def endpoint_gc_create_finalize(self, ep): gridftp_hostname, gridftp_subject, myproxy_hostname, myproxy_subject = self._get_hostnames_subjects(ep) # This is a kludge until http://jira.globus.org/browse/KOA-1624 gets fixed username = self.inst.config.get("ec2-username") keyfile = os.path.expanduser(self.inst.config.get("ec2-keyfile")) gc_setupkey = self.inst.topology.get_node_by_id(ep.gridftp[5:]).gc_setupkey ssh = SSH(username, gridftp_hostname, keyfile, default_outf = None, default_errf = None) ssh.open() outf = StringIO.StringIO() errf = StringIO.StringIO() rc = ssh.run("grid-cert-info -subject -file /etc/grid-security/gc-cert-%s.pem" % (gc_setupkey), outf=outf, errf=errf, exception_on_error=False) if rc != 0: raise GlobusOnlineException, "Could not create endpoint %s" % ep.name ssh.close() gridftp_subject = outf.getvalue().strip() self.endpoint_remove(ep) self._endpoint_create(ep.name, gridftp_hostname, gridftp_subject, myproxy_hostname, ep.public)
def run(self): self.parse_options() inst_id = self.args[1] istore = InstanceStore(self.opt.dir) inst = istore.get_instance(inst_id) if inst.config.get("go-cert-file") == None: # Use SSH use_ssh = True ssh_key = os.path.expanduser(inst.config.get("go-ssh-key")) else: # Use Transfer API use_ssh = False go_cert_file = os.path.expanduser(inst.config.get("go-cert-file")) go_key_file = os.path.expanduser(inst.config.get("go-key-file")) go_server_ca = resource_filename("globus.provision", "chef-files/cookbooks/globus/files/default/gd-bundle_ca.cert") for domain_name, domain in inst.topology.domains.items(): for ep in domain.go_endpoints: if ep.gridftp.startswith("node:"): gridftp = inst.topology.get_node_by_id(ep.gridftp[5:]).hostname else: gridftp = ep.gridftp ca_dn = inst.config.get("ca-dn") if ca_dn == None: ca_dn = "/O=Grid/OU=Globus Provision (generated)" else: ca_dn = [x.split("=") for x in ca_dn.split(",")] ca_dn = "".join(["/%s=%s" % (n.upper().strip(), v.strip()) for n,v in ca_dn]) gridftp_subject = "%s/CN=host/%s" % (ca_dn, gridftp) if ep.myproxy.startswith("node:"): myproxy = inst.topology.get_node_by_id(ep.myproxy[5:]) else: myproxy = ep.myproxy if use_ssh: ssh = SSH(ep.user, "cli.globusonline.org", ssh_key, default_outf = None, default_errf = None) try: ssh.open() except paramiko.PasswordRequiredException, pre: print "The specified SSH key (%s) requires a password." % ssh_key print "Please specify a passwordless SSH key." exit(1) rc = ssh.run("endpoint-list %s" % (ep.name), exception_on_error=False) if rc == 0: if not self.opt.replace: print "An endpoint called '%s' already exists. Please choose a different name." % ep.name exit(1) else: rc = ssh.run("endpoint-remove %s" % (ep.name), exception_on_error=False) rc = ssh.run("endpoint-add %s -p %s -s \"%s\"" % (ep.name, gridftp, gridftp_subject), exception_on_error=False) if rc != 0: print "Could not create endpoint." exit(1) rc = ssh.run("endpoint-modify --myproxy-server=%s %s" % (myproxy, ep.name), exception_on_error=False) if rc != 0: print "Could not set endpoint's MyProxy server." exit(1) if self.opt.public: rc = ssh.run("endpoint-modify --public %s" % (ep.name), exception_on_error=False) if rc != 0: print "Could not make the endpoint public." exit(1) ssh.close() else: api = TransferAPIClient(ep.user, go_server_ca, go_cert_file, go_key_file) try: (code, msg, data) = api.endpoint(ep.name) ep_exists = True except ClientError as ce: if ce.status_code == 404: ep_exists = False else: print ce exit(1) if ep_exists: if not self.opt.replace: print "An endpoint called '%s' already exists. Please choose a different name." % ep.name exit(1) else: (code, msg, data) = api.endpoint_delete(ep.name) (code, msg, data) = api.endpoint_create(ep.name, gridftp, description="Globus Provision endpoint", scheme="gsiftp", port=2811, subject=gridftp_subject, myproxy_server=myproxy) if code >= 400: print code, msg exit(1) if self.opt.public: (code, msg, data) = api.endpoint(ep.name) if code >= 400: print code, msg exit(1) data["public"] = True (code, msg, data) = api.endpoint_update(ep.name, data) if code >= 400: print code, msg exit(1) print "Created endpoint '%s#%s' for domain '%s'" % (ep.user, ep.name, domain_name)