-- URN vs HRN
-* methods should support urn or hrn arguments
-* create a module that converts urn to hrn so we can continue using
- hrn behind the scenes
-* add get_urn() method to GID object
-* urn is the standard over the wire format
+- Build/Tags
+* test rpm build/install
+
+- Stop invalid users
+* a recently disabled/deleted user may still have a valid cred. Keep a list of valid/invalid users on the aggregate and check callers against this list
+
+- Aggregate/SM
+* Why do some aggregate managers fail implement all Slice operations (delete, stop, etc)
-- Registry
-* refactor to use managers
-* update call should attempt to push updates to federated peers if
- the peer has a record for an object that is updated locally
-* api.update_membership() shoudl behave more like resolve when looking up records (attempt to resolve records at federated registeries) instead of only looking in the local registry
-* sfi remove, if removing a site, remove any record that site is an an authority for
-* support generic registry records (dont depend on postgres! object db?)
-* modify resolve() so that you can resolve more than 1 hrn at at time (list of hrns)
-
-- sfa-clean-peer-records
-* instead of resolving each peer record one by one, use one reslove call to resolve a list of hrns (requires updated registry.resolve() method)
-
-- Aggregate
-* sfa.plc.slices.verify_site() should check if site['max_slices'] needs to be updated
-* sfa.plc.slices.verify_slice() should check if slice['expires'] needs to be updated
- Component manager
-* install the slice and node gid when the slice is created (create NM plugin to execute sfa_component_setup.py ?)
+ * Redeem ticket - RedeemTicket/AdminTicket not working. Why?
+ ** This may be replaced by sfa + credentials
+ * install the slice and node gid when the slice is created (create NM plugin to execute sfa_component_setup.py ?)
-
-- SM call routing
-* sfi -a option should send request to sm with an extra argument to
- specify which am to contact instead of connecting directly to the am
- (am may not trust client directly)
+- SFI
+* Update sfi to use the new methods. I've left this for last because its been useful to make sure the old methods are forwarding the request to the new methods correctly. Once Im sure there are no more changes to be made, ill update sfi to use the new methods.
+
+- Registry
+* fix legacy credential support
+* move db tables into db with less overhead (tokyocabinet?)
+
+- GUI/Auth Service
+ * develop a simple service where users auth using username/passord and
+ receive their cred
+ * service manages users key/cert,creds
+ * gui requires user's cred (depends on Auth Service above)
+
+- Protogeni
+* agree on standard set of privs
+* on permission error, return priv needed to make call
+* cache slice resource states (if aggregate goes down, how do we know what
+ slices were on it and recreate them? do we make some sort of transaction log)
+
+
+Questions
+=========
+- SM/Aggregate
+* should the rspec contain only the resources a slice is using or all resources availa and mark what the slice is using.
- Initscripts on sfa / geniwrapper
* should sfa have native initscript support or should we piggyback off of myplc?
+* should this be in the rspec
-- Fully integrate SOAP (need to throw either soap or xmlrpc exceptions depending on the client)
-* started but not finished
-
-- error messages
-* error messages should be easier to understand
-* (failing to connect to plcapi shoudl return a helpful message, not a generic internal server error)
git://git.onelab.eu / sfa.git / blobdiff