def __init__(self):
"""
.. attention:: username/passwd from right place
"""
self._CONTRAIL_XSD = "http://www.contrailsystems.com/vnc_cfg.xsd"
self._NAMESPACES = {
'a': 'http://www.w3.org/2003/05/soap-envelope',
'b': 'http://www.trustedcomputinggroup.org/2010/IFMAP/2',
'c': self._CONTRAIL_XSD
}
namespaces = {
'env': "http://www.w3.org/2003/05/soap-envelope",
'ifmap': "http://www.trustedcomputinggroup.org/2010/IFMAP/2",
'meta': "http://www.trustedcomputinggroup.org/"
"2010/IFMAP-METADATA/2",
'contrail': self._CONTRAIL_XSD
}
self.parse_args()
if self._args.verbose:
logger.setLevel('DEBUG')
mapclient = client(("%s" % (self._args.ip),
"%s" % (self._args.port)),
self._args.username,
self._args.password, namespaces)
result = mapclient.call('newSession', NewSessionRequest())
mapclient.set_session_id(newSessionResult(result).get_session_id())
mapclient.set_publisher_id(newSessionResult(result).get_publisher_id())
self._mapclient = mapclient
self.soap_doc = None
def __init__(self):
"""
.. attention:: username/passwd from right place
"""
self._CONTRAIL_XSD = "http://www.contrailsystems.com/vnc_cfg.xsd"
self._NAMESPACES = {
'a': 'http://www.w3.org/2003/05/soap-envelope',
'b': 'http://www.trustedcomputinggroup.org/2010/IFMAP/2',
'c': self._CONTRAIL_XSD
}
namespaces = {
'env': "http://www.w3.org/2003/05/soap-envelope",
'ifmap': "http://www.trustedcomputinggroup.org/2010/IFMAP/2",
'meta': "http://www.trustedcomputinggroup.org/"
"2010/IFMAP-METADATA/2",
'contrail': self._CONTRAIL_XSD
}
self.parse_args()
if self._args.verbose:
logger.setLevel('DEBUG')
mapclient = client(("%s" % (self._args.ip), "%s" % (self._args.port)),
self._args.username, self._args.password,
namespaces)
result = mapclient.call('newSession', NewSessionRequest())
mapclient.set_session_id(newSessionResult(result).get_session_id())
mapclient.set_publisher_id(newSessionResult(result).get_publisher_id())
self._mapclient = mapclient
self.soap_doc = None
def __init__(self, db_client_mgr, ifmap_srv_ip, ifmap_srv_port, uname, passwd, ssl_options, ifmap_srv_loc = None):
super(VncIfmapClient, self).__init__()
# TODO username/passwd from right place
self._CONTRAIL_XSD = "http://www.contrailsystems.com/vnc_cfg.xsd"
self._IPERMS_NAME = "id-perms"
self._IPERMS_FQ_NAME = "contrail:" + self._IPERMS_NAME
self._SUBNETS_NAME = "contrail:subnets"
self._IPAMS_NAME = "contrail:ipams"
self._SG_RULE_NAME = "contrail:sg_rules"
self._POLICY_ENTRY_NAME = "contrail:policy_entry"
self._NAMESPACES = {
'a': 'http://www.w3.org/2003/05/soap-envelope',
'b': 'http://www.trustedcomputinggroup.org/2010/IFMAP/2',
'c': self._CONTRAIL_XSD
}
namespaces = {
'env' : "http://www.w3.org/2003/05/soap-envelope",
'ifmap' : "http://www.trustedcomputinggroup.org/2010/IFMAP/2",
'meta' : "http://www.trustedcomputinggroup.org/2010/IFMAP-METADATA/2",
'contrail' : self._CONTRAIL_XSD
}
self._db_client_mgr = db_client_mgr
# launch mapserver
if ifmap_srv_loc:
self._launch_mapserver(ifmap_srv_ip, ifmap_srv_port, ifmap_srv_loc)
mapclient = client(("%s" %(ifmap_srv_ip), "%s" %(ifmap_srv_port)),
uname, passwd, namespaces, ssl_options)
self._mapclient = mapclient
connected = False
while not connected:
try:
result = mapclient.call('newSession', NewSessionRequest())
connected = True
except socket.error as e:
time.sleep(3)
mapclient.set_session_id(newSessionResult(result).get_session_id())
mapclient.set_publisher_id(newSessionResult(result).get_publisher_id())
# Initialize ifmap-id handler (alloc|convert|parse etc.)
self._imid_handler = Imid()
imid = self._imid_handler
# Publish init config (TODO this should come from api-server init)
# config-root
buf = cStringIO.StringIO()
perms = Provision.defaults.perms['config-root']
perms.exportChildren(buf, level = 1, pretty_print = False)
id_perms_xml = buf.getvalue()
buf.close()
meta = str(Metadata(self._IPERMS_NAME, '',
{'ifmap-cardinality':'singleValue'}, ns_prefix = 'contrail',
elements = id_perms_xml))
self._publish_id_self_meta("contrail:config-root:root", meta)
def __init__(self, db_client_mgr, ifmap_srv_ip, ifmap_srv_port,
uname, passwd, ssl_options, ifmap_srv_loc=None):
super(VncIfmapClient, self).__init__()
# TODO username/passwd from right place
self._CONTRAIL_XSD = "http://www.contrailsystems.com/vnc_cfg.xsd"
self._IPERMS_NAME = "id-perms"
self._IPERMS_FQ_NAME = "contrail:" + self._IPERMS_NAME
self._SUBNETS_NAME = "contrail:subnets"
self._IPAMS_NAME = "contrail:ipams"
self._SG_RULE_NAME = "contrail:sg_rules"
self._POLICY_ENTRY_NAME = "contrail:policy_entry"
self._NAMESPACES = {
'env': "http://www.w3.org/2003/05/soap-envelope",
'ifmap': "http://www.trustedcomputinggroup.org/2010/IFMAP/2",
'meta':
"http://www.trustedcomputinggroup.org/2010/IFMAP-METADATA/2",
'contrail': self._CONTRAIL_XSD
}
self._db_client_mgr = db_client_mgr
# launch mapserver
if ifmap_srv_loc:
self._launch_mapserver(ifmap_srv_ip, ifmap_srv_port, ifmap_srv_loc)
mapclient = client(("%s" % (ifmap_srv_ip), "%s" % (ifmap_srv_port)),
uname, passwd, self._NAMESPACES, ssl_options)
self._mapclient = mapclient
connected = False
while not connected:
try:
result = mapclient.call('newSession', NewSessionRequest())
connected = True
except socket.error as e:
time.sleep(3)
mapclient.set_session_id(newSessionResult(result).get_session_id())
mapclient.set_publisher_id(newSessionResult(result).get_publisher_id())
# Initialize ifmap-id handler (alloc|convert|parse etc.)
self._imid_handler = Imid()
imid = self._imid_handler
# Publish init config (TODO this should come from api-server init)
# config-root
buf = cStringIO.StringIO()
perms = Provision.defaults.perms['config-root']
perms.exportChildren(buf, level=1, pretty_print=False)
id_perms_xml = buf.getvalue()
buf.close()
meta = str(Metadata(self._IPERMS_NAME, '',
{'ifmap-cardinality': 'singleValue'},
ns_prefix='contrail', elements=id_perms_xml))
self._publish_id_self_meta("contrail:config-root:root", meta)
def _init_conn(self):
self._mapclient = client(
("%s" % (self._ifmap_srv_ip), "%s" % (self._ifmap_srv_port)),
self._username, self._password, self._NAMESPACES,
self._ssl_options)
connected = False
while not connected:
try:
resp_xml = self._mapclient.call('newSession',
NewSessionRequest())
except socket.error as e:
msg = 'Failed to establish IF-MAP connection: %s' % str(e)
self.config_log(msg, level=SandeshLevel.SYS_WARN)
time.sleep(3)
continue
resp_doc = etree.parse(StringIO.StringIO(resp_xml))
err_codes = resp_doc.xpath(
'/env:Envelope/env:Body/ifmap:response/errorResult/@errorCode',
namespaces=self._NAMESPACES)
if not err_codes:
connected = True
else:
msg = "Failed to establish IF-MAP connection: %s" % err_codes
self.config_log(msg, level=SandeshLevel.SYS_WARN)
session_id = self._mapclient.get_session_id()
try:
self._mapclient.call('endSession',
EndSessionRequest(session_id))
except socket.error as e:
msg = "Failed to end the IF-MAP session %s: %s" %\
(session_id, str(e))
self.config_log(msg, level=SandeshLevel.SYS_WARN)
time.sleep(3)
ConnectionState.update(conn_type=ConnectionType.IFMAP,
name='IfMap',
status=ConnectionStatus.UP,
message='',
server_addrs=[
"%s:%s" %
(self._ifmap_srv_ip, self._ifmap_srv_port)
])
self._conn_state = ConnectionStatus.UP
msg = 'IFMAP connection ESTABLISHED'
self.config_log(msg, level=SandeshLevel.SYS_NOTICE)
self._mapclient.set_session_id(
newSessionResult(resp_xml).get_session_id())
self._mapclient.set_publisher_id(
newSessionResult(resp_xml).get_publisher_id())
def _init_conn(self):
self._mapclient = client(("%s" % (self._ifmap_srv_ip),
"%s" % (self._ifmap_srv_port)),
self._username, self._password,
self._NAMESPACES, self._ssl_options)
connected = False
while not connected:
try:
resp_xml = self._mapclient.call('newSession', NewSessionRequest())
except socket.error as e:
msg = 'Failed to establish IF-MAP connection: %s' % str(e)
self.config_log(msg, level=SandeshLevel.SYS_WARN)
time.sleep(3)
continue
resp_doc = etree.parse(StringIO.StringIO(resp_xml))
err_codes = resp_doc.xpath(
'/env:Envelope/env:Body/ifmap:response/errorResult/@errorCode',
namespaces=self._NAMESPACES)
if not err_codes:
connected = True
else:
msg = "Failed to establish IF-MAP connection: %s" % err_codes
self.config_log(msg, level=SandeshLevel.SYS_WARN)
session_id = self._mapclient.get_session_id()
try:
self._mapclient.call('endSession',
EndSessionRequest(session_id))
except socket.error as e:
msg = "Failed to end the IF-MAP session %s: %s" %\
(session_id, str(e))
self.config_log(msg, level=SandeshLevel.SYS_WARN)
time.sleep(3)
ConnectionState.update(conn_type = ConnectionType.IFMAP,
name = 'IfMap', status = ConnectionStatus.UP, message = '',
server_addrs = ["%s:%s" % (self._ifmap_srv_ip,
self._ifmap_srv_port)])
self._conn_state = ConnectionStatus.UP
msg = 'IFMAP connection ESTABLISHED'
self.config_log(msg, level=SandeshLevel.SYS_NOTICE)
self._mapclient.set_session_id(
newSessionResult(resp_xml).get_session_id())
self._mapclient.set_publisher_id(
newSessionResult(resp_xml).get_publisher_id())
def ifmap_server_connect(args):
_CLIENT_NAMESPACES = {
'env': _SOAP_XSD,
'ifmap': _IFMAP_XSD,
'meta': _IFMAP_META_XSD,
_CT_NS: _CONTRAIL_XSD
}
ssl_options = None
if args.use_certs:
ssl_options = {
'keyfile': args.keyfile,
'certfile': args.certfile,
'ca_certs': args.ca_certs,
'cert_reqs': ssl.CERT_REQUIRED,
'ciphers': 'ALL'
}
return client(("%s" % (args.ifmap_server_ip),
"%s" % (args.ifmap_server_port)),
args.ifmap_username, args.ifmap_password,
_CLIENT_NAMESPACES, ssl_options)
def ifmap_server_connect(args):
_CLIENT_NAMESPACES = {
'env': _SOAP_XSD,
'ifmap': _IFMAP_XSD,
'meta': _IFMAP_META_XSD,
_CT_NS: _CONTRAIL_XSD
}
ssl_options = None
if args.use_certs:
ssl_options = {
'keyfile': args.keyfile,
'certfile': args.certfile,
'ca_certs': args.ca_certs,
'cert_reqs': ssl.CERT_REQUIRED,
'ciphers': 'ALL'
}
return client(
("%s" % (args.ifmap_server_ip), "%s" % (args.ifmap_server_port)),
args.ifmap_username, args.ifmap_password, _CLIENT_NAMESPACES,
ssl_options)
def start_ifmap(cport1):
'''
Client uses this function to start an instance of IFMAP
Arguments:
cport : An unused TCP port for zookeeper to use as the client port
'''
ifmap_download = 'curl -o ' +\
ifmap_url + ' -s -m 120 http://trust.f4.hs-hannover.de/download/iron/archive/irond-'+\
ifmap_version+'-bin.zip'
if not os.path.exists(ifmap_url):
process = subprocess.Popen(ifmap_download.split(' '))
process.wait()
if process.returncode is not 0:
return
cs = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
cs.bind(("", 0))
cport2 = cs.getsockname()[1]
cs.close()
basefile = "irond-" + ifmap_version + '-bin'
zipfile = ifmap_url
cassbase = "/tmp/irond." + str(cport1) + "/"
confdir = cassbase + basefile + "/"
output, _ = call_command_("mkdir " + cassbase)
logging.info('Installing irond in ' + cassbase)
os.system("unzip " + zipfile + " -d " + cassbase)
logging.info('irond Client Ports %d , %d' % (cport1, cport2))
conftemplate = os.path.dirname(
os.path.abspath(__file__)) + "/ifmap.properties"
output, _ = call_command_("cp " + conftemplate + " " + confdir)
conftemplate = os.path.dirname(
os.path.abspath(__file__)) + "/basicauthusers.properties"
output, _ = call_command_("cp " + conftemplate + " " + confdir)
conftemplate = os.path.dirname(
os.path.abspath(__file__)) + "/publisher.properties"
output, _ = call_command_("cp " + conftemplate + " " + confdir)
replace_string_(confdir + "log4j.properties", [("TRACE", "DEBUG")])
replace_string_(confdir + "ifmap.properties", \
[("irond.comm.basicauth.port=8443","irond.comm.basicauth.port="+str(cport1)),
("irond.comm.certauth.port=8444","irond.comm.certauth.port="+str(cport2)),
("irond.auth.basic.users.file=/etc/irond/basicauthusers.properties","irond.auth.basic.users.file=%sbasicauthusers.properties" % confdir),
("irond.auth.cert.keystore.file=/usr/share/irond/keystore/irond.jks","irond.auth.cert.keystore.file=%skeystore/irond.jks" % confdir),
("irond.ifmap.publishers.file=/etc/irond/publisher.properties","irond.ifmap.publishers.file=%spublisher.properties" % confdir),
("irond.ifmap.authorization.file=/etc/irond/authorization.properties","irond.ifmap.authorization.file=%sauthorization.properties" % confdir),
("irond.auth.cert.truststore.file=/usr/share/irond/keystore/irond.jks","irond.auth.cert.truststore.file=%skeystore/irond.jks")])
replace_string_(confdir + "start.sh", \
[("java -jar irond.jar","java -jar %sirond.jar" % confdir)])
output, _ = call_command_("chmod +x %sstart.sh" % confdir)
commd = confdir + "start.sh"
jcommd = "java -jar %sirond.jar" % confdir
#import pdb; pdb.set_trace()
#subprocess.Popen(jcommd.split(' '), cwd=confdir,
# stdout=subprocess.PIPE,
# stderr=subprocess.PIPE)
subprocess.Popen(jcommd.split(' '), cwd=confdir)
ns = {
'env': "http://www.w3.org/2003/05/soap-envelope",
'ifmap': "http://www.trustedcomputinggroup.org/2010/IFMAP/2",
'meta': "http://www.trustedcomputinggroup.org/2010/IFMAP-METADATA/2"
}
ifmap_srv_ip = "127.0.0.1"
ifmap_srv_port = cport1
uname = "test"
passwd = "test"
mapclient = client(("%s" % (ifmap_srv_ip), "%s" % (ifmap_srv_port)), uname,
passwd, ns, None)
connected = False
result = None
while not connected:
try:
result = mapclient.call('newSession', NewSessionRequest())
except:
pass
finally:
if result != None:
connected = True
else:
logging.info('Irond not started...')
time.sleep(2)
logging.info('Started Irond')
def start_ifmap(cport1):
'''
Client uses this function to start an instance of IFMAP
Arguments:
cport : An unused TCP port for zookeeper to use as the client port
'''
ifmap_download = 'curl -o ' +\
ifmap_url + ' -s -m 120 http://trust.f4.hs-hannover.de/download/iron/archive/irond-'+\
ifmap_version+'-bin.zip'
if not os.path.exists(ifmap_url):
process = subprocess.Popen(ifmap_download.split(' '))
process.wait()
if process.returncode is not 0:
return
cs = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
cs.bind(("",0))
cport2 = cs.getsockname()[1]
cs.close()
basefile = "irond-"+ifmap_version+'-bin'
zipfile = ifmap_url
cassbase = "/tmp/irond." + str(cport1) + "/"
confdir = cassbase + basefile + "/"
output,_ = call_command_("mkdir " + cassbase)
logging.info('Installing irond in ' + cassbase)
os.system("unzip " + zipfile + " -d " + cassbase)
logging.info('irond Client Ports %d , %d' % (cport1,cport2))
conftemplate = os.path.dirname(os.path.abspath(__file__)) + "/ifmap.properties"
output, _ = call_command_("cp " + conftemplate + " " + confdir)
conftemplate = os.path.dirname(os.path.abspath(__file__)) + "/basicauthusers.properties"
output, _ = call_command_("cp " + conftemplate + " " + confdir)
conftemplate = os.path.dirname(os.path.abspath(__file__)) + "/publisher.properties"
output, _ = call_command_("cp " + conftemplate + " " + confdir)
replace_string_(confdir + "log4j.properties",
[("TRACE","DEBUG")])
replace_string_(confdir + "ifmap.properties", \
[("irond.comm.basicauth.port=8443","irond.comm.basicauth.port="+str(cport1)),
("irond.comm.certauth.port=8444","irond.comm.certauth.port="+str(cport2)),
("irond.auth.basic.users.file=/etc/irond/basicauthusers.properties","irond.auth.basic.users.file=%sbasicauthusers.properties" % confdir),
("irond.auth.cert.keystore.file=/usr/share/irond/keystore/irond.jks","irond.auth.cert.keystore.file=%skeystore/irond.jks" % confdir),
("irond.ifmap.publishers.file=/etc/irond/publisher.properties","irond.ifmap.publishers.file=%spublisher.properties" % confdir),
("irond.ifmap.authorization.file=/etc/irond/authorization.properties","irond.ifmap.authorization.file=%sauthorization.properties" % confdir),
("irond.auth.cert.truststore.file=/usr/share/irond/keystore/irond.jks","irond.auth.cert.truststore.file=%skeystore/irond.jks")])
replace_string_(confdir + "start.sh", \
[("java -jar irond.jar","java -jar %sirond.jar" % confdir)])
output, _ = call_command_("chmod +x %sstart.sh" % confdir)
commd = confdir + "start.sh"
jcommd = "java -jar %sirond.jar" % confdir
#import pdb; pdb.set_trace()
#subprocess.Popen(jcommd.split(' '), cwd=confdir,
# stdout=subprocess.PIPE,
# stderr=subprocess.PIPE)
subprocess.Popen(jcommd.split(' '), cwd=confdir)
ns = {
'env': "http://www.w3.org/2003/05/soap-envelope",
'ifmap': "http://www.trustedcomputinggroup.org/2010/IFMAP/2",
'meta': "http://www.trustedcomputinggroup.org/2010/IFMAP-METADATA/2"}
ifmap_srv_ip = "127.0.0.1"
ifmap_srv_port = cport1
uname = "test"
passwd = "test"
mapclient = client(("%s" % (ifmap_srv_ip), "%s" % (ifmap_srv_port)),
uname, passwd, ns, None)
connected = False
result = None
while not connected:
try:
result = mapclient.call('newSession', NewSessionRequest())
except:
pass
finally:
if result != None:
connected = True
else:
logging.info('Irond not started...')
time.sleep(2)
logging.info('Started Irond')