Changes between Version 120 and Version 121 of GAPI_AM_API_DRAFT


Ignore:
Timestamp:
03/27/14 14:08:03 (10 years ago)
Author:
Aaron Helsinger
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GAPI_AM_API_DRAFT

    v120 v121  
    523523
    524524== Change Set T: Long Lived Slices ==
     525This proposal provides a way to support long running experiments that require slices and resource reservations with long lives. This proposal requires changes to Slice Authorities and aggregates.
     526
    525527This topic was raised at the [wiki:GEC18Agenda/CodingSprintTutoring#SessionSummary GEC18 Coding Sprint].
    526528
     529The original proposal would add a new privilege to existing slice credentials meaning that the SA says reservations in this slice should be 'long', with the meaning (length of reservation) up to individual aggregates.
     530
    527531Other proposals have been surfaced, including having aggregates sign credentials to users rather than the SA.
    528532
    529533The topic was later discussed at GEC19. The proposal described below was agreed to in principle, with details to be specified.
    530  
    531 This proposal provides a way to support long running experiments that require slices and resource reservations with long lives. This proposal requires changes to Slice Authorities and aggregates.
    532534
    533535'''Proposal''':
    534536
    535 Augment existing slice credentials to add a new possible privilege value `longlived` that means that the issuing Slice Authority (SA) believes that the given slice should be allowed to have an extra long reservation. The proposal does not specify how the SA decides to include this privilege. Requesting a credential for such a slice results in a slice credential that adds this privilege.
    536 
    537 Aggregates must accept slice credentials that include the new privilege and understand that a privilege value of `*` does not include this privilege. When an aggregate receives a slice credential that includes this privilege, the aggregate should allow resources in this slice to be renewed beyond the usual maximum resource reservation lifetime at that aggregate. However, the maximum expiration time for the resources remains subject to local aggregate policy. Also note that resource expiration must still be limited by the expiration of the supplied slice credential.
    538 
    539 Using an extension to the slice credential schema, the SA may specify the number of maximum number of days that the resource should be renewed for. That is, on initial allocate/create sliver the resource should expire after that number of days, and on renew the resource should be renewed until the minimum of the requested date, the slice expiration, and the current date plus the # of days in the slice credential. The extension: http://www.protogeni.net/resources/credential/ext/policy/1/policy.xsd
    540 
    541 Note that AMs may issue special credentials using the same schema to slices or users and honor these, at their own discretion.
    542 
    543 This change requires aggregates to accept and handle these new credentials.
     537Use the `extensions` field of the existing slice credential schema, to add an extension specifying the number of days that reservations in this slice should be good for. The presence of this extension in the credential indicates that the issuer believes that when receiving this credential in a `createsliver` or `renew` or `provision` request, the aggregate should reserve the requested resources for the given number of days (up to the slice expiration as usual), independent of typical local AM policy or resource specific policy. Aggregate local policy will determine what the aggregate actually allows, but policy for a specific GENI federation may require aggregates to follow this extension when found in a slice credential issued by the federation slice authority.
     538The proposal does not specify how the issuer decides to include this privilege extension. Requesting a credential for such a slice results in a slice credential that adds this privilege.
     539
     540Credentials containing this extension will typically be issued by the slice authority as the single slice credential, retrieved by clients requesting a slice credential. Aggregates are free to issue their own similar credentials, that only they are likely to honor.
     541
     542At an aggregate honoring this extension, on initial `provision`/`createsliver` the resource should expire after the minimum of the slice expiration and now+the number of days specified in the credential. On `renew` the resource should be renewed until the minimum of the requested date, the slice expiration, and the current date plus the # of days in the slice credential.
     543
     544The extension for specifying this: http://www.protogeni.net/resources/credential/ext/policy/1/policy.xsd
     545
     546This change requires aggregates to accept and handle these new credentials when issued by a trusted authority.
    544547
    545548== Change Set U: Scheduling ==