Skip to content
  • Leigh B. Stoller's avatar
    Slice expiration changes. The crux of these changes: · 5c63cf86
    Leigh B. Stoller authored
    1. You cannot unregister a slice at the SA before it has expired. This
       will be annoying at times, but the alphanumeric namespace for slice
       ames is probably big enough for us.
    
    2. To renew a slice, the easiest approach is to call the Renew method
       at the SA, get a new credential for the slice, and then pass that
       to renew on the CMs where you have slivers.
    
    The changes address the problem of slice expiration.  Before this
    change, when registering a slice at the Slice Authority, there was no
    way to give it an expiration time. The SA just assigns a default
    (currently one hour). Then when asking for a ticket at a CM, you can
    specify a "valid_until" field in the rspec, which becomes the sliver
    expiration time at that CM. You can later (before it expires) "renew"
    the sliver, extending the time. Both the sliver and the slice will
    expire from the CM at that time.
    
    Further complicating things is that credentials also have an
    expiration time in them so that credentials are not valid forever. A
    slice credential picks up the expiration time that the SA assigned to
    the slice (mentioned in the first paragraph).
    
    A problem is that this arrangement allows you to extend the expiration
    of a sliver past the expiration of the slice that is recorded at the
    SA. This makes it impossible to expire slice records at the SA since
    if we did, and there were outstanding slivers, you could get into a
    situation where you would have no ability to access those slivers. (an
    admin person can always kill off the sliver).
    
    Remember, the SA cannot know for sure if there are any slivers out
    there, especially if they can exist past the expiration of the slice.
    
    The solution:
    
    * Provide a Renew call at the SA to update the slice expiration time.
      Also allow for an expiration time in the Register() call.
    
      The SA will need to abide by these three rules:
      1. Never issue slice credentials which expire later than the
         corresponding slice
      2. Never allow the slice expiration time to be moved earlier
      3. Never deregister slices before they expire [*].
    
    * Change the CM to not set the expiration of a sliver past the
      expiration of the slice credential; the credential expiration is an
      upper bound on the valid_until field of the rspec. Instead, one must
      first extend the slice at the SA, get a new slice credential, and
      use that to extend the sliver at the CM.
    
    * For consistency with the SA, the CM API will changed so that
      RenewSliver() becomes RenewSlice(), and it will require the
      slice credential.
    5c63cf86