Service dependencies specification

[fmui]

See issue #427.

First draft of the service dependencies specification.

[cfdreddbot]

Hey fmui!

Thanks for submitting this pull request! I'm here to inform the recipients of the pull request that you and the commit authors have already signed the CLA.

[mhrivnak]

Since this contains a binding, why not call the key binding? The word credentials doesn't communicate that other things besides credentials can exist in the object (as we see in this example), which I suspect is why the word binding was chosen for the API.

[n3wscott]

injected

this makes it sound like there is magic happening, these are not just provided in the provision request?

[n3wscott]

an "open dependency" sounds like it should be an unfulfilled dependency, ie: the service requests a dependency of some type. This is really a platform defined dependency or something along that line.

[n3wscott]

I think this should be "open_dependencies_field" to mean the field name the broker expects this list to be in.

Also: if it is a list, make it a list?

[n3wscott]

here again, field vs parameter.

[n3wscott]

This is the field that the broker is expecting to look in for the service dependecies? Suppose the broker wanted to accept it in a nested object, I think it might need to be a path to support something like "parameters.dependencies.service"

[n3wscott]

Why not have service_id be service_ids and allow a list?

[n3wscott]

I would recommend pulling out the dependency fields into their own field next to parameters, like:

{
  "dependencies" {
    "service_id": "71ef3933-8520-4f26-b808-f483d23f94a6",
    "service_name": "mysql",
    "plan_id": "1b367d58-6f17-4cb3-9ef8-3a69e752b826",
    "plan_name": "small",
  },
  "parameters": {
    "database": {
      "credentials": {
        "uri": "mysql://mysqluser:pass@mysqlhost:3306/dbname",
        "username": "mysqluser",
        "password": "pass",
        "host": "mysqlhost",
        "port": 3306,
        "database": "dbname"
      }
    }
  }
}

[n3wscott]

For bindable services, the value MUST contain be the response of a binding request.

I am having a really hard time trying to figure out what this means. The values [in the above table>] must be contained inside the request for binding? What is required about response? I am confused because only requests have "parameters" but this is mixing the request/response demands.

[n3wscott]

Is this a table of allowed additive fields for non-bindable services?

[n3wscott]

Is this a table of allowed additive fields for "open deps"?

It took me a very long time to understand this was what this was attempting to say. Perhaps one table with restrictions on the fields?

[n3wscott]

If this is suppose to be additive to the OSBAPI, I would recommend not mix instance parameters with broker dependencies. It is really confusing and I suspect this would be difficult to implement cleanly in broker.

[n3wscott]

Overall I think this change does not do enough to allow the ecosystem to play nice together. I understand the use-case but I think this implementation is too opinionated about the solution it recommends brokers to implement. I don't see an easy way for broker to broker dependencies, such as the use case where I want to bring my broker that provisions my application, and that application depends on a database of some kind, it would be real nice to be able to say "in my application broker, please tie in a database that speaks SQL".

I think the customizable parameter targets are confusing. And in the very least they need to be paths inside the json object relative to the root of the object.

It would be interesting to use the concept of adheres_to when specify a generic dep.

I think more detail needs to be added around what the platform is expected to do when it provisions something and the catalog can change with more items, or deprovision and items disappear.

I wonder if there is also a chance to add a concept of a service depending on a binding. At the moment we make bindings but we do not get to say who they are for. But a binding could be shared as well so each binding could have n parties using it. I am not sure on that point...

[mhrivnak]

I agree with @n3wscott 's summary. It would be helpful to focus more on illustrating the big picture and how the key use cases are fulfilled. Reading this proposal, I found it somewhat difficult to keep track of where things fit in to a high-level workflow, and who-or-what is the actor performing each step.

It may help to focus more on addressing these general questions:

1. What exactly is the mechanism and algorithm for match-making? There are a lot of details to explore around how a Plan (or other resource maybe) would express what it requires and what it provides. It will help to first describe the data and algorithm without talking about API operations.
2. What component is expected to execute the match-making algorithm to determine which resource fulfills a requirement? Is it always the Platform?
3. Once some actor determines which resource fulfills a requirement, what then? What specific actions must that actor take? For example, would the Platform be responsible for creating a binding and passing it (along with additional info about the providing service?) to the service being provisioned?

[krancour]

Adding an opinion here that I expressed at the f2f. I believe that solving "adheres to" is a necessary pre-requisite for some of this.

[duglin]

Refresh my memory - what's the status of this? Awaiting an updated PR?