From: Thierry Parmentelat Date: Wed, 8 Feb 2012 12:59:45 +0000 (+0100) Subject: Merge branch 'master' into sqlalchemy X-Git-Tag: sfa-2.1-2~2 X-Git-Url: http://git.onelab.eu/?p=sfa.git;a=commitdiff_plain;h=b7d6a80faf23cb019c74e65c2264e215446f84a3 Merge branch 'master' into sqlalchemy Conflicts: sfa/importer/sfa-import-openstack.py sfa/managers/registry_manager.py sfa/openstack/nova_driver.py sfa/storage/PostgreSQL.py sfa/storage/filter.py trashed changes in PostgreSQL / filter applied changes in sfa-import-openstack.py into openstackimporter.py this is mostly manual so please double check --- b7d6a80faf23cb019c74e65c2264e215446f84a3 diff --cc sfa/generic/openstack.py index 024f2914,590bb573..bac57dc7 --- a/sfa/generic/openstack.py +++ b/sfa/generic/openstack.py @@@ -1,30 -1,35 +1,30 @@@ from sfa.generic import Generic import sfa.server.sfaapi - import sfa.openstack.openstack_driver + import sfa.openstack.nova_driver import sfa.managers.registry_manager_openstack + import sfa.managers.aggregate_manager import sfa.managers.slice_manager - import sfa.managers.aggregate_manager_openstack -class openstack (Generic): - - # use the standard api class - def api_class (self): - return sfa.server.sfaapi.SfaApi +# use pl as a model so we only redefine what's different +from sfa.generic.pl import pl +class openstack (pl): + + # the importer class + def importer_class (self): + import sfa.importer.openstackimporter + return sfa.importer.openstackimporter.OpenstackImporter + # the manager classes for the server-side services def registry_manager_class (self) : return sfa.managers.registry_manager_openstack.RegistryManager - def slicemgr_manager_class (self) : - return sfa.managers.slice_manager.SliceManager def aggregate_manager_class (self) : - return sfa.managers.aggregate_manager_openstack.AggregateManager + return sfa.managers.aggregate_manager.AggregateManager # driver class for server-side services, talk to the whole testbed def driver_class (self): - return sfa.openstack.openstack_driver.OpenstackDriver + return sfa.openstack.nova_driver.NovaDriver - # for the component mode, to be run on board planetlab nodes - # manager class - def component_manager_class (self): - return sfa.managers.component_manager_pl - # driver_class - def component_driver_class (self): - return sfa.plc.plcomponentdriver.PlComponentDriver diff --cc sfa/importer/openstackimporter.py index 844980de,00000000..2bf1da31 mode 100644,000000..100644 --- a/sfa/importer/openstackimporter.py +++ b/sfa/importer/openstackimporter.py @@@ -1,143 -1,0 +1,143 @@@ +import os + +from sfa.util.config import Config +from sfa.util.xrn import Xrn, get_leaf, get_authority, hrn_to_urn +from sfa.util.plxrn import hostname_to_hrn, slicename_to_hrn, email_to_hrn, hrn_to_pl_slicename + +from sfa.trust.gid import create_uuid +from sfa.trust.certificate import convert_public_key, Keypair + +from sfa.storage.alchemy import dbsession +from sfa.storage.model import RegRecord, RegAuthority, RegUser, RegSlice, RegNode + - from sfa.openstack.openstack_shell import OpenstackShell ++from sfa.openstack.nova_shell import NovaShell + +def load_keys(filename): + keys = {} + tmp_dict = {} + try: + execfile(filename, tmp_dict) + if 'keys' in tmp_dict: + keys = tmp_dict['keys'] + return keys + except: + return keys + +def save_keys(filename, keys): + f = open(filename, 'w') + f.write("keys = %s" % str(keys)) + f.close() + +class OpenstackImporter: + + def __init__ (self, auth_hierarchy, logger): + self.auth_hierarchy = auth_hierarchy + self.logger=logger + + def add_options (self, parser): + self.logger.debug ("OpenstackImporter: no options yet") + pass + + def run (self, options): + # we don't have any options for now + self.logger.info ("PlImporter.run : to do") + + config = Config () + interface_hrn = config.SFA_INTERFACE_HRN + root_auth = config.SFA_REGISTRY_ROOT_AUTH - shell = OpenstackShell (config) ++ shell = NovaShell (config) + + # create dict of all existing sfa records + existing_records = {} + existing_hrns = [] + key_ids = [] + for record in dbsession.query(RegRecord): + existing_records[ (record.hrn, record.type,) ] = record + existing_hrns.append(record.hrn) + + # Get all users + persons = shell.user_get_all() + persons_dict = {} + keys_filename = config.config_path + os.sep + 'person_keys.py' + old_person_keys = load_keys(keys_filename) + person_keys = {} + for person in persons: + hrn = config.SFA_INTERFACE_HRN + "." + person.id + persons_dict[hrn] = person + old_keys = old_person_keys.get(person.id, []) + keys = [k.public_key for k in shell.key_pair_get_all_by_user(person.id)] + person_keys[person.id] = keys + update_record = False + if old_keys != keys: + update_record = True + if hrn not in existing_hrns or \ + (hrn, 'user') not in existing_records or update_record: + urn = hrn_to_urn(hrn, 'user') + + if keys: + try: + pkey = convert_public_key(keys[0]) + except: + logger.log_exc('unable to convert public key for %s' % hrn) + pkey = Keypair(create=True) + else: + logger.warn("OpenstackImporter: person %s does not have a PL public key"%hrn) + pkey = Keypair(create=True) + person_gid = sfaImporter.AuthHierarchy.create_gid(urn, create_uuid(), pkey) + person_record = RegUser () + person_record.type='user' + person_record.hrn=hrn + person_record.gid=person_gid + person_record.authority=get_authority(hrn) + dbsession.add(person_record) + dbsession.commit() + logger.info("OpenstackImporter: imported person %s" % person_record) + + # Get all projects + projects = shell.project_get_all() + projects_dict = {} + for project in projects: + hrn = config.SFA_INTERFACE_HRN + '.' + project.id + projects_dict[hrn] = project + if hrn not in existing_hrns or \ + (hrn, 'slice') not in existing_records: + pkey = Keypair(create=True) + urn = hrn_to_urn(hrn, 'slice') + project_gid = sfaImporter.AuthHierarchy.create_gid(urn, create_uuid(), pkey) + project_record = RegSlice () + project_record.type='slice' + project_record.hrn=hrn + project_record.gid=project_gid + project_record.authority=get_authority(hrn) + dbsession.add(project_record) + dbsession.commit() + logger.info("OpenstackImporter: imported slice: %s" % project_record) + + # remove stale records + system_records = [interface_hrn, root_auth, interface_hrn + '.slicemanager'] + for (record_hrn, type) in existing_records.keys(): + if record_hrn in system_records: + continue + + record = existing_records[(record_hrn, type)] + if record.peer_authority: + continue + + if type == 'user': + if record_hrn in persons_dict: + continue + elif type == 'slice': + if record_hrn in projects_dict: + continue + else: + continue + + record_object = existing_records[ (record_hrn, type) ] + logger.info("OpenstackImporter: removing %s " % record) + dbsession.delete(record_object) + dbsession.commit() + + # save pub keys + logger.info('OpenstackImporter: saving current pub keys') + save_keys(keys_filename, person_keys) + diff --cc sfa/managers/registry_manager.py index ddca3ae5,9fd26597..f07b5615 --- a/sfa/managers/registry_manager.py +++ b/sfa/managers/registry_manager.py @@@ -72,12 -73,12 +72,12 @@@ class RegistryManager caller_hrn = caller_gid.get_hrn() object_hrn = record.get_gid_object().get_hrn() - rights = api.auth.determine_user_rights(caller_hrn, record) + rights = api.auth.determine_user_rights(caller_hrn, record.__dict__) # make sure caller has rights to this object if rights.is_empty(): - raise PermissionError(caller_hrn + " has no rights to " + record.hrn) - + raise PermissionError("%s has no rights to %s (%s)" % \ + (caller_hrn, object_hrn, xrn)) - object_gid = GID(string=record['gid']) + object_gid = GID(string=record.gid) new_cred = Credential(subject = object_gid.get_subject()) new_cred.set_gid_caller(caller_gid) new_cred.set_gid_object(object_gid) diff --cc sfa/openstack/nova_driver.py index 368b4080,0ee4c727..404021be --- a/sfa/openstack/nova_driver.py +++ b/sfa/openstack/nova_driver.py @@@ -11,14 -10,11 +11,13 @@@ from sfa.util.xrn import Xrn, hrn_to_ur from sfa.util.cache import Cache # used to be used in get_ticket #from sfa.trust.sfaticket import SfaTicket + from sfa.rspecs.version_manager import VersionManager from sfa.rspecs.rspec import RSpec + # the driver interface, mostly provides default behaviours from sfa.managers.driver import Driver - - from sfa.openstack.openstack_shell import OpenstackShell + from sfa.openstack.nova_shell import NovaShell from sfa.openstack.osaggregate import OSAggregate from sfa.plc.plslices import PlSlices from sfa.util.osxrn import OSXrn