def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key, val) in config["aggregate_manager"].items(): if hasattr(opts, key) and getattr(opts, key) is None: setattr(opts, key, val) if not hasattr(opts, key): setattr(opts, key, val) if getattr(opts, "rootcadir") is None: setattr(opts, "rootcadir", config["global"]["rootcadir"]) if opts.rootcadir is None: sys.exit("Missing path to trusted root certificate directory (-r argument)") certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.getsize(certfile) > 0: sys.exit("Aggregate certfile %s is empty" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) if not os.path.getsize(keyfile) > 0: sys.exit("Aggregate keyfile %s is empty" % keyfile) # rootcadir is dir of multiple certificates delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir)) # here rootcadir is supposed to be a single file with multiple # certs possibly concatenated together comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir)) ams = gcf.geni.am.gibaggregate.am_gib.AggregateManagerServer( (opts.host, int(opts.port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config["global"]["base_name"], ) logging.getLogger("gcf-am").info("GENI AM Listening on port %s..." % (opts.port)) ams.serve_forever()
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key,val) in config['aggregate_manager'].items(): if hasattr(opts,key) and getattr(opts,key) is None: setattr(opts,key,val) if not hasattr(opts,key): setattr(opts,key,val) if getattr(opts,'rootcadir') is None: setattr(opts,'rootcadir',config['global']['rootcadir']) if opts.rootcadir is None: sys.exit('Missing path to trusted root certificate directory (-r argument)') certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.getsize(certfile) > 0: sys.exit("Aggregate certfile %s is empty" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) if not os.path.getsize(keyfile) > 0: sys.exit("Aggregate keyfile %s is empty" % keyfile) # rootcadir is dir of multiple certificates delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir)) # here rootcadir is supposed to be a single file with multiple # certs possibly concatenated together comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir)) ams = gcf.geni.am.gibaggregate.am_gib.AggregateManagerServer((opts.host, int(opts.port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name']) logging.getLogger('gcf-am').info('GENI AM Listening on port %s...' % (opts.port)) ams.serve_forever()
def main(argv=None): if argv is None: argv = sys.argv opts, args = parse_args(argv) level = logging.INFO if opts.debug: level = logging.DEBUG # Match Apache error log format fmt = '[%(asctime)s] [%(levelname)s] %(name)s: %(message)s' # Apache error log date format: %a %b %d %H:%M:%S %Y # A shorter date format '%m-%d %H:%M:%S' logging.basicConfig(level=level, format=fmt, datefmt='%a %b %d %H:%M:%S %Y') if not args: args = ('runserver', ) handler = '_'.join((args[0], 'handler')) # Read in config file options, command line gets priority global config optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key, val) in config['clearinghouse'].items(): if hasattr(opts, key) and getattr(opts, key) is None: setattr(opts, key, val) if not hasattr(opts, key): setattr(opts, key, val) if getattr(opts, 'rootcadir') is None: setattr(opts, 'rootcadir', config['global']['rootcadir']) config['debug'] = opts.debug ch = CommandHandler() if hasattr(ch, handler): return getattr(ch, handler)(opts) else: print >> sys.stderr, 'Unknown command ', args[0]
def main(argv=None): if argv is None: argv = sys.argv opts, args = parse_args(argv) level = logging.INFO if opts.debug: level = logging.DEBUG # Match Apache error log format fmt = '[%(asctime)s] [%(levelname)s] %(name)s: %(message)s' # Apache error log date format: %a %b %d %H:%M:%S %Y # A shorter date format '%m-%d %H:%M:%S' logging.basicConfig(level=level,format=fmt,datefmt='%a %b %d %H:%M:%S %Y') if not args: args = ('runserver',) handler = '_'.join((args[0], 'handler')) # Read in config file options, command line gets priority global config optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key,val) in config['clearinghouse'].items(): if hasattr(opts,key) and getattr(opts,key) is None: setattr(opts,key,val) if not hasattr(opts,key): setattr(opts,key,val) if getattr(opts,'rootcadir') is None: setattr(opts,'rootcadir',config['global']['rootcadir']) config['debug'] = opts.debug ch = CommandHandler() if hasattr(ch, handler): return getattr(ch, handler)(opts) else: print >> sys.stderr, 'Unknown command ', args[0]
def main(argv=None): if argv is None: argv = sys.argv opts, args = parse_args(argv) level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) if not args: args = ('runserver',) handler = '_'.join((args[0], 'handler')) # Read in config file options, command line gets priority global config optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key,val) in config['geni clearinghouse'].items(): if hasattr(opts,key) and getattr(opts,key) is None: setattr(opts,key,val) if not hasattr(opts,key): setattr(opts,key,val) if getattr(opts,'rootcadir') is None: setattr(opts,'rootcadir',config['global']['rootcadir']) config['debug'] = opts.debug ch = CommandHandler() if hasattr(ch, handler): return getattr(ch, handler)(opts) else: print >> sys.stderr, 'Unknown command ', args[0]
def main(argv=None): if argv is None: argv = sys.argv opts, args = parse_args(argv) level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) if not args: args = ('runserver',) handler = '_'.join((args[0], 'handler')) # Read in config file options, command line gets priority global config optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key,val) in config['clearinghouse'].items(): if hasattr(opts,key) and getattr(opts,key) is None: setattr(opts,key,val) if not hasattr(opts,key): setattr(opts,key,val) if getattr(opts,'rootcadir') is None: setattr(opts,'rootcadir',config['global']['rootcadir']) config['debug'] = opts.debug ch = CommandHandler() if hasattr(ch, handler): return getattr(ch, handler)(opts) else: print >> sys.stderr, 'Unknown command ', args[0]
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key,val) in config['aggregate_manager'].items(): if hasattr(opts,key) and getattr(opts,key) is None: setattr(opts,key,val) if not hasattr(opts,key): setattr(opts,key,val) if getattr(opts,'rootcadir') is None: setattr(opts,'rootcadir',config['global']['rootcadir']) if opts.rootcadir is None: sys.exit('Missing path to trusted root certificate directory (-r argument)') certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.getsize(certfile) > 0: sys.exit("Aggregate certfile %s is empty" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) if not os.path.getsize(keyfile) > 0: sys.exit("Aggregate keyfile %s is empty" % keyfile) # Instantiate an argument guard that will reject or modify # arguments and options provided to calls argument_guard = None if hasattr(opts, 'argument_guard'): argument_guard = getInstanceFromClassname(opts.argument_guard) # Instantiate authorizer from 'authorizer' config argument # By default, use the SFA authorizer if hasattr(opts, 'authorizer'): authorizer_classname = opts.authorizer else: authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer" authorizer = getInstanceFromClassname(authorizer_classname, getAbsPath(opts.rootcadir), opts, argument_guard) # Use XMLRPC authorizer if opt.remote_authorizer is set if hasattr(opts, 'remote_authorizer'): import xmlrpclib authorizer = xmlrpclib.Server(opts.remote_authorizer) # Instantiate resource manager from 'authorizer_resource_manager' # config argument. Default = None resource_manager = None if hasattr(opts, 'authorizer_resource_manager'): resource_manager = \ getInstanceFromClassname(opts.authorizer_resource_manager) delegate=None if hasattr(opts, 'delegate') and opts.delegate is not None and str(opts.delegate).strip() != "": try: delegate = getInstanceFromClassname(opts.delegate, getAbsPath(opts.rootcadir), config['global']['base_name'], "https://%s:%d/" % (opts.host, int(opts.port)), **vars(opts) ) except AttributeError, e: msg = "Could not create delegate from name '%s': probably not a valid python class name. " % opts.delegate msg += e.message logging.getLogger('gcf-am').error(msg) sys.exit(msg)
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG # Read in config file options, command line gets priority global config optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key,val) in config['gcf-test'].items(): if hasattr(opts,key) and getattr(opts,key) is None: setattr(opts,key,val) if not hasattr(opts,key): setattr(opts,key,val) # Determine the AM and CH hostnames from the config file if getattr(opts,'ch') is None: host = config['geni clearinghouse']['host'] port = config['geni clearinghouse']['port'] if not host.startswith('http'): host = 'https://%s' % host.strip('/') url = "%s:%s/" % (host,port) setattr(opts,'ch',url) if getattr(opts,'am') is None: host = config['proxy aggregate_manager']['host'] port = config['proxy aggregate_manager']['port'] if not host.startswith('http'): host = 'https://%s' % host.strip('/') url = "%s:%s/" % (host,port) setattr(opts,'am',url) logging.basicConfig(level=level) logger = logging.getLogger('gcf-test') if not opts.keyfile or not opts.certfile: sys.exit('Missing required arguments -k for Key file and -c for cert file') keyf = getAbsPath(opts.keyfile) certf = getAbsPath(opts.certfile) if not os.path.exists(certf): sys.exit("Proxy certfile %s doesn't exist" % certf) if not os.path.getsize(certf) > 0: sys.exit("Proxy certfile %s is empty" % certf) if not os.path.exists(keyf): sys.exit("Proxy keyfile %s doesn't exist" % keyf) if not os.path.getsize(keyf) > 0: sys.exit("Proxy keyfile %s is empty" % keyf) logger.info('CH Server is %s. Using keyfile %s, certfile %s', opts.ch, keyf, certf) logger.info('AM Server is %s. Using keyfile %s, certfile %s', opts.am, keyf, certf) ch_server = make_client(opts.ch, keyf, certf, opts.debug_rpc) am_server = make_client(opts.am, keyf, certf, opts.debug_rpc) exercise_am(ch_server, am_server, certf) return 0
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key, val) in config['aggregate_manager'].items(): if hasattr(opts, key) and getattr(opts, key) is None: setattr(opts, key, val) if not hasattr(opts, key): setattr(opts, key, val) if getattr(opts, 'rootcadir') is None: setattr(opts, 'rootcadir', config['global']['rootcadir']) if opts.rootcadir is None: sys.exit( 'Missing path to trusted root certificate directory (-r argument)') certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.getsize(certfile) > 0: sys.exit("Aggregate certfile %s is empty" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) if not os.path.getsize(keyfile) > 0: sys.exit("Aggregate keyfile %s is empty" % keyfile) # Instantiate an argument guard that will reject or modify # arguments and options provided to calls argument_guard = None if hasattr(opts, 'argument_guard'): argument_guard = getInstanceFromClassname(opts.argument_guard) # Instantiate authorizer from 'authorizer' config argument # By default, use the SFA authorizer if hasattr(opts, 'authorizer'): authorizer_classname = opts.authorizer else: authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer" authorizer = getInstanceFromClassname(authorizer_classname, getAbsPath(opts.rootcadir), opts, argument_guard) # Use XMLRPC authorizer if opt.remote_authorizer is set if hasattr(opts, 'remote_authorizer'): import xmlrpclib authorizer = xmlrpclib.Server(opts.remote_authorizer) # Instantiate resource manager from 'authorizer_resource_manager' # config argument. Default = None resource_manager = None if hasattr(opts, 'authorizer_resource_manager'): resource_manager = \ getInstanceFromClassname(opts.authorizer_resource_manager) # rootcadir is dir of multiple certificates delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir)) # here rootcadir is supposed to be a single file with multiple # certs possibly concatenated together comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir( getAbsPath(opts.rootcadir)) if opts.api_version == 1: ams = geni.AggregateManagerServer( (opts.host, int(opts.port)), delegate=delegate, keyfile=keyfile, certfile=certfile, ca_certs=comboCertsFile, base_name=config['global']['base_name']) elif opts.api_version == 2: ams = gcf.geni.am.am2.AggregateManagerServer( (opts.host, int(opts.port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager=resource_manager) elif opts.api_version == 3: ams = gcf.geni.am.am3.AggregateManagerServer( (opts.host, int(opts.port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager=resource_manager) else: msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\"" sys.exit(msg % (opts.api_version)) logging.getLogger('gcf-am').info('GENI AM (v%s) Listening on port %s...' % (opts.api_version, opts.port)) ams.serve_forever()
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] gram.am.gram.config.initialize(opts.config_file) # If the port isn't set explicitly, use defaults from config if not opts.v3_port: opts.v3_port = gram.am.gram.config.gram_am_port if not opts.v2_port: opts.v2_port = gram.am.gram.config.gram_am_v2_port level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level, format='%(asctime)s %(message)s') # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key, val) in config['aggregate_manager'].items(): if hasattr(opts, key) and getattr(opts, key) is None: setattr(opts, key, val) if not hasattr(opts, key): setattr(opts, key, val) if getattr(opts, 'rootcadir') is None: setattr(opts, 'rootcadir', config['global']['rootcadir']) if opts.rootcadir is None: sys.exit( 'Missing path to trusted root certificate directory (-r argument)') certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) # Check if quantum is running, if not, then take a nap command_str = '%s net-list' % gram.am.gram.config.network_type command = command_str.split() ready = 0 while (not ready): try: subprocess.check_output(command) ready = 1 logging.getLogger('gram-am').info(' Ready to start GRAM') except: logging.getLogger('gram-am').error('Error executing command %s' % command) time.sleep(15) gram.am.gram.config.snapshot_dir = opts.snapshot_dir gram.am.gram.config.recover_from_snapshot = opts.recover_from_snapshot gram.am.gram.config.recover_from_most_recent_snapshot = \ opts.recover_from_most_recent_snapshot gram.am.gram.config.snapshot_maintain_limit = opts.snapshot_maintain_limit # Instantiate an argument guard that will reject or modify # arguments and options provided to calls argument_guard = None if hasattr(opts, 'argument_guard'): argument_guard = getInstanceFromClassname(opts.argument_guard) # Instantiate authorizer from 'authorizer' config argument # By default, use the SFA authorizer if hasattr(opts, 'authorizer'): authorizer_classname = opts.authorizer else: authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer" authorizer = getInstanceFromClassname(authorizer_classname, opts.rootcadir, opts, argument_guard) # Use XMLRPC authorizer if opt.remote_authorizer is set if hasattr(opts, 'remote_authorizer'): import xmlrpclib authorizer = xmlrpclib.Server(opts.remote_authorizer) # Instantiate resource manager from 'authorizer_resource_manager' # config argument. Default = None resource_manager = None if hasattr(opts, 'authorizer_resource_manager'): resource_manager = \ getInstanceFromClassname(opts.authorizer_resource_manager) # rootcadir is dir of multiple certificates delegate = gcf.geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir)) # here rootcadir is supposed to be a single file with multiple # certs possibly concatenated together comboCertsFile = gcf.geni.CredentialVerifier.getCAsFileFromDir( getAbsPath(opts.rootcadir)) server_url = "https://%s:%d/" % (opts.host, int(opts.v3_port)) GRAM = gram.am.am3.GramReferenceAggregateManager( getAbsPath(opts.rootcadir), config['global']['base_name'], certfile, server_url) if opts.api_version == 1: msg = "Version 1 of AM API unsopported in GRAM" sys.exit(msg) #elif opts.api_version == 2: ams_v2 = gram.am.gram_am2.GramAggregateManagerServer( (opts.host, int(opts.v2_port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager=resource_manager, GRAM=GRAM) #elif opts.api_version == 3: ams_v3 = gram.am.am3.GramAggregateManagerServer( (opts.host, int(opts.v3_port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager=resource_manager, GRAM=GRAM) #else: # msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\"" # sys.exit(msg % (opts.api_version)) logging.getLogger('gcf-am').info('GENI AM 3 Listening on port %s...' % (opts.v3_port)) logging.getLogger('gcf-am').info('GENI AM 2 Listening on port %s...' % (opts.v2_port)) thread = threading.Thread(target=ams_v2.serve_forever, args=()) thread.start() ams_v3.serve_forever()
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] gram.am.gram.config.initialize(opts.config_file) # If the port isn't set explicitly, use defaults from config if not opts.v3_port: opts.v3_port = gram.am.gram.config.gram_am_port if not opts.v2_port: opts.v2_port = gram.am.gram.config.gram_am_v2_port if not opts.rpi_port: opts.rpi_port = gram.am.gram.config.gram_am_rpi_port level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level, format = '%(asctime)s %(message)s') # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key,val) in config['aggregate_manager'].items(): if hasattr(opts,key) and getattr(opts,key) is None: setattr(opts,key,val) if not hasattr(opts,key): setattr(opts,key,val) if getattr(opts,'rootcadir') is None: setattr(opts,'rootcadir',config['global']['rootcadir']) if opts.rootcadir is None: sys.exit('Missing path to trusted root certificate directory (-r argument)') certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) # Removed because OpenStack is not required for pi usage # # Check if quantum is running, if not, then take a nap # command_str = '%s net-list' % gram.am.gram.config.network_type # command = command_str.split() # ready = 0 # while(not ready): # try : # subprocess.check_output(command) # ready = 1 # logging.getLogger('gram-am').info(' Ready to start GRAM') # except : # logging.getLogger('gram-am').error('Error executing command %s' % command) # time.sleep(15) gram.am.gram.config.snapshot_dir = opts.snapshot_dir gram.am.gram.config.recover_from_snapshot = opts.recover_from_snapshot gram.am.gram.config.recover_from_most_recent_snapshot = \ opts.recover_from_most_recent_snapshot gram.am.gram.config.snapshot_maintain_limit = opts.snapshot_maintain_limit # Instantiate an argument guard that will reject or modify # arguments and options provided to calls argument_guard = None if hasattr(opts, 'argument_guard'): argument_guard = getInstanceFromClassname(opts.argument_guard) # Instantiate authorizer from 'authorizer' config argument # By default, use the SFA authorizer if hasattr(opts, 'authorizer'): authorizer_classname = opts.authorizer else: authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer" authorizer = getInstanceFromClassname(authorizer_classname, opts.rootcadir, opts, argument_guard) # Use XMLRPC authorizer if opt.remote_authorizer is set if hasattr(opts, 'remote_authorizer'): import xmlrpclib authorizer = xmlrpclib.Server(opts.remote_authorizer) # Instantiate resource manager from 'authorizer_resource_manager' # config argument. Default = None resource_manager = None if hasattr(opts, 'authorizer_resource_manager'): resource_manager = \ getInstanceFromClassname(opts.authorizer_resource_manager) # rootcadir is dir of multiple certificates delegate = gcf.geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir)) # here rootcadir is supposed to be a single file with multiple # certs possibly concatenated together comboCertsFile = gcf.geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir)) server_url = "https://%s:%d/" % (opts.host, int(opts.v3_port)) GRAM=gram.am.am3.GramReferenceAggregateManager(getAbsPath(opts.rootcadir), config['global']['base_name'], certfile, server_url) if opts.api_version == 1: msg = "Version 1 of AM API unsopported in GRAM" sys.exit(msg) #elif opts.api_version == 2: ams_v2 = gram.am.gram_am2.GramAggregateManagerServer((opts.host, int(opts.v2_port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager = resource_manager, GRAM=GRAM) #elif opts.api_version == 3: ams_v3 = gram.am.am3.GramAggregateManagerServer((opts.host, int(opts.v3_port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager = resource_manager, GRAM=GRAM) ams_rpi_v3 = gram.am.rpiv3.GramAggregateManagerServer((opts.host, int(opts.rpi_port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager = resource_manager, GRAM=GRAM) #else: # msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\"" # sys.exit(msg % (opts.api_version)) logging.getLogger('gcf-am').info('GENI AM 3 Listening on port %s...' % (opts.v3_port)) logging.getLogger('gcf-am').info('GENI AM 2 Listening on port %s...' % (opts.v2_port)) logging.getLogger('gcf-am').info('GENI AM PI Listening on port %s...' % (opts.rpi_port)) thread = threading.Thread(target=ams_v2.serve_forever,args=()) thread.start() thread = threading.Thread(target=ams_rpi_v3.serve_forever,args=()) thread.start() ams_v3.serve_forever()
def main(argv=None): if argv is None: argv = sys.argv (opts, args) = parse_args(argv) # Ignore args, appease eclipse. _ = args global config, CERT_AUTHORITY optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) CERT_AUTHORITY = config["global"]["base_name"] username = "******" if opts.username: # We'll check this is legal once we have a full URN username = opts.username dir = "." if opts.directory: dir = opts.directory if not opts.authority is None: # FIXME: Check it's legal? Should be 'an internationalized # domain name' CERT_AUTHORITY = opts.authority global CH_CERT_FILE, CH_KEY_FILE, AM_CERT_FILE, AM_KEY_FILE, USER_CERT_FILE, USER_KEY_FILE CH_CERT_FILE = getAbsPath(config["clearinghouse"]["certfile"]) CH_KEY_FILE = getAbsPath(config["clearinghouse"]["keyfile"]) AM_CERT_FILE = getAbsPath(config["aggregate_manager"]["certfile"]) AM_KEY_FILE = getAbsPath(config["aggregate_manager"]["keyfile"]) USER_CERT_FILE = getAbsPath(config["gcf-test"]["certfile"]) USER_KEY_FILE = getAbsPath(config["gcf-test"]["keyfile"]) # If username != alice then substitute actual username # in user_cert_file and user_key_file as appropriate # like USER_CERT_FILE = s/alice/$username/ # Of course if the user edits the file to have something # other than alice in the filename then this does something odd if username != "alice": USER_CERT_FILE = string.replace(USER_CERT_FILE, "alice", username) USER_KEY_FILE = string.replace(USER_KEY_FILE, "alice", username) try: for p in [CH_CERT_FILE, CH_KEY_FILE, AM_CERT_FILE, AM_KEY_FILE, USER_CERT_FILE, USER_KEY_FILE]: if "/" in p: os.mkdir(p[: p.rfind("/")]) except: pass ch_keys = None ch_cert = None if not opts.notAll or opts.ch: (ch_keys, ch_cert) = make_ch_cert(dir) else: if not opts.notAll or opts.exp: try: ch_cert = gid.GID(filename=os.path.join(dir, CH_CERT_FILE)) ch_keys = cert.Keypair(filename=os.path.join(dir, CH_KEY_FILE)) except Exception, exc: sys.exit("Failed to read CH(SA) cert/key from %s/%s and %s: %s" % (dir, CH_CERT_FILE, CH_KEY_FILE, exc))
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key,val) in config['proxy aggregate_manager'].items(): if hasattr(opts,key) and getattr(opts,key) is None: setattr(opts,key,val) if not hasattr(opts,key): setattr(opts,key,val) if getattr(opts,'rootcadir') is None: setattr(opts,'rootcadir',config['global']['rootcadir']) # print("CONFIG = " + str(config)) # print("OPTS = " + str(opts)) if opts.rootcadir is None: sys.exit('Missing path to trusted root certificate directory (-r argument)') # rootcadir is dir of multiple certificates delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir)) # here rootcadir is supposed to be a single file with multiple # certs possibly concatenated together comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir)) am_host = getattr(opts,'am_host'); am_port = getattr(opts,'am_port'); am_url = "http://" + am_host + ":" + am_port + "/"; if (hasattr(opts, 'am_url')): am_url = getattr(opts, 'am_url'); certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Proxy AM certfile %s doesn't exist" % certfile) if not os.path.getsize(certfile) > 0: sys.exit("Proxy AM certfile %s is empty" % certfile) if not os.path.exists(keyfile): sys.exit("Proxy AM keyfile %s doesn't exist" % keyfile) if not os.path.getsize(keyfile) > 0: sys.exit("Proxy AM keyfile %s is empty" % keyfile) logger = logging.getLogger('gcf-am'); logger.info('Talking to AM ' + am_url); pams = gcf.geni.am.proxyam.ProxyAggregateManagerServer((opts.host, int(opts.port)), am_url, keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name']) logger.info('GENI AM Listening on port %s...' % (opts.port)) pams.serve_forever()
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key, val) in config['aggregate_manager'].items(): if hasattr(opts, key) and getattr(opts, key) is None: setattr(opts, key, val) if not hasattr(opts, key): setattr(opts, key, val) if getattr(opts, 'rootcadir') is None: setattr(opts, 'rootcadir', config['global']['rootcadir']) if opts.rootcadir is None: sys.exit( 'Missing path to trusted root certificate directory (-r argument)') certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.getsize(certfile) > 0: sys.exit("Aggregate certfile %s is empty" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) if not os.path.getsize(keyfile) > 0: sys.exit("Aggregate keyfile %s is empty" % keyfile) # Instantiate an argument guard that will reject or modify # arguments and options provided to calls argument_guard = None if hasattr(opts, 'argument_guard'): argument_guard = getInstanceFromClassname(opts.argument_guard) # Instantiate authorizer from 'authorizer' config argument # By default, use the SFA authorizer if hasattr(opts, 'authorizer'): authorizer_classname = opts.authorizer else: authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer" authorizer = getInstanceFromClassname(authorizer_classname, getAbsPath(opts.rootcadir), opts, argument_guard) # Use XMLRPC authorizer if opt.remote_authorizer is set if hasattr(opts, 'remote_authorizer'): import xmlrpclib authorizer = xmlrpclib.Server(opts.remote_authorizer) # Instantiate resource manager from 'authorizer_resource_manager' # config argument. Default = None resource_manager = None if hasattr(opts, 'authorizer_resource_manager'): resource_manager = \ getInstanceFromClassname(opts.authorizer_resource_manager) delegate = None if hasattr(opts, 'delegate') and opts.delegate is not None and str( opts.delegate).strip() != "": try: delegate = getInstanceFromClassname( opts.delegate, getAbsPath(opts.rootcadir), config['global']['base_name'], "https://%s:%d/" % (opts.host, int(opts.port)), **vars(opts)) except AttributeError, e: msg = "Could not create delegate from name '%s': probably not a valid python class name. " % opts.delegate msg += e.message logging.getLogger('gcf-am').error(msg) sys.exit(msg)
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG # Read in config file options, command line gets priority global config optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key, val) in config["gcf-test"].items(): if hasattr(opts, key) and getattr(opts, key) is None: setattr(opts, key, val) if not hasattr(opts, key): setattr(opts, key, val) # Determine the AM and CH hostnames from the config file if getattr(opts, "ch") is None: host = config["clearinghouse"]["host"] port = config["clearinghouse"]["port"] if not host.startswith("http"): host = "https://%s" % host.strip("/") url = "%s:%s/" % (host, port) setattr(opts, "ch", url) if getattr(opts, "am") is None: host = config["aggregate_manager"]["host"] port = config["aggregate_manager"]["port"] if not host.startswith("http"): host = "https://%s" % host.strip("/") url = "%s:%s/" % (host, port) setattr(opts, "am", url) logging.basicConfig(level=level) logger = logging.getLogger("gcf-test") if not opts.keyfile or not opts.certfile: sys.exit("Missing required arguments -k for Key file and -c for cert file") keyf = getAbsPath(opts.keyfile) certf = getAbsPath(opts.certfile) if not os.path.exists(certf): sys.exit("Client certfile %s doesn't exist" % certf) if not os.path.getsize(certf) > 0: sys.exit("Client certfile %s is empty" % certf) if not os.path.exists(keyf): sys.exit("Client keyfile %s doesn't exist" % keyf) if not os.path.getsize(keyf) > 0: sys.exit("Client keyfile %s is empty" % keyf) # print 'a_v: %d' % opts.api_version logger.info("CH Server is %s. Using keyfile %s, certfile %s", opts.ch, keyf, certf) logger.info("AM Server is %s. Using keyfile %s, certfile %s", opts.am, keyf, certf) ch_server = make_client(opts.ch, keyf, certf, opts.debug_rpc) am_server = make_client(opts.am, keyf, certf, opts.debug_rpc) exercise_am(ch_server, am_server, opts.api_version) return 0
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key,val) in config['aggregate_manager'].items(): if hasattr(opts,key) and getattr(opts,key) is None: setattr(opts,key,val) if not hasattr(opts,key): setattr(opts,key,val) if getattr(opts,'rootcadir') is None: setattr(opts,'rootcadir',config['global']['rootcadir']) if opts.rootcadir is None: sys.exit('Missing path to trusted root certificate directory (-r argument)') certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.getsize(certfile) > 0: sys.exit("Aggregate certfile %s is empty" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) if not os.path.getsize(keyfile) > 0: sys.exit("Aggregate keyfile %s is empty" % keyfile) # Instantiate an argument guard that will reject or modify # arguments and options provided to calls argument_guard = None if hasattr(opts, 'argument_guard'): argument_guard = getInstanceFromClassname(opts.argument_guard) # Instantiate authorizer from 'authorizer' config argument # By default, use the SFA authorizer if hasattr(opts, 'authorizer'): authorizer_classname = opts.authorizer else: authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer" authorizer = getInstanceFromClassname(authorizer_classname, getAbsPath(opts.rootcadir), opts, argument_guard) # Use XMLRPC authorizer if opt.remote_authorizer is set if hasattr(opts, 'remote_authorizer'): import xmlrpclib authorizer = xmlrpclib.Server(opts.remote_authorizer) # Instantiate resource manager from 'authorizer_resource_manager' # config argument. Default = None resource_manager = None if hasattr(opts, 'authorizer_resource_manager'): resource_manager = \ getInstanceFromClassname(opts.authorizer_resource_manager) # rootcadir is dir of multiple certificates delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir)) # here rootcadir is supposed to be a single file with multiple # certs possibly concatenated together comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir)) if opts.api_version == 1: ams = geni.AggregateManagerServer((opts.host, int(opts.port)), delegate=delegate, keyfile=keyfile, certfile=certfile, ca_certs=comboCertsFile, base_name=config['global']['base_name']) elif opts.api_version == 2: ams = gcf.geni.am.am2.AggregateManagerServer((opts.host, int(opts.port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager=resource_manager) elif opts.api_version == 3: ams = gcf.geni.am.am3.AggregateManagerServer((opts.host, int(opts.port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager=resource_manager) else: msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\"" sys.exit(msg % (opts.api_version)) logging.getLogger('gcf-am').info('GENI AM Listening on port %s...' % (opts.port)) ams.serve_forever()
def main(argv=None): if argv is None: argv = sys.argv (opts, args) = parse_args(argv) # Ignore args, appease eclipse. _ = args global config, CERT_AUTHORITY optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) CERT_AUTHORITY = config['global']['base_name'] username = "******" if opts.username: # We'll check this is legal once we have a full URN username = opts.username dir = "." if opts.directory: dir = opts.directory if not opts.authority is None: # FIXME: Check it's legal? Should be 'an internationalized # domain name' CERT_AUTHORITY = opts.authority global CH_CERT_FILE, CH_KEY_FILE, AM_CERT_FILE, AM_KEY_FILE, USER_CERT_FILE, USER_KEY_FILE CH_CERT_FILE = getAbsPath(config['clearinghouse']['certfile']) CH_KEY_FILE = getAbsPath(config['clearinghouse']['keyfile']) AM_CERT_FILE = getAbsPath(config['aggregate_manager']['certfile']) AM_KEY_FILE = getAbsPath(config['aggregate_manager']['keyfile']) USER_CERT_FILE = getAbsPath(config['gcf-test']['certfile']) USER_KEY_FILE = getAbsPath(config['gcf-test']['keyfile']) # If username != alice then substitute actual username # in user_cert_file and user_key_file as appropriate # like USER_CERT_FILE = s/alice/$username/ # Of course if the user edits the file to have something # other than alice in the filename then this does something odd if username != 'alice': USER_CERT_FILE = string.replace(USER_CERT_FILE, 'alice', username) USER_KEY_FILE = string.replace(USER_KEY_FILE, 'alice', username) try: for p in [ CH_CERT_FILE, CH_KEY_FILE, AM_CERT_FILE, AM_KEY_FILE, USER_CERT_FILE, USER_KEY_FILE ]: if '/' in p: os.mkdir(p[:p.rfind('/')]) except: pass ch_keys = None ch_cert = None if not opts.notAll or opts.ch: (ch_keys, ch_cert) = make_ch_cert(dir) else: if not opts.notAll or opts.exp: try: ch_cert = gid.GID(filename=os.path.join(dir, CH_CERT_FILE)) ch_keys = cert.Keypair(filename=os.path.join(dir, CH_KEY_FILE)) except Exception, exc: sys.exit( "Failed to read CH(SA) cert/key from %s/%s and %s: %s" % (dir, CH_CERT_FILE, CH_KEY_FILE, exc))