Shared Services Configuration/de

From OpenSimulator

Revision as of 17:11, 2 July 2018 by Manni (Talk | contribs)

Jump to: navigation, search

Contents

Einführung

In einigen Szenarios können zwei oder mehr separate Installationen von OpenSimulator anstelle von einem großen Raster gewünscht werden. Dies führt jedoch zu großen Unannehmlichkeiten, wenn Benutzer Zugriff auf beide Grids benötigen - auf beiden muss ein Benutzerkonto erstellt werden, und sie haben zwischen OpenSimulator-Installationen ein völlig anderes Inventar (und damit Kleidung, Körperteile und Anhänge).

Ein Ansatz besteht darin, ein einziges Benutzerkonto in einem der Grids zu haben und es dem Benutzer zu ermöglichen, über das Hypergrid zu anderen Grids zu reisen.

Ein weiterer Ansatz, den wir hier näher erläutern werden, ist die gemeinsame Nutzung von Benutzerkonten, Authentifizierungs-, Avatar-, Asset- und Inventardiensten zwischen mehreren Installationen, jedoch nicht mit anderen Diensten wie dem Grid oder Griduser. Dadurch können die beiden Grids getrennt bleiben (eine Region kann nicht zwischen Regionen auf verschiedenen Grids teleportieren), während der Benutzer die gleichen Kontodetails, Inventar und Anhänge zwischen mehreren OpenSimulator-Installationen beibehalten kann.

Dieser Ansatz sollte als experimentell betrachtet werden. Es wird derzeit vom OpenSimulator-Projekt nicht offiziell unterstützt. Ich habe gesehen, dass es in einigen Situationen erfolgreich verwendet wurde, aber es kann durchaus Fälle geben, die Probleme verursachen. -- Justincc (talk) 22:35, 30 April 2014 (UTC)

Schritte

Dies sind Schritte zum Freigeben von Diensten zwischen zwei separaten OpenSimulator-Installationen (Grid A und Grid B).

Wir machen folgende Annahmen

  • Beide Installationen werden im Rastermodus ausgeführt.
  • Jede Installation wird auf einem separaten Computer oder einer Gruppe von Computern gehostet. Wenn sich beide Installationen auf demselben Computer befinden, müssen Sie die Standardportnummern für nicht gemeinsam genutzte Dienste anpassen, damit sie nicht miteinander kollidieren.
  • Hypergrid ist inaktiv.
  • Grid A und Grid B werden im selben lokalen Netzwerk ausgeführt. Die ROBUST-Dienstadressen lauten wie folgt.
Grid A - 192.168.1.2 (8002 public port, 8003 private port)
Grid B - 192.168.1.3 (8002 public port, 8003 private port)

Schritt 1: Decide which grid installation will host the shared services

One grid's ROBUST instance (more in sophisticated setups) will host the services to be shared between multiple installations. The other grid's simulator and ROBUST configuration will be changed so that it uses the shared services rather than its own. In these instructions, Grid A will host the shared services.

Schritt 2: Configure the simulators on Grid B to use Grid A's services

On Grid B, we need to configure the simulators so that they connected to Grid B for some service types but Grid A for others.

The services that need to be shared are

  • Asset - to share asset used within inventory items.
  • Authentication - so that login passwords are authenticated against the same stored hashes.
  • Avatar - to share information about worn attachments, clothing and body parts.
  • Inventory - to share inventory items.
  • UserAccount - to share user account information.

To do this, we configure the ServerURI in each relevant service section to connect to the Grid A services rather than Grid B. In this example, the configuration would be as follows

[AssetService]
    AssetServerURI = "http://192.168.1.2:8003"
 
[AuthenticationService]
    AuthenticationServerURI = "http://192.168.1.2:8003"
 
[AvatarService]
    AvatarServerURI = "http://192.168.1.2:8003"
 
[InventoryService]
    InventoryServerURI = "http://192.168.1.2:8003"
 
[UserAccountService]
    UserAccountServerURI = "http://192.168.1.2:8003"

Schritt 3: Configure Grid B's LoginService to use Grid A services where appropriate

As well as redirecting Grid B's simulators to use Grid A's services, we need to configure Grid B's login service to use Grid A's services.

We need to do this because the login service consults these other services either to identify and authenticate the user (Authentation and UserAccount services) or get information to populate the login response (Avatar, Inventory).

The configuration here is more complex because we need to tell the Grid B login service to use connectors to access Grid A's services rather than instantiate it's own local service instances.

Schritt 3A: Configure the Login Service to use connectors for shared services

This is done in the [LoginService] section of Robust.ini. Instead of specifying services in local service DLLs, we ask the login service to instantiate connectors.

For instance, the usual UserAccountService configuration here is

[LoginService]
    UserAccountService = "OpenSim.Services.UserAccountService.dll:UserAccountService"

which instantiates a local user account service from the OpenSim.Services.UserAccountService.dll. But for a connector configuration. this becomes

[LoginService]
    UserAccountService = "OpenSim.Services.Connectors.dll:UserAccountServicesConnector"

In all, the service sections of [LoginService] change from

[LoginService]
    UserAccountService = "OpenSim.Services.UserAccountService.dll:UserAccountService"
    AuthenticationService = "OpenSim.Services.AuthenticationService.dll:PasswordAuthenticationService"
    InventoryService = "OpenSim.Services.InventoryService.dll:XInventoryService"
    AvatarService = "OpenSim.Services.AvatarService.dll:AvatarService"

to

[LoginService]
    UserAccountService = "OpenSim.Services.Connectors.dll:UserAccountServicesConnector"
    AuthenticationService = "OpenSim.Services.Connectors.dll:AuthenticationServicesConnector"
    InventoryService = "OpenSim.Services.Connectors.dll:XInventoryServicesConnector"
    AvatarService = "OpenSim.Services.Connectors.dll:AvatarServiceConnector"

In this case, we don't need to configure the asset service since the login service doesn't need to access this.

We also can't reconfigure the library service, since it doesn't currently have a connector. So grids connected in this manner must have identical library configurations.

Schritt 3B: Configure the connectors with Grid A's ROBUST service URIs

As well as getting the login service to use connectors to grid A's services, we need to tell those connectors which URIs to use. The configuration here is actually the same as for the simulator. So for each of the connectors we configured above, we need to add the relevant ServerURI entry.

So for the user account service, for instance, we need to add

[UserAccountService]
    UserAccountServerURI = "http://192.168.1.2:8003"

So in total, the following entries need to be added

[AuthenticationService]
    AuthenticationServerURI = "http://192.168.1.2:8003"
 
[AvatarService]
    AvatarServerURI = "http://192.168.1.2:8003"
 
[InventoryService]
    InventoryServerURI = "http://192.168.1.2:8003"
 
[UserAccountService]
    UserAccountServerURI = "http://192.168.1.2:8003"

Again, this is the same as for simulator cnofiguration above except that we don't need to configure the asset service.

It's also a good idea to comment out all the other entries in those sections (e.g, LocalServiceModule). They very probably won't do any harm by being there but they are not used by the connectors.

Schritt 3C: Disable unused connectors on Grid B (optional)

This is technically an optional step, but I think that it's a very good idea to disable the Grid B services that are no longer required, in order to save confusion if anything is misconfigured.

To do this, one comments out the connectors made available in the [ServiceList] section of Grid B's robust.ini file. In this case, these are service connectors made available to other parties. So the following connectors should be commented out.

[ServiceList]
    ;InventoryInConnector = "8003/OpenSim.Server.Handlers.dll:XInventoryInConnector"
    ;AuthenticationServiceConnector = "8003/OpenSim.Server.Handlers.dll:AuthenticationServiceConnector"
    ;AvatarServiceConnector = "8003/OpenSim.Server.Handlers.dll:AvatarServiceConnector"
    ;UserAccountServiceConnector = "8003/OpenSim.Server.Handlers.dll:UserAccountServiceConnector"
    ;AvatarServiceConnector = "8003/OpenSim.Server.Handlers.dll:AvatarServiceConnector"

Fazit

You should now be able to use the same avatar account to log onto Grid A (via http://192.168.1.2:8002 in this example) and to Grid B (via http://192.168.1.3:8002). Users will have the same details, inventory and worn items/attachments on both grids. However, these grids are still conceptually separate - regions can overlap (e.g. grid A and grid B have different regions at 1000,1000) and there is no way to move directly between them without Hypergrid being active.

Discussion

Disadvantages

Not supported

To emphasise what was said in the introduction, this is not a configuration of OpenSimulator officially supported by the project. As it's not commonly used, you may run into bugs or other issues associated with this unusual setup. Changes over time may require configuration adjustment that is not documented elsewhere. It also means that this configuration is not well tested.

Having said that, there's no reason to think that this will stop working. It relies on fundamental configuration requirements for OpenSimulator (distributed services and connectors) which are necessary for other functionality.

Hypergrid

It's unknown whether Hypergrid will work on this configuration. It may well be possible when each grid has its own service, though extra configuration will definitely be required (e.g. setting up connectors).

Access control

Once somebody has a user account they can move indiscrimnately between the installations sharing those services. It might be possible to limit this with a non-shared authentication service (or even an alternative authentication service implementation) that can control whether a user is allowed access to only Grid A or Grid B.

Without this, if you need to access control you will need to do this either via the normal configuration options (e.g. region access lists) that you would use on a unified grid, or via Hypergrid instead which does have developed and developing access controls. It might also be possible to enforce some access control via network firewall configuration.

Friends Service

If the friends service is shared, then users will see friends who are at other grids. This may be confusing, since they won't be able to communicate with them as IMs are routed only to simulators in the same grid.

On the other hand, if the friends service is not shared then users will have to manage a separate friends list on each server.

Advantages

Conceptually simpler than the Hypergrid

The chief advantage relates to the other mechanism (the Hypergrid) for allowing users to keep the same account details and inventory on different grids. Unlike the Hypergrid, there are no non-Second Life concepts to understand, such as inventory suitcases or Hypergrid links.

However, this approach doesn't allow a user to move between grids unless they logout from one grid and login back to another, even though those grids use the same account and authentication details. This makes it quite difficult to imagine scenarios where the naive service sharing described above is useful.

Scalability

The scalability issue is complex here.

On the one hand, if one has to have multiple grids with shared user accounts/inventory rather than a single big grid, sharing services will still make efficiencies of scale possible. For instance, if one is using a deduplicating asset service, then deduplication will occur over multiple grids sharing an asset service instead of potentially having two copies of the same asset in 2 different grids.

One could achieve this simply by sharing the asset service as above but none of the others.

However, this same concentration of requests into a shared service may be a scalability problem, requiring the techniques in Performance to scale the shared services. This would not be an issue if the grids were completely separate or if the grid connectivity was achieved via Hypergrid, where both grids retain their own service instances.

Personal tools
General
About This Wiki