def initialize( self ): """ Standard constructor """ try: self.rsDB = ResourceStatusDB() self.rmDB = ResourceManagementDB() self.StorageElementToBeChecked = Queue.Queue() self.StorageElementInCheck = [] self.maxNumberOfThreads = self.am_getOption( 'maxThreadsInPool', 1 ) self.threadPool = ThreadPool( self.maxNumberOfThreads, self.maxNumberOfThreads ) if not self.threadPool: self.log.error( 'Can not create Thread Pool' ) return S_ERROR( 'Can not create Thread Pool' ) self.setup = getSetup()[ 'Value' ] self.VOExtension = getExt() self.StorageElsWriteFreqs = CheckingFreqs[ 'StorageElsWriteFreqs' ] self.nc = NotificationClient() self.diracAdmin = DiracAdmin() self.csAPI = CSAPI() for _i in xrange( self.maxNumberOfThreads ): self.threadPool.generateJobAndQueueIt( self._executeCheck, args = ( None, ) ) return S_OK() except Exception: errorStr = "StElWriteInspectorAgent initialization" gLogger.exception( errorStr ) return S_ERROR( errorStr )
def initialize(self): """ Standard constructor """ try: self.rsDB = ResourceStatusDB() self.rmDB = ResourceManagementDB() self.ResourcesToBeChecked = Queue.Queue() self.ResourceNamesInCheck = [] self.maxNumberOfThreads = self.am_getOption('maxThreadsInPool', 1) self.threadPool = ThreadPool(self.maxNumberOfThreads, self.maxNumberOfThreads) if not self.threadPool: self.log.error('Can not create Thread Pool') return S_ERROR('Can not create Thread Pool') self.setup = getSetup()['Value'] self.VOExtension = getExt() configModule = __import__( self.VOExtension + "DIRAC.ResourceStatusSystem.Policy.Configurations", globals(), locals(), ['*']) self.Resources_check_freq = copy.deepcopy( configModule.Resources_check_freq) self.nc = NotificationClient() self.diracAdmin = DiracAdmin() self.csAPI = CSAPI() for i in xrange(self.maxNumberOfThreads): self.threadPool.generateJobAndQueueIt(self._executeCheck, args=(None, )) return S_OK() except Exception: errorStr = "RSInspectorAgent initialization" gLogger.exception(errorStr) return S_ERROR(errorStr)
def initialize(self): """ Standard constructor """ try: self.rsDB = ResourceStatusDB() self.rmDB = ResourceManagementDB() self.ServicesToBeChecked = Queue.Queue() self.ServiceNamesInCheck = [] self.maxNumberOfThreads = self.am_getOption( 'maxThreadsInPool', 1 ) self.threadPool = ThreadPool( self.maxNumberOfThreads, self.maxNumberOfThreads ) if not self.threadPool: self.log.error('Can not create Thread Pool') return S_ERROR('Can not create Thread Pool') self.setup = getSetup()['Value'] self.VOExtension = getExt() configModule = __import__(self.VOExtension+"DIRAC.ResourceStatusSystem.Policy.Configurations", globals(), locals(), ['*']) self.Services_check_freq = copy.deepcopy(configModule.Services_check_freq) self.nc = NotificationClient() self.diracAdmin = DiracAdmin() self.csAPI = CSAPI() for i in xrange(self.maxNumberOfThreads): self.threadPool.generateJobAndQueueIt(self._executeCheck, args = (None, ) ) return S_OK() except Exception: errorStr = "SeSInspectorAgent initialization" gLogger.exception(errorStr) return S_ERROR(errorStr)
def RealBanPolTypeActions(granularity, name, res, da, csAPI, setup): # implement real ban if res['Action']: if granularity == 'Site': banList = da.getBannedSites() if not banList['OK']: raise RSSException, where(self, self.enforce) + banList['Message'] else: banList = banList['Value'] if res['Status'] == 'Banned': if name not in banList: banSite = da.banSiteFromMask(name, res['Reason']) if not banSite['OK']: raise RSSException, where( self, self.enforce) + banSite['Message'] if 'Production' in setup: address = getOperationMails('Production')['Value'] else: address = '*****@*****.**' subject = '%s is banned for %s setup' % (name, setup) body = 'Site %s is removed from site mask for %s ' % ( name, setup) body += 'setup by the DIRAC RSS on %s.\n\n' % ( time.asctime()) body += 'Comment:\n%s' % res['Reason'] sendMail = da.sendMail(address, subject, body) if not sendMail['OK']: raise RSSException, where( self, self.enforce) + sendMail['Message'] else: if name in banList: addSite = da.addSiteInMask(name, res['Reason']) if not addSite['OK']: raise RSSException, where( self, self.enforce) + addSite['Message'] if setup == 'LHCb-Production': address = getOperationMails('Production')['Value'] else: address = '*****@*****.**' subject = '%s is added in site mask for %s setup' % (name, setup) body = 'Site %s is added to the site mask for %s ' % ( name, setup) body += 'setup by the DIRAC RSS on %s.\n\n' % ( time.asctime()) body += 'Comment:\n%s' % res['Reason'] sendMail = da.sendMail(address, subject, body) if not sendMail['OK']: raise RSSException, where( self, self.enforce) + sendMail['Message'] elif granularity == 'StorageElement': presentReadStatus = getStorageElementStatus(name, 'ReadAccess')['Value'] if res['Status'] == 'Banned': if presentReadStatus != 'InActive': banSE = csAPI.setOption( "/Resources/StorageElements/%s/ReadAccess" % (name), "InActive") if not banSE['OK']: raise RSSException, where( self, self.enforce) + banSE['Message'] banSE = csAPI.setOption( "/Resources/StorageElements/%s/WriteAccess" % (name), "InActive") if not banSE['OK']: raise RSSException, where( self, self.enforce) + banSE['Message'] commit = csAPI.commit() if not commit['OK']: raise RSSException, where( self, self.enforce) + commit['Message'] if 'Production' in setup: address = getSetup()['Value'] else: address = '*****@*****.**' subject = '%s is banned for %s setup' % (name, setup) body = 'SE %s is removed from mask for %s ' % (name, setup) body += 'setup by the DIRAC RSS on %s.\n\n' % ( time.asctime()) body += 'Comment:\n%s' % res['Reason'] sendMail = da.sendMail(address, subject, body) if not sendMail['OK']: raise RSSException, where( self, self.enforce) + sendMail['Message'] else: if presentReadStatus == 'InActive': allowSE = csAPI.setOption( "/Resources/StorageElements/%s/ReadAccess" % (name), "Active") if not allowSE['OK']: raise RSSException, where( self, self.enforce) + allowSE['Message'] allowSE = csAPI.setOption( "/Resources/StorageElements/%s/WriteAccess" % (name), "Active") if not allowSE['OK']: raise RSSException, where( self, self.enforce) + allowSE['Message'] commit = csAPI.commit() if not commit['OK']: raise RSSException, where( self, self.enforce) + commit['Message'] if setup == 'LHCb-Production': address = getSetup()['Value'] else: address = '*****@*****.**' subject = '%s is allowed for %s setup' % (name, setup) body = 'SE %s is added to the mask for %s ' % (name, setup) body += 'setup by the DIRAC RSS on %s.\n\n' % ( time.asctime()) body += 'Comment:\n%s' % res['Reason'] sendMail = da.sendMail(address, subject, body) if not sendMail['OK']: raise RSSException, where( self, self.enforce) + sendMail['Message']
def _RealBanPolTypeActions(self, res, da, csAPI, setup): # implement real ban if res['Action']: if self.__granularity == 'Site': banList = da.getBannedSites() if not banList['OK']: raise RSSException, where(self, self.enforce) + banList['Message'] else: banList = banList['Value'] if res['Status'] == 'Banned': if self.__name not in banList: banSite = da.banSiteFromMask(self.__name, res['Reason']) if not banSite['OK']: raise RSSException, where(self, self.enforce) + banSite['Message'] if 'Production' in setup: address = getOperationMails('Production')['Value'] else: address = '*****@*****.**' subject = '%s is banned for %s setup' %(self.__name, setup) body = 'Site %s is removed from site mask for %s ' %(self.__name, setup) body += 'setup by the DIRAC RSS on %s.\n\n' %(time.asctime()) body += 'Comment:\n%s' %res['Reason'] sendMail = da.sendMail(address,subject,body) if not sendMail['OK']: raise RSSException, where(self, self.enforce) + sendMail['Message'] else: if self.__name in banList: addSite = da.addSiteInMask(self.__name, res['Reason']) if not addSite['OK']: raise RSSException, where(self, self.enforce) + addSite['Message'] if setup == 'LHCb-Production': address = getOperationMails('Production')['Value'] else: address = '*****@*****.**' subject = '%s is added in site mask for %s setup' %(self.__name, setup) body = 'Site %s is added to the site mask for %s ' %(self.__name, setup) body += 'setup by the DIRAC RSS on %s.\n\n' %(time.asctime()) body += 'Comment:\n%s' %res['Reason'] sendMail = da.sendMail(address,subject,body) if not sendMail['OK']: raise RSSException, where(self, self.enforce) + sendMail['Message'] elif self.__granularity == 'StorageElement': presentReadStatus = getStorageElementStatus( self.__name, 'ReadAccess')['Value'] # presentWriteStatus = getStorageElementStatus( self.__name, 'WriteAccess')['Value'] if res['Status'] == 'Banned': if presentReadStatus != 'InActive': banSE = csAPI.setOption("/Resources/StorageElements/%s/ReadAccess" %(self.__name), "InActive") if not banSE['OK']: raise RSSException, where(self, self.enforce) + banSE['Message'] banSE = csAPI.setOption("/Resources/StorageElements/%s/WriteAccess" %(self.__name), "InActive") if not banSE['OK']: raise RSSException, where(self, self.enforce) + banSE['Message'] commit = csAPI.commit() if not commit['OK']: raise RSSException, where(self, self.enforce) + commit['Message'] if 'Production' in setup: address = getSetup()['Value'] else: address = '*****@*****.**' subject = '%s is banned for %s setup' %(self.__name, setup) body = 'SE %s is removed from mask for %s ' %(self.__name, setup) body += 'setup by the DIRAC RSS on %s.\n\n' %(time.asctime()) body += 'Comment:\n%s' %res['Reason'] sendMail = da.sendMail(address,subject,body) if not sendMail['OK']: raise RSSException, where(self, self.enforce) + sendMail['Message'] else: if presentReadStatus == 'InActive': allowSE = csAPI.setOption("/Resources/StorageElements/%s/ReadAccess" %(self.__name), "Active") if not allowSE['OK']: raise RSSException, where(self, self.enforce) + allowSE['Message'] allowSE = csAPI.setOption("/Resources/StorageElements/%s/WriteAccess" %(self.__name), "Active") if not allowSE['OK']: raise RSSException, where(self, self.enforce) + allowSE['Message'] commit = csAPI.commit() if not commit['OK']: raise RSSException, where(self, self.enforce) + commit['Message'] if setup == 'LHCb-Production': address = getSetup()['Value'] else: address = '*****@*****.**' subject = '%s is allowed for %s setup' %(self.__name, setup) body = 'SE %s is added to the mask for %s ' %(self.__name, setup) body += 'setup by the DIRAC RSS on %s.\n\n' %(time.asctime()) body += 'Comment:\n%s' %res['Reason'] sendMail = da.sendMail(address,subject,body) if not sendMail['OK']: raise RSSException, where(self, self.enforce) + sendMail['Message']
def enforce(self, pdpIn = None, rsDBIn = None, rmDBIn = None, ncIn = None, setupIn = None, daIn = None, csAPIIn = None, knownInfo = None): """ enforce policies, using a PDP (Policy Decision Point), based on self.__granularity (optional) self.__name (optional) self.__status (optional) self.__formerStatus (optional) self.__reason (optional) self.__siteType (optional) self.__serviceType (optional) self.__realBan (optional) self.__user (optional) self.__futurePolicyType (optional) self.__futureGranularity (optional) :params: :attr:`pdpIn`: a custom PDP object (optional) :attr:`rsDBIn`: a custom (statuses) database object (optional) :attr:`rmDBIn`: a custom (management) database object (optional) :attr:`setupIn`: a string with the present setup (optional) :attr:`ncIn`: a custom notification client object (optional) :attr:`daIn`: a custom DiracAdmin object (optional) :attr:`csAPIIn`: a custom CSAPI object (optional) :attr:`knownInfo`: a string of known provided information (optional) """ #PDP if pdpIn is not None: pdp = pdpIn else: # Use standard DIRAC PDP from DIRAC.ResourceStatusSystem.PolicySystem.PDP import PDP pdp = PDP(self.VOExtension, granularity = self.__granularity, name = self.__name, status = self.__status, formerStatus = self.__formerStatus, reason = self.__reason, siteType = self.__siteType, serviceType = self.__serviceType, resourceType = self.__resourceType, useNewRes = self.useNewRes) #DB if rsDBIn is not None: rsDB = rsDBIn else: # Use standard DIRAC DB from DIRAC.ResourceStatusSystem.DB.ResourceStatusDB import ResourceStatusDB rsDB = ResourceStatusDB() if rmDBIn is not None: rmDB = rmDBIn else: # Use standard DIRAC DB from DIRAC.ResourceStatusSystem.DB.ResourceManagementDB import ResourceManagementDB rmDB = ResourceManagementDB() #setup if setupIn is not None: setup = setupIn else: # get present setup setup = getSetup()['Value'] #notification client if ncIn is not None: nc = ncIn else: from DIRAC.FrameworkSystem.Client.NotificationClient import NotificationClient nc = NotificationClient() #DiracAdmin if daIn is not None: da = daIn else: from DIRAC.Interfaces.API.DiracAdmin import DiracAdmin da = DiracAdmin() #CSAPI if csAPIIn is not None: csAPI = csAPIIn else: from DIRAC.ConfigurationSystem.Client.CSAPI import CSAPI csAPI = CSAPI() # policy decision resDecisions = pdp.takeDecision(knownInfo=knownInfo) # if self.__name == 'CERN-RAW': # print resDecisions for res in resDecisions['PolicyCombinedResult']: self.__policyType = res['PolicyType'] #if self.__realBan == False: # continue if 'Resource_PolType' in self.__policyType: # If token != RS_SVC, we do not update the token, just the LastCheckedTime if self.__realBan == False: rsDB.setLastMonitoredCheckTime(self.__granularity, self.__name) else: self._ResourcePolTypeActions(resDecisions, res, rsDB, rmDB) if 'Alarm_PolType' in self.__policyType: self._AlarmPolTypeActions(res, nc, setup, rsDB) if 'RealBan_PolType' in self.__policyType and self.__realBan == True: self._RealBanPolTypeActions(res, da, csAPI, setup) if 'Collective_PolType' in self.__policyType: # do something pass
def RealBanPolTypeActions(granularity, name, res, da, csAPI, setup): # implement real ban if res["Action"]: if granularity == "Site": banList = da.getBannedSites() if not banList["OK"]: raise RSSException, where(self, self.enforce) + banList["Message"] else: banList = banList["Value"] if res["Status"] == "Banned": if name not in banList: banSite = da.banSiteFromMask(name, res["Reason"]) if not banSite["OK"]: raise RSSException, where(self, self.enforce) + banSite["Message"] if "Production" in setup: address = getOperationMails("Production")["Value"] else: address = "*****@*****.**" subject = "%s is banned for %s setup" % (name, setup) body = "Site %s is removed from site mask for %s " % (name, setup) body += "setup by the DIRAC RSS on %s.\n\n" % (time.asctime()) body += "Comment:\n%s" % res["Reason"] sendMail = da.sendMail(address, subject, body) if not sendMail["OK"]: raise RSSException, where(self, self.enforce) + sendMail["Message"] else: if name in banList: addSite = da.addSiteInMask(name, res["Reason"]) if not addSite["OK"]: raise RSSException, where(self, self.enforce) + addSite["Message"] if setup == "LHCb-Production": address = getOperationMails("Production")["Value"] else: address = "*****@*****.**" subject = "%s is added in site mask for %s setup" % (name, setup) body = "Site %s is added to the site mask for %s " % (name, setup) body += "setup by the DIRAC RSS on %s.\n\n" % (time.asctime()) body += "Comment:\n%s" % res["Reason"] sendMail = da.sendMail(address, subject, body) if not sendMail["OK"]: raise RSSException, where(self, self.enforce) + sendMail["Message"] elif granularity == "StorageElement": presentReadStatus = getStorageElementStatus(name, "ReadAccess")["Value"] if res["Status"] == "Banned": if presentReadStatus != "InActive": banSE = csAPI.setOption("/Resources/StorageElements/%s/ReadAccess" % (name), "InActive") if not banSE["OK"]: raise RSSException, where(self, self.enforce) + banSE["Message"] banSE = csAPI.setOption("/Resources/StorageElements/%s/WriteAccess" % (name), "InActive") if not banSE["OK"]: raise RSSException, where(self, self.enforce) + banSE["Message"] commit = csAPI.commit() if not commit["OK"]: raise RSSException, where(self, self.enforce) + commit["Message"] if "Production" in setup: address = getSetup()["Value"] else: address = "*****@*****.**" subject = "%s is banned for %s setup" % (name, setup) body = "SE %s is removed from mask for %s " % (name, setup) body += "setup by the DIRAC RSS on %s.\n\n" % (time.asctime()) body += "Comment:\n%s" % res["Reason"] sendMail = da.sendMail(address, subject, body) if not sendMail["OK"]: raise RSSException, where(self, self.enforce) + sendMail["Message"] else: if presentReadStatus == "InActive": allowSE = csAPI.setOption("/Resources/StorageElements/%s/ReadAccess" % (name), "Active") if not allowSE["OK"]: raise RSSException, where(self, self.enforce) + allowSE["Message"] allowSE = csAPI.setOption("/Resources/StorageElements/%s/WriteAccess" % (name), "Active") if not allowSE["OK"]: raise RSSException, where(self, self.enforce) + allowSE["Message"] commit = csAPI.commit() if not commit["OK"]: raise RSSException, where(self, self.enforce) + commit["Message"] if setup == "LHCb-Production": address = getSetup()["Value"] else: address = "*****@*****.**" subject = "%s is allowed for %s setup" % (name, setup) body = "SE %s is added to the mask for %s " % (name, setup) body += "setup by the DIRAC RSS on %s.\n\n" % (time.asctime()) body += "Comment:\n%s" % res["Reason"] sendMail = da.sendMail(address, subject, body) if not sendMail["OK"]: raise RSSException, where(self, self.enforce) + sendMail["Message"]