| | 1 | |
|---|
| | 2 | |
|---|
| | 3 | (Originally from Main.DavidJohnson's bas:~johnsond/planetlab/peering.notes.) |
|---|
| | 4 | |
|---|
| | 5 | |
|---|
| | 6 | Here's some stuff on the peering model. The basic model is shared DB state at |
|---|
| | 7 | the XMLRPC API level. All PLC peers share a database schema (well, they don't |
|---|
| | 8 | have to, but I'm sure they will to avoid modifying the API implementation!). |
|---|
| | 9 | Shared state is not transitive. For instance, if you have PLCs A, B, |
|---|
| | 10 | and C, and (A,B) and (B,C) are pairs, B knows nearly everything (i.e., things |
|---|
| | 11 | like user passwords are not shared between peers) about A's and C's |
|---|
| | 12 | users and user keys, slices, and nodes. Thus B can add A's and C's users to |
|---|
| | 13 | B's nodes that are part of slices created on A or C. C knows about A's objects |
|---|
| | 14 | (i.e., persons, keys, slices, nodes) IFF C is peered with A (unless I have |
|---|
| | 15 | missed another place in the code where this is handled (but basically if C and |
|---|
| | 16 | A are not peered, C lacks the information to "resolve" A's objects as it gets |
|---|
| | 17 | them from B -- I '''think'''). There are probably a few |
|---|
| | 18 | more restrictions, but I think that captures the important stuff right now. |
|---|
| | 19 | It does not seem at all like user U who created slice S on A can go and add |
|---|
| | 20 | nodes on B's or C's websites; indeed, this would '''significantly''' complicate |
|---|
| | 21 | shared state. |
|---|
| | 22 | |
|---|
| | 23 | It seems to me that based on the current API, only admins and pis can create |
|---|
| | 24 | slices. It does not seem like PIs can grant the PI role to existing users |
|---|
| | 25 | (they can only grant lower roles, such as tech and user) to existing users (and |
|---|
| | 26 | I think this extends to approving new users as well). |
|---|
| | 27 | |
|---|
| | 28 | |
|---|
| | 29 | -- Main.DavidJohnson - 14 Nov 2007 |
|---|
