126 | | - Coordinated or negotiated reservations: reserving resources from aggregate B only if aggregate A can give you a complementary resource. For example, a VLAN tag. This is related to stitching, both network stitching and the more general form. |
127 | | - Two phase commit reservations (similar to the above) |
128 | | - Scheduled reservations in the future |
129 | | - Giving experimenters explicit control over when resources are started, stopped, and restarted (see the discussion on !UpdateSliver above) |
130 | | |
131 | | This change would introduce the concept of tickets, and new methods to use tickets. It requires: |
132 | | - a ticket schema |
133 | | - methods to get, redeem, split, and maybe return tickets |
134 | | - semantics for what promises a ticket provides, and what it means to redeem and return tickets |
135 | | - many other details. |
| 207 | - Giving experimenters explicit control over when resources are started, stopped, and restarted (see the discussion on !UpdateSliver). |
| 208 | |
| 209 | == Tickets semantics == |
| 210 | This proposal would add tickets to the existing AM API, allowing experimenters to reserve (hold) resources temporarily and cheaply. Tickets represent a promise to the named slice to allocate the specified resources, if the ticket is 'redeemed' while the ticket is still valid. Tickets describe a complete specification of the resources that will be allocated to the slice at this aggregate, if the ticket is redeemed. |
| 211 | |
| 212 | Some key properties of the tickets proposed here: |
| 213 | - Tickets are IOUs from an AM to a slice (not to an experimenter - no delegation is necessary or possible). |
| 214 | - Experimenters do not need to use tickets to reserve resources: existing methods without tickets still work. |
| 215 | - A ticket is a promise by the AM to give the specified resources to the slice if an authorized slice member requests them. |
| 216 | - The aggregate is saying they will not give away these resources to other slices, but only to this slice. |
| 217 | - AMs must document how firm their promises are. See the attribute {{{geni_ticket_service_class}}}. |
| 218 | - Some aggregates may only offer soft promises, as in PlanetLab. |
| 219 | - Tickets are signed by the AM: non repudiatable. |
| 220 | - Tickets are bound to a slice: they contain the slice certificate. |
| 221 | - Tickets may be passed from 1 researcher on a slice to another freely - no explicit delegation is required. |
| 222 | - Indeed, any experimenter with appropriate slice credentials can retrieve the ticket from the aggregate. |
| 223 | - Tickets may not be delegated to another slice or other entity; these tickets do not support brokers. |
| 224 | - Tickets promise a particular set of resources: they include an RSpec. Note that this may be an unbound RSpec. |
| 225 | - Note that we do not currently have unbound manifest RSpecs. For now we specify only that this is an RSpec. |
| 226 | - Tickets are good for a limited time. |
| 227 | - They must be redeemed by a specified time, {{{redeem_before}}}, after which the aggregate is free to assign the resources elsewhere. |
| 228 | - Aggregates determine {{{redeem_before}}}, which is some epsilon in the near future. |
| 229 | - Aggregates may accept a new option {{{geni_reserve_until}}} which is a request for a particular {{{redeem_before}}}, but are not required to support this. |
| 230 | - Tickets specify when the resources will be available from ({{{starts}}}, typically essentially now), and when they will be available until (typically now plus the aggregate-local default sliver expiration time). |
| 231 | - The resources may be available even longer, but that would require a separate !RenewSlivers call. |
| 232 | - Tickets specify the full final state of the slice after applying this ticket. |
| 233 | - Tickets are not incremental changes, and are not additive. |
| 234 | - The implication is that there may be only 1 ticket outstanding for a slice per aggregate. |
| 235 | - This also implies that these tickets are not suitable for use by brokers. |
| 236 | - Aggregates must attempt to honor their promises. As a result, aggregates must remember all outstanding tickets until they are redeemed or expire. |
| 237 | - All ticket related timestamps must be in the format of RFC3339 (http://www.ietf.org/rfc/rfc3339.txt) |
| 238 | - Full date and time with explicit timezone: offset from UTC or in UTC. |
| 239 | - eg: {{{1985-04-12T23:20:50.52Z}}} or {{{1996-12-19T16:39:57-08:00}}} |
| 240 | |
| 241 | == Ticket contents == |
| 242 | Tickets have an ID, the certificate of the slice to whom the resources are promised, an RSpec representing the promised resources, several timestamps, other attributes, and a signature by the aggregate (including the aggregate's certificate). |
| 243 | |
| 244 | Tickets are externally represented as signed XML documents following the [http://www.w3.org/TR/xmldsig-core/ XML Digital Signatures specification]. |
| 245 | |
| 246 | Tickets contain: |
| 247 | - {{{owner_gid}}} = the certificate of the experimenter who requested the ticket |
| 248 | - {{{target_gid}}} = slice certificate |
| 249 | - {{{uuid}}} |
| 250 | - Unique ID for the ticket, in the hexadecimal digit string format given in [http://www.ietf.org/rfc/rfc4122.txt RFC 4122] |
| 251 | - {{{expires}}} - RFC3339 compliant Date/Time when the resources will no longer be yours per this reservation (eg sliver duration+now) |
| 252 | - {{{redeem_before}}}: RFC3339 compliant Date/Time when you must redeem this reservation, or your resources will be returned to the available pool (eg now+epsilon) |
| 253 | - {{{starts}}} - RFC3339 compliant Date/Time when the resources will be yours, per this reservation (eg now) |
| 254 | - RSpec (not specified as request or manifest) |
| 255 | - Attributes (AM/resource-type specific name/value pairs) |
| 256 | - Including optionally {{{geni_state_guarantee}}} as defined below, to indicate if existing slivers will be disrupted (default is no guarantee). |
| 257 | - Including {{{geni_ticket_service_class}}} as defined below, to indicate the firmness of the promise this ticket represents |
| 258 | - signature including issuing AM's certificate |
| 259 | |
| 260 | More formally: |
| 261 | {{{ |
| 262 | { |
| 263 | owner_gid = <the certificate of the experimenter who requested the ticket>, |
| 264 | target_gid = <slice certificate, following GENI AM API certificate specification>, |
| 265 | uuid = <RFC 4122 compliant string>, |
| 266 | expires = <RFC3339 compliant Date/Time when the resources will no longer be yours per this reservation (eg sliver duration+now)>, |
| 267 | redeem_before = <RFC3339 compliant Date/Time when you must redeem this reservation, or your resources will be returned to the available pool (eg now+epsilon)>, |
| 268 | starts = <RFC3339 compliant Date/Time when the resources will be yours, per this reservation (eg now)>, |
| 269 | rspec = <RSpec (not specified as request or manifest)>, |
| 270 | attributes = { |
| 271 | geni_state_guarantee = <string>, |
| 272 | geni_ticket_service_class = <string>, |
| 273 | <others> |
| 274 | }, |
| 275 | signature |
| 276 | } |
| 277 | }}} |
| 278 | |
| 279 | Tickets may include in the {{{attributes}}} element the attribute {{{geni_state_guarantee}}}, indicating whether the AM will preserve the state of any existing resources (case insensitive string or integer). |
| 280 | - 0=NO_GUARANTEE (Default: all state ''may'' be lost) |
| 281 | - 1=SAVE_DISK (disk state will be preserved but running processes will be lost) |
| 282 | - 2=SAVE_DISK_AND_PROCESSES (both disk state and running processes will be preserved, like migrating a VM) |
| 283 | - 3=NO_DISRUPTION (no noticeable service disruption) |
| 284 | |
| 285 | Tickets should include the {{{geni_ticket_service_class}}} attribute for advertising the firmness of the promise that a ticket represents (case insensitive string or integer). |
| 286 | - FIXME: Provide definitions for these service classes. |
| 287 | - 1=WEAK_EFFORT |
| 288 | - 2=BEST_EFFORT |
| 289 | - 3=ELASTIC_RESERVATION |
| 290 | - 4=HARD_RESERVATION |
| 291 | |
| 292 | Tickets will follow a defined schema, to be published on geni.net. |
| 293 | |
| 294 | Tickets logically have a URN (not included in the ticket): {{{urn:publicid:IDN+<AM name>+ticket+<uuid>}}} |
| 295 | |
| 296 | For a similar structure in ProtoGENI, see https://www.protogeni.net/trac/protogeni/attachment/wiki/Authentication/credential.rnc |
| 297 | |
| 298 | == Methods == |
| 299 | 1. !GetTicket |
| 300 | {{{ |
| 301 | struct GetTicket (string slice_urn, string credentials[], string requestRSpec, |
| 302 | struct options) |
| 303 | }}} |
| 304 | - Get a ticket promising resources requested in the rspec. |
| 305 | - Return: ticket |
| 306 | - Result State: {{{ticketed}}} |
| 307 | - Options may include {{{geni_start_time}}} and {{{geni_end_time}}} (see below) |
| 308 | 2. !RedeemTicket |
| 309 | {{{ |
| 310 | struct RedeemTicket(string slice_urn, string credentials[], string ticket, |
| 311 | struct users[] (as in CreateSlivers), struct options) |
| 312 | }}} |
| 313 | - Return: |
| 314 | {{{ |
| 315 | { |
| 316 | string rspec=<manifest>, |
| 317 | string geni_start_time=<optional (may be omitted altogether): now if not specified>, |
| 318 | string geni_expires=<RFC3339 sliver expiration>, |
| 319 | string geni_status=<sliver state - allocated or changing or ready>, |
| 320 | string geni_state_guarantee=<promise from AM of what experimenter state will be lost on trying to 'start' this allocation>, |
| 321 | <others that are AM specific> |
| 322 | } |
| 323 | }}} |
| 324 | - Begin allocating the resources promised in the ticket. |
| 325 | - Option {{{geni_donotstart}}}: |
| 326 | - If supplied and true (boolean: 0 or 1 in XML-RPC), final state is {{{allocated}}}, and experimenter must explicitly start or restart resources using !ActOnSlivers |
| 327 | - If omitted, AM automatically starts/restarts resources, and state will be {{{changing}}} and then {{{ready}}} |
| 328 | - Omitting the ticket causes the aggregate to redeem the outstanding ticket for this slice if any. If none, return an error code. |
| 329 | |
| 330 | 3. !ReleaseTicket |
| 331 | {{{ |
| 332 | struct ReleaseTicket(string slice_urn, string credentials[], string ticket, struct options) |
| 333 | }}} |
| 334 | - Give up the reservation for resources. |
| 335 | - Return: True or error |
| 336 | - Omitting the ticket causes the aggregate to release the 0 or 1 outstanding tickets for this slice. |
| 337 | |
| 338 | 4. !UpdateTicket |
| 339 | (atomic release/get) |
| 340 | {{{ |
| 341 | struct UpdateTicket(string slice_urn, string credentials[], string requestRSpec, |
| 342 | string ticket, struct options) |
| 343 | }}} |
| 344 | - For updating a reservation in place, replacing one ticket with a new one. |
| 345 | - Return: Ticket |
| 346 | - Result State: {{{ticketed}}} |
| 347 | - Options may include {{{geni_start_time}}} and {{{geni_end_time}}} (see below) |
| 348 | |
| 349 | 5. !UpdateSlivers |
| 350 | {{{ |
| 351 | struct UpdateSlivers(string slice_urn, string credentials[], string requestRSpec, |
| 352 | struct options) |
| 353 | }}} |
| 354 | - Returns a struct: |
| 355 | {{{ |
| 356 | { |
| 357 | string ticket=<ticket> |
| 358 | string geni_status=<sliver state - ticketed>, |
| 359 | string geni_state_guarantee=<promise from AM of what experimenter state will be lost on trying to 'start' this allocation>, |
| 360 | <others that are AM specific> |
| 361 | } |
| 362 | }}} |
| 363 | - Get a promise for resources that would replace currently allocated resources, as defined in [#ChangeSetC:UpdateSlivers Change Set C]. |
| 364 | - Result State: {{{ticketed}}} |
| 365 | - Options may include {{{geni_start_time}}} and {{{geni_end_time}}}, a RFC3339 requested start and end time for the reservation (option not required). |
| 366 | - The request should Fail (return an error code) if the resources cannot be reserved from or until the requested time. |
| 367 | - The method takes a full request RSpec - not a diff. |
| 368 | - AMs may, as always, return {{{UNSUPPORTED}}} - EG if they are incapable of determining what changes to apply (computing a diff). |
| 369 | - The request is either fully satisfied, or fails (returns an error code). |
| 370 | - AMs must document the level of service they provide using levels from {{{geni_state_guarantee}}}: will any state be lost on existing resources? |
| 371 | - Default is to provide no guarantee. |
| 372 | - Experimenters may specify what level of disruption they can tolerate, using the {{{geni_state_guarantee}}} option. |
| 373 | - AMs are expected to fail a request with a specified service guarantee that they cannot satisfy. Default is to request no guarantee. |
| 374 | - For further details on the !UpdateSlivers semantics, see [#ChangeSetC:UpdateSlivers Change Set C]. |
| 375 | |
| 376 | For a similar set of functions in ProtoGENI, see: https://www.protogeni.net/trac/protogeni/wiki/ComponentManagerAPIV2 |
| 377 | |
| 378 | == Other changes to support tickets == |
| 379 | - !CreateSlivers remains the first call: do not use it to add resources to the slice. |
| 380 | - !ListResources return value changes to be: |
| 381 | {{{ |
| 382 | { |
| 383 | string rspec (ad or Manifest - may be empty though) |
| 384 | string tickets[] (required but may be an empty list) |
| 385 | } |
| 386 | }}} |
| 387 | - For !ListResources with no {{{slice_urn}}}, {{{tickets}}} shall be an empty list, and rspec shall be an ad RSpec. |
| 388 | - For !ListResources with a {{{slice_urn}}}, {{{rspec}}} is the manifest RSpec for everything belonging to that slice at this AM, if anything is currently allocated (not just a ticket). {{{tickets}}} is then any outstanding ticket(s) for this slice. |
| 389 | |
| 390 | == Scheduling support using Tickets == |
| 391 | This ticket structure and methods, with small additions, supports using tickets for scheduling. This proposal does not require support for scheduling at aggregates. |
| 392 | |
| 393 | - We are not explicitly supporting scheduling, but the timestamps here should be sufficient. |
| 394 | - !GetTicket, !CreateSlivers, !ListResources, !UpdateTicket, !UpdateSlivers all accept new RFC3339 compliant {{{geni_start_time}}} and {{{geni_end_time}}} options to support scheduling in the future. |
| 395 | - For !GetTicket and !CreateSlivers, if left out then the reservation start is 'now or really soon' and the end is start plus the default sliver duration. |
| 396 | - AMs that do not support scheduling return {{{UNSUPPORTED}}} when passed {{{geni_start_time}}}. |
| 397 | - AMs should still support {{{geni_end_time}}}, following the logic of !RenewSlivers to determine if the requested duration of the sliver is acceptable. |
| 398 | - IE at !CreateSlivers and !GetTicket and !UpdateSlivers in particular |
| 399 | - The request should Fail (return an error code) if the resources cannot be reserved until the requested time. |
| 400 | - {{{redeem_before}}} in tickets should be {{{starts}}}+epsilon. That epsilon is AM specific, but typically a small number of minutes. |
| 401 | - Multiple tickets may be outstanding for a single slice at a single AM only for non overlapping time intervals. |
| 402 | - IE you could request 2 tickets: 1 for machines 1-3 on Tuesday and simultaneously request 1 for machines 4-6 on Thursday. |
| 403 | - These options are accepted in !ListResources as well. |
| 404 | - Specifying {{{geni_start_time}}} means tell me what will be available at that time. Default is now. |
| 405 | - Specifying both {{{geni_end_time}}} and {{{geni_start_time}}} means show me only things available for that entire duration. |
| 406 | |
| 407 | == An Alternative: Provide two !UpdateSlivers methods == |
| 408 | One alternative would be to define two versions of !UpdateSlivers, with and without an intermediate ticket. The no-ticket version of this method would behave like !CreateSlivers, immediately allocating requested resources. For details on this proposal, see above. |
| 409 | |
| 410 | ----- |
| 411 | = Change Set F: Support AM and resource-type specific methods. = |
| 412 | Define the control API (the AM API) as about moving slivers through various states at an AM. |
| 413 | |
| 414 | == Motivation == |
| 415 | AM API methods logically change the state of the slivers at this AM. But the API is not clear what experimenters should expect, and does not provide easy ways for experimenters to control when and how states change. There is in particular no way to move slivers through states and change them in ways otherwise undefined by the API. |
| 416 | |
| 417 | == Change Set F1: Define Sliver States == |
| 418 | Currently the AM API defines several possible states as valid returns in !SliversStatus: {{{configuring}}}, {{{ready}}}, {{{unknown}}}, and {{{failed}}}. This change changes and expands that list of valid states, and explicitly defines the expected states after each AM API method call. Additionally, this change provides a mechanism for aggregates to supply their own states. |
| 419 | |
| 420 | The GENI AM API can be thought of as manipulating slivers. As such, each method potentially changes the state of 1 or more slivers. With the changes proposed here, several of the methods return a new {{{geni_status}}} field, whose value is one of the standard GENI sliver status values. Aggregates must use one of the standard GENI values for that return. |
| 421 | |
| 422 | {{{geni_status}}} legal values (case insensitive): |
| 423 | - {{{uninitialized}}}: This is the state before any AM-local operation for this slice. |
| 424 | - {{{ticketed}}}: The resources are reserved for the slice, but not currently provisioned for the slice. Slivers are {{{ticketed}}} after !GetTicket, !UpdateTicket, or after !UpdateSlivers. Note in particular that a slice may have some resources that are {{{ready}}} and others which are {{{ticketed}}} after an !UpdateSlivers call: we call the whole slice {{{ticketed}}} in this case. |
| 425 | - {{{allocated}}}: The sliver(s) are currently provisioned for the slice, but not necessarily fully ready for experimental use (eg, not booted). This is the state after !RedeemTicket, or after !CreateSlivers with the {{{geni_donotstart}}} option. |
| 426 | - {{{ready}}}: The resources are ready for experimental use, as in after !CreateSlivers completes any booting or starting. Similarly after !ActOnSlivers with the {{{start}}} command. Note that each of those methods starts a process that may take significant time to complete. During that time the sliver will not yet be {{{ready}}}. |
| 427 | - {{{closed}}}: When the slice was previously provisioned resources, which have now expired or been de-allocated with !DeleteSlivers, we call the sliver {{{closed}}}. Note that this state is rarely seen in practice - aggregates do not respond in this API to queries about slices that do not currently have outstanding allocations or tickets. |
| 428 | - {{{changing}}}: This is the state of a sliver in transition. For example, while a machine is booting (changing from {{{allocated}}} to {{{ready}}}). This state used to be known as {{{configuring}}}. |
| 429 | - {{{shutdown}}}: This is the state of a sliver after the Shutdown operation - the sliver is still allocated to the slice, possibly still booted and configured for the slice, but is not available for experimental use. And administrator must intervene to recover or delete the slivers. |
| 430 | - {{{failed}}}: When an operation fails leaving the sliver unusable and requiring administrative intervention, it will be marked {{{failed}}}. |
| 431 | - {{{unknown}}}: If the aggregate does not know the state of a sliver, it will be marked {{{unknown}}}. This state may be transitive, or may require an admin to recover. |
| 432 | |
| 433 | As in previous versions of this API, the state of the full set of slivers in a slice at an aggregate is a roll-up of the states of each sliver. For each of {{{ticketed}}}, {{{allocated}}}, and {{{ready}}}, the set of slivers is only in that state if all individual slivers are in that state. If any sliver is {{{shutdown}}} or {{{failed}}} or {{{changing}}} (in order of decreasing precedence), then the set of slivers is in that state. If all slivers are {{{unknown}}} or {{{closed}}}, then the slice at this aggregate is {{{unknown}}} or {{{closed}}}. |
| 434 | - If not all resources in the sliver/slice can be moved to the desired next state, then the call fails. |
| 435 | - When moving from state 1 to 2, the slice is in state 1 until all slivers are in state 2 (EG moving from {{{ticketed}}}->{{{allocated}}}). |
| 436 | |
| 437 | Aggregates are free to ''also'' return an aggregate specific status - either in an AM-specifically-named entry, or in {{{am_specific_status}}}. Such values should be thought of as sub-states within the GENI state. For example, where the GENI state might be {{{changing}}}, the AM specific state might also be {{{imaging}}} or {{{booting}}}. Methods which accept a state (!ActOnSlivers) may accept either one of the {{{geni_status}}} values, or an aggregate specific value. Aggregates must document the meaning and use of aggregate specific status values. |
| 438 | |
| 439 | State changes by method: |
| 440 | - !GetTicket: From {{{uninitialized}}} to {{{ticketed}}} |
| 441 | - !UpdateTicket: From {{{ticketed}}} to {{{ticketed}}} |
| 442 | - !ReleaseTicket: From {{{ticketed}}} to {{{uninitialized}}} (or {{{allocated}}} if this was an update) |
| 443 | - !RedeemTicket: From {{{ticketed}}} to {{{allocated}}} |
| 444 | - !CreateSlivers: From {{{uninitialized}}} to {{{allocated}}} |
| 445 | - And then to {{{ready}}} via {{{changing}}} if the {{{geni_donotstart}}} option is not supplied |
| 446 | - !UpdateSlivers: From {{{allocated}}} or {{{ready}}} to {{{ticketed}}} |
| 447 | - !DeleteSlivers: From {{{ready}}} or {{{allocated}}} (or {{{changing}}}, etc) to {{{closed}}} (not {{{ticketed}}}) |
| 448 | - Shutdown: From {{{allocated}}} or {{{ready}}} to {{{shutdown}}} |
| 449 | Note that {{{changing}}} or {{{unknown}}} may be a source state for any of these methods. Operations may fail, leaving a sliver {{{failed}}}, and operations may take time leaving a sliver {{{changing}}} for some time. |
| 450 | |
| 451 | Methods and state transitions as a picture: |
| 452 | |
| 453 | [[Image(sliver-states.jpg)]] |
| 454 | |
| 455 | {{{ |
| 456 | #!comment |
| 457 | - {{{uninitialized}}} -> (!GetTicket) -> {{{ticketed}}} (you have a ticket) |
| 458 | - and back via !ReleaseTicket |
| 459 | - {{{ticketed -> (!UpdateTicket) -> {{{ticketed}}} |
| 460 | - {{{ticketed -> (!RedeemTicket) -> {{{allocated}}} (you have slivers) |
| 461 | - {{{uninitialized}}} -> (!CreateSlivers) -> allocated and then via {{{changing}}} to {{{ready}}} |
| 462 | - {{{allocated}}} (or {{{ticketed}}} when you also have {{{allocated}}} slivers)->(!DeleteSlivers) -> {{{closed}}} |
| 463 | - {{{allocated}}} (or some {{{allocated}}} and some {{{ticketed}}}}) -> (Shutdown) -> {{{shutdown}}} |
| 464 | - {{{shutdown}}} -> [some operator action] -> {{{closed}}} or {{{allocated}}} |
| 465 | - {{{allocated}}} -> (!UpdateSlivers) -> whole is called {{{ticketed}}}, some slivers are {{{allocated}}} and some {{{ticketed}}} |
| 466 | - Some slivers {{{allocated}} and some {{{ticketed}}} -> (!UpdateTicket) -> {{{allocated}}}+{{{ticketed}}} |
| 467 | - {{{allocated}}}+{{{ticketed}}} -> (!ReleaseTicket) -> {{{allocated}}} |
| 468 | - {{{allocated}}}+{{{ticketed}}} -> (!RedeemTicket) -> {{{allocated}}} |
| 469 | }}} |
| 470 | |
| 471 | Summary of changes: |
| 472 | - {{{configuring}}} becomes {{{changing}}}, which can be used in many other cases, in returns from !SliversStatus |
| 473 | - New states {{{uninitialized}}}, {{{ticketed}}}, {{{allocated}}}, {{{closed}}}, and {{{shutdown}}} are added |
| 474 | - State transitions for each method are defined |
| 475 | - {{{am_specific_status}}} optional return defined |
| 476 | - {{{geni_status}}} is returned by !SliversStatus, !RedeemTicket, !UpdateSlivers, !CreateSlivers, and !ActOnSlivers (if all relevant change sets are adopted). |
| 477 | |
| 478 | == Change Set F2: !ActOnSlivers == |
| 479 | This change introduces a new method, providing a generic way to act on slivers in an AM or resource type specific way. This method shall be used to 'start' or 'stop' or 'restart' resources that have been allocated but not started by !CreateSlivers or !RedeemTicket. It may also be used to change the state of slivers (or their contained resources) in an aggregate or resource specific way. Some aggregates may use this method to change configuration details of allocated resources. This might include changing acceptable login keys. |
| 480 | |
| 481 | !ActOnSlivers takes a {{{command}}}, {{{urn}}}, {{{state}}}, and {{{options}}}. The method return is a struct that includes the {{{urn}}}, {{{geni_status}}} of the sliver(s), and any other AM and operation specific options. The URN may be a slice urn, meaning all slivers in that slice at this AM are effected. Or the URN may be a particular sliver URN. The {{{state}}} argument is one of the {{{geni_status}}} values, or an AM-specific value. The {{{state}}} meaning depends on the {{{command}}}, but typically indicates the desired or resulting new state of the sliver(s). If the AM wishes to return an aggregate specific sliver status, it should still return a valid {{{geni_status}}}, and use an additional entry to also return the aggregate specific state. The {{{command}}} argument is aggregate defined. This API does not specify how aggregates advertise valid commands. Three particular commands are typical however: {{{start}}}, {{{stop}}}, and {{{restart}}}. These are used when the {{{geni_donotstart}}} option is supplied to !CreateSlivers for example. |
| 482 | |
| 483 | For example, to start allocated resources: |
| 484 | {{{ |
| 485 | Arguments: |
| 486 | command = start |
| 487 | urn = <slice or sliver urn> |
| 488 | state = ready |
| 489 | options = <none required> |
| 490 | Result: |
| 491 | urn = <same as input> |
| 492 | geni_status = changing or ready on success |
| 493 | }}} |
| 494 | |
| 495 | Method signature: |
| 496 | {{{ |
| 497 | struct ActOnSlivers(string command, string credential[], string urn, string state, struct options) |
| 498 | }}} |
| 499 | |
| 500 | Return struct: |
| 501 | {{{ |
| 502 | { |
| 503 | string urn=<urn of sliver or slice>, |
| 504 | string geni_status=<new state of the slivers>, |
| 505 | <other entries specific to the AM or resources - specifically am_specific_status> |
| 506 | } |
| 507 | }}} |
| 508 | |
| 509 | = Change Set G: Credentials are general authorization tokens. = |
| 510 | == Motivation == |
| 511 | Most AM API methods take a list of credentials to authorize operations. Currently the API requires credentials in a particular format, and would disallow others, such as ABAC. |
| 512 | The API should allow for other innovative authorization tokens. |
| 513 | |
| 514 | == Make credentials more general == |
| 515 | This change modifies the credentials argument to all methods. Each credential is now defined only as a signed document. A given list of credentials may contain credentials in multiple formats. The list may be empty. A given authorization policy at an AM may require 0, 1, or many credentials. Aggregates are required to allow credentials which are not used by local authorization policy or engines, using only credentials locally relevant. |
| 516 | |
| 517 | - An AM must pick credentials out of the list that it understands and be robust to receiving credentials it does not understand. |
| 518 | - Current slice and user credentials will be recognizable for following the schema defined in [#ChangeSetK:Standardizecertificatesandcredentials Change Set K]. |
| 519 | - AMs are required to continue to accept current-format credentials. |
| 520 | - In particular, a single standard slice credential remains sufficient for most authorization policies. |
| 521 | - Other credential formats acceptable by some aggregates might include ABAC x509 Attribute certificates, eg. |
| 522 | - AMs may get other authorization material from other sources: EG a future Credential Store service. |
| 523 | |
| 524 | = Changes to existing methods = |
| 525 | Modify a few existing methods to make certain operations easier or more experimenter friendly. |
| 526 | |
| 527 | == Change Sets H&I: Misc other method changes == |
| 528 | - '''Change Set H''': A second call to !CreateSlivers without an intervening !DeleteSlivers is an error. |
| 529 | - This change just clarifies expected behavior that was left under-specified in AM API v1. |
| 530 | - !CreateSlivers takes a full Ad RSpec, it is not a way to 'add' resources. |
| 531 | - Silently replacing the existing slivers with new slivers (similar to a call to !UpdateSlivers) is not acceptable. |
| 532 | |
| 533 | - '''Change Set I1''': Add {{{geni_expires}}} to return from !SliversStatus for whole slice and then each sliver |
| 534 | - This change standardizes behavior necessary for experimenters to determine their sliver expiration times. |
| 535 | - Format is RFC3339 (http://www.ietf.org/rfc/rfc3339.txt) |
| 536 | - Full date and time with explicit timezone: offset from UTC or in UTC) |
| 537 | - eg: {{{1985-04-12T23:20:50.52Z}}} or {{{1996-12-19T16:39:57-08:00}}} |
| 538 | |
| 539 | - '''Change Set I2''': Add SSH logins/keys to each node that supports SSH login in the return from !SliversStatus |
| 540 | This change standardizes behavior so experimenters can readily find how to log in to reserved resources. |
| 541 | {{{ |
| 542 | 'users' => [{'urn' => $user1_urn. |
| 543 | 'login' => $login, |
| 544 | 'protocol' => [ssh, or ?], |
| 545 | 'port' => [22 or ?], |
| 546 | 'keys' => [...] }, |
| 547 | {'urn' => $user2_urn. |
| 548 | 'login' => $login, |
| 549 | 'protocol' => [ssh, or ?], |
| 550 | 'port' => [22 or ?], |
| 551 | 'keys' => [...] } |
| 552 | ] |
| 553 | }}} |
| 554 | |
| 555 | - A note on distinguishing !ListResources from !SliversStatus: |
| 556 | - !ListResources in the context of a slice URN is for listing the reserved resources. It provides mostly static information. (But if the manifest contains things which can change, then the manifest must change when those things (like say IP addresses) change.) |
| 557 | - !SliversStatus is for everything else: anything which the AM can change for you using API calls, or which changes over time. So it has up/down state, expiration time, and now login keys. It provides that for your whole slice at this aggregate and all contained slivers. |
| 558 | |
| 559 | - '''Change Set I3''': Return sliver expiration from !CreateSlivers |
| 560 | Experimenters currently do not know the expiration of their slivers without explicitly asking. |
| 561 | This change makes the !CreateSlivers return value become a struct: |
| 562 | {{{ |
| 563 | { |
| 564 | string rspec=<manifest>, |
| 565 | string geni_start_time=<optional (may be omitted altogether): now if not specified>, |
| 566 | string geni_expires=<RFC3339 sliver expiration, as in geni_expires from SliversStatus>, |
| 567 | string geni_status=<sliver state - allocated or changing or ready>, |
| 568 | <others that are AM specific> |
| 569 | } |
| 570 | }}} |
| 571 | |
| 572 | - '''Change Set I4''': !CreateSlivers optionally does not start resources. |
| 573 | Currently, !CreateSlivers auto starts resources, moving them from {{{allocated}}} through {{{changing}}} to {{{ready}}}. |
| 574 | - Add a new option {{{geni_donotstart}}}: |
| 575 | - If supplied and true (boolean: 0 or 1 in XML-RPC), final state is {{{allocated}}}, and experimenter must explicitly start resources using !ActOnSlivers. |
| 576 | - If omitted or false ({{{0}}}) (default), AM automatically starts resources as before, and state will be {{{changing}}} and then {{{ready}}}. |
| 577 | |
| 578 | == Change Set J: Proxy aggregate managers are supported == |
| 579 | The GENI architecture that the architecture group is developing uses a proxy aggregate to handle standardized authorization and logging. This change is necessary to make such aggregates possible. |
| 580 | |
| 581 | Proxy aggregates will be supported by having client tools delegate slice credentials to the proxy aggregate (preferably without undue work by experimenters). This delegated credential will typically be marked non-delegatable and otherwise limited where possible. Note that experimenters are trusting proxy aggregates to perform only the desired action on their slice, although the delegated slice credential would allow other actions. This trust however is no more than the trust experimenters place in other AMs. |
| 582 | |
| 583 | Clients would contact the proxy aggregate URL, having learned that the proxy's URL is the way to contact the aggregate whose resources the client wants. Then through slice credential delegation the proxy AM can apply standard AM API authorization logic to authorize the operation at the proxy AM, and the 'real AM' can receive the call from the proxy AM, and also apply standard AM API authorization logic to validate the call from the proxy AM. Some proxied aggregate implementations may accept connections only from a proxy AM. |
| 584 | |
| 585 | Two changes are required to make this possible: |
| 586 | 1. Add a new optional return entry from !GetVersion: {{{geni_is_proxy_am}}}, a boolean (0 or 1 in XML-RPC). When present and true, the aggregate is advertising that it is a proxy aggregate. Clients should delegate any slice credentials to this aggregate when making subsequent AM API calls. This API does not specify how proxy aggregates advertise their certificate, which is required for clients to delegate slice credentials to the proxy. |
| 587 | |
| 588 | 2. Define a new option {{{geni_experimenter_urn}}}. |
| 589 | - Proxy AMs will retrieve the experimenter URN from the subjectAltName of the client SSL certificate, and then supply this value in calls to the 'real AM' where the call is being redirected. |
| 590 | - Such 'real' AMs should recognize they are being invoked by a proxy AM (having received a slice credential delegated to a proxy aggregate). In that case and that case only, the AM should include this {{{geni_experimenter_urn}}} in all logs to indicate the actual experimenter being granted resources. |
| 591 | - The supplied slice credential should be a delegated credential, indicating that this 'real' experimenter was granted the required rights on this slice at some point in this chain - typically directly by the slice authority, and as the signer of the current credential delegating rights to the proxy AM. |
| 592 | |
| 593 | = Change Set K: Standardize certificates and credentials = |
| 594 | == Motivation == |
| 595 | The current AM API specifies that certificates and credentials follow a particular format, using URNs that are based on experimenter supplied names. However that specification is not sufficiently specific, and there are currently differences in implementation among existing certificate and credential producers. This has led to errors, experimenter confusion, and messy code. |
| 596 | |
| 597 | == Changes == |
| 598 | This proposal requires that certificates include a UUID and email address for the subject. |
| 599 | It codifies restrictions on usernames, sliver names, and slice names. |
| 600 | The proposal specifies that slices have a UUID to be used to identify slices in a consistent way over time (slice names may be re-used). |
| 601 | |
| 602 | Some overall points: |
| 603 | - Aggregates are expected to fail requests that use certificates or URNs or names that violate this API. |
| 604 | - Aggregates are required to consult and accept Certificate Revocation Lists in accordance with [http://tools.ietf.org/html/rfc3280 RFC 3280] and [http://tools.ietf.org/html/rfc5280 RFC 5280]. |
| 605 | - Schemas for certificates & credentials will be published on geni.net. |
| 606 | |
| 607 | Certificates: |
| 608 | - GENI uses x509v3 identity certificates to identity users, slices, aggregates, and authorities, and these restrictions apply to all such certificates. |
| 609 | - See http://groups.geni.net/geni/wiki/GeniApiCertificates. |
| 610 | - Aggregates are required to properly validate all certificates to authenticate access to AM API calls, and fail calls that supply invalid certificates. |
| 611 | |
| 612 | Certificate contents: |
| 613 | - {{{Version}}} shall be properly marked: 3 |
| 614 | - {{{serialNum}}} is required to be unique within the certificate authority: each newly issued certificate must have a unique serial number. |
| 615 | - The Distinguished Name should include a human readable identifier, for both subject and issuer. Details are not specified |
| 616 | - User (and most authority) certificates shall be marked {{{CA:TRUE}}} in the x509 v3 basic constraints; Slices shall be marked {{{FALSE}}} |
| 617 | - The Subject Alternative Name field must include 3 pieces of information |
| 618 | - Entries are comma separated ('{{{, }}}'), and may be in any order. |
| 619 | - The URN identifier, following GENI URN standards as described here: http://groups.geni.net/geni/wiki/GeniApiIdentifiers |
| 620 | - The URN is identifiable by looking for the entry beginning "{{{URI:urn:publicid:IDN}}}", for example: {{{URI:urn:publicid:IDN+emulab.net+user+stoller}}}. |
| 621 | - A UUID, providing a globally unique ID for the entity. |
| 622 | - In the hexadecimal digit string format given in [http://www.ietf.org/rfc/rfc4122.txt RFC 4122] |
| 623 | - The UUID is identified with this prefix: "{{{URI:urn:uuid}}}" (as specified by RFC4122), for example: {{{URI:urn:uuid:33178d77-a930-40b1-9469-3aae08755743}}}. |
| 624 | - The email address is an [http://tools.ietf.org/html/rfc2822#section-3.4.1 RFC2822] compliant and working address for contacting the subject of the certificate (experimenter, authority administrator, or slice owner). |
| 625 | - The email entry is identified by the prefix "{{{email:}}}", for example: {{{email:stoller@emulab.net}}} |
| 626 | - Recommendation: Authorities are encouraged but not required to include a URL where more information about the subject is available (eg slice authority registry URL). That URL may be included in a certificate extension, in the DN, or in the subjectAltName. |
| 627 | |
| 628 | Slices: |
| 629 | - Slice ID is the UUID in the slice certificate, which is unique over time and space. |
| 630 | - Slice URN is a label - unique at a point in time but not over time. |
| 631 | - Format: {{{urn:publicid:IDN+<SA name>+slice+<slice name>}}} |
| 632 | - Slice names are <=19 characters, only alphanumeric plus hyphen (no hyphen in first character): {{{'^[a-zA-Z0-9][-a-zA-Z0-9]+$'}}} |
| 633 | - Aggregates are required to accept any compliant slice name and URN. |
| 634 | - Note that this currently causes problems at PlanetLab/SFA aggregates, where node login names are based on slice names and are limited to 31 characters. |
| 635 | |
| 636 | Slivers: |
| 637 | - Have a URN (returned in manifest RSpec), determined by the aggregate. |
| 638 | - This URN should be unique over time within an AM for record-keeping / operations purposes. |
| 639 | - Format: {{{urn:publicid:IDN+<AM name>+sliver+<sliver name>}}} |
| 640 | - Sliver names |
| 641 | - Must be unique over time within that AM, and are selected by the AM. |
| 642 | - May use only alphanumeric characters plus hyphen. |
| 643 | |
| 644 | Usernames: |
| 645 | - Usernames (user identifiers to the system) are set at the authority. |
| 646 | - Usernames are case-insensitive internally, though they may be case-sensitive in display. |
| 647 | - EG {{{JohnSmth}}} as a display name is {{{johnsmth}}} internally, and there cannot also be a user {{{JOHNSMTH}}}. |
| 648 | - Usernames should begin with a letter and be alphanumeric or underscores - no hyphen or '.': ({{{'^[a-zA-Z][\w]+$'}}}). |
| 649 | - Usernames are limited to 8 characters. |
| 650 | |
| 651 | = Change Set L: Change SFA credentials' privileges = |
| 652 | Our goal is to simplify and standardize privilege strings. Currently there are wildcards, bind, embed, and others. They are confusing. We also want extensibility to use these credentials elsewhere in future. |
| 653 | |
| 654 | Credentials should support these kinds of operations: |
| 655 | - Learn about the slice |
| 656 | - Add/Modify/Delete resources in the slice |
| 657 | - Read slice details like I&M? |
| 658 | - Use the slice |
| 659 | - Operator shutdown |
| 660 | |
| 661 | Proposal - Replace all existing privileges with only the following possible strings (case insensitive): |
| 662 | - {{{CanWrite}}} |
| 663 | - If present in a valid slice credential, aggregates may permit !CreateSlivers, !RenewSlivers, !DeleteSlivers, Shutdown, plus new methods !ActOnSlivers, !UpdateSlivers, !GetTicket, !RedeemTicket, !UpdateTicket, !ReleaseTicket |
| 664 | - Thus it replaces {{{bind}}}, {{{embed}}}, {{{control}}}, {{{instantiate}}}, {{{sa}}}, {{{pi}}}, or {{{*}}} in various places |
| 665 | - {{{CanRead}}} |
| 666 | - If present in a valid slice credential, aggregates may permit !ListResources with a {{{slice_urn}}}, !SliversStatus |
| 667 | - Thus it replaces {{{info}}} or {{{*}}} in various places |
| 668 | - {{{CanReadDetails}}} |
| 669 | - {{{CanUse}}} |
| 670 | |
| 671 | Note that those last 2 may never get used, but are there in case I&M or opt-in make those useful. |
| 672 | |
| 673 | Note also that operators who wish to shut down a slice would need a slice credential with the {{{CanWrite}}} privilege. |
| 674 | |
| 675 | Privilege and credential semantics are defined as follows: |
| 676 | - Aggregates may only grant access to a method if at least one valid credential |
| 677 | - grants the required privilege (if any) |
| 678 | - to the caller of the API method |
| 679 | - (identified by their SSL client certificate and the {{{owner_gid}}} in the credential) |
| 680 | - over the slice (if any) on which they are operating |
| 681 | - ({{{target_gid}}} in the credential). |
| 682 | - Other privileges may be present in the same or other credentials. |
| 683 | - Local aggregate policy may deny access to a particular method even in the presence of a valid credential granting the required privilege. |
| 684 | - Some operations (e.g. !GetVersion) may either simply require a valid credential with no particular privilege, or have no {{{credentials}}} argument at all. |
| 685 | |
| 686 | Note also that some current AMs do not require any particular privileges to do !ListResources, even with a {{{slice_urn}}}. This change explicitly requires that aggregates require a valid slice credential with {{{CanRead}}} privileges to perform this operation. |
| 687 | |
| 688 | ----- |
| 689 | = Changes Not Included = |
| 690 | == RSpec changes resulting in GENI v4 RSpecs == |
| 691 | - Support unbound manifests |
| 692 | - Make manifest an extension of Request, so you can readily edit & resubmit a manifest |
| 693 | - Make configuration information in request and manifest optional, so it can be supplied/returned separately |
| 694 | - Fully implement the compute ontology from Ilia |
| 695 | - Ilia's other requests (Openflow related information) |
| 696 | - Document process for updates per my dev list email |
| 697 | - Be consistent: ref vs idref vs href |
| 698 | - Include AM name/URL in RSpecs? Experimenter who allocated it URN? |
| 699 | - Incorporate stitching extension as part of the 'base' RSpec |
| 700 | |
| 701 | == Misc == |
| 702 | |
| 703 | - Split !ListResources with {{{slice_urn}}} from !ListResources without. !ListResources with {{{slice_urn}}} we call Resolve(slice_urn). |
| 704 | - Add {{{geni_credential_types}}} to !GetVersion return? |
| 705 | - Add {{{geni_am_info}}} block to !GetVersion return (name, id, url, location, description, is_proxy, proxy: {(a geni_am_info block)}, proxy_for[] (list of geni_am_info blocks)) |
| 706 | - Define a new option {{{geni_am_id}}} for all methods. Proxy AMs may use this ID to look up the URL of the real AM, and pass the call along. |
| 707 | - Instead just encode this am_id in the URL that the experimenter accesses, so that the proxy AM knows where to direct the call. |
| 708 | - Allow the update methods to take a generic rspec argument, allowing AMs to accept full or diff RSpecs |
| 709 | - Tickets |
| 710 | - Remove requestor certificate? |
| 711 | - Support brokers: Make ticket methods return multiple tickets. Define tickets as optionally diffs (additive). Make !RedeemTicket and !UpdateTicket take a list of tickets. Tickets are delegatable via signing, but the delegated ticket must be for a strict subset of the resources in the original. |
| 712 | |
| 713 | == Stitching == |
| 714 | AMs must support the stitching extension where Layer 2 connections are available, |
| 715 | - including in ads, requests, and manifests. |
| 716 | - Advertise available VLANs, attempt to honor requested VLANs, reserve VLANs with tickets, and report reserved or instantiated VLANs in manifests |
| 717 | - Use schema http://hpn.east.isi.edu/rspec/ext/stitch/0.1/stitch-schema.xsd |
| 718 | |
| 719 | ---- |
| 720 | = Change summary - method signatures = |
| 721 | If all change sets listed here are adopted, the final method signatures will be as follows: |
| 722 | |
| 723 | == !GetVersion == |
| 724 | {{{ |
| 725 | struct GetVersion([optional: struct options]) |
| 726 | }}} |
| 727 | |
| 728 | Return struct: |
| 729 | {{{ |
| 730 | |
| 731 | { |
| 732 | int geni_api; |
| 733 | struct geni_api_versions { |
| 734 | URL <this API version #>; # value is a URL, name is a number |
| 735 | [optional: other supported API versions and the URLs where they run] |
| 736 | } |
| 737 | array geni_request_rspec_versions of { |
| 738 | string type; |
| 739 | string version; |
| 740 | string schema; |
| 741 | string namespace; |
| 742 | array extensions of string; |
| 743 | }; |
| 744 | array geni_ad_rspec_versions of { |
| 745 | string type; |
| 746 | string version; |
| 747 | string schema; |
| 748 | string namespace; |
| 749 | array extensions of string; |
| 750 | }; |
| 751 | } |
| 752 | }}} |
| 753 | |
| 754 | == !ListResources == |
| 755 | {{{ |
| 756 | struct ListResources(string credentials[], struct options) |
| 757 | }}} |
| 758 | |
| 759 | Where options include: |
| 760 | {{{ |
| 761 | { |
| 762 | boolean geni_available; |
| 763 | boolean geni_compressed; |
| 764 | string geni_slice_urn; |
| 765 | struct geni_rspec_version { |
| 766 | string type; |
| 767 | string version; |
| 768 | }; |
| 769 | string geni_start_time; |
| 770 | string geni_end_time; |
| 771 | } |
| 772 | }}} |
| 773 | |
| 774 | Return struct: |
| 775 | {{{ |
| 776 | { |
| 777 | rspec (ad or Manifest - may be empty though) |
| 778 | tickets[] (required but may be an empty list) |
| 779 | } |
| 780 | }}} |
| 781 | |
| 782 | == !GetTicket == |
| 783 | {{{ |
| 784 | struct GetTicket (string slice_urn, string credentials[], string requestRSpec, |
| 785 | struct options) |
| 786 | }}} |
| 787 | |
| 788 | Options include {{{geni_start_time}}} and {{{geni_end_time}}} |
| 789 | |
| 790 | Return: ticket |
| 791 | |
| 792 | == !UpdateTicket == |
| 793 | {{{ |
| 794 | struct UpdateTicket(string slice_urn, string credentials[], string requestRSpec, |
| 795 | string ticket, struct options) |
| 796 | }}} |
| 797 | |
| 798 | Options include {{{geni_start_time}}} and {{{geni_end_time}}} |
| 799 | |
| 800 | Return: ticket |
| 801 | |
| 802 | == !RedeemTicket == |
| 803 | {{{ |
| 804 | struct RedeemTicket(string slice_urn, string credentials[], string ticket, |
| 805 | struct users[], struct options) |
| 806 | }}} |
| 807 | |
| 808 | Options include {{{geni_donotstart}}} |
| 809 | |
| 810 | Return struct: |
| 811 | {{{ |
| 812 | { |
| 813 | string rspec=<manifest>, |
| 814 | geni_start_time=<optional (may be omitted altogether): now if not specified>, |
| 815 | geni_expires=<RFC3339 sliver expiration>, |
| 816 | string geni_status=<sliver state - allocated or changing or ready>, |
| 817 | string geni_state_guarantee=<promise from AM of what experimenter state will be lost on trying to 'start' this allocation>, |
| 818 | <others that are AM specific> |
| 819 | } |
| 820 | }}} |
| 821 | |
| 822 | == !UpdateSlivers == |
| 823 | {{{ |
| 824 | struct UpdateSlivers(string slice_urn, string credentials[], string rspec, |
| 825 | struct options) |
| 826 | }}} |
| 827 | |
| 828 | Options include {{{geni_start_time}}} and {{{geni_end_time}}} |
| 829 | |
| 830 | Return struct: |
| 831 | {{{ |
| 832 | { |
| 833 | string ticket=<ticket> |
| 834 | string geni_status=<sliver state - ticketed>, |
| 835 | string geni_state_guarantee=<promise from AM of what experimenter state will be lost on trying to 'start' this allocation>, |
| 836 | <others that are AM specific> |
| 837 | } |
| 838 | }}} |
| 839 | |
| 840 | == !ReleaseTicket == |
| 841 | {{{ |
| 842 | struct ReleaseTicket(string slice_urn, string credentials[], string ticket, struct options) |
| 843 | }}} |
| 844 | |
| 845 | Return: boolean |
| 846 | |
| 847 | == !CreateSlivers == |
| 848 | {{{ |
| 849 | struct CreateSlivers(string slice_urn, |
| 850 | string credentials[], |
| 851 | string rspec, |
| 852 | struct users[], |
| 853 | struct options) |
| 854 | }}} |
| 855 | |
| 856 | Options include: |
| 857 | {{{ |
| 858 | { |
| 859 | boolean geni_donotstart (optional), |
| 860 | string geni_start_time <datetime> (optional), |
| 861 | string geni_end_time <datetime> (optional) |
| 862 | } |
| 863 | }}} |
| 864 | |
| 865 | Return struct: |
| 866 | {{{ |
| 867 | { |
| 868 | string rspec=<manifest>, |
| 869 | geni_start_time=<optional (may be omitted altogether): now if not specified>, |
| 870 | geni_expires=<RFC3339 sliver expiration, as in geni_expires from SliversStatus>, |
| 871 | string geni_status=<sliver state - allocated or changing or ready>, |
| 872 | <others that are AM specific> |
| 873 | } |
| 874 | }}} |
| 875 | |
| 876 | == !RenewSlivers == |
| 877 | {{{ |
| 878 | struct RenewSlivers(string urn, |
| 879 | string credentials[], |
| 880 | string expiration_time, |
| 881 | struct options) |
| 882 | }}} |
| 883 | Return: boolean |
| 884 | |
| 885 | == !SliversStatus == |
| 886 | {{{ |
| 887 | struct SliverStatus(string slice_urn, string credentials[], struct options) |
| 888 | }}} |
| 889 | |
| 890 | Return: |
| 891 | {{{ |
| 892 | { |
| 893 | string geni_urn: <sliver URN> |
| 894 | string geni_status: ready |
| 895 | geni_expires: <datetime of expiration> |
| 896 | struct geni_resources: [ { geni_urn: <resource URN> |
| 897 | geni_status: ready |
| 898 | geni_expires: <datetime of individual sliver expiration> |
| 899 | geni_error: ''}, |
| 900 | { geni_urn: <resource URN> |
| 901 | geni_status: ready |
| 902 | geni_expires: <datetime of individual sliver expiration> |
| 903 | geni_error: ''} |
| 904 | ] |
| 905 | } |
| 906 | }}} |
| 907 | |
| 908 | Where for individual resources this block may be returned: |
| 909 | {{{ |
| 910 | 'users' => [{'urn' => $user1_urn. |
| 911 | 'login' => $login, |
| 912 | 'protocol' => [ssh, or ?], |
| 913 | 'port' => [22 or ?], |
| 914 | 'keys' => [...] }, |
| 915 | {'urn' => $user2_urn. |
| 916 | 'login' => $login, |
| 917 | 'protocol' => [ssh, or ?], |
| 918 | 'port' => [22 or ?], |
| 919 | 'keys' => [...] } |
| 920 | ] |
| 921 | }}} |
| 922 | |
| 923 | == !ActOnSlivers == |
| 924 | {{{ |
| 925 | struct ActOnSlivers(string command, string credentials[], string urn, string state, struct options) |
| 926 | }}} |
| 927 | |
| 928 | Return struct: |
| 929 | {{{ |
| 930 | { |
| 931 | string urn=<urn of sliver or slice>, |
| 932 | string geni_status=<new state of the slivers>, |
| 933 | <other entries specific to the AM or resources - specifically am_specific_status> |
| 934 | } |
| 935 | }}} |
| 936 | |
| 937 | == !DeleteSlivers == |
| 938 | {{{ |
| 939 | struct DeleteSlivers(string urn, string credentials[], struct options) |
| 940 | }}} |
| 941 | |
| 942 | Return: boolean |
| 943 | |
| 944 | == Shutdown == |
| 945 | {{{ |
| 946 | struct Shutdown(string slice_urn, string credentials[], struct options) |
| 947 | }}} |
| 948 | |
| 949 | Return: boolean |