function update_user_keys_on_slivers($sa_url, $signer, $slice_id, $slice_urn, $members_to_add, $members_to_change, $members_to_remove) { $username = $signer->username; $ma_url = sa_to_ma_url($sa_url); $am_urls = array(); // Get list of aggregates for slice $aggs_for_slice = aggregates_in_slice($sa_url, $signer, $slice_urn); // error_log("SLIVER_INFO.RES = " . print_r($aggs_for_slice, true)); foreach ($aggs_for_slice as $agg_info) { if (!array_key_exists(SERVICE_ATTRIBUTE_TAG, $agg_info)) { continue; } $agg_attributes = $agg_info[SERVICE_ATTRIBUTE_TAG]; $am_type = $agg_attributes[SERVICE_ATTRIBUTE_AM_TYPE]; if ($am_type != SERVICE_ATTRIBUTE_INSTAGENI_AM) { continue; } // This call only works for IG/PG racks $am_url = $agg_info[SR_TABLE_FIELDNAME::SERVICE_URL]; $am_urls[] = $am_url; } // error_log("AM_URLS = " . print_r($am_urls, true)); // If there are no AM URLs (e.g. no IG/PG AMs), then nothing to do here. Bail. if (count($am_urls) < 1) { return True; } // Generate slice_users list of dictionaries: [{"urn" : urn, "keys" : [key1, key2]}, ...] $slice_users_list = array(); $slice_members = get_slice_members($sa_url, $signer, $slice_id); // error_log("MEMBERS = " . print_r($slice_members, true)); foreach ($slice_members as $member_info) { $member_id = $member_info[MA_MEMBER_TABLE_FIELDNAME::MEMBER_ID]; $member_urn = get_member_urn($ma_url, $signer, $member_id); $keys_res = lookup_public_ssh_keys($ma_url, $signer, $member_id); // error_log("MEMBER_ID = " . print_r($member_id, true)); // error_log("KEYS_RES = " . print_r($keys_res, true)); $member_public_keys = array(); foreach ($keys_res as $key_info) { $public_key = $key_info[MA_SSH_KEY_TABLE_FIELDNAME::PUBLIC_KEY]; $member_public_keys[] = $public_key; } $member_entry = array('urn' => $member_urn, 'keys' => $member_public_keys); $slice_users_list[] = $member_entry; } // For each removed member, add an empty entry to list (to remove their SSH keys) foreach ($members_to_remove as $member_to_remove) { $member_entry = array('urn' => $member_to_remove, 'keys' => array()); $slice_users_list[] = $member_entry; } $slice_users = array('geni_users' => $slice_users_list); // error_log("GENI_USERS = " . print_r($slice_users, true)); // invoke omni to call the geni_update_users POA $slice_users_json = json_encode($slice_users); $slice_users_filename = writeDataToTempFile($slice_users_json); $args = array("--optionsfile", $slice_users_filename, "poa", $slice_urn, 'geni_update_users'); $res = invoke_omni_function($am_urls, $signer, $args, array(), 0, 0, false, NULL, 3); // error_log("Update_user_keys_on_slivers.RES = " . print_r($res, true)); // Clean up JSON file and invocation directory unlink($slice_users_filename); return $res; }
function perform_list_operation() { global $REQUIRED_IMAGE_OPERATION_ARGS, $am, $user; $operation = null; $missing_args = array(); if (!array_key_exists('operation', $_GET)) { return error_response("Missing required argument: operation", RESPONSE_ERROR::ARGS); } $operation = $_GET['operation']; if (!array_key_exists($operation, $REQUIRED_IMAGE_OPERATION_ARGS)) { return error_response("Unsupported operation: " + $operation, RESPONSE_ERROR::ARGS); } $missing_args = check_required_args($operation); if (count($missing_args) > 0) { return error_response("Missing required arguments: " . join(", ", $missing_args), RESPONSE_ERROR::ARGS); } if ($am == null) { return error_response("Invalid AM provided", RESPONSE_ERROR::ARGS); } $am_url = $am[SR_ARGUMENT::SERVICE_URL]; if ($operation == 'listimages') { $response = invoke_omni_function($am_url, $user, array('listimages')); $response = $response[1][$am_url]; $output = am_response($response['code']['geni_code'], $response['value']); } else { if ($operation == 'createimage') { $response = invoke_omni_function($am_url, $user, array('createimage', $_GET['slice_name'], $_GET['image_name'], $_GET['public'], '--project', $_GET['project_name'], '-u', $_GET['sliver_id'])); $response = $response[1]; } else { if ($operation == 'deleteimage') { $urn = $_GET['image_urn']; $args = array('deleteimage', $urn); $response = invoke_omni_function($am_url, $user, $args); $response = $response[1][$am_url]; } } } $code = $response['code']['geni_code']; if ($code == 0) { $output = am_response($code, $response['value']); } else { $output = error_response($response['output'], $code); } return $output; }
function restart_sliver($am_url, $user, $slice_credential, $slice_urn, $slice_id) { if (!isset($am_url) || is_null($am_url)) { if (!(is_array($am_url) || $am_url != '')) { error_log("am_client cannot invoke Omni without an AM URL"); return "Missing AM URL"; } } if (!isset($slice_credential) || is_null($slice_credential) || $slice_credential == '') { error_log("am_client cannot act on a slice without a credential"); return "Missing slice credential"; } $member_id = $user->account_id; $msg = "User {$member_id} calling POA geni_restart at {$am_url} on {$slice_urn}"; geni_syslog(GENI_SYSLOG_PREFIX::PORTAL, $msg); // Caller logs if the restart appeared successful, so don't bother doing this // log_action("Called POA(geni_restart)", $user, $am_url, $slice_urn, NULL, $slice_id); $slice_credential_filename = writeDataToTempFile($slice_credential, $user->username . "-cred-"); $args = array("--slicecredfile", $slice_credential_filename, 'performoperationalaction', $slice_urn, 'geni_restart'); // Note that this AM no longer has resources $output = invoke_omni_function($am_url, $user, $args, array(), 0, 0, false, NULL, $api_version = "3"); unlink($slice_credential_filename); return $output; }