Difference between revisions of "Resource Management for the gCube Model"
Manuele.simi (Talk | contribs) |
Manuele.simi (Talk | contribs) |
||
| Line 14: | Line 14: | ||
* managing resources within a context according to the [[Facet_Based_Resource_Model#gCube_Model|'''gCube Resource Model''']]. | * managing resources within a context according to the [[Facet_Based_Resource_Model#gCube_Model|'''gCube Resource Model''']]. | ||
| − | + | ||
== Design requirements == | == Design requirements == | ||
| + | === On the deployment === | ||
* The service has to be stateless. Multiple instances will be deployed behind a HAProxy. | * The service has to be stateless. Multiple instances will be deployed behind a HAProxy. | ||
* The service has to be able to manage more than one context (a.k.a. scope). In principle, we will deploy just one set of instances of the service (behind the proxy) to manage the infrastructure context, the VOs, and VREs. However, it should also be possible to deploy one instance for a specific VO. | * The service has to be able to manage more than one context (a.k.a. scope). In principle, we will deploy just one set of instances of the service (behind the proxy) to manage the infrastructure context, the VOs, and VREs. However, it should also be possible to deploy one instance for a specific VO. | ||
* A new instance of the service can be added at any time to the set of instances already deployed without manual configuration of the new instance or changes to the configuration of the pre-existing ones. | * A new instance of the service can be added at any time to the set of instances already deployed without manual configuration of the new instance or changes to the configuration of the pre-existing ones. | ||
| + | |||
| + | === On the interaction with other components === | ||
| + | The Resource Management software is expected to deliver its operations by collaborating with the following components: | ||
| + | |||
| + | * [[Information_System_Resource_Registry | Resource Registry]] and its client libraries to add/remove/edit/merge contexts and their resources. | ||
| + | * Authorization Service | ||
| + | * VHN Manager | ||
| + | |||
| + | It is expected that a portlet is built atop the Resource Management (and integrates with its client library) to request the operations. | ||
| + | |||
| + | === On the context it operates === | ||
| + | |||
| + | Considering that each token is bound to a single context, while the Resource Management needs to work across contexts, the interactions with the Resource Registry have to be trusted because of the caller identity. I.e. the RR allows the Resource Management to do whatever it wants just because of its identity and regardless the context attached to the call. We would need to set up new policies for this authZ. | ||
| + | |||
| + | The service token with its identity of the Resource Manager service is obtained by the local SmartGears lib when the webapp with the service is activated by the container. | ||
| + | |||
| + | |||
== Related documentation == | == Related documentation == | ||
Revision as of 04:46, 10 November 2017
This component is under development.
Role and Responsibilities
Resource Management refers to a set of software components revolving around the Resource Manager service. They are collectively responsible for delivering the following operations:
- creating contexts
- moving, editing, merging, deleting contexts
- managing resources within a context according to the gCube Resource Model.
Design requirements
On the deployment
- The service has to be stateless. Multiple instances will be deployed behind a HAProxy.
- The service has to be able to manage more than one context (a.k.a. scope). In principle, we will deploy just one set of instances of the service (behind the proxy) to manage the infrastructure context, the VOs, and VREs. However, it should also be possible to deploy one instance for a specific VO.
- A new instance of the service can be added at any time to the set of instances already deployed without manual configuration of the new instance or changes to the configuration of the pre-existing ones.
On the interaction with other components
The Resource Management software is expected to deliver its operations by collaborating with the following components:
- Resource Registry and its client libraries to add/remove/edit/merge contexts and their resources.
- Authorization Service
- VHN Manager
It is expected that a portlet is built atop the Resource Management (and integrates with its client library) to request the operations.
On the context it operates
Considering that each token is bound to a single context, while the Resource Management needs to work across contexts, the interactions with the Resource Registry have to be trusted because of the caller identity. I.e. the RR allows the Resource Management to do whatever it wants just because of its identity and regardless the context attached to the call. We would need to set up new policies for this authZ.
The service token with its identity of the Resource Manager service is obtained by the local SmartGears lib when the webapp with the service is activated by the container.
