nitos_testbed_rc 1.0.0.pre.1

data/.gitignore

@@ -0,0 +1,3 @@
+*.gem
+*.rbc
+.bundle

data/README.md

@@ -0,0 +1,16 @@
+Nitos Testbed resource controllers
+=================
+
+Contains:
+
+- Frisbee resource controller which conrols frisbee and imagezip in order to
+save and load images to nodes.
+
+- CM resource controller which controls chassis managers on nodes.
+
+- User resource controller which administers users.
+
+- om6 script which orchistrates the above.
+
+These tools are under development. Unpredictable behaviour is to be expected untill
+a stable version is provided.

data/bin/cm_proxy

@@ -0,0 +1,146 @@
+#!/usr/bin/env ruby
+require 'rubygems'
+require 'omf_rc'
+require 'omf_common'
+require 'yaml'
+
+$stdout.sync = true
+
+@config = YAML.load_file('/etc/nitos_testbed_rc/cm_proxy_conf.yaml')
+# @config = YAML.load_file(File.join(File.dirname(File.expand_path(__FILE__)), '../etc/cm_proxy_conf.yaml'))
+@auth = @config[:auth]
+@xmpp = @config[:xmpp]
+
+require 'nitos_testbed_rc/cm_factory'
+
+cm_entity_cert = File.expand_path(@auth[:entity_cert])
+cm_entity_key = File.expand_path(@auth[:entity_key])
+cm_entity = OmfCommon::Auth::Certificate.create_from_pem(File.read(cm_entity_cert))#, File.read(cm_entity_key))
+
+trusted_roots = File.expand_path(@auth[:root_cert_dir])
+
+opts = {
+  communication: {
+    url:  "xmpp://#{@xmpp[:username]}:#{@xmpp[:password]}@#{@xmpp[:server]}",
+    auth: {
+      authenticate: true,
+      pdp: {
+        constructor: 'CmPDP'
+      }
+    }
+  }
+}
+
+class CmPDP
+  def initialize(opts = {})
+    debug "AUTH INIT>>> #{opts}"
+    @config = YAML.load_file('/etc/nitos_testbed_rc/cm_proxy_conf.yaml')
+    # @config = YAML.load_file(File.join(File.dirname(File.expand_path(__FILE__)), '../etc/cm_proxy_conf.yaml'))
+  end
+
+  def authorize(msg, &block)
+    debug "AUTH message received: #{msg.operation}"
+    if msg.operation.to_sym == :configure
+      wait = true
+      result = nil
+      OmfCommon.comm.subscribe(@config[:testbedTopic]) do |am_con|
+        acc = _get_account_name(msg)
+
+        if acc.nil?
+          error "AUTH error: acc nill"
+          msg.properties.state.error_msg = "Account name not found"
+          result = msg
+          wait = false
+          next
+        end
+
+        node_name = msg.properties.state.node
+        am_con.request([:nodes]) do |n_msg|
+          nodes = n_msg.read_property("nodes")[:resources]
+          node = nil
+          nodes.each do |n|
+            if n[:resource][:name].to_s == node_name.to_s
+              node = n
+              break
+            end
+          end
+
+          lease = nil
+          if node.nil?
+            error "AUTH error: Node nill"
+            msg.properties.state.error_msg = "Wrong node name."
+            result = msg
+            wait = false
+            next
+          else
+            am_con.request([:leases]) do |l_msg|
+              leases = l_msg.read_property("leases")[:resources]
+              leases.each do |l|
+                if Time.parse(l[:resource][:valid_from]) <= Time.now && Time.parse(l[:resource][:valid_until]) >= Time.now
+                  l[:resource][:components].each do |c|
+                    if c[:component][:name] == node_name.to_s && l[:resource][:account][:name] == acc
+                      lease = l
+                      break #found the correct lease
+                    end
+                  end
+                end
+              end
+
+              if lease.nil? #if lease is nil it means no matching lease is found
+                error "AUTH error: Lease nill"
+                msg.properties.state.error_msg = "Node is not leased by your account."
+                result = msg
+                wait = false
+                next
+              else
+                debug "AUTH PASSED"
+                msg.properties.state.node = node
+                result = msg
+                wait = false
+                next
+              end
+            end
+          end
+        end
+      end
+
+      #waiting for the whole process to be completed
+      while wait
+        sleep 1
+      end
+
+      return result if result
+    else
+      debug "AUTH PASSED"
+      return msg
+    end
+#     msg
+  end
+
+  private
+  def _get_account_name(msg)
+    #subject is ~ /C=US/ST=CA/O=ACME/OU=Roadrunner/CN=37a96f60-c53d-50d9-bbbf-3c552b89bdc5/emailAddress=root@nitlab.inf.uth.gr
+    subj = msg.issuer.subject.to_s
+    subj.gsub!(/.*CN=/, '')
+    subj.gsub!(/.*emailAddress=/, '')
+    subj.gsub!(/@.*/, '')
+    debug "AUTH user: #{subj}"
+    return subj
+  end
+end
+
+OmfCommon.init(@config[:operationMode], opts) do |el|#communication: { url: "xmpp://#{@xmpp[:proxy_user]}:#{@xmpp[:password]}@#{@xmpp[:server]}", auth: {} }) do
+  OmfCommon.comm.on_connected do |comm|
+    OmfCommon::Auth::CertificateStore.instance.register_default_certs(trusted_roots)
+    cm_entity.resource_id = OmfCommon.comm.local_topic.address
+    OmfCommon::Auth::CertificateStore.instance.register(cm_entity)
+
+    info "CM Factory >> Connected to XMPP server"
+    cmFact = OmfRc::ResourceFactory.create(:cm_factory, { uid: 'cm_factory', certificate: cm_entity })
+
+    comm.on_interrupted {
+      cmFact.disconnect
+    }
+  end
+end
+

data/bin/frisbee_proxy

@@ -0,0 +1,155 @@
+#!/usr/bin/env ruby
+
+require 'omf_rc'
+require 'omf_common'
+require 'yaml'
+
+$stdout.sync = true
+@config = YAML.load_file('/etc/nitos_testbed_rc/frisbee_proxy_conf.yaml')
+# @config = YAML.load_file(File.join(File.dirname(File.expand_path(__FILE__)), '.../etc/frisbee_proxy_conf.yaml'))
+@auth = @config[:auth]
+@xmpp = @config[:xmpp]
+
+require 'nitos_testbed_rc/frisbee'
+require 'nitos_testbed_rc/frisbeed'
+require 'nitos_testbed_rc/imagezip_server'
+require 'nitos_testbed_rc/imagezip_client'
+require 'nitos_testbed_rc/frisbee_factory'
+
+frisbee_entity_cert = File.expand_path(@auth[:entity_cert])
+frisbee_entity_key = File.expand_path(@auth[:entity_key])
+frisbee_entity = OmfCommon::Auth::Certificate.create_from_pem(File.read(frisbee_entity_cert))#, File.read(frisbee_entity_key))
+
+trusted_roots = File.expand_path(@auth[:root_cert_dir])
+
+opts = {
+  communication: {
+    url:  "xmpp://#{@xmpp[:username]}:#{@xmpp[:password]}@#{@xmpp[:server]}",
+    auth: {
+      authenticate: true,
+      pdp: {
+        constructor: 'FrisbeePDP'
+      }
+    }
+  }
+}
+
+class FrisbeePDP
+  def initialize(opts = {})
+    debug "AUTH INIT>>> #{opts}"
+    @config = YAML.load_file('/etc/nitos_testbed_rc/frisbee_proxy_conf.yaml')
+    # @config = YAML.load_file(File.join(File.dirname(File.expand_path(__FILE__)), '.../etc/frisbee_proxy_conf.yaml'))
+  end
+
+  def authorize(msg, &block)
+    debug "AUTH message received: #{msg.operation}"
+    if msg.operation.to_sym == :create
+      if msg.rtype.to_sym == :frisbee || msg.rtype.to_sym == :imagezip_client
+        wait = true
+        result = nil
+        OmfCommon.comm.subscribe(@config[:testbedTopic]) do |am_con|
+          acc = _get_account_name(msg)
+
+          if acc.nil?
+            error "AUTH error: acc nill"
+            msg.propertie.error_msg = "Account name not found"
+            result = msg
+            wait = false
+            next
+          end
+
+          node_name = msg.properties.node_topic
+          am_con.request([:nodes]) do |n_msg|
+            nodes = n_msg.read_property("nodes")[:resources]
+            node = nil
+            nodes.each do |n|
+              if n[:resource][:name].to_s == node_name.to_s
+                node = n
+                break
+              end
+            end
+
+            lease = nil
+            if node.nil?
+              error "AUTH error: Node nill"
+              msg.properties.error_msg = "Wrong node name."
+              result = msg
+              wait = false
+              next
+            else
+              am_con.request([:leases]) do |l_msg|
+                leases = l_msg.read_property("leases")[:resources]
+                leases.each do |l|
+                  if Time.parse(l[:resource][:valid_from]) <= Time.now && Time.parse(l[:resource][:valid_until]) >= Time.now
+                    l[:resource][:components].each do |c|
+                      if c[:component][:name] == node_name.to_s && l[:resource][:account][:name] == acc
+                        lease = l
+                        break #found the correct lease
+                      end
+                    end
+                  end
+                end
+
+                if lease.nil? #if lease is nil it means no matching lease is found
+                  error "AUTH error: Lease nill"
+                  msg.properties.error_msg = "Node is not leased by your account."
+                  result = msg
+                  wait = false
+                  next
+                else
+                  debug "AUTH PASSED"
+                  msg.properties.node = node
+                  result = msg
+                  wait = false
+                  next
+                end
+              end
+            end
+          end
+        end
+
+        #waiting for the whole process to be completed
+        while wait
+          sleep 1
+        end
+
+        return result if result
+      else
+        debug "AUTH PASSED"
+        return msg
+      end
+
+    else
+      debug "AUTH PASSED"
+      return msg
+    end
+#     msg
+  end
+
+  private
+  def _get_account_name(msg)
+    #subject is ~ /C=US/ST=CA/O=ACME/OU=Roadrunner/CN=37a96f60-c53d-50d9-bbbf-3c552b89bdc5/emailAddress=root@nitlab.inf.uth.gr
+    subj = msg.issuer.subject.to_s
+    subj.gsub!(/.*CN=/, '')
+    subj.gsub!(/.*emailAddress=/, '')
+    subj.gsub!(/@.*/, '')
+    debug "AUTH user: #{subj}"
+    return subj
+  end
+end
+
+OmfCommon.init(@config[:operationMode], opts) do |el|#communication: { url: "xmpp://#{@xmpp[:proxy_user]}:#{@xmpp[:password]}@#{@xmpp[:server]}", auth: {} }) do
+  OmfCommon.comm.on_connected do |comm|
+    OmfCommon::Auth::CertificateStore.instance.register_default_certs(trusted_roots)
+    frisbee_entity.resource_id = OmfCommon.comm.local_topic.address
+    OmfCommon::Auth::CertificateStore.instance.register(frisbee_entity)
+    info "Frisbee Factory >> Connected to XMPP server"
+
+    frisbeeFact = OmfRc::ResourceFactory.create(:frisbee_factory, { uid: 'frisbee_factory', certificate: frisbee_entity })
+
+    comm.on_interrupted {
+      frisbeeFact.disconnect
+    }
+  end
+end
+

data/bin/install_ntrc

@@ -0,0 +1,26 @@
+#!/usr/bin/env ruby
+require 'fileutils'
+
+spec = Gem::Specification.find_by_name("nitos_testbed_rc")
+gem_root = spec.gem_dir
+config_path = "/etc/nitos_testbed_rc"
+
+puts "Copying configuration files from '#{gem_root}'."
+
+unless File.directory?(config_path)
+  puts "Generating directory '#{config_path}'."
+  FileUtils.mkdir_p(config_path)
+end
+
+conf_files = []
+conf_files << "cm_proxy_conf.yaml"
+conf_files << "frisbee_proxy_conf.yaml"
+conf_files << "user_proxy_conf.yaml"
+conf_files << "omf_script_conf.yaml"
+
+conf_files.each do |file|
+  puts "Corying configuration file '#{gem_root}/etc/#{file}' to '#{config_path}'."
+  FileUtils.cp "#{gem_root}/etc/#{file}", "#{config_path}/#{file}"
+  FileUtils.chmod 0644, "#{config_path}/#{file}"
+end
+puts "done."