- Timestamp:
- Mar 7, 2010 8:01:52 AM (15 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master, version-3.01, version-3.02
- Children:
- 062b991
- Parents:
- d101c8c
- Location:
- fedd/federation
- Files:
-
- 2 edited
-
protogeni_access.py (modified) (5 diffs)
-
proxy_protogeni_segment.py (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
fedd/federation/protogeni_access.py
rd101c8c rdd3e38b 4 4 import stat # for chmod constants 5 5 import re 6 import time 6 7 import string 7 8 import copy … … 76 77 self.staging_host = config.get("access", "staging_host") \ 77 78 or "ops.emulab.net" 79 80 self.renewal_interval = config.get("access", "renewal") or (3 * 60 * 60) 81 self.renewal_interval = int(self.renewal_interval) 78 82 79 83 self.ch_url = config.get("access", "ch_url") … … 131 135 self.start_segment = proxy_protogeni_segment.start_segment 132 136 self.stop_segment = proxy_protogeni_segment.stop_segment 137 self.renew_segment = proxy_protogeni_segment.renew_segment 133 138 134 139 self.call_SetValue = service_caller('SetValue') 135 140 self.call_GetValue = service_caller('GetValue') 141 142 self.RenewSlices() 136 143 137 144 self.soap_services = {\ … … 212 219 213 220 # Access line (t, p, u) -> (a, pw) line 214 # XXX: you are here215 221 m = access_re.match(line) 216 222 if m != None: … … 1114 1120 stopper(self, user, staging, slice_cred, cf, cpw) 1115 1121 return { 'allocID': req['allocID'] } 1122 1123 def RenewSlices(self): 1124 self.log.info("Scanning for slices to renew") 1125 self.state_lock.acquire() 1126 aids = self.allocation.keys() 1127 self.state_lock.release() 1128 1129 for aid in aids: 1130 self.state_lock.acquire() 1131 if self.allocation.has_key(aid): 1132 name = self.allocation[aid].get('slice_name', None) 1133 scred = self.allocation[aid].get('slice_credential', None) 1134 cf, user, ssh_key, cpw = self.allocation[aid]['credentials'] 1135 else: 1136 name = None 1137 scred = None 1138 self.state_lock.release() 1139 1140 # There's a ProtoGENI slice associated with the segment; renew it. 1141 if name and scred: 1142 renewer = self.renew_segment(log=self.log, 1143 debug=self.create_debug, keyfile=ssh_key, 1144 cm_url = self.cm_url, sa_url = self.sa_url, 1145 ch_url = self.ch_url) 1146 new_scred = renewer(name, scred, self.renewal_interval, cf, cpw) 1147 if new_scred: 1148 self.log.info("Slice %s renewed until %s GMT" % \ 1149 (name, time.asctime(time.gmtime(\ 1150 time.time()+self.renewal_interval)))) 1151 self.state_lock.acquire() 1152 if self.allocation.has_key(aid): 1153 self.allocation[aid]['slice_credential'] = new_scred 1154 self.state_lock.release() 1155 else: 1156 self.log.info("Failed to renew slice %s " % name) 1157 1158 # Let's do this all again soon. (4 tries before the slices time out) 1159 t = Timer(self.renewal_interval/4, self.RenewSlices) 1160 t.start() -
fedd/federation/proxy_protogeni_segment.py
rd101c8c rdd3e38b 91 91 # name) has an entry with the allocated machine in hostname and the 92 92 # interfaces in 'interfaces'. I love having XML parser code lying around. 93 def manifest_to_dict(self, manifest ):94 if self.debug :93 def manifest_to_dict(self, manifest, ignore_debug=False): 94 if self.debug and not ignore_debug: 95 95 self.log.debug("Returning null manifest dict") 96 96 return { } … … 388 388 print >>script, "sudo perl -I%s/lib %s/bin/import_key.pl /users/%s/.ssh/authorized_keys /root/.ssh/authorized_keys" % (fed_dir, fed_dir, user) 389 389 # XXX: debug 390 # start routing on nodes 391 print >>script, "sudo perl %s/bin/protogeni_routing.pl" % \ 392 fed_dir 390 393 if e.get_attribute('startup'): 391 394 print >>script, "%s \\$USER '%s'" % \ … … 541 544 542 545 # With manifest in hand, we can export the portal node names. 543 nodes = self.manifest_to_dict(manifest) 544 print nodes 546 nodes = self.manifest_to_dict(manifest, ignore_debug=True) 545 547 self.export_store_info(export_certfile, nodes, parent.ssh_port, 546 548 connInfo) … … 589 591 else: 590 592 parent.state_lock.acquire() 593 parent.allocation[aid]['slice_name'] = slicename 591 594 parent.allocation[aid]['slice_credential'] = slice_cred 592 595 parent.allocation[aid]['sliver_credential'] = sliver_cred … … 644 647 return rv 645 648 649 class renew_segment(segment_base): 650 def __init__(self, log=None, debug=False, keyfile=None, 651 ch_url=None, sa_url=None, cm_url=None): 652 segment_base.__init__(self, log=log, keyfile=keyfile, debug=debug, 653 ch_url=cm_url, sa_url=sa_url, cm_url=cm_url) 654 655 def __call__(self, name, scred, interval, certfile, certpw): 656 ctxt = fedd_ssl_context(my_cert=certfile, password=certpw) 657 try: 658 expiration = time.strftime("%Y%m%dT%H:%M:%S", 659 time.gmtime(time.time() + interval)) 660 cred = self.pg_call(self.sa_url, 'GetCredential', {}, ctxt) 661 662 param = { 663 'credential': scred, 664 'expiration': expiration 665 } 666 r = self.pg_call(self.sa_url, 'RenewSlice', param, ctxt) 667 param = { 668 'credential': cred, 669 'hrn': name, 670 'type': 'Slice', 671 } 672 slice = self.pg_call(self.sa_url, 'Resolve', param, ctxt) 673 uuid = slice.get('uuid', None) 674 if uuid == None: 675 sys.exit('No uuid for %s' % slicename) 676 677 print 'Calling GetCredential (uuid)' 678 param = { 679 'credential': cred, 680 'uuid': uuid, 681 'type': 'Slice', 682 } 683 new_scred = self.pg_call(self.sa_url, 'GetCredential', param, ctxt) 684 f = open('./new_slice_cred', 'w') 685 print >>f, new_scred 686 f.close() 687 688 except self.ProtoGENIError, e: 689 self.log.error("Failed to extend slice %s: %s" % (name, e)) 690 return None 691 try: 692 print 'Calling RenewSlice (CM)' 693 param = { 694 'credential': new_scred, 695 } 696 r = self.pg_call(self.cm_url, 'RenewSlice', param, ctxt) 697 except self.ProtoGENIError, e: 698 self.log.warn("Failed to renew sliver for %s: %s" % (name, e)) 699 700 return new_scred 701
Note: See TracChangeset
for help on using the changeset viewer.
