Re: CF CLI v6.35.0 Release Today - service instance sharing; client credentials


Sam Gunaratne
 

Or would a broker only discover this ( if it cared) when the new binding API requests come in with different org/space GUIDs?
 
That is correct, the broker is only aware of service sharing when a bind request occurs with different org/space GUIDs. The act of sharing/unsharing a service instance is handled at the platform level. 

a service offering cannot be made shareable unless the vendor is aware of the concept of shareable services and ships a future version to modifies their /v2/catalog JSON
 
Yes, for a service to be shareable then the feature flag must be enabled in the platform AND the service broker's catalog must have the shareable flag defined. We wanted to be defensive here for a few reasons:
  • Sharing does not make sense for certain services (e.g. app scaling)
  • We wanted broker authors to opt-in to this change so they could understand the security considerations
  • Some hosted services may already assume single org/space service instance consumption for things like billing
  • We didn't want services to break if they received a binding to a shared service.
We can still see value in having cf-admins control certain sharing properties but decided to release the first version without it to get some feedback.

Sam

On Tue, Mar 13, 2018 at 1:21 AM, Dr Nic Williams <drnicwilliams@...> wrote:
I’m not sure what I’m asking is what you’re saying; I think you’re confirming the current implementation - a service offering cannot be made shareable unless the vendor is aware of the concept of shareable services and ships a future version to modifies their /v2/catalog JSON. I’m asking for admins to be able to make up their own decisions without requiring service brokers to be modified.

Question: when a service instance is shared with another space, does a broker API get invoked? Or would a broker only discover this ( if it cared) when the new binding API requests come in with different org/space GUIDs?


From: cf-dev@... <cf-dev@...> on behalf of Dr Nic Williams <drnicwilliams@...>
Sent: Monday, March 12, 2018 6:18:18 PM

To: cf-dev@...
Subject: Re: [cf-dev] CF CLI v6.35.0 Release Today - service instance sharing; client credentials
 
Jay, to confirm, an admin will be able to share a service broker/service offering even if it’s not explicitly supported by the /v2/catalog?


From: cf-dev@... <cf-dev@...> on behalf of Jay Badenhope <jbadenhope@...>
Sent: Monday, March 12, 2018 6:16:51 PM
To: cf-dev@...
Subject: Re: [cf-dev] CF CLI v6.35.0 Release Today - service instance sharing; client credentials
 
Hi Dr Nic,
Building on Denise's response, we also empower the admin to enable/restrict sharing. There are two settings that must be true in order to enable service instance sharing:
1. At the global level: "To enable service instance sharing, an administrator must enable the `service_instance_sharing` flag." https://docs.cloudfoundry.org/devguide/services/sharing-instances.html#enabling
2. At the service level, as you mentioned, "Service brokers must explicitly enable service instance sharing by setting a flag in their service-level metadata object." https://docs.cloudfoundry.org/services/enable-sharing.html#enabling

Matthias,
I'm going to connect with my UAA colleagues and make sure we have a good answer to your question.

Jay

On Mon, Mar 12, 2018 at 3:24 AM, <dyu@...> wrote:
The decision to have service authors opt in was to account for the fact that some services may not be shareable out-of-the-box, primarily due to security considerations. Some brokers may currently be designed to only issue global read+write permissions, but authors may want to change their service permissions model if shareability is now on the cards, for example, read+write for SpaceDevs in the original space, but read-only for spaces that received the instance via sharing.




--

Jay Badenhope

Product Manager
Pivotal Labs
+1.510.517.6973 
LinkedIn | Twitter



Join cf-dev@lists.cloudfoundry.org to automatically receive all group messages.