[glue-wg] New class and attributes for GLUE 2.1/cloud extensions

stephen.burke at stfc.ac.uk stephen.burke at stfc.ac.uk
Fri Oct 13 09:51:30 EDT 2017 

glue-wg [mailto:glue-wg-bounces at ogf.org] On Behalf Of Baptiste
> Grenier said:
> The names should be quite self explanatory, please let me know if you
> need any clarification.

A few comments ...

> * GLUE2CloudComputingEndpointAuthentication
>  * EndpointAuthentication_t
>    * New type
>    * Mandatory
>    * Open enumeration
>      * Default Values: X509-VOMS, OIDC ?
>  * Replacing:
>    * GLUE2EntityOtherInfo : Authn=X509-VOMS

It's arguable that this should go into the base Endpoint definition as it's potentially useful for anything - although in that case it couldn't be mandatory as that would make all existing objects invalid. If it is mandatory you should probably have a NONE option or similar. Also is anything else needed? For the standard X509 case Endpoint has IssuerCA and TrustedCA, could other authn types need anything more? One other thing, X509-VOMS seems an odd value here since VOMS is about authorization (already covered by the Policy class) and not authentication. 

> * GLUE2CloudComputingImageDescription
>   * New type
>   * Mandatory
>   * String
>   * Replacing:
>     * GLUE2EntityOtherInfo: description:Image for TinyCoreLinux

It seems slightly odd for a text description to be mandatory.

> * GLUE2CloudComputingImageNetworkInput /
> GLUE2CloudComputingImageNetworkOuput
>   * Used to represent communication ports used/required/exposed by the
> image
>   * Custom objectClass: NetworkTraffic
>   * Optional
>   * Can be specified multiple times
>   * Replacing:
>     *  GLUE2EntityOtherInfo traffic-in:XXXXX
>     *  GLUE2EntityOtherInfo traffic-out:XXXXX

This is missing a data type and a clear definition.

>       * NetworkTrafficProtocol_t:
>         * Custom type
>         * Mandatory
>         * Closed enumeration
>           * Values: all, tcp, udp, cmp, ipsec

Is that certain to be an exhaustive list?

>       * NetworkTrafficType_t:
>         * Custom type
>         * Mandatory
>         * Closed enumeration
>           * Values: inbound, outbound

TrafficDirection rather than Type? Never bidirectional?

>       * NetworkTrafficRange_t:
>         * Custom type
>         * Mandatory
>         * String
>         * Example (default?): 0.0.0.0/0

AddressRange rather than just Range?

>       * NetworkTrafficPort_t:
>         * Custom type
>         * Mandatory
>         * String
>         * Example: 443

Single valued or multivalued? Can it be a range or just a single port? If the latter why a string?

Stephen

More information about the glue-wg mailing list