Changes between Version 13 and Version 14 of GEC22Agenda/DeveloperRoundtable


Ignore:
Timestamp:
04/02/15 13:55:31 (4 years ago)
Author:
Aaron Helsinger
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • GEC22Agenda/DeveloperRoundtable

    v13 v14  
    5656 - ?
    5757
    58 === Listresources without authorization ===
     58=== ListResources without authorization ===
    5959Currently the AM API !ListResources call requires both a valid certificate (authentication) and a user credential (authorization). To the extend to which Advertisements are not user specific, the credential is arguably not required. If we made the credential optional, then tools (with a valid and trusted GENI certificate) could pre-fetch Advertisements for use by multiple users.
    6060
     
    6363
    6464== Session Summary ==
     65At the Developer’s Roundtable there was excellent representation and participation from developers associated with many of the core GENI projects. The first and largest discussion topic was cross slice stitching. Several options were discussed and approaches were narrowed. Both ExoGENI and InstaGENI developers have paths they will investigate to expose this capability to experimenters in the near future.
     66
     67Other discussion topics included cross testbed federation, regression testing, resource queries, public resource advertisements, and advertising available bandwidth.
     68
     69=== Detailed Summary ===
     70
     71Attendees included developers representing among others ProtoGENI/InsaGENI, ExoGENI, GENI Desktop, GIMI, jFed, FOAM/VTS, GPO, and the SCS (from the University of Utah, RENCI, University of Kentucky, University of Massachusetts-Amherst, iMinds, Barnstormer Softworks, BBN Technologies, and University of Maryland / MAX).
     72
     73==== Stitch to LAN ====
     74A past topic of discussion has been the ability to stitch together LANs at 2 different aggregates into a single broadcast LAN, allowing more than one node at an aggregate to communicate out a single stitched VLAN. This capability works today in ExoGENI when reserving through the ExoSM or ExogENI APIs. '''Ilya Baldin''' of RENCI/ExoGENI says that this ability will be exposed through the GENI AM API soon.
     75
     76'''Rob Ricci''' of the University of Utah / InstaGENI sees no reason why this cannot be done at their aggregates, and will plan to make this enhancement.
     77
     78A related topic is the ability to stitch to an existing shared VLAN from outside the aggregate. However, this requires that the same VLAN tag number be available on the extrernal interface, so is unlikely to work at InstaGENI.
     79
     80Note however that you can attach nodes to an existing shared LAN.
     81
     82==== Cross Slice Stitching ====
     83
     84We next discussed cross slice stitching; connecting 2 slices at layer 2. As background, note that we have the notion of a 'shared VLAN'. This is a VLAN that gets a name and that is marked public, allowing anyone to connect to it. At InstaGENI, there is a !PerformOperationalAction to convert a newly allocated LAN into a shared VLAN.
     85
     86'''Brecht Vermeulen''' and '''Paul Ruth''' noted that currently you can allocate a VM to act as a bridge between a stitched link and a local LAN.
     87
     88'''Niky Riga''' notes that currently when you share a LAN, the bandwidth on the original LAN is not enforce on other slices that connect to the LAN. '''Rob Ricci''' replied that this is difficult to fix correctly, but they can set the bandwidth limit from the original LAN on the new connection. '''Nick Bastin''' noted that AL2S is best effort, so bandwidth settings are fairly meaningless. '''Ilya Baldin''' noted that at ExoGENI, you won't get more bandwidth than you request, but AL2S might give you less than you requested.
     89
     90We discussed support for shared VLANs at ExoGENI. Currently, ExoGENI does not offer this functionality. However, '''Ilya Baldin''' noted that ExoGENI is working on the sliver-modify function. ExoGENI will expose this as `PerformOperationalAction` (without implementing the rest of AM API version 3). With support for POA, ExoGENI can expose the ability to reboot a node (`geni_restart`), modify the bandwidth on a link, add an interface to a node, add a post boot script, etc. Additionally, this could be how ExoGENI adds support for sharing VLANs.
     91
     92'''Rob Ricci''' and '''Nick Bastin''' of Barnstormer Networks agreed on a plan to support at InstaGENI/ProtoGENI a 'restricted shared VLAN'. In this model, a "server slice" would make a call on the local aggregate to tell the aggregate that it is willing to accept "client slice" connections on a local LAN that belongs to the server slice. This is in fact just the existing !PerformOperationalAction to make a LAN into a 'shared VLAN'. The change proposed here is that the POA would add an additional option through which the client could optionally ask for a 'restricted' shared VLAN, and then the client would be required to supply a credential in !CreateSliver requests in order to make a connection to the server.
     93
     94'''Ilya Baldin''' noted that connecting 2 slices is an operation at a single aggregate, where 1 slice asks to connect to a 'server' slice, which has to authorize the connection in advance. Mechanically, the connection could be node-to-LAN or LAN-to-LAN. We noted that this can be boiled down to the client/server model Rob and Nick proposed.
     95
     96'''Proposal''': Add to the existing POA `geni_sharelan` a new option `restricted` with default value `false` (old behavior). When true, the created shared VLAN requires a new credential when requesting a connection to this new Shared VLAN.
     97The POA method will return in this case a GENI SFA credential with owner <user calling the method> and target <sliver  of the shared VLAN, or the shared VLAN in some way; contents are not specified but should be sufficient for the aggregate to authorize the call>.
     98
     99Note that shared vlan names are scoped within the AM and must be unique within the AM.
     100
     101The server slice aggregate manager (the AM at which the shared VLAN was created) should include the shared vlan (whether restricted or not) in the advertisement RSpec for the aggregate, indicating if this LAN is shared or not. To do so, we need a new attribute on the `shared-vlan` RSpec extension (or a new extension).
     102
     103'''Proposal''': add a new optional attribute to the existing `shared-vlan` extension `restricted` with type `xml:boolean` and default value `false`.
     104
     105Slices desiring to connect to this restricted shared VLAN negotiate with the service slice. The service slice must delegate the shared VLAN credential to the client slice user. Then the client slice user must include this extra credential in the call to `createsliver` or `allocate`. The aggregate therefore receives 5 key pieces of information:
     106 1. the client slice (URN is explicit argument to `createsliver`),
     107 2. the place in the client slice where the connection should be made (in the request RSpec),
     108 3. the server slice (may be in the additional credential, or else should be implicit given the owner of the shared VLAN),
     109 4. the sliver ID of the shared VLAN (either explicitly in the credential or implicitly in the name of the shared VLAN in the request RSpec), plus
     110 5. explicit authorization by the owner of the server slice that this client slice can connect to this restricted shared VLAN.
     111
     112The aggregate can then create a LAN for the client slice that connects to the specified shared VLAN, allowing traffic to flow freely between the two slices.
     113
     114Note that there could also be an additional `PerformOperationalAction` command to modify an existing 'client' slice to connect a LAN belonging to that slice to one of these 'restricted shared VLANs'. We did not specify the syntax for such an operation, but Ilya suggested ExoGENI might support such an operation.
     115
     116'''Ezra Kissel''' of Indiana University and '''Niky Riga''' of the GENI Project Office requested that there be a way to request a shared VLAN as part of the initial request RSpec. The goal is to make it easier to get a shared VLAN, but also to avoid getting 2 VMs on the same host so that the link is trivial and not sharable.
     117
     118'''Rob Ricci''' replied that while this is possible, this is a larger change and therefore not something he is willing to commit to do at this time.
     119
     120However, '''Brecht Vermeulen''' of iMinds / jFed / Fed4Fire noted that there is an InstaGENI RSpec extension that allows you to request that a link be VLAN tagged, making it a non trivial link, spreading the VMs across 2 physical hosts, forcing the link to go via the hardware switch (and therefore it can be OpenFlow controlled), but also making the link sharable.
     121
     122To use this, include
     123{{{
     124<vlan_tagging xmlns="http://www.protogeni.net/resources/rspec/ext/emulab/1" enabled="true"/>
     125}}}
     126'''Actions''':
     127 * Experiment Support will document this option in a wiki page.
     128 * Jacks should add support for this option.
     129
     130'''Marshall Brinn''' asked how a 'server' slice could identify and distinguish among the traffic from different 'client' slices, when all traffic arrives on the same shared LAN?
     131
     132'''Rob Ricci''' proposed that the aggregate manager could sign the manifest RSpec of the 'client' slice, and this could be passed to the 'server' slice. Rob proposed that the hand-off of this signed manifest would be done directly between the two slices, not mediated by the aggregate. Additionally, Rob proposed that ProtoGENI / InstaGENI would begin signing all manifest RSpecs as returned by all AM API calls. (Note that this change will need to be tested to ensure compatibility with existing tools. The XML-DSIG signature is a new child element under `rspec`, so the resulting signed XML passes `rspeclint` and can be loaded in Jacks.)
     133
     134Since this discussion, ProtoGENI has begun implementing this feature, and a formal proposal has been posted to the [http://groups.geni.net/geni/wiki/GAPI_AM_API_DRAFT GENI AM API Draft changes wiki].
     135
     136==== Cross Federation Policy and Integration ====
     137
     138There are increasing movements to formalize the relationship among the various federations and testbeds. Specifically, this includes providing mechanisms for testbeds and aggregates to apply both federation level policies (differing by which federation a user comes from) and local policy.
     139
     140'''Rob Ricci''': Eventually !CloudLab will need federation level policies - using which MA a user comes from. For now, this will be a case-by-case thing.[[br]]
     141'''Ilya Baldin''': Jeff Chase of Duke is working on more authorization policies for Orca and ExoGENI.[[br]]
     142'''Rob''': GENI funding is dwindling. GENI should stick with fixing problems we have.[[br]]
     143'''Jim Griffoen''': Local AMs should be allowed to have local policies. As the number of users grow, this may become an issue.
     144
     145'''Sarah Edwards''': There is no monitoring API to know where an experimenter has reservations.[[br]]
     146'''Heidi Dempsey''': Monitoring does this. The University of Kentucky team has added some needed pieces. We'll be trying to get that out.
     147
     148'''Decision''': No action.
     149
     150==== !ListResources without a User Credential ====
     151
     152Tools would like to tell users what resources are available where. To do so currently, requires that the tool use the user's certificate to get a user credential, with which to query the aggregates. Tools cannot get their own credential, and aggregates requires a credential (per the AM API).
     153
     154'''Rob Ricci''': We will make the user credential optional. We may even try supporting `ListResources` without a certificate.[[br]]
     155'''Ilya Baldin''': We can make the user credential optional.[[br]]
     156'''Jim Griffoen''': What about a service to store all such information?[[br]]
     157'''Ilya''': We built a service like that based on XMPP: you can subscribe to slices or AMs.
     158
     159Since then, this change to the AM API has been documented on the GENI
     160Wiki:
     161http://groups.geni.net/geni/wiki/GAPI_AM_API_DRAFT#ChangeSetAD:DonotrequireausercredentialinListResources
     162
     163'''Action''': Modify all aggregates such that `ListResources` does not require a user credential when called outside of a slice context.
     164
     165==== Advertising currently Available Bandwidth on Links ====
     166
     167One source of stitching failures is insufficient available bandwidth. If users and tools knew what bandwidth was currently available, they could tailor requests accordingly.
     168
     169'''Ilya Baldin''': Having this information in the Ad may be an issue with the RSpec converter. However, this information is relatively useless; it becomes stale almost immediately.[[br]]
     170'''Niky Riga''': This would still be better than nothing.[[br]]
     171'''Rob Ricci''': This is almost certainly something we can do.
     172
     173But the full answer is monitoring.
     174
     175'''Action''': ExoGENI and InstaGENI teams will make the actual current available bandwidth available in the Ad RSpec when the `geni_available` option is supplied to `ListResources`. This information should be updated in both the main body link and in the stitching extension.
     176
     177==== Shared VLAN Name in Manifest ====
     178
     179'''Thijs Walcarius''' of jFed/iMinds raised the issue that in the manifest for a slice whose LAN has been made shared using `PerformOperationalAction`, the shared LAN name is not present in the manifest. And this would be very useful.
     180
     181'''Rob Ricci''' replied that they would discuss this internally at InstaGENI.
     182
     183==== Regression Testing at Aggregates ====
     184
     185'''Niky Riga''' introduced the topic: In the operations session, the rack teams indicated that often they rely on experimenter bug reports to identify problems. But experimenters aren't good testing.[[br]]
     186'''Ilya Baldin''' noted that they could do good testing if they had more funding. [[br]]
     187'''Niky''': What about doing regression testing for things that we've run into before? What about using jFed testing?[[br]]
     188'''Ilya''': The # of scenarios to test is very large. We have a regression suite.[[br]]
     189'''Sarah Edwards''': Start by testing the tutorial RSpecs.[[br]]
     190'''Jim Griffoen''': Load is a problem, and is harder to test.[[br]]
     191'''Tom Mitchell''': We test using Selenium Grid.[[br]]
     192'''Heidi''': This isn't a GENI thing. And this isn't a developer specific problem. We should use jFed and the University of Kentucky. Tell us the use cases to test.[[br]]
     193'''Jim G''': There is a verification function in GENI Desktop to check interfaces. There is no script to launch the verification, but could be.
     194
     195'''Thijs Walcarius''': In jFed, if an automatic test fails for a couple days in a row we want to notify users.
     196
     197'''Decision''': GPO Experiment Support support will gather use cases, starting with their standard tutorials, and work with the jFed team to have these regularly tested, notifying key players of failures.
     198
     199==== Query Aggregate Resources ====
     200'''Aaron Helsinger''' introduced the topic.
     201
     202You can ask an aggregate for all resources, and then parse the response. Or with APIv3, you can just try your reservation and see if it works. But it would be nice to be able to let the aggregate parse it's own resource listing to find for you the resource you want. '''Marshall Brinn''' of the GPO has prototyped doing this using RDF and shown that the AM API supports this.
     203
     204'''Marshall''' asks: Is there a demand?[[br]]
     205'''Brecht''' noted: If you are dealing with simple resources, like nodes & links, then a query mechanisms is overkill. But if you start talking about different kinds of sensors, then parsing the Ad is a
     206pain. European testbeds have more special devices. This is why we're trying to do this kind of research.
     207
     208The variety of resources available in GENI may increase with time.
     209The group decided that GENI should follow what the Europeans do.
     210
     211==== Other Discussion Points ====
     212'''Update''': ExoGENI could support this if an AM API interface was put on top of their existing slice_modify and sliver_modify functionality.
     213
     214'''Sarah''': no tool supports adding resources to an existing slice. That'd be nice.[[br]]
     215'''Aaron''': Omni supports `Allocate` and `Update`, to the extent it is supported by aggregates.
     216
     217'''Hussam''': In GENI Desktop, users can add a little topology to an existing slice by doing allocate/provision/poa.
     218
     219'''Niky''': Can we update the !OpenFlow controller on a switch?[[br]]
     220'''Ilya''': We could pass the information to Flowspace Firewall.[[br]]
     221'''Heidi''': I doubt they support modifying the controller[[br]]
     222'''Ilya''': It could work if you restart the slice; I don't know the size of the disruption.
     223
     224'''Ezra Kissel''' noted that it is still hard to have standard images cross rack types. InstaGENI image requirements are complicated. Without installing InstaGENI software in the image, you don't get InstaGENI functionality.