Hi everyone,
The components of Opus we're currently working on seem to be wrapping up.
I'd like to get everyone's input on where to go from here.
First, here's what we've accomplished so far:
* Opus can create and deploy a project with applications from any git
repository. This involves creating the project package itself, creating a
system user and locking down permissions on sensitive files, configuring and
syncing the database, generating self-signed SSL cert, setting various
project settings for the deployment, writing out the apache and wsgi
configs, and finally restarting apache. All fully automated.
* Opus can reverse the above procedure to delete a project.
* Opus can add applications to a live project, including all the necessary
configuration changes, and database syncs.
* Opus can update an application in a live project. This involves running a
git fetch operation, followed by a git reset operation for git repositories.
* Opus can remove an application from a live project.
* All of the above is fully functional on our simple html interface. We
currently have a mostly functional GWT interface which is almost done.
So, enough of what's done, what's next? There are several items that I can
think of, which we want to eventually have.
* Celery Integration. We want to have Opus make us of, and provide to
applications, an asynchronous message passing interface. This is a bit more
than just putting Celery on the list of dependencies, it will involve having
Opus set up an exchange for each project and configuring the projects to use
it automatically. We also have to figure out how to handle starting and
stopping individual project's celeryd daemons.
* Provisioning Integration. This has been started, I know, but I wanted to
put it on this list anyways. Not only do we want Opus to have control of a
provisioning engine, and provide an interface for deployments, but also we
want Opus use the provisioning engine to power on nodes to serve the
deployments. This will be quite a challenge, I suspect, but since it was one
of the original reasons we started Opus, perhaps this should be a priority.
* Community integration. This is also started, as it comes along with the
GWT interface. We're going to stand up and host a community directory of
applications. This isn't a small task, though.
* And finally, I can think of a few smaller improvements to the existing
components that we (I) could work on.
* Auto-gen databases. So far we've been doing most of our development
testing with sqlite databases. This is easy, since on deployment we can just
create a new sqlite database and secure it with the same file permissions as
the other sensitive files. However, if someone wants a real database, they
have to create and manage it themselves. I'd like to add a layer to
automatically create users and databases for a real DBMS when a project is
created. Problem is, do we want to hard code this for a particular DBMS?
Mysql? Postgresql?
* A more robust user permission model? Right now, projects are created by
a user, and only that user has access to see or modify a project. Unless
you're a super-user, you can't access any projects but the one you've
created. It may be useful to have a more flexible ACL type of model, where a
project admin (the creator) can give access to other users. Perhaps when we
have more options and parameters to control over a project, the permissions
can be even more fine grained.
* An overall dashboard controlling parameters to all projects. Once
provisioning is in place, we'd like one central place to go for admins to
tweak how much resources Opus as a whole can use, any any other parameters
that apply to the Opus installation as a whole. This isn't something that I
imagine will have any options to set right now, but as we get the
provisioning layer done, we'll need this.
Anything I've forgotten?
So, I'd like some feedback on where we should focus our efforts. In
particular, I'd like to know what I should do, but I also wanted to take
this opportunity to summarize the state of the project. The celery
integration is something that I don't think would be too hard right now,
doesn't depend on any other components, and would come in handy very soon.
What does everyone think?
-Andrew Brown