[Planetlab-devel] opening up GetSliceTicket()

Marc E. Fiuczynski mef at CS.Princeton.EDU
Tue May 29 21:21:21 EDT 2007 

We need to revisit what info is exposed via slices.xml and then figure 
out a way to expose those parts used by various services/people via the 
API.  I believe the plush folks are using info in slices.xml to know 
which nodes are associated with a given slice. Not sure what else folks 
use slices.xml for.

Marc

Steve Muir wrote:
> slices.xml allowed anybody to get information about any slice, but i 
> think it was generally agreed, at least at Princeton, that that 
> shouldn't be formally made part of the API (i mean that in a broader 
> sense than just the XML-RPC API) i.e., it could go away at anytime.  
> no-one ever complained about their slice info being public, but the 
> argument was that once you state that it is always publicly available 
> then you are committed to making it so, and there may be future 
> circumstances where that is not desirable.  on the other hand, enough 
> services used slices.xml that it probably became a de facto part of the 
> API and so removing access to it would have been practically and/or 
> politically difficult.
> 
> prohibiting anonymous calls to GetSliceTicket() only address part of the 
> question: can i still get a ticket for anybody's slice or just my own?  
> is there a reason why i should, or need to, be able to get information 
> about arbitrary slices?  if you don't support it now i wouldn't add it.
> 
> 
> 
> On Fri, 25 May 2007, David E. Eisenstat wrote:
> 
>> On Fri, 25 May 2007, Stephen Soltesz wrote:
>>
>>> Hey, David,
>>>
>>> I have questions just for clarification.
>>>
>>> What distinguishes a slice that is called 'delegated' from a slice 
>>> that is called 'plc-instantiated'?
>>
>> PLC and NodeManager behave differently depending on a slice's 
>> instantiation. If the instantiation is 'plc-instantiated', PLC will 
>> advertise the slice only to nodes to which it has been added. If it is 
>> delegated, it will tell all nodes about the slice. NodeManager will 
>> automatically instantiate all slices with instantiation 
>> 'plc-instantiation' that PLC has told it about. It will instantiate 
>> slices with instantiation 'delegated' only when someone calls Create() 
>> for it.
>>
>> The reason all nodes find out about a delegated slice is that the new 
>> NodeManager must have an indication from PLC that PLC knows about the 
>> slice before it will instantiate.
>>
>>> You say that a ticket doesn't 'allow the bearer to do anything they 
>>> couldn't otherwise do.' I understand this as: in both cases there is 
>>> existing mechanism for instantiating the slice regardless of how the 
>>> slice info gets to NM.
>>
>> Right, and the ticket grants no rights to control the mechanism, 
>> except possibly advancing when it acts by up to 15 minutes (or 
>> whatever the polling interval is).
>>
>>> If there is more to delegation than this, I want to find out more. If 
>>> this is the essential distinction, then 'delegated' or 'PLC 
>>> instantiated' is just another slice attribute, right?  Is it treated 
>>> differently than this today?
>>
>> Instantiation is actually part of the slice table proper, but yes, 
>> what I've said above is the extent of what this attribute controls. 
>> Delegation in PlanetLab also covers performing PLC/NodeManager API 
>> calls on someone else's behalf, which is not the subject of this thread.
>>
>>> Does anyone with history have insight into whether anyone complained 
>>> about slices.xml (public slice info)?
>>
>> Killing slices.xml was Mark Huang's idea as much as anyone else's, and 
>> I got the impression that his motivation was to have all access to PLC 
>> go through the API, rather than a particular security incident/concern.
>>
>> In any case, Larry vetoed anonymous GetSliceTicket() calls, so this is 
>> perhaps a moot point.
>>
>> -David
>>
>> _______________________________________________
>> Devel mailing list
>> Devel at lists.planet-lab.org
>> https://lists.planet-lab.org/mailman/listinfo/devel
>>
> 
> _______________________________________________
> Devel mailing list
> Devel at lists.planet-lab.org
> https://lists.planet-lab.org/mailman/listinfo/devel

More information about the Devel mailing list