ARCHERY data model and DNS records rendering

ARCHERY implies a minimalistic data model that is targeting mostly static information to address the distributed e-Infrastructure resource grouping, software environments provisioning and service discovery needs.

The ARCHERY objects and their releations are embedded into the DNS infrastructure as a dedicated Resource Record sets according to the rendering described below.

ARCHERY objects

To represent the distributed e-infrastructure concept the ARCHERY data model defines three type of objects: the Endpoint Object, the Service Object and the Group Object.

ARCHERY data model (Service Endpoints)

Fig. 25 ARCHERY e-Infrastructure topology bjects, their attributes and relations in the data model.

To represent the community software environments in the e-infrastructure two additional type of objects are defined in the ARCHERY data model: the Software Object and the RTE Object.

ARCHERY data model (Software Registry)

Fig. 26 ARCHERY software environment objects, their attributes and relations in the data model.

Endpoint object

Endpoint object is used to capture information about a network location that can be used to access specific service functionality, including accessing information within ARCHERY registry service itself. For the later special endpoint types were defined (see below). The Endpoint object is described with the following set of attributes:

  • Endpoint URL - defines the network location by which the service functionality is accessible;
  • Endpoint Type - contains the value from the Endpoint type enumeration defined by the e-Infrastructure operators [1]. In addition to ordinary service endpoint types two special ARCHERY endpoint types archery.group and archery.service had been introduced for accessing the ARCHERY Group and Service objects within the registry. Another special types includes archery.software and archery.rte that used to access ARCHERY Software and RTE objects respectively when community software registry is embedded into the DNS.
  • Endpoint State (optional) - Boolean value that indicates the endpoint availability. In case of an ARCHERY service endpoint, if the endpoint state is false (unavailable) it is still used to represent e-Infrastructure topology, but should not be used during service endpoints discovery. Missing attribute is interpreted as true i.e. the endpoint is available.
[1]The org.ogf.glue.emies.activiticreation, org.nordugrid.ldapglue2, org.nordugrid.gridftpd are examples of endpoint types used in NorduGrid infrastructure.

Service object

Service object represents an e-Infrastructure service, like Computing Element, Storage Element, etc. The Service object is described with the following set of attributes:

  • Service ID - holds the service identifier as an arbitrary string. For example the ID can be derived from the hostname;
  • Service Type - contains the value from the Service type enumeration defined by the e-Infrastructure operators;
  • Service Endpoints - an array of Endpoint objects associated with the Service.

Group object

Group object is used to organize other objects such as ARCHERY Service or Group. The grouping was introduced to the data model so that infrastructure topologies (i.e. hierarchies or federations) can be represented inside the registry in a flexible way. The Group object is described with the following set of attributes:

  • Group ID (optional) - holds the group identifier as an arbitrary string.
  • Group Type (optional) - defines the grouping type based on organizational structure; example values could be: Site, Country, Tier, etc.
  • ARCHERY Endpoints - an array of Endpoint objects of special defined ARCHERY endpoint types (archery.group, archery.service or archery.software). These Endpoint objects describe the optional state and URL of the ARCHERY objects inside the registry.

Software object

Software objects are used to represent a community-defined RTEs regisry instances. The Software object provides community public key data and enumerates the available RTEs. It is described with the following set of attributes:

  • Registry ID (optional) - holds the software registry identifier as an arbitrary string.
  • PubKey Endpoint - and Endpoint object that contains URL to the public key location. It can points to external URLs or raw data inside the DNS. Technical implementation uses gpg.pubkey and gpg.pubkey.base64 endpoint types depending on Base64 encoding usage.
  • RTEs Endpoints - and array of Endpoint objects of special defined ARCHERY endpoint type archery.rte. These Endpoint objects describe the optional state and URL of the ARCHERY RTE objects inside the registry.

RTE Object

RTE Object is used to represent a particular community-defined RTE script. It encapsulates the RTE ID (according to the naming and versioning convention), optional RTE description and contains Endpoints to signed RTE scripts. It is described with the following set of attributes:

  • RTE ID - holds the RTE identifier according to naming and versioning scheme
  • RTE Description (optional) - an arbitrary string that contains the human-readable description of RTE
  • RTE Data Endpoints - and array of Endpoint objects that points to signed RTE data. It can points to external URLs or raw data inside the DNS. Technical implementation uses gpg.signed and gpg.signed.base64 endpoint types depending on Base64 encoding usage.

Entry point group object

Following the data model the service endpoint discovery process can start from the entry point Group Object and recursively contacting all the ARCHERY Endpoints.

The Sotfware objects can be attached to any parent Group Object and discovered using the same recursive traversal of the e-Infrastructure topology.

ARCHERY object attributes allow taking into account group, service and/or endpoint types as well as availability status during the recursive discovery process to query only the subset of objects.

DNS Resource Records rendering

Rendering ARCHERY objects

ARCHERY objects are rendered using TXT resource records (RRs). These TXT RRs contain the space separated key=value pairs where keys correspond to the data model object attributes. Boolean object attributes have values specified as 0 or 1.

The Endpoint Object is rendered with a single TXT RR where Endpoint Object attributes – Endpoint URL, Endpoint Type and optional Endpoint State are represented by the u, t, s keys in this specific order within the space separated key-value pairs.

The Service Object of the ARCHERY data model is rendered by a dedicated RRSet identified by unique domain name that can be used to access this object inside the registry.

The service RRSet is composed of single service object identity RR and one RR for every Endpoint objects associated with the service. The service object identity RR has the format of o=service followed by t=<Service Type> and id=<Service ID>:

<DNS name> TXT "o=service t=<Service Type> id=<Service ID>"
<DNS name> TXT "u=<Endpoint URL> t=<Endpoint Type> [s={0|1}]"
<DNS name> TXT                   ...
<DNS name> TXT "u=<Endpoint URL> t=<Endpoint Type> [s={0|1}]"

The Group Object of is rendered by a dedicated RRSet identified by unique domain name that can be used to access this object inside the registry.

The Group RRSet is composed of single Group object identity RR and one RR for every ARCHERY Endpoint objects pointing to other Service or Group objects that are part of this specific Group. The Group object identity RR has the format of o=group followed by optional t=<Group Type> and optional id=<Group ID>:

<DNS name> TXT "o=group [t=<Group Type>] [id=<Group ID>]"
<DNS name> TXT "u=<DNS URL> t=archery.{group|service} [s={0|1}]"
<DNS name> TXT              ...
<DNS name> TXT "u=<DNS URL> t=archery.{group|service} [s={0|1}]"

The Software Object of the ARCHERY data model is rendered by a dedicated RRSet identified by unique domain name that can be used to access this object inside the registry.

The software object RRSet is composed of single object identity RR, PubKey Endpoint object RR and one RR for every RTEs Endpoint objects associated with the registry. The software object identity RR has the format of o=software followed by optional id=<Registry ID>:

<DNS name> TXT "o=software [id=<Registry ID>]"
<DNS name> TXT "u=<PubKey URL> t=gpg.pubkey[.base64]"
<DNS name> TXT "u=<DNS URL> t=archery.rte [s={0|1}]"
<DNS name> TXT                   ...
<DNS name> TXT "u=<DNS URL> t=archery.rte [s={0|1}]"

The RTE Object of the ARCHERY data model is rendered by a dedicated RRSet identified by unique domain name that can be used to access this object inside the registry.

The RTE object RRSet is composed of single object identity RR, and one RR for every RTE Data Endpoint object pointing to signed RTE data location. The RTE object identity RR has the format of o=rte followed by id=<RTE ID> and optional d=<RTE Descition>. The description should be encoded to eliminate spaces, using the URLEncode is advised. Typicaly there is only one RTE Data Endpoint object that point to either DNS or external URL. Several RTE Data Endpoints imply external URL redundancy:

<DNS name> TXT "o=rte id=<RTE ID> [d=<RTE Description>]"
<DNS name> TXT "u=<RTE Data URL> t=gpg.singed[.base64] [s={0|1}]"

Embedding ARCHERY object relations

In the registry rendering the entry point Group Object is distinguished by the predefined RRSet DNS name starting with the mandatory _archery. Any other objects may have arbitrary RRSet name in any DNS zone. Exact RRSets naming scheme does not affect service discovery process, but should be consistent and transparent from the operational point of view.

The child-parent Endpoint Object to Service Object relation is implicitly defined by means of grouping within the same RRSet. The same applies to “RTE Data Endpoint Object to RTE Object” and “PubKey Endpoint object to Software Object” relations.

The ARCHERY Data model allows grouping of Service, Group and Software Objects into Group objects via the intermediate Endpoint objects. This grouping in the DNS rendering is implemented by using dedicated ARCHERY Endpoint types that are contained as RR text inside the Group object’s RRSet. The same applies to “RTEs Endpoint Object to Software Object” relations.

Both Group Object to Group Object, Group Object to Service Object, Group Object to Software Object and Software Object to RTE Object relations rest upon the unique DNS name of the RRSet of the pointed object.