Changeset ef36c1e for fedd


Ignore:
Timestamp:
Aug 1, 2008 11:41:39 AM (16 years ago)
Author:
Ted Faber <faber@…>
Branches:
axis_example, compt_changes, info-ops, master, version-1.30, version-2.00, version-3.01, version-3.02
Children:
808889e
Parents:
7da9da6
Message:

split out project creation

Location:
fedd
Files:
1 added
5 edited

Legend:

Unmodified
Added
Removed
  • fedd/fedd_allocate_project.py

    r7da9da6 ref36c1e  
    2121from fedd_util import *
    2222import parse_detail
     23from service_error import *
    2324
    2425class fedd_allocate_project_local:
    25     def __init__(self, dp=False, url=None):
     26    def __init__(self, dp=False, url=None, certs=None):
    2627        """
    2728        Initializer.  Parses a configuration if one is given.
     
    5859
    5960
    60     def dynamic_project(self, req):
     61    def dynamic_project(self, req, fedid=None):
    6162        """
    6263        Create a dynamic project with ssh access
     
    7071                dir="/tmp")
    7172
    72         print userfile
    73         proj = req['project']
     73        if req.has_key('AllocateProjectRequestBody') and \
     74                req['AllocateProjectRequestBody'].has_key('project'):
     75            proj = req['AllocateProjectRequestBody']['project']
     76        else:
     77            raise service_error(service_error.req,
     78                    "Badly formed allocation request")
    7479        # Take the first user and ssh key
    7580        name = proj.get('name', None) or self.random_string("proj",4)
     
    9196            access = user.get('access', None)
    9297            if access != None:
    93                 ssh = access.get('sshPubkey', None)
     98                ssh = access[0].get('sshPubkey', None)
    9499                if ssh == None:
    95100                    raise fedd_proj.service_error(fedd_proj.service_error.req,
     
    177182        }
    178183        return rv
     184
     185
     186class fedd_allocate_project_remote:
     187    def __init__(self, dp=False, url=None, certs=None):
     188        """
     189        Initializer.  Parses a configuration if one is given.
     190        """
     191
     192        self.dynamic_projects = dp
     193        self.url = url
     194
     195        if certs != None and isinstance(certs, type(tuple())):
     196            self.cert_file, self.trusted_certs, self.cert_pwd = certs
     197            # self.cert_file = certs[0]
     198            # self.trusted_certs = certs[1]
     199            # self.cert_pwd = certs[2]
     200        else:
     201            self.cert_file = None
     202            self.trusted_certs = None
     203            self.cert_pwd = None
     204
     205    def dynamic_project(self, req, fedid=None):
     206        """
     207        Send req on to a remote project instantiator.
     208
     209        Req is just the projectAllocType object.  This function re-wraps it.
     210        It also rethrows any faults.
     211        """
     212        # No retry loop here.  Proxy servers must correctly authenticate
     213        # themselves without help
     214        try:
     215            ctx = fedd_ssl_context(self.cert_file, self.trusted_certs,
     216                    password=self.cert_pwd)
     217        except SSL.SSLError:
     218            raise service_error(service_error.server_config,
     219                    "Server certificates misconfigured")
     220
     221        loc = feddServiceLocator();
     222        port = loc.getfeddPortType(self.url,
     223                transport=M2Crypto.httpslib.HTTPSConnection,
     224                transdict={ 'ssl_context' : ctx })
     225
     226        if req.has_key('AllocateProjectRequestBody'):
     227            req = req['AllocateProjectRequestBody']
     228        else:
     229            raise service_error(service_error.req, "Bad formated request");
     230
     231        # Reconstruct the full request message
     232        msg = AllocateProjectRequestMessage()
     233        msg.set_element_AllocateProjectRequestBody(
     234                pack_soap(msg, "AllocateProjectRequestBody", req))
     235        try:
     236            resp = port.AllocateProject(msg)
     237        except ZSI.ParseException, e:
     238            raise service_error(service_error.proxy,
     239                    "Bad format message (XMLRPC??): %s" % str(e))
     240        r = unpack_soap(resp)
     241
     242        if r.has_key('AllocateProjectResponseBody'):
     243            return r['AllocateProjectResponseBody']
     244        else:
     245            raise service_error(service_error.proxy, "Bad proxy response")
     246
  • fedd/fedd_messages.wsdl

    r7da9da6 ref36c1e  
    2424
    2525  <message name="AllocateProjectResponseMessage">
    26     <part name="AllocateProjectResponseBody" type="xsd1:projectType"/>
     26    <part name="AllocateProjectResponseBody"
     27      type="xsd1:projectAllocResponseType"/>
    2728  </message>
    2829
  • fedd/fedd_proj.py

    r7da9da6 ref36c1e  
    3333    bool_attrs = ("dynamic_projects", "project_priority")
    3434    emulab_attrs = ("boss", "ops", "domain", "fileserver", "eventserver")
    35     id_attrs = ("testbed", "cert_file", "trusted_certs", "proxy",
    36             "proxy_trusted_certs", "cert_pwd")
     35    id_attrs = ("testbed", "cert_file", "cert_pwd", "trusted_certs", "proxy",
     36            "proxy_cert_file", "proxy_cert_pwd", "proxy_trusted_certs",
     37            "dynamic_projects_url", "dynamic_projects_cert_file",
     38            "dynamic_projects_cert_pwd", "dynamic_projects_trusted_certs")
    3739
    3840    # Used by the SOAP caller
     
    9294        if config != None:
    9395            self.read_config(config)
    94         self.allocate_project = \
    95             fedd_allocate_project_local(self.dynamic_projects)
     96
     97        # Certs are promoted from the generic to the specific, so without a
     98        # specific proxy certificate, the main certificates are used for proxy
     99        # interactions. If no dynamic project certificates, then proxy certs
     100        # are used, and if none of those the main certs.
     101
     102        # init proxy certs
     103        if self.proxy_cert_file == None:
     104            self.proxy_cert_file = self.cert_file
     105            self.proxy_cert_pwd = self.cert_pwd
     106
     107        if self.proxy_trusted_certs == None:
     108            self.proxy_trusted_certs = self.trusted_certs
     109
     110        # init dynamic project certs
     111        if self.dynamic_projects_cert_file == None:
     112            self.dynamic_projects_cert_file = self.proxy_cert_file
     113            self.dynamic_projects_cert_pwd = self.proxy_cert_pwd
     114
     115        if self.dynamic_projects_trusted_certs == None:
     116            self.dynamic_projects_trusted_certs = self.proxy_trusted_certs
     117
     118        proj_certs = (self.dynamic_projects_cert_file,
     119                self.dynamic_projects_trusted_certs,
     120                self.dynamic_projects_cert_pwd)
     121
     122        if self.dynamic_projects_url == None:
     123            self.allocate_project = \
     124                fedd_allocate_project_local(self.dynamic_projects,
     125                        self.dynamic_projects_url, proj_certs)
     126            fedd_proj.soap_methods['AllocateProject'] = 'soap_AllocateProject'
     127        else:
     128            self.allocate_project = \
     129                fedd_allocate_project_remote(self.dynamic_projects,
     130                        self.dynamic_projects_url, proj_certs)
    96131
    97132    def dump_state(self):
     
    138173    def proxy_xmlrpc_request(self, dt, req):
    139174        """Send an XMLRPC proxy request.  Called if the SOAP RPC fails"""
    140         tc = self.proxy_trusted_certs or self.trusted_certs
    141175
    142176        # No retry loop here.  Proxy servers must correctly authenticate
    143177        # themselves without help
    144178        try:
    145             ctx = fedd_ssl_context(self.cert_file, tc, password=self.cert_pwd)
     179            ctx = fedd_ssl_context(self.proxy_cert_file,
     180                    self.proxy_trusted_certs, password=self.proxy_cert_pwd)
    146181        except SSL.SSLError:
    147182            raise service_error(service_error.server_config,
     
    186221        also rethrows any faults.
    187222        """
    188         tc = self.proxy_trusted_certs or self.trusted_certs
    189 
    190223        # No retry loop here.  Proxy servers must correctly authenticate
    191224        # themselves without help
    192225        try:
    193             ctx = fedd_ssl_context(self.cert_file, tc, password=self.cert_pwd)
     226            ctx = fedd_ssl_context(self.proxy_cert_file,
     227                    self.proxy_trusted_certs, password=self.proxy_cert_pwd)
    194228        except SSL.SSLError:
    195229            raise service_error(service_error.server_config,
     
    401435                    # Compose the dynamic project request
    402436                    # (only dynamic, dynamic currently allowed)
    403                     preq = { 'project' : {\
     437                    preq = { 'AllocateProjectRequestBody': \
     438                                { 'project' : {\
    404439                                    'user': [ \
    405                                     { 'access': { 'sshPubkey': s } } \
     440                                    { 'access': [ { 'sshPubkey': s } ] } \
    406441                                        for s in ssh ] \
     442                                    }\
    407443                                }\
    408444                            }
    409445                    if restricted != None and len(restricted) > 0:
    410                         preq['resources'] =  [ {'node': { 'hardware' :  [ h ]\
    411                             } } for h in restricted ]
     446                        preq['AllocateProjectRequestBody']['resources'] = \
     447                            [ {'node': { 'hardware' :  [ h ] } } \
     448                                    for h in restricted ]
    412449                               
    413 
    414                     #self.dynamic_project(found, ssh)
    415450                    ap = self.allocate_project.dynamic_project(preq)
    416                     # XXX: fill in response values into the real response
    417451                else: pass    # SSH key additions
    418452            else:
     
    449483                            service_error.proxy,
    450484                            "Undefined fault from proxy??");
     485
     486
     487    def soap_AllocateProject(self, ps, fid):
     488        req = ps.Parse(AllocateProjectRequestMessage.typecode)
     489
     490        msg = self.allocate_project.dynamic_project(unpack_soap(req), fedid)
     491
     492        resp = AllocateProjectResponseMessage()
     493        resp.set_element_AllocateProjectResponseBody(
     494                pack_soap(resp, "AllocateProjectResponseBody", msg))
     495
     496        return resp
    451497
    452498    def soap_RequestAccess(self, ps, fid):
  • fedd/fedd_types.xsd

    r7da9da6 ref36c1e  
    118118    </xsd:annotation>
    119119    <xsd:sequence>
    120       <xsd:element name="name" type="tns:IDType"/>
     120      <xsd:element name="name" type="tns:IDType" minOccurs="0" maxOccurs="1"/>
    121121      <xsd:element name="user" type="tns:userType" minOccurs="0"
    122122        maxOccurs="unbounded"/>
     
    152152      <xsd:element name="resources" type="tns:resourcesType"
    153153        minOccurs="0" maxOccurs="1"/>
     154    </xsd:sequence>
     155  </xsd:complexType>
     156
     157  <xsd:complexType name="projectAllocResponseType">
     158    <xsd:annotation>
     159      <xsd:documentation>
     160        The information needed to create a dynamic project
     161      </xsd:documentation>
     162    </xsd:annotation>
     163    <xsd:sequence>
     164      <xsd:element name="project" type="tns:projectType"/>
    154165    </xsd:sequence>
    155166  </xsd:complexType>
  • fedd/fedd_util.py

    r7da9da6 ref36c1e  
    181181    """
    182182    if getattr(contents, "__iter__", None) != None:
    183         obj = getattr(container, "new_%s" % name, None)()
     183        try:
     184            obj = getattr(container, "new_%s" % name, None)()
     185        except:
     186            print "%s has no method new_%s" % (container, name)
     187            raise
    184188        for e, v in contents.iteritems():
    185189            assign = getattr(obj, "set_element_%s" % e, None) or \
Note: See TracChangeset for help on using the changeset viewer.