VMODL API for multi-tenancy support #754
Conversation
There was a problem hiding this comment.
Looks generally good , no comments for the the content of the model . JavaDocs should be a bit more elaborate, it's awfully short now :-).
[Sam] Agree with you. Will add more detailed JavaDocs.
More comments inline.
BTW I think we need to remove the Java file with the (obsolete) model draft
[Sam] Will do.
|
|
||
| @JavaDocs(parent=_name, docs = | ||
| """ | ||
| Max volume size allowed on this datastore |
There was a problem hiding this comment.
need units. I suggest the attribute name to have "in_bytes" or whatever at the end. Actually, in_Mib should be fine
There was a problem hiding this comment.
This PR will include VMODL definitions only. In the next PR I will provide the implementation along with the unit tests.
Will add _in_MiB suffix.
| """ | ||
| ) | ||
| @Attribute(parent=_name, typ="string") | ||
| def usage_quota(self): |
There was a problem hiding this comment.
Sure, will add _in_MiB suffix.
|
|
||
| @JavaDocs(parent=_name, docs = | ||
| """ | ||
| Datastore name |
There was a problem hiding this comment.
what if the datastore name changes (and url stays the same) ? Should we keep url here ?
There was a problem hiding this comment.
Good catch! I will use datastore URL instead. BTW, this issue already exists in the existing logic. I have filed a tracking issue: #782.
|
|
||
| @JavaDocs(parent=_name, docs = | ||
| """ | ||
| Tenant name |
There was a problem hiding this comment.
Any limitations ? Length ? Char set ? Can it be unicode ?
There was a problem hiding this comment.
Will document the length limitation for name and description.
AFAIK, VMODL string supports unicode on all different language bindings: C++, Java, Python, etc. But this is implicit and we don't usually document this in the JavaDoc.
| """ | ||
| ) | ||
| @Method(parent=_name, wsdlName="AddVMs") | ||
| @Param(name="vms", typ="string[]") |
There was a problem hiding this comment.
a question abut all *VMs() operations: should we use vim.VirtualMachine MoRef instead of strings here ?
There was a problem hiding this comment.
Will use MoRef consistently for all references of VMs and Datastores.
| """ | ||
| ) | ||
| @Method(parent=_name, wsdlName="RemoveTenant") | ||
| @Param(name="name", typ="string") |
There was a problem hiding this comment.
vim.vcs.Tenant instead of string here ?
There was a problem hiding this comment.
Since all Tenant related APIs use tenant name as the unique key, I think it makes sense to also use name as the key for this API. What do you think?
|
|
||
| @JavaDocs(parent=_name, docs= | ||
| """ | ||
| Query Tenants for the given name. Return all Tenants if name is null. |
There was a problem hiding this comment.
will we support globbing (e.g. ? *) If yes needs to be documented
There was a problem hiding this comment.
I've thought about this. Globbing is typically used by shells for matching file and directory names using wildcards. Even though our Tenant name does map to a directory in the backend, this implementation detail should not be exposed to customers. Regular expressions are actually more commonly used in commands / functions for pattern matching in string text. However, supporting regex seems an overkill for our current requirements.
So, for now I think we can keep it simple, i.e. not supporting globbing or regex. In the future if there are real requirements for this, we can add this feature without breaking backward compatibility.
| @Param(name="new_name", typ="string", flags=F_OPTIONAL) | ||
| @Param(name="new_description", typ="string", flags=F_OPTIONAL) | ||
| @Return(typ="void") | ||
| def RemoveTenant(self, name): |
There was a problem hiding this comment.
Copy-paste error. Will fix.
|
|
||
|
|
||
| # _VERSION = newestVersions.Get("vim") | ||
| _VERSION = 'vim.version.version10' |
There was a problem hiding this comment.
I think common modules import and version should be imported from a single file instead of copy-pasted to each module
There was a problem hiding this comment.
Make sense, will introduce a common module for this.
There was a problem hiding this comment.
I've decided to merge all classes into one single file/module as this seems more consistent with Python style. So no need to introduce a common module anymore.
| @Method(parent=_name, wsdlName="RemoveVMs") | ||
| @Param(name="vms", typ="string[]") | ||
| @Return(typ='void') | ||
| def RemoveVMsFromTenant(self, vms): |
| This class provides operations to manage VMs and privileges associated with a tenant. | ||
| ''' | ||
|
|
||
| _name = "vim.vcs.TenantManager" |
There was a problem hiding this comment.
_name should not be "vim.vcs.TenantManager". This class is a "Tenant" class.
There was a problem hiding this comment.
Thanks for catching this. Will fix.
shaominchen
force-pushed
the
vmodl_multi_tenancy.shchen
branch
from
e1eee0d
to
dc4871e
Compare
| ) | ||
| @Method(parent=_name, wsdlName="RemoveTenant") | ||
| @Param(name="name", typ="string") | ||
| @Param(name="remove_volumes", typ="boolean") |
There was a problem hiding this comment.
param "remove_volumes" is a "optional" param.
There was a problem hiding this comment.
All functions in class "TenantManager" can also through exception. For example "CreateTenant" may through an exception when the name specified is the same as existing tenant.
There was a problem hiding this comment.
Will address this.
|
|
||
| @JavaDocs(parent=_name, docs = | ||
| """ | ||
| Tenant is an abstraction of a group of VMs and the associated access |
There was a problem hiding this comment.
I think Tenant is an abstraction of "a group of VMs", but not the "associated access privileges".
There was a problem hiding this comment.
Will clarify a little bit.
| """ | ||
| ) | ||
| @Method(parent=_name, wsdlName="AddPrivilege") | ||
| @Param(name="privilege", typ="vim.vcs.storage.DatastoreAccessPrivilege") |
There was a problem hiding this comment.
As we discussed, user should be able to switch "default_datastore" when adding a new datastore access privilege. So we need a new param "switch_default_datastore" here.
There was a problem hiding this comment.
Yes, I will address this in next update.
|
I've updated the PR based on your comments. Also redesigned some APIs. Major changes since last update:
Exception handling is a major missing part that we haven't discussed before. I plan to introduce one or more exceptions to handle all different error conditions. Maybe we should have a discussion about this after everyone is back. |
|
@lipingxue Addressed your comments. |
| faults=["vim.fault.NotFound"]) | ||
| @Param(name="datastore", typ="vim.Datastore", flags=F_OPTIONAL) | ||
| @Return(typ='vim.vcs.storage.DatastoreAccessPrivilege[]') | ||
| def GetPrivileges(self, datastore): |
There was a problem hiding this comment.
nit: it feels strange that AddPrivilige is singular but GetPrivileges is plural. I suggest to stick with singular everywhere.
There was a problem hiding this comment.
I'm actually following existing VSAN VMODL style. Basically, if the return type is an array, the name will be plural, for example: GetTenants, GetVMs, GetPrivileges. Or if the input parameter is an array, the name is also plural: AddVMs, RemoveVMs, ReplaceVMs.
Please let me know if you still have concern about this. I can change it in the next PR if needed.
|
LGTM to me. |
This brings in the VMODL Python APIs for multi tenancy. This is hard coded for return values for now, to help with testing.
shaominchen
force-pushed
the
vmodl_multi_tenancy.shchen
branch
from
ad3623a
to
1667720
Compare
shaominchen
changed the title
The implementation (to integrate with auth_api) has not been implemented yet. Please review the API signatures first.