[openstack-dev] [Neutron] Service Type Framework implementation

Salvatore Orlando sorlando at nicira.com
Tue Jul 9 20:15:49 UTC 2013


Some comments inline.

Salvatore


On 9 July 2013 21:58, Eugene Nikanorov <enikanorov at mirantis.com> wrote:

> Nachi,
>
> I think that dynamic loading/preloaded modules/REST api analogs of nova
> flavor is a bit too forward looking in comparison to what I'm trying to
> solve right now with existing patch.
>

Besides, the real issue with this approach is that neutron would be lending
itself to any sort of security exploit. I am not a security expert, so feel
free to disagree if you want.
I would just prefer to not see dynamic loading of python modules of values
which are stored in the db; not in this release, not in the next one.


>
> I think what really matters is how service providers are referenced from
> other resources.
>
> 1) From logic perspective service provider could be referenced by
> (service_type, name) as it's unique primary key.
> 2) From data normalization perspective it's better (and more convenient)
> to have an unique ID in resource provider model.
>

Adding another primary key were you already identified a couple of
attributes which are a primary key is actually, from what I recall from my
studies, de-normalization.
Sorry, this was just pedant me talking. Feel free to ignore.


> Obviously having ID works for DB implementation and doesn't work for
> in-memory implementation.
> In other words, we can't use ID if we go with in-memory implementation.
>

You could, but it would not make a lot of sense; and you would have to
store those ids somewhere anyway; so - no it's not a good idea.

When you associate an instance of a service to a provider, you might think
that the fact that they key is (type, name) will force you to use two
attributes. This would be true if you think about the corresponding E-R
model. However, in the case of the APIs we're dealing with, the resource
type itself identifies the first bit of the (type, name) pair. So one might
as well associate only the service provider name to the service instance.


> 3) From data modelling perspective it's better to have ID in service
> provider model as referencing models will be simpler and easier to maintain.
> 4) From CLI perspective it's more convenient if resource has ID, it's a
> common way of specifying resource.
>

We already clarified that for referencing items in the CLI (or horizon) we
can use either name or id. It's a consolidated practice in both of them.


> 5) From user perspective it's more convenient to specify the name of
> service provider.
> But that is usually solved either by Horizon or by cli, like it's done for
> networks/subnets where name of the object is specified.
>
> Resuming all this I see significant benefits of using ID (and hence, db
> implementation) over not using it.
> Also, I don't think storing immutable data in db is any kind of a bad
> design: it's just a storage anyway.
>

As Mark has rightly pointed out, it's generally not a great idea to store
configuration data in the db.
However in this case it is worth mentioning that the data in the db is
exactly the same as the data in the config files.


> DB storage offers better integration with other objects stored in db, and
> saves some code lines doing stuff which DB normally does.
> That lines will stack up in case we add more objects (like service
> offerings) on top of in-memory storage.
>


> Thanks,
> Eugene.
>
>
>
>
>
>
>
> On Tue, Jul 9, 2013 at 11:00 PM, Nachi Ueno <nachi at ntti3.com> wrote:
>
>> Hi Eugene
>>
>> I agree for dynamic loading is difficult to implement.
>> (mainly for security perspective)
>>
>> Salvatore looks clearly for no for dynamic loading.
>>
>> So I added another option.
>> how about have list of preloaded module in the conf?
>> and setup service type from REST API such as nova flavor api
>>
>>
>> https://docs.google.com/presentation/d/1v0nLTEsFOwWeYpYjpw4qe3QHB5lLZEE_b0TmmR5b7ic/edit#slide=id.gf14b7b30_00
>>
>> NOTE: I updated the style of doc
>>
>> Best
>> Nachi
>>
>>
>> 2013/7/9 Eugene Nikanorov <enikanorov at mirantis.com>:
>> > Hi Nachi,
>> >
>> > I agree on the future plan.
>> > However, dynamic loading/unloading of provider drivers will require
>> > additional code in service plugins, I'm not sure this will be fully
>> > supported in Havana (while I'm totally agree on implementing it)
>> >
>> > Thanks,
>> > Eugene.
>> >
>> >
>> > On Tue, Jul 9, 2013 at 3:40 AM, Nachi Ueno <nachi at ntti3.com> wrote:
>> >>
>> >> Hi Eugene
>> >>
>> >> It still not make sense for me to store static configuration on the DB
>> >> just for easy implementation.
>> >> However if the service type will support creation and deletion REST
>> >> api in future, I would like to approve this patch
>> >> as a first step of it.
>> >> You answered "I think it's doable but I'd still consider current
>> >> implementation as a first step - enikanorov. "
>> >> in the googled docs. so I believe we are in the same boat now.
>> >>
>> >> I wanna make it clear future work.
>> >>
>> >> - Service Type REST API (for admin) will add supports
>> >>   - Ceate Service Type
>> >>   - Delete Service Type
>> >>  -  Each driver users will lazy load the library if it is not loaded.
>> >>     (may be this should be implemented on service side such as FW,
>> >> LBaaS,VPN)
>> >>
>> >> - Remove service type configuration from conf
>> >>
>> >> Is this OK for you guys?
>> >>
>> >> Thanks
>> >> Nachi
>> >>
>> >>
>> >> 2013/7/8 Eugene Nikanorov <enikanorov at mirantis.com>:
>> >> > Hi neutron folks,
>> >> >
>> >> > There has been a discussion around this patch
>> >> > https://review.openstack.org/#/c/29750/ that introduces
>> configuration
>> >> > options and db table for storing service providers.
>> >> >
>> >> > The discussion is about whether we should store configuration in the
>> db
>> >> > or
>> >> > not.
>> >> > The brief of discussion has been saved here:
>> >> >
>> >> >
>> https://docs.google.com/presentation/d/1v0nLTEsFOwWeYpYjpw4qe3QHB5lLZEE_b0TmmR5b7ic/edit#slide=id.gefc32ecf_00
>> >> > Please share your thoughts on this.
>> >> >
>> >> > While we may continue to discuss the best approach to this, I'd like
>> to
>> >> > see
>> >> > the patch to be committed first (it seems to be ready) as there are
>> >> > other
>> >> > features depending on it (NSX distributed router, lbaas, fwaas and
>> >> > vpnaas
>> >> > possibly).
>> >> >
>> >> >
>> >> > Thanks,
>> >> > Eugene.
>> >> >
>> >> > _______________________________________________
>> >> > OpenStack-dev mailing list
>> >> > OpenStack-dev at lists.openstack.org
>> >> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>> >> >
>> >>
>> >> _______________________________________________
>> >> OpenStack-dev mailing list
>> >> OpenStack-dev at lists.openstack.org
>> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>> >
>> >
>> >
>> > _______________________________________________
>> > OpenStack-dev mailing list
>> > OpenStack-dev at lists.openstack.org
>> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>> >
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130709/5176a209/attachment.html>


More information about the OpenStack-dev mailing list