Пример #1
0
  def initialize( self ):
    """ Standard constructor
    """

    try:
      self.rsDB = ResourceStatusDB()
      self.rmDB = ResourceManagementDB()

      self.StorageElementToBeChecked = Queue.Queue()
      self.StorageElementInCheck     = []

      self.maxNumberOfThreads = self.am_getOption( 'maxThreadsInPool', 1 )
      self.threadPool         = ThreadPool( self.maxNumberOfThreads,
                                            self.maxNumberOfThreads )

      if not self.threadPool:
        self.log.error( 'Can not create Thread Pool' )
        return S_ERROR( 'Can not create Thread Pool' )

      self.setup                = getSetup()[ 'Value' ]
      self.VOExtension          = getExt()
      self.StorageElsWriteFreqs = CheckingFreqs[ 'StorageElsWriteFreqs' ]
      self.nc                   = NotificationClient()
      self.diracAdmin           = DiracAdmin()
      self.csAPI                = CSAPI()

      for _i in xrange( self.maxNumberOfThreads ):
        self.threadPool.generateJobAndQueueIt( self._executeCheck, args = ( None, ) )

      return S_OK()

    except Exception:
      errorStr = "StElWriteInspectorAgent initialization"
      gLogger.exception( errorStr )
      return S_ERROR( errorStr )
Пример #2
0
    def initialize(self):
        """ Standard constructor
    """

        try:
            self.rsDB = ResourceStatusDB()
            self.rmDB = ResourceManagementDB()

            self.ResourcesToBeChecked = Queue.Queue()
            self.ResourceNamesInCheck = []

            self.maxNumberOfThreads = self.am_getOption('maxThreadsInPool', 1)
            self.threadPool = ThreadPool(self.maxNumberOfThreads,
                                         self.maxNumberOfThreads)

            if not self.threadPool:
                self.log.error('Can not create Thread Pool')
                return S_ERROR('Can not create Thread Pool')

            self.setup = getSetup()['Value']

            self.VOExtension = getExt()

            configModule = __import__(
                self.VOExtension +
                "DIRAC.ResourceStatusSystem.Policy.Configurations", globals(),
                locals(), ['*'])

            self.Resources_check_freq = copy.deepcopy(
                configModule.Resources_check_freq)

            self.nc = NotificationClient()

            self.diracAdmin = DiracAdmin()

            self.csAPI = CSAPI()

            for i in xrange(self.maxNumberOfThreads):
                self.threadPool.generateJobAndQueueIt(self._executeCheck,
                                                      args=(None, ))

            return S_OK()

        except Exception:
            errorStr = "RSInspectorAgent initialization"
            gLogger.exception(errorStr)
            return S_ERROR(errorStr)
Пример #3
0
  def initialize(self):
    """ Standard constructor
    """
    
    try:
      self.rsDB = ResourceStatusDB()
      self.rmDB = ResourceManagementDB()
      
      self.ServicesToBeChecked = Queue.Queue()
      self.ServiceNamesInCheck = []
      
      self.maxNumberOfThreads = self.am_getOption( 'maxThreadsInPool', 1 )
      self.threadPool = ThreadPool( self.maxNumberOfThreads,
                                    self.maxNumberOfThreads )

      if not self.threadPool:
        self.log.error('Can not create Thread Pool')
        return S_ERROR('Can not create Thread Pool')
      
      self.setup = getSetup()['Value']

      self.VOExtension = getExt()

      configModule = __import__(self.VOExtension+"DIRAC.ResourceStatusSystem.Policy.Configurations", 
                                globals(), locals(), ['*'])
      
      self.Services_check_freq = copy.deepcopy(configModule.Services_check_freq)
      
      self.nc = NotificationClient()

      self.diracAdmin = DiracAdmin()

      self.csAPI = CSAPI()      
      
      for i in xrange(self.maxNumberOfThreads):
        self.threadPool.generateJobAndQueueIt(self._executeCheck, args = (None, ) )  
        
      return S_OK()

    except Exception:
      errorStr = "SeSInspectorAgent initialization"
      gLogger.exception(errorStr)
      return S_ERROR(errorStr)
Пример #4
0
def RealBanPolTypeActions(granularity, name, res, da, csAPI, setup):
    # implement real ban

    if res['Action']:

        if granularity == 'Site':

            banList = da.getBannedSites()
            if not banList['OK']:
                raise RSSException, where(self,
                                          self.enforce) + banList['Message']
            else:
                banList = banList['Value']

            if res['Status'] == 'Banned':

                if name not in banList:
                    banSite = da.banSiteFromMask(name, res['Reason'])
                    if not banSite['OK']:
                        raise RSSException, where(
                            self, self.enforce) + banSite['Message']
                    if 'Production' in setup:
                        address = getOperationMails('Production')['Value']
                    else:
                        address = '*****@*****.**'

                    subject = '%s is banned for %s setup' % (name, setup)
                    body = 'Site %s is removed from site mask for %s ' % (
                        name, setup)
                    body += 'setup by the DIRAC RSS on %s.\n\n' % (
                        time.asctime())
                    body += 'Comment:\n%s' % res['Reason']
                    sendMail = da.sendMail(address, subject, body)
                    if not sendMail['OK']:
                        raise RSSException, where(
                            self, self.enforce) + sendMail['Message']

            else:
                if name in banList:
                    addSite = da.addSiteInMask(name, res['Reason'])
                    if not addSite['OK']:
                        raise RSSException, where(
                            self, self.enforce) + addSite['Message']
                    if setup == 'LHCb-Production':
                        address = getOperationMails('Production')['Value']
                    else:
                        address = '*****@*****.**'

                    subject = '%s is added in site mask for %s setup' % (name,
                                                                         setup)
                    body = 'Site %s is added to the site mask for %s ' % (
                        name, setup)
                    body += 'setup by the DIRAC RSS on %s.\n\n' % (
                        time.asctime())
                    body += 'Comment:\n%s' % res['Reason']
                    sendMail = da.sendMail(address, subject, body)
                    if not sendMail['OK']:
                        raise RSSException, where(
                            self, self.enforce) + sendMail['Message']

        elif granularity == 'StorageElement':

            presentReadStatus = getStorageElementStatus(name,
                                                        'ReadAccess')['Value']

            if res['Status'] == 'Banned':

                if presentReadStatus != 'InActive':
                    banSE = csAPI.setOption(
                        "/Resources/StorageElements/%s/ReadAccess" % (name),
                        "InActive")
                    if not banSE['OK']:
                        raise RSSException, where(
                            self, self.enforce) + banSE['Message']
                    banSE = csAPI.setOption(
                        "/Resources/StorageElements/%s/WriteAccess" % (name),
                        "InActive")
                    if not banSE['OK']:
                        raise RSSException, where(
                            self, self.enforce) + banSE['Message']
                    commit = csAPI.commit()
                    if not commit['OK']:
                        raise RSSException, where(
                            self, self.enforce) + commit['Message']
                    if 'Production' in setup:
                        address = getSetup()['Value']
                    else:
                        address = '*****@*****.**'

                    subject = '%s is banned for %s setup' % (name, setup)
                    body = 'SE %s is removed from mask for %s ' % (name, setup)
                    body += 'setup by the DIRAC RSS on %s.\n\n' % (
                        time.asctime())
                    body += 'Comment:\n%s' % res['Reason']
                    sendMail = da.sendMail(address, subject, body)
                    if not sendMail['OK']:
                        raise RSSException, where(
                            self, self.enforce) + sendMail['Message']

            else:

                if presentReadStatus == 'InActive':

                    allowSE = csAPI.setOption(
                        "/Resources/StorageElements/%s/ReadAccess" % (name),
                        "Active")
                    if not allowSE['OK']:
                        raise RSSException, where(
                            self, self.enforce) + allowSE['Message']
                    allowSE = csAPI.setOption(
                        "/Resources/StorageElements/%s/WriteAccess" % (name),
                        "Active")
                    if not allowSE['OK']:
                        raise RSSException, where(
                            self, self.enforce) + allowSE['Message']
                    commit = csAPI.commit()
                    if not commit['OK']:
                        raise RSSException, where(
                            self, self.enforce) + commit['Message']
                    if setup == 'LHCb-Production':
                        address = getSetup()['Value']
                    else:
                        address = '*****@*****.**'

                    subject = '%s is allowed for %s setup' % (name, setup)
                    body = 'SE %s is added to the mask for %s ' % (name, setup)
                    body += 'setup by the DIRAC RSS on %s.\n\n' % (
                        time.asctime())
                    body += 'Comment:\n%s' % res['Reason']
                    sendMail = da.sendMail(address, subject, body)
                    if not sendMail['OK']:
                        raise RSSException, where(
                            self, self.enforce) + sendMail['Message']
Пример #5
0
  def _RealBanPolTypeActions(self, res, da, csAPI, setup):
    # implement real ban

    if res['Action']:

      if self.__granularity == 'Site':

        banList = da.getBannedSites()
        if not banList['OK']:
          raise RSSException, where(self, self.enforce) + banList['Message']
        else:
          banList = banList['Value']


        if res['Status'] == 'Banned':

          if self.__name not in banList:
            banSite = da.banSiteFromMask(self.__name, res['Reason'])
            if not banSite['OK']:
              raise RSSException, where(self, self.enforce) + banSite['Message']
            if 'Production' in setup:
              address = getOperationMails('Production')['Value']
            else:
              address = '*****@*****.**'

            subject = '%s is banned for %s setup' %(self.__name, setup)
            body = 'Site %s is removed from site mask for %s ' %(self.__name, setup)
            body += 'setup by the DIRAC RSS on %s.\n\n' %(time.asctime())
            body += 'Comment:\n%s' %res['Reason']
            sendMail = da.sendMail(address,subject,body)
            if not sendMail['OK']:
              raise RSSException, where(self, self.enforce) + sendMail['Message']

        else:
          if self.__name in banList:
            addSite = da.addSiteInMask(self.__name, res['Reason'])
            if not addSite['OK']:
              raise RSSException, where(self, self.enforce) + addSite['Message']
            if setup == 'LHCb-Production':
              address = getOperationMails('Production')['Value']
            else:
              address = '*****@*****.**'

            subject = '%s is added in site mask for %s setup' %(self.__name, setup)
            body = 'Site %s is added to the site mask for %s ' %(self.__name, setup)
            body += 'setup by the DIRAC RSS on %s.\n\n' %(time.asctime())
            body += 'Comment:\n%s' %res['Reason']
            sendMail = da.sendMail(address,subject,body)
            if not sendMail['OK']:
              raise RSSException, where(self, self.enforce) + sendMail['Message']


      elif self.__granularity == 'StorageElement':

        presentReadStatus = getStorageElementStatus( self.__name, 'ReadAccess')['Value']
#        presentWriteStatus = getStorageElementStatus( self.__name, 'WriteAccess')['Value']

        if res['Status'] == 'Banned':

          if presentReadStatus != 'InActive':
            banSE = csAPI.setOption("/Resources/StorageElements/%s/ReadAccess" %(self.__name), "InActive")
            if not banSE['OK']:
              raise RSSException, where(self, self.enforce) + banSE['Message']
            banSE = csAPI.setOption("/Resources/StorageElements/%s/WriteAccess" %(self.__name), "InActive")
            if not banSE['OK']:
              raise RSSException, where(self, self.enforce) + banSE['Message']
            commit = csAPI.commit()
            if not commit['OK']:
              raise RSSException, where(self, self.enforce) + commit['Message']
            if 'Production' in setup:
              address = getSetup()['Value']
            else:
              address = '*****@*****.**'

            subject = '%s is banned for %s setup' %(self.__name, setup)
            body = 'SE %s is removed from mask for %s ' %(self.__name, setup)
            body += 'setup by the DIRAC RSS on %s.\n\n' %(time.asctime())
            body += 'Comment:\n%s' %res['Reason']
            sendMail = da.sendMail(address,subject,body)
            if not sendMail['OK']:
              raise RSSException, where(self, self.enforce) + sendMail['Message']

        else:

          if presentReadStatus == 'InActive':

            allowSE = csAPI.setOption("/Resources/StorageElements/%s/ReadAccess" %(self.__name), "Active")
            if not allowSE['OK']:
              raise RSSException, where(self, self.enforce) + allowSE['Message']
            allowSE = csAPI.setOption("/Resources/StorageElements/%s/WriteAccess" %(self.__name), "Active")
            if not allowSE['OK']:
              raise RSSException, where(self, self.enforce) + allowSE['Message']
            commit = csAPI.commit()
            if not commit['OK']:
              raise RSSException, where(self, self.enforce) + commit['Message']
            if setup == 'LHCb-Production':
              address = getSetup()['Value']
            else:
              address = '*****@*****.**'

            subject = '%s is allowed for %s setup' %(self.__name, setup)
            body = 'SE %s is added to the mask for %s ' %(self.__name, setup)
            body += 'setup by the DIRAC RSS on %s.\n\n' %(time.asctime())
            body += 'Comment:\n%s' %res['Reason']
            sendMail = da.sendMail(address,subject,body)
            if not sendMail['OK']:
              raise RSSException, where(self, self.enforce) + sendMail['Message']
Пример #6
0
  def enforce(self, pdpIn = None, rsDBIn = None, rmDBIn = None, ncIn = None, setupIn = None,
              daIn = None, csAPIIn = None, knownInfo = None):
    """
    enforce policies, using a PDP  (Policy Decision Point), based on

     self.__granularity (optional)

     self.__name (optional)

     self.__status (optional)

     self.__formerStatus (optional)

     self.__reason (optional)

     self.__siteType (optional)

     self.__serviceType (optional)

     self.__realBan (optional)

     self.__user (optional)

     self.__futurePolicyType (optional)

     self.__futureGranularity (optional)

     :params:
       :attr:`pdpIn`: a custom PDP object (optional)

       :attr:`rsDBIn`: a custom (statuses) database object (optional)

       :attr:`rmDBIn`: a custom (management) database object (optional)

       :attr:`setupIn`: a string with the present setup (optional)

       :attr:`ncIn`: a custom notification client object (optional)

       :attr:`daIn`: a custom DiracAdmin object (optional)

       :attr:`csAPIIn`: a custom CSAPI object (optional)

       :attr:`knownInfo`: a string of known provided information (optional)
    """

    #PDP
    if pdpIn is not None:
      pdp = pdpIn
    else:
      # Use standard DIRAC PDP
      from DIRAC.ResourceStatusSystem.PolicySystem.PDP import PDP
      pdp = PDP(self.VOExtension, granularity = self.__granularity, name = self.__name,
                status = self.__status, formerStatus = self.__formerStatus, reason = self.__reason,
                siteType = self.__siteType, serviceType = self.__serviceType,
                resourceType = self.__resourceType, useNewRes = self.useNewRes)

    #DB
    if rsDBIn is not None:
      rsDB = rsDBIn
    else:
      # Use standard DIRAC DB
      from DIRAC.ResourceStatusSystem.DB.ResourceStatusDB import ResourceStatusDB
      rsDB = ResourceStatusDB()

    if rmDBIn is not None:
      rmDB = rmDBIn
    else:
      # Use standard DIRAC DB
      from DIRAC.ResourceStatusSystem.DB.ResourceManagementDB import ResourceManagementDB
      rmDB = ResourceManagementDB()

    #setup
    if setupIn is not None:
      setup = setupIn
    else:
      # get present setup
      setup = getSetup()['Value']

    #notification client
    if ncIn is not None:
      nc = ncIn
    else:
      from DIRAC.FrameworkSystem.Client.NotificationClient import NotificationClient
      nc = NotificationClient()

    #DiracAdmin
    if daIn is not None:
      da = daIn
    else:
      from DIRAC.Interfaces.API.DiracAdmin import DiracAdmin
      da = DiracAdmin()

    #CSAPI
    if csAPIIn is not None:
      csAPI = csAPIIn
    else:
      from DIRAC.ConfigurationSystem.Client.CSAPI import CSAPI
      csAPI = CSAPI()


    # policy decision
    resDecisions = pdp.takeDecision(knownInfo=knownInfo)


#    if self.__name == 'CERN-RAW':
#      print resDecisions


    for res in resDecisions['PolicyCombinedResult']:

      self.__policyType = res['PolicyType']

      #if self.__realBan == False:
      #  continue

      if 'Resource_PolType' in self.__policyType:
        # If token != RS_SVC, we do not update the token, just the LastCheckedTime

        if self.__realBan == False:
          rsDB.setLastMonitoredCheckTime(self.__granularity, self.__name)
        else:
          self._ResourcePolTypeActions(resDecisions, res, rsDB, rmDB)

      if 'Alarm_PolType' in self.__policyType:
        self._AlarmPolTypeActions(res, nc, setup, rsDB)

      if 'RealBan_PolType' in self.__policyType and self.__realBan == True:
        self._RealBanPolTypeActions(res, da, csAPI, setup)

      if 'Collective_PolType' in self.__policyType:
        # do something
        pass
Пример #7
0
def RealBanPolTypeActions(granularity, name, res, da, csAPI, setup):
    # implement real ban

    if res["Action"]:

        if granularity == "Site":

            banList = da.getBannedSites()
            if not banList["OK"]:
                raise RSSException, where(self, self.enforce) + banList["Message"]
            else:
                banList = banList["Value"]

            if res["Status"] == "Banned":

                if name not in banList:
                    banSite = da.banSiteFromMask(name, res["Reason"])
                    if not banSite["OK"]:
                        raise RSSException, where(self, self.enforce) + banSite["Message"]
                    if "Production" in setup:
                        address = getOperationMails("Production")["Value"]
                    else:
                        address = "*****@*****.**"

                    subject = "%s is banned for %s setup" % (name, setup)
                    body = "Site %s is removed from site mask for %s " % (name, setup)
                    body += "setup by the DIRAC RSS on %s.\n\n" % (time.asctime())
                    body += "Comment:\n%s" % res["Reason"]
                    sendMail = da.sendMail(address, subject, body)
                    if not sendMail["OK"]:
                        raise RSSException, where(self, self.enforce) + sendMail["Message"]

            else:
                if name in banList:
                    addSite = da.addSiteInMask(name, res["Reason"])
                    if not addSite["OK"]:
                        raise RSSException, where(self, self.enforce) + addSite["Message"]
                    if setup == "LHCb-Production":
                        address = getOperationMails("Production")["Value"]
                    else:
                        address = "*****@*****.**"

                    subject = "%s is added in site mask for %s setup" % (name, setup)
                    body = "Site %s is added to the site mask for %s " % (name, setup)
                    body += "setup by the DIRAC RSS on %s.\n\n" % (time.asctime())
                    body += "Comment:\n%s" % res["Reason"]
                    sendMail = da.sendMail(address, subject, body)
                    if not sendMail["OK"]:
                        raise RSSException, where(self, self.enforce) + sendMail["Message"]

        elif granularity == "StorageElement":

            presentReadStatus = getStorageElementStatus(name, "ReadAccess")["Value"]

            if res["Status"] == "Banned":

                if presentReadStatus != "InActive":
                    banSE = csAPI.setOption("/Resources/StorageElements/%s/ReadAccess" % (name), "InActive")
                    if not banSE["OK"]:
                        raise RSSException, where(self, self.enforce) + banSE["Message"]
                    banSE = csAPI.setOption("/Resources/StorageElements/%s/WriteAccess" % (name), "InActive")
                    if not banSE["OK"]:
                        raise RSSException, where(self, self.enforce) + banSE["Message"]
                    commit = csAPI.commit()
                    if not commit["OK"]:
                        raise RSSException, where(self, self.enforce) + commit["Message"]
                    if "Production" in setup:
                        address = getSetup()["Value"]
                    else:
                        address = "*****@*****.**"

                    subject = "%s is banned for %s setup" % (name, setup)
                    body = "SE %s is removed from mask for %s " % (name, setup)
                    body += "setup by the DIRAC RSS on %s.\n\n" % (time.asctime())
                    body += "Comment:\n%s" % res["Reason"]
                    sendMail = da.sendMail(address, subject, body)
                    if not sendMail["OK"]:
                        raise RSSException, where(self, self.enforce) + sendMail["Message"]

            else:

                if presentReadStatus == "InActive":

                    allowSE = csAPI.setOption("/Resources/StorageElements/%s/ReadAccess" % (name), "Active")
                    if not allowSE["OK"]:
                        raise RSSException, where(self, self.enforce) + allowSE["Message"]
                    allowSE = csAPI.setOption("/Resources/StorageElements/%s/WriteAccess" % (name), "Active")
                    if not allowSE["OK"]:
                        raise RSSException, where(self, self.enforce) + allowSE["Message"]
                    commit = csAPI.commit()
                    if not commit["OK"]:
                        raise RSSException, where(self, self.enforce) + commit["Message"]
                    if setup == "LHCb-Production":
                        address = getSetup()["Value"]
                    else:
                        address = "*****@*****.**"

                    subject = "%s is allowed for %s setup" % (name, setup)
                    body = "SE %s is added to the mask for %s " % (name, setup)
                    body += "setup by the DIRAC RSS on %s.\n\n" % (time.asctime())
                    body += "Comment:\n%s" % res["Reason"]
                    sendMail = da.sendMail(address, subject, body)
                    if not sendMail["OK"]:
                        raise RSSException, where(self, self.enforce) + sendMail["Message"]