In the the second case the user acquires a ticket

Info icon This preview shows pages 19–22. Sign up to view the full content.

View Full Document Right Arrow Icon
In the the second case, the user acquires a ticket from the slice authority via a ticket = GetSliceTicket(auth, slice name) operation. The user is then responsible for contacting the slice creation service running on individual nodes to redeem this ticket. This might be done indirectly through a third party service. A ticket is an RSpec for the slice that has been 18
Image of page 19

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
signed by the slice authority using the private key that corresponds to the public key included in the SA server’s SSL certificate. Evolution Note: By supporting both the GetSliceTicket and StartSlice operations, we have allowed PlanetLab to evolve in two different directions. In one, slice authorities return tickets but are never asked to directly create slices, thereby serving as a pure ‘naming au- thority’ for slices. In the other, a slice authority bundles the role of naming slices with the role of creating slices. The current implemen- tation supports both, and while today most slices are created directly by PLC, third-party slice creation services (e.g., that provided by Em- ulab []) are starting to emerge. Finally, each slice authority communicates an SSL certificate out-of-band to node owners that are willing to host slices it authorizes. Each node owner includes this certificate in the RSpec for the resource pool allocated to the slice authority. Slice creation services, in turn, use this certificate to securely query the slice au- thority for the set of slices to be instantiated on the node that the service is running on. 4.8 Management Authority PLC, acting as a management authority (MA), maintains a server that installs and updates the software (e.g., VMM, NM, SCS) running on the nodes it manages. It also monitors these nodes for correct behavior, and takes appropriate action when anomalies and failures are detected. As with a slice authority, we use the term ‘management authority’ to refer to both the principal and the corresponding server. The MA maintains a database of registered nodes. Each node is affiliated with an organization (owner) and is located at a site belonging to the organization. The current MA implementation includes a database with the following tuples: principal = (name, email, org, addr, keys, role) org = (name, address, admin, sites[ ]) site = (name, tech, subnets, lat long, nodes[ ]) node = (ipaddr, state, nodekey, nodeid) where state = (install | boot | debug) role = (admin | tech) Similar to the SA database, the admin field of each org tuple is a link to a principal with role = admin ; this corresponds to the primary administrative contact for the 19
Image of page 20
organization. Similarly, the tech field in the site tuple is a link to a principal with role = tech ; this is the person that is allowed to define the node-specific configuration information used by the node’s slice creation service when the node boots. Implementation Note: The current implementation uses a single database for both the SA and MA. The only tuple they have in common is the set of principals, and in fact, these are shared, with the role field given by the union of the two role sets. Since organizations that join Planet-
Image of page 21

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 22
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern