| 1 | % |
|---|
| 2 | % Copyright (c) 2006 XenSource, Inc. |
|---|
| 3 | % |
|---|
| 4 | % Permission is granted to copy, distribute and/or modify this document under |
|---|
| 5 | % the terms of the GNU Free Documentation License, Version 1.2 or any later |
|---|
| 6 | % version published by the Free Software Foundation; with no Invariant |
|---|
| 7 | % Sections, no Front-Cover Texts and no Back-Cover Texts. A copy of the |
|---|
| 8 | % license is included in the section entitled |
|---|
| 9 | % "GNU Free Documentation License" or the file fdl.tex. |
|---|
| 10 | % |
|---|
| 11 | % Authors: Ewan Mellor, Richard Sharp, Dave Scott, Jon Harrop. |
|---|
| 12 | % |
|---|
| 13 | |
|---|
| 14 | \section{To-Do} |
|---|
| 15 | |
|---|
| 16 | Lots and lots! Including: |
|---|
| 17 | |
|---|
| 18 | \subsection{Clarity} |
|---|
| 19 | |
|---|
| 20 | \begin{itemize} |
|---|
| 21 | |
|---|
| 22 | \item Roll constructors and get\_by\_uuid etc (section 1.2) into section 2 so |
|---|
| 23 | that it is clearer that each class has these. |
|---|
| 24 | |
|---|
| 25 | \item Emphasise that enums are strings on the wire, and so are not restricted |
|---|
| 26 | to a certain number of bits. |
|---|
| 27 | |
|---|
| 28 | \item Clarify return values, in particular that void means return a status |
|---|
| 29 | code, potential error description, but otherwise no value. |
|---|
| 30 | |
|---|
| 31 | \item Talk about UUID generation. |
|---|
| 32 | |
|---|
| 33 | \item Clarify session behaviour wrt timeouts and disconnects. |
|---|
| 34 | |
|---|
| 35 | \item Clarify behaviour of progress field on asyncrhonous request polling when |
|---|
| 36 | that request fails. |
|---|
| 37 | |
|---|
| 38 | \item Clarify which calls have asynchronous counterparts by marking them as such in the reference. (Individual getters and setters are too small and quick to justify having async versions) |
|---|
| 39 | |
|---|
| 40 | \end{itemize} |
|---|
| 41 | |
|---|
| 42 | \subsection{Content} |
|---|
| 43 | |
|---|
| 44 | \subsubsection{Model} |
|---|
| 45 | |
|---|
| 46 | \begin{itemize} |
|---|
| 47 | |
|---|
| 48 | \item Improve the set of available power\_states and corresponding lifecycle |
|---|
| 49 | semantics. Rename power\_state, maybe. |
|---|
| 50 | |
|---|
| 51 | \item Specify the CPU scheduler configuration properly, inc CPU affinity, |
|---|
| 52 | weights, etc. |
|---|
| 53 | |
|---|
| 54 | \item Add Vm.architecture and Host.compatible\_architecture fields. |
|---|
| 55 | |
|---|
| 56 | \item Add migration calls, including the ability to test whether a migration |
|---|
| 57 | will succeed, and authentication token exchange. |
|---|
| 58 | |
|---|
| 59 | \item Improve asynchronous task handling, with a registration call, a |
|---|
| 60 | ``blocking poll'' call, and an explicit notification destination. Registration |
|---|
| 61 | for ``power\_state'' is useful. |
|---|
| 62 | |
|---|
| 63 | \item Specify that session keys outlive the HTTP session, and add a timeout |
|---|
| 64 | for them (configurable in the tools). |
|---|
| 65 | |
|---|
| 66 | \item Add places for people to store extra data (``otherConfig'' perhaps) |
|---|
| 67 | |
|---|
| 68 | \item Specify how hardware UUIDs are used / accessed. |
|---|
| 69 | |
|---|
| 70 | \item Marking VDIs as exclusive / shareable (locking?) |
|---|
| 71 | |
|---|
| 72 | \item Consider how to represent CDROMs (as VDIs?) |
|---|
| 73 | |
|---|
| 74 | \item Define lists of exceptions which may be thrown by each RPC, including |
|---|
| 75 | error codes and parameters. |
|---|
| 76 | |
|---|
| 77 | \item Host characteristics: minimum amount of memory, TPM, network bandwidth, |
|---|
| 78 | amount of host memory, amount consumed by VMs, max amount available for new |
|---|
| 79 | VMs? |
|---|
| 80 | |
|---|
| 81 | \item Cooked resource monitoring interface. |
|---|
| 82 | |
|---|
| 83 | \item Network needs additional attributes that provide media characteristics |
|---|
| 84 | of the NIC: |
|---|
| 85 | |
|---|
| 86 | \begin{itemize} |
|---|
| 87 | |
|---|
| 88 | \item RO bandwidth integer Bandwidth in mbps |
|---|
| 89 | \item RO latency integer time in ms for an icmp roundtrip to a host on the |
|---|
| 90 | same subnet. |
|---|
| 91 | |
|---|
| 92 | \end{itemize} |
|---|
| 93 | |
|---|
| 94 | \item ACM |
|---|
| 95 | \begin{itemize} |
|---|
| 96 | |
|---|
| 97 | \item A Xen system can be running an access control policy where each |
|---|
| 98 | VM's run-time access to resources is restricted by the label it has been given |
|---|
| 99 | compared to those of the resources. Currently a VM's configuration file may |
|---|
| 100 | contain a line like access\_control[policy='$<$name of the system's |
|---|
| 101 | policy$>$',label='$<$label given to VM$>$']. I think the identifiers 'policy' |
|---|
| 102 | and 'label' should also be part of the VM class either directly in the form |
|---|
| 103 | 'access\_control/policy' or indirectly in an access\_control class. |
|---|
| 104 | |
|---|
| 105 | \end{itemize} |
|---|
| 106 | |
|---|
| 107 | \item Mike Day's Vm.profile field? |
|---|
| 108 | |
|---|
| 109 | \item Clone customisation? |
|---|
| 110 | |
|---|
| 111 | \item NIC teaming? The NIC field of the Network class should be a list (Set) |
|---|
| 112 | so that we can signify NIC teaming. (Combining physical NICs in a single host |
|---|
| 113 | interface to achieve greater bandwidth). |
|---|
| 114 | |
|---|
| 115 | \end{itemize} |
|---|
| 116 | |
|---|
| 117 | \subsubsection{Transport} |
|---|
| 118 | |
|---|
| 119 | \begin{itemize} |
|---|
| 120 | |
|---|
| 121 | \item Allow non-HTTP transports. Explicitly allow stdio transport, for SSH. |
|---|
| 122 | |
|---|
| 123 | \end{itemize} |
|---|
| 124 | |
|---|
| 125 | \subsubsection{Authentication} |
|---|
| 126 | |
|---|
| 127 | \begin{itemize} |
|---|
| 128 | |
|---|
| 129 | \item Delegation to the transport layer. |
|---|
| 130 | |
|---|
| 131 | \item Extend PAM exchange across the wire. |
|---|
| 132 | |
|---|
| 133 | \item Fine-grained access control. |
|---|
| 134 | |
|---|
| 135 | \end{itemize} |
|---|
