Generic Extensions (actions) #431
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -841,11 +841,47 @@ For success responses, the following fields are defined: | |
| | --- | --- | --- | | ||
| | dashboard_url | string | The URL of a web-based management user interface for the Service Instance; we refer to this as a service dashboard. The URL MUST contain enough information for the dashboard to identify the resource being accessed (`9189kdfsk0vfnku` in the example below). Note: a Service Broker that wishes to return `dashboard_url` for a Service Instance MUST return it with the initial response to the provision request, even if the service is provisioned asynchronously. If present, MUST be a non-empty string. | | ||
| | operation | string | For asynchronous responses, Service Brokers MAY return an identifier representing the operation. The value of this field MUST be provided by the Platform with requests to the [Last Operation](#polling-last-operation) endpoint in a percent-encoded query parameter. If present, MUST be a non-empty string. | | ||
| | extension_apis | array-of-objects | For extensions to the Service Broker API on a per Service Instance basis, Service Brokers MAY return one or more objects that describe additional API endpoints via an OpenAPI document. See [Extension APIs Object](#extension-apis-object) for more information. | | ||
|
|
||
| ##### Extension APIs Object | ||
|
|
||
| The `extension_apis` object MAY be used to describe any additional endpoint | ||
| to the Open Service Broker API. An example of this could be lifecycle | ||
| management of a Service Instance, (e.g. "Day Two Operations"), like Backup, | ||
| Restore, Stop, Start, Restart and Pause. | ||
|
There was a problem hiding this comment. Some of these example operations seem like they would be long-running. Is there any way for a broker to report status of a long running action back to the platform? There was a problem hiding this comment. Related to this, is there a way brokers can provide either success or failure messages for the platform to display when an operation is run? Ideally if the request fails, the UI can give a specific error about what went wrong instead of a generic failed error. There was a problem hiding this comment. Async ops, if enabled, would be defined via the swagger file. The platform could detect and subscribe to ops based on the returned swagger. There was a problem hiding this comment.
I'm not sure how a platform can detect it only from the swagger. A human looking at it might notice an endpoint called As an end user, I'd be worried if I couldn't check the status of an operation like "Restore" and know that it completed successfully. I could see it if the platform recognized the There was a problem hiding this comment. I think the short answer is it's not going to be possible across the board for all APIs. My thought was that the platform could recognize a callback object in the openapi doc, (https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.1.md#callbackObject) and other openapi patterns to figure out what it needs, but we won't know until someone tries. It's the main issue with going the generic route on extensions. |
||
|
|
||
| The Service Instance provisioning request will return a URI to an OpenAPI 3.0+ | ||
|
||
| document that the Platform can use to determine the new endpoint(s), | ||
| parameter(s), authentication mechanism and server URL. The new APIs are | ||
| extensions to the Open Service Broker API. As such they are indended to be | ||
| invokved by the Platform on behalf of its clients. | ||
|
|
||
| Extension API endpoints MAY be executed on a remote server, however the OpenAPI | ||
| document MUST include a Server Object with an accurate `url` parameter and a | ||
| `description` field labeled, "Service Broker Extensions Server". If no Server | ||
| Object `description` field contains, "Service Broker Extensions Server", the | ||
| Platform MUST assume the extension API endpoints are to be invoked using the | ||
| Service Broker host and port. See [OpenAPI Server Object](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md#serverObject) for more information. | ||
|
|
||
| | Response Field | Type | Description | | ||
| | --- | --- | --- | | ||
| | discovery_url* | string | A URI pointing to a valid OpenAPI 3.0+ document describing the API extension(s) to the Open Service Broker API including server location, endpoints, parameters and any other detail the platform needs for invocation. The location of the API extension endpoint(s) can be local to the Service Broker or on a remote server. MUST be a valid URI. The returned OpenAPI document MUST be in json format. See the [OpenAPI Specification](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/3.0.0.md) for more information. | | ||
|
||
| | credentials | object | A Service Broker MAY return authentication details for running any of the extension API calls, especially for those running on remote servers. If not present, the same authentication mechanism used for the normal Open Service Broker APIs MUST work for the new endpoint(s). If the Service Broker wants to use alternate methods of authentication, (e.g. on remote servers) it MUST provide details to that mechanism in the OpenAPI document, (e.g. an OAuth Flow Object), and the appropriate credential(s), (e.g. bearer token), as part of the `extensions_api` object within the `credentials` field. If credentials are present in an `extensions_api` object, the Platform will need to verify the authentication method from the OpenAPI document. | | ||
| | adheres_to | string | A URI refering to a specification detailing the implementation guidelines for the OpenAPI document hosted at the `discovery_url`. While this property is a URI, there is no requirement for there to be an actual server listening at that endpoint. This value is meant to provide a unique identifier representing the set of extensions APIs supported. If present, MUST be a valid URI. | | ||
|
There was a problem hiding this comment. The semantics of this column could be clarified a little bit - what is the advantage of specifying a URI that points to a location where no server is running? There was a problem hiding this comment. Sorry, I don't follow. Which part are you referencing? There was a problem hiding this comment.
Am I write in thinking that this field is going to be used to allow clients to spot "common" operations that they could do, say, in bulk across multiple service instances? There was a problem hiding this comment. Often people push for unique IDs to be URIs so that they avoid strings that too simplistic - like "backup". By making it a URI its trying to force people to namespace things by including some domain name in the URI. While I've heard bulk ops as one reason for this, to me the bigger reason is that a platform (or its UI) can know when it comes across some actions that it knows about and may want to do some special processing for. E.g. perhaps it has a dedicated UI for them. W/o some well defined URI to say "yes, these are the set of ops that's been defined by spec xxx" the platform can't really be sure what those ops do. Checking (strcmp) the names of the ops alone doesn't really guarantee anything. There was a problem hiding this comment. As per Paul's suggestion I will add some text here about what the Platform can do with this information. Should clear this up, (mildly). |
||
|
|
||
| \* Fields with an asterisk are REQUIRED. | ||
|
|
||
| ``` | ||
| { | ||
| "dashboard_url": "http://example-dashboard.example.com/9189kdfsk0vfnku", | ||
| "operation": "task_10", | ||
| "extension_apis":[{ | ||
| "discovery_url": "http://example-openapi-doc.example.com/extensions", | ||
| "credentials":[{ | ||
| "tokenURL": "https://example.com/api/oauth/token" | ||
| }], | ||
| "adheres_to": "http://example-specification.example.com" | ||
| }] | ||
| } | ||
| ``` | ||
|
|
||
|
|
||
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would suggest the specs to clarify when an extension_api should be defined and used by broker authors w.r.t. to asking 1st class support in the OSB API.
Are platforms expected to provide UI/CLI tooling for any declared extensions (i.e. dynamically generating UI from the openAPI document) ? Would generated UIs and user workflows be restricted to single API endpoint calls, or would instead spawn across multiple API calls (e.g. list backups, restore backup, delete backup) ?
Are platforms instead expected to additionally support specific curated extensions and bring optimized user experience for them? If so, where/how would such curated extensions be defined and published ?
Can the specs recommend use-cases for extensions such as:
1- operator specific extensions : a platform operators is adding custom features to a broker and brings custom UI on along it.
2- service specific extensions (say stop/resume operation) that only applies to a category of services
3- vendor specific extensions (say K8S/CF vendor X way of offering backup which differ from vendor Y)
4- platform specific extensions (e.g. CF AR service metrics ingestion which differs from K8S metrics ingestion) that can't be supported by platform-specific profiles
Would the mentioned day 2 operations seem be fitting some of the cases above?
Backup, Restore: vendor specific extensionsStop, Start, Restart and Pause: service specific extensionsThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The current thinking is it is entirely up to the broker author, and the platform can choose to provide, at minimum, the OpenAPI UI (or even just the OpenAPI url). Then platforms can extend the UI based on 'adheres_to'.
We had talked about how to batch calls but it became clear that this could be designed forever and we decided to support just the single endpoint as a first step, but nothing stops a clever broker from providing batch/aggregation on their own.
adheres_tois the mechanism we think will do this. If it is proven that this is not enough we can always revisit the spec to add what is lacking.I suspect this is out of scope for the current PR, at least until we see some real world emergent behavior for generic actions.