def main(args=None):
import config.config as pconfig
import utility.logger as plogger
# parse out the configuration file first
tcf_home = os.environ.get("TCF_HOME", "../../../../")
conf_files = ["kme_config.toml"]
conf_paths = [".", tcf_home + "/" + "config"]
parser = argparse.ArgumentParser()
parser.add_argument("--config", help="configuration file", nargs="+")
parser.add_argument("--config-dir", help="configuration folder", nargs="+")
parser.add_argument("--bind",
help="KME listener url for requests to KME",
type=str)
parser.add_argument("--worker_id",
help="Id of worker in plain text",
type=str)
parser.add_argument(
"--wpe-mrenclave",
help="MRENCLAVE of WPE that can register with this KME",
type=str)
(options, remainder) = parser.parse_known_args(args)
if options.config:
conf_files = options.config
if options.config_dir:
conf_paths = options.config_dir
try:
config = pconfig.parse_configuration_files(conf_files, conf_paths)
json.dumps(config, indent=4)
except pconfig.ConfigurationException as e:
logger.error(str(e))
sys.exit(-1)
if options.bind:
config["KMEListener"]["bind"] = options.bind
if options.worker_id:
config["WorkerConfig"]["worker_id"] = options.worker_id
if options.wpe_mrenclave:
config["EnclaveModule"]["wpe_mrenclave"] = options.wpe_mrenclave
plogger.setup_loggers(config.get("Logging", {}))
sys.stdout = plogger.stream_to_logger(logging.getLogger("STDOUT"),
logging.DEBUG)
sys.stderr = plogger.stream_to_logger(logging.getLogger("STDERR"),
logging.WARN)
EnclaveManager.parse_command_line(config, remainder)
logger.info("Initialize KeyManagement enclave_manager")
enclave_manager = KeyManagementEnclaveManager(config)
enclave_manager.init_kv_delegates()
enclave_manager.setup_enclave()
logger.info("About to start KeyManagement Enclave manager")
enclave_manager.start_enclave_manager()
def main(args=None):
import config.config as pconfig
import utility.logger as plogger
# parse out the configuration file first
tcf_home = os.environ.get("TCF_HOME", "../../../../")
conf_files = ["wpe_config.toml"]
conf_paths = [".", tcf_home + "/" + "config"]
parser = argparse.ArgumentParser()
parser.add_argument("--config", help="configuration file", nargs="+")
parser.add_argument("--config-dir", help="configuration folder", nargs="+")
parser.add_argument("--kme_listener_url",
help="KME listener url for requests to KME",
type=str)
parser.add_argument("--worker_id",
help="Id of worker in plain text",
type=str)
(options, remainder) = parser.parse_known_args(args)
if options.config:
conf_files = options.config
if options.config_dir:
conf_paths = options.config_dir
try:
config = pconfig.parse_configuration_files(conf_files, conf_paths)
json.dumps(config, indent=4)
except pconfig.ConfigurationException as e:
logger.error(str(e))
sys.exit(-1)
if options.kme_listener_url:
config["KMEListener"]["kme_listener_url"] = options.kme_listener_url
if options.worker_id:
config["WorkerConfig"]["worker_id"] = options.worker_id
plogger.setup_loggers(config.get("Logging", {}))
sys.stdout = plogger.stream_to_logger(logging.getLogger("STDOUT"),
logging.DEBUG)
sys.stderr = plogger.stream_to_logger(logging.getLogger("STDERR"),
logging.WARN)
try:
EnclaveManager.parse_command_line(config, remainder)
logger.info("Initialize WorkOrderProcessor enclave_manager")
enclave_manager = WorkOrderProcessorEnclaveManager(config)
logger.info("About to start WorkOrderProcessor Enclave manager")
enclave_manager.start_enclave_manager()
except Exception as e:
logger.error("Exception occurred while running WPE, " +
"exiting WPE enclave manager")
exit(1)
def main(args=None):
import config.config as pconfig
import utility.logger as plogger
# parse out the configuration file first
tcf_home = os.environ.get("TCF_HOME", "../../../")
conf_files = ["graphene_config.toml"]
conf_paths = [".", tcf_home + "/" + "config"]
parser = argparse.ArgumentParser()
parser.add_argument("--config", help="configuration file", nargs="+")
parser.add_argument("--config-dir", help="configuration folder", nargs="+")
parser.add_argument("--worker_id",
help="Id of worker in plain text",
type=str)
(options, remainder) = parser.parse_known_args(args)
if options.config:
conf_files = options.config
if options.config_dir:
conf_paths = options.config_dir
try:
config = pconfig.parse_configuration_files(conf_files, conf_paths)
json.dumps(config, indent=4)
except pconfig.ConfigurationException as e:
logger.error(str(e))
sys.exit(-1)
if options.worker_id:
config["WorkerConfig"]["worker_id"] = options.worker_id
plogger.setup_loggers(config.get("Logging", {}))
sys.stdout = plogger.stream_to_logger(logging.getLogger("STDOUT"),
logging.DEBUG)
sys.stderr = plogger.stream_to_logger(logging.getLogger("STDERR"),
logging.WARN)
EnclaveManager.parse_command_line(config, remainder)
try:
enclave_manager = GrapheneEnclaveManager(config)
enclave_manager.init_kv_delegates()
enclave_manager.setup_enclave()
logger.info("About to start Graphene Enclave manager")
enclave_manager.start_enclave_manager()
except Exception as ex:
logger.error("Error starting Graphene Enclave Manager: " + str(e))
# Disconnect ZMQ socket.
if self.zmq_socket:
self.zmq_socket.disconnect()
def main(args=None):
import config.config as pconfig
import utility.logger as plogger
# parse out the configuration file first
tcf_home = os.environ.get("TCF_HOME", "../../../../")
conf_files = ["singleton_enclave_config.toml"]
conf_paths = [".", tcf_home + "/" + "config"]
parser = argparse.ArgumentParser()
parser.add_argument("--config", help="configuration file", nargs="+")
parser.add_argument("--config-dir", help="configuration folder", nargs="+")
parser.add_argument("--worker_id",
help="Id of worker in plain text",
type=str)
parser.add_argument("--workloads",
help="Comma-separated list of workloads supported",
type=str)
(options, remainder) = parser.parse_known_args(args)
if options.config:
conf_files = options.config
if options.config_dir:
conf_paths = options.config_dir
try:
config = pconfig.parse_configuration_files(conf_files, conf_paths)
json.dumps(config, indent=4)
except pconfig.ConfigurationException as e:
logger.error(str(e))
sys.exit(-1)
if options.workloads:
config["WorkerConfig"]["workloads"] = options.workloads
if options.worker_id:
config["WorkerConfig"]["worker_id"] = options.worker_id
plogger.setup_loggers(config.get("Logging", {}))
sys.stdout = plogger.stream_to_logger(logging.getLogger("STDOUT"),
logging.DEBUG)
sys.stderr = plogger.stream_to_logger(logging.getLogger("STDERR"),
logging.WARN)
EnclaveManager.parse_command_line(config, remainder)
logger.info("Initialize singleton enclave_manager")
enclave_manager = SingletonEnclaveManager(config)
logger.info("About to start Singleton Enclave manager")
enclave_manager.start_enclave_manager()
def main(args=None):
import config.config as pconfig
import utility.logger as plogger
# parse out the configuration file first
tcf_home = os.environ.get("TCF_HOME", "../../../../")
conf_files = ["kme_config.toml"]
conf_paths = [".", tcf_home + "/" + "config"]
parser = argparse.ArgumentParser()
parser.add_argument("--config", help="configuration file", nargs="+")
parser.add_argument("--config-dir", help="configuration folder", nargs="+")
(options, remainder) = parser.parse_known_args(args)
if options.config:
conf_files = options.config
if options.config_dir:
conf_paths = options.config_dir
try:
config = pconfig.parse_configuration_files(conf_files, conf_paths)
json.dumps(config, indent=4)
except pconfig.ConfigurationException as e:
logger.error(str(e))
sys.exit(-1)
plogger.setup_loggers(config.get("Logging", {}))
sys.stdout = plogger.stream_to_logger(logging.getLogger("STDOUT"),
logging.DEBUG)
sys.stderr = plogger.stream_to_logger(logging.getLogger("STDERR"),
logging.WARN)
EnclaveManager.parse_command_line(config, remainder)
logger.info("Initialize KeyManagement enclave_manager")
enclave_manager = KeyManagementEnclaveManager(config)
logger.info("About to start KeyManagement Enclave manager")
enclave_manager.start_enclave_manager()
def _manager_on_boot(self):
"""
Executes Boot flow of enclave manager
"""
logger.info("Executing boot time procedure")
# Add a new worker
worker_info = EnclaveManager.create_json_worker(self, self._config)
# Hex string read from config which is 64 characters long
worker_id = self._worker_id
self._worker_kv_delegate.add_new_worker(worker_id, worker_info)
# Cleanup wo-processing" table
self._wo_kv_delegate.cleanup_work_orders()
def _manager_on_boot(self):
"""
Executes Boot flow of enclave manager
"""
logger.info("Executing boot time procedure")
# Add a new worker
worker_info = EnclaveManager.create_json_worker(self, self._config)
# Hex string read from config which is 64 characters long
worker_id = self._worker_id
self._worker_kv_delegate.add_new_worker(worker_id, worker_info)
# Update mapping of worker_id to workers in a pool
self._worker_kv_delegate.update_worker_map(worker_id, self._identity)
# Cleanup all stale work orders for this worker which
# used old worker keys
self._wo_kv_delegate.cleanup_work_orders()
def _manager_on_boot(self):
"""
Executes Boot flow of enclave manager
"""
logger.info("Executing boot time procedure")
# Cleanup all stale work orders for this worker which
# used old worker keys
self._wo_kv_delegate.cleanup_work_orders()
# Clear all WPEs mapped to this worker_id (pool). WPEs will have
# to register afresh to get into the pool now.
self._worker_kv_delegate.cleanup_pool(self._worker_id)
# Add a new worker
worker_info = EnclaveManager.create_json_worker(self, self._config)
# Hex string read from config which is 64 characters long
self._worker_kv_delegate.add_new_worker(self._worker_id, worker_info)
def _start_zmq_listener(self):
"""
This function binds to the port configured for zmq and
then indefinitely processes work order requests received
over the zmq connection. It terminates only when an
exception occurs.
"""
# Binding with ZMQ Port
try:
socket = EnclaveManager.bind_zmq_socket(
self._config.get("EnclaveManager")["zmq_port"])
logger.info("ZMQ Port hosted by Enclave")
except Exception as ex:
logger.exception("Failed to bind socket; " +
"shutting down enclave manager")
logger.error("Exception: {} args{} details{}".format(
type(ex), ex.args, ex))
exit(1)
try:
while True:
# Wait for the next request
logger.info("Enclave Manager waiting for next request")
wo_id = socket.recv()
wo_id = wo_id.decode()
logger.info("Received request at enclave manager: %s" % wo_id)
result = self._process_work_order_sync(wo_id)
if result is None:
socket.send_string("Error while processing work order: " +
str(wo_id))
else:
socket.send_string("Work order processed: " + str(wo_id))
except Exception as inst:
logger.error("Error while processing work-order; " +
"shutting down enclave manager")
logger.error("Exception: {} args {} details {}".format(
type(inst), inst.args, inst))
exit(1)
def _process_work_order_by_id(self, wo_id):
"""
Process the work-order of the specified work-order id. Execute the
work-order and update the tables accordingly.
Parameters :
wo_id - It is the work-order id of the work-order that is to be
processed
Returns :
wo_resp - A JSON response of the executed work order
"""
try:
self._kv_helper.set("wo-processing", wo_id,
WorkOrderStatus.PROCESSING.name)
# Get JSON workorder request corresponding to wo_id
wo_json_req = self._kv_helper.get("wo-requests", wo_id)
if wo_json_req is None:
logger.error(
"Received empty work order corresponding " +
"to id %s from wo-requests table", wo_id)
self._kv_helper.remove("wo-processing", wo_id)
return
except Exception as e:
logger.error(
"Problem while reading the work order %s "
"from wo-requests table", wo_id)
self._kv_helper.remove("wo-processing", wo_id)
return
logger.info("Create workorder entry %s in wo-processing table", wo_id)
self._kv_helper.set("wo-processing", wo_id,
WorkOrderStatus.PROCESSING.name)
logger.info("Delete workorder entry %s from wo-scheduled table", wo_id)
self._kv_helper.remove("wo-scheduled", wo_id)
logger.info("Validating JSON workorder request %s", wo_id)
validation_status = EnclaveManager.validate_request(wo_json_req)
if not validation_status:
logger.error(
"JSON validation for Workorder %s failed; " +
"handling Failure scenarios", wo_id)
wo_response = dict()
wo_response["Response"] = dict()
wo_response["Response"]["Status"] = WorkOrderStatus.FAILED
wo_response["Response"]["Message"] = \
"Workorder JSON request is invalid"
self._kv_helper.set("wo-responses", wo_id, json.dumps(wo_response))
self._kv_helper.set("wo-processed", wo_id,
WorkOrderStatus.FAILED.name)
self._kv_helper.remove("wo-processing", wo_id)
return
# Execute work order request
logger.info("Execute workorder with id %s", wo_id)
wo_json_resp = self._execute_work_order(wo_json_req)
wo_resp = json.loads(wo_json_resp)
logger.info("Update workorder receipt for workorder %s", wo_id)
self._wo_kv_delegate.update_receipt(wo_id, wo_resp)
if "Response" in wo_resp and \
wo_resp["Response"]["Status"] == WorkOrderStatus.FAILED:
logger.error("error in Response")
self._kv_helper.set("wo-processed", wo_id,
WorkOrderStatus.FAILED.name)
self._kv_helper.set("wo-responses", wo_id, wo_json_resp)
self._kv_helper.remove("wo-processing", wo_id)
return
logger.info(
"Mark workorder status for workorder id %s " +
"as Completed in wo-processed", wo_id)
self._kv_helper.set("wo-processed", wo_id,
WorkOrderStatus.SUCCESS.name)
logger.info("Create entry in wo-responses table for workorder %s",
wo_id)
self._kv_helper.set("wo-responses", wo_id, wo_json_resp)
logger.info("Delete workorder entry %s from wo-processing table",
wo_id)
self._kv_helper.remove("wo-processing", wo_id)
return wo_resp
