| 45 | == Session Summary == |
| 46 | |
| 47 | The Coding Sprint session attracted around a dozen experimenters, several operators, and around 20 developers. Experimenters got help getting started or working with GENI, operators discussed primarily monitoring, and developers worked through several issues. |
| 48 | |
| 49 | The developers had a productive discussion, working through AM API status and proposed changes, stitching, shared VLANs, and questions and concerns about the new GENI Clearinghouse and portal. Thank you to everyone who participated. |
| 50 | - AM API v3 implementations are in process, |
| 51 | - We agreed to move forward with Update() as proposed on the dev mailing list, and |
| 52 | - We're hoping for an inter-rack stitching demo this Fall. |
| 53 | - We worked out a plan for naming and working with shared VLANs (like the mesoscale), and |
| 54 | - People provided several good critiques of the GENI Clearinghouse and Portal as implemented. |
| 55 | |
| 56 | === AM API === |
| 57 | |
| 58 | Aaron solicited updates from the group on the status of [wiki:GAPI_AM_API_V3 AM API v3] implementations: |
| 59 | Planetlab is well underway, ProtoGENI will be doing their implementation soon, and Orca will likely implement v3 soon after GEC15. |
| 60 | Meanwhile, Omni and the GCF AM will likely be updated in the next few months. |
| 61 | |
| 62 | ==== Action ==== |
| 63 | - All developers should work to complete their AM API v3 implementations, and keep the community updated. |
| 64 | |
| 65 | === Update() === |
| 66 | |
| 67 | We then discussed Jon Duerig's proposal for an Update() method in the AM |
| 68 | API (http://lists.geni.net/pipermail/dev/2012-July/000823.html). After a |
| 69 | brief discussion, we agreed in principle to Jon's overall proposal. We |
| 70 | still need to work through the details, but Update() may be added to the |
| 71 | AM API in version 4. |
| 72 | In detail: Ilia pointed out that in many instances slivers cannot be |
| 73 | modified without losing state. This is why Jon's proposal calls for a |
| 74 | state guarantee in the |
| 75 | manifest RSpec. We may also want some kind of default guarantee by |
| 76 | sliver type in the Ad RSpec. |
| 77 | Ilia removed his objection to Update() taking a full RSpec, as long as |
| 78 | translating the RSpec into NDL does not require a stateful translator. |
| 79 | |
| 80 | ==== Actions ==== |
| 81 | - Jon Duerig will flesh out his Update() proposal for posting on the GENI wiki |
| 82 | - All developers should read and comment on the Update() proposal |
| 83 | |
| 84 | === Stitching === |
| 85 | |
| 86 | We then moved on to [wiki:GeniNetworkStitching stitching]. First, we |
| 87 | talked about the possibility of a GENI stitching demo between rack |
| 88 | varieties. We agreed that this seems possible: probably starting with a |
| 89 | rack-to-rack demo within the GPO lab, but then perhaps a demo going |
| 90 | among RENCI, Starlight, MAX, and ProtoGENI Utah. The timing of this demo |
| 91 | depends very much on other tasks for the rack teams, and will likely be |
| 92 | after GEC15. |
| 93 | ExoGENI expects to be able to first consume but then also produce a VLAN |
| 94 | tag for stitching. Currently InstaGENI only produces tags (it cannot |
| 95 | consume). So a demo where InstaGENI produces a tag and ExoGENI consumes |
| 96 | it might be a first step. Rob believes it won't be hard for InstaGENI to |
| 97 | also be a consumer of VLAN tags. Ilia warned that there are several |
| 98 | layers of work at ExoGENI to make this work, pushing the timing for such |
| 99 | a demo into December. |
| 100 | |
| 101 | ==== Actions ==== |
| 102 | - InstaGENI will implement accepting a specified VLAN tag on a link using the stitching extension |
| 103 | - ExoGENI will implement both accepting and producing a VLAN tag for a link terminating on a particular port on some non-AM local switch |
| 104 | - We will plan a rack to rack demo within the GPO lab for November/December. |
| 105 | |
| 106 | Rob then expressed concern that the stitching workflow logic is too |
| 107 | complex to implement in every tool. We agreed there should be a library |
| 108 | or service to encapsulate this logic. This service should not actually |
| 109 | submit requests to aggregates, but only determine the order of requests, |
| 110 | and help pass tags from earlier manifests into later requests in the |
| 111 | workflow. We also noted that negotiation makes this component complex. |
| 112 | We decided that the stitching extension in the Ad RSpec should be |
| 113 | explicit about whether the aggregate can be a producer of labels, a |
| 114 | consumer, or both. Rob commented that he has a path computation service |
| 115 | he could share. Rob also suggested that such a service should have a |
| 116 | function allowing tools to pre-cache information about the sets of nodes |
| 117 | that can be connected with different kinds of connections, to simplify |
| 118 | graphical tools. |
| 119 | |
| 120 | ==== Actions ==== |
| 121 | - Rob will supply his path computation service to Tom Lehman and Aaron |
| 122 | - Tom Lehman and Xi will propose a modification to the stitching extension to advertise at each aggregate whether a given Link can produce or consume labels, or both |
| 123 | - ISI/MAX and the GPO will continue plans for a workflow library and service |
| 124 | |
| 125 | === Shared VLANs === |
| 126 | |
| 127 | There is an RSpec extension now for specifying that requested nodes |
| 128 | should be connected to a pre-existing shared VLAN |
| 129 | (http://www.geni.net/resources/rspec/ext/shared-vlan/1/). We noted that |
| 130 | the AMs do not yet support the geni.net schema location, nor the Ad |
| 131 | RSpec extension version. We then discussed common naming of shared |
| 132 | VLANs. We agreed these should be URNs, of the form |
| 133 | `urn:publicid:IDN+<authority>+vlan+<label not specific tag>`. This global |
| 134 | name may resolve into different tags at different aggregates. For |
| 135 | example, the mesoscale is not always 1750. Note that not all such shared |
| 136 | VLANs go across aggregates - some might be used to connect an aggregate |
| 137 | to the local campus. We also noted that some shared VLANs are Openflow |
| 138 | controlled in parts, but not at every switch or aggregate (like the |
| 139 | mesoscale), and others are not Openflow controlled at all. |
| 140 | |
| 141 | We discussed the utility of a shared registration and lookup service, |
| 142 | for finding these shared vlan labels, and for translating from the label |
| 143 | to the AM-local VLAN tag. The tag has a description, plus perhaps other |
| 144 | metadata. Then it has some per-aggregate data (local tag, FOAM URL if |
| 145 | applicable, etc. We agreed that for now, a global wiki to track shared |
| 146 | VLANs would be sufficient. |
| 147 | |
| 148 | We also agreed that aggregates should advertise within the shared VLAN |
| 149 | extension some extra information for each VLAN: the local FOAM URL, if |
| 150 | FOAM is required, and maybe other items. We need to add to the extension |
| 151 | attributes for that information. |
| 152 | |
| 153 | Rob then asked about what special authorization might be needed for |
| 154 | access to shared VLANs. Jeff argued that this is not necessary - this is |
| 155 | an aggregate policy question. Aggregates may have special local policies |
| 156 | for requesting such resources, but we will not try to describe that |
| 157 | policy in RSpecs. An aggregate might choose to mark up the advertisement |
| 158 | RSpec to indicate that certain resources have special access policies, |
| 159 | with perhaps a URL for more information. |
| 160 | |
| 161 | We then asked about how we allocate labels within these shared VLANs (IP |
| 162 | addresses, ether types, etc). Currently, this is coordinated via a wiki |
| 163 | page. Do we need something more formal? Rob commented that this is |
| 164 | similar to Planetlab's port number reservation problem. Sarah suggested |
| 165 | that a simple aggregate manager for allocating strings like this would be sufficient. |
| 166 | Jeff noted that this becomes particularly important when a slice wants |
| 167 | to offer a service to other slices. We also noted that if we go down the |
| 168 | SDN path (as discussed at the SDN session), then this is not a problem. |
| 169 | And currently, we don't have a problem. But if we grow a lot without the |
| 170 | proposed SDN approach, then we will need something more formal For now, |
| 171 | we agreed to table this. |
| 172 | |
| 173 | ==== Actions ==== |
| 174 | - ExoGENI and InstaGENI will modify their AMs to support the new schema location for the shared VLANs extension |
| 175 | - ExoGENI and InstaGENI will support the shared VLANs Ad extension |
| 176 | - Jon Duerig will add to the shared VLAN Ad extension information on the FOAM URL, and perhaps other attributes |
| 177 | - GPO will stand up a Shared VLANs wiki page (or similar) |
| 178 | - GPO will publish a URN for the mesoscale shared VLAN on that page |
| 179 | - ExoGENI and InstaGENI will add to that wiki other shared VLANs, and AM-local information on the mesoscale VLAN |
| 180 | |
| 181 | === Portal/Clearinghouse === |
| 182 | |
| 183 | Several people then asked questions about how authorization works in the |
| 184 | [wiki:GEC14Agenda/ClearinghouseAndPortal new portal and clearinghouse], |
| 185 | particularly with respect to proxy aggregates. No specific actions came |
| 186 | out of this discussion, but the GPO agreed to work on the concerns from |
| 187 | the community. |
| 188 | |
| 189 | The clearinghouse generates experimenter keys, and stores the |
| 190 | experimenter's private keys. The portal is a privileged client of the clearinghouse, and is authorized to |
| 191 | get your private key and act on your behalf when talking to aggregates. |
| 192 | (Experimenters may also download their certificate and key, and never |
| 193 | use the portal). In addition, the proxy aggregates that the GPO is |
| 194 | building are also privileged clients of the clearinghouse, and are |
| 195 | authorized to retrieve your keys from the clearinghouse, and act as the |
| 196 | experimenter when talking to aggregates. Jeff, Rob, and Prateek |
| 197 | expressed concerns with this approach. |
| 198 | - In the name of protecting naive users, all users are required to give up control of their private keys. There should be a way for more advanced users to retain control of their private keys - both for normal use of the Clearinghouse and AM APIs, and for use with proxy aggregates. |
| 199 | - Only tools that run local to the experimenter and are explicitly authorized by the experimenter should be able to identify themselves as the experimenter in the AM API. The portal and proxy are not local. A proxy should identify itself as a proxy. |
| 200 | - Tools that are not local to the experimenter should have their own keys. |
| 201 | - Only privileged proxies are currently supported. There should be a way for an experimenter to authorize a proxy aggregate, and for that proxy to identify the 'real' experimenter when talking to the aggregate (see http://groups.geni.net/geni/wiki/GAPI_AM_API_DRAFT?version=47#ChangeSetJ:Proxyaggregatemanagersaresupported). This requires something like a 'Speaks For' assertion, signed by the experimenter. |
| 202 | - Currently, the portal tool only works with experimenters with accounts at the GENI Clearinghouse identity provider. Rob would like it to be available to ProtoGENI users directly. |
| 203 | |
| 204 | Several solutions to these critiques were discussed, but nothing was |
| 205 | resolved. Jeff and Prateek suggested an ABAC style 'Speaks For' |
| 206 | assertion, that an experimenter could sign and grant to a tool, |
| 207 | particularly to a proxy aggregate. Rob suggested developing some |
| 208 | Javascript that could run in a browser, and could retrieve an |
| 209 | experimenters password protected private key (either from a server or a |
| 210 | local file), and sign statements on behalf of the experimenter. In |
| 211 | particular, this would allow an experimenter to sign a 'Speaks For' |
| 212 | assertion with some short expiration, without having to locally manage |
| 213 | their private key, if the experimenter doesn't want to do so. Jeff |
| 214 | suggested a button in the portal where the experimenter explicitly |
| 215 | grants permission for the proxy and/or portal to 'Speaks For' them |
| 216 | (again, with some short expiration time. |
| 217 | |
| 218 | ==== Action ==== |
| 219 | - The GPO will consider ways to address these critiques. |
| 220 | |