Changes between Version 13 and Version 14 of FeddPluginCalls
- Timestamp:
- Dec 4, 2010 5:20:34 PM (14 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
FeddPluginCalls
v13 v14 3 3 Access controllers respond to a series of standard calls from the experiment controller to create local allocations. These are described in conceptual detail [FeddPluginArchitecture elsewhere on this site] and in a [http://groups.geni.net/geni/attachment/wiki/TIEDProtoGENIPlugin/TIED_CF_plugin_design_spec_v1.0.pdf document about the design of the ProtoGENI plug-in]. This section discussed the calls and their encoding for developers interested in reading and extending existing plug-in code, developers will likely want to [FeddSkelPlugin configure and play with the skeleton plug-in] when you have completed this page (or before reading it, depending on how one's neurons are arranged). 4 4 5 The interfaces are all described in xsd and SOAP, and these are easy enough to convert into python data structures [SoapToPython once you know how]. Below we describe the semantics of each call, and the tools available to plug-in writers to assist in implementation. These tools are available when plug-ins derive from [source:fedd/ trunk/federation/access.py federation.access], as [source:fedd/trunk/federation/skeleton_access.py federation.skeleton_access] is.5 The interfaces are all described in xsd and SOAP, and these are easy enough to convert into python data structures [SoapToPython once you know how]. Below we describe the semantics of each call, and the tools available to plug-in writers to assist in implementation. These tools are available when plug-ins derive from [source:fedd/federation/access.py federation.access], as [source:fedd/federation/skeleton_access.py federation.skeleton_access] is. 6 6 7 7 Each python method in the plug-in that corresponds to a plug-in interface is called with the same parameters: 8 8 9 9 * the request: a python dict representing the parameters to the call as encoded in SOAP 10 * the calling fid: a [source:fedd/ trunk/federation/fedid.py fedid object] holding the caller's identity11 12 Each method should return the python dict encoding the response or raise a [source:fedd/ trunk/federation/service_error.py service_error] containing information about the error. The service_error class contains error codes (in either the [source:wsdl/trunk/fedd_types.xsd XSD] or [source:fedd/trunk/federation/service_error.py python] definitions.10 * the calling fid: a [source:fedd/federation/fedid.py fedid object] holding the caller's identity 11 12 Each method should return the python dict encoding the response or raise a [source:fedd/federation/service_error.py service_error] containing information about the error. The service_error class contains error codes (in either the [source:wsdl/fedd_types.xsd XSD] or [source:fedd/federation/service_error.py python] definitions. 13 13 14 14 Many requests and responses include attribute/value pairs set by the experiment controller to plug-ins that understand them. They are not commonly used but do represent a lightweight extension mechanism. If a plug-in adds one to a sub-experiment description or topology element, the experiment controller generally passes it through transparently. … … 16 16 == Initialization == 17 17 18 This is not an interface from the experiment controller, but we discuss it to mention the tools available for implementors. These include routines to save state and interpret the standard parts of the [FeddDatabases#AccessComponentAccessDB access database], including specializing for testbed dependent data. The method {{{read_access(file, local_info_parser)}}} takes the file to read and a function that takes the string following the access attribute and returns the local testbed attributes, stored into the self.access dict, keyed by the [FeddAbout#GlobalIdentifiers:Three-levelNames three-name] being authorized. The {{{___init___()}}} routine of source:fedd/trunk/federation/skeleton_access.py federation.skeleton_access] includes an example of this.19 20 The base class also creates {{{self.auth}}}, which is an [source:fedd/ trunk/federation/authorizer.py authorizer object]. This object keeps track of the authorization attributes associated with the three-level names and fedids that the plug-in knows. When reading the authorization database, the base class assigns the attributes given by the attribute field of the database to the relevant names. Generally this will an '''access''' attribute tp three-level names allowed to make allocations. Other attributes can be added by the plug-in, and the authorizer used to control acces to them. The [source:fedd/trunk/federation/skeleton_access.py skeleton plug-in] includes code to do ths.21 22 In addition, the initializer of the [source:fedd/ trunk/federation/access.py federation.access] base class parses standard parameters from {{{[access]}}} section from the configuration file. The fields and corresponding class instance attributes are:18 This is not an interface from the experiment controller, but we discuss it to mention the tools available for implementors. These include routines to save state and interpret the standard parts of the [FeddDatabases#AccessComponentAccessDB access database], including specializing for testbed dependent data. The method {{{read_access(file, local_info_parser)}}} takes the file to read and a function that takes the string following the access attribute and returns the local testbed attributes, stored into the self.access dict, keyed by the [FeddAbout#GlobalIdentifiers:Three-levelNames three-name] being authorized. The {{{___init___()}}} routine of [source:fedd/federation/skeleton_access.py federation.skeleton_access] includes an example of this. 19 20 The base class also creates {{{self.auth}}}, which is an [source:fedd/federation/authorizer.py authorizer object]. This object keeps track of the authorization attributes associated with the three-level names and fedids that the plug-in knows. When reading the authorization database, the base class assigns the attributes given by the attribute field of the database to the relevant names. Generally this will an '''access''' attribute tp three-level names allowed to make allocations. Other attributes can be added by the plug-in, and the authorizer used to control acces to them. The [source:fedd/federation/skeleton_access.py skeleton plug-in] includes code to do ths. 21 22 In addition, the initializer of the [source:fedd/federation/access.py federation.access] base class parses standard parameters from {{{[access]}}} section from the configuration file. The fields and corresponding class instance attributes are: 23 23 24 24 '''cert_file''':: … … 53 53 The !RequestAccess command asks the testbed to map the [FeddAbout#GlobalIdentifiers:Three-levelNames three-level name] on the call into local permissions and to do any bookkeeping associated with later attachment of resources to that allocation. Specifically, a [http://fedd.isi.deterlab.net/trac/wiki/FeddAbout#GlobalIdentifiers:Fedids fedid] must be created. Requests from this allocation back to the central experiment controller will be made under that principal/fedid. Such requests gather configuration information or parameters passed between sub-experiments during creation. The per-allocation fedid allows fine-grained control of access to thie information at the experiment controller, as well as the ability to name (and therefore request operation on) the various allocations made on this plug-in. 54 54 55 The plug-in should add an authorization attribute to the creator of the allocation that indicates that the creator can manipulate the allocation via any of the other commands. Existing plug-ins do this by adding an attribute with the same value as the allocation's fedid to the [source:fedd/ trunk/federation/authorizer.py authorization object].55 The plug-in should add an authorization attribute to the creator of the allocation that indicates that the creator can manipulate the allocation via any of the other commands. Existing plug-ins do this by adding an attribute with the same value as the allocation's fedid to the [source:fedd/federation/authorizer.py authorization object]. 56 56 57 57 A !RequestAccess message has the following format: … … 69 69 }}} 70 70 71 The credentials are opaquely and correctly handled by the [source:fedd/ trunk/federation/access.py access controller base class]. Service requests encode the various [FeddAbout#ExperimentServices services] that the facility will be asked for in this allocation.71 The credentials are opaquely and correctly handled by the [source:fedd/federation/access.py access controller base class]. Service requests encode the various [FeddAbout#ExperimentServices services] that the facility will be asked for in this allocation. 72 72 73 73 There are also some scheduling fields that are for future expansion. The DETER experiment controller never includes them. … … 86 86 }}} 87 87 88 The response includes the fedid of the allocation and the actual services exported. Note that in the example the single '''export_project''' request has become 2 specific service exports. See the [sources:fedd/ trunk/federation/emulab_access.py emulab plug-in] for an example of how services are decoded and managed.88 The response includes the fedid of the allocation and the actual services exported. Note that in the example the single '''export_project''' request has become 2 specific service exports. See the [sources:fedd/federation/emulab_access.py emulab plug-in] for an example of how services are decoded and managed. 89 89 90 90 … … 136 136 }}} 137 137 138 That is done in all the existing plug-in code. The various plug-ins walk, alter, and write topologies in several ways, and that code is a good guide to them. The [source:fedd/ trunk/federation/topdl.py topdl source] is also available.138 That is done in all the existing plug-in code. The various plug-ins walk, alter, and write topologies in several ways, and that code is a good guide to them. The [source:fedd/federation/topdl.py topdl source] is also available. 139 139 140 140 The connection information explains how the connectivity is established between the sub-experiments. Now there are two ways to establish connections - ssh tunnels and direct transit connections. The ssh connection implies a portal in this experiment (it will be in the topology description) that will connect to the peer. Generally the port on which to communicate will be a parameter as it is here. Parameters are set using the SetValue interface, which is demonstrated in most existing plug-ins. … … 144 144 The service parameters are the same format, and for services exported from this sub-experiment often the same content, as those returned from a !RequestAccess request. 145 145 146 The connectivity and service information is particularly useful if the service and connectivity set-up is being done using [FeddAbout#TheFederationKit the DETER federation kit]. While other systems for providing this connectivity are fine, the federation kit provides a robust implementation that runs across several Unix based platforms. The [source:fedd/ trunk/federation/emulab_access.py Emulab plug-in] is a good place to look at the details of configuring the federation kit.147 148 In addition to configuring and establishing connectivity, the plug-in must convert the topology description into an embeddable topology. The [source:fedd/ trunk/federation/topdl.py topdl source] includes several conversions into different formats, including emulab ns2 and [http://www.protogeni.net/trac/protogeni/wiki/RSpec ProtoGENI RSpecs (v1.0)].146 The connectivity and service information is particularly useful if the service and connectivity set-up is being done using [FeddAbout#TheFederationKit the DETER federation kit]. While other systems for providing this connectivity are fine, the federation kit provides a robust implementation that runs across several Unix based platforms. The [source:fedd/federation/emulab_access.py Emulab plug-in] is a good place to look at the details of configuring the federation kit. 147 148 In addition to configuring and establishing connectivity, the plug-in must convert the topology description into an embeddable topology. The [source:fedd/federation/topdl.py topdl source] includes several conversions into different formats, including emulab ns2 and [http://www.protogeni.net/trac/protogeni/wiki/RSpec ProtoGENI RSpecs (v1.0)]. 149 149 150 150 While there is considerable support available, !StartSegment is the operation that is the most tricky for the plug-in developer.