def CreateSliver(self, slice_urn, credentials, rspec, users, options): """Create a sliver with the given URN from the resources in the given RSpec. Return an RSpec of the actually allocated resources. users argument provides extra information on configuring the resources for runtime access. """ self.logger.info('CreateSliver(%r)' % (slice_urn)) # Note this list of privileges is really the name of an operation # from the privilege_table in sfa/trust/rights.py # Credentials will specify a list of privileges, each of which # confers the right to perform a list of operations. # EG the 'info' privilege in a credential allows the operations # listslices, listnodes, policy privileges = (CREATESLIVERPRIV,) # Note that verify throws an exception on failure. # Use the client PEM format cert as retrieved # from the https connection by the SecureXMLRPCServer # to identify the caller. creds = self._cred_verifier.verify_from_strings(self._server.pem_cert, credentials, slice_urn, privileges) # If we get here, the credentials give the caller # all needed privileges to act on the given target. if slice_urn in self._slices: self.logger.error('Slice %s already exists.', slice_urn) return self.errorResult(17, 'Slice %s already exists' % (slice_urn)) errString = gib_manager.createSliver(slice_urn, rspec, users) if errString != None : # Something went wrong: we got back an error string. return self.errorResult(500, errString) ### rspec_dom = None ### try: ### rspec_dom = minidom.parseString(rspec) ### except Exception, exc: ### self.logger.error("Cant create sliver %s. Exception parsing rspec: %s" % (slice_urn, exc)) ### return self.errorResult(1, 'Bad Args: RSpec is unparseable') # Look at the version of the input request RSpec # Make sure it is supported # Then make sure that you return an RSpec in the same format # EG if both V1 and V2 are supported, and the user gives V2 request, # then you must return a V2 request and not V1 ### allresources = self._agg.catalog() ### allrdict = dict() ### for r in allresources: ### if r.available: ### allrdict[r.id] = r ### # Note: This only handles unbound nodes. Any attempt by the client ### # to specify a node is ignored. ### resources = dict() ### unbound = list() ### for elem in rspec_dom.documentElement.getElementsByTagName('node'): ### unbound.append(elem) ### for elem in unbound: ### client_id = elem.getAttribute('client_id') ### keys = allrdict.keys() ### if keys: ### rid = keys[0] ### resources[client_id] = allrdict[rid] ### del allrdict[rid] ### else: ### return self.errorResult(6, 'Too Big: insufficient resources to fulfill request') # determine max expiration time from credentials # do not create a sliver that will outlive the slice! expiration = datetime.datetime.utcnow() + self.max_lease for cred in creds: credexp = self._naiveUTC(cred.expiration) if credexp < expiration: expiration = credexp newslice = Slice(slice_urn, expiration) ### self._agg.allocate(slice_urn, resources.values()) ### for cid, r in resources.items(): ### newslice.resources[cid] = r.id ### r.status = Resource.STATUS_READY self._slices[slice_urn] = newslice self.logger.info("Created new slice %s" % slice_urn) ### result = self.manifest_rspec(slice_urn) result = gib_manager.get_manifest() self.logger.debug('Result = %s', result) return dict(code=dict(geni_code=0, am_type="gcf2", am_code=0), value=result, output="")
def ListResources(self, credentials, options): '''Return an RSpec of resources managed at this AM. If a geni_slice_urn is given in the options, then only return resources assigned to that slice. If geni_available is specified in the options, then only report available resources. And if geni_compressed option is specified, then compress the result.''' self.logger.info('ListResources(%r)' % (options)) # Note this list of privileges is really the name of an operation # from the privilege_table in sfa/trust/rights.py # Credentials will specify a list of privileges, each of which # confers the right to perform a list of operations. # EG the 'info' privilege in a credential allows the operations # listslices, listnodes, policy # could require list or listnodes? privileges = () # Note that verify throws an exception on failure. # Use the client PEM format cert as retrieved # from the https connection by the SecureXMLRPCServer # to identify the caller. self._cred_verifier.verify_from_strings(self._server.pem_cert, credentials, None, privileges) # If we get here, the credentials give the caller # all needed privileges to act on the given target. if 'geni_rspec_version' not in options: # This is a required option, so error out with bad arguments. self.logger.error('No geni_rspec_version supplied to ListResources.') return self.errorResult(1, 'Bad Arguments: option geni_rspec_version was not supplied.') if 'type' not in options['geni_rspec_version']: self.logger.error('ListResources: geni_rspec_version does not contain a type field.') return self.errorResult(1, 'Bad Arguments: option geni_rspec_version does not have a type field.') if 'version' not in options['geni_rspec_version']: self.logger.error('ListResources: geni_rspec_version does not contain a version field.') return self.errorResult(1, 'Bad Arguments: option geni_rspec_version does not have a version field.') # Look to see what RSpec version the client requested # Error-check that the input value is supported. rspec_type = options['geni_rspec_version']['type'] if isinstance(rspec_type, str): rspec_type = rspec_type.lower().strip() rspec_version = options['geni_rspec_version']['version'] if rspec_type != 'geni': self.logger.error('ListResources: Unknown RSpec type %s requested', rspec_type) return self.errorResult(4, 'Bad Version: requested RSpec type %s is not a valid option.' % (rspec_type)) if rspec_version != '3': self.logger.error('ListResources: Unknown RSpec version %s requested', rspec_version) return self.errorResult(4, 'Bad Version: requested RSpec version %s is not a valid option.' % (rspec_type)) self.logger.info("ListResources requested RSpec %s (%s)", rspec_type, rspec_version) if 'geni_slice_urn' in options: slice_urn = options['geni_slice_urn'] if slice_urn in self._slices: ### result = self.manifest_rspec(slice_urn) result = gib_manager.get_manifest() else: # return an empty rspec return self._no_such_slice(slice_urn) else: result = gib_manager.get_advert() ### all_resources = self._agg.catalog(None) ### available = 'geni_available' in options and options['geni_available'] ### resource_xml = "" ### for r in all_resources: ### if available and not r.available: ### continue ### resource_xml = resource_xml + self.advert_resource(r) ### result = self.advert_header() + resource_xml + self.advert_footer() self.logger.debug("Result is now \"%s\"", result) # Optionally compress the result if 'geni_compressed' in options and options['geni_compressed']: try: result = base64.b64encode(zlib.compress(result)) except Exception, exc: import traceback self.logger.error("Error compressing and encoding resource list: %s", traceback.format_exc()) raise Exception("Server error compressing resource list", exc)
class ReferenceAggregateManager(object): '''A reference Aggregate Manager that manages fake resources.''' # root_cert is a single cert or dir of multiple certs # that are trusted to sign credentials def __init__(self, root_cert, urn_authority, url): self._url = url self._api_version = 2 self._slices = dict() self._agg = Aggregate() self._agg.add_resources([FakeVM(self._agg) for _ in range(3)]) self._cred_verifier = geni.CredentialVerifier(root_cert) self._urn_authority = urn_authority self._my_urn = publicid_to_urn("%s %s %s" % (self._urn_authority, 'authority', 'am')) self.max_lease = datetime.timedelta(days=REFAM_MAXLEASE_DAYS) self.logger = logging.getLogger('gcf.am2') def GetVersion(self, options): '''Specify version information about this AM. That could include API version information, RSpec format and version information, etc. Return a dict.''' self.logger.info("Called GetVersion") reqver = [dict(type="geni", version="3", schema="http://www.geni.net/resources/rspec/3/request.xsd", namespace="http://www.geni.net/resources/rspec/3", extensions=[])] adver = [dict(type="geni", version="3", schema="http://www.geni.net/resources/rspec/3/ad.xsd", namespace="http://www.geni.net/resources/rspec/3", extensions=[])] api_versions = dict() api_versions[str(self._api_version)] = self._url versions = dict(geni_api=2, geni_api_versions=api_versions, geni_request_rspec_versions=reqver, geni_ad_rspec_versions=adver) return dict(geni_api=versions['geni_api'], code=dict(geni_code=0, am_type="gcf2", am_code=0), value=versions, output="") # The list of credentials are options - some single cred # must give the caller required permissions. # The semantics of the API are unclear on this point, so # this is just the current implementation def ListResources(self, credentials, options): '''Return an RSpec of resources managed at this AM. If a geni_slice_urn is given in the options, then only return resources assigned to that slice. If geni_available is specified in the options, then only report available resources. And if geni_compressed option is specified, then compress the result.''' self.logger.info('ListResources(%r)' % (options)) # Note this list of privileges is really the name of an operation # from the privilege_table in sfa/trust/rights.py # Credentials will specify a list of privileges, each of which # confers the right to perform a list of operations. # EG the 'info' privilege in a credential allows the operations # listslices, listnodes, policy # could require list or listnodes? privileges = () # Note that verify throws an exception on failure. # Use the client PEM format cert as retrieved # from the https connection by the SecureXMLRPCServer # to identify the caller. try: self._cred_verifier.verify_from_strings(self._server.pem_cert, credentials, None, privileges) except Exception, e: raise xmlrpclib.Fault('Insufficient privileges', str(e)) # If we get here, the credentials give the caller # all needed privileges to act on the given target. if 'geni_rspec_version' not in options: # This is a required option, so error out with bad arguments. self.logger.error('No geni_rspec_version supplied to ListResources.') return self.errorResult(1, 'Bad Arguments: option geni_rspec_version was not supplied.') if 'type' not in options['geni_rspec_version']: self.logger.error('ListResources: geni_rspec_version does not contain a type field.') return self.errorResult(1, 'Bad Arguments: option geni_rspec_version does not have a type field.') if 'version' not in options['geni_rspec_version']: self.logger.error('ListResources: geni_rspec_version does not contain a version field.') return self.errorResult(1, 'Bad Arguments: option geni_rspec_version does not have a version field.') # Look to see what RSpec version the client requested # Error-check that the input value is supported. rspec_type = options['geni_rspec_version']['type'] if isinstance(rspec_type, str): rspec_type = rspec_type.lower().strip() rspec_version = options['geni_rspec_version']['version'] if rspec_type != 'geni': self.logger.error('ListResources: Unknown RSpec type %s requested', rspec_type) return self.errorResult(4, 'Bad Version: requested RSpec type %s is not a valid option.' % (rspec_type)) if rspec_version != '3': self.logger.error('ListResources: Unknown RSpec version %s requested', rspec_version) return self.errorResult(4, 'Bad Version: requested RSpec version %s is not a valid option.' % (rspec_type)) self.logger.info("ListResources requested RSpec %s (%s)", rspec_type, rspec_version) if 'geni_slice_urn' in options: slice_urn = options['geni_slice_urn'] if slice_urn in self._slices: ### result = self.manifest_rspec(slice_urn) result = gib_manager.get_manifest() else: # return an empty rspec return self._no_such_slice(slice_urn) else: result = gib_manager.get_advert() ### all_resources = self._agg.catalog(None) ### available = 'geni_available' in options and options['geni_available'] ### resource_xml = "" ### for r in all_resources: ### if available and not r.available: ### continue ### resource_xml = resource_xml + self.advert_resource(r) ### result = self.advert_header() + resource_xml + self.advert_footer() self.logger.debug("Result is now \"%s\"", result) # Optionally compress the result if 'geni_compressed' in options and options['geni_compressed']: try: result = base64.b64encode(zlib.compress(result)) except Exception, exc: import traceback self.logger.error("Error compressing and encoding resource list: %s", traceback.format_exc()) raise Exception("Server error compressing resource list", exc)
expiration = datetime.datetime.utcnow() + self.max_lease for cred in creds: credexp = self._naiveUTC(cred.expiration) if credexp < expiration: expiration = credexp newslice = Slice(slice_urn, expiration) ### self._agg.allocate(slice_urn, resources.values()) ### for cid, r in resources.items(): ### newslice.resources[cid] = r.id ### r.status = Resource.STATUS_READY self._slices[slice_urn] = newslice self.logger.info("Created new slice %s" % slice_urn) ### result = self.manifest_rspec(slice_urn) result = gib_manager.get_manifest() self.logger.debug('Result = %s', result) return dict(code=dict(geni_code=0, am_type="gcf2", am_code=0), value=result, output="") # The list of credentials are options - some single cred # must give the caller required permissions. # The semantics of the API are unclear on this point, so # this is just the current implementation def DeleteSliver(self, slice_urn, credentials, options): '''Stop and completely delete the named sliver, and return True.''' self.logger.info('DeleteSliver(%r)' % (slice_urn))
def CreateSliver(self, slice_urn, credentials, rspec, users, options): """Create a sliver with the given URN from the resources in the given RSpec. Return an RSpec of the actually allocated resources. users argument provides extra information on configuring the resources for runtime access. """ self.logger.info('CreateSliver(%r)' % (slice_urn)) # Note this list of privileges is really the name of an operation # from the privilege_table in sfa/trust/rights.py # Credentials will specify a list of privileges, each of which # confers the right to perform a list of operations. # EG the 'info' privilege in a credential allows the operations # listslices, listnodes, policy privileges = (CREATESLIVERPRIV, ) # Note that verify throws an exception on failure. # Use the client PEM format cert as retrieved # from the https connection by the SecureXMLRPCServer # to identify the caller. creds = self._cred_verifier.verify_from_strings( self._server.pem_cert, credentials, slice_urn, privileges) # If we get here, the credentials give the caller # all needed privileges to act on the given target. if slice_urn in self._slices: self.logger.error('Slice %s already exists.', slice_urn) return self.errorResult(17, 'Slice %s already exists' % (slice_urn)) errString = gib_manager.createSliver(slice_urn, rspec, users) if errString != None: # Something went wrong: we got back an error string. return self.errorResult(500, errString) ### rspec_dom = None ### try: ### rspec_dom = minidom.parseString(rspec) ### except Exception, exc: ### self.logger.error("Cant create sliver %s. Exception parsing rspec: %s" % (slice_urn, exc)) ### return self.errorResult(1, 'Bad Args: RSpec is unparseable') # Look at the version of the input request RSpec # Make sure it is supported # Then make sure that you return an RSpec in the same format # EG if both V1 and V2 are supported, and the user gives V2 request, # then you must return a V2 request and not V1 ### allresources = self._agg.catalog() ### allrdict = dict() ### for r in allresources: ### if r.available: ### allrdict[r.id] = r ### # Note: This only handles unbound nodes. Any attempt by the client ### # to specify a node is ignored. ### resources = dict() ### unbound = list() ### for elem in rspec_dom.documentElement.getElementsByTagName('node'): ### unbound.append(elem) ### for elem in unbound: ### client_id = elem.getAttribute('client_id') ### keys = allrdict.keys() ### if keys: ### rid = keys[0] ### resources[client_id] = allrdict[rid] ### del allrdict[rid] ### else: ### return self.errorResult(6, 'Too Big: insufficient resources to fulfill request') # determine max expiration time from credentials # do not create a sliver that will outlive the slice! expiration = datetime.datetime.utcnow() + self.max_lease for cred in creds: credexp = self._naiveUTC(cred.expiration) if credexp < expiration: expiration = credexp newslice = Slice(slice_urn, expiration) ### self._agg.allocate(slice_urn, resources.values()) ### for cid, r in resources.items(): ### newslice.resources[cid] = r.id ### r.status = Resource.STATUS_READY self._slices[slice_urn] = newslice self.logger.info("Created new slice %s" % slice_urn) ### result = self.manifest_rspec(slice_urn) result = gib_manager.get_manifest() self.logger.debug('Result = %s', result) return dict(code=dict(geni_code=0, am_type="gcf2", am_code=0), value=result, output="")
def ListResources(self, credentials, options): '''Return an RSpec of resources managed at this AM. If a geni_slice_urn is given in the options, then only return resources assigned to that slice. If geni_available is specified in the options, then only report available resources. And if geni_compressed option is specified, then compress the result.''' self.logger.info('ListResources(%r)' % (options)) # Note this list of privileges is really the name of an operation # from the privilege_table in sfa/trust/rights.py # Credentials will specify a list of privileges, each of which # confers the right to perform a list of operations. # EG the 'info' privilege in a credential allows the operations # listslices, listnodes, policy # could require list or listnodes? privileges = () # Note that verify throws an exception on failure. # Use the client PEM format cert as retrieved # from the https connection by the SecureXMLRPCServer # to identify the caller. self._cred_verifier.verify_from_strings(self._server.pem_cert, credentials, None, privileges) # If we get here, the credentials give the caller # all needed privileges to act on the given target. if 'geni_rspec_version' not in options: # This is a required option, so error out with bad arguments. self.logger.error( 'No geni_rspec_version supplied to ListResources.') return self.errorResult( 1, 'Bad Arguments: option geni_rspec_version was not supplied.') if 'type' not in options['geni_rspec_version']: self.logger.error( 'ListResources: geni_rspec_version does not contain a type field.' ) return self.errorResult( 1, 'Bad Arguments: option geni_rspec_version does not have a type field.' ) if 'version' not in options['geni_rspec_version']: self.logger.error( 'ListResources: geni_rspec_version does not contain a version field.' ) return self.errorResult( 1, 'Bad Arguments: option geni_rspec_version does not have a version field.' ) # Look to see what RSpec version the client requested # Error-check that the input value is supported. rspec_type = options['geni_rspec_version']['type'] if isinstance(rspec_type, str): rspec_type = rspec_type.lower().strip() rspec_version = options['geni_rspec_version']['version'] if rspec_type != 'geni': self.logger.error('ListResources: Unknown RSpec type %s requested', rspec_type) return self.errorResult( 4, 'Bad Version: requested RSpec type %s is not a valid option.' % (rspec_type)) if rspec_version != '3': self.logger.error( 'ListResources: Unknown RSpec version %s requested', rspec_version) return self.errorResult( 4, 'Bad Version: requested RSpec version %s is not a valid option.' % (rspec_type)) self.logger.info("ListResources requested RSpec %s (%s)", rspec_type, rspec_version) if 'geni_slice_urn' in options: slice_urn = options['geni_slice_urn'] if slice_urn in self._slices: ### result = self.manifest_rspec(slice_urn) result = gib_manager.get_manifest() else: # return an empty rspec return self._no_such_slice(slice_urn) else: result = gib_manager.get_advert() ### all_resources = self._agg.catalog(None) ### available = 'geni_available' in options and options['geni_available'] ### resource_xml = "" ### for r in all_resources: ### if available and not r.available: ### continue ### resource_xml = resource_xml + self.advert_resource(r) ### result = self.advert_header() + resource_xml + self.advert_footer() self.logger.debug("Result is now \"%s\"", result) # Optionally compress the result if 'geni_compressed' in options and options['geni_compressed']: try: result = base64.b64encode(zlib.compress(result)) except Exception, exc: import traceback self.logger.error( "Error compressing and encoding resource list: %s", traceback.format_exc()) raise Exception("Server error compressing resource list", exc)