[Discussion] BMI Re-designing #130
Comments
|
@ravisantoshgudimetla we can continue our discussion here. |
|
I am mostly happy with the new ideas except for the multi-tenant BMI.
We already do this and we know it's not safe to have a shared provisioning network. Since we are redesigning this I think we should focus on coming up with ways to avoid sharing a network.
If I remember correctly, @ravisantoshgudimetla had strong opinions that BMI should be doing this? Can you tell us what those are since we are discussing it here.
Absolutely, in fact there's an open PR #95 that started the work on this. I can pick up on it and push more commits to it to make it ready to merge. |
The new proposal is no different (as insecure) from the current implementation. Can you setup a meeting (regarding the security aspect) when Orran is back? I think I have some ideas about this and would like to discuss them.
In order to make BMI code modular, we will need to rewrite most of the code - I am not sure how much of such refactored code can we re-use. |
|
@henn also had some suggestions. |
|
@apoorvemohan we don't need to rewrite most of the code for the modular thing. We just need to establish interfaces and implement driver loading. Also we need to establish terminologies to avoid confusion. ( Remember the project/user argument?) |
@chemistry-sourabh Currently there are too many hard-coding's for different components (HIL, Ceph, etc.). Also, the current interfaces and code does not entirely support multi-tenancy. I think simply redefining the interfaces might not be sufficient. If we try to change the interface based on the current code then either we might end up compromising modularity or we will eventually end-up re-writing the code (but will take way more time). So I think the easiest and the fastest way would be to re-define the interfaces and write the code from scratch against them (instead of modifying existing code for the new interfaces).
Yes we need to (re)define the terminology carefully. |
|
@apoorvemohan I still don't see a need to rewrite the entire code. For the multi tenancy thing we need to update the iscsi server to support multi vlan and update the iscsi driver to accept an additional network parameter. We already have a network parameter in the pro call so no need to change anything in Picasso side. Modularity is easy to do as I thought about it and wrote code accordingly. multi tenancy will need some work in the iscsi section thats it. We will be able to reuse most of the code. Let me know if I missed anything. |
|
Related to #99 |
|
I agree with @chemistry-sourabh, we need to refactor code and moving functions here and there. |
The current implementation/abstractions are based on HIL terminology. E.g. Network name, project name etc. All such calls/functions needs to be made more generic (independent of HIL).
There is much more to modularity than just using different software iSCSI implementations. Components like data store, authentication service, provisioning service (something other than iSCSI) etc. needs to be modular. I don't think that simply moving functions here and there can make BMI modular. Having said all of this, there are many more things are yet to be discussed. |
So, I guess you are talking about the discussion that we had offline couple of weeks ago @apoorvemohan. While I agree with approach which is modular, it doesn't need a complete rewrite is what I think. Also, I want to get this discussion started with what pieces BMI should comprise of. For example:
The above are the things that I could think of and we can add more. What we need is an orchestrator piece, the one that is currently in operations.py which will drive all these services. |
|
Aren't image management service and object store same in our case ? |
Nope, what I meant by object store is a database kind of system to store meta-data. I should have been clear on that. Let me update the comment. |
New BMI Requirements:
BMI's Capabilities:
The text was updated successfully, but these errors were encountered: