[[PageOutline]] = GENI Aggregate Manager API Outstanding Issues = The GENI Aggregate Manager API allows aggregates to advertise resources and to allocate resources to Slices in the form of Slivers. This page lists un-specified areas of the API, known problems, or gaps. See Also: * [wiki:GAPI_AM_API_DRAFT Draft API Revisions] proposed for the next version of this API * [wiki:GeniApi GENI API] implementation status * [wiki:GAPI_AM_API_V2 The latest API specification] == Overall Issues == 1. Add a state diagram in the [wiki:GAPI_AM_API_V2#SliverStatus SliverStatus] section to indicate that a component starts in {{{configuring}}}, can go from {{{configuring}}} to either {{{ready}}} or {{{failed}}}, and can go from {{{ready}}} to {{{failed}}}. {{{failed}}} is a terminal status. * More generally, we need to define the state of the resources before/after each operation. Diagrams help. * See [wiki:GAPI_AM_API_DRAFT#ChangeSetF:SupportAMandresource-typespecificmethods. Change Set F] 2. No way to modify a reservation at an aggregate for a slice without deleting and recreating it * Proposal: See the [wiki:GAPI_AM_API_DRAFT#ChangeSetC:UpdateSliver1 UpdateSliver proposal] 3. No way to delete or renew part of a reservation at an aggregate separate from other parts * Proposal: See the [wiki:GAPI_AM_API_DRAFT#ChangeSetD:Sliver-specificoperations Sliver specific operations proposal] 4. Method names suggest you are operating on slivers, but really you are operating on all slivers at an aggregate in a slice * Proposal: See the [wiki:GAPI_AM_API_DRAFT#ChangeSetD:Sliver-specificoperations Sliver specific operations proposal] 5. Tickets * Proposal: See the [wiki:GAPI_AM_API_DRAFT#ChangeSetE:Tickets1 Tickets proposal] 6. Define privileges required for each operation * But see the ABAC proposal and DRAFT proposal J 7. Clarify use of error codes, possibly add more detailed codes * Proposal: Add more specific error codes for credential issues, specific bad argument cases || 18 || MISSINGARGS || "Required argument(s) missing" || || 19 || OUTOFRANGE || "Requested expiration time or other argument not valid" || || 20 || CREDENTIAL_INVALID || "Not authorized: Supplied credential is invalid" || || 21 || CREDENTIAL_EXPIRED || "Not authorized: Supplied credential expired" || || 22 || CREDENTIAL_MISMATCH || "Not authorized: Supplied credential does not match the supplied client certificate or does not match the given slice URN" || || 23 || CREDENTIAL_SIGNER_UNTRUSTED || "Not authorized: Supplied credential not signed by trusted authority" || * What error code should be used for a bad RSpec version requested or used? (In !ListResources and !CreateSliver, be consistent) * 1=BADARGS, 4=BADVERSION, or 13=UNSUPPORTED? 4 seems appropriate, but maybe the semantics of BADVERSION are something else. PG does 1 * Proposal: {{{BADVERSION}}} * What error code should be used for various 'nothing found' cases? (Be consistent across !ListResources, !DeleteSliver, !SliverStatus, !Shutdown, !RenewSliver.) * Use EXPIRED? SEARCHFAILED? Other? * There never was such a slice here * Proposal: Should be same as deleted. * That slice was here but expired * Proposal: {{{EXPIRED}}} * That slice was here but is empty * That slice was here but was deleted * Proposal: Should be same as 'was never here'. * That slice was here but was shutdown 8. Should {{{am_type}}} and the RSpec {{{type}}} and prefixes for new options, etc be the same? * Should the RSpec {{{type}}} fields be the {{{am_type}}} values defined for return codes? * Remove 'openflow' as unused here? * Should it be 'sfa' or 'planetlab'? * We say that implementations should name new options or returns to avoid naming conflicts. Should we specify that prefixes are registered? * Should the prefixes be the {{{am_type}}} values * Proposal: Yes to all the above 9. We do not define the semantics of supplying a list of credentials: are they additive to accumulate privileges? Or must 1 credential supply all needed privileges? 10. Operations that return false: what does that really mean? Not an error but ??? == !GetVersion Issues == 1. Are clients required to supply a valid/trusted certificate? IE must servers authenticate users? PL currently does not do this. 2. {{{schema}}} and {{{namespace}}} fields in the RSpec versions return elements are marked as optional, but included in minimal examples. Should the fields be required but values are optional? Or is it legal for an AM to not include those tags at all? == !ListResources Issues == 1. Since v1 we have said that if there are no resources attached to this slice at the aggregate, an empty RSpec should be returned. Do all AMs do this? * Or should we change this to use an error code, more clearly distinguishing between errors, successfully reserving nothing, etc? 2. PG uses BADARGS instead of BADVERSION. OK? * Proposal: Change to {{{BADVERSION}}} 3. PG does not use BUSY, SERVERERROR, UNAVAILABLE, EXPIRED - OK? * Proposal: probably - up to them 4. Is the manifest RSpec required to be static, and always the same as that originally returned by !CreateSliver? Or might it change as AM-internal state changes? == !CreateSliver Issues == Note this method gets removed by change sets proposed for version 3. 1. Define the behavior if you call !CreateSliver twice for the same slice. PG says you return REFUSED. !PlanetLab accepts it though. What about {{{ALREADYEXISTS}}}? || `REFUSED` || Slice already exists; must be deleted first (ie you called !CreateSliver twice without a !DeleteSliver in between) || * Proposal: {{{ALREADYEXISTS}}} * But see also the new Allocate and Provision methods proposed 2. Define the behavior if the AM can only give you some of what you requested * Proposal: {{{TOOBIG}}}? 3. Define status of sliver(s) immediately on success of this method (need a diagram?) * See Change Set F 4. Define how many sliver(s) this creates * See Change Set D 5. Note there is no way to see the expiration time of your resources * Proposal: include in manifest * See instead Change Sets I and M 6. Point to restrictions on slice names, sliver names? * Min 3 characters? * Max? 19? More? * Only characters in set: {{{'^[a-zA-Z][-\w]+$'}}} ? * See Change Set K == !DeleteSliver Issues == Note this method changes with proposals for version 3. 1. What is failure (return false) as opposed to an Error? * Define status (relative to !SliverStatus or ...) of the sliver(s) after success, failure, or error. Diagram? * Proposal: get rid of the false return - it should be true or error 2. What happens to resources if your credential expires? Does the AM delete them for you? * Proposal: AM deletes them for you - de-allocates the resources. (Required? Or may?) 3. If there was never a slice here, or you already deleted your resources at this AM, does the AM return true or false? * Proposal: True, indicating all resources (none) have been freed. == !SliverStatus Issues == See changes proposed for version 3 which address these. 1. Are the {{{configuring}}}, {{{ready}}}, etc strings case-sensitive? * Proposal: no 2. Further specify what kinds of things go in specific {{{geni_resources}}} vs the whole 3. Further specify what kinds of things this method might optionally additionally include and still be consistent with the intent 4. Document the convention on specifying expiration time: should it be required? * Proposal: Yes == !RenewSliver Issues == 1. All resources indicated by the supplied URN should be renewed to the given time, or else the entire call should fail. We don't specify that currently. * Proposal: Add that requirement * See `geni_best_effort` 2. Specify the behavior if you fail to renew and the reservation expires * Proposal: AM deletes the reservation, de-allocates the resources. (Required? May?) 3. Specify the behavior if you try to renew past the life of your credential(s). * Proposal: Fails with {{{OUTOFRANGE}}} 4. Specify the behavior if there are no local resources in that slice 5. Is it legal to try to 'renew' your sliver until earlier than the previous expiration time, shortening your reservation? Some aggregates at least allow this now. * Proposal: This is legal. Aggregates should support this, but that support is not required. == Shutdown Issues == 1. What is the state of resources after this? Startable? Is there a procedure for this? * Proposal: Not restartable, not de-commissioned, not reservable, not accessible by the experimenters * See proposals for version 3 2. What happens if you call this twice? 3. What happens if the slice has nothing local? 4. What does a false return mean? * Proposal: Drop that as valid: return true or an error