however, this remains as-is in all importers, as well as sfaclientlib/manifolduploader
self.options = options
self.user = None
self.authority = None
- self.logger = logger
- self.logger.enable_console()
+ logger.enable_console()
# various auxiliary material that we keep at hand
self.command = None
# need to call this other than just 'config' as we have a
msg = "Invalid command\n"
msg += "Commands: "
msg += ','.join(commands_list)
- self.logger.critical(msg)
+ logger.critical(msg)
sys.exit(2)
# retrieve args_string
sys.exit(1)
self.options = options
- self.logger.setLevelFromOptVerbose(self.options.verbose)
+ logger.setLevelFromOptVerbose(self.options.verbose)
if len(args) <= 0:
- self.logger.critical("No command given. Use -h for help.")
+ logger.critical("No command given. Use -h for help.")
self.print_commands_help(options)
return -1
self.read_config()
self.bootstrap()
- self.logger.debug("Command={}".format(self.command))
+ logger.debug("Command={}".format(self.command))
try:
retcod = self.dispatch(command, command_options, command_args)
except SystemExit:
return 1
except:
- self.logger.log_exc("sfi command {} failed".format(command))
+ logger.log_exc("sfi command {} failed".format(command))
return 1
return retcod
config.save(config_file)
except:
- self.logger.critical(
+ logger.critical(
"Failed to read configuration file {}".format(config_file))
- self.logger.info(
+ logger.info(
"Make sure to remove the export clauses and to add quotes")
if self.options.verbose == 0:
- self.logger.info("Re-run with -v for more details")
+ logger.info("Re-run with -v for more details")
else:
- self.logger.log_exc(
+ logger.log_exc(
"Could not read config file {}".format(config_file))
sys.exit(1)
elif hasattr(config, "SFI_SM"):
self.sm_url = config.SFI_SM
else:
- self.logger.error(
+ logger.error(
"You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in {}".format(config_file))
errors += 1
elif hasattr(config, "SFI_REGISTRY"):
self.reg_url = config.SFI_REGISTRY
else:
- self.logger.error(
+ logger.error(
"You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in {}".format(config_file))
errors += 1
elif hasattr(config, "SFI_USER"):
self.user = config.SFI_USER
else:
- self.logger.error(
+ logger.error(
"You need to set e.g. SFI_USER='plc.princeton.username' in {}".format(config_file))
errors += 1
elif hasattr(config, "SFI_AUTH"):
self.authority = config.SFI_AUTH
else:
- self.logger.error(
+ logger.error(
"You need to set e.g. SFI_AUTH='plc.princeton' in {}".format(config_file))
errors += 1
# init self-signed cert, user credentials and gid
def bootstrap(self):
if self.options.verbose:
- self.logger.info(
+ logger.info(
"Initializing SfaClientBootstrap with {}".format(self.reg_url))
client_bootstrap = SfaClientBootstrap(self.user, self.reg_url, self.options.sfi_dir,
- logger=self.logger)
+ logger=logger)
# if -k is provided, use this to initialize private key
if self.options.user_private_key:
client_bootstrap.init_private_key_if_missing(
# trigger legacy compat code if needed
# the name has changed from just <leaf>.pkey to <hrn>.pkey
if not os.path.isfile(client_bootstrap.private_key_filename()):
- self.logger.info("private key not found, trying legacy name")
+ logger.info("private key not found, trying legacy name")
try:
legacy_private_key = os.path.join(self.options.sfi_dir, "{}.pkey"
.format(Xrn.unescape(get_leaf(self.user))))
- self.logger.debug("legacy_private_key={}"
+ logger.debug("legacy_private_key={}"
.format(legacy_private_key))
client_bootstrap.init_private_key_if_missing(
legacy_private_key)
- self.logger.info("Copied private key from legacy location {}"
+ logger.info("Copied private key from legacy location {}"
.format(legacy_private_key))
except:
- self.logger.log_exc("Can't find private key ")
+ logger.log_exc("Can't find private key ")
sys.exit(1)
# make it bootstrap
def my_authority_credential_string(self):
if not self.authority:
- self.logger.critical(
+ logger.critical(
"no authority specified. Use -a or set SF_AUTH")
sys.exit(-1)
return self.client_bootstrap.authority_credential_string(self.authority)
object_hrn = object_gid.get_hrn()
if not object_cred.get_privileges().get_all_delegate():
- self.logger.error("Object credential {} does not have delegate bit set"
+ logger.error("Object credential {} does not have delegate bit set"
.format(object_hrn))
return
def registry(self):
# cache the result
if not hasattr(self, 'registry_proxy'):
- self.logger.info("Contacting Registry at: {}".format(self.reg_url))
+ logger.info("Contacting Registry at: {}".format(self.reg_url))
self.registry_proxy \
= SfaServerProxy(self.reg_url, self.private_key, self.my_gid,
timeout=self.options.timeout, verbose=self.options.debug)
records = self.registry().Resolve(node_hrn, self.my_credential_string)
records = filter_records('node', records)
if not records:
- self.logger.warning(
+ logger.warning(
"No such component:{}".format(opts.component))
record = records[0]
cm_url = "http://{}:{}/".format(record['hostname'], CM_PORT)
# the config
if not self.sm_url.startswith('http://') or self.sm_url.startswith('https://'):
self.sm_url = 'http://' + self.sm_url
- self.logger.info(
+ logger.info(
"Contacting Slice Manager at: {}".format(self.sm_url))
self.sliceapi_proxy \
= SfaServerProxy(self.sm_url, self.private_key, self.my_gid,
cache = Cache(cache_file)
except IOError:
cache = Cache()
- self.logger.info("Local cache not found at: {}".format(cache_file))
+ logger.info("Local cache not found at: {}".format(cache_file))
if cache:
version = cache.get(cache_key)
version = ReturnValue.get_value(result)
# cache version for 20 minutes
cache.add(cache_key, version, ttl=60 * 20)
- self.logger.info("Updating cache file {}".format(cache_file))
+ logger.info("Updating cache file {}".format(cache_file))
cache.save_to_file(cache_file)
return version
if (os.path.isfile(file)):
return file
else:
- self.logger.critical("No such rspec file {}".format(rspec))
+ logger.critical("No such rspec file {}".format(rspec))
sys.exit(1)
def get_record_file(self, record):
if (os.path.isfile(file)):
return file
else:
- self.logger.critical(
+ logger.critical(
"No such registry record file {}".format(record))
sys.exit(1)
hrn, self.my_credential_string, resolve_options)
record_dicts = filter_records(options.type, record_dicts)
if not record_dicts:
- self.logger.error("No record of type {}".format(options.type))
+ logger.error("No record of type {}".format(options.type))
return
# user has required to focus on some keys
if options.keys:
else:
filename = os.sep.join(
[self.options.sfi_dir, '{}.gid'.format(target_hrn)])
- self.logger.info("writing {} gid to {}".format(target_hrn, filename))
+ logger.info("writing {} gid to {}".format(target_hrn, filename))
GID(string=gid).save_to_file(filename)
# xxx should analyze result
return 0
filename = os.path.join(self.options.sfi_dir,
"{}_for_{}.{}.cred".format(message, to_hrn, to_type))
delegated_credential.save_to_file(filename, save_parents=True)
- self.logger.info("delegated credential for {} to {} and wrote to {}"
+ logger.info("delegated credential for {} to {} and wrote to {}"
.format(message, to_hrn, filename))
####################
self.print_help()
sys.exit(1)
# enable info by default
- self.logger.setLevelFromOptVerbose(self.options.verbose + 1)
+ logger.setLevelFromOptVerbose(self.options.verbose + 1)
# the rough sketch goes like this
# (0) produce a p12 file
self.client_bootstrap.my_pkcs12()
sys.exit(1)
# (b) figure whether we are PI for the authority where we belong
- self.logger.info("Resolving our own id {}".format(self.user))
+ logger.info("Resolving our own id {}".format(self.user))
my_records = self.registry().Resolve(self.user, self.my_credential_string)
if len(my_records) != 1:
print("Cannot Resolve {} -- exiting".format(self.user))
sys.exit(1)
my_record = my_records[0]
my_auths_all = my_record['reg-pi-authorities']
- self.logger.info(
+ logger.info(
"Found {} authorities that we are PI for".format(len(my_auths_all)))
- self.logger.debug("They are {}".format(my_auths_all))
+ logger.debug("They are {}".format(my_auths_all))
my_auths = my_auths_all
if options.delegate_auths:
my_auths = list(set(my_auths_all).intersection(
set(options.delegate_auths)))
- self.logger.debug(
+ logger.debug(
"Restricted to user-provided auths {}".format(my_auths))
# (c) get the set of slices that we are in
my_slices_all = my_record['reg-slices']
- self.logger.info(
+ logger.info(
"Found {} slices that we are member of".format(len(my_slices_all)))
- self.logger.debug("They are: {}".format(my_slices_all))
+ logger.debug("They are: {}".format(my_slices_all))
my_slices = my_slices_all
# if user provided slices, deal only with these - if they are found
if options.delegate_slices:
my_slices = list(set(my_slices_all).intersection(
set(options.delegate_slices)))
- self.logger.debug(
+ logger.debug(
"Restricted to user-provided slices: {}".format(my_slices))
# (d) make sure we have *valid* credentials for all these
.format(hrn, htype, delegatee_hrn, delegatee_type))
with open(filename, 'w') as f:
f.write(delegated_credential)
- self.logger.debug("(Over)wrote {}".format(filename))
+ logger.debug("(Over)wrote {}".format(filename))
hrn_delegated_credentials.append(
(hrn, htype, delegated_credential, filename, ))
# (f) and finally upload them to manifold server
# xxx todo add an option so the password can be set on the command line
# (but *NOT* in the config file) so other apps can leverage this
- self.logger.info("Uploading on backend at {}".format(
+ logger.info("Uploading on backend at {}".format(
myslice_dict['backend']))
- uploader = ManifoldUploader(logger=self.logger,
+ uploader = ManifoldUploader(logger=logger,
url=myslice_dict['backend'],
platform=myslice_dict['platform'],
username=myslice_dict['username'],
if uploader.upload(delegated_credential, message=message):
count_success += 1
count_all += 1
- self.logger.info("Successfully uploaded {}/{} credentials"
+ logger.info("Successfully uploaded {}/{} credentials"
.format(count_success, count_all))
# at first I thought we would want to save these,
gid = GID(string=trusted_cert)
gid.dump()
cert = Certificate(string=trusted_cert)
- self.logger.debug('Sfi.trusted -> {}'.format(cert.get_subject()))
+ logger.debug('Sfi.trusted -> {}'.format(cert.get_subject()))
print("Certificate:\n{}\n\n".format(trusted_cert))
# xxx should analyze result
return 0
return {"aggregate": aggregate, "result": result,
"elapsed": time.time() - tStart, "status": "success"}
except Exception as e:
- api.logger.log_exc("ListResources failed at %s" % (server.url))
+ logger.log_exc("ListResources failed at %s" % (server.url))
return {"aggregate": aggregate, "elapsed": time.time() - tStart,
"status": "exception", "exc_info": sys.exc_info()}
if not xrn and self.cache and cached_requested:
rspec = self.cache.get(version_string)
if rspec:
- api.logger.debug(
+ logger.debug(
"SliceManager.ListResources returns cached advertisement")
return rspec
try:
rspec.version.merge(ReturnValue.get_value(res))
except Exception:
- api.logger.log_exc(
+ logger.log_exc(
"SM.ListResources: Failed to merge aggregate rspec")
# cache the result
if self.cache and not xrn:
- api.logger.debug("SliceManager.ListResources caches advertisement")
+ logger.debug("SliceManager.ListResources caches advertisement")
self.cache.add(version_string, rspec.toxml())
return rspec.toxml()
ReturnValue.get_value(res['geni_rspec']))
geni_slivers.extend(res['geni_slivers'])
except Exception:
- api.logger.log_exc(
+ logger.log_exc(
"SM.Allocate: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
ReturnValue.get_value(res['geni_rspec']))
geni_slivers.extend(res['geni_slivers'])
except:
- api.logger.log_exc(
+ logger.log_exc(
"SM.Provision: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
geni_urn = result['geni_urn']
geni_slivers.extend(result['geni_slivers'])
except Exception:
- api.logger.log_exc(
+ logger.log_exc(
"SM.Provision: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
ReturnValue.get_value(result['geni_rspec']))
geni_slivers.extend(result['geni_slivers'])
except Exception:
- api.logger.log_exc(
+ logger.log_exc(
"SM.Provision: Failed to merge aggregate rspec")
return {
'geni_urn': geni_urn,
class Allocate(Method):
"""
- Allocate resources as described in a request RSpec argument
- to a slice with the named URN. On success, one or more slivers
- are allocated, containing resources satisfying the request, and
- assigned to the given slice. This method returns a listing and
- description of the resources reserved for the slice by this
- operation, in the form of a manifest RSpec. Allocated slivers
- are held for an aggregate-determined period. Clients must Renew
- or Provision slivers before the expiration time (given in the
+ Allocate resources as described in a request RSpec argument
+ to a slice with the named URN. On success, one or more slivers
+ are allocated, containing resources satisfying the request, and
+ assigned to the given slice. This method returns a listing and
+ description of the resources reserved for the slice by this
+ operation, in the form of a manifest RSpec. Allocated slivers
+ are held for an aggregate-determined period. Clients must Renew
+ or Provision slivers before the expiration time (given in the
return struct), or the aggregate will automatically Delete them.
@param slice_urn (string) URN of slice to allocate to
This option can take 3 values
(*) options['pltags'] == 'ignore' (default)
- This is the recommended mode; in this mode all slice tags passed
- here are ignore, which correspond to the <planetlab:attribute> XML tags in
+ This is the recommended mode; in this mode all slice tags passed
+ here are ignore, which correspond to the <planetlab:attribute> XML tags in
the <sliver_type> areas of incoming rspec to Allocate.
In other words you are guaranteed to leave slice tags alone.
(*) options['pltags'] == 'append'
- All incoming slice tags are added to corresponding slivers,
+ All incoming slice tags are added to corresponding slivers,
unless an exact match can be found in the PLC db
(*) options['pltags'] == 'sync'
The historical mode, that attempts to leave the PLC db in a state
# the slivers should expire.
expiration = datetime_to_string(the_credential.expiration)
- self.api.logger.debug(
+ logger.debug(
"Allocate, received expiration from credential: %s" % expiration)
# turned off, as passing an empty rspec is indeed useful for cleaning up the slice
chain_name = 'INCOMING'
elif self.api.interface in ['slicemgr']:
chain_name = 'FORWARD-INCOMING'
- self.api.logger.debug("Allocate: sfatables on chain %s" % chain_name)
+ logger.debug("Allocate: sfatables on chain %s" % chain_name)
actual_caller_hrn = the_credential.actual_caller_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, actual_caller_hrn, xrn.get_hrn(), self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, actual_caller_hrn, xrn.get_hrn(), self.name))
rspec = run_sfatables(chain_name, xrn.get_hrn(),
actual_caller_hrn, rspec)
# turned off, as passing an empty rspec is indeed useful for cleaning up the slice
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.storage.parameter import Parameter, Mixed
from sfa.trust.credential import Credential
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, xrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, xrn, self.name))
return self.api.manager.CreateGid(self.api, xrn, cert)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
+
from sfa.storage.parameter import Parameter, Mixed
from sfa.trust.auth import Auth
from sfa.trust.credential import Credential
class Delete(Method):
"""
- Remove the slice or slivers and free the allocated resources
+ Remove the slice or slivers and free the allocated resources
@param xrns human readable name of slice to instantiate (hrn or urn)
@param creds credential string specifying the rights of the caller
- @return 1 is successful, faults otherwise
+ @return 1 is successful, faults otherwise
"""
interfaces = ['aggregate', 'slicemgr', 'component']
returns = Parameter(int, "1 if successful")
def call(self, xrns, creds, options):
- valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'deletesliver', xrns,
- check_sliver_callback=self.api.driver.check_sliver_credentials,
- options=options)
+ valid_creds = self.api.auth.checkCredentialsSpeaksFor(
+ creds, 'deletesliver', xrns,
+ check_sliver_callback=self.api.driver.check_sliver_credentials,
+ options=options)
# log the call
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, xrns, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, xrns, self.name))
return self.api.manager.Delete(self.api, xrns, creds, options)
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
from sfa.util.faults import SfaInvalidArgument
+from sfa.util.sfalogging import logger
+
from sfa.trust.credential import Credential
from sfa.storage.parameter import Parameter, Mixed
class Describe(Method):
"""
- Retrieve a manifest RSpec describing the resources contained by the
- named entities, e.g. a single slice or a set of the slivers in a
- slice. This listing and description should be sufficiently
- descriptive to allow experimenters to use the resources.
+ Retrieve a manifest RSpec describing the resources contained by the
+ named entities, e.g. a single slice or a set of the slivers in a
+ slice. This listing and description should be sufficiently
+ descriptive to allow experimenters to use the resources.
@param credential list
@param options dictionary
@return dict
returns = Parameter(str, "List of resources")
def call(self, urns, creds, options):
- self.api.logger.info("interface: %s\tmethod-name: %s" %
- (self.api.interface, self.name))
+ logger.info("interface: %s\tmethod-name: %s" %
+ (self.api.interface, self.name))
# client must specify a version
if not options.get('geni_rspec_version'):
chain_name = 'OUTGOING'
elif self.api.interface in ['slicemgr']:
chain_name = 'FORWARD-OUTGOING'
- self.api.logger.debug(
+ logger.debug(
"ListResources: sfatables on chain %s" % chain_name)
desc['geni_rspec'] = run_sfatables(
chain_name, '', origin_hrn, desc['geni_rspec'])
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
@param cred credential object specifying rights of the caller
@param type type of object (user | slice | node | authority )
- @return the string representation of a credential object
+ @return the string representation of a credential object
"""
interfaces = ['registry']
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrn, self.name))
return self.api.manager.GetCredential(self.api, xrn, type, self.api.auth.client_gid.get_urn())
from sfa.util.faults import RecordNotFound, ConnectionKeyGIDMismatch
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.certificate import Certificate
class GetSelfCredential(Method):
"""
Retrive a credential for an object
- @param cert certificate string
+ @param cert certificate string
@param type type of object (user | slice | sa | ma | node)
@param hrn human readable name of object (hrn or urn)
- @return the string representation of a credential object
+ @return the string representation of a credential object
"""
interfaces = ['registry']
self.api.auth.verify_object_belongs_to_me(hrn)
origin_hrn = Certificate(string=cert).get_subject()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrn, self.name))
# authenticate the gid
# import here so we can load this module at build-time for sfa2wsdl
certificate = Certificate(string=cert)
if not certificate.is_pubkey(gid.get_pubkey()):
for (obj, name) in [(certificate, "CERT"), (gid, "GID"), ]:
- self.api.logger.debug("ConnectionKeyGIDMismatch, %s pubkey: %s" % (
+ logger.debug("ConnectionKeyGIDMismatch, %s pubkey: %s" % (
name, obj.get_pubkey().get_pubkey_string()))
- self.api.logger.debug(
+ logger.debug(
"ConnectionKeyGIDMismatch, %s dump: %s" % (name, obj.dump_string()))
if hasattr(obj, 'filename'):
- self.api.logger.debug(
+ logger.debug(
"ConnectionKeyGIDMismatch, %s filename: %s" % (name, obj.filename))
raise ConnectionKeyGIDMismatch(gid.get_subject())
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.storage.parameter import Parameter
def call(self, options=None):
if options is None:
options = {}
- self.api.logger.info("interface: %s\tmethod-name: %s" %
- (self.api.interface, self.name))
+ logger.info("interface: %s\tmethod-name: %s" %
+ (self.api.interface, self.name))
return self.api.manager.GetVersion(self.api, options)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
class List(Method):
"""
- List the records in an authority.
+ List the records in an authority.
@param cred credential string specifying the rights of the caller
@param hrn human readable name of authority to list (hrn or urn)
- @return list of record dictionaries
+ @return list of record dictionaries
"""
interfaces = ['registry']
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrn, self.name))
return self.api.manager.List(self.api, xrn, options=options)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
+from sfa.util.sfalogging import logger
+
from sfa.util.faults import SfaInvalidArgument
from sfa.trust.credential import Credential
returns = Parameter(str, "List of resources")
def call(self, creds, options):
- self.api.logger.info("interface: %s\tmethod-name: %s" %
- (self.api.interface, self.name))
+ logger.info("interface: %s\tmethod-name: %s" %
+ (self.api.interface, self.name))
# client must specify a version
if not options.get('geni_rspec_version'):
chain_name = 'OUTGOING'
elif self.api.interface in ['slicemgr']:
chain_name = 'FORWARD-OUTGOING'
- self.api.logger.debug(
+ logger.debug(
"ListResources: sfatables on chain %s" % chain_name)
filtered_rspec = run_sfatables(chain_name, '', origin_hrn, rspec)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
+from sfa.util.sfalogging import logger
+
from sfa.trust.credential import Credential
+
from sfa.storage.parameter import Parameter, Mixed
class PerformOperationalAction(Method):
"""
- Request that the named geni_allocated slivers be made
- geni_provisioned, instantiating or otherwise realizing the
- resources, such that they have a valid geni_operational_status
- and may possibly be made geni_ready for experimenter use. This
- operation is synchronous, but may start a longer process, such
+ Request that the named geni_allocated slivers be made
+ geni_provisioned, instantiating or otherwise realizing the
+ resources, such that they have a valid geni_operational_status
+ and may possibly be made geni_ready for experimenter use. This
+ operation is synchronous, but may start a longer process, such
as creating and imaging a virtual machine
@param slice urns ([string]) URNs of slivers to provision to
returns = Parameter(dict, "Provisioned Resources")
def call(self, xrns, creds, action, options):
- self.api.logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, xrns, self.name))
+ logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, xrns, self.name))
(speaking_for, _) = urn_to_hrn(options.get('geni_speaking_for'))
# Find the valid credentials
- valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'createsliver', xrns,
- check_sliver_callback=self.api.driver.check_sliver_credentials,
- options=options)
+ valid_creds = self.api.auth.checkCredentialsSpeaksFor(
+ creds, 'createsliver', xrns,
+ check_sliver_callback=self.api.driver.check_sliver_credentials,
+ options=options)
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, xrns, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, xrns, self.name))
result = self.api.manager.PerformOperationalAction(
self.api, xrns, creds, action, options)
return result
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatablesRuntime import run_sfatables
+from sfa.util.sfalogging import logger
+
from sfa.trust.credential import Credential
+
from sfa.storage.parameter import Parameter, Mixed
+
from sfa.rspecs.rspec import RSpec
class Provision(Method):
"""
- Request that the named geni_allocated slivers be made
- geni_provisioned, instantiating or otherwise realizing the
- resources, such that they have a valid geni_operational_status
- and may possibly be made geni_ready for experimenter use. This
- operation is synchronous, but may start a longer process, such
+ Request that the named geni_allocated slivers be made
+ geni_provisioned, instantiating or otherwise realizing the
+ resources, such that they have a valid geni_operational_status
+ and may possibly be made geni_ready for experimenter use. This
+ operation is synchronous, but may start a longer process, such
as creating and imaging a virtual machine
@param slice urns ([string]) URNs of slivers to provision to
returns = Parameter(dict, "Provisioned Resources")
def call(self, xrns, creds, options):
- self.api.logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, xrns, self.name))
+ logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, xrns, self.name))
# Find the valid credentials
- valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'createsliver', xrns,
- check_sliver_callback=self.api.driver.check_sliver_credentials,
- options=options)
+ valid_creds = self.api.auth.checkCredentialsSpeaksFor(
+ creds, 'createsliver', xrns,
+ check_sliver_callback=self.api.driver.check_sliver_credentials,
+ options=options)
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, xrns, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, xrns, self.name))
result = self.api.manager.Provision(self.api, xrns, creds, options)
return result
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrn, self.name))
return self.api.manager.Register(self.api, record)
from sfa.util.xrn import Xrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
@param type record type
@param xrn human readable name of record to remove (hrn or urn)
- @return 1 if successful, faults otherwise
+ @return 1 if successful, faults otherwise
"""
interfaces = ['registry']
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tmethod-name: %s\tcaller-hrn: %s\ttarget-urn: %s" % (
- self.api.interface, self.name, origin_hrn, xrn.get_urn()))
+ logger.info("interface: %s\tmethod-name: %s\tcaller-hrn: %s\ttarget-urn: %s" % (
+ self.api.interface, self.name, origin_hrn, xrn.get_urn()))
return self.api.manager.Remove(self.api, xrn)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
from sfa.util.sfatime import utcparse, add_datetime
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
class Renew(Method):
"""
- Renews the resources in the specified slice or slivers by
+ Renews the resources in the specified slice or slivers by
extending the lifetime.
@param urns ([string]) List of URNs of to renew
def call(self, urns, creds, expiration_time, options):
# Find the valid credentials
- valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'renewsliver', urns,
- check_sliver_callback=self.api.driver.check_sliver_credentials,
- options=options)
+ valid_creds = self.api.auth.checkCredentialsSpeaksFor(
+ creds, 'renewsliver', urns,
+ check_sliver_callback=self.api.driver.check_sliver_credentials,
+ options=options)
the_credential = Credential(cred=valid_creds[0])
actual_caller_hrn = the_credential.actual_caller_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-urns: %s\texpiration:%s\tmethod-name: %s" %
- (self.api.interface, actual_caller_hrn, urns, expiration_time, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-urns: %s\texpiration:%s\tmethod-name: %s" %
+ (self.api.interface, actual_caller_hrn, urns, expiration_time, self.name))
# extend as long as possible : take the min of requested and
# now+SFA_MAX_SLICE_RENEW
# Validate that the time does not go beyond the credential's expiration
# time
requested_expire = utcparse(expiration_time)
- self.api.logger.info("requested_expire = %s" % requested_expire)
+ logger.info("requested_expire = %s" % requested_expire)
credential_expire = the_credential.get_expiration()
- self.api.logger.info("credential_expire = %s" % credential_expire)
+ logger.info("credential_expire = %s" % credential_expire)
max_renew_days = int(self.api.config.SFA_MAX_SLICE_RENEW)
max_expire = datetime.datetime.utcnow() + datetime.timedelta(days=max_renew_days)
if requested_expire > credential_expire:
# used to throw an InsufficientRights exception here, this was not
# right
- self.api.logger.warning("Requested expiration %s, after credential expiration (%s) -> trimming to the latter/sooner" %
- (requested_expire, credential_expire))
+ logger.warning("Requested expiration %s, after credential expiration (%s) -> trimming to the latter/sooner" %
+ (requested_expire, credential_expire))
requested_expire = credential_expire
if requested_expire > max_expire:
# likewise
- self.api.logger.warning("Requested expiration %s, after maximal expiration %s days (%s) -> trimming to the latter/sooner" %
- (requested_expire, self.api.config.SFA_MAX_SLICE_RENEW, max_expire))
+ logger.warning("Requested expiration %s, after maximal expiration %s days (%s) -> trimming to the latter/sooner" %
+ (requested_expire, self.api.config.SFA_MAX_SLICE_RENEW, max_expire))
requested_expire = max_expire
return self.api.manager.Renew(self.api, urns, creds, requested_expire, options)
from sfa.util.xrn import Xrn, urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
Resolve a record.
@param cred credential string authorizing the caller
- @param hrn human readable name to resolve (hrn or urn)
- @return a list of record dictionaries or empty list
+ @param hrn human readable name to resolve (hrn or urn)
+ @return a list of record dictionaries or empty list
"""
interfaces = ['registry']
# log the call
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrns, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrns, self.name))
# send the call to the right manager
return self.api.manager.Resolve(self.api, xrns, type, details=details)
from sfa.storage.parameter import Parameter
from sfa.trust.credential import Credential
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
class Shutdown(Method):
"""
- Perform an emergency shut down of a sliver. This operation is intended for administrative use.
+ Perform an emergency shut down of a sliver. This operation is intended for administrative use.
The sliver is shut down but remains available for further forensics.
@param slice_urn (string) URN of slice to renew
- @param credentials ([string]) of credentials
+ @param credentials ([string]) of credentials
"""
interfaces = ['aggregate', 'slicemgr']
accepts = [
def call(self, xrn, creds):
- valid_creds = self.api.auth.checkCredentials(creds, 'stopslice', xrn,
- check_sliver_callback=self.api.driver.check_sliver_credentials)
+ valid_creds = self.api.auth.checkCredentials(
+ creds, 'stopslice', xrn,
+ check_sliver_callback=self.api.driver.check_sliver_credentials)
# log the call
origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, xrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, xrn, self.name))
return self.api.manager.Shutdown(self.api, xrn, creds)
from sfa.util.xrn import urn_to_hrn
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.storage.parameter import Parameter, Mixed
returns = Parameter(dict, "Status details")
def call(self, xrns, creds, options):
- valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'sliverstatus', xrns,
- check_sliver_callback=self.api.driver.check_sliver_credentials,
- options=options)
+ valid_creds = self.api.auth.checkCredentialsSpeaksFor(
+ creds, 'sliverstatus', xrns,
+ check_sliver_callback=self.api.driver.check_sliver_credentials,
+ options=options)
- self.api.logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, xrns, self.name))
+ logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, xrns, self.name))
return self.api.manager.Status(self.api, xrns, creds, options)
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.credential import Credential
@param cred credential string specifying rights of the caller
@param record a record dictionary to be updated
- @return 1 if successful, faults otherwise
+ @return 1 if successful, faults otherwise
"""
interfaces = ['registry']
# log
origin_hrn = Credential(
string=valid_creds[0]).get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
- (self.api.interface, origin_hrn, hrn, self.name))
+ logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s" %
+ (self.api.interface, origin_hrn, hrn, self.name))
return self.api.manager.Update(self.api, record_dict)
from sfa.util.method import Method
+from sfa.util.sfalogging import logger
from sfa.trust.auth import Auth
from sfa.trust.credential import Credential
class get_trusted_certs(Method):
"""
@param cred credential string specifying the rights of the caller
- @return list of gid strings
+ @return list of gid strings
"""
interfaces = ['registry', 'aggregate', 'slicemgr']
# If cred is not specified just return the gid for this interface.
# This is true when when a peer is attempting to initiate federation
# with this interface
- self.api.logger.debug("get_trusted_certs: %r" % cred)
+ logger.debug("get_trusted_certs: %r" % cred)
if not cred:
gid_strings = []
for gid in self.api.auth.trusted_cert_list:
from sfa.util.sfalogging import init_logger, logger
from sfa.util.xrn import get_authority, hrn_to_urn
from sfa.util.config import Config
+
from sfa.trust.gid import GID
from sfa.trust.trustedroots import TrustedRoots
from sfa.trust.certificate import Keypair, Certificate
from sfa.trust.hierarchy import Hierarchy
from sfa.trust.gid import GID
+
from sfa.server.sfaapi import SfaApi
from sfa.server.registry import Registries
from sfa.server.aggregate import Aggregates
+
from sfa.client.return_value import ReturnValue
gid.save_to_file(gid_filename, save_parents=True)
message = "installed trusted cert for %s" % new_hrn
# log the message
- api.logger.info(message)
+ logger.info(message)
except Exception:
message = "interface: %s\tunable to install trusted gid for %s" % \
(api.interface, new_hrn)
- api.logger.log_exc(message)
+ logger.log_exc(message)
# doesnt matter witch one
update_cert_records(peer_gids)
class XmlrpcApi:
"""
- The XmlrpcApi class implements a basic xmlrpc (or soap) service
+ The XmlrpcApi class implements a basic xmlrpc (or soap) service
"""
protocol = None
methods, fromlist=[methods])
self.methods = methods_module.all
- self.logger = logger
-
def callable(self, method):
"""
Return a new instance of the specified method.
callablemethod = getattr(module, classname)(self)
return getattr(module, classname)(self)
except (ImportError, AttributeError):
- self.logger.log_exc("Error importing method: %s" % method)
+ logger.log_exc("Error importing method: %s" % method)
raise SfaInvalidAPIMethod(method)
def call(self, source, method, *args):
result = self.call(source, method, *args)
except SfaFault as fault:
result = fault
- self.logger.log_exc("XmlrpcApi.handle has caught Exception")
+ logger.log_exc("XmlrpcApi.handle has caught Exception")
except Exception as fault:
- self.logger.log_exc("XmlrpcApi.handle has caught Exception")
+ logger.log_exc("XmlrpcApi.handle has caught Exception")
result = SfaAPIError(fault)
# Return result
from sfa.util.sfalogging import logger
# this tends to generate quite some logs for little or no value
-debug_verify_chain = False
+debug_verify_chain = True
glo_passphrase_callback = None
# @param cert certificate object
def is_signed_by_cert(self, cert):
- logger.debug("Certificate.is_signed_by_cert -> invoking verify")
k = cert.get_pubkey()
+ logger.debug("Certificate.is_signed_by_cert -> verify on {}\n"
+ "with pubkey {}"
+ .format(self, k))
result = self.verify(k)
return result
trusted_cert.pretty_name()))
else:
logger.debug("verify_chain: not a direct"
- " descendant of a trusted root")
+ " descendant of trusted root #{}".format(i))
# if there is no parent, then no way to verify the chain
if not self.parent:
git://git.onelab.eu / sfa.git / commitdiff