def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key, val) in config["aggregate_manager"].items():
if hasattr(opts, key) and getattr(opts, key) is None:
setattr(opts, key, val)
if not hasattr(opts, key):
setattr(opts, key, val)
if getattr(opts, "rootcadir") is None:
setattr(opts, "rootcadir", config["global"]["rootcadir"])
if opts.rootcadir is None:
sys.exit("Missing path to trusted root certificate directory (-r argument)")
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.getsize(certfile) > 0:
sys.exit("Aggregate certfile %s is empty" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
if not os.path.getsize(keyfile) > 0:
sys.exit("Aggregate keyfile %s is empty" % keyfile)
# rootcadir is dir of multiple certificates
delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir))
# here rootcadir is supposed to be a single file with multiple
# certs possibly concatenated together
comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir))
ams = gcf.geni.am.gibaggregate.am_gib.AggregateManagerServer(
(opts.host, int(opts.port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config["global"]["base_name"],
)
logging.getLogger("gcf-am").info("GENI AM Listening on port %s..." % (opts.port))
ams.serve_forever()
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key,val) in config['aggregate_manager'].items():
if hasattr(opts,key) and getattr(opts,key) is None:
setattr(opts,key,val)
if not hasattr(opts,key):
setattr(opts,key,val)
if getattr(opts,'rootcadir') is None:
setattr(opts,'rootcadir',config['global']['rootcadir'])
if opts.rootcadir is None:
sys.exit('Missing path to trusted root certificate directory (-r argument)')
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.getsize(certfile) > 0:
sys.exit("Aggregate certfile %s is empty" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
if not os.path.getsize(keyfile) > 0:
sys.exit("Aggregate keyfile %s is empty" % keyfile)
# rootcadir is dir of multiple certificates
delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir))
# here rootcadir is supposed to be a single file with multiple
# certs possibly concatenated together
comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir))
ams = gcf.geni.am.gibaggregate.am_gib.AggregateManagerServer((opts.host,
int(opts.port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'])
logging.getLogger('gcf-am').info('GENI AM Listening on port %s...' % (opts.port))
ams.serve_forever()
def main(argv=None):
if argv is None:
argv = sys.argv
opts, args = parse_args(argv)
level = logging.INFO
if opts.debug:
level = logging.DEBUG
# Match Apache error log format
fmt = '[%(asctime)s] [%(levelname)s] %(name)s: %(message)s'
# Apache error log date format: %a %b %d %H:%M:%S %Y
# A shorter date format '%m-%d %H:%M:%S'
logging.basicConfig(level=level,
format=fmt,
datefmt='%a %b %d %H:%M:%S %Y')
if not args:
args = ('runserver', )
handler = '_'.join((args[0], 'handler'))
# Read in config file options, command line gets priority
global config
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key, val) in config['clearinghouse'].items():
if hasattr(opts, key) and getattr(opts, key) is None:
setattr(opts, key, val)
if not hasattr(opts, key):
setattr(opts, key, val)
if getattr(opts, 'rootcadir') is None:
setattr(opts, 'rootcadir', config['global']['rootcadir'])
config['debug'] = opts.debug
ch = CommandHandler()
if hasattr(ch, handler):
return getattr(ch, handler)(opts)
else:
print >> sys.stderr, 'Unknown command ', args[0]
def main(argv=None):
if argv is None:
argv = sys.argv
opts, args = parse_args(argv)
level = logging.INFO
if opts.debug:
level = logging.DEBUG
# Match Apache error log format
fmt = '[%(asctime)s] [%(levelname)s] %(name)s: %(message)s'
# Apache error log date format: %a %b %d %H:%M:%S %Y
# A shorter date format '%m-%d %H:%M:%S'
logging.basicConfig(level=level,format=fmt,datefmt='%a %b %d %H:%M:%S %Y')
if not args:
args = ('runserver',)
handler = '_'.join((args[0], 'handler'))
# Read in config file options, command line gets priority
global config
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key,val) in config['clearinghouse'].items():
if hasattr(opts,key) and getattr(opts,key) is None:
setattr(opts,key,val)
if not hasattr(opts,key):
setattr(opts,key,val)
if getattr(opts,'rootcadir') is None:
setattr(opts,'rootcadir',config['global']['rootcadir'])
config['debug'] = opts.debug
ch = CommandHandler()
if hasattr(ch, handler):
return getattr(ch, handler)(opts)
else:
print >> sys.stderr, 'Unknown command ', args[0]
def main(argv=None):
if argv is None:
argv = sys.argv
opts, args = parse_args(argv)
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
if not args:
args = ('runserver',)
handler = '_'.join((args[0], 'handler'))
# Read in config file options, command line gets priority
global config
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key,val) in config['geni clearinghouse'].items():
if hasattr(opts,key) and getattr(opts,key) is None:
setattr(opts,key,val)
if not hasattr(opts,key):
setattr(opts,key,val)
if getattr(opts,'rootcadir') is None:
setattr(opts,'rootcadir',config['global']['rootcadir'])
config['debug'] = opts.debug
ch = CommandHandler()
if hasattr(ch, handler):
return getattr(ch, handler)(opts)
else:
print >> sys.stderr, 'Unknown command ', args[0]
def main(argv=None):
if argv is None:
argv = sys.argv
opts, args = parse_args(argv)
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
if not args:
args = ('runserver',)
handler = '_'.join((args[0], 'handler'))
# Read in config file options, command line gets priority
global config
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key,val) in config['clearinghouse'].items():
if hasattr(opts,key) and getattr(opts,key) is None:
setattr(opts,key,val)
if not hasattr(opts,key):
setattr(opts,key,val)
if getattr(opts,'rootcadir') is None:
setattr(opts,'rootcadir',config['global']['rootcadir'])
config['debug'] = opts.debug
ch = CommandHandler()
if hasattr(ch, handler):
return getattr(ch, handler)(opts)
else:
print >> sys.stderr, 'Unknown command ', args[0]
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key,val) in config['aggregate_manager'].items():
if hasattr(opts,key) and getattr(opts,key) is None:
setattr(opts,key,val)
if not hasattr(opts,key):
setattr(opts,key,val)
if getattr(opts,'rootcadir') is None:
setattr(opts,'rootcadir',config['global']['rootcadir'])
if opts.rootcadir is None:
sys.exit('Missing path to trusted root certificate directory (-r argument)')
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.getsize(certfile) > 0:
sys.exit("Aggregate certfile %s is empty" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
if not os.path.getsize(keyfile) > 0:
sys.exit("Aggregate keyfile %s is empty" % keyfile)
# Instantiate an argument guard that will reject or modify
# arguments and options provided to calls
argument_guard = None
if hasattr(opts, 'argument_guard'):
argument_guard = getInstanceFromClassname(opts.argument_guard)
# Instantiate authorizer from 'authorizer' config argument
# By default, use the SFA authorizer
if hasattr(opts, 'authorizer'):
authorizer_classname = opts.authorizer
else:
authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
authorizer = getInstanceFromClassname(authorizer_classname,
getAbsPath(opts.rootcadir), opts, argument_guard)
# Use XMLRPC authorizer if opt.remote_authorizer is set
if hasattr(opts, 'remote_authorizer'):
import xmlrpclib
authorizer = xmlrpclib.Server(opts.remote_authorizer)
# Instantiate resource manager from 'authorizer_resource_manager'
# config argument. Default = None
resource_manager = None
if hasattr(opts, 'authorizer_resource_manager'):
resource_manager = \
getInstanceFromClassname(opts.authorizer_resource_manager)
delegate=None
if hasattr(opts, 'delegate') and opts.delegate is not None and str(opts.delegate).strip() != "":
try:
delegate = getInstanceFromClassname(opts.delegate,
getAbsPath(opts.rootcadir),
config['global']['base_name'],
"https://%s:%d/" % (opts.host, int(opts.port)),
**vars(opts)
)
except AttributeError, e:
msg = "Could not create delegate from name '%s': probably not a valid python class name. " % opts.delegate
msg += e.message
logging.getLogger('gcf-am').error(msg)
sys.exit(msg)
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
# Read in config file options, command line gets priority
global config
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key,val) in config['gcf-test'].items():
if hasattr(opts,key) and getattr(opts,key) is None:
setattr(opts,key,val)
if not hasattr(opts,key):
setattr(opts,key,val)
# Determine the AM and CH hostnames from the config file
if getattr(opts,'ch') is None:
host = config['geni clearinghouse']['host']
port = config['geni clearinghouse']['port']
if not host.startswith('http'):
host = 'https://%s' % host.strip('/')
url = "%s:%s/" % (host,port)
setattr(opts,'ch',url)
if getattr(opts,'am') is None:
host = config['proxy aggregate_manager']['host']
port = config['proxy aggregate_manager']['port']
if not host.startswith('http'):
host = 'https://%s' % host.strip('/')
url = "%s:%s/" % (host,port)
setattr(opts,'am',url)
logging.basicConfig(level=level)
logger = logging.getLogger('gcf-test')
if not opts.keyfile or not opts.certfile:
sys.exit('Missing required arguments -k for Key file and -c for cert file')
keyf = getAbsPath(opts.keyfile)
certf = getAbsPath(opts.certfile)
if not os.path.exists(certf):
sys.exit("Proxy certfile %s doesn't exist" % certf)
if not os.path.getsize(certf) > 0:
sys.exit("Proxy certfile %s is empty" % certf)
if not os.path.exists(keyf):
sys.exit("Proxy keyfile %s doesn't exist" % keyf)
if not os.path.getsize(keyf) > 0:
sys.exit("Proxy keyfile %s is empty" % keyf)
logger.info('CH Server is %s. Using keyfile %s, certfile %s', opts.ch, keyf, certf)
logger.info('AM Server is %s. Using keyfile %s, certfile %s', opts.am, keyf, certf)
ch_server = make_client(opts.ch, keyf, certf, opts.debug_rpc)
am_server = make_client(opts.am, keyf, certf, opts.debug_rpc)
exercise_am(ch_server, am_server, certf)
return 0
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key, val) in config['aggregate_manager'].items():
if hasattr(opts, key) and getattr(opts, key) is None:
setattr(opts, key, val)
if not hasattr(opts, key):
setattr(opts, key, val)
if getattr(opts, 'rootcadir') is None:
setattr(opts, 'rootcadir', config['global']['rootcadir'])
if opts.rootcadir is None:
sys.exit(
'Missing path to trusted root certificate directory (-r argument)')
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.getsize(certfile) > 0:
sys.exit("Aggregate certfile %s is empty" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
if not os.path.getsize(keyfile) > 0:
sys.exit("Aggregate keyfile %s is empty" % keyfile)
# Instantiate an argument guard that will reject or modify
# arguments and options provided to calls
argument_guard = None
if hasattr(opts, 'argument_guard'):
argument_guard = getInstanceFromClassname(opts.argument_guard)
# Instantiate authorizer from 'authorizer' config argument
# By default, use the SFA authorizer
if hasattr(opts, 'authorizer'):
authorizer_classname = opts.authorizer
else:
authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
authorizer = getInstanceFromClassname(authorizer_classname,
getAbsPath(opts.rootcadir), opts,
argument_guard)
# Use XMLRPC authorizer if opt.remote_authorizer is set
if hasattr(opts, 'remote_authorizer'):
import xmlrpclib
authorizer = xmlrpclib.Server(opts.remote_authorizer)
# Instantiate resource manager from 'authorizer_resource_manager'
# config argument. Default = None
resource_manager = None
if hasattr(opts, 'authorizer_resource_manager'):
resource_manager = \
getInstanceFromClassname(opts.authorizer_resource_manager)
# rootcadir is dir of multiple certificates
delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir))
# here rootcadir is supposed to be a single file with multiple
# certs possibly concatenated together
comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(
getAbsPath(opts.rootcadir))
if opts.api_version == 1:
ams = geni.AggregateManagerServer(
(opts.host, int(opts.port)),
delegate=delegate,
keyfile=keyfile,
certfile=certfile,
ca_certs=comboCertsFile,
base_name=config['global']['base_name'])
elif opts.api_version == 2:
ams = gcf.geni.am.am2.AggregateManagerServer(
(opts.host, int(opts.port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager=resource_manager)
elif opts.api_version == 3:
ams = gcf.geni.am.am3.AggregateManagerServer(
(opts.host, int(opts.port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager=resource_manager)
else:
msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\""
sys.exit(msg % (opts.api_version))
logging.getLogger('gcf-am').info('GENI AM (v%s) Listening on port %s...' %
(opts.api_version, opts.port))
ams.serve_forever()
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
gram.am.gram.config.initialize(opts.config_file)
# If the port isn't set explicitly, use defaults from config
if not opts.v3_port:
opts.v3_port = gram.am.gram.config.gram_am_port
if not opts.v2_port:
opts.v2_port = gram.am.gram.config.gram_am_v2_port
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level, format='%(asctime)s %(message)s')
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key, val) in config['aggregate_manager'].items():
if hasattr(opts, key) and getattr(opts, key) is None:
setattr(opts, key, val)
if not hasattr(opts, key):
setattr(opts, key, val)
if getattr(opts, 'rootcadir') is None:
setattr(opts, 'rootcadir', config['global']['rootcadir'])
if opts.rootcadir is None:
sys.exit(
'Missing path to trusted root certificate directory (-r argument)')
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
# Check if quantum is running, if not, then take a nap
command_str = '%s net-list' % gram.am.gram.config.network_type
command = command_str.split()
ready = 0
while (not ready):
try:
subprocess.check_output(command)
ready = 1
logging.getLogger('gram-am').info(' Ready to start GRAM')
except:
logging.getLogger('gram-am').error('Error executing command %s' %
command)
time.sleep(15)
gram.am.gram.config.snapshot_dir = opts.snapshot_dir
gram.am.gram.config.recover_from_snapshot = opts.recover_from_snapshot
gram.am.gram.config.recover_from_most_recent_snapshot = \
opts.recover_from_most_recent_snapshot
gram.am.gram.config.snapshot_maintain_limit = opts.snapshot_maintain_limit
# Instantiate an argument guard that will reject or modify
# arguments and options provided to calls
argument_guard = None
if hasattr(opts, 'argument_guard'):
argument_guard = getInstanceFromClassname(opts.argument_guard)
# Instantiate authorizer from 'authorizer' config argument
# By default, use the SFA authorizer
if hasattr(opts, 'authorizer'):
authorizer_classname = opts.authorizer
else:
authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
authorizer = getInstanceFromClassname(authorizer_classname, opts.rootcadir,
opts, argument_guard)
# Use XMLRPC authorizer if opt.remote_authorizer is set
if hasattr(opts, 'remote_authorizer'):
import xmlrpclib
authorizer = xmlrpclib.Server(opts.remote_authorizer)
# Instantiate resource manager from 'authorizer_resource_manager'
# config argument. Default = None
resource_manager = None
if hasattr(opts, 'authorizer_resource_manager'):
resource_manager = \
getInstanceFromClassname(opts.authorizer_resource_manager)
# rootcadir is dir of multiple certificates
delegate = gcf.geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir))
# here rootcadir is supposed to be a single file with multiple
# certs possibly concatenated together
comboCertsFile = gcf.geni.CredentialVerifier.getCAsFileFromDir(
getAbsPath(opts.rootcadir))
server_url = "https://%s:%d/" % (opts.host, int(opts.v3_port))
GRAM = gram.am.am3.GramReferenceAggregateManager(
getAbsPath(opts.rootcadir), config['global']['base_name'], certfile,
server_url)
if opts.api_version == 1:
msg = "Version 1 of AM API unsopported in GRAM"
sys.exit(msg)
#elif opts.api_version == 2:
ams_v2 = gram.am.gram_am2.GramAggregateManagerServer(
(opts.host, int(opts.v2_port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager=resource_manager,
GRAM=GRAM)
#elif opts.api_version == 3:
ams_v3 = gram.am.am3.GramAggregateManagerServer(
(opts.host, int(opts.v3_port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager=resource_manager,
GRAM=GRAM)
#else:
# msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\""
# sys.exit(msg % (opts.api_version))
logging.getLogger('gcf-am').info('GENI AM 3 Listening on port %s...' %
(opts.v3_port))
logging.getLogger('gcf-am').info('GENI AM 2 Listening on port %s...' %
(opts.v2_port))
thread = threading.Thread(target=ams_v2.serve_forever, args=())
thread.start()
ams_v3.serve_forever()
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
gram.am.gram.config.initialize(opts.config_file)
# If the port isn't set explicitly, use defaults from config
if not opts.v3_port:
opts.v3_port = gram.am.gram.config.gram_am_port
if not opts.v2_port:
opts.v2_port = gram.am.gram.config.gram_am_v2_port
if not opts.rpi_port:
opts.rpi_port = gram.am.gram.config.gram_am_rpi_port
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level, format = '%(asctime)s %(message)s')
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key,val) in config['aggregate_manager'].items():
if hasattr(opts,key) and getattr(opts,key) is None:
setattr(opts,key,val)
if not hasattr(opts,key):
setattr(opts,key,val)
if getattr(opts,'rootcadir') is None:
setattr(opts,'rootcadir',config['global']['rootcadir'])
if opts.rootcadir is None:
sys.exit('Missing path to trusted root certificate directory (-r argument)')
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
# Removed because OpenStack is not required for pi usage
# # Check if quantum is running, if not, then take a nap
# command_str = '%s net-list' % gram.am.gram.config.network_type
# command = command_str.split()
# ready = 0
# while(not ready):
# try :
# subprocess.check_output(command)
# ready = 1
# logging.getLogger('gram-am').info(' Ready to start GRAM')
# except :
# logging.getLogger('gram-am').error('Error executing command %s' % command)
# time.sleep(15)
gram.am.gram.config.snapshot_dir = opts.snapshot_dir
gram.am.gram.config.recover_from_snapshot = opts.recover_from_snapshot
gram.am.gram.config.recover_from_most_recent_snapshot = \
opts.recover_from_most_recent_snapshot
gram.am.gram.config.snapshot_maintain_limit = opts.snapshot_maintain_limit
# Instantiate an argument guard that will reject or modify
# arguments and options provided to calls
argument_guard = None
if hasattr(opts, 'argument_guard'):
argument_guard = getInstanceFromClassname(opts.argument_guard)
# Instantiate authorizer from 'authorizer' config argument
# By default, use the SFA authorizer
if hasattr(opts, 'authorizer'):
authorizer_classname = opts.authorizer
else:
authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
authorizer = getInstanceFromClassname(authorizer_classname,
opts.rootcadir, opts, argument_guard)
# Use XMLRPC authorizer if opt.remote_authorizer is set
if hasattr(opts, 'remote_authorizer'):
import xmlrpclib
authorizer = xmlrpclib.Server(opts.remote_authorizer)
# Instantiate resource manager from 'authorizer_resource_manager'
# config argument. Default = None
resource_manager = None
if hasattr(opts, 'authorizer_resource_manager'):
resource_manager = \
getInstanceFromClassname(opts.authorizer_resource_manager)
# rootcadir is dir of multiple certificates
delegate = gcf.geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir))
# here rootcadir is supposed to be a single file with multiple
# certs possibly concatenated together
comboCertsFile = gcf.geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir))
server_url = "https://%s:%d/" % (opts.host, int(opts.v3_port))
GRAM=gram.am.am3.GramReferenceAggregateManager(getAbsPath(opts.rootcadir), config['global']['base_name'], certfile, server_url)
if opts.api_version == 1:
msg = "Version 1 of AM API unsopported in GRAM"
sys.exit(msg)
#elif opts.api_version == 2:
ams_v2 = gram.am.gram_am2.GramAggregateManagerServer((opts.host, int(opts.v2_port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager = resource_manager,
GRAM=GRAM)
#elif opts.api_version == 3:
ams_v3 = gram.am.am3.GramAggregateManagerServer((opts.host, int(opts.v3_port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager = resource_manager,
GRAM=GRAM)
ams_rpi_v3 = gram.am.rpiv3.GramAggregateManagerServer((opts.host, int(opts.rpi_port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager = resource_manager,
GRAM=GRAM)
#else:
# msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\""
# sys.exit(msg % (opts.api_version))
logging.getLogger('gcf-am').info('GENI AM 3 Listening on port %s...' % (opts.v3_port))
logging.getLogger('gcf-am').info('GENI AM 2 Listening on port %s...' % (opts.v2_port))
logging.getLogger('gcf-am').info('GENI AM PI Listening on port %s...' % (opts.rpi_port))
thread = threading.Thread(target=ams_v2.serve_forever,args=())
thread.start()
thread = threading.Thread(target=ams_rpi_v3.serve_forever,args=())
thread.start()
ams_v3.serve_forever()
def main(argv=None):
if argv is None:
argv = sys.argv
(opts, args) = parse_args(argv)
# Ignore args, appease eclipse.
_ = args
global config, CERT_AUTHORITY
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
CERT_AUTHORITY = config["global"]["base_name"]
username = "******"
if opts.username:
# We'll check this is legal once we have a full URN
username = opts.username
dir = "."
if opts.directory:
dir = opts.directory
if not opts.authority is None:
# FIXME: Check it's legal? Should be 'an internationalized
# domain name'
CERT_AUTHORITY = opts.authority
global CH_CERT_FILE, CH_KEY_FILE, AM_CERT_FILE, AM_KEY_FILE, USER_CERT_FILE, USER_KEY_FILE
CH_CERT_FILE = getAbsPath(config["clearinghouse"]["certfile"])
CH_KEY_FILE = getAbsPath(config["clearinghouse"]["keyfile"])
AM_CERT_FILE = getAbsPath(config["aggregate_manager"]["certfile"])
AM_KEY_FILE = getAbsPath(config["aggregate_manager"]["keyfile"])
USER_CERT_FILE = getAbsPath(config["gcf-test"]["certfile"])
USER_KEY_FILE = getAbsPath(config["gcf-test"]["keyfile"])
# If username != alice then substitute actual username
# in user_cert_file and user_key_file as appropriate
# like USER_CERT_FILE = s/alice/$username/
# Of course if the user edits the file to have something
# other than alice in the filename then this does something odd
if username != "alice":
USER_CERT_FILE = string.replace(USER_CERT_FILE, "alice", username)
USER_KEY_FILE = string.replace(USER_KEY_FILE, "alice", username)
try:
for p in [CH_CERT_FILE, CH_KEY_FILE, AM_CERT_FILE, AM_KEY_FILE, USER_CERT_FILE, USER_KEY_FILE]:
if "/" in p:
os.mkdir(p[: p.rfind("/")])
except:
pass
ch_keys = None
ch_cert = None
if not opts.notAll or opts.ch:
(ch_keys, ch_cert) = make_ch_cert(dir)
else:
if not opts.notAll or opts.exp:
try:
ch_cert = gid.GID(filename=os.path.join(dir, CH_CERT_FILE))
ch_keys = cert.Keypair(filename=os.path.join(dir, CH_KEY_FILE))
except Exception, exc:
sys.exit("Failed to read CH(SA) cert/key from %s/%s and %s: %s" % (dir, CH_CERT_FILE, CH_KEY_FILE, exc))
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key,val) in config['proxy aggregate_manager'].items():
if hasattr(opts,key) and getattr(opts,key) is None:
setattr(opts,key,val)
if not hasattr(opts,key):
setattr(opts,key,val)
if getattr(opts,'rootcadir') is None:
setattr(opts,'rootcadir',config['global']['rootcadir'])
# print("CONFIG = " + str(config))
# print("OPTS = " + str(opts))
if opts.rootcadir is None:
sys.exit('Missing path to trusted root certificate directory (-r argument)')
# rootcadir is dir of multiple certificates
delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir))
# here rootcadir is supposed to be a single file with multiple
# certs possibly concatenated together
comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir))
am_host = getattr(opts,'am_host');
am_port = getattr(opts,'am_port');
am_url = "http://" + am_host + ":" + am_port + "/";
if (hasattr(opts, 'am_url')):
am_url = getattr(opts, 'am_url');
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Proxy AM certfile %s doesn't exist" % certfile)
if not os.path.getsize(certfile) > 0:
sys.exit("Proxy AM certfile %s is empty" % certfile)
if not os.path.exists(keyfile):
sys.exit("Proxy AM keyfile %s doesn't exist" % keyfile)
if not os.path.getsize(keyfile) > 0:
sys.exit("Proxy AM keyfile %s is empty" % keyfile)
logger = logging.getLogger('gcf-am');
logger.info('Talking to AM ' + am_url);
pams = gcf.geni.am.proxyam.ProxyAggregateManagerServer((opts.host, int(opts.port)),
am_url,
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'])
logger.info('GENI AM Listening on port %s...' % (opts.port))
pams.serve_forever()
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key, val) in config['aggregate_manager'].items():
if hasattr(opts, key) and getattr(opts, key) is None:
setattr(opts, key, val)
if not hasattr(opts, key):
setattr(opts, key, val)
if getattr(opts, 'rootcadir') is None:
setattr(opts, 'rootcadir', config['global']['rootcadir'])
if opts.rootcadir is None:
sys.exit(
'Missing path to trusted root certificate directory (-r argument)')
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.getsize(certfile) > 0:
sys.exit("Aggregate certfile %s is empty" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
if not os.path.getsize(keyfile) > 0:
sys.exit("Aggregate keyfile %s is empty" % keyfile)
# Instantiate an argument guard that will reject or modify
# arguments and options provided to calls
argument_guard = None
if hasattr(opts, 'argument_guard'):
argument_guard = getInstanceFromClassname(opts.argument_guard)
# Instantiate authorizer from 'authorizer' config argument
# By default, use the SFA authorizer
if hasattr(opts, 'authorizer'):
authorizer_classname = opts.authorizer
else:
authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
authorizer = getInstanceFromClassname(authorizer_classname,
getAbsPath(opts.rootcadir), opts,
argument_guard)
# Use XMLRPC authorizer if opt.remote_authorizer is set
if hasattr(opts, 'remote_authorizer'):
import xmlrpclib
authorizer = xmlrpclib.Server(opts.remote_authorizer)
# Instantiate resource manager from 'authorizer_resource_manager'
# config argument. Default = None
resource_manager = None
if hasattr(opts, 'authorizer_resource_manager'):
resource_manager = \
getInstanceFromClassname(opts.authorizer_resource_manager)
delegate = None
if hasattr(opts, 'delegate') and opts.delegate is not None and str(
opts.delegate).strip() != "":
try:
delegate = getInstanceFromClassname(
opts.delegate, getAbsPath(opts.rootcadir),
config['global']['base_name'],
"https://%s:%d/" % (opts.host, int(opts.port)), **vars(opts))
except AttributeError, e:
msg = "Could not create delegate from name '%s': probably not a valid python class name. " % opts.delegate
msg += e.message
logging.getLogger('gcf-am').error(msg)
sys.exit(msg)
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
# Read in config file options, command line gets priority
global config
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key, val) in config["gcf-test"].items():
if hasattr(opts, key) and getattr(opts, key) is None:
setattr(opts, key, val)
if not hasattr(opts, key):
setattr(opts, key, val)
# Determine the AM and CH hostnames from the config file
if getattr(opts, "ch") is None:
host = config["clearinghouse"]["host"]
port = config["clearinghouse"]["port"]
if not host.startswith("http"):
host = "https://%s" % host.strip("/")
url = "%s:%s/" % (host, port)
setattr(opts, "ch", url)
if getattr(opts, "am") is None:
host = config["aggregate_manager"]["host"]
port = config["aggregate_manager"]["port"]
if not host.startswith("http"):
host = "https://%s" % host.strip("/")
url = "%s:%s/" % (host, port)
setattr(opts, "am", url)
logging.basicConfig(level=level)
logger = logging.getLogger("gcf-test")
if not opts.keyfile or not opts.certfile:
sys.exit("Missing required arguments -k for Key file and -c for cert file")
keyf = getAbsPath(opts.keyfile)
certf = getAbsPath(opts.certfile)
if not os.path.exists(certf):
sys.exit("Client certfile %s doesn't exist" % certf)
if not os.path.getsize(certf) > 0:
sys.exit("Client certfile %s is empty" % certf)
if not os.path.exists(keyf):
sys.exit("Client keyfile %s doesn't exist" % keyf)
if not os.path.getsize(keyf) > 0:
sys.exit("Client keyfile %s is empty" % keyf)
# print 'a_v: %d' % opts.api_version
logger.info("CH Server is %s. Using keyfile %s, certfile %s", opts.ch, keyf, certf)
logger.info("AM Server is %s. Using keyfile %s, certfile %s", opts.am, keyf, certf)
ch_server = make_client(opts.ch, keyf, certf, opts.debug_rpc)
am_server = make_client(opts.am, keyf, certf, opts.debug_rpc)
exercise_am(ch_server, am_server, opts.api_version)
return 0
def main(argv=None):
if argv is None:
argv = sys.argv
opts = parse_args(argv)[0]
level = logging.INFO
if opts.debug:
level = logging.DEBUG
logging.basicConfig(level=level)
# Read in config file options, command line gets priority
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
for (key,val) in config['aggregate_manager'].items():
if hasattr(opts,key) and getattr(opts,key) is None:
setattr(opts,key,val)
if not hasattr(opts,key):
setattr(opts,key,val)
if getattr(opts,'rootcadir') is None:
setattr(opts,'rootcadir',config['global']['rootcadir'])
if opts.rootcadir is None:
sys.exit('Missing path to trusted root certificate directory (-r argument)')
certfile = getAbsPath(opts.certfile)
keyfile = getAbsPath(opts.keyfile)
if not os.path.exists(certfile):
sys.exit("Aggregate certfile %s doesn't exist" % certfile)
if not os.path.getsize(certfile) > 0:
sys.exit("Aggregate certfile %s is empty" % certfile)
if not os.path.exists(keyfile):
sys.exit("Aggregate keyfile %s doesn't exist" % keyfile)
if not os.path.getsize(keyfile) > 0:
sys.exit("Aggregate keyfile %s is empty" % keyfile)
# Instantiate an argument guard that will reject or modify
# arguments and options provided to calls
argument_guard = None
if hasattr(opts, 'argument_guard'):
argument_guard = getInstanceFromClassname(opts.argument_guard)
# Instantiate authorizer from 'authorizer' config argument
# By default, use the SFA authorizer
if hasattr(opts, 'authorizer'):
authorizer_classname = opts.authorizer
else:
authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer"
authorizer = getInstanceFromClassname(authorizer_classname,
getAbsPath(opts.rootcadir), opts, argument_guard)
# Use XMLRPC authorizer if opt.remote_authorizer is set
if hasattr(opts, 'remote_authorizer'):
import xmlrpclib
authorizer = xmlrpclib.Server(opts.remote_authorizer)
# Instantiate resource manager from 'authorizer_resource_manager'
# config argument. Default = None
resource_manager = None
if hasattr(opts, 'authorizer_resource_manager'):
resource_manager = \
getInstanceFromClassname(opts.authorizer_resource_manager)
# rootcadir is dir of multiple certificates
delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir))
# here rootcadir is supposed to be a single file with multiple
# certs possibly concatenated together
comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir))
if opts.api_version == 1:
ams = geni.AggregateManagerServer((opts.host, int(opts.port)),
delegate=delegate,
keyfile=keyfile,
certfile=certfile,
ca_certs=comboCertsFile,
base_name=config['global']['base_name'])
elif opts.api_version == 2:
ams = gcf.geni.am.am2.AggregateManagerServer((opts.host, int(opts.port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager=resource_manager)
elif opts.api_version == 3:
ams = gcf.geni.am.am3.AggregateManagerServer((opts.host, int(opts.port)),
keyfile=keyfile,
certfile=certfile,
trust_roots_dir=getAbsPath(opts.rootcadir),
ca_certs=comboCertsFile,
base_name=config['global']['base_name'],
authorizer=authorizer,
resource_manager=resource_manager)
else:
msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\""
sys.exit(msg % (opts.api_version))
logging.getLogger('gcf-am').info('GENI AM Listening on port %s...' % (opts.port))
ams.serve_forever()
def main(argv=None):
if argv is None:
argv = sys.argv
(opts, args) = parse_args(argv)
# Ignore args, appease eclipse.
_ = args
global config, CERT_AUTHORITY
optspath = None
if not opts.configfile is None:
optspath = os.path.expanduser(opts.configfile)
config = read_config(optspath)
CERT_AUTHORITY = config['global']['base_name']
username = "******"
if opts.username:
# We'll check this is legal once we have a full URN
username = opts.username
dir = "."
if opts.directory:
dir = opts.directory
if not opts.authority is None:
# FIXME: Check it's legal? Should be 'an internationalized
# domain name'
CERT_AUTHORITY = opts.authority
global CH_CERT_FILE, CH_KEY_FILE, AM_CERT_FILE, AM_KEY_FILE, USER_CERT_FILE, USER_KEY_FILE
CH_CERT_FILE = getAbsPath(config['clearinghouse']['certfile'])
CH_KEY_FILE = getAbsPath(config['clearinghouse']['keyfile'])
AM_CERT_FILE = getAbsPath(config['aggregate_manager']['certfile'])
AM_KEY_FILE = getAbsPath(config['aggregate_manager']['keyfile'])
USER_CERT_FILE = getAbsPath(config['gcf-test']['certfile'])
USER_KEY_FILE = getAbsPath(config['gcf-test']['keyfile'])
# If username != alice then substitute actual username
# in user_cert_file and user_key_file as appropriate
# like USER_CERT_FILE = s/alice/$username/
# Of course if the user edits the file to have something
# other than alice in the filename then this does something odd
if username != 'alice':
USER_CERT_FILE = string.replace(USER_CERT_FILE, 'alice', username)
USER_KEY_FILE = string.replace(USER_KEY_FILE, 'alice', username)
try:
for p in [
CH_CERT_FILE, CH_KEY_FILE, AM_CERT_FILE, AM_KEY_FILE,
USER_CERT_FILE, USER_KEY_FILE
]:
if '/' in p:
os.mkdir(p[:p.rfind('/')])
except:
pass
ch_keys = None
ch_cert = None
if not opts.notAll or opts.ch:
(ch_keys, ch_cert) = make_ch_cert(dir)
else:
if not opts.notAll or opts.exp:
try:
ch_cert = gid.GID(filename=os.path.join(dir, CH_CERT_FILE))
ch_keys = cert.Keypair(filename=os.path.join(dir, CH_KEY_FILE))
except Exception, exc:
sys.exit(
"Failed to read CH(SA) cert/key from %s/%s and %s: %s" %
(dir, CH_CERT_FILE, CH_KEY_FILE, exc))
