From: Thierry Parmentelat Date: Tue, 29 May 2018 08:05:03 +0000 (+0200) Subject: rough cleanup of component manager X-Git-Tag: sfa-4.0-1~1^2~1 X-Git-Url: http://git.onelab.eu/?p=sfa.git;a=commitdiff_plain;h=052e281f8c79237b6759cbb259407f071adda1cc rough cleanup of component manager --- diff --git a/config/gen-sfa-cm-config.py b/config/gen-sfa-cm-config.py deleted file mode 100755 index eca98355..00000000 --- a/config/gen-sfa-cm-config.py +++ /dev/null @@ -1,53 +0,0 @@ -#!/usr/bin/python -import os -import sys -import socket -sys.path.append('/usr/share/plc_api') -from sfa.util.config import Config as SfaConfig -from PLC.Config import Config as PlcConfig - -sfa_config = SfaConfig() -plc_config = PlcConfig() -default_host = socket.gethostbyname(socket.gethostname()) -all_vars = ['SFA_CONFIG_DIR', 'SFA_DATA_DIR', 'SFA_INTERFACE_HRN', - 'SFA_CM_SLICE_PREFIX', 'SFA_REGISTRY_HOST', 'SFA_REGISTRY_PORT', - 'SFA_AGGREGATE_HOST', 'SFA_AGGREGATE_PORT', - 'SFA_CM_ENABLED', 'SFA_CM_HOST', 'SFA_CM_PORT', 'SFA_CM_TYPE', 'SFA_CM_SLICE_PREFIX', - 'SFA_API_LOGLEVEL'] - -defaults = { - 'SFA_CM_ENABLED': '1', - 'SFA_CM_HOST': 'localhost', - 'SFA_CM_PORT': '12346', - 'SFA_CM_SLICE_PREFIX': plc_config.PLC_SLICE_PREFIX, - 'SFA_CM_TYPE': 'pl', - 'SFA_API_LOGLEVEL': '0' -} - -host_defaults = { - 'SFA_REGISTRY_HOST': default_host, - 'SFA_AGGREGATE_HOST': default_host, -} - -const_dict = {} -for key in all_vars: - value = "" - - if key in defaults: - value = defaults[key] - elif hasattr(sfa_config, key): - value = getattr(sfa_config, key) - # sfa_config may specify localhost instead of a resolvalbe host or ip - # if so replace this with the host's address - if key in host_defaults and value in ['localhost', '127.0.0.1']: - value = host_defaults[key] - const_dict[key] = value - -filename = sfa_config.config_path + os.sep + 'sfa_component_config' -conffile = open(filename, 'w') -format = '%s="%s"\n' - -for var in all_vars: - conffile.write(format % (var, const_dict[var])) - -conffile.close() diff --git a/config/sfa_component_config b/config/sfa_component_config deleted file mode 100644 index dec159af..00000000 --- a/config/sfa_component_config +++ /dev/null @@ -1,82 +0,0 @@ -# SFA Config file for the Component Manager -# - -# HRN -# Human readable name for this interface -SFA_INTERFACE_HRN="plc" - -# loglevel -# How deep are we logging (0|1|2) -SFA_API_LOGLEVEL=1 - -## ============================================================ -# Registry Configuration -# -# Enabled -# Enable the registry interface -SFA_REGISTRY_ENABLED=0 - -# Root Auth -# The hrn of the registry's root auth -SFA_REGISTRY_ROOT_AUTH="plc" - -# Level1 Auth -# The hrn of the registry's level1 auth (sub authority) -# The full name of this interface (only secify if this -# interface is a sub authority) -# xxx could be determined from hrn above -SFA_REGISTRY_LEVEL1_AUTH="" - -SFA_GENERIC_FLAVOUR='pl' - -# Hostname -# The fully qualified hostname of the registry server -SFA_REGISTRY_HOST="localhost" - -# Port -# SFA registry port -SFA_REGISTRY_PORT=12345 - -## ============================================================== -## Aggregate Configuration -## -## Enable aggregate inteface -## Enable the aggregate inteface. -SFA_AGGREGATE_ENABLED=0 - -# -# -## Hostname -## The fully qualified hostname of the aggregate server -SFA_AGGREGATE_HOST="localhost" -# -## Port -## SFA aggregate server port -SFA_AGGREGATE_PORT=12346 - -## =============================================================== -# Component Manager Configuration -# -# Enabled -## Enable the slice manager -SFA_CM_ENABLED=1 - -# Component Manager type -# -# The type of backend server for this component manager -SFA_CM_TYPE='pl' -# -# Host -## The fully qualified hostname or IP address of the slice manager server -SFA_CM_HOST="localhost" -# -# Port -# SFA slice manager server port -SFA_CM_PORT=12346 - - -# Directory internal data gets stored -SFA_CONFIG_DIR="/etc/sfa" - -# Directory internal data gets stored -SFA_DATA_DIR="/var/lib/sfa" diff --git a/docs/Makefile b/docs/Makefile index 5f34949f..d6605819 100644 --- a/docs/Makefile +++ b/docs/Makefile @@ -3,9 +3,7 @@ doc: pythondoc.py ../sfa/util/certificate.py ../sfa/util/credential.py ../sfa/util/gid.py \ ../sfa/util/rights.py ../sfa/util/config.py ../sfa/trust/hierarchy.py \ ../sfa/util/record.py ../sfa/util/client.py \ - ../sfa/server/sfaserver.py + ../sfa/server/sfaserver.py pythondoc.py ../sfa/registry/registry.py ../sfa/registry/import.py \ ../sfa/registry/nuke.py - - pythondoc.py ../component/component.py diff --git a/docs/pythondoc-component.html b/docs/pythondoc-component.html deleted file mode 100644 index 655f2862..00000000 --- a/docs/pythondoc-component.html +++ /dev/null @@ -1,136 +0,0 @@ - - - - -The component Module - - -

The component Module

-

Geni Component Wrapper - -This wrapper implements the Geni Component Interface

-
-
ComponentManager(ip, port, key_file, cert_file) (class) [#]
-
-

ComponentManager is a GeniServer that serves component interface requests.

-

For more information about this class, see The ComponentManager Class.

-
-
-

The ComponentManager Class

-
-
ComponentManager(ip, port, key_file, cert_file) (class) [#]
-
-

ComponentManager is a GeniServer that serves component interface requests.

-
-
decode_ticket(ticket_string) [#]
-
-

Examine the ticket that was provided by the caller, check that it is -signed and verified correctly. Throw an exception if something is -wrong with the ticket. - -This is similar to geniserver.decode_authentication

-
-
ticket_string
-
-the string representation of the ticket
-

-
-
delete_slice(cred_str) [#]
-
-

Delete a slice.

-
-
cred
-
-a credential identifying the caller (callerGID) and the slice - (objectGID)
-

-
-
geni_ticket_to_plc_rec(ticket) [#]
-
-

Convert a geni ticket into a PLC record that can be submitted to the -node manager. This involves some minor reformatting of the fields -contained in the ticket.

-
-
ticket
-
-a ticket object
-
Returns:
-
-a dictionary containing the PLC record info
-

-
-
list_slices(cred_str) [#]
-
-

List the slices on a component.

-
-
cred_str
-
-string representation of a credential object that - authorizes the caller
-
Returns:
-
-a list of slice names
-

-
-
reboot(cred_str) [#]
-
-

Reboot the component.

-
-
cred_str
-
-string representation of a credential object that - authorizes the caller
-

-
-
redeem_ticket(ticket_str) [#]
-
-

Redeem a ticket. - -The ticket is submitted to the node manager, and the slice is instantiated -or updated as appropriate. - -TODO: This operation should return a sliver credential and indicate -whether or not the component will accept only sliver credentials, or -will accept both sliver and slice credentials.

-
-
ticket_str
-
-the string representation of a ticket object
-

-
-
register_functions() [#]
-
-

Register the server RPCs for the component

-
-
reset_slice(cred_str) [#]
-
-

Reset a slice.

-
-
cred
-
-a credential identifying the caller (callerGID) and the slice - (objectGID)
-

-
-
start_slice(cred_str) [#]
-
-

Start a slice.

-
-
cred
-
-a credential identifying the caller (callerGID) and the slice - (objectGID)
-

-
-
stop_slice(cred_str) [#]
-
-

Stop a slice.

-
-
cred
-
-a credential identifying the caller (callerGID) and the slice - (objectGID)
-

-
-
- diff --git a/sfa/generic/__init__.py b/sfa/generic/__init__.py index 1a2778d0..fd70c3c8 100644 --- a/sfa/generic/__init__.py +++ b/sfa/generic/__init__.py @@ -60,8 +60,6 @@ class Generic: def aggregate_class(self): pass - def component_class(self): pass - # build an API object # insert a manager instance def make_api(self, *args, **kwargs): @@ -84,7 +82,7 @@ class Generic: def make_manager(self, interface): """ - interface expected in ['registry', 'aggregate', 'component'] + interface expected in ['registry', 'aggregate'] flavour is e.g. 'pl' or 'max' or whatever """ flavour = self.flavour @@ -112,10 +110,7 @@ class Generic: message = "Generic.make_driver for flavour=%s and interface=%s" % ( flavour, interface) - if interface == "component": - classname = "component_driver_class" - else: - classname = "driver_class" + classname = "driver_class" try: class_obj = getattr(self, classname)() logger.debug("%s : %s" % (message, class_obj)) diff --git a/sfa/generic/iotlab.py b/sfa/generic/iotlab.py index e9422b67..14cd3cc7 100644 --- a/sfa/generic/iotlab.py +++ b/sfa/generic/iotlab.py @@ -26,10 +26,3 @@ class iotlab (Generic): def driver_class(self): import sfa.iotlab.iotlabdriver return sfa.iotlab.iotlabdriver.IotLabDriver - - def component_manager_class(self): - return None - # driver_class - - def component_driver_class(self): - return None diff --git a/sfa/generic/pl.py b/sfa/generic/pl.py index 0e7fba95..2d3b95b7 100644 --- a/sfa/generic/pl.py +++ b/sfa/generic/pl.py @@ -26,14 +26,3 @@ class pl (Generic): def driver_class(self): import sfa.planetlab.pldriver return sfa.planetlab.pldriver.PlDriver - - # for the component mode, to be run on board planetlab nodes - # manager class - def component_manager_class(self): - import sfa.managers - return sfa.managers.component_manager_pl - # driver_class - - def component_driver_class(self): - import sfa.planetlab.plcomponentdriver - return sfa.planetlab.plcomponentdriver.PlComponentDriver diff --git a/sfa/managers/component_manager_default.py b/sfa/managers/component_manager_default.py deleted file mode 100644 index 1c6e0a82..00000000 --- a/sfa/managers/component_manager_default.py +++ /dev/null @@ -1,27 +0,0 @@ - -def start_slice(api, slicename): - return - - -def stop_slice(api, slicename): - return - - -def DeleteSliver(api, slicename, call_id): - return - - -def reset_slice(api, slicename): - return - - -def ListSlices(api): - return [] - - -def reboot(): - return - - -def redeem_ticket(api, ticket_string): - return diff --git a/sfa/managers/component_manager_pl.py b/sfa/managers/component_manager_pl.py deleted file mode 100644 index 219d573f..00000000 --- a/sfa/managers/component_manager_pl.py +++ /dev/null @@ -1,79 +0,0 @@ -from sfa.util.faults import SliverDoesNotExist -from sfa.util.version import version_core -from sfa.util.py23 import xmlrpc_client - -from sfa.trust.sfaticket import SfaTicket - -from sfa.planetlab.plxrn import PlXrn - - -def GetVersion(api, options): - return version_core({'interface': 'component', - 'testbed': 'myplc'}) - - -def init_server(): - from sfa.server import sfa_component_setup - # get current trusted gids - try: - sfa_component_setup.get_trusted_certs() - except: - # our keypair may be old, try refreshing - sfa_component_setup.get_node_key() - sfa_component_setup.GetCredential(force=True) - sfa_component_setup.get_trusted_certs() - - -def SliverStatus(api, slice_xrn, creds): - result = {} - result['geni_urn'] = slice_xrn - result['geni_status'] = 'unknown' - result['geni_resources'] = {} - return result - - -def start_slice(api, xrn, creds): - slicename = PlXrn(xrn, type='slice').pl_slicename() - api.driver.nodemanager.Start(slicename) - - -def stop_slice(api, xrn, creds): - slicename = PlXrn(xrn, type='slice').pl_slicename() - api.driver.nodemanager.Stop(slicename) - - -def DeleteSliver(api, xrn, creds, call_id): - slicename = PlXrn(xrn, type='slice').pl_slicename() - api.driver.nodemanager.Destroy(slicename) - - -def reset_slice(api, xrn): - slicename = PlXrn(xrn, type='slice').pl_slicename() - if not api.sliver_exists(slicename): - raise SliverDoesNotExist(slicename) - api.driver.nodemanager.ReCreate(slicename) - -# xxx outdated - this should accept a credential & call_id - - -def ListSlices(api): - # this returns a tuple, the data we want is at index 1 - xids = api.driver.nodemanager.GetXIDs() - # unfortunately the data we want is given to us as - # a string but we really want it as a dict - # lets eval it - slices = eval(xids[1]) - return slices.keys() - - -def redeem_ticket(api, ticket_string): - ticket = SfaTicket(string=ticket_string) - ticket.decode() - hrn = ticket.attributes['slivers'][0]['hrn'] - slicename = PlXrn(hrn).pl_slicename() - if not api.sliver_exists(slicename): - raise SliverDoesNotExist(slicename) - - # convert ticket to format nm is used to - nm_ticket = xmlrpc_client.dumps((ticket.attributes,), methodresponse=True) - api.driver.nodemanager.AdminTicket(nm_ticket) diff --git a/sfa/methods/Delete.py b/sfa/methods/Delete.py index 5c913ed7..dd594c6a 100644 --- a/sfa/methods/Delete.py +++ b/sfa/methods/Delete.py @@ -16,7 +16,7 @@ class Delete(Method): @return 1 is successful, faults otherwise """ - interfaces = ['aggregate', 'component'] + interfaces = ['aggregate'] accepts = [ Parameter( diff --git a/sfa/methods/GetVersion.py b/sfa/methods/GetVersion.py index 4da1e97d..0bbecd22 100644 --- a/sfa/methods/GetVersion.py +++ b/sfa/methods/GetVersion.py @@ -9,7 +9,7 @@ class GetVersion(Method): Returns this GENI Aggregate Manager's Version Information @return version """ - interfaces = ['registry', 'aggregate', 'component'] + interfaces = ['registry', 'aggregate'] accepts = [ Parameter(dict, "Options") ] diff --git a/sfa/methods/Status.py b/sfa/methods/Status.py index 98aa321e..e50ce4e3 100644 --- a/sfa/methods/Status.py +++ b/sfa/methods/Status.py @@ -12,7 +12,7 @@ class Status(Method): @param slice_urn (string) URN of slice to allocate to """ - interfaces = ['aggregate', 'component'] + interfaces = ['aggregate'] accepts = [ Parameter(type([str]), "Slice or sliver URNs"), Parameter(type([dict]), "credentials"), diff --git a/sfa/planetlab/plcomponentdriver.py b/sfa/planetlab/plcomponentdriver.py deleted file mode 100644 index 39788bb5..00000000 --- a/sfa/planetlab/plcomponentdriver.py +++ /dev/null @@ -1,106 +0,0 @@ -import os -import tempfile - -from sfa.client.sfaserverproxy import SfaServerProxy -from sfa.planetlab.nodemanager import NodeManager - -from sfa.trust.credential import Credential -from sfa.trust.certificate import Certificate, Keypair -from sfa.trust.gid import GID - -#################### - - -class PlComponentDriver: - """ - This class is the type for the toplevel 'api' object - when running the component manager inside a planetlab node. - As such it runs an SFA-compliant interface and thus inherits SfaApi - However the fact that we run inside a planetlab nodes requires - some tweaks as compared with a service running in the infrastructure. - """ - - def __init__(self, config): - self.nodemanager = NodeManager(config) - - def sliver_exists(self): - sliver_dict = self.nodemanager.GetXIDs() - # xxx slicename is undefined - if slicename in sliver_dict.keys(): - return True - else: - return False - - def get_registry(self): - addr, port = self.config.SFA_REGISTRY_HOST, self.config.SFA_REGISTRY_PORT - url = "http://%(addr)s:%(port)s" % locals() - # xxx this would require access to the api... - server = SfaServerProxy(url, self.key_file, self.cert_file) - return server - - def get_node_key(self): - # this call requires no authentication, - # so we can generate a random keypair here - subject = "component" - (kfd, keyfile) = tempfile.mkstemp() - (cfd, certfile) = tempfile.mkstemp() - key = Keypair(create=True) - key.save_to_file(keyfile) - cert = Certificate(subject=subject) - cert.set_issuer(key=key, subject=subject) - cert.set_pubkey(key) - cert.sign() - cert.save_to_file(certfile) - registry = self.get_registry() - # the registry will scp the key onto the node - registry.get_key_from_incoming_ip() - - # override the method in SfaApi - def getCredential(self): - """ - Get our credential from a remote registry - """ - path = self.config.SFA_DATA_DIR - config_dir = self.config.config_path - cred_filename = path + os.sep + 'node.cred' - try: - credential = Credential(filename=cred_filename) - return credential.save_to_string(save_parents=True) - except IOError: - node_pkey_file = config_dir + os.sep + "node.key" - node_gid_file = config_dir + os.sep + "node.gid" - cert_filename = path + os.sep + 'server.cert' - if not os.path.exists(node_pkey_file) or \ - not os.path.exists(node_gid_file): - self.get_node_key() - - # get node's hrn - gid = GID(filename=node_gid_file) - hrn = gid.get_hrn() - # get credential from registry - cert_str = Certificate( - filename=cert_filename).save_to_string(save_parents=True) - registry = self.get_registry() - cred = registry.GetSelfCredential(cert_str, hrn, 'node') - # xxx credfile is undefined - Credential(string=cred).save_to_file(credfile, save_parents=True) - - return cred - - def clean_key_cred(self): - """ - remove the existing keypair and cred and generate new ones - """ - files = ["server.key", "server.cert", "node.cred"] - for f in files: - # xxx KEYDIR is undefined, could be meant to be "/var/lib/sfa/" - # from sfa_component_setup.py - filepath = KEYDIR + os.sep + f - if os.path.isfile(filepath): - os.unlink(f) - - # install the new key pair - # GetCredential will take care of generating the new keypair - # and credential - self.get_node_key() - self.getCredential() diff --git a/sfa/server/component.py b/sfa/server/component.py deleted file mode 100644 index df91917b..00000000 --- a/sfa/server/component.py +++ /dev/null @@ -1,32 +0,0 @@ -# -# Component is a SfaServer that implements the Component interface -# -import tempfile -import os -import time -import sys - -from sfa.server.sfaserver import SfaServer - -# GeniLight client support is optional -try: - from egeni.geniLight_client import * -except ImportError: - GeniClientLight = None - -## -# Component is a SfaServer that serves component operations. - - -class Component(SfaServer): - ## - # Create a new registry object. - # - # @param ip the ip address to listen on - # @param port the port to listen on - # @param key_file private key filename of registry - # @param cert_file certificate filename containing public key (could be a GID file) - - def __init__(self, ip, port, key_file, cert_file): - SfaServer.__init__(self, ip, port, key_file, - cert_file, interface='component') diff --git a/sfa/server/sfa-start.py b/sfa/server/sfa-start.py index bd412857..ba63da1f 100755 --- a/sfa/server/sfa-start.py +++ b/sfa/server/sfa-start.py @@ -25,8 +25,6 @@ # TODO: Can all three servers use the same "registry" certificate? ## -# xxx todo not in the config yet -component_port = 12346 import os import os.path import traceback @@ -188,8 +186,6 @@ def main(): help="run registry server", default=False) parser.add_option("-a", "--aggregate", dest="am", action="store_true", help="run aggregate manager", default=False) - parser.add_option("-c", "--component", dest="cm", action="store_true", - help="run component server", default=False) parser.add_option("-t", "--trusted-certs", dest="trusted_certs", action="store_true", help="refresh trusted certs", default=False) @@ -229,13 +225,6 @@ def main(): server_key_file, server_cert_file) a.start() - if (options.cm): - from sfa.server.component import Component - c = Component("", config.component_port, - server_key_file, server_cert_file) -# c = Component("", config.SFA_COMPONENT_PORT, server_key_file, server_cert_file) - c.start() - if __name__ == "__main__": try: main() diff --git a/sfa/server/sfa_component_setup.py b/sfa/server/sfa_component_setup.py deleted file mode 100755 index 236d253a..00000000 --- a/sfa/server/sfa_component_setup.py +++ /dev/null @@ -1,331 +0,0 @@ -#!/usr/bin/python -from __future__ import print_function - -import sys -import os -import tempfile -from optparse import OptionParser - -from sfa.util.faults import ConnectionKeyGIDMismatch -from sfa.util.config import Config - -from sfa.trust.certificate import Keypair, Certificate -from sfa.trust.credential import Credential -from sfa.trust.gid import GID -from sfa.trust.hierarchy import Hierarchy - -from sfa.client.sfaserverproxy import SfaServerProxy - -from sfa.planetlab.plxrn import hrn_to_pl_slicename, slicename_to_hrn - -KEYDIR = "/var/lib/sfa/" -CONFDIR = "/etc/sfa/" - - -def handle_gid_mismatch_exception(f): - def wrapper(*args, **kwds): - try: - return f(*args, **kwds) - except ConnectionKeyGIDMismatch: - # clean regen server keypair and try again - print("cleaning keys and trying again") - clean_key_cred() - return f(args, kwds) - - return wrapper - - -def server_proxy(url=None, port=None, keyfile=None, certfile=None, verbose=False): - """ - returns an xmlrpc connection to the service a the specified - address - """ - if url: - url_parts = url.split(":") - if len(url_parts) > 1: - pass - else: - url = "http://%(url)s:%(port)s" % locals() - else: - # connect to registry by default - config = Config() - addr, port = config.SFA_REGISTRY_HOST, config.SFA_REGISTRY_PORT - url = "http://%(addr)s:%(port)s" % locals() - - if verbose: - print("Contacting registry at: %(url)s" % locals()) - - server = SfaServerProxy(url, keyfile, certfile) - return server - - -def create_default_dirs(): - config = Config() - hierarchy = Hierarchy() - config_dir = config.config_path - trusted_certs_dir = config.get_trustedroots_dir() - authorities_dir = hierarchy.basedir - all_dirs = [config_dir, trusted_certs_dir, authorities_dir] - for dir in all_dirs: - if not os.path.exists(dir): - os.makedirs(dir) - - -def has_node_key(): - key_file = KEYDIR + os.sep + 'server.key' - return os.path.exists(key_file) - - -def clean_key_cred(): - """ - remove the existing keypair and cred and generate new ones - """ - files = ["server.key", "server.cert", "node.cred"] - for f in files: - filepath = KEYDIR + os.sep + f - if os.path.isfile(filepath): - os.unlink(f) - - # install the new key pair - # GetCredential will take care of generating the new keypair - # and credential - GetCredential() - - -def get_node_key(registry=None, verbose=False): - # this call requires no authentication, - # so we can generate a random keypair here - subject = "component" - (kfd, keyfile) = tempfile.mkstemp() - (cfd, certfile) = tempfile.mkstemp() - key = Keypair(create=True) - key.save_to_file(keyfile) - cert = Certificate(subject=subject) - cert.set_issuer(key=key, subject=subject) - cert.set_pubkey(key) - cert.sign() - cert.save_to_file(certfile) - - registry = server_proxy(url=registry, keyfile=keyfile, certfile=certfile) - registry.get_key_from_incoming_ip() - - -def create_server_keypair(keyfile=None, certfile=None, hrn="component", verbose=False): - """ - create the server key/cert pair in the right place - """ - key = Keypair(filename=keyfile) - key.save_to_file(keyfile) - cert = Certificate(subject=hrn) - cert.set_issuer(key=key, subject=hrn) - cert.set_pubkey(key) - cert.sign() - cert.save_to_file(certfile, save_parents=True) - - -@handle_gid_mismatch_exception -def GetCredential(registry=None, force=False, verbose=False): - config = Config() - hierarchy = Hierarchy() - key_dir = hierarchy.basedir - data_dir = config.data_path - config_dir = config.config_path - credfile = data_dir + os.sep + 'node.cred' - # check for existing credential - if not force and os.path.exists(credfile): - if verbose: - print("Loading Credential from %(credfile)s " % locals()) - cred = Credential(filename=credfile).save_to_string(save_parents=True) - else: - if verbose: - print("Getting credential from registry") - # make sure node private key exists - node_pkey_file = config_dir + os.sep + "node.key" - node_gid_file = config_dir + os.sep + "node.gid" - if not os.path.exists(node_pkey_file) or \ - not os.path.exists(node_gid_file): - get_node_key(registry=registry, verbose=verbose) - - gid = GID(filename=node_gid_file) - hrn = gid.get_hrn() - # create server key and certificate - keyfile = data_dir + os.sep + "server.key" - certfile = data_dir + os.sep + "server.cert" - key = Keypair(filename=node_pkey_file) - key.save_to_file(keyfile) - create_server_keypair(keyfile, certfile, hrn, verbose) - - # get credential from registry - registry = server_proxy( - url=registry, keyfile=keyfile, certfile=certfile) - cert = Certificate(filename=certfile) - cert_str = cert.save_to_string(save_parents=True) - cred = registry.GetSelfCredential(cert_str, 'node', hrn) - Credential(string=cred).save_to_file(credfile, save_parents=True) - - return cred - - -@handle_gid_mismatch_exception -def get_trusted_certs(registry=None, verbose=False): - """ - refresh our list of trusted certs. - """ - # define useful variables - config = Config() - data_dir = config.SFA_DATA_DIR - config_dir = config.SFA_CONFIG_DIR - trusted_certs_dir = config.get_trustedroots_dir() - keyfile = data_dir + os.sep + "server.key" - certfile = data_dir + os.sep + "server.cert" - node_gid_file = config_dir + os.sep + "node.gid" - node_gid = GID(filename=node_gid_file) - hrn = node_gid.get_hrn() - # get credential - cred = GetCredential(registry=registry, verbose=verbose) - # make sure server key cert pair exists - create_server_keypair( - keyfile=keyfile, certfile=certfile, hrn=hrn, verbose=verbose) - registry = server_proxy(url=registry, keyfile=keyfile, certfile=certfile) - # get the trusted certs and save them in the right place - if verbose: - print("Getting trusted certs from registry") - trusted_certs = registry.get_trusted_certs(cred) - trusted_gid_names = [] - for gid_str in trusted_certs: - gid = GID(string=gid_str) - gid.decode() - relative_filename = gid.get_hrn() + ".gid" - trusted_gid_names.append(relative_filename) - gid_filename = trusted_certs_dir + os.sep + relative_filename - if verbose: - print("Writing GID for %s as %s" % (gid.get_hrn(), gid_filename)) - gid.save_to_file(gid_filename, save_parents=True) - - # remove old certs - all_gids_names = os.listdir(trusted_certs_dir) - for gid_name in all_gids_names: - if gid_name not in trusted_gid_names: - if verbose: - print("Removing old gid ", gid_name) - os.unlink(trusted_certs_dir + os.sep + gid_name) - - -@handle_gid_mismatch_exception -def get_gids(registry=None, verbose=False): - """ - Get the gid for all instantiated slices on this node and store it - in /etc/sfa/slice.gid in the slice's filesystem - """ - # define useful variables - config = Config() - data_dir = config.data_path - config_dir = config.SFA_CONFIG_DIR - trusted_certs_dir = config.get_trustedroots_dir() - keyfile = data_dir + os.sep + "server.key" - certfile = data_dir + os.sep + "server.cert" - node_gid_file = config_dir + os.sep + "node.gid" - node_gid = GID(filename=node_gid_file) - hrn = node_gid.get_hrn() - interface_hrn = config.SFA_INTERFACE_HRN - # get credential - cred = GetCredential(registry=registry, verbose=verbose) - # make sure server key cert pair exists - create_server_keypair( - keyfile=keyfile, certfile=certfile, hrn=hrn, verbose=verbose) - registry = server_proxy(url=registry, keyfile=keyfile, certfile=certfile) - - if verbose: - print("Getting current slices on this node") - # get a list of slices on this node - from sfa.generic import Generic - generic = Generic.the_flavour() - api = generic.make_api(interface='component') - xids_tuple = api.driver.nodemanager.GetXIDs() - slices = eval(xids_tuple[1]) - slicenames = slices.keys() - - # generate a list of slices that dont have gids installed - slices_without_gids = [] - for slicename in slicenames: - if not os.path.isfile("/vservers/%s/etc/slice.gid" % slicename) \ - or not os.path.isfile("/vservers/%s/etc/node.gid" % slicename): - slices_without_gids.append(slicename) - - # convert slicenames to hrns - hrns = [slicename_to_hrn(interface_hrn, slicename) - for slicename in slices_without_gids] - - # exit if there are no gids to install - if not hrns: - return - - if verbose: - print("Getting gids for slices on this node from registry") - # get the gids - # and save them in the right palce - records = registry.GetGids(hrns, cred) - for record in records: - # if this isnt a slice record skip it - if not record['type'] == 'slice': - continue - slicename = hrn_to_pl_slicename(record['hrn']) - # if this slice isnt really instatiated skip it - if not os.path.exists("/vservers/%(slicename)s" % locals()): - continue - - # save the slice gid in /etc/sfa/ in the vservers filesystem - vserver_path = "/vservers/%(slicename)s" % locals() - gid = record['gid'] - slice_gid_filename = os.sep.join([vserver_path, "etc", "slice.gid"]) - if verbose: - print("Saving GID for %(slicename)s as %(slice_gid_filename)s" % locals()) - GID(string=gid).save_to_file(slice_gid_filename, save_parents=True) - # save the node gid in /etc/sfa - node_gid_filename = os.sep.join([vserver_path, "etc", "node.gid"]) - if verbose: - print("Saving node GID for %(slicename)s as %(node_gid_filename)s" % locals()) - node_gid.save_to_file(node_gid_filename, save_parents=True) - - -def dispatch(options, args): - - create_default_dirs() - if options.key: - if options.verbose: - print("Getting the component's pkey") - get_node_key(registry=options.registry, verbose=options.verbose) - if options.certs: - if options.verbose: - print("Getting the component's trusted certs") - get_trusted_certs(verbose=options.verbose) - if options.gids: - if options.verbose: - print("Geting the component's GIDs") - get_gids(verbose=options.verbose) - - -def main(): - args = sys.argv - prog_name = args[0] - parser = OptionParser(usage="%(prog_name)s [options]" % locals()) - parser.add_option("-v", "--verbose", dest="verbose", action="store_true", - default=False, help="Be verbose") - parser.add_option("-r", "--registry", dest="registry", default=None, - help="Url of registry to contact") - parser.add_option("-k", "--key", dest="key", action="store_true", - default=False, - help="Get the node's pkey from the registry") - parser.add_option("-c", "--certs", dest="certs", action="store_true", - default=False, - help="Get the trusted certs from the registry") - parser.add_option("-g", "--gids", dest="gids", action="store_true", - default=False, - help="Get gids for all the slices on the component") - - (options, args) = parser.parse_args() - - dispatch(options, args) - -if __name__ == '__main__': - main() diff --git a/sfa/server/sfaserver.py b/sfa/server/sfaserver.py index 223ae774..1fec2c06 100644 --- a/sfa/server/sfaserver.py +++ b/sfa/server/sfaserver.py @@ -1,10 +1,8 @@ -## -# This module implements a general-purpose server layer for sfa. -# The same basic server should be usable on the registry, component, or -# other interfaces. -# -# TODO: investigate ways to combine this with existing PLC server? -## +""" +This module implements a general-purpose server layer for sfa. +The same basic server should be usable on the registry or +other interfaces. +""" import threading diff --git a/tests/testInterfaces.py b/tests/testInterfaces.py index 3eddf77b..cf772089 100755 --- a/tests/testInterfaces.py +++ b/tests/testInterfaces.py @@ -211,32 +211,6 @@ class AggregateTest(BasicTestCase): # will raise an exception if the ticket inst valid SfaTicket(string=ticket) -class ComponentTest(BasicTestCase): - def setUp(self): - BasicTestCase.setUp(self) - self.slice_cred = self.client.GetCredential(self.slice['hrn'], 'slice') - - def testStartSlice(self): - self.cm.start_slice(self.slice_cred, self.slice['hrn']) - - def testStopSlice(self): - self.cm.stop_slice(self.slice_cred, self.slice['hrn']) - - def testDeleteSlice(self): - self.cm.DeleteSliver(self.slice_cred, self.slice['hrn'],"call-id-delete-slice-cm") - - def testRestartSlice(self): - self.cm.restart_slice(self.slice_cred, self.slice['hrn']) - - def testGetSlices(self): - self.cm.ListSlices(self.slice_cred, self.slice['hrn']) - - def testRedeemTicket(self): - rspec = self.aggregate.get_resources(self.credential) - ticket = self.aggregate.GetTicket(slice_cred, self.slice['hrn'], rspec) - self.cm.redeem_ticket(slice_cred, ticket) - - def test_names(testcase): return [name for name in dir(testcase) if name.startswith('test')] diff --git a/wsdl/sfa2wsdl.py b/wsdl/sfa2wsdl.py index 6da341d8..61500924 100755 --- a/wsdl/sfa2wsdl.py +++ b/wsdl/sfa2wsdl.py @@ -48,7 +48,6 @@ class WSDLGen: return "complete" if self.interface_options.aggregate: return "aggregate" elif self.interface_options.registry: return "registry" - elif self.interface_options.component: return "component" else: return "unknown" def filter_argname(self, argname): @@ -336,8 +335,6 @@ def main(): help="Generate registry.wsdl", metavar="FILE") parser.add_option("-a", "--aggregate", action="store_true", dest="aggregate", help="Generate am.wsdl") - parser.add_option("-c", "--component", action="store_true", dest="component", - help="Generate cm.wsdl") parser.add_option("-g", "--geni-aggregate", action="store_true", dest="geni_am", help="Generate gm.wsdl") parser.add_option("-l", "--lite", action="store_true", dest="lite",