def __init__(self, options): try: self.config = config = Config(options.config_file) except: print "failed to read config_file %s" % options.config_file sys.exit(1) key_path = os.path.dirname(options.config_file) user_name = self.config.SFI_USER.split('.')[-1:][0] key_file = key_path + os.sep + user_name + '.pkey' cert_file = key_path + os.sep + user_name + '.cert' self.key = Keypair(filename=key_file) self.cert = Certificate(subject=self.config.SFI_USER) self.cert.set_pubkey(self.key) self.cert.set_issuer(self.key, self.config.SFI_USER) self.cert.sign() self.cert.save_to_file(cert_file) SFI_AGGREGATE = config.SFI_SM.replace('12347', '12346') SFI_CM = 'http://' + options.cm_host + ':12346' self.registry = SfaServerProxy(config.SFI_REGISTRY, key_file, cert_file) self.aggregate = SfaServerProxy(SFI_AGGREGATE, key_file, cert_file) self.sm = SfaServerProxy(config.SFI_SM, key_file, cert_file) self.cm = SfaServerProxy(SFI_CM, key_file, cert_file) self.hrn = config.SFI_USER # XX defaulting to user, but this should be configurable so we can # test from components persepctive self.type = 'user' self.credential = self.GetCredential(self.hrn)
def servicesStatus(request): Config = ConfigParser.ConfigParser() monitor_file = os.path.abspath( os.path.dirname(__file__) + '/../myslice/monitor.ini') Config.read(monitor_file) result = {} if not Config.has_option('monitor', 'cert'): return HttpResponse(json.dumps({'error': '-1'}), content_type="application/json") cert = os.path.abspath(Config.get('monitor', 'cert')) if not os.path.isfile(cert): return HttpResponse(json.dumps({'error': '-2'}), content_type="application/json") if not Config.has_option('monitor', 'pkey'): return HttpResponse(json.dumps({'error': '-3'}), content_type="application/json") pkey = os.path.abspath(Config.get('monitor', 'pkey')) if not os.path.isfile(pkey): return HttpResponse(json.dumps({'error': '-4'}), content_type="application/json") services = Config.sections() for s in services: if s == 'monitor': continue if Config.has_option(s, 'url'): result[s] = {} if Config.has_option(s, 'name'): result[s]['name'] = Config.get(s, 'name') if Config.has_option(s, 'description'): result[s]['description'] = Config.get(s, 'description') if Config.has_option(s, 'type'): result[s]['type'] = Config.get(s, 'type') server = SfaServerProxy(Config.get(s, 'url'), pkey, cert) try: version = server.GetVersion() result[s]['status'] = 'ok' if 'interface' in version: # registry result[s]['version'] = version['sfa'] else: result[s]['version'] = version['geni_api'] except Exception, e: result[s]['status'] = 'ko'
class Client: registry = None aggregate = None sm = None cm = None key = None cert = None credential = None type = None def __init__(self, options): try: self.config = config = Config(options.config_file) except: print "failed to read config_file %s" % options.config_file sys.exit(1) key_path = os.path.dirname(options.config_file) user_name = self.config.SFI_USER.split('.')[-1:][0] key_file = key_path + os.sep + user_name + '.pkey' cert_file = key_path + os.sep + user_name + '.cert' self.key = Keypair(filename=key_file) self.cert = Certificate(subject=self.config.SFI_USER) self.cert.set_pubkey(self.key) self.cert.set_issuer(self.key, self.config.SFI_USER) self.cert.sign() self.cert.save_to_file(cert_file) SFI_AGGREGATE = config.SFI_SM.replace('12347', '12346') SFI_CM = 'http://' + options.cm_host + ':12346' self.registry = SfaServerProxy(config.SFI_REGISTRY, key_file, cert_file) self.aggregate = SfaServerProxy(SFI_AGGREGATE, key_file, cert_file) self.sm = SfaServerProxy(config.SFI_SM, key_file, cert_file) self.cm = SfaServerProxy(SFI_CM, key_file, cert_file) self.hrn = config.SFI_USER # XX defaulting to user, but this should be configurable so we can # test from components persepctive self.type = 'user' self.credential = self.GetCredential(self.hrn) def GetCredential(self, hrn=None, type='user'): if not hrn: hrn = self.hrn if hrn == self.hrn: cert = self.cert.save_to_string(save_parents=True) request_hash = self.key.compute_hash([cert, 'user', hrn]) credential = self.registry.get_self_credential( cert, type, hrn, request_hash) return credential else: if not self.credential: self.credential = self.GetCredential(self.hrn, 'user') return self.registry.GetCredential(self.credential, type, hrn)
def server_proxy(url=None, port=None, keyfile=None, certfile=None, verbose=False): """ returns an xmlrpc connection to the service a the specified address """ if url: url_parts = url.split(":") if len(url_parts) > 1: pass else: url = "http://%(url)s:%(port)s" % locals() else: # connect to registry by default config = Config() addr, port = config.SFA_REGISTRY_HOST, config.SFA_REGISTRY_PORT url = "http://%(addr)s:%(port)s" % locals() if verbose: print "Contacting registry at: %(url)s" % locals() server = SfaServerProxy(url, keyfile, certfile) return server
def get_version(self): ### if we already know the answer: if self.probed: return self._version ### otherwise let's look in the cache file logger.debug("searching in version cache %s" % self.url()) cached_version = VersionCache().get(self.url()) if cached_version is not None: logger.info("Retrieved version info from cache %s" % self.url()) return cached_version ### otherwise let's do the hard work # dummy to meet Sfi's expectations for its 'options' field class DummyOptions: pass options = DummyOptions() options.verbose = self.verbose options.timeout = 10 try: client = Sfi(options) client.read_config() client.bootstrap() key_file = client.private_key cert_file = client.my_gid logger.debug("using key %s & cert %s" % (key_file, cert_file)) url = self.url() logger.info('issuing GetVersion at %s' % url) # setting timeout here seems to get the call to fail - even though the response time is fast #server=SfaServerProxy(url, key_file, cert_file, verbose=self.verbose, timeout=options.timeout) server = SfaServerProxy(url, key_file, cert_file, verbose=self.verbose) self._version = ReturnValue.get_value(server.GetVersion()) except: logger.log_exc("failed to get version") self._version = {} # so that next run from this process will find out self.probed = True # store in version cache so next processes will remember for an hour cache = VersionCache() cache.set(self.url(), self._version) cache.save() logger.debug("Saved version for url=%s in version cache" % self.url()) # that's our result return self._version
def server_proxy(self, key_file, cert_file, timeout=30): server = None if self.client_type == 'geniclientlight' and GeniClientLight: # xxx url and self.api are undefined server = GeniClientLight(url, self.api.key_file, self.api.cert_file) else: server = SfaServerProxy(self.get_url(), key_file, cert_file, timeout) return server
class Client: registry = None aggregate = None sm = None cm = None key = None cert = None credential = None type = None def __init__(self, options): try: self.config = config = Config(options.config_file) except: print "failed to read config_file %s" % options.config_file sys.exit(1) key_path = os.path.dirname(options.config_file) user_name = self.config.SFI_USER.split('.')[-1:][0] key_file = key_path + os.sep + user_name + '.pkey' cert_file = key_path + os.sep + user_name + '.cert' self.key = Keypair(filename=key_file) self.cert = Certificate(subject=self.config.SFI_USER) self.cert.set_pubkey(self.key) self.cert.set_issuer(self.key, self.config.SFI_USER) self.cert.sign() self.cert.save_to_file(cert_file) SFI_AGGREGATE = config.SFI_SM.replace('12347', '12346') SFI_CM = 'http://' + options.cm_host + ':12346' self.registry = SfaServerProxy(config.SFI_REGISTRY, key_file, cert_file) self.aggregate = SfaServerProxy(SFI_AGGREGATE, key_file, cert_file) self.sm = SfaServerProxy(config.SFI_SM, key_file, cert_file) self.cm = SfaServerProxy(SFI_CM, key_file, cert_file) self.hrn = config.SFI_USER # XX defaulting to user, but this should be configurable so we can # test from components persepctive self.type = 'user' self.credential = self.GetCredential(self.hrn) def GetCredential(self, hrn = None, type = 'user'): if not hrn: hrn = self.hrn if hrn == self.hrn: cert = self.cert.save_to_string(save_parents=True) request_hash = self.key.compute_hash([cert, 'user', hrn]) credential = self.registry.get_self_credential(cert, type, hrn, request_hash) return credential else: if not self.credential: self.credential = self.GetCredential(self.hrn, 'user') return self.registry.GetCredential(self.credential, type, hrn)
def get_registry(self): addr, port = self.config.SFA_REGISTRY_HOST, self.config.SFA_REGISTRY_PORT url = "http://%(addr)s:%(port)s" % locals() ### xxx this would require access to the api... server = SfaServerProxy(url, self.key_file, self.cert_file) return server
cert = os.path.abspath(Config.get('monitor', 'cert')) if not os.path.isfile(cert): #return HttpResponse(json.dumps({'error' : '-1'}), content_type="application/json") return {'error': '-1', 'msg': 'check cert file at %s' % cert} if not Config.has_option('monitor', 'pkey'): #return HttpResponse(json.dumps({'error' : '-2'}), content_type="application/json") return {'error': '-2'} pkey = os.path.abspath(Config.get('monitor', 'pkey')) if not os.path.isfile(pkey): #return HttpResponse(json.dumps({'error' : '-2'}), content_type="application/json") return {'error': '-2'} server = SfaServerProxy(server_url, pkey, cert, verbose=False) #, timeout=5) #server = SFAProxy(server_url, pkey, cert) #if 'geni_rspec_version' in api_options: # # GetVersion to know if the AM supports the requested version # # if not ask for the default GENI v3 # start_time = time.time() # result = server.GetVersion() # logger.debug("EXEC TIME - GetVersion() - %s sec." % (time.time() - start_time)) # if 'geni_ad_rspec_versions' in result['value']: # for v in result['value']['geni_ad_rspec_versions']: # if v['type'] == api_options['geni_rspec_version']: # api_options['geni_rspec_version'] = {'type': api_options['geni_rspec_version']} # break # else: # api_options['geni_rspec_version'] = {'type': 'GENI', 'version': '3'} #else: