thoughts on priorities

William Reade william.reade at canonical.com
Thu May 2 07:50:11 UTC 2013 

On Tue, 2013-04-30 at 19:18 +1000, David Cheney wrote:
> <strawman>What if we moved to distributing tools via PPA?</strawman>

Long-term, we'd need a story for distributing them to arbitrary
platforms. Starting off with a PPA wuld have been fine really, but I
don't think there's a compelling reason to fall back to one of those
today...

> Watching Openstack videos today there was mention that all openstack
> components communicate via an API; there are no back doors. However most
> components expose two API endpoints, an admin endpoint, and a user
> endpoint -- I think there is something to that wisdom.

The current concept is that there'll be one API, with identity-based
permissions determining what methods can be called with what args. I
suspect that this model will have to evolve a little; but I think the
clear path for now is to implement the bits we *need* to ensure that a
buggy, malicious, or compromised unit/machine can (1) only make changes
to state and/or the environment that could plausibly be made by a
legitimate and correctly-functioning agent and (2) be unable to even
view the parts of state that it does not require to do its job.

Long-term, I would be happiest to see direct state access restricted to
only the API server itself, and for everything else to go via the API,
but I think that fixing just the parts I want to focus on will keep us
occupied for a while; I would be only too happy to be proven wrong
here :).

> I vote for doing a major version update that changes *NOTHING* except
> the major version number.

Very good point; I think I'm +1; but I would like to ensure that our
model takes into account the range of things that may need to be changed
during a major version upgrade.

Before we do that, regardless, I'd like to have a short but explicit
conversation about whether it matters that we're likely to burn through
several major versions per year. I can't think of a coherent reason not
to, other than that it seems a little weird, but others may have
opinions that should be heard. Anyone?

Cheers
William

More information about the Juju-dev mailing list