325 lines
11 KiB
ReStructuredText
325 lines
11 KiB
ReStructuredText
..
|
|
This work is licensed under a Creative Commons Attribution 3.0 Unported
|
|
License.
|
|
|
|
http://creativecommons.org/licenses/by/3.0/legalcode
|
|
|
|
======================================
|
|
Example Spec - The title of your story
|
|
======================================
|
|
|
|
Include the URL of your Storyboard story:
|
|
|
|
https://storyboard.openstack.org/#!/project_group/66
|
|
|
|
Introduction paragraph -- why are we doing anything? A single paragraph of
|
|
prose that operators can understand.
|
|
|
|
Some notes about using this template:
|
|
|
|
* Your spec should be in ReSTructured text, like this template.
|
|
|
|
* Please wrap text at 79 columns.
|
|
|
|
* Please do not delete any of the sections in this template. If you have
|
|
nothing to say for a whole section, just write: None
|
|
|
|
* For help with syntax, see http://sphinx-doc.org/rest.html
|
|
|
|
* To test out your formatting, build the docs using tox, or see:
|
|
http://rst.ninjs.org
|
|
|
|
* If you would like to provide a diagram with your spec, ascii diagrams are
|
|
required. http://asciiflow.com/ is a very nice tool to assist with making
|
|
ascii diagrams. The reason for this is that the tool used to review specs is
|
|
based purely on plain text. Plain text will allow review to proceed without
|
|
having to look at additional files which can not be viewed in gerrit. It
|
|
will also allow inline feedback on the diagram itself.
|
|
|
|
* If your specification proposes any changes to the Cloudkitty REST API such
|
|
as changing parameters which can be returned or accepted, or even
|
|
the semantics of what happens when a client calls into the API, then
|
|
you should add the APIImpact flag to the commit message. Specifications with
|
|
the APIImpact flag can be found with the following query::
|
|
|
|
https://review.openstack.org/#/q/status:open+project:openstack/cloudkitty-specs+message:apiimpact,n,z
|
|
|
|
|
|
Problem Description
|
|
===================
|
|
|
|
A detailed description of the problem:
|
|
|
|
* For a new feature this might be use cases. Ensure you are clear about the
|
|
actors in each use case: End User vs Deployer
|
|
|
|
* For a major reworking of something existing it would describe the
|
|
problems in that feature that are being addressed.
|
|
|
|
|
|
Proposed Change
|
|
===============
|
|
|
|
Here is where you cover the change you propose to make in detail. How do you
|
|
propose to solve this problem?
|
|
|
|
If this is one part of a larger effort make it clear where this piece ends. In
|
|
other words, what's the scope of this effort?
|
|
|
|
Alternatives
|
|
------------
|
|
|
|
What other ways could we do this thing? Why aren't we using those? This doesn't
|
|
have to be a full literature review, but it should demonstrate that thought has
|
|
been put into why the proposed solution is an appropriate one.
|
|
|
|
Data model impact
|
|
-----------------
|
|
|
|
Changes which require modifications to the data model often have a wider impact
|
|
on the system. The community often has strong opinions on how the data model
|
|
should be evolved, from both a functional and performance perspective. It is
|
|
therefore important to capture and gain agreement as early as possible on any
|
|
proposed changes to the data model.
|
|
|
|
Questions which need to be addressed by this section include:
|
|
|
|
* What new data objects and/or database schema changes is this going to
|
|
require?
|
|
|
|
* What database migrations will accompany this change (if any)?
|
|
|
|
* How will the initial set of new data objects be generated? For example, if you
|
|
need to modify other existing data, describe how that will work.
|
|
|
|
REST API impact
|
|
---------------
|
|
|
|
Each API method which is either added or changed should have the following
|
|
|
|
* Specification for the method
|
|
|
|
* A description of what the method does suitable for use in
|
|
user documentation
|
|
|
|
* Method type (POST/PUT/GET/DELETE)
|
|
|
|
* Normal http response code(s)
|
|
|
|
* Expected error http response code(s)
|
|
|
|
* A description for each possible error code should be included
|
|
describing semantic errors which can cause it such as
|
|
inconsistent parameters supplied to the method, or when an
|
|
instance is not in an appropriate state for the request to
|
|
succeed. Errors caused by syntactic problems covered by the JSON
|
|
schema definition do not need to be included.
|
|
|
|
* URL for the resource
|
|
|
|
* Parameters which can be passed via the url
|
|
|
|
* JSON schema definition for the body data if allowed
|
|
|
|
* JSON schema definition for the response data if any
|
|
|
|
* Example use case including typical API samples for both data supplied
|
|
by the caller and the response
|
|
|
|
* Discuss any policy changes, and discuss what things a deployer needs to
|
|
think about when defining their policy.
|
|
|
|
Example JSON schema definitions can be found in the Nova tree
|
|
https://git.openstack.org/cgit/openstack/nova/tree/nova/api/openstack/compute/schemas
|
|
|
|
Note that the schema should be defined as restrictively as
|
|
possible. Parameters which are required should be marked as such and
|
|
only under exceptional circumstances should additional parameters
|
|
which are not defined in the schema be permitted (eg
|
|
additionaProperties should be False).
|
|
|
|
Reuse of existing predefined parameter types such as regexps for
|
|
passwords and user defined names is highly encouraged.
|
|
|
|
Security impact
|
|
---------------
|
|
|
|
Describe any potential security impact on the system. Some of the items to
|
|
consider include:
|
|
|
|
* Does this change touch sensitive data such as tokens, keys, or user data?
|
|
|
|
* Does this change alter the API in a way that may impact security, such as
|
|
a new way to access sensitive information or a new way to login?
|
|
|
|
* Does this change involve cryptography or hashing?
|
|
|
|
* Does this change require the use of sudo or any elevated privileges?
|
|
|
|
* Does this change involve using or parsing user-provided data? This could
|
|
be directly at the API level or indirectly such as changes to a cache layer.
|
|
|
|
* Can this change enable a resource exhaustion attack, such as allowing a
|
|
single API interaction to consume significant server resources? Some examples
|
|
of this include launching subprocesses for each connection, or entity
|
|
expansion attacks in XML.
|
|
|
|
* Does this change the need for auditing in any way?
|
|
|
|
For more detailed guidance, please see the OpenStack Security Guidelines as
|
|
a reference (https://wiki.openstack.org/wiki/Security/Guidelines). These
|
|
guidelines are a work in progress and are designed to help you identify
|
|
security best practices. For further information, feel free to reach out
|
|
to the OpenStack Security Group at openstack-security@lists.openstack.org.
|
|
|
|
Notifications Impact
|
|
--------------------
|
|
|
|
Please specify any changes to notifications or auditing. Be that an extra
|
|
notification, changes to an existing notification, or removing a notification.
|
|
|
|
Other end user impact
|
|
---------------------
|
|
|
|
Aside from the API, are there other ways a user will interact with this
|
|
feature?
|
|
|
|
* Does this change have an impact on python-cloudkittyclient? What does the user
|
|
interface there look like?
|
|
|
|
Performance Impact
|
|
------------------
|
|
|
|
Describe any potential performance impact on the system, for example
|
|
how often will new code be called, and is there a major change to the calling
|
|
pattern of existing code.
|
|
|
|
Examples of things to consider here include:
|
|
|
|
* A periodic task might look like a small addition but when considering large
|
|
scale deployments the proposed call may in fact be performed on hundreds
|
|
of nodes.
|
|
|
|
* A small change in a utility function or a commonly used decorator can have a
|
|
large impacts on performance.
|
|
|
|
* Calls which result in a database queries can have a profound impact on
|
|
performance when called in critical sections of the code.
|
|
|
|
* Will the change include any locking, and if so what considerations are there
|
|
on holding the lock?
|
|
|
|
Other deployer impact
|
|
---------------------
|
|
|
|
Discuss things that will affect how you deploy and configure OpenStack
|
|
that have not already been mentioned, such as:
|
|
|
|
* What config options are being added? Should they be more generic than
|
|
proposed? Are the default values ones which will work well in
|
|
real deployments?
|
|
|
|
* Is this a change that takes immediate effect after its merged, or is it
|
|
something that has to be explicitly enabled?
|
|
|
|
* If this change is a new binary, how would it be deployed?
|
|
|
|
* Please state anything that those doing continuous deployment, or those
|
|
upgrading from the previous release, need to be aware of. Also describe
|
|
any plans to deprecate configuration values or features.
|
|
|
|
Developer impact
|
|
----------------
|
|
|
|
Discuss things that will affect other developers working on OpenStack,
|
|
such as:
|
|
|
|
* New dependencies in development environments.
|
|
|
|
* Changes to typical developer workflows.
|
|
|
|
* Changes that will require updates to CI.
|
|
|
|
* Changes to shared code that will require updates to other areas of code
|
|
outside this feature.
|
|
|
|
|
|
Implementation
|
|
==============
|
|
|
|
Assignee(s)
|
|
-----------
|
|
|
|
Who is leading the writing of the code? Or is this a story where you're
|
|
throwing it out there to see who picks it up?
|
|
|
|
If more than one person is working on the implementation, please designate the
|
|
primary author and contact.
|
|
|
|
Primary assignee:
|
|
<gerrit-id/IRC nick or None>
|
|
|
|
Other contributors:
|
|
<gerrit-id/IRC nick or None>
|
|
|
|
Work Items
|
|
----------
|
|
|
|
Work items or tasks -- break the feature up into the things that need to be
|
|
done to implement it. Those parts might end up being done by different people,
|
|
but we're mostly trying to understand the timeline for implementation.
|
|
|
|
In your Storyboard story, create one task per work item detailed here.
|
|
|
|
Dependencies
|
|
============
|
|
|
|
* Include specific references to specs and/or stories/tasks in Cloudkitty, or
|
|
in other projects, that this one either depends on or is related to.
|
|
|
|
* If this requires functionality of another project that is not currently used
|
|
by Cloudkitty, document that fact.
|
|
|
|
* Does this feature require any new library dependencies or code otherwise not
|
|
included in OpenStack? Or does it depend on a specific version of library?
|
|
|
|
|
|
Testing
|
|
=======
|
|
|
|
Please discuss how the change will be tested. Detail howe you intend to test
|
|
this (unit tests only ? with tempest ?). It is assumed that unit test coverage
|
|
will be added so that doesn't need to be mentioned explicitly, but discussion
|
|
of why you think unit tests are sufficient and we don't need to add more tempest
|
|
tests would need to be included.
|
|
|
|
Is this untestable in gate given current limitations (specific hardware /
|
|
software configurations available)? If so, are there mitigation plans (3rd
|
|
party testing, gate enhancements, etc).
|
|
|
|
|
|
Documentation Impact
|
|
====================
|
|
|
|
What is the impact on the docs team of this change? Some changes might require
|
|
donating resources to the docs team to have the documentation updated. Don't
|
|
repeat details discussed above, but please reference them here.
|
|
|
|
|
|
References
|
|
==========
|
|
|
|
Please add any useful references here. You are not required to have any
|
|
reference. Moreover, this specification should still make sense when your
|
|
references are unavailable. Examples of what you could include are:
|
|
|
|
* Links to mailing list or IRC discussions
|
|
|
|
* Links to notes from a summit session
|
|
|
|
* Links to relevant research, if appropriate
|
|
|
|
* Related specifications as appropriate (e.g. link to any vendor documentation)
|
|
|
|
* Anything else you feel it is worthwhile to refer to
|