Ganymede Release 1.0.11 December 9, 2002 THINGSTODO --------------------------------------------- 0) Database rework to support full history tracking Right now, the Ganymede server maintains in its database only the current state of the server's data. No historical information is retained in a form which would allow the builder tasks to easily handle the reporting of differentials to external processes. That is, we would like to have Ganymede be able to write out a file that says something like 'since the last time this builder process was run, 3 new users were created, one user was added to group labusers, 2 groups were deleted, and one user was renamed', rather than simply dumping out the current state of the database and just expecting that to be bulk-loaded into the environment. Things like LDAP and NT maintenance could be supported a lot better if Ganymede was able to provide limited delta records rather than forcing a complete reload from the Ganymede server's state. 11-Oct-2001: Note that Thomas Reith has published a fantastic tool called ldapdiff at http://webtomware.rhoen.de/. With ldapdiff and some appropriate LDIF-generating Java code for a Ganymede builder task, you could easily build an LDAP management tool out of Ganymede. 1) DNS Support The biggest point to make about Ganymede right now is that it is as much a framework for you to build management software with as it is a finished product. In particular, while the gasharl, linux, and bsd schemas are in decent shape, you have to either already be using GASH or be willing to settle for simple user/group management if you aren't willing to do some work to develop a schema that is useful for you. What is really needed is for someone to develop a generic DNS schema kit that includes a good general parser for DNS files. The gasharl schema is designed to support a single comprehensive NIS domain and a single DNS domain broken into Class-C sized subnets, but it is designed to work with files generated/maintained by GASH. Bootstrapping a DNS management system from zone files needs to be supported, but Ganymede's objects and links model makes this process of doing this a bit unobvious. The gasharl schema uses system information where all the interfaces and system information for individual systems is grouped together in objects. For our network, this information was collated and assembled by hand. Hopefully there's a good way of avoiding that work. Right now the gasharl schema kit is the most fully developed and tested schema, but the gasharl schema kit does not include a full and working NIS/DNS build system. We are currently developing enhanced DNS support through the use of an XML layer to replace the old gash hosts_info file. We intend to support DNS fairly comprehensively with this software, but it is not yet ready for release. 2) Scalability issues Right now, the Ganymede server loads all data managed into memory. This is reasonably efficient with a good generational garbage collector, but it's possible that using a random access binary file for the database, when combined with an in-memory cache system using the JDK 1.2 weak references API could give better scalability. Memory is cheap these days, so the Ganymede design isn't too bad for our purposes and size, but it might be good to experiment with the basic engine to see whether things can be made more scalable with 1.2. In addition, the client has some scalability issues. In particular, there are places where the client will generate pop-up choice lists with hundreds if not thousands of choices in them. This is not workable from a user interface perspective, and may be a real burden on the client's memory. For real scalability it might be better to require the user to manually type in items when the lists get too big. 3) Documentation/Help The Ganymede client includes support for a basic HTML help system, but we don't have the HTML help web written. Given our resources and priorities, it isn't clear that we'll be able to do this ourselves anytime soon, but it really should be done. 4) Internationalization It would be a really good thing for the client and server to be internationalized. After getting the Ganymede announce posted in Linux Weekly News and seeing all of the hits from Japan, Italy, Austria, Russia, China, the Netherlands, France, Spain, Portugal, etc., my fantasy that internationalization was something I could just sort of pretend I'd never heard of seems to be evaporating. I don't think I'll be able to dedicate time to it anytime in the foreseeable future, but someone is going to have to at some point. 5) Two phase commit for client access The Ganymede server internally uses a two-phase commit protocol for handling its transactions, but it does not provide a two-phase interface for clients that may be coordinating transaction commits for an external system. As a result, while Ganymede can be used to master cross-database transaction commits using the DBEditObject commitPhase1() and commitPhase2() methods, it doesn't support a client attempting to verify transactional consistency without performing an actual commit. No one has asked about this yet, but at some point I may need to expand the client API to allow some sort of 'verify ok to commit' method call which, if it returns a successful result, will guarantee that a later commit would proceed to completion successfully. This will involve a good bit of reworking of the server's internal commit operations, and there may be issues of deadlock and timeouts to be considered as well. At present, transactions lock all portions of the database involved in the transaction while the commit logic is being processed, but if there might be an indefinite delay between phases 1 and 2 of an externally-accessible two phase protocol, we have to either risk unlocking the server and then hoping we can re-lock the server in a timely fashion later, or risk leaving those portions of the server locked until such time as a phase 2 order arrives. I'm not sure how folks handle this problem, generally. 6) Integration of CVS into the backend Right now, Ganymede is doing a lot of stuff in the server to handle archiving of emitted files. Things like the automatic saving of backup copies of a file when a file is emitted by a builder task, and the nightly zipping of the day's backup files. Really, this would be better done by having the backend scripts assume the presence of CVS, and to do CVS commits every time new files are written out. This would allow for much more efficient storage of the emitted files, and would allow for easy retrieval of the emitted files for any given moment in time. Schema kits should be developed in this direction. 7) Eliminate the 'objects owned' field in the owner group object [bugzilla #23] It might be a good idea to make the object ownership linkages non-symmetric, with the invid's in each object pointing to its owners through a non-symmetric relationship. This would allow simultaneous adding or deleting of objects from the owner group by distinct transactions, would reduce the size of the database on disk, and would simplify further the XML representation of the Ganymede database. The cost would be that the once-per-login getOwnerGroups() method in GanymedeSession would have to be either reworked to perform discrete queries, or an alternative recursive algorithm that started from the leafs and traversed up the ownership tree piece-wise to try and construct a reverse-transitive closure would have to be implemented. In addition, the client's objects owned panel would have to either be abandoned, making mass object adds or deletes for an owner group more difficult, or implemented using completely custom logic to handle the process of editing all objects thus added/deleted and modifying the owner field. Finally, there would need to be custom logic that would enforce the current permission logic, allowing only users who can edit the 'Objects Owned' field for an owner group to add objects to that list. 8) Move build system to Ant We may do this for the next release. Moving to Ant would make it possible to build Ganymede on Windows, although the whole system is really designed to manage directory services on a Unix-like system. 9) Support server targeting with common client Right now at ARL, we are running two instances of the Ganymede server, one for our internal information, and one for accounts in the DMZ. At present, the Ganymede client and admin console are 'pre-loaded' with properties specifying where the Ganymede server is. It would be nice to have a way to start the client or admin console, have the client code get a list of local Ganymede servers, and present the user with a choice of server to log into. This may well not be worth the effort to code it, but it might be nice to do. Letting a single admin console monitor multiple Ganymede servers might be particularly nice. 10) Rename Ganymede We long since past need to ditch the Ganymede name. We have a name that we're thinking of going to, we just need to create the new logo, graphics, and rework all of the documentation, ugh. --- Jonathan Abbey, jonabbey@arlut.utexas.edu