[Opensim-dev] Revising the grid standards (Part I - Principles)

Adam Frisby adam at gwala.net
Wed Nov 7 19:57:03 UTC 2007 

> But my solid feeling is that if we are to do something "open" - we
> should look to eventually get away from the centralized UGA as an
> obligatory option to run something beyond the "private sim" - they do
> not scale, and are a single point of failure.

My opinion here is that whatever we do, everything should be changed 
from fixed identifiers to URLs. Even if it's just prefixing a server URL 
before the fixed identifier, eg:
	http://asset.server.com/assets/<uuid>
or
	http://user.server.com/users/<uuid>

I'd like to get the ball rolling on some reasonably hard standards as 
soon as humanely possible - thankfully by design we can build a 
reasonably functional prototype quite quickly.

I think the consensus these days appears to be we use HTTP/REST for 
pretty much everything, and use SSL/TLS plus HTTP authentication for 
handling security and authentication. cHTTP seems to be something that 
we can use for this for handling of only-once messages - although I'd 
like to avoid that class of messages where possible.

Regards,

Adam



> 
> 
> 
> On Nov 2, 2007 5:16 PM, Adam Frisby <adam at gwala.net> wrote:
> 
>>This is going to be the first of two emails, this one's containing some
>>of the principles needed for a revised grid protocol, the next one will
>>contain some sample ideas for specific implementation details.
>>
>>The problems with the grid code right now:
>>
>>1. It's centralised - has no chance whatsoever of scaling.
>>2. It cant decide whether it wants to be REST, XMLRPC or Remoting.
>>3. It's a mess, has issues with concurrent requests and locking and the
>>    server code needs a general overhaul.
>>4. It doesn't support any kind of real authentication or security.
>>5. Linking grids together is not really feasible without sharing
>>    servers.
>>
>>In these respects, it's about on-par with what the Linden Grid does
>>right now. While everyone has recognised it's been temporary - it's
>>probably about now we should be replacing it with something better.
>>
>>So, let's nail this one down - we need a revised standard that has the
>>following features:
>>
>>Core:
>>        1. Secure - maintains authentication and hashes of important
>>           (all?) messages so that impersonating a fraudulent request
>>           is possible.
>>        2. All requests should use URI's instead of IP/Port
>>           combinations.
>>        3. No abitrary split of services (eg Asset, User, Grid)
>>           simply make: "this provides the following features:
>>                * user login
>>                * asset download"
>>        4. One protocol to rule them all, be it SOAP, REST, XMLRPC or
>>           a sink-neutral remoting implementation. (remoting + scale?)
>>        5. Users / Regions should be represented as a URI so they can
>>           be sent to other grids without too much hassle.
>>        6. Some comms may require a higher speed serialiser,
>>           we should use URI's where possible to specify which is in
>>           use. (eg tcp:// vs soap://)
>>
>>Optional:
>>        1. Region control / administration - the same protocol should be
>>usable on the region server to do things such as send restart
>>           commands.
>>        2. Use a URI / Capability for handling secure requests (needs to
>>           be combined with SSL/TLS - will need a CA setup for people
>>           who don't want to buy certs [Root CA -> Grid -> Region?])
>>_______________________________________________
>>Opensim-dev mailing list
>>Opensim-dev at lists.berlios.de
>>https://lists.berlios.de/mailman/listinfo/opensim-dev
>>
> 
>

More information about the Opensim-dev mailing list