WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] Re: Re: [RFC] Xend XML-RPC Refactoring

from [Daniel Veillard] [Permanent Link][Original]
To: Anthony Liguori <aliguori@xxxxxxxxxx>
Subject: Re: [Xen-devel] Re: Re: [RFC] Xend XML-RPC Refactoring
From: Daniel Veillard <veillard@xxxxxxxxxx>
Date: Sun, 12 Mar 2006 16:49:07 -0500
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Sun, 12 Mar 2006 21:50:03 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <pan.2006.03.12.20.28.18.25390@xxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <A95E2296287EAD4EB592B5DEEFCE0E9D40AA27@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <440E204B.1070402@xxxxxxxxxx> <20060311205510.GH13877@xxxxxxxxxxxxxxxxxxxxxx> <20060311213657.GM346@xxxxxxxxxx> <20060311222053.GA5963@xxxxxxxxxxxxxxxxxxxxxx> <20060312095701.GC22089@xxxxxxxxxx> <pan.2006.03.12.17.41.50.752016@xxxxxxxxxx> <20060312182940.GG22089@xxxxxxxxxx> <pan.2006.03.12.20.28.18.25390@xxxxxxxxxx>
Reply-to: veillard@xxxxxxxxxx
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.4.1i 
On Sun, Mar 12, 2006 at 02:28:24PM -0600, Anthony Liguori wrote:
> Does this sound sane?  This has been my long term vision for how
> things ought to work.  One could actually implement xend-remote pretty
> easily right now.  Of course, I'm flexible and open to alternatives.

  It's Sunday, it's late, I think I understand your viewpoint (especially
after the exchange on IRC). Still it decouples completely authentication
and right checking from the API. And I feel like we are trying to create
a solution which may not be adequate.
  I really feel of rights over Xen operations to best reflected by
tokens or capacities to use the old term. For me to create a domain
on a node then you need the capacity for that node, as a result you
get a capacity for that domain. Now once you have the capacity for the
domain you can pause/unpause/save or reduce its resource allocations.
To list domains you don't need a capacity. To shudown/destroy a domain
you need the node or domain capacity. To migrate a domain to a new node
you need both the domain and remote node capacities, etc ...
  So I really think of the authentication and security checkings in 
a very different model a priori than what you are suggesting, maybe 
the model I would like to see is just too complex, or doesn't fit
the tools available. That's probably why using a separate controller
which is unlikely to understand the API and auth at the pure connection
layer feels strange too me. I find that way too coarse, while at the
same time probably expensive to run.
  I certainly need to think more about this, other should probably
tell me how wrong I am too, that should not block going forward with
the current plan anyway :-)

Daniel

-- 
Daniel Veillard      | Red Hat http://redhat.com/
veillard@xxxxxxxxxx  | libxml GNOME XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] 3.0.2 imminent, Ian Pratt
Next by Date:  [Xen-devel] See Xen in action, Michael Lessard
Previous by Thread:  [Xen-devel] Re: Re: [RFC] Xend XML-RPC Refactoring, Anthony Liguori
Next by Thread:  Re: [Xen-devel] [RFC] Xend XML-RPC Refactoring, Anthony Liguori
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy