-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathimagetransfer-usecases.xml
205 lines (199 loc) · 9.77 KB
/
imagetransfer-usecases.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
<!ENTITY % sharedents SYSTEM "shared-entities.xml" >
%sharedents;
]>
<chapter id="imagetransfer-usecase">
<info>
<author>
<firstname>Ulrich</firstname>
<surname>Schwickerath</surname>
</author>
<author>
<firstname>Owen</firstname>
<surname>Synge</surname>
</author>
</info>
<title>Image transfer Use Cases</title>
<section id="imagetransfer-usecase-usecase">
<title>Use Cases</title>
<section>
<title>1: Endorser handling</title>
<itemizedlist>
<title>Each endorser runs his own VMIC.</title>
<listitem>Endorsers can be associated to a site (site endorser)</listitem>
<listitem>Endorsers can be associated to a &vo; (&vo; endorser)</listitem>
</itemizedlist>
<section>
<title>1.1: A new Endorser for &vo; XYZ enters</title>
<itemizedlist>
<listitem>The endorser sets up his VMIC</listitem>
<listitem>The endorser VMIC gets listed in the &vo;'s list of endorsers</listitem>
</itemizedlist>
<section>
<title>1.1.1:</title>
<itemizedlist>
<listitem>The change gets announced to the sites supporting this &vo;.</listitem>
</itemizedlist>
</section>
<section>
<title>1.1.2:</title>
<itemizedlist>
<listitem>The sites decide to update their local list of endorsers or not</listitem>
<listitem>The sites get the list of images of this new endorser from the endorsers VMIC</listitem>
</itemizedlist>
</section>
<section>
<title>1.1.3:</title>
<itemizedlist>
<listitem>The sites start the local approval procedure for the images of this endorser</listitem>
</itemizedlist>
</section>
</section>
<section>
<title>1.2: An Endorser leaves &vo; XYZ and is not replaced</title>
<section>
<title>1.2.1: The &vo; decides to revoke all his images</title>
<itemizedlist>
<listitem>The endorser is removed from the &vo;'s list of endorsers</listitem>
<listitem>The endorsers VMIC is destroyed</listitem>
<listitem>The sites supporting this &vo;'s are informed of the change by the &vo;.</listitem>
<listitem>The sites update their local list of endorsers</listitem>
<listitem>The sites ensure that local copies of all affected images are revoked</listitem>
</itemizedlist>
</section>
<section>
<title>1.2.2: The &vo; wants the sites to keep running his images</title>
<itemizedlist>
<listitem>in this case the &vo; must provide a new endorser who re-endorses the images, case 1.3</listitem>
</itemizedlist>
</section>
<section>
<title>1.2.3: As the endorsers VMIC has been destroyed, no new images can be released by this person</title>
<itemizedlist>
<listitem></listitem>
</itemizedlist>
</section>
</section>
<section>
<title>1.3: An Endorser E1 of &vo; XYZ is replaced by Endorser E2</title>
<itemizedlist>
<listitem>The &vo; follows step 1.1 to support the new endorser, and then 1.2 to revoke the old one</listitem>
</itemizedlist>
</section>
<section>
<title>1.4: &vo; A elects a new Endorsers E1. Site S1 supports &vo; A. Site S2 does not support &vo; A </title>
<section>
<title>1.4.1/2:</title>
<itemizedlist>
<listitem>implicitly fulfilled as the &vo; only contacts those sites which support it</listitem>
</itemizedlist>
</section>
</section>
</section>
<section>
<title>2: Endorser actions</title>
<section>
<title>2.1: A new image is released. Endorser A blesses it for publication</title>
<itemizedlist>
<listitem>The endorser adds the image to his VMIC</listitem>
</itemizedlist>
<orderedlist numeration="loweralpha">
<listitem>sites regularly poll the VMICs of all endorsers in their local endorser list for updates</listitem>
<listitem>&vo;'s can ask sites to perform this check outside the normal intervals</listitem>
</orderedlist>
<itemizedlist>
<listitem>sites start the local approval procedure to make the image available</listitem>
</itemizedlist>
<section>
<title>2.1.1/2: Fulfilled by construction</title>
</section>
</section>
<section>
<title>2.2: Endorser A revokes a previously blessed images, eg because a bug has been found, without replacing it</title>
<itemizedlist>
<listitem>The endorser removes these images from his VMIC</listitem>
<listitem>sites regularly poll the VMICs in their local endorser list</listitem>
<listitem>&vo;'s can ask sites to poll outside the regular interval </listitem>
<listitem> sites remove all images which are no longer in the VMICs from their local list of approved images</listitem>
</itemizedlist>
</section>
<section>
<title>2.3: Endorser A wants to update an existing image</title>
<itemizedlist>
<listitem>The endorser adds the new image to his VMIC</listitem>
<listitem>The endorser removes the old image from his VMIC</listitem>
<listitem>sites regularly poll the VMICs in their local endorser list, and revoke support for all images which may have disappeared from the VMICs</listitem>
<listitem>&vo;'s can ask sites to poll outside the regular interval </listitem>
<listitem>sites decide on the approval of the updated image, and add the image to their list of approved images</listitem>
<listitem>sites remove all images which are no longer in the VMICs from their local list of approved images</listitem>
</itemizedlist>
</section>
</section>
<section>
<title>3: Site actions</title>
<section>
<title>3.1: A site B wants to use a site specific image for local users</title>
<itemizedlist>
<listitem>the site's local endorser endorsed the image</listitem>
<listitem>the site approves it's own image</listitem>
<listitem>the image is added to the sites list of approved images</listitem>
</itemizedlist>
<section>
<title>3.2: Site B has created an image which is useful for other sites and wants to share it</title>
<itemizedlist>
<listitem>the site's endorser adds the image to his VMIC</listitem>
<listitem>remote sites supporting this endorser will pick up the image during regular update checks</listitem>
<listitem>the remote sites launch their local approval procedure</listitem>
<listitem>the remote sites add the new image to their local list of approved images (or not)</listitem>
</itemizedlist>
</section>
<section>
<title>3.3: A site is asked to run an image from a trusted endorsers, and the site policies allow this</title>
<itemizedlist>
<listitem>implicitely handled</listitem>
</itemizedlist>
</section>
<section>
<title>3.4: A site is asked to run an image from a trusted endorser, but site policies forbid them to run it</title>
<itemizedlist>
<listitem>implicietely handled. The site does not approve the image and does not add it to it's local list of approved images</listitem>
</itemizedlist>
</section>
<section>
<title>3.5: A site needs to stop running images for type XYZ because of some reason (security, bug, wrong software,changed site policies)</title>
<itemizedlist>
<listitem>the site gets notified by an external instance of the problem</listitem>
<listitem>the site checks the meta data information of the images in their local list of approved images</listitem>
<listitem>the site flags image for removal based on their meta data</listitem>
<listitem>the site removes the affected images from their local list of approved images</listitem>
<listitem>in case of a &vo;, the affected &vo; is informed</listitem>
<listitem>the &vo; proceeds as described above for the revocation of the image</listitem>
</itemizedlist>
</section>
<section>
<title>3.6: A site needs to stop running all images of Endorser XYZ, which were previously trusted and used</title>
<itemizedlist>
<listitem>The endorser wil have disappeared from the list of trusted endorsers</listitem>
<listitem>images of this endorser get removed from the local list of approved images</listitem>
</itemizedlist>
</section>
<section>
<title>3.7: A site needs to make a new image available to their users</title>
<itemizedlist>
<listitem>The image has been added upstream and appears in one of the VMICs </listitem>
<listitem>At the next poll, or on request of the &vo;, the approval procedure is started</listitem>
<listitem>the image is added or not to the local list of approved images</listitem>
</itemizedlist>
</section>
<section>
<title>3.8: Endorser A is replaced by Endorser B. Images of A are no longer trusted, Images of Endorser B are trusted.</title>
<itemizedlist>
<listitem>see 1.3</listitem>
</itemizedlist>
</section>
</section>
</section>
</section>
</chapter>