def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key,val) in config['aggregate_manager'].items(): if hasattr(opts,key) and getattr(opts,key) is None: setattr(opts,key,val) if not hasattr(opts,key): setattr(opts,key,val) if getattr(opts,'rootcadir') is None: setattr(opts,'rootcadir',config['global']['rootcadir']) if opts.rootcadir is None: sys.exit('Missing path to trusted root certificate directory (-r argument)') certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.getsize(certfile) > 0: sys.exit("Aggregate certfile %s is empty" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) if not os.path.getsize(keyfile) > 0: sys.exit("Aggregate keyfile %s is empty" % keyfile) # Instantiate an argument guard that will reject or modify # arguments and options provided to calls argument_guard = None if hasattr(opts, 'argument_guard'): argument_guard = getInstanceFromClassname(opts.argument_guard) # Instantiate authorizer from 'authorizer' config argument # By default, use the SFA authorizer if hasattr(opts, 'authorizer'): authorizer_classname = opts.authorizer else: authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer" authorizer = getInstanceFromClassname(authorizer_classname, getAbsPath(opts.rootcadir), opts, argument_guard) # Use XMLRPC authorizer if opt.remote_authorizer is set if hasattr(opts, 'remote_authorizer'): import xmlrpclib authorizer = xmlrpclib.Server(opts.remote_authorizer) # Instantiate resource manager from 'authorizer_resource_manager' # config argument. Default = None resource_manager = None if hasattr(opts, 'authorizer_resource_manager'): resource_manager = \ getInstanceFromClassname(opts.authorizer_resource_manager) # rootcadir is dir of multiple certificates delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir)) # here rootcadir is supposed to be a single file with multiple # certs possibly concatenated together comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir(getAbsPath(opts.rootcadir)) if opts.api_version == 1: ams = geni.AggregateManagerServer((opts.host, int(opts.port)), delegate=delegate, keyfile=keyfile, certfile=certfile, ca_certs=comboCertsFile, base_name=config['global']['base_name']) elif opts.api_version == 2: ams = gcf.geni.am.am2.AggregateManagerServer((opts.host, int(opts.port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager=resource_manager) elif opts.api_version == 3: ams = gcf.geni.am.am3.AggregateManagerServer((opts.host, int(opts.port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager=resource_manager) else: msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\"" sys.exit(msg % (opts.api_version)) logging.getLogger('gcf-am').info('GENI AM Listening on port %s...' % (opts.port)) ams.serve_forever()
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key, val) in config['aggregate_manager'].items(): if hasattr(opts, key) and getattr(opts, key) is None: setattr(opts, key, val) if not hasattr(opts, key): setattr(opts, key, val) if getattr(opts, 'rootcadir') is None: setattr(opts, 'rootcadir', config['global']['rootcadir']) if opts.rootcadir is None: sys.exit( 'Missing path to trusted root certificate directory (-r argument)') certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.getsize(certfile) > 0: sys.exit("Aggregate certfile %s is empty" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) if not os.path.getsize(keyfile) > 0: sys.exit("Aggregate keyfile %s is empty" % keyfile) # Instantiate an argument guard that will reject or modify # arguments and options provided to calls argument_guard = None if hasattr(opts, 'argument_guard'): argument_guard = getInstanceFromClassname(opts.argument_guard) # Instantiate authorizer from 'authorizer' config argument # By default, use the SFA authorizer if hasattr(opts, 'authorizer'): authorizer_classname = opts.authorizer else: authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer" authorizer = getInstanceFromClassname(authorizer_classname, getAbsPath(opts.rootcadir), opts, argument_guard) # Use XMLRPC authorizer if opt.remote_authorizer is set if hasattr(opts, 'remote_authorizer'): import xmlrpclib authorizer = xmlrpclib.Server(opts.remote_authorizer) # Instantiate resource manager from 'authorizer_resource_manager' # config argument. Default = None resource_manager = None if hasattr(opts, 'authorizer_resource_manager'): resource_manager = \ getInstanceFromClassname(opts.authorizer_resource_manager) # rootcadir is dir of multiple certificates delegate = geni.ReferenceAggregateManager(getAbsPath(opts.rootcadir)) # here rootcadir is supposed to be a single file with multiple # certs possibly concatenated together comboCertsFile = geni.CredentialVerifier.getCAsFileFromDir( getAbsPath(opts.rootcadir)) if opts.api_version == 1: ams = geni.AggregateManagerServer( (opts.host, int(opts.port)), delegate=delegate, keyfile=keyfile, certfile=certfile, ca_certs=comboCertsFile, base_name=config['global']['base_name']) elif opts.api_version == 2: ams = gcf.geni.am.am2.AggregateManagerServer( (opts.host, int(opts.port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager=resource_manager) elif opts.api_version == 3: ams = gcf.geni.am.am3.AggregateManagerServer( (opts.host, int(opts.port)), keyfile=keyfile, certfile=certfile, trust_roots_dir=getAbsPath(opts.rootcadir), ca_certs=comboCertsFile, base_name=config['global']['base_name'], authorizer=authorizer, resource_manager=resource_manager) else: msg = "Unknown API version: %d. Valid choices are \"1\", \"2\", or \"3\"" sys.exit(msg % (opts.api_version)) logging.getLogger('gcf-am').info('GENI AM (v%s) Listening on port %s...' % (opts.api_version, opts.port)) ams.serve_forever()
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key,val) in config['aggregate_manager'].items(): if hasattr(opts,key) and getattr(opts,key) is None: setattr(opts,key,val) if not hasattr(opts,key): setattr(opts,key,val) if getattr(opts,'rootcadir') is None: setattr(opts,'rootcadir',config['global']['rootcadir']) if opts.rootcadir is None: sys.exit('Missing path to trusted root certificate directory (-r argument)') certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.getsize(certfile) > 0: sys.exit("Aggregate certfile %s is empty" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) if not os.path.getsize(keyfile) > 0: sys.exit("Aggregate keyfile %s is empty" % keyfile) # Instantiate an argument guard that will reject or modify # arguments and options provided to calls argument_guard = None if hasattr(opts, 'argument_guard'): argument_guard = getInstanceFromClassname(opts.argument_guard) # Instantiate authorizer from 'authorizer' config argument # By default, use the SFA authorizer if hasattr(opts, 'authorizer'): authorizer_classname = opts.authorizer else: authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer" authorizer = getInstanceFromClassname(authorizer_classname, getAbsPath(opts.rootcadir), opts, argument_guard) # Use XMLRPC authorizer if opt.remote_authorizer is set if hasattr(opts, 'remote_authorizer'): import xmlrpclib authorizer = xmlrpclib.Server(opts.remote_authorizer) # Instantiate resource manager from 'authorizer_resource_manager' # config argument. Default = None resource_manager = None if hasattr(opts, 'authorizer_resource_manager'): resource_manager = \ getInstanceFromClassname(opts.authorizer_resource_manager) delegate=None if hasattr(opts, 'delegate') and opts.delegate is not None and str(opts.delegate).strip() != "": try: delegate = getInstanceFromClassname(opts.delegate, getAbsPath(opts.rootcadir), config['global']['base_name'], "https://%s:%d/" % (opts.host, int(opts.port)), **vars(opts) ) except AttributeError, e: msg = "Could not create delegate from name '%s': probably not a valid python class name. " % opts.delegate msg += e.message logging.getLogger('gcf-am').error(msg) sys.exit(msg)
def main(argv=None): if argv is None: argv = sys.argv opts = parse_args(argv)[0] level = logging.INFO if opts.debug: level = logging.DEBUG logging.basicConfig(level=level) # Read in config file options, command line gets priority optspath = None if not opts.configfile is None: optspath = os.path.expanduser(opts.configfile) config = read_config(optspath) for (key, val) in config['aggregate_manager'].items(): if hasattr(opts, key) and getattr(opts, key) is None: setattr(opts, key, val) if not hasattr(opts, key): setattr(opts, key, val) if getattr(opts, 'rootcadir') is None: setattr(opts, 'rootcadir', config['global']['rootcadir']) if opts.rootcadir is None: sys.exit( 'Missing path to trusted root certificate directory (-r argument)') certfile = getAbsPath(opts.certfile) keyfile = getAbsPath(opts.keyfile) if not os.path.exists(certfile): sys.exit("Aggregate certfile %s doesn't exist" % certfile) if not os.path.getsize(certfile) > 0: sys.exit("Aggregate certfile %s is empty" % certfile) if not os.path.exists(keyfile): sys.exit("Aggregate keyfile %s doesn't exist" % keyfile) if not os.path.getsize(keyfile) > 0: sys.exit("Aggregate keyfile %s is empty" % keyfile) # Instantiate an argument guard that will reject or modify # arguments and options provided to calls argument_guard = None if hasattr(opts, 'argument_guard'): argument_guard = getInstanceFromClassname(opts.argument_guard) # Instantiate authorizer from 'authorizer' config argument # By default, use the SFA authorizer if hasattr(opts, 'authorizer'): authorizer_classname = opts.authorizer else: authorizer_classname = "gcf.geni.auth.sfa_authorizer.SFA_Authorizer" authorizer = getInstanceFromClassname(authorizer_classname, getAbsPath(opts.rootcadir), opts, argument_guard) # Use XMLRPC authorizer if opt.remote_authorizer is set if hasattr(opts, 'remote_authorizer'): import xmlrpclib authorizer = xmlrpclib.Server(opts.remote_authorizer) # Instantiate resource manager from 'authorizer_resource_manager' # config argument. Default = None resource_manager = None if hasattr(opts, 'authorizer_resource_manager'): resource_manager = \ getInstanceFromClassname(opts.authorizer_resource_manager) delegate = None if hasattr(opts, 'delegate') and opts.delegate is not None and str( opts.delegate).strip() != "": try: delegate = getInstanceFromClassname( opts.delegate, getAbsPath(opts.rootcadir), config['global']['base_name'], "https://%s:%d/" % (opts.host, int(opts.port)), **vars(opts)) except AttributeError, e: msg = "Could not create delegate from name '%s': probably not a valid python class name. " % opts.delegate msg += e.message logging.getLogger('gcf-am').error(msg) sys.exit(msg)