Difference between revisions of "GHN Manager"
Manuele.simi (Talk | contribs) (→Interacting with the service when security is enabled) |
Manuele.simi (Talk | contribs) (→Interacting with the service when security is enabled) |
||
Line 156: | Line 156: | ||
===== Interacting with the service when security is enabled ===== | ===== Interacting with the service when security is enabled ===== | ||
− | When the service runs in a secure gHN, valid proxy credentials must be attached to the <em>GHNManagerPortType</em> instance, as in the following example: | + | When the service runs in a secure gHN, valid proxy credentials must be attached to the <em>GHNManagerPortType</em> instance before to invoke the desired operation, as in the following example: |
<source lang="java"> | <source lang="java"> |
Revision as of 17:08, 5 March 2010
Contents
Introduction
The gHNManager is a gCube Local Service providing an interface for remotely managing the gHN. In particular, the service is responsible for:
- the management and changes of the scope of the node and the locally deployed service instances according to the Scope Management rules;
- publishing in the Information System the gCube Resource representing the gHN;
- shutdown and restarting the gHN.
Design
For the architectural point of view, the gHNManager is a stateless service. As any other Local Service, at start up time it automatically joins all the scopes of the node. As soon as the gHN is joined to more scopes, the same happens to the gHNManager instance.
Interface
The service exposes a single port-type (GHNManagerPortType) providing the following operations to manipulate the gHN and the hosted Running Instances:
- addScope – takes as input a valid scope expression; the scope is assigned to the gHN
- removeScope – takes as input a valid scope expression; the scope is removed from the gHN
- addRItoScope – takes as input a valid scope expression, a service name and a service class; the scope is assigned to the local instance identified by the given name and class.
- removeRIScope – takes as input a valid scope expression, a service name and a service class; the scope is removed from the local instance identified by the given name and class.
- shutdown – takes as input a set of non-mandatory options; as basic behavior it shutdowns the gHN, then, depending on the input options:
- if RESTART = True the container is restarted
- if CLEAN = True the gHN state is cleaned
Adding a new GCUBEScope to the gHN
import org.gcube.common.vremanagement.ghnmanager.stubs.GHNManagerPortType; import org.gcube.common.vremanagement.ghnmanager.stubs.AddScopeInputParams; import org.gcube.common.vremanagement.ghnmanager.stubs.service.GHNManagerServiceAddressingLocator; ... GCUBESecurityManagerImpl managerSec = new GCUBESecurityManagerImpl() { public boolean isSecurityEnabled() {return false;} }; EndpointReferenceType endpoint = new EndpointReferenceType(); try { endpoint.setAddress(new Address("http://" + <gHNManager hostname> + ":" + <gHNManager port> +"/wsrf/services/gcube/common/vremanagement/GHNManager")); GHNManagerServiceAddressingLocator locator = new GHNManagerServiceAddressingLocator(); GHNManagerPortType pt = locator.getGHNManagerPortTypePort(endpoint); pt = GCUBERemotePortTypeContext.getProxy(pt, GCUBEScope.getScope(args[2]),managerSec); AddScopeInputParams params = new AddScopeInputParams(); params.setScope(args[3]); params.setMap(""); //eventually, set here the new Service Map pt.addScope(params); } catch (Exception e) { logger.error("Failed to add the new scope to the gHN", e); }
Removing a GCUBEScope from the gHN
import org.gcube.common.vremanagement.ghnmanager.stubs.GHNManagerPortType; import org.gcube.common.vremanagement.ghnmanager.stubs.service.GHNManagerServiceAddressingLocator; ... GCUBESecurityManagerImpl managerSec = new GCUBESecurityManagerImpl() { public boolean isSecurityEnabled() {return false;}}; EndpointReferenceType endpoint = new EndpointReferenceType(); try { endpoint.setAddress(new Address("http://" + <gHNManager hostname> + ":" + <gHNManager port> + "/wsrf/services/gcube/common/vremanagement/GHNManager")); GHNManagerServiceAddressingLocator locator = new GHNManagerServiceAddressingLocator(); GHNManagerPortType pt = GCUBERemotePortTypeContext.getProxy(locator.getGHNManagerPortTypePort(endpoint), GCUBEScope.getScope(args[2]),managerSec); pt.removeScope(args[3]); } catch (Exception e) { logger.error("Failed to remove the scope from the gHN", e); }
Adding a new GCUBEScope to a local Running Instance
Running Instance scopes are constrained by the scopes of the hosting node. Therefore, if the gHN is not joining the input GCUBEScope prior to the invocation, the following operation fails.
import org.gcube.common.vremanagement.ghnmanager.stubs.GHNManagerPortType; import org.gcube.common.vremanagement.ghnmanager.stubs.ScopeRIParams; import org.gcube.common.vremanagement.ghnmanager.stubs.service.GHNManagerServiceAddressingLocator; ... GCUBESecurityManagerImpl managerSec = new GCUBESecurityManagerImpl() { public boolean isSecurityEnabled() {return false;}}; EndpointReferenceType endpoint = new EndpointReferenceType(); try { endpoint.setAddress(new Address("http://"+ <gHNManager hostname> + ":" + <gHNManager port> +"/wsrf/services/gcube/common/vremanagement/GHNManager")); GHNManagerServiceAddressingLocator locator = new GHNManagerServiceAddressingLocator(); GHNManagerPortType pt = GCUBERemotePortTypeContext.getProxy(locator.getGHNManagerPortTypePort(endpoint), GCUBEScope.getScope(<caller scope>),managerSec); ScopeRIParams params = new ScopeRIParams(); params.setClazz(args[3]); params.setName(args[4]); params.setScope(args[5]); pt.addRIToScope(params); } catch (Exception e) { logger.error("Failed to join the Running Instance to the new scope", e); }
Removing a GCUBEScope from a local Running Instance
import org.gcube.common.vremanagement.ghnmanager.stubs.GHNManagerPortType; import org.gcube.common.vremanagement.ghnmanager.stubs.ScopeRIParams; import org.gcube.common.vremanagement.ghnmanager.stubs.service.GHNManagerServiceAddressingLocator; ... GCUBESecurityManagerImpl managerSec = new GCUBESecurityManagerImpl() { public boolean isSecurityEnabled() {return false;}}; EndpointReferenceType endpoint = new EndpointReferenceType(); try { endpoint.setAddress(new Address("http://"+ <gHNManager hostname> + ":" + <gHNManager port> +"/wsrf/services/gcube/common/vremanagement/GHNManager")); GHNManagerServiceAddressingLocator locator = new GHNManagerServiceAddressingLocator(); GHNManagerPortType pt = GCUBERemotePortTypeContext.getProxy(locator.getGHNManagerPortTypePort(endpoint), GCUBEScope.getScope(<caller scope>),managerSec); ScopeRIParams params = new ScopeRIParams(); params.setClazz(args[3]); params.setName(args[4]); params.setScope(args[5]); pt.removeRIFromScope(params); } catch (Exception e) { logger.error("Failed to remove the Running Instance from the given scope", e); }
Requesting the gHN shutdown
import org.gcube.common.vremanagement.ghnmanager.stubs.GHNManagerPortType; import org.gcube.common.vremanagement.ghnmanager.stubs.ShutdownOptions; import org.gcube.common.vremanagement.ghnmanager.stubs.service.GHNManagerServiceAddressingLocator; ... GCUBESecurityManagerImpl managerSec = new GCUBESecurityManagerImpl() { public boolean isSecurityEnabled() {return false;} }; EndpointReferenceType endpoint = new EndpointReferenceType(); try { endpoint.setAddress(new Address("http://" + <gHNManager hostname> + ":" + <gHNManager port> +"/wsrf/services/gcube/common/vremanagement/GHNManager")); GHNManagerServiceAddressingLocator locator = new GHNManagerServiceAddressingLocator(); GHNManagerPortType pt = locator.getGHNManagerPortTypePort(endpoint); pt = GCUBERemotePortTypeContext.getProxy(pt,GCUBEScope.getScope(args[2]),managerSec); ShutdownOptions options = new ShutdownOptions(); options.setRestart(false); options.setClean(false); pt.shutdown(options); } catch (Exception e) { logger.error ("FAILED to shutdown", e); }
Interacting with the service when security is enabled
When the service runs in a secure gHN, valid proxy credentials must be attached to the GHNManagerPortType instance before to invoke the desired operation, as in the following example:
import org.gcube.common.vremanagement.ghnmanager.stubs.GHNManagerPortType; import org.gcube.common.vremanagement.ghnmanager.stubs.ShutdownOptions; import org.gcube.common.vremanagement.ghnmanager.stubs.service.GHNManagerServiceAddressingLocator; import org.gcube.common.core.security.utils.ProxyUtil; import org.gcube.common.core.security.GCUBESecurityManager; ... String proxy = <proxy file path>; GCUBESecurityManagerImpl managerSec = new GCUBESecurityManagerImpl() { public boolean isSecurityEnabled() {return true;} }; EndpointReferenceType endpoint = new EndpointReferenceType(); try { endpoint.setAddress(new Address("http://" + <gHNManager hostname> + ":" + <gHNManager port> +"/wsrf/services/gcube/common/vremanagement/GHNManager")); GHNManagerServiceAddressingLocator locator = new GHNManagerServiceAddressingLocator(); GHNManagerPortType pt = locator.getGHNManagerPortTypePort(endpoint); if (isSecurityEnabled) { logger.info("Loading proxy from " + proxy); managerSec.useCredentials(ProxyUtil.loadProxyCredentials(proxy)); //setting credentials on stubs, by specifying authN mode and Delegation Mode managerSec.setSecurity(pt, GCUBESecurityManager.AuthMode.PRIVACY, GCUBESecurityManager.DelegationMode.FULL); } pt = GCUBERemotePortTypeContext.getProxy(pt,GCUBEScope.getScope(args[2]),managerSec); //invoke here the desired operation on pt, as in the previous samples } catch (Exception e) { logger.error ("Failed to ...", e); }
For further information about how to configure secure services, see here