I agree. Here is a starter list of high level issues: - architecture modularity . core . resource management . gui/api . operational metrics and logging . component templating - security model - database independence/abstraction - language independence - storage implementation (user and image) - virtualization management - future extensibility - experimental development branch
I'm working on a summary of security model issues. The idea behind the vcl security model is to list and encapsulate each of the components, objects, roles, etc in the architecture so that most any security model can be implemented instead of locking the project into a particular security model (although we'll have to start with one model). Currently, the security model is undefined and 'hard-wired' into the architecture. This greatly limits the ability for vcl to be deployed into new environments with different security policies or to adapt to future security policies in currently deployed environments. More on this later. Please feel free to jump in on a topic. There is lots to discuss. John Bass john_b...@ncsu.edu www.sosi.ncsu.edu www.cnl.ncsu.edu (919) 515-0154 On Thu, May 14, 2009 at 3:40 PM, Josh Thompson <josh_thomp...@ncsu.edu>wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I really think that before any more implementation design work is done > toward > long term restructuring, a lot of high level discussion and design work > needs > to be done. It causes a fractured community if a few people in the > community > decide to redesign large parts of the codebase without having discussions > about it on this list. > > Josh > > On Thursday May 14, 2009, Andrew Brown wrote: > > I've just made a clarification on the vcl experimental architecture > > document: > > > > In regards to the core's frontend API interface about values including > > image_id, ticket_id, and so fourth, the frontend needs to map which > > resource manager corresponds to those values, but they may or may not be > > unique. To solve this, it needs to be paired with its resource manager > id. > > Here's how that will work: > > > > "Above" the core, i.e. in communication with a frontend, values such as > > image_id and ticket_id will be a tuple: (resource_manager_id, actual_id) > > > > "Below" the core, i.e. in communication with a resource manager, these > > values will be just a single integer. > > > > This way the core won't need to keep some kind of mapping (which wouldn't > > work anyways since the ids are only unique to a single resource manager) > > nor will it need to poll all resource managers for the right one. The > > frontend will be responsible for passing both values back to the core. > > -Andrew > - -- > - ------------------------------- > Josh Thompson > Systems Programmer > Virtual Computing Lab (VCL) > North Carolina State University > > josh_thomp...@ncsu.edu > 919-515-5323 > > my GPG/PGP key can be found at pgp.mit.edu > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFKDHO3V/LQcNdtPQMRAnZyAJ9zI+/qLJmqFiqKETNdIU2vgJ2/PwCeLbSp > Q/0EoJ3rssbEgdUAEjc6yIQ= > =5H1g > -----END PGP SIGNATURE----- >
