Changes between Version 1 and Version 2 of wish-list

Show
Ignore:
Timestamp:
07/21/11 11:09:16 (8 years ago)
Author:
chase (IP: 152.3.68.8)
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • wish-list

    v1 v2  
    1 = Cosmic Wish List of Features = 
     1This list can serve as a basis for planning/prioritizing work going forward.   It starts at an attempt at an exhaustive list (July 2011). 
     2 
     3== Administration and robustness == 
     4 * reset inventory delegations at the broker: forget old delegations, or try to renew them 
     5 * AM full restart or hard reset: clean the substrate, and reissue delegations.  Rejects old tickets and leases? 
     6 * AM full restart: how to rebuild delegations? 
     7 * slice reclamation on AM and broker: time out an empty slice 
     8 * remoting the management interface 
     9 * SM query/discovery of reservations in the slice; poll/request lease status 
     10 * AM query interfaces: slices per user, leases per slice, identify by IP or vlan 
     11 * GMOC monitoring feed: faithful AMs publish an asynchronous stream "feed" of sliver create/renewal notifications to ST. 
     12 
     13== Features to test, verify, cleanup, document ==  
     14 * extension packages 
     15   * AM side: handlers for new resource types 
     16   * SM side: controller/handler/view 
     17 * SM controller classes and interfaces 
     18 * SM *side handler and stitching, e.g., for elastic Condor 
     19 * pushbutton Euca site deploys with NDL cookbook, including IP connectivity, canned xCAT images, etc. 
     20 * Error reporting/logging from NDL processors 
     21 * error reporting/logging from handlers 
     22 * error reporting distinguishes authorization failure vs. resource limit vs. internal error vs. user error 
     23 * Ticket validation, including signature failure and oversubscription, and rejection path 
     24 * Ticket rejection and cleanup at SM and broker 
     25 * Stitch token validation 
     26 * Multiple pools and multiple delegations per pool on an AM; register through portal 
     27 * Failed renewal and cleanup in SM 
     28 * Full SM *side slice abort (e.g., due to partial failure) 
     29 * broker renews delegations 
     30 * broker absorbs updated delegations 
     31 * AM probe detects resource failure, updates containing lease 
     32 * interdomain path computation across multiple brokers 
     33 * group allocation 
     34 * openflow handler 
     35 
     36== Advance reservations == 
     37 * Resource counts/vectors and integration with controller calendars and SM/broker policy for SPARQL (e.g., VLAN tag tracking) 
     38 * broker-based advance reservations in conjunction with inter-domain stitching 
     39 * auto-launch at the reservation time 
     40 * scheduling of a group allocation around the bottleneck resource 
     41 
     42== Interoperability == 
     43 * PG as an aggregate: requires new handler and PG cert pass-through from XMLRPC controller.  Wait for PG-ABAC? 
     44 * GUSH (in progress with Jeannie Albrecht) 
     45 
     46== Representations == 
     47 * NDL requests and manifest using the new edge standard.  Propertylist cleanup and doc 
     48 
     49== Broker resource policies: wish list == 
     50 * generic web view for admin approval of slices and reservations 
     51 * broker resource menu with fixed prices and budgets 
     52 * attribute-based shares or quotas, with policy plugin view to manipulate them 
     53 * congestion pricing 
     54 * stackable broker policies 
     55 * euca instance size selection (small/medium/large properties/handlers) 
     56 * map global type attributes specified by SM into candidate pool IDs (site selection) 
     57 * VM placement (site selection) based on data location  
     58 
     59== Identity management and portal == 
     60 * multi-user web portal with per-slice access control, requester ID in outgoing requests, proper authtoken slamming 
     61 * shib: needed the user ID registered locally to get in on the web portal. 
     62 * users can upload certs, which are stored indexed by user 
     63 
     64== Enhancements to ABAC-based authorization (when integration is complete) == 
     65 * per-site policies: ACLs by idp.attribute (test case: RENCI cluster) 
     66 * signed security attributes on images transported by Image Proxy 
     67 * GMOC back door: attribute-based authorization for slice shutdown  
     68 * SA module and/or actor 
     69 
     70== Handler infrastructure == 
     71 * Config handler invocation: threadpool, synchronization, and new scripting support 
     72 * modify() entry point 
     73 * sliver restart as example of modify 
     74 * two-pass stitching and dynamic stitching  
     75 * dynamic interposition/withdrawal of perfsonar  
     76 * handler-driven sliver stitching: storage volume create/attach  
     77 * small/medium/large (independent of broker policy) 
     78 * in-progress additions to handler catalog: EBS, sunfish storage, xcat, I2/ION 
     79 
     80== Extensions to staged core workflow == 
     81 * controllers as a separate stage 
     82 * auth checks as a separate stage 
     83 * resourceSet and below as a separate stage 
     84 
     85== Pushbutton slices/demos == 
     86 * Hadoop 
     87 * elastic Condor w/local DAGman 
     88 * triangle and/or star, intradomain and interdomain cases 
     89 * Harold's three-tier cloudscale 
     90 * netfence 
     91 
     92== Ideas to discuss == 
     93 * integrate puppet configuration service to AM 
     94 * integrate nagios monitoring service to AM 
     95 * move inter-domain path computation into the broker 
     96 * broker pollicy for bin-packing computons (small/medium/large) 
     97 * multiple SMs per slice: SM owner per-reservation, not per-slice 
     98 
     99== proposed new component: secure image repo with simple web interface == 
     100 * content-addressable fetch by HTTP and bittorrent (by any ImageProxy that knows URL and hash) 
     101 * generate/retire a random token to allow a user to request approval to put images in the repo 
     102 * user form to request approval to put images in the repo: requires access token 
     103 * admin interface to approve image put, set storage quota for image elements, generate random image token 
     104 * put image or update image, named by image token (server generates/checks hashes) 
     105 * images optionally discoverable and browsable by short description, if allowed by user 
     106 * we need to keep three maps: user tokens to image tokens, image tokens to image elements and storage consumed, and content hashes to their objects 
     107