X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=TODO;h=31aaa6a831d1dc92ec05d8bf0024a2b90128fc5b;hb=refs%2Fheads%2Fbranch-0.9-14;hp=8fe5762190fa64b7fc1babfd72b2d168456d94cd;hpb=5b70fc0d85bd3d401e4ca1994477636aa7e7102d;p=sfa.git diff --git a/TODO b/TODO index 8fe57621..31aaa6a8 100644 --- a/TODO +++ b/TODO @@ -1,29 +1,51 @@ --GetTicket -* sm, am only -* sm calls getticket on am and merges resulting tickets into 1 ticket - -- sfa-clean-peer-records -* modify resolve to support a list of hrns -* resolve a list of peer hrns instead of each hrn individally - -- sfi remove, if removing a site, remove any record that site is an an authority for - -- routing sm calls +- Tag +* test rpm build/install + +- Trunk +* test federation +* test sub authority import and federation + +- Client + * update getNodes to use lxml.etree for parsing the rspec + +- Stop invalid users +* a recently disabled/deleted user may still have a valid cred. Keep a list of valid/invalid users on the aggregate and check callers against this list + +- Component manager + * GetGids - make this work for peer slices + * GetTicket - must verify_{site,slice,person,keys} on remote aggregate + * Redeem ticket - RedeemTicket/AdminTicket not working. Why? + * install the slice and node gid when the slice is created (create NM plugin to execute sfa_component_setup.py ?) + +- Registry +* move db tables into db with less overhead (tokyocabinet?) + +- GUI/Auth Service + * develop a simple service where users auth using username/passord and + receive their cred + * service manages users key/cert,creds + * gui requires user's cred (depends on Auth Service above) + +- SM call routing * sfi -a option should send request to sm with an extra argument to specify which am to contact instead of connecting directly to the am (am may not trust client directly) -- make registry more generic -* support interface managers -* support generic registry records (dont depend on postgres! object db?) +- Protogeni +* agree on standard set of functon calls +* agree on standard set of privs +* on permission error, return priv needed to make call +* cache slice resource states (if aggregate goes down, how do we know what + slices were on it and recreate them? do we make some sort of transaction log) + -- checking support for conventional ssl (creating a shared keypair for the request) +Questions +========= +- SM/Aggregate +* should the rspec contain only the resources a slice is using or all resources availa and mark what the slice is using. - Initscripts on sfa / geniwrapper +* should sfa have native initscript support or should we piggyback off of myplc? +* should this be in the rspec -- Geni identification on nodes -* nodes pk stored in /etc/sfa/nodekey -* slice's gid and nodes gid stored in all slices (/etc/sfa/slicegid, /etc/sfa/nodegid) -- Fully integrate SOAP (need to throw either soap or xmlrpc exceptions depending on the client) -- unit tests