failed to read configuration file {}".format(config_file))
"Failed to read configuration file {}".format(config_file))
"Make sure to remove the export clauses and to add quotes")
if self.options.verbose == 0:
"Make sure to remove the export clauses and to add quotes")
if self.options.verbose == 0:
- self.logger.info("Re-run with -v for more details")
+ logger.info("Re-run with -v for more details")
"Could not read config file {}".format(config_file))
sys.exit(1)
"Could not read config file {}".format(config_file))
sys.exit(1)
elif hasattr(config, "SFI_SM"):
self.sm_url = config.SFI_SM
else:
elif hasattr(config, "SFI_SM"):
self.sm_url = config.SFI_SM
else:
"You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in {}".format(config_file))
errors += 1
"You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in {}".format(config_file))
errors += 1
elif hasattr(config, "SFI_REGISTRY"):
self.reg_url = config.SFI_REGISTRY
else:
elif hasattr(config, "SFI_REGISTRY"):
self.reg_url = config.SFI_REGISTRY
else:
"You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in {}".format(config_file))
errors += 1
"You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in {}".format(config_file))
errors += 1
elif hasattr(config, "SFI_USER"):
self.user = config.SFI_USER
else:
elif hasattr(config, "SFI_USER"):
self.user = config.SFI_USER
else:
"You need to set e.g. SFI_USER='plc.princeton.username' in {}".format(config_file))
errors += 1
"You need to set e.g. SFI_USER='plc.princeton.username' in {}".format(config_file))
errors += 1
elif hasattr(config, "SFI_AUTH"):
self.authority = config.SFI_AUTH
else:
elif hasattr(config, "SFI_AUTH"):
self.authority = config.SFI_AUTH
else:
"You need to set e.g. SFI_AUTH='plc.princeton' in {}".format(config_file))
errors += 1
"You need to set e.g. SFI_AUTH='plc.princeton' in {}".format(config_file))
errors += 1
# init self-signed cert, user credentials and gid
def bootstrap(self):
if self.options.verbose:
# init self-signed cert, user credentials and gid
def bootstrap(self):
if self.options.verbose:
"Initializing SfaClientBootstrap with {}".format(self.reg_url))
client_bootstrap = SfaClientBootstrap(self.user, self.reg_url, self.options.sfi_dir,
"Initializing SfaClientBootstrap with {}".format(self.reg_url))
client_bootstrap = SfaClientBootstrap(self.user, self.reg_url, self.options.sfi_dir,
# if -k is provided, use this to initialize private key
if self.options.user_private_key:
client_bootstrap.init_private_key_if_missing(
# if -k is provided, use this to initialize private key
if self.options.user_private_key:
client_bootstrap.init_private_key_if_missing(
# trigger legacy compat code if needed
# the name has changed from just <leaf>.pkey to <hrn>.pkey
if not os.path.isfile(client_bootstrap.private_key_filename()):
# trigger legacy compat code if needed
# the name has changed from just <leaf>.pkey to <hrn>.pkey
if not os.path.isfile(client_bootstrap.private_key_filename()):
- self.logger.info("private key not found, trying legacy name")
+ logger.info("private key not found, trying legacy name")
try:
legacy_private_key = os.path.join(self.options.sfi_dir, "{}.pkey"
.format(Xrn.unescape(get_leaf(self.user))))
try:
legacy_private_key = os.path.join(self.options.sfi_dir, "{}.pkey"
.format(Xrn.unescape(get_leaf(self.user))))
- self.logger.debug("legacy_private_key={}"
+ logger.debug("legacy_private_key={}"
.format(legacy_private_key))
client_bootstrap.init_private_key_if_missing(
legacy_private_key)
.format(legacy_private_key))
client_bootstrap.init_private_key_if_missing(
legacy_private_key)
- self.logger.info("Copied private key from legacy location {}"
+ logger.info("Copied private key from legacy location {}"
.format(legacy_private_key))
except:
.format(legacy_private_key))
except:
- self.logger.log_exc("Can't find private key ")
+ logger.log_exc("Can't find private key ")
sys.exit(1)
# make it bootstrap
sys.exit(1)
# make it bootstrap
def my_authority_credential_string(self):
if not self.authority:
def my_authority_credential_string(self):
if not self.authority:
"no authority specified. Use -a or set SF_AUTH")
sys.exit(-1)
return self.client_bootstrap.authority_credential_string(self.authority)
"no authority specified. Use -a or set SF_AUTH")
sys.exit(-1)
return self.client_bootstrap.authority_credential_string(self.authority)
object_hrn = object_gid.get_hrn()
if not object_cred.get_privileges().get_all_delegate():
object_hrn = object_gid.get_hrn()
if not object_cred.get_privileges().get_all_delegate():
- self.logger.error("Object credential {} does not have delegate bit set"
+ logger.error("Object credential {} does not have delegate bit set"
.format(object_hrn))
return
.format(object_hrn))
return
def registry(self):
# cache the result
if not hasattr(self, 'registry_proxy'):
def registry(self):
# cache the result
if not hasattr(self, 'registry_proxy'):
- self.logger.info("Contacting Registry at: {}".format(self.reg_url))
+ logger.info("Contacting Registry at: {}".format(self.reg_url))
self.registry_proxy \
= SfaServerProxy(self.reg_url, self.private_key, self.my_gid,
timeout=self.options.timeout, verbose=self.options.debug)
self.registry_proxy \
= SfaServerProxy(self.reg_url, self.private_key, self.my_gid,
timeout=self.options.timeout, verbose=self.options.debug)
records = self.registry().Resolve(node_hrn, self.my_credential_string)
records = filter_records('node', records)
if not records:
records = self.registry().Resolve(node_hrn, self.my_credential_string)
records = filter_records('node', records)
if not records:
"No such component:{}".format(opts.component))
record = records[0]
cm_url = "http://{}:{}/".format(record['hostname'], CM_PORT)
"No such component:{}".format(opts.component))
record = records[0]
cm_url = "http://{}:{}/".format(record['hostname'], CM_PORT)
# the config
if not self.sm_url.startswith('http://') or self.sm_url.startswith('https://'):
self.sm_url = 'http://' + self.sm_url
# the config
if not self.sm_url.startswith('http://') or self.sm_url.startswith('https://'):
self.sm_url = 'http://' + self.sm_url
"Contacting Slice Manager at: {}".format(self.sm_url))
self.sliceapi_proxy \
= SfaServerProxy(self.sm_url, self.private_key, self.my_gid,
"Contacting Slice Manager at: {}".format(self.sm_url))
self.sliceapi_proxy \
= SfaServerProxy(self.sm_url, self.private_key, self.my_gid,
cache = Cache(cache_file)
except IOError:
cache = Cache()
cache = Cache(cache_file)
except IOError:
cache = Cache()
- self.logger.info("Local cache not found at: {}".format(cache_file))
+ logger.info("Local cache not found at: {}".format(cache_file))
if cache:
version = cache.get(cache_key)
if cache:
version = cache.get(cache_key)
version = ReturnValue.get_value(result)
# cache version for 20 minutes
cache.add(cache_key, version, ttl=60 * 20)
version = ReturnValue.get_value(result)
# cache version for 20 minutes
cache.add(cache_key, version, ttl=60 * 20)
- self.logger.info("Updating cache file {}".format(cache_file))
+ logger.info("Updating cache file {}".format(cache_file))
cache.save_to_file(cache_file)
return version
cache.save_to_file(cache_file)
return version
if (os.path.isfile(file)):
return file
else:
if (os.path.isfile(file)):
return file
else:
- self.logger.critical("No such rspec file {}".format(rspec))
+ logger.critical("No such rspec file {}".format(rspec))
sys.exit(1)
def get_record_file(self, record):
sys.exit(1)
def get_record_file(self, record):
if (os.path.isfile(file)):
return file
else:
if (os.path.isfile(file)):
return file
else:
"No such registry record file {}".format(record))
sys.exit(1)
"No such registry record file {}".format(record))
sys.exit(1)
hrn, self.my_credential_string, resolve_options)
record_dicts = filter_records(options.type, record_dicts)
if not record_dicts:
hrn, self.my_credential_string, resolve_options)
record_dicts = filter_records(options.type, record_dicts)
if not record_dicts:
- self.logger.error("No record of type {}".format(options.type))
+ logger.error("No record of type {}".format(options.type))
return
# user has required to focus on some keys
if options.keys:
return
# user has required to focus on some keys
if options.keys:
else:
filename = os.sep.join(
[self.options.sfi_dir, '{}.gid'.format(target_hrn)])
else:
filename = os.sep.join(
[self.options.sfi_dir, '{}.gid'.format(target_hrn)])
- self.logger.info("writing {} gid to {}".format(target_hrn, filename))
+ logger.info("writing {} gid to {}".format(target_hrn, filename))
GID(string=gid).save_to_file(filename)
# xxx should analyze result
return 0
GID(string=gid).save_to_file(filename)
# xxx should analyze result
return 0
filename = os.path.join(self.options.sfi_dir,
"{}_for_{}.{}.cred".format(message, to_hrn, to_type))
delegated_credential.save_to_file(filename, save_parents=True)
filename = os.path.join(self.options.sfi_dir,
"{}_for_{}.{}.cred".format(message, to_hrn, to_type))
delegated_credential.save_to_file(filename, save_parents=True)
- self.logger.info("delegated credential for {} to {} and wrote to {}"
+ logger.info("delegated credential for {} to {} and wrote to {}"
.format(message, to_hrn, filename))
####################
.format(message, to_hrn, filename))
####################
self.print_help()
sys.exit(1)
# enable info by default
self.print_help()
sys.exit(1)
# enable info by default
- self.logger.setLevelFromOptVerbose(self.options.verbose + 1)
+ logger.setLevelFromOptVerbose(self.options.verbose + 1)
# the rough sketch goes like this
# (0) produce a p12 file
self.client_bootstrap.my_pkcs12()
# the rough sketch goes like this
# (0) produce a p12 file
self.client_bootstrap.my_pkcs12()
sys.exit(1)
# (b) figure whether we are PI for the authority where we belong
sys.exit(1)
# (b) figure whether we are PI for the authority where we belong
- self.logger.info("Resolving our own id {}".format(self.user))
+ logger.info("Resolving our own id {}".format(self.user))
my_records = self.registry().Resolve(self.user, self.my_credential_string)
if len(my_records) != 1:
print("Cannot Resolve {} -- exiting".format(self.user))
sys.exit(1)
my_record = my_records[0]
my_auths_all = my_record['reg-pi-authorities']
my_records = self.registry().Resolve(self.user, self.my_credential_string)
if len(my_records) != 1:
print("Cannot Resolve {} -- exiting".format(self.user))
sys.exit(1)
my_record = my_records[0]
my_auths_all = my_record['reg-pi-authorities']
"Found {} authorities that we are PI for".format(len(my_auths_all)))
"Found {} authorities that we are PI for".format(len(my_auths_all)))
- self.logger.debug("They are {}".format(my_auths_all))
+ logger.debug("They are {}".format(my_auths_all))
my_auths = my_auths_all
if options.delegate_auths:
my_auths = list(set(my_auths_all).intersection(
set(options.delegate_auths)))
my_auths = my_auths_all
if options.delegate_auths:
my_auths = list(set(my_auths_all).intersection(
set(options.delegate_auths)))
"Restricted to user-provided auths {}".format(my_auths))
# (c) get the set of slices that we are in
my_slices_all = my_record['reg-slices']
"Restricted to user-provided auths {}".format(my_auths))
# (c) get the set of slices that we are in
my_slices_all = my_record['reg-slices']
"Found {} slices that we are member of".format(len(my_slices_all)))
"Found {} slices that we are member of".format(len(my_slices_all)))
- self.logger.debug("They are: {}".format(my_slices_all))
+ logger.debug("They are: {}".format(my_slices_all))
my_slices = my_slices_all
# if user provided slices, deal only with these - if they are found
if options.delegate_slices:
my_slices = list(set(my_slices_all).intersection(
set(options.delegate_slices)))
my_slices = my_slices_all
# if user provided slices, deal only with these - if they are found
if options.delegate_slices:
my_slices = list(set(my_slices_all).intersection(
set(options.delegate_slices)))
"Restricted to user-provided slices: {}".format(my_slices))
# (d) make sure we have *valid* credentials for all these
"Restricted to user-provided slices: {}".format(my_slices))
# (d) make sure we have *valid* credentials for all these
.format(hrn, htype, delegatee_hrn, delegatee_type))
with open(filename, 'w') as f:
f.write(delegated_credential)
.format(hrn, htype, delegatee_hrn, delegatee_type))
with open(filename, 'w') as f:
f.write(delegated_credential)
- self.logger.debug("(Over)wrote {}".format(filename))
+ logger.debug("(Over)wrote {}".format(filename))
hrn_delegated_credentials.append(
(hrn, htype, delegated_credential, filename, ))
# (f) and finally upload them to manifold server
# xxx todo add an option so the password can be set on the command line
# (but *NOT* in the config file) so other apps can leverage this
hrn_delegated_credentials.append(
(hrn, htype, delegated_credential, filename, ))
# (f) and finally upload them to manifold server
# xxx todo add an option so the password can be set on the command line
# (but *NOT* in the config file) so other apps can leverage this
- self.logger.info("Uploading on backend at {}".format(
+ logger.info("Uploading on backend at {}".format(
myslice_dict['backend']))
myslice_dict['backend']))
- uploader = ManifoldUploader(logger=self.logger,
+ uploader = ManifoldUploader(logger=logger,
url=myslice_dict['backend'],
platform=myslice_dict['platform'],
username=myslice_dict['username'],
url=myslice_dict['backend'],
platform=myslice_dict['platform'],
username=myslice_dict['username'],
if uploader.upload(delegated_credential, message=message):
count_success += 1
count_all += 1
if uploader.upload(delegated_credential, message=message):
count_success += 1
count_all += 1
- self.logger.info("Successfully uploaded {}/{} credentials"
+ logger.info("Successfully uploaded {}/{} credentials"
.format(count_success, count_all))
# at first I thought we would want to save these,
.format(count_success, count_all))
# at first I thought we would want to save these,
gid = GID(string=trusted_cert)
gid.dump()
cert = Certificate(string=trusted_cert)
gid = GID(string=trusted_cert)
gid.dump()
cert = Certificate(string=trusted_cert)
- self.logger.debug('Sfi.trusted -> {}'.format(cert.get_subject()))
+ logger.debug('Sfi.trusted -> {}'.format(cert.get_subject()))
print("Certificate:\n{}\n\n".format(trusted_cert))
# xxx should analyze result
return 0
print("Certificate:\n{}\n\n".format(trusted_cert))
# xxx should analyze result
return 0
return {"aggregate": aggregate, "result": result,
"elapsed": time.time() - tStart, "status": "success"}
except Exception as e:
return {"aggregate": aggregate, "result": result,
"elapsed": time.time() - tStart, "status": "success"}
except Exception as e:
- api.logger.log_exc("ListResources failed at %s" % (server.url))
+ logger.log_exc("ListResources failed at %s" % (server.url))
return {"aggregate": aggregate, "elapsed": time.time() - tStart,
"status": "exception", "exc_info": sys.exc_info()}
return {"aggregate": aggregate, "elapsed": time.time() - tStart,
"status": "exception", "exc_info": sys.exc_info()}
if not xrn and self.cache and cached_requested:
rspec = self.cache.get(version_string)
if rspec:
if not xrn and self.cache and cached_requested:
rspec = self.cache.get(version_string)
if rspec:
"SliceManager.ListResources returns cached advertisement")
return rspec
"SliceManager.ListResources returns cached advertisement")
return rspec
try:
rspec.version.merge(ReturnValue.get_value(res))
except Exception:
try:
rspec.version.merge(ReturnValue.get_value(res))
except Exception:
"SM.ListResources: Failed to merge aggregate rspec")
# cache the result
if self.cache and not xrn:
"SM.ListResources: Failed to merge aggregate rspec")
# cache the result
if self.cache and not xrn:
- api.logger.debug("SliceManager.ListResources caches advertisement")
+ logger.debug("SliceManager.ListResources caches advertisement")
self.cache.add(version_string, rspec.toxml())
return rspec.toxml()
self.cache.add(version_string, rspec.toxml())
return rspec.toxml()
ReturnValue.get_value(res['geni_rspec']))
geni_slivers.extend(res['geni_slivers'])
except Exception:
ReturnValue.get_value(res['geni_rspec']))
geni_slivers.extend(res['geni_slivers'])
except Exception:
"SM.Allocate: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
"SM.Allocate: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
ReturnValue.get_value(res['geni_rspec']))
geni_slivers.extend(res['geni_slivers'])
except:
ReturnValue.get_value(res['geni_rspec']))
geni_slivers.extend(res['geni_slivers'])
except:
"SM.Provision: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
"SM.Provision: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
geni_urn = result['geni_urn']
geni_slivers.extend(result['geni_slivers'])
except Exception:
geni_urn = result['geni_urn']
geni_slivers.extend(result['geni_slivers'])
except Exception:
"SM.Provision: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
"SM.Provision: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
ReturnValue.get_value(result['geni_rspec']))
geni_slivers.extend(result['geni_slivers'])
except Exception:
ReturnValue.get_value(result['geni_rspec']))
geni_slivers.extend(result['geni_slivers'])
except Exception:
"SM.Provision: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
"SM.Provision: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
class Allocate(Method):
"""
class Allocate(Method):
"""
- Allocate resources as described in a request RSpec argument
- to a slice with the named URN. On success, one or more slivers
- are allocated, containing resources satisfying the request, and
- assigned to the given slice. This method returns a listing and
- description of the resources reserved for the slice by this
- operation, in the form of a manifest RSpec. Allocated slivers
- are held for an aggregate-determined period. Clients must Renew
- or Provision slivers before the expiration time (given in the
+ Allocate resources as described in a request RSpec argument
+ to a slice with the named URN. On success, one or more slivers
+ are allocated, containing resources satisfying the request, and
+ assigned to the given slice. This method returns a listing and
+ description of the resources reserved for the slice by this
+ operation, in the form of a manifest RSpec. Allocated slivers
+ are held for an aggregate-determined period. Clients must Renew
+ or Provision slivers before the expiration time (given in the
return struct), or the aggregate will automatically Delete them.
@param slice_urn (string) URN of slice to allocate to
return struct), or the aggregate will automatically Delete them.
@param slice_urn (string) URN of slice to allocate to
This option can take 3 values
(*) options['pltags'] == 'ignore' (default)
This option can take 3 values
(*) options['pltags'] == 'ignore' (default)
- This is the recommended mode; in this mode all slice tags passed
- here are ignore, which correspond to the <planetlab:attribute> XML tags in
+ This is the recommended mode; in this mode all slice tags passed
+ here are ignore, which correspond to the <planetlab:attribute> XML tags in
the <sliver_type> areas of incoming rspec to Allocate.
In other words you are guaranteed to leave slice tags alone.
(*) options['pltags'] == 'append'
the <sliver_type> areas of incoming rspec to Allocate.
In other words you are guaranteed to leave slice tags alone.
(*) options['pltags'] == 'append'
- All incoming slice tags are added to corresponding slivers,
+ All incoming slice tags are added to corresponding slivers,
unless an exact match can be found in the PLC db
(*) options['pltags'] == 'sync'
The historical mode, that attempts to leave the PLC db in a state
unless an exact match can be found in the PLC db
(*) options['pltags'] == 'sync'
The historical mode, that attempts to leave the PLC db in a state
# the slivers should expire.
expiration = datetime_to_string(the_credential.expiration)
# the slivers should expire.
expiration = datetime_to_string(the_credential.expiration)
"Allocate, received expiration from credential: %s" % expiration)
# turned off, as passing an empty rspec is indeed useful for cleaning up the slice
"Allocate, received expiration from credential: %s" % expiration)
# turned off, as passing an empty rspec is indeed useful for cleaning up the slice
chain_name = 'INCOMING'
elif self.api.interface in ['slicemgr']:
chain_name = 'FORWARD-INCOMING'
chain_name = 'INCOMING'
elif self.api.interface in ['slicemgr']:
chain_name = 'FORWARD-INCOMING'
- self.api.logger.debug("Allocate: sfatables on chain %s" % chain_name)
+ logger.debug("Allocate: sfatables on chain %s" % chain_name)
actual_caller_hrn = the_credential.actual_caller_hrn()
actual_caller_hrn = the_credential.actual_caller_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, actual_caller_hrn, xrn.get_hrn(), self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, actual_caller_hrn, xrn.get_hrn(), self.name))
rspec = run_sfatables(chain_name, xrn.get_hrn(),
actual_caller_hrn, rspec)
# turned off, as passing an empty rspec is indeed useful for cleaning up the slice
rspec = run_sfatables(chain_name, xrn.get_hrn(),
actual_caller_hrn, rspec)
# turned off, as passing an empty rspec is indeed useful for cleaning up the slice
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.storage.parameter import Parameter, Mixed
from sfa.trust.credential import Credential
from sfa.storage.parameter import Parameter, Mixed
from sfa.trust.credential import Credential
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, xrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, xrn, self.name))
return self.api.manager.CreateGid(self.api, xrn, cert)
return self.api.manager.CreateGid(self.api, xrn, cert)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
+
from sfa.storage.parameter import Parameter, Mixed
from sfa.trust.auth import Auth
from sfa.trust.credential import Credential
from sfa.storage.parameter import Parameter, Mixed
from sfa.trust.auth import Auth
from sfa.trust.credential import Credential
class Delete(Method):
"""
class Delete(Method):
"""
- Remove the slice or slivers and free the allocated resources
+ Remove the slice or slivers and free the allocated resources
@param xrns human readable name of slice to instantiate (hrn or urn)
@param creds credential string specifying the rights of the caller
@param xrns human readable name of slice to instantiate (hrn or urn)
@param creds credential string specifying the rights of the caller
- @return 1 is successful, faults otherwise
+ @return 1 is successful, faults otherwise
"""
interfaces = ['aggregate', 'slicemgr', 'component']
"""
interfaces = ['aggregate', 'slicemgr', 'component']
returns = Parameter(int, "1 if successful")
def call(self, xrns, creds, options):
returns = Parameter(int, "1 if successful")
def call(self, xrns, creds, options):
- valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'deletesliver', xrns,
- check_sliver_callback=self.api.driver.check_sliver_credentials,
- options=options)
+ valid_creds = self.api.auth.checkCredentialsSpeaksFor(
+ creds, 'deletesliver', xrns,
+ check_sliver_callback=self.api.driver.check_sliver_credentials,
+ options=options)
# log the call
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
# log the call
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, xrns, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, xrns, self.name))
return self.api.manager.Delete(self.api, xrns, creds, options)
return self.api.manager.Delete(self.api, xrns, creds, options)
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
from sfa.util.faults import SfaInvalidArgument
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
from sfa.util.faults import SfaInvalidArgument
+from sfa.util.sfalogging import logger
+
from sfa.trust.credential import Credential
from sfa.storage.parameter import Parameter, Mixed
from sfa.trust.credential import Credential
from sfa.storage.parameter import Parameter, Mixed
class Describe(Method):
"""
class Describe(Method):
"""
- Retrieve a manifest RSpec describing the resources contained by the
- named entities, e.g. a single slice or a set of the slivers in a
- slice. This listing and description should be sufficiently
- descriptive to allow experimenters to use the resources.
+ Retrieve a manifest RSpec describing the resources contained by the
+ named entities, e.g. a single slice or a set of the slivers in a
+ slice. This listing and description should be sufficiently
+ descriptive to allow experimenters to use the resources.
@param credential list
@param options dictionary
@return dict
@param credential list
@param options dictionary
@return dict
returns = Parameter(str, "List of resources")
def call(self, urns, creds, options):
returns = Parameter(str, "List of resources")
def call(self, urns, creds, options):
- self.api.logger.info("interface: %s\tmethod-name: %s" %
- (self.api.interface, self.name))
+ logger.info("interface: %s\tmethod-name: %s" %
+ (self.api.interface, self.name))
# client must specify a version
if not options.get('geni_rspec_version'):
# client must specify a version
if not options.get('geni_rspec_version'):
chain_name = 'OUTGOING'
elif self.api.interface in ['slicemgr']:
chain_name = 'FORWARD-OUTGOING'
chain_name = 'OUTGOING'
elif self.api.interface in ['slicemgr']:
chain_name = 'FORWARD-OUTGOING'
"ListResources: sfatables on chain %s" % chain_name)
desc['geni_rspec'] = run_sfatables(
chain_name, '', origin_hrn, desc['geni_rspec'])
"ListResources: sfatables on chain %s" % chain_name)
desc['geni_rspec'] = run_sfatables(
chain_name, '', origin_hrn, desc['geni_rspec'])
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
from sfa.trust.credential import Credential
@param cred credential object specifying rights of the caller
@param type type of object (user | slice | node | authority )
@param cred credential object specifying rights of the caller
@param type type of object (user | slice | node | authority )
- @return the string representation of a credential object
+ @return the string representation of a credential object
"""
interfaces = ['registry']
"""
interfaces = ['registry']
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrn, self.name))
return self.api.manager.GetCredential(self.api, xrn, type, self.api.auth.client_gid.get_urn())
return self.api.manager.GetCredential(self.api, xrn, type, self.api.auth.client_gid.get_urn())
from sfa.util.faults import RecordNotFound, ConnectionKeyGIDMismatch
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.faults import RecordNotFound, ConnectionKeyGIDMismatch
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.certificate import Certificate
from sfa.trust.certificate import Certificate
class GetSelfCredential(Method):
"""
Retrive a credential for an object
class GetSelfCredential(Method):
"""
Retrive a credential for an object
- @param cert certificate string
+ @param cert certificate string
@param type type of object (user | slice | sa | ma | node)
@param hrn human readable name of object (hrn or urn)
@param type type of object (user | slice | sa | ma | node)
@param hrn human readable name of object (hrn or urn)
- @return the string representation of a credential object
+ @return the string representation of a credential object
"""
interfaces = ['registry']
"""
interfaces = ['registry']
self.api.auth.verify_object_belongs_to_me(hrn)
origin_hrn = Certificate(string=cert).get_subject()
self.api.auth.verify_object_belongs_to_me(hrn)
origin_hrn = Certificate(string=cert).get_subject()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrn, self.name))
# authenticate the gid
# import here so we can load this module at build-time for sfa2wsdl
# authenticate the gid
# import here so we can load this module at build-time for sfa2wsdl
certificate = Certificate(string=cert)
if not certificate.is_pubkey(gid.get_pubkey()):
for (obj, name) in [(certificate, "CERT"), (gid, "GID"), ]:
certificate = Certificate(string=cert)
if not certificate.is_pubkey(gid.get_pubkey()):
for (obj, name) in [(certificate, "CERT"), (gid, "GID"), ]:
- self.api.logger.debug("ConnectionKeyGIDMismatch, %s pubkey: %s" % (
+ logger.debug("ConnectionKeyGIDMismatch, %s pubkey: %s" % (
name, obj.get_pubkey().get_pubkey_string()))
name, obj.get_pubkey().get_pubkey_string()))
"ConnectionKeyGIDMismatch, %s dump: %s" % (name, obj.dump_string()))
if hasattr(obj, 'filename'):
"ConnectionKeyGIDMismatch, %s dump: %s" % (name, obj.dump_string()))
if hasattr(obj, 'filename'):
"ConnectionKeyGIDMismatch, %s filename: %s" % (name, obj.filename))
raise ConnectionKeyGIDMismatch(gid.get_subject())
"ConnectionKeyGIDMismatch, %s filename: %s" % (name, obj.filename))
raise ConnectionKeyGIDMismatch(gid.get_subject())
from sfa.util.method import Method
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.storage.parameter import Parameter
from sfa.storage.parameter import Parameter
def call(self, options=None):
if options is None:
options = {}
def call(self, options=None):
if options is None:
options = {}
- self.api.logger.info("interface: %s\tmethod-name: %s" %
- (self.api.interface, self.name))
+ logger.info("interface: %s\tmethod-name: %s" %
+ (self.api.interface, self.name))
return self.api.manager.GetVersion(self.api, options)
return self.api.manager.GetVersion(self.api, options)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
from sfa.trust.credential import Credential
- List the records in an authority.
+ List the records in an authority.
@param cred credential string specifying the rights of the caller
@param hrn human readable name of authority to list (hrn or urn)
@param cred credential string specifying the rights of the caller
@param hrn human readable name of authority to list (hrn or urn)
- @return list of record dictionaries
+ @return list of record dictionaries
"""
interfaces = ['registry']
"""
interfaces = ['registry']
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrn, self.name))
return self.api.manager.List(self.api, xrn, options=options)
return self.api.manager.List(self.api, xrn, options=options)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
+from sfa.util.sfalogging import logger
+
from sfa.util.faults import SfaInvalidArgument
from sfa.trust.credential import Credential
from sfa.util.faults import SfaInvalidArgument
from sfa.trust.credential import Credential
returns = Parameter(str, "List of resources")
def call(self, creds, options):
returns = Parameter(str, "List of resources")
def call(self, creds, options):
- self.api.logger.info("interface: %s\tmethod-name: %s" %
- (self.api.interface, self.name))
+ logger.info("interface: %s\tmethod-name: %s" %
+ (self.api.interface, self.name))
# client must specify a version
if not options.get('geni_rspec_version'):
# client must specify a version
if not options.get('geni_rspec_version'):
chain_name = 'OUTGOING'
elif self.api.interface in ['slicemgr']:
chain_name = 'FORWARD-OUTGOING'
chain_name = 'OUTGOING'
elif self.api.interface in ['slicemgr']:
chain_name = 'FORWARD-OUTGOING'
"ListResources: sfatables on chain %s" % chain_name)
filtered_rspec = run_sfatables(chain_name, '', origin_hrn, rspec)
"ListResources: sfatables on chain %s" % chain_name)
filtered_rspec = run_sfatables(chain_name, '', origin_hrn, rspec)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
+from sfa.util.sfalogging import logger
+
from sfa.trust.credential import Credential
from sfa.trust.credential import Credential
from sfa.storage.parameter import Parameter, Mixed
class PerformOperationalAction(Method):
"""
from sfa.storage.parameter import Parameter, Mixed
class PerformOperationalAction(Method):
"""
- Request that the named geni_allocated slivers be made
- geni_provisioned, instantiating or otherwise realizing the
- resources, such that they have a valid geni_operational_status
- and may possibly be made geni_ready for experimenter use. This
- operation is synchronous, but may start a longer process, such
+ Request that the named geni_allocated slivers be made
+ geni_provisioned, instantiating or otherwise realizing the
+ resources, such that they have a valid geni_operational_status
+ and may possibly be made geni_ready for experimenter use. This
+ operation is synchronous, but may start a longer process, such
as creating and imaging a virtual machine
@param slice urns ([string]) URNs of slivers to provision to
as creating and imaging a virtual machine
@param slice urns ([string]) URNs of slivers to provision to
returns = Parameter(dict, "Provisioned Resources")
def call(self, xrns, creds, action, options):
returns = Parameter(dict, "Provisioned Resources")
def call(self, xrns, creds, action, options):
- self.api.logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, xrns, self.name))
+ logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, xrns, self.name))
(speaking_for, _) = urn_to_hrn(options.get('geni_speaking_for'))
# Find the valid credentials
(speaking_for, _) = urn_to_hrn(options.get('geni_speaking_for'))
# Find the valid credentials
- valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'createsliver', xrns,
- check_sliver_callback=self.api.driver.check_sliver_credentials,
- options=options)
+ valid_creds = self.api.auth.checkCredentialsSpeaksFor(
+ creds, 'createsliver', xrns,
+ check_sliver_callback=self.api.driver.check_sliver_credentials,
+ options=options)
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, xrns, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, xrns, self.name))
result = self.api.manager.PerformOperationalAction(
self.api, xrns, creds, action, options)
return result
result = self.api.manager.PerformOperationalAction(
self.api, xrns, creds, action, options)
return result
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
+from sfa.util.sfalogging import logger
+
from sfa.trust.credential import Credential
from sfa.trust.credential import Credential
from sfa.storage.parameter import Parameter, Mixed
from sfa.storage.parameter import Parameter, Mixed
from sfa.rspecs.rspec import RSpec
class Provision(Method):
"""
from sfa.rspecs.rspec import RSpec
class Provision(Method):
"""
- Request that the named geni_allocated slivers be made
- geni_provisioned, instantiating or otherwise realizing the
- resources, such that they have a valid geni_operational_status
- and may possibly be made geni_ready for experimenter use. This
- operation is synchronous, but may start a longer process, such
+ Request that the named geni_allocated slivers be made
+ geni_provisioned, instantiating or otherwise realizing the
+ resources, such that they have a valid geni_operational_status
+ and may possibly be made geni_ready for experimenter use. This
+ operation is synchronous, but may start a longer process, such
as creating and imaging a virtual machine
@param slice urns ([string]) URNs of slivers to provision to
as creating and imaging a virtual machine
@param slice urns ([string]) URNs of slivers to provision to
returns = Parameter(dict, "Provisioned Resources")
def call(self, xrns, creds, options):
returns = Parameter(dict, "Provisioned Resources")
def call(self, xrns, creds, options):
- self.api.logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, xrns, self.name))
+ logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, xrns, self.name))
# Find the valid credentials
# Find the valid credentials
- valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'createsliver', xrns,
- check_sliver_callback=self.api.driver.check_sliver_credentials,
- options=options)
+ valid_creds = self.api.auth.checkCredentialsSpeaksFor(
+ creds, 'createsliver', xrns,
+ check_sliver_callback=self.api.driver.check_sliver_credentials,
+ options=options)
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, xrns, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, xrns, self.name))
result = self.api.manager.Provision(self.api, xrns, creds, options)
return result
result = self.api.manager.Provision(self.api, xrns, creds, options)
return result
from sfa.util.method import Method
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
from sfa.trust.credential import Credential
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrn, self.name))
return self.api.manager.Register(self.api, record)
return self.api.manager.Register(self.api, record)
from sfa.util.xrn import Xrn
from sfa.util.method import Method
from sfa.util.xrn import Xrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
from sfa.trust.credential import Credential
@param type record type
@param xrn human readable name of record to remove (hrn or urn)
@param type record type
@param xrn human readable name of record to remove (hrn or urn)
- @return 1 if successful, faults otherwise
+ @return 1 if successful, faults otherwise
"""
interfaces = ['registry']
"""
interfaces = ['registry']
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tmethod-name: %s\tcaller-hrn: %s\ttarget-urn: %s" % (
- self.api.interface, self.name, origin_hrn, xrn.get_urn()))
+ logger.info("interface: %s\tmethod-name: %s\tcaller-hrn: %s\ttarget-urn: %s" % (
+ self.api.interface, self.name, origin_hrn, xrn.get_urn()))
return self.api.manager.Remove(self.api, xrn)
return self.api.manager.Remove(self.api, xrn)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatime import utcparse, add_datetime
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatime import utcparse, add_datetime
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
from sfa.trust.credential import Credential
- Renews the resources in the specified slice or slivers by
+ Renews the resources in the specified slice or slivers by
extending the lifetime.
@param urns ([string]) List of URNs of to renew
extending the lifetime.
@param urns ([string]) List of URNs of to renew
def call(self, urns, creds, expiration_time, options):
# Find the valid credentials
def call(self, urns, creds, expiration_time, options):
# Find the valid credentials
- valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'renewsliver', urns,
- check_sliver_callback=self.api.driver.check_sliver_credentials,
- options=options)
+ valid_creds = self.api.auth.checkCredentialsSpeaksFor(
+ creds, 'renewsliver', urns,
+ check_sliver_callback=self.api.driver.check_sliver_credentials,
+ options=options)
the_credential = Credential(cred=valid_creds[0])
actual_caller_hrn = the_credential.actual_caller_hrn()
the_credential = Credential(cred=valid_creds[0])
actual_caller_hrn = the_credential.actual_caller_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-urns: %s\texpiration:%s\tmethod-name: %s" %
- (self.api.interface, actual_caller_hrn, urns, expiration_time, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-urns: %s\texpiration:%s\tmethod-name: %s" %
+ (self.api.interface, actual_caller_hrn, urns, expiration_time, self.name))
# extend as long as possible : take the min of requested and
# now+SFA_MAX_SLICE_RENEW
# extend as long as possible : take the min of requested and
# now+SFA_MAX_SLICE_RENEW
# Validate that the time does not go beyond the credential's expiration
# time
requested_expire = utcparse(expiration_time)
# Validate that the time does not go beyond the credential's expiration
# time
requested_expire = utcparse(expiration_time)
- self.api.logger.info("requested_expire = %s" % requested_expire)
+ logger.info("requested_expire = %s" % requested_expire)
credential_expire = the_credential.get_expiration()
credential_expire = the_credential.get_expiration()
- self.api.logger.info("credential_expire = %s" % credential_expire)
+ logger.info("credential_expire = %s" % credential_expire)
max_renew_days = int(self.api.config.SFA_MAX_SLICE_RENEW)
max_expire = datetime.datetime.utcnow() + datetime.timedelta(days=max_renew_days)
if requested_expire > credential_expire:
# used to throw an InsufficientRights exception here, this was not
# right
max_renew_days = int(self.api.config.SFA_MAX_SLICE_RENEW)
max_expire = datetime.datetime.utcnow() + datetime.timedelta(days=max_renew_days)
if requested_expire > credential_expire:
# used to throw an InsufficientRights exception here, this was not
# right
- self.api.logger.warning("Requested expiration %s, after credential expiration (%s) -> trimming to the latter/sooner" %
- (requested_expire, credential_expire))
+ logger.warning("Requested expiration %s, after credential expiration (%s) -> trimming to the latter/sooner" %
+ (requested_expire, credential_expire))
requested_expire = credential_expire
if requested_expire > max_expire:
# likewise
requested_expire = credential_expire
if requested_expire > max_expire:
# likewise
- self.api.logger.warning("Requested expiration %s, after maximal expiration %s days (%s) -> trimming to the latter/sooner" %
- (requested_expire, self.api.config.SFA_MAX_SLICE_RENEW, max_expire))
+ logger.warning("Requested expiration %s, after maximal expiration %s days (%s) -> trimming to the latter/sooner" %
+ (requested_expire, self.api.config.SFA_MAX_SLICE_RENEW, max_expire))
requested_expire = max_expire
return self.api.manager.Renew(self.api, urns, creds, requested_expire, options)
requested_expire = max_expire
return self.api.manager.Renew(self.api, urns, creds, requested_expire, options)
from sfa.util.xrn import Xrn, urn_to_hrn
from sfa.util.method import Method
from sfa.util.xrn import Xrn, urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
from sfa.trust.credential import Credential
Resolve a record.
@param cred credential string authorizing the caller
Resolve a record.
@param cred credential string authorizing the caller
- @param hrn human readable name to resolve (hrn or urn)
- @return a list of record dictionaries or empty list
+ @param hrn human readable name to resolve (hrn or urn)
+ @return a list of record dictionaries or empty list
"""
interfaces = ['registry']
"""
interfaces = ['registry']
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrns, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrns, self.name))
# send the call to the right manager
return self.api.manager.Resolve(self.api, xrns, type, details=details)
# send the call to the right manager
return self.api.manager.Resolve(self.api, xrns, type, details=details)
from sfa.storage.parameter import Parameter
from sfa.trust.credential import Credential
from sfa.util.method import Method
from sfa.storage.parameter import Parameter
from sfa.trust.credential import Credential
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
class Shutdown(Method):
"""
class Shutdown(Method):
"""
- Perform an emergency shut down of a sliver. This operation is intended for administrative use.
+ Perform an emergency shut down of a sliver. This operation is intended for administrative use.
The sliver is shut down but remains available for further forensics.
@param slice_urn (string) URN of slice to renew
The sliver is shut down but remains available for further forensics.
@param slice_urn (string) URN of slice to renew
- @param credentials ([string]) of credentials
+ @param credentials ([string]) of credentials
"""
interfaces = ['aggregate', 'slicemgr']
accepts = [
"""
interfaces = ['aggregate', 'slicemgr']
accepts = [
def call(self, xrn, creds):
def call(self, xrn, creds):
- valid_creds = self.api.auth.checkCredentials(creds, 'stopslice', xrn,
- check_sliver_callback=self.api.driver.check_sliver_credentials)
+ valid_creds = self.api.auth.checkCredentials(
+ creds, 'stopslice', xrn,
+ check_sliver_callback=self.api.driver.check_sliver_credentials)
# log the call
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
# log the call
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, xrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, xrn, self.name))
return self.api.manager.Shutdown(self.api, xrn, creds)
return self.api.manager.Shutdown(self.api, xrn, creds)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.storage.parameter import Parameter, Mixed
from sfa.storage.parameter import Parameter, Mixed
returns = Parameter(dict, "Status details")
def call(self, xrns, creds, options):
returns = Parameter(dict, "Status details")
def call(self, xrns, creds, options):
- valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'sliverstatus', xrns,
- check_sliver_callback=self.api.driver.check_sliver_credentials,
- options=options)
+ valid_creds = self.api.auth.checkCredentialsSpeaksFor(
+ creds, 'sliverstatus', xrns,
+ check_sliver_callback=self.api.driver.check_sliver_credentials,
+ options=options)
- self.api.logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, xrns, self.name))
+ logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, xrns, self.name))
return self.api.manager.Status(self.api, xrns, creds, options)
return self.api.manager.Status(self.api, xrns, creds, options)
from sfa.util.method import Method
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
from sfa.trust.credential import Credential
@param cred credential string specifying rights of the caller
@param record a record dictionary to be updated
@param cred credential string specifying rights of the caller
@param record a record dictionary to be updated
- @return 1 if successful, faults otherwise
+ @return 1 if successful, faults otherwise
"""
interfaces = ['registry']
"""
interfaces = ['registry']
# log
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
# log
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrn, self.name))
return self.api.manager.Update(self.api, record_dict)
return self.api.manager.Update(self.api, record_dict)
from sfa.util.method import Method
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.auth import Auth
from sfa.trust.credential import Credential
from sfa.trust.auth import Auth
from sfa.trust.credential import Credential
class get_trusted_certs(Method):
"""
@param cred credential string specifying the rights of the caller
class get_trusted_certs(Method):
"""
@param cred credential string specifying the rights of the caller
- @return list of gid strings
+ @return list of gid strings
"""
interfaces = ['registry', 'aggregate', 'slicemgr']
"""
interfaces = ['registry', 'aggregate', 'slicemgr']
# If cred is not specified just return the gid for this interface.
# This is true when when a peer is attempting to initiate federation
# with this interface
# If cred is not specified just return the gid for this interface.
# This is true when when a peer is attempting to initiate federation
# with this interface
- self.api.logger.debug("get_trusted_certs: %r" % cred)
+ logger.debug("get_trusted_certs: %r" % cred)
if not cred:
gid_strings = []
for gid in self.api.auth.trusted_cert_list:
if not cred:
gid_strings = []
for gid in self.api.auth.trusted_cert_list:
from sfa.util.sfalogging import init_logger, logger
from sfa.util.xrn import get_authority, hrn_to_urn
from sfa.util.config import Config
from sfa.util.sfalogging import init_logger, logger
from sfa.util.xrn import get_authority, hrn_to_urn
from sfa.util.config import Config
from sfa.trust.gid import GID
from sfa.trust.trustedroots import TrustedRoots
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.hierarchy import Hierarchy
from sfa.trust.gid import GID
from sfa.trust.gid import GID
from sfa.trust.trustedroots import TrustedRoots
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.hierarchy import Hierarchy
from sfa.trust.gid import GID
from sfa.server.sfaapi import SfaApi
from sfa.server.registry import Registries
from sfa.server.aggregate import Aggregates
from sfa.server.sfaapi import SfaApi
from sfa.server.registry import Registries
from sfa.server.aggregate import Aggregates
from sfa.client.return_value import ReturnValue
from sfa.client.return_value import ReturnValue
gid.save_to_file(gid_filename, save_parents=True)
message = "installed trusted cert for %s" % new_hrn
# log the message
gid.save_to_file(gid_filename, save_parents=True)
message = "installed trusted cert for %s" % new_hrn
# log the message
- api.logger.info(message)
except Exception:
message = "interface: %s\tunable to install trusted gid for %s" % \
(api.interface, new_hrn)
except Exception:
message = "interface: %s\tunable to install trusted gid for %s" % \
(api.interface, new_hrn)
- api.logger.log_exc(message)
+ logger.log_exc(message)
# doesnt matter witch one
update_cert_records(peer_gids)
# doesnt matter witch one
update_cert_records(peer_gids)
- The XmlrpcApi class implements a basic xmlrpc (or soap) service
+ The XmlrpcApi class implements a basic xmlrpc (or soap) service
methods, fromlist=[methods])
self.methods = methods_module.all
methods, fromlist=[methods])
self.methods = methods_module.all
def callable(self, method):
"""
Return a new instance of the specified method.
def callable(self, method):
"""
Return a new instance of the specified method.
callablemethod = getattr(module, classname)(self)
return getattr(module, classname)(self)
except (ImportError, AttributeError):
callablemethod = getattr(module, classname)(self)
return getattr(module, classname)(self)
except (ImportError, AttributeError):
- self.logger.log_exc("Error importing method: %s" % method)
+ logger.log_exc("Error importing method: %s" % method)
raise SfaInvalidAPIMethod(method)
def call(self, source, method, *args):
raise SfaInvalidAPIMethod(method)
def call(self, source, method, *args):
result = self.call(source, method, *args)
except SfaFault as fault:
result = fault
result = self.call(source, method, *args)
except SfaFault as fault:
result = fault
- self.logger.log_exc("XmlrpcApi.handle has caught Exception")
+ logger.log_exc("XmlrpcApi.handle has caught Exception")
except Exception as fault:
except Exception as fault:
- self.logger.log_exc("XmlrpcApi.handle has caught Exception")
+ logger.log_exc("XmlrpcApi.handle has caught Exception")
result = SfaAPIError(fault)
# Return result
result = SfaAPIError(fault)
# Return result
from sfa.util.sfalogging import logger
# this tends to generate quite some logs for little or no value
from sfa.util.sfalogging import logger
# this tends to generate quite some logs for little or no value
-debug_verify_chain = False
+debug_verify_chain = True
glo_passphrase_callback = None
glo_passphrase_callback = None
# @param cert certificate object
def is_signed_by_cert(self, cert):
# @param cert certificate object
def is_signed_by_cert(self, cert):
- logger.debug("Certificate.is_signed_by_cert -> invoking verify")
+ logger.debug("Certificate.is_signed_by_cert -> verify on {}\n"
+ "with pubkey {}"
+ .format(self, k))
result = self.verify(k)
return result
result = self.verify(k)
return result
trusted_cert.pretty_name()))
else:
logger.debug("verify_chain: not a direct"
trusted_cert.pretty_name()))
else:
logger.debug("verify_chain: not a direct"
- " descendant of a trusted root")
+ " descendant of trusted root #{}".format(i))
# if there is no parent, then no way to verify the chain
if not self.parent:
# if there is no parent, then no way to verify the chain
if not self.parent: