| 75 | | ----- |
| 76 | | |
| 77 | | = Change Set C: !UpdateSlivers = |
| 78 | | Add an ability for experimenters to modify their allocated resources at an aggregate without deleting (and possibly losing) existing resource allocations. |
| 79 | | |
| 80 | | This change was briefly discussed at GEC13, and is a topic for ongoing discussion. |
| 81 | | |
| 82 | | == Motivation == |
| 83 | | A common complaint among experimenters about the current AM API is that there is no way to add or remove resources from a slice at an aggregate, without completely deleting the slice at that aggregate and recreating it, possibly losing resources to another experimenter and certainly losing state. This proposal aims to address that, by introducing a method to update the slice at an aggregate. |
| 84 | | |
| 85 | | The [http://svn.planet-lab.org/attachment/wiki/WikiStart/sfa.pdf SFA] calls for an !UpdateSlice method, "to request that additional resources—as specified in the RSpec—be allocated to the slice". |
| 86 | | |
| 87 | | In the !PlanetLab implementation of the SFA, !UpdateSliver is in fact a synonym for !CreateSliver - the server will ensure that your allocated resources match your request RSpec, adding, removing and modifying resources as needed. It immediately allocates and boots nodes to match the request RSpec. |
| 88 | | |
| 89 | | The ProtoGENI CMV2 API has [http://www.protogeni.net/trac/protogeni/wiki/ComponentManagerAPIV2#UpdateSliver UpdateSliver], which is described as the way to "Request a change of resuorces for an existing sliver. The new set of resources that are desired are specified in the rspec." At ProtoGENI as at !PlanetLab, this method takes the full RSpec description of resources the experimenter wants, and the server computes the difference with what the experimenter already has. At ProtoGENI though, this method returns a ticket. The experimenter must then redeem the ticket to actually acquire the resources. |
| 90 | | |
| 91 | | This topic was discussed at the [http://groups.geni.net/geni/wiki/GEC12GeniAmAPI GEC12 AM API session] and on the GENI dev mailing list (in [http://lists.geni.net/pipermail/dev/2011-October/000433.html October] and [http://lists.geni.net/pipermail/dev/2011-November/000531.html November]). |
| 92 | | |
| 93 | | This topic was also discussed on the geni-dev mailing list here: http://lists.geni.net/pipermail/dev/2012-March/000588.html and here: http://lists.geni.net/pipermail/dev/2012-March/000643.html and elsewhere in March 2012. |
| 94 | | |
| 95 | | A competing related proposal from Gary Wong is here: http://www.protogeni.net/trac/protogeni/wiki/AM_API_proposals |
| 96 | | |
| 97 | | A further revised proposal is expected from Jon Duerig. |
| 98 | | |
| 99 | | == !UpdateSlivers == |
| 100 | | This change would add a new method !UpdateSlivers, which takes a full request RSpec of the desired final state of the slice at this aggregate. This proposal calls for adding this functionality in the context of tickets: the !UpdateSlivers method returns a ticket. See [#ChangeSetE:Tickets Change Set E: Tickets] for details. |
| 101 | | |
| 102 | | Some points about this change: |
| 103 | | - The method takes a full request RSpec - not a diff. |
| 104 | | - Note that we want the manifest to be readily modifiable to be a request (include component_ids and sliver_ids), but it is not yet. |
| 105 | | - AMs may, as always, return {{{UNSUPPORTED}}} - EG if they are incapable of determining what changes to apply (computing a diff). |
| 106 | | - The request is either fully satisfied, or fails (returns an error code). |
| 107 | | - AMs must document the level of service they provide: will any state be lost on existing resources? |
| 108 | | - Options includes {{{geni_end_time}}}, a RFC3339 requested end time for the reservation. See below for details. |
| 109 | | - If omitted, the AM may reserve the resources for the default sliver duration. |
| 110 | | - AMs should follow the logic of !RenewSlivers to determine if the requested duration of the sliver is acceptable. |
| 111 | | - The request should Fail (return an error code) if the resources cannot be reserved until the requested time. |
| 112 | | |
| 113 | | Aggregates and experimenters should use an RSpec extension for specifying a guarantee on state loss per-resource: |
| 114 | | EG: |
| 115 | | {{{ |
| 116 | | <node ... sliver_id="urn:publicid:IDN+jonlab.tbres.emulab.net+sliver+250"> |
| 117 | | <sliver_type name="raw-pc"/> |
| 118 | | ... |
| 119 | | <preserve:preserve guarantee="persistent-state" /> |
| 120 | | </node> |
| 121 | | }}} |
| 122 | | |
| 123 | | This uses the RNC schema: |
| 124 | | {{{ |
| 125 | | default namespace = "http://www.protogeni.net/resources/rspec/ext/preserve/1" |
| 126 | | |
| 127 | | # This is meant to extend a node or link |
| 128 | | Preserved = element preserve { |
| 129 | | attribute guarantee { "none" | "persistent-state" | |
| 130 | | "dynamic-state" | "no-disruption" } |
| 131 | | } |
| 132 | | |
| 133 | | start = Preserved |
| 134 | | }}} |
| 135 | | |
| 136 | | In the above schema, the states represent increasing levels of state preservation guarantee. |
| 137 | | |
| 138 | | {{{ |
| 139 | | struct UpdateSlivers(string slice_urn, string credentials[], string rspec, |
| 140 | | struct options) |
| 141 | | }}} |
| 142 | | |
| 143 | | Returns a struct: |
| 144 | | {{{ |
| 145 | | { |
| 146 | | ticket: <string, the ticket> |
| 147 | | geni_status: <string, the sliver state - ticketed>, |
| 148 | | <others that are AM specific> |
| 149 | | } |
| 150 | | }}} |
| 151 | | |
| 152 | | See [#ChangeSetE:Tickets Change Set E: Tickets] for details on the ticket returned and ticket semantics. |
| | 81 | ---- |
| | 82 | |
| 201 | | = Change Set E: Tickets = |
| 202 | | AM APIv3 adds support for negotiated reservations or two-phase commit, by '''add'''ing methods that allow an experimenter to reserve resources for a slice without committing to using them, or forcing the AM to incur the cost of instantiating them. |
| 203 | | |
| 204 | | This change is actively under discussion. See for example http://lists.geni.net/pipermail/dev/2012-March/000616.html and http://lists.geni.net/pipermail/dev/2012-March/000648.html |
| 205 | | |
| 206 | | For an alternative proposal, see: http://www.protogeni.net/trac/protogeni/wiki/AM_API_proposals |
| 207 | | |
| 208 | | The later proposal for allocation states (below) supersedes this. See [#ChangeSetF3:SliverAllocationStatesandmethods Change Set F3]. |
| 209 | | |
| 210 | | == Motivation == |
| 211 | | This possible change was discussed at the [http://groups.geni.net/geni/wiki/GEC12GeniAmAPI GEC12 AM API session]. |
| 212 | | |
| 213 | | The [http://svn.planet-lab.org/attachment/wiki/WikiStart/sfa.pdf SFA] defines the concept of a ticket. SFA1.0 section 5.3 says "A component signs an RSpec to produce a ticket, indicating a promise by the component to bind resources to the ticket-holder at some point in time." Tickets are promises to allocate resources. |
| 214 | | |
| 215 | | Tickets are used in the [http://www.protogeni.net/trac/protogeni/wiki/ComponentManagerAPIV2 ProtoGENI CMV2 interface], and are discussed on [http://www.protogeni.net/trac/protogeni/wiki/Tickets the PG wiki]. Tickets with a slightly different semantics (and leases) are also used extensively in Orca. For details on the use of leases and tickets in Orca, see [https://geni-orca.renci.org/trac/attachment/wiki/WikiStart/ORCA%20Book.pdf 'the Orca Book']. However, each of these uses of the notion of tickets differs. |
| 216 | | |
| 217 | | Tickets would potentially enable a number of useful and possibly critical features: |
| 218 | | - Coordinated or negotiated reservations: reserving resources from aggregate B only if aggregate A can give you a complementary resource. For example, a VLAN tag. This is related to stitching, both network stitching and the more general form. |
| 219 | | - Two phase commit reservations (similar to the above). |
| 220 | | - Scheduled reservations in the future. |
| 221 | | - Brokers: 3rd parties consolidating, scheduling and allocating resources on behalf of a number of other aggregates |
| 222 | | - Lending resources to other experimenters |
| 223 | | - Giving experimenters explicit control over when resources are started, stopped, and restarted (see the discussion on !UpdateSliver). |
| 224 | | |
| 225 | | == Tickets semantics == |
| 226 | | This proposal would add tickets to the existing AM API, allowing experimenters to reserve (hold) resources temporarily and cheaply. Tickets represent a promise to the named slice to allocate the specified resources, if the ticket is 'redeemed' while the ticket is still valid. Tickets describe a complete specification of the resources that will be allocated to the slice at this aggregate, if the ticket is redeemed. |
| 227 | | |
| 228 | | Some key properties of the tickets proposed here: |
| 229 | | - Tickets are IOUs from an AM to a slice (not to an experimenter - no delegation is necessary or possible). |
| 230 | | - Experimenters do not need to use tickets to reserve resources: existing methods without tickets still work. |
| 231 | | - A ticket is a promise by the AM to give the specified resources to the slice if an authorized slice member requests them. |
| 232 | | - The aggregate is saying they will not give away these resources to other slices, but only to this slice. |
| 233 | | - AMs must document how firm their promises are. See the attribute {{{geni_ticket_service_class}}}. |
| 234 | | - Some aggregates may only offer soft promises, as in PlanetLab. |
| 235 | | - Tickets are signed by the AM: non repudiatable. |
| 236 | | - Tickets are bound to a slice: they contain the slice certificate. |
| 237 | | - Tickets may be passed from 1 researcher on a slice to another freely - no explicit delegation is required. |
| 238 | | - Indeed, any experimenter with appropriate slice credentials can retrieve the ticket from the aggregate. |
| 239 | | - Tickets may not be delegated to another slice or other entity; these tickets do not support brokers. |
| 240 | | - Tickets promise a particular set of resources: they include an RSpec. Note that this may be an unbound RSpec. |
| 241 | | - Note that we do not currently have unbound manifest RSpecs. For now we specify only that this is an RSpec. |
| 242 | | - Tickets are good for a limited time. |
| 243 | | - They must be redeemed by a specified time, {{{redeem_before}}}, after which the aggregate is free to assign the resources elsewhere. |
| 244 | | - Aggregates determine {{{redeem_before}}}, which is some epsilon in the near future. |
| 245 | | - Aggregates may accept a new option {{{geni_reserve_until}}} which is a request for a particular {{{redeem_before}}}, but are not required to support this (they may ignore the option). |
| 246 | | - Tickets specify when the resources will be available from ({{{starts}}}, typically essentially now), and when they will be available until (typically now plus the aggregate-local default sliver expiration time). |
| 247 | | - The resources may be available even longer, but that would require a separate !RenewSlivers call. |
| 248 | | - Tickets specify the full final state of the slice after applying this ticket. |
| 249 | | - Tickets are not incremental changes, and are not additive. |
| 250 | | - The implication is that there may be only 1 ticket outstanding for a slice per aggregate (except for scheduled reservations, see below). |
| 251 | | - This also implies that these tickets are not suitable for use by brokers. |
| 252 | | - Aggregates must attempt to honor their promises. As a result, aggregates must remember all outstanding tickets until they are redeemed or expire. |
| 253 | | - All ticket related timestamps must be in the format of RFC3339 (http://www.ietf.org/rfc/rfc3339.txt) |
| 254 | | - Full date and time with explicit timezone: offset from UTC or in UTC. |
| 255 | | - eg: {{{1985-04-12T23:20:50.52Z}}} or {{{1996-12-19T16:39:57-08:00}}} |
| 256 | | |
| 257 | | {{{ |
| 258 | | #!comment |
| 259 | | |
| 260 | | == Ticket contents == |
| 261 | | Tickets have an ID, the certificate of the slice to whom the resources are promised, an RSpec representing the promised resources, several timestamps, other attributes, and a signature by the aggregate (including the aggregate's certificate). |
| 262 | | |
| 263 | | Tickets are externally represented as signed XML documents following the [http://www.w3.org/TR/xmldsig-core/ XML Digital Signatures specification]. |
| 264 | | |
| 265 | | Tickets contain: |
| 266 | | - {{{owner_gid}}} = the certificate of the experimenter who requested the ticket |
| 267 | | - {{{target_gid}}} = slice certificate |
| 268 | | - {{{uuid}}} |
| 269 | | - Unique ID for the ticket, in the hexadecimal digit string format given in [http://www.ietf.org/rfc/rfc4122.txt RFC 4122] |
| 270 | | - {{{expires}}} - RFC3339 compliant Date/Time when the resources will no longer be yours per this reservation (eg sliver duration+now) |
| 271 | | - {{{redeem_before}}}: RFC3339 compliant Date/Time when you must redeem this reservation, or your resources will be returned to the available pool (eg now+epsilon) |
| 272 | | - {{{starts}}} - RFC3339 compliant Date/Time when the resources will be yours, per this reservation (eg now) |
| 273 | | - RSpec (not specified as request or manifest) |
| 274 | | - Attributes (AM/resource-type specific name/value pairs) |
| 275 | | - Including {{{geni_ticket_service_class}}} as defined below, to indicate the firmness of the promise this ticket represents |
| 276 | | - signature including issuing AM's certificate |
| 277 | | |
| 278 | | More formally: |
| 279 | | {{{ |
| 280 | | { |
| 281 | | owner_gid = <the certificate of the experimenter who requested the ticket>, |
| 282 | | target_gid = <slice certificate, following GENI AM API certificate specification>, |
| 283 | | uuid = <RFC 4122 compliant string>, |
| 284 | | expires = <RFC3339 compliant Date/Time when the resources will no longer be yours per this reservation (eg sliver duration+now)>, |
| 285 | | redeem_before = <RFC3339 compliant Date/Time when you must redeem this reservation, or your resources will be returned to the available pool (eg now+epsilon)>, |
| 286 | | starts = <RFC3339 compliant Date/Time when the resources will be yours, per this reservation (eg now)>, |
| 287 | | rspec = <RSpec (not specified as request or manifest)>, |
| 288 | | attributes = { |
| 289 | | geni_ticket_service_class = <string>, |
| 290 | | <others> |
| 291 | | }, |
| 292 | | signature |
| 293 | | } |
| 294 | | }}} |
| 295 | | |
| 296 | | Tickets should include the {{{geni_ticket_service_class}}} attribute for advertising the firmness of the promise that a ticket represents (case insensitive string or integer). |
| 297 | | - FIXME: Provide definitions for these service classes. |
| 298 | | - 1=WEAK_EFFORT |
| 299 | | - 2=BEST_EFFORT |
| 300 | | - 3=ELASTIC_RESERVATION |
| 301 | | - 4=HARD_RESERVATION |
| 302 | | |
| 303 | | Tickets will follow a defined schema, to be published on geni.net. |
| 304 | | |
| 305 | | Tickets logically have a URN (not included in the ticket): {{{urn:publicid:IDN+<AM name>+ticket+<uuid>}}} |
| 306 | | |
| 307 | | For a similar structure in ProtoGENI, see https://www.protogeni.net/trac/protogeni/attachment/wiki/Authentication/credential.rnc |
| 308 | | |
| 309 | | == Methods == |
| 310 | | 1. !GetTicket |
| 311 | | {{{ |
| 312 | | struct GetTicket (string slice_urn, string credentials[], string requestRSpec, |
| 313 | | struct options) |
| 314 | | }}} |
| 315 | | - Get a ticket promising resources requested in the rspec. |
| 316 | | - If there is already an outstanding ticket for the slice, an error is returned. |
| 317 | | - Return: ticket |
| 318 | | - Result State: {{{ticketed}}} |
| 319 | | - Options may include {{{geni_start_time}}} and {{{geni_end_time}}} (see below) |
| 320 | | 2. !RedeemTicket |
| 321 | | {{{ |
| 322 | | struct RedeemTicket(string slice_urn, string credentials[], string ticket, |
| 323 | | struct users[] (as in CreateSlivers), struct options) |
| 324 | | }}} |
| 325 | | - Return: |
| 326 | | {{{ |
| 327 | | { |
| 328 | | string rspec=<manifest>, |
| 329 | | string geni_start_time=<optional (may be omitted altogether): now if not specified>, |
| 330 | | string geni_expires=<RFC3339 sliver expiration>, |
| 331 | | string geni_status=<sliver state - allocated (or optionally changing or ready)>, |
| 332 | | <others that are AM specific> |
| 333 | | } |
| 334 | | }}} |
| 335 | | - Begin allocating the resources promised in the ticket. |
| 336 | | - Option {{{geni_auto_start}}}: |
| 337 | | - If supplied and true (boolean: 0 or 1 in XML-RPC), the aggregate automatically start/restarts resources as necessary, as though the experimenter called !ActOnSlivers(start). |
| 338 | | - State will be {{{changing}}} and then {{{ready}}} |
| 339 | | - If omitted the aggregate does not start resources (default behavior). The final state is {{{allocated}}}, and the experimenter must explicitly start or restart resources using !ActOnSlivers |
| 340 | | - Note that resources which do not require a 'start' may already be {{{ready}}} on normal return from !RedeemTicket. |
| 341 | | - Omitting the ticket causes the aggregate to redeem the outstanding ticket for this slice if any. If none, return an error code. |
| 342 | | - The ticket must be valid: not expired or previously redeemed or replaced. If so, an error is returned. |
| 343 | | |
| 344 | | 3. !ReleaseTicket |
| 345 | | {{{ |
| 346 | | struct ReleaseTicket(string slice_urn, string credentials[], string ticket, struct options) |
| 347 | | }}} |
| 348 | | - Give up the reservation for resources. |
| 349 | | - Return: true (1 in XMLRPC) or error |
| 350 | | - Omitting the ticket causes the aggregate to release the 0 or 1 outstanding tickets for this slice. |
| 351 | | - If this ticket was from !UpdateSlivers, then the sliver returns to the {{{allocated}}} state and existing resources are not modified. |
| 352 | | |
| 353 | | 4. !UpdateTicket |
| 354 | | (atomic release/get) |
| 355 | | {{{ |
| 356 | | struct UpdateTicket(string slice_urn, string credentials[], string requestRSpec, |
| 357 | | string ticket, struct options) |
| 358 | | }}} |
| 359 | | - For updating a reservation in place, replacing one ticket with a new one. On success, the old ticket is invalid. |
| 360 | | - Return: Ticket |
| 361 | | - Result State: {{{ticketed}}} |
| 362 | | - Options may include {{{geni_start_time}}} and {{{geni_end_time}}} (see below) |
| 363 | | - The ticket must be valid: not expired or previously redeemed or replaced. If so, an error is returned. |
| 364 | | |
| 365 | | 5. !UpdateSlivers |
| 366 | | {{{ |
| 367 | | struct UpdateSlivers(string slice_urn, string credentials[], string requestRSpec, |
| 368 | | struct options) |
| 369 | | }}} |
| 370 | | - Returns a struct: |
| 371 | | {{{ |
| 372 | | { |
| 373 | | string ticket=<ticket> |
| 374 | | string geni_status=<sliver state - ticketed>, |
| 375 | | <others that are AM specific> |
| 376 | | } |
| 377 | | }}} |
| 378 | | - Get a promise for resources that would replace currently allocated resources, as defined in [#ChangeSetC:UpdateSlivers Change Set C]. |
| 379 | | - Result State: {{{ticketed}}} |
| 380 | | - On completion, the slice has both a ticket and a set of slivers at this aggregate. Overall it is both {{{allocated}}} and {{{ticketed}}}, which is called {{{ticketed}}}. |
| 381 | | - Options may include {{{geni_start_time}}} and {{{geni_end_time}}}, a RFC3339 requested start and end time for the reservation (option not required). |
| 382 | | - The request should Fail (return an error code) if the resources cannot be reserved from or until the requested time. |
| 383 | | - The method takes a full request RSpec - not a diff. |
| 384 | | - AMs may, as always, return {{{UNSUPPORTED}}} - EG if they are incapable of determining what changes to apply (computing a diff). |
| 385 | | - The request is either fully satisfied, or fails (returns an error code). |
| 386 | | - For further details on the !UpdateSlivers semantics, see [#ChangeSetC:UpdateSlivers Change Set C]. |
| 387 | | |
| 388 | | For a similar set of functions in ProtoGENI, see: https://www.protogeni.net/trac/protogeni/wiki/ComponentManagerAPIV2 |
| 389 | | |
| 390 | | == Other changes to support tickets == |
| 391 | | - !CreateSlivers remains the first call: do not use it to add resources to the slice. |
| 392 | | - !ListResources return value changes to be: |
| 393 | | {{{ |
| 394 | | { |
| 395 | | string rspec (ad or Manifest - may be empty though) |
| 396 | | string tickets[] (required but may be an empty list) |
| 397 | | } |
| 398 | | }}} |
| 399 | | - For !ListResources with no {{{slice_urn}}}, {{{tickets}}} shall be an empty list, and rspec shall be an ad RSpec. |
| 400 | | - For !ListResources with a {{{slice_urn}}}, {{{rspec}}} is the manifest RSpec for everything belonging to that slice at this AM, if anything is currently allocated (not just a ticket). {{{tickets}}} is then any outstanding ticket(s) for this slice. |
| 401 | | |
| 402 | | == Scheduling support using Tickets == |
| 403 | | This ticket structure and methods, with small additions, supports using tickets for scheduling. This proposal does not require support for scheduling at aggregates. |
| 404 | | |
| 405 | | - We are not explicitly supporting scheduling, but the timestamps here should be sufficient. |
| 406 | | - !GetTicket, !CreateSlivers, !ListResources, !UpdateTicket, !UpdateSlivers all accept new RFC3339 compliant {{{geni_start_time}}} and {{{geni_end_time}}} options to support scheduling in the future. |
| 407 | | - For !GetTicket and !CreateSlivers, if left out then the reservation start is 'now or really soon' and the end is start plus the default sliver duration. |
| 408 | | - AMs that do not support scheduling return {{{UNSUPPORTED}}} when passed {{{geni_start_time}}}. |
| 409 | | - AMs should still support {{{geni_end_time}}}, following the logic of !RenewSlivers to determine if the requested duration of the sliver is acceptable. |
| 410 | | - IE at !CreateSlivers and !GetTicket and !UpdateSlivers in particular |
| 411 | | - The request should Fail (return an error code) if the resources cannot be reserved until the requested time. |
| 412 | | - {{{redeem_before}}} in tickets should be {{{starts}}}+epsilon. That epsilon is AM specific, but typically a small number of minutes. |
| 413 | | - Multiple tickets may be outstanding for a single slice at a single AM only for non overlapping time intervals. |
| 414 | | - IE you could request 2 tickets: 1 for machines 1-3 on Tuesday and simultaneously request 1 for machines 4-6 on Thursday. |
| 415 | | - These options are accepted in !ListResources as well. |
| 416 | | - Specifying {{{geni_start_time}}} means tell me what will be available at that time. Default is now. |
| 417 | | - Specifying both {{{geni_end_time}}} and {{{geni_start_time}}} means show me only things available for that entire duration. |
| 418 | | |
| 419 | | }}} |
| 420 | | |
| 421 | | ----- |
| | 131 | |
| 960 | | |
| 961 | | ---- |
| 962 | | = Change summary - method signatures = |
| 963 | | If the generally agreed-upon change sets listed here are adopted, the final method signatures will be as follows: |
| 964 | | |
| 965 | | == Common Arguments and Returns == |
| 966 | | === structs and optional arguments === |
| 967 | | Unless otherwise specified, all arguments and returns of type `struct` may include aggregate or resource-specific entries. As arguments, such options must be optional for the client to supply, with the aggregate providing a reasonable default. |
| 968 | | |
| 969 | | === datetime data type === |
| 970 | | All datetime arguments and returns in this API shall conform to [http://tools.ietf.org/html/rfc3339 RFC 3339]. This represents a subset of the valid date/time strings permissible by the standard XML-RPC date/time data type, [http://xmlrpc.scripting.com/spec dateTime.iso8601]. |
| 971 | | |
| 972 | | In the specification of this API, this is described as `dateTime.rfc3339`. |
| 973 | | |
| 974 | | === RSpec data type === |
| 975 | | Throughout this API, multiple arguments and returns are labeled as an RSpec. These fields shall be understood as XML documents following one of the schemas advertised in the return from !GetVersion. All such RSpecs must pass an XML schema validator, must list all used schemas and namespaces within the document, using schemas that are publicly available. The !GetVersion return advertises schemas for advertisment and request RSpecs; the schemas for manifest RSpecs are assumed to be available at the same base URL, but using a corresponding manifest schema. |
| 976 | | |
| 977 | | A fully GENI AM API compliant aggregate will always support the GENI standard schemas for RSpecs, available at http://www.geni.net/resources/rspec. As of 4/2012, the current GENI RSpec version is '''3'''. Aggregates are free to use an alternate format internally, but must accept and produce compliant RSpecs on demand. |
| 978 | | |
| 979 | | The Aggregate Manager API requires this contract: Aggregates advertise the `type` and `version` of RSpec formats that they support. If available, they specify the `schema`, `namespace` and `extensions` combination which is the authoritative definition of that format. Clients of the API should understand that combination in order to know how to understand the resources available at that aggregate. |
| 980 | | |
| 981 | | If an aggregate advertises a particular `type`/`version` (optionally defined with a combination of `schema`, `namespace` and `extensions`) in the `geni_ad_rspec_versions` attribute of !GetVersion, then it promises to send a correct Advertisement RSpec in response to a !ListResources call which supplies a `geni_rspec_version` option containing that `type`/`version`. (`geni_rspec_version` is a struct with 2 members, `type` and `version`. `type` and `version` are case-insensitive strings, matching those in `geni_ad_rspec_versions`). |
| 982 | | |
| 983 | | If an Aggregate advertises a particular `type`/`version` (optionally defined with a combination of `schema`, `namespace` and `extensions`) in the `geni_request_rspec_versions` attribute of !GetVersion then it promises to correctly honor an Allocate (was !CreateSliver in API v2) call containing a request RSpec in the given format, and then to return a Manifest RSpec in the corresponding format (i.e. a GENI format request is answered with a GENI format manifest). The aggregate also promises to send a correctly formatted Manifest RSpec in response to a Describe call which supplies a valid slice or sliver URN and an `geni_rspec_version` option containing that supported `type`/`version`. |
| 984 | | |
| 985 | | In this API, such RSpec fields are labeled as type `geni.rspec`. |
| 986 | | |
| 987 | | === `credentials` === |
| 988 | | Many methods take an array of credentials. This is an array of credential type, version, and string value. |
| 989 | | {{{ |
| 990 | | credentials = [ |
| 991 | | { |
| 992 | | geni_type: <string>, |
| 993 | | geni_version: <string>, |
| 994 | | geni_value: <string>, |
| 995 | | <others> |
| 996 | | } |
| 997 | | ] |
| 998 | | }}} |
| 999 | | |
| 1000 | | At least one credential must be a valid slice credential for the slice specified in `slice_urn` if that is an argument, or for the slice that contains the named slivers, if sliver urns are an argument, or a valid administrative credential with sufficient privileges. When sliver_urns are supplied, all such slivers must belong to the same slice, over which the given credential provides access. Credentials must be valid (signed by a valid GENI certificate authority either directly or by chain, not expired, and grant privileges to the client identified by the SSL client certificate). Each method requires specific privileges, which must be granted by the provided credentials. Note that the semantics of this argument is not clear: most implementations require a single credential to provide all needed privileges. Alternative interpretations might, for example, accumulate privileges from each valid credential to determine overall caller permissions. For details on GENI AM API format credentials, see [wiki:GeniApiCredentials the GENI wiki]. |
| 1001 | | |
| 1002 | | === `geni_end_time` === |
| 1003 | | The `geni_end_time` argument requests an expiration of the specified slivers. It is in dateTime.rfc3339 format (defined above). |
| 1004 | | When an explicit argument, it is required, and aggregates must honor the request to the extent local policy permits. |
| 1005 | | When an option in the `options` struct, clients may omit the option, and AMs may choose not to or be unable to honor this option, but may still succeed the overall request. |
| 1006 | | |
| 1007 | | === `geni_best_effort` === |
| 1008 | | {{{geni_best_effort: <XML-RPC boolean 1 or 0, default false (0)>}}} |
| 1009 | | Clients may omit this option, but aggregates must honor the option if possible. This option modifies the way that the operation applies to all named slivers. By default (`geni_best_effort`=false), the operation must apply equally to all slivers, either succeeding or failing for all. When true, the aggregate may succeed the operation for some slivers, while failing the operation for other slivers. |
| 1010 | | |
| 1011 | | === `geni_users` === |
| 1012 | | `struct geni_users[]` is an option for some methods. |
| 1013 | | |
| 1014 | | Clients may omit this option. Aggregates should honor this option for any resource that accepts the provided login keys, and ignore it for other resources. This option is an array of user structs, which contain information about the users that might login to the sliver that the AM needs to know about. For example, this option is the mechanism by which users supply their SSH public keys, permitting SSH login to allocated nodes. In such cases, the corresponding manifest RSpec will contain the `ssh-users` element on each such node, showing the login username and applicable public keys. When this option is supplied, each struct must include the key 'keys', which is an array of strings and can be empty. The struct must also include the key 'urn', which is the user’s URN string. For example: |
| 1015 | | {{{ |
| 1016 | | [ |
| 1017 | | { |
| 1018 | | urn: urn:publicid:IDN+geni.net:gcf+user+alice |
| 1019 | | keys: [<ssh key>, <ssh key>] |
| 1020 | | }, |
| 1021 | | { |
| 1022 | | urn: urn:publicid:IDN+geni.net:gcf+user+bob |
| 1023 | | keys: [<ssh key>] |
| 1024 | | } |
| 1025 | | ] |
| 1026 | | }}} |
| 1027 | | |
| 1028 | | === `options` === |
| 1029 | | An XML-RPC struct. For !GetVersion only, this argument is optional. In all other methods, it is required. Only !ListResources has required entries in the options struct. Aggregates are compliant with this API change by accepting this argument. Aggregates may accept entries to this struct. Aggregates should not require any new options to any method - they should always have a reasonable default for any such option. Aggregates should document new `options` arguments. The prefix `geni_` is reserved for members that are part of this API specification. Implementations should choose an appropriate prefix to avoid conflicts. |
| 1030 | | |
| 1031 | | === `urns[]` === |
| 1032 | | Several methods take some URNs to identify what to operate on. These methods are defined as accepting a list of arbitrary strings we call URNs. |
| 1033 | | This API defines two kinds of URNs that may be supplied here, slice URNs and sliver URNs (see [wiki:GeniApiIdentifiers the GENI identifiers page], and [#Adopted:ChangeSetK:Standardizecertificatesandcredentials Change Set K]). Some aggregates may understand other URNs, but these are not defined or required here. Aggregates that accept only URNs defined by this API will return an error when given URNs not in one of those forms. |
| 1034 | | This API requires that aggregates accept either a single slice URN, or 1+ sliver URNs that all belong to the same slice. Aggregates are not required to accept both a slice URN and sliver URNs, 2+ slice URNs, or a set of sliver URNs that crosses multiple slices. Some aggregates may choose to accept other such combinations of URNs. Aggregates that accept only arguments defined by this API will return an error when given more than 1 slice URN, a combination of both slice and sliver URNs, or a set of sliver URNs that belong to more than 1 slice. |
| 1035 | | |
| 1036 | | == !GetVersion == |
| 1037 | | Query static configuration information about this aggregate manager implementation, such as API and RSpec versions supported. |
| 1038 | | {{{ |
| 1039 | | struct GetVersion([optional: struct options]) |
| 1040 | | }}} |
| 1041 | | |
| 1042 | | The `options` argument may be omitted entirely by clients. |
| 1043 | | |
| 1044 | | Return struct: |
| 1045 | | {{{ |
| 1046 | | |
| 1047 | | { |
| 1048 | | int geni_api; |
| 1049 | | struct geni_api_versions { |
| 1050 | | URL <this API version #>; # value is a URL, name is a number |
| 1051 | | [optional: other supported API versions and the URLs where they run] |
| 1052 | | } |
| 1053 | | array geni_request_rspec_versions of { |
| 1054 | | string type; |
| 1055 | | string version; |
| 1056 | | string schema; |
| 1057 | | string namespace; |
| 1058 | | array extensions of string; |
| 1059 | | }; |
| 1060 | | array geni_ad_rspec_versions of { |
| 1061 | | string type; |
| 1062 | | string version; |
| 1063 | | string schema; |
| 1064 | | string namespace; |
| 1065 | | array extensions of string; |
| 1066 | | }; |
| 1067 | | array geni_credential_types of { |
| 1068 | | string geni_type <case insensitive>; |
| 1069 | | string geni_version <containing an integer>; |
| 1070 | | }; |
| 1071 | | } |
| 1072 | | }}} |
| 1073 | | |
| 1074 | | == !ListResources == |
| 1075 | | Retrieve RSpecs listing resources at this aggregate, an Advertisement RSpec of available resources. |
| 1076 | | |
| 1077 | | {{{ |
| 1078 | | struct ListResources(struct credentials[], struct options) |
| 1079 | | }}} |
| 1080 | | |
| 1081 | | Where options include: |
| 1082 | | {{{ |
| 1083 | | { |
| 1084 | | boolean geni_available <optional>; |
| 1085 | | boolean geni_compressed <optional>; |
| 1086 | | struct geni_rspec_version { |
| 1087 | | string type; |
| 1088 | | string version; |
| 1089 | | }; |
| 1090 | | } |
| 1091 | | }}} |
| 1092 | | |
| 1093 | | Note that all options may be omitted by the client, exception `geni_rspec_version` which is required. The aggregate must honor all supplied options. |
| 1094 | | |
| 1095 | | `credentials` is the standard argument defined above. |
| 1096 | | |
| 1097 | | Return: |
| 1098 | | A `geni.rspec` advertisment RSpec. |
| 1099 | | |
| 1100 | | == Describe == |
| 1101 | | AKA !ListResources when supplied a slice URN. |
| 1102 | | |
| 1103 | | Retrieve a manifest describing the resources contained by the entities named, e.g. a single slice or a set of the slivers in a slice. |
| 1104 | | {{{ |
| 1105 | | struct Describe(string urns[], struct credentials[], struct options[]) |
| 1106 | | }}} |
| 1107 | | |
| 1108 | | Where options include: |
| 1109 | | {{{ |
| 1110 | | { |
| 1111 | | boolean geni_compressed <optional>; |
| 1112 | | struct geni_rspec_version { |
| 1113 | | string type; |
| 1114 | | string version; |
| 1115 | | }; |
| 1116 | | } |
| 1117 | | }}} |
| 1118 | | |
| 1119 | | Note that all options may be omitted by the client, exception `geni_rspec_version` which is required. The aggregate must honor all supplied options. |
| 1120 | | |
| 1121 | | `credentials` is the standard argument defined elsewhere. |
| 1122 | | |
| 1123 | | Note that the manifest RSpec for allocated slivers may contain less detail than for provisioned slivers. |
| 1124 | | |
| 1125 | | Return struct: |
| 1126 | | {{{ |
| 1127 | | { |
| 1128 | | geni_rspec: <geni.rspec, Manifest - may be empty though)> |
| 1129 | | geni_urn: <string slice urn, as requested> |
| 1130 | | geni_slivers: [ |
| 1131 | | { |
| 1132 | | geni_sliver_urn: <string sliver urn> |
| 1133 | | geni_expires: <dateTime.rfc3339 allocation expiration string, as in geni_expires from SliversStatus>, |
| 1134 | | geni_allocation_status: <string sliver state - allocated or ?? >, |
| 1135 | | geni_operational_status: <string sliver operational state> |
| 1136 | | }, |
| 1137 | | ... |
| 1138 | | ] |
| 1139 | | } |
| 1140 | | }}} |
| 1141 | | |
| 1142 | | Aggregates are expected to combine the manifests of all requested slivers into a single manifest RSpec. |
| 1143 | | |
| 1144 | | FIXME: Allow multiple manifests? Options to specify only allocated or only provisioned slivers? |
| 1145 | | == Allocate == |
| 1146 | | AKA !CreateSlivers() |
| 1147 | | Request resources described by the given request RSpec to be allocated to the given slice. On success, one or more slivers are allocated, containing resources satisfying the request, and assigned to the given slice. The manifest RSpec describing those resources is returned. |
| 1148 | | {{{ |
| 1149 | | struct Allocate(string slice_urn, |
| 1150 | | struct credentials[], |
| 1151 | | geni.rspec rspec, |
| 1152 | | struct options) |
| 1153 | | }}} |
| 1154 | | |
| 1155 | | `credentials` is the standard argument defined above. |
| 1156 | | |
| 1157 | | Options include: |
| 1158 | | {{{ |
| 1159 | | { |
| 1160 | | [optional geni_end_time: <dateTime.rfc3339>] |
| 1161 | | } |
| 1162 | | }}} |
| 1163 | | |
| 1164 | | Return struct: |
| 1165 | | {{{ |
| 1166 | | { |
| 1167 | | geni_rspec: <geni.rspec manifest>, |
| 1168 | | geni_slivers: [ |
| 1169 | | { |
| 1170 | | geni_sliver_urn: <string sliver urn> |
| 1171 | | geni_expires: <dateTime.rfc3339 allocation expiration string, as in geni_expires from SliversStatus>, |
| 1172 | | geni_allocation_status: <string sliver state - allocated or ?? > |
| 1173 | | }, |
| 1174 | | ... |
| 1175 | | ] |
| 1176 | | } |
| 1177 | | }}} |
| 1178 | | |
| 1179 | | The manifest is a manifest of only newly allocated slivers. |
| 1180 | | |
| 1181 | | == Renew == |
| 1182 | | AKA !RenewSliver() or !RenewAllocated |
| 1183 | | Request that the named slivers be renewed, with their expiration extended. If possible, the aggregate should extend the slivers to the requested expiration time, or to a sooner time if policy limits apply. This method applies to slivers that are `geni_allocated` or to slivers that are `geni_provisioned`, though different policies may apply to slivers in the different states, resulting in much shorter max expiration times for `geni_allocated` slivers. |
| 1184 | | |
| 1185 | | {{{ |
| 1186 | | struct Renew(string urns[], |
| 1187 | | struct credentials[], |
| 1188 | | dateTime.rfc3339 expiration_time, |
| 1189 | | struct options) |
| 1190 | | }}} |
| 1191 | | |
| 1192 | | `credentials` is the standard argument defined above. |
| 1193 | | |
| 1194 | | Options include {{{geni_best_effort}}} |
| 1195 | | |
| 1196 | | Return list of structs: |
| 1197 | | {{{ |
| 1198 | | [ |
| 1199 | | { |
| 1200 | | geni_sliver_urn: <string>, |
| 1201 | | geni_allocation_status: <string>, |
| 1202 | | geni_operational_status: <string>, |
| 1203 | | geni_expires: <dateTime.rfc3339 when the sliver expires from its current state>, |
| 1204 | | }, |
| 1205 | | ... |
| 1206 | | ] |
| 1207 | | }}} |
| 1208 | | |
| 1209 | | == !UpdateAllocations == |
| 1210 | | AKA !UpdateAllocated() |
| 1211 | | This method modifies a set of allocated slivers in place. The existing reservations are not lost if the newly requested allocations cannot be satisfied by the aggregate. |
| 1212 | | |
| 1213 | | Details are suppressed pending agreement on this method. |
| 1214 | | {{{ |
| 1215 | | #!comment |
| 1216 | | |
| 1217 | | {{{ |
| 1218 | | struct UpdateAllocations(string urns[], struct credentials[], geni.rspec rspec, |
| 1219 | | struct options) |
| 1220 | | }}} |
| 1221 | | |
| 1222 | | `credentials` is the standard argument defined above. |
| 1223 | | |
| 1224 | | Options include: |
| 1225 | | - {{{geni_end_time}}}: |
| 1226 | | - {{{geni_best_effort}}} |
| 1227 | | |
| 1228 | | Return struct: |
| 1229 | | {{{ |
| 1230 | | { |
| 1231 | | geni_rspec: <geni.rspec manifest>, |
| 1232 | | geni_slivers: [ |
| 1233 | | { |
| 1234 | | geni_sliver_urn: <string sliver urn> |
| 1235 | | geni_expires: <dateTime.rfc3339 allocation expiration string, as in geni_expires from SliversStatus>, |
| 1236 | | geni_allocation_status: <string sliver state - allocated or ?? > |
| 1237 | | }, |
| 1238 | | ... |
| 1239 | | ] |
| 1240 | | } |
| 1241 | | }}} |
| 1242 | | |
| 1243 | | The manifest is a manifest of only referenced allocated slivers. |
| 1244 | | |
| 1245 | | FIXME: Is this the same method as for updating provisioned slivers? |
| 1246 | | }}} |
| 1247 | | |
| 1248 | | == Provision == |
| 1249 | | AKA !ProvisionSlivers() |
| 1250 | | Request that the named `geni_allocated` slivers be made `geni_provisioned`, instantiating or otherwise realizing the resources, such that they have a valid `geni_operational_status` and may possibly be made `geni_ready` for experimenter use. |
| 1251 | | |
| 1252 | | {{{ |
| 1253 | | struct Provision(string urns[], struct credentials[], |
| 1254 | | struct options) |
| 1255 | | }}} |
| 1256 | | |
| 1257 | | `credentials` is the standard argument defined above. |
| 1258 | | |
| 1259 | | Options include: |
| 1260 | | - {{{geni_best_effort}}} |
| 1261 | | - {{{geni_end_time}}} |
| 1262 | | - `struct geni_users[]` |
| 1263 | | |
| 1264 | | Return struct: |
| 1265 | | {{{ |
| 1266 | | geni_rspec: <geni.rspec, RSpec manifest>, |
| 1267 | | geni_slivers: |
| 1268 | | [ |
| 1269 | | { |
| 1270 | | geni_sliver_urn: <string>, |
| 1271 | | geni_allocation_status: <string>, |
| 1272 | | geni_operational_status: <string>, |
| 1273 | | geni_expires <dateTime.rfc3339 when the sliver expires from its current state>, |
| 1274 | | }, |
| 1275 | | ... |
| 1276 | | ], |
| 1277 | | }}} |
| 1278 | | |
| 1279 | | FIXME: Is the returned manifest only for newly provisioned slivers? Or all slivers at this AM for this slice? |
| 1280 | | |
| 1281 | | == !UpdateSlivers == |
| 1282 | | AKA Update() |
| 1283 | | This method requests a modification to 1 or more provisioned slivers. The slivers end up in a new `geni_allocated+geni_provisioned` state. |
| 1284 | | |
| 1285 | | Details are suppressed pending agreement on this method. |
| 1286 | | {{{ |
| 1287 | | #!comment |
| 1288 | | |
| 1289 | | {{{ |
| 1290 | | struct UpdateSlivers(string urns[], struct credentials[], geni.rspec rspec, |
| 1291 | | struct options) |
| 1292 | | }}} |
| 1293 | | |
| 1294 | | `credentials` is the standard argument defined above. |
| 1295 | | |
| 1296 | | Options include: |
| 1297 | | - {{{geni_end_time}}} |
| 1298 | | - {{{geni_best_effort}}} |
| 1299 | | - `struct geni_users[]` |
| 1300 | | |
| 1301 | | Return struct: |
| 1302 | | {{{ |
| 1303 | | { |
| 1304 | | rspec: <geni.rspec manifest>, |
| 1305 | | geni_slivers: [ |
| 1306 | | { |
| 1307 | | geni_sliver_urn: <string sliver urn> |
| 1308 | | geni_expires: <dateTime.rfc3339 allocation expiration string, as in geni_expires from SliversStatus>, |
| 1309 | | geni_allocation_status: <string sliver state - allocated or ?? > |
| 1310 | | }, |
| 1311 | | ... |
| 1312 | | ] |
| 1313 | | } |
| 1314 | | }}} |
| 1315 | | |
| 1316 | | The RSpec argument may be a new delta format. |
| 1317 | | The manifest is a manifest of only referenced provisioned slivers. |
| 1318 | | |
| 1319 | | FIXME: Is this the same method as for updating allocated slivers? |
| 1320 | | FIXME: Return both a manifest and a delta RSpec? |
| 1321 | | }}} |
| 1322 | | |
| 1323 | | == Status == |
| 1324 | | AKA !SliverStatus |
| 1325 | | Retrieve status information about the named slivers. This should be relatively dynamic data, not descriptive data as returned in the manifest RSpec. |
| 1326 | | |
| 1327 | | |
| 1328 | | {{{ |
| 1329 | | struct Status(string urns[], struct credentials[], struct options) |
| 1330 | | }}} |
| 1331 | | |
| 1332 | | `credentials` is the standard argument defined above. |
| 1333 | | |
| 1334 | | Return: |
| 1335 | | {{{ |
| 1336 | | { |
| 1337 | | geni_urn: <slice URN> |
| 1338 | | geni_slivers: [ |
| 1339 | | { geni_sliver_urn: <sliver URN> |
| 1340 | | geni_allocation_status: <string, eg provisioned> |
| 1341 | | geni_operational_status: <string, eg ready> |
| 1342 | | geni_expires: <dateTime.rfc3339 of individual sliver expiration> |
| 1343 | | geni_error: <string, eg ''>, |
| 1344 | | }, |
| 1345 | | { geni_sliver_urn: <sliver URN> |
| 1346 | | geni_allocation_status: <string, eg provisioned> |
| 1347 | | geni_operational_status: <string, eg ready> |
| 1348 | | geni_expires: <dateTime.rfc3339 of individual sliver expiration> |
| 1349 | | geni_error: <string, eg ''>, |
| 1350 | | } |
| 1351 | | ] |
| 1352 | | } |
| 1353 | | }}} |
| 1354 | | |
| 1355 | | == !PerformOperationalAction == |
| 1356 | | Perform the named operational action on the named slivers, possibly changing the `geni_operational_status` of the named slivers. |
| 1357 | | |
| 1358 | | {{{ |
| 1359 | | struct PerformOperationalAction (string urns[], struct credentials[], string action, |
| 1360 | | struct options={}) |
| 1361 | | }}} |
| 1362 | | |
| 1363 | | `credentials` is the standard argument defined above. |
| 1364 | | |
| 1365 | | Options include: {{{geni_best_effort}}} |
| 1366 | | |
| 1367 | | Return list of structs: |
| 1368 | | {{{ |
| 1369 | | [ { |
| 1370 | | geni_sliver_urn : <string>, |
| 1371 | | geni_allocation_status: <string, eg provisioned> |
| 1372 | | geni_operational_status : <string>, |
| 1373 | | geni_expires: <dateTime.rfc3339 of individual sliver expiration> |
| 1374 | | }, |
| 1375 | | ... |
| 1376 | | ] |
| 1377 | | ; |
| 1378 | | }}} |
| 1379 | | |
| 1380 | | == Delete == |
| 1381 | | AKA !DeleteSliver |
| 1382 | | Delete the named slivers, making them `geni_unallocated`. Resources are de-provisioned. No further AM API operations may be performed on slivers that have been deleted. |
| 1383 | | |
| 1384 | | {{{ |
| 1385 | | struct Delete(string urns, struct credentials[], struct options) |
| 1386 | | }}} |
| 1387 | | |
| 1388 | | `credentials` is the standard argument defined above. |
| 1389 | | |
| 1390 | | Options include: {{{geni_best_effort}}} |
| 1391 | | |
| 1392 | | Return list of structs: |
| 1393 | | {{{ |
| 1394 | | [ |
| 1395 | | { |
| 1396 | | geni_sliver_urn: <string>, |
| 1397 | | geni_allocation_status: <string>, |
| 1398 | | geni_expires: <dateTime.rfc3339 when the sliver expires from its current state>, |
| 1399 | | }, |
| 1400 | | ... |
| 1401 | | ] |
| 1402 | | }}} |
| 1403 | | |
| 1404 | | == Shutdown == |
| 1405 | | Perform an emergency shutdown on the slice at this aggregate. Resources should be taken offline, such that experimenter access (on both the control and data plane) is cut off. No further actions on the slice should be possible at this aggregate, until an un-specified operator action restores the slice. |
| 1406 | | {{{ |
| 1407 | | struct Shutdown(string slice_urn, struct credentials[], struct options) |
| 1408 | | }}} |
| 1409 | | |
| 1410 | | `credentials` is the standard argument defined above. |
| 1411 | | |
| 1412 | | Return: XML-RPC boolean |
