[Planetlab-devel] opening up GetSliceTicket()

Jeannie Albrecht jalbrecht at cs.ucsd.edu
Wed May 30 10:33:02 EDT 2007 

Yes, Plush used to use the info in slices.xml to figure out what nodes
are associated with each slice.  However we have started using
multiple XML-RPC calls to the new PLC API instead, and that seems to
be working so far.  SWORD, however, does not work with the new API.

In Plush, users are required to enter their PLC username and password
so that Plush can make calls to the API on their behalf.  In SWORD, we
don't require the PLC password, which means we can no longer filter
out nodes that aren't assigned to a particular slice when performing
resource discovery.

Jeannie

On 5/29/07, Marc E. Fiuczynski <mef at cs.princeton.edu> wrote:
> We need to revisit what info is exposed via slices.xml and then figure
> out a way to expose those parts used by various services/people via the
> API.  I believe the plush folks are using info in slices.xml to know
> which nodes are associated with a given slice. Not sure what else folks
> use slices.xml for.
>
> Marc
>
> Steve Muir wrote:
> > slices.xml allowed anybody to get information about any slice, but i
> > think it was generally agreed, at least at Princeton, that that
> > shouldn't be formally made part of the API (i mean that in a broader
> > sense than just the XML-RPC API) i.e., it could go away at anytime.
> > no-one ever complained about their slice info being public, but the
> > argument was that once you state that it is always publicly available
> > then you are committed to making it so, and there may be future
> > circumstances where that is not desirable.  on the other hand, enough
> > services used slices.xml that it probably became a de facto part of the
> > API and so removing access to it would have been practically and/or
> > politically difficult.
> >
> > prohibiting anonymous calls to GetSliceTicket() only address part of the
> > question: can i still get a ticket for anybody's slice or just my own?
> > is there a reason why i should, or need to, be able to get information
> > about arbitrary slices?  if you don't support it now i wouldn't add it.
> >
> >
> >
> > On Fri, 25 May 2007, David E. Eisenstat wrote:
> >
> >> On Fri, 25 May 2007, Stephen Soltesz wrote:
> >>
> >>> Hey, David,
> >>>
> >>> I have questions just for clarification.
> >>>
> >>> What distinguishes a slice that is called 'delegated' from a slice
> >>> that is called 'plc-instantiated'?
> >>
> >> PLC and NodeManager behave differently depending on a slice's
> >> instantiation. If the instantiation is 'plc-instantiated', PLC will
> >> advertise the slice only to nodes to which it has been added. If it is
> >> delegated, it will tell all nodes about the slice. NodeManager will
> >> automatically instantiate all slices with instantiation
> >> 'plc-instantiation' that PLC has told it about. It will instantiate
> >> slices with instantiation 'delegated' only when someone calls Create()
> >> for it.
> >>
> >> The reason all nodes find out about a delegated slice is that the new
> >> NodeManager must have an indication from PLC that PLC knows about the
> >> slice before it will instantiate.
> >>
> >>> You say that a ticket doesn't 'allow the bearer to do anything they
> >>> couldn't otherwise do.' I understand this as: in both cases there is
> >>> existing mechanism for instantiating the slice regardless of how the
> >>> slice info gets to NM.
> >>
> >> Right, and the ticket grants no rights to control the mechanism,
> >> except possibly advancing when it acts by up to 15 minutes (or
> >> whatever the polling interval is).
> >>
> >>> If there is more to delegation than this, I want to find out more. If
> >>> this is the essential distinction, then 'delegated' or 'PLC
> >>> instantiated' is just another slice attribute, right?  Is it treated
> >>> differently than this today?
> >>
> >> Instantiation is actually part of the slice table proper, but yes,
> >> what I've said above is the extent of what this attribute controls.
> >> Delegation in PlanetLab also covers performing PLC/NodeManager API
> >> calls on someone else's behalf, which is not the subject of this thread.
> >>
> >>> Does anyone with history have insight into whether anyone complained
> >>> about slices.xml (public slice info)?
> >>
> >> Killing slices.xml was Mark Huang's idea as much as anyone else's, and
> >> I got the impression that his motivation was to have all access to PLC
> >> go through the API, rather than a particular security incident/concern.
> >>
> >> In any case, Larry vetoed anonymous GetSliceTicket() calls, so this is
> >> perhaps a moot point.
> >>
> >> -David
> >>
> >> _______________________________________________
> >> Devel mailing list
> >> Devel at lists.planet-lab.org
> >> https://lists.planet-lab.org/mailman/listinfo/devel
> >>
> >
> > _______________________________________________
> > Devel mailing list
> > Devel at lists.planet-lab.org
> > https://lists.planet-lab.org/mailman/listinfo/devel
>
>
> _______________________________________________
> Devel mailing list
> Devel at lists.planet-lab.org
> https://lists.planet-lab.org/mailman/listinfo/devel
>
>

More information about the Devel mailing list