RFC: replace taxonomy with true relationships for organizations and locations

Does anyone like the way orgs and locs work now? Can we raise the option of replacing them with something that better meets user expectations?

True multi-tenancy - Cannot be done. Locations are not scoped to organizations. Many resources are not even scopable to organizations.
"Any Context" really means "No Context" - What? Can we make "any" really mean "any"?

I realize that customers have begun to resign themselves to the awkwardness, but is it really too late to reconsider this decision?

I'm super frustrated that so many objects bleed across orgs. Should I really be able to reference (and change!) a snippet that does not belong to my org? Should I have to be an admin to manage the scope of what resources belong to which org? There is no such thing as an "org admin" in terms of roles and permissions that is actually tenable. I challenge anyone, especially developers, to run as a user without admin checkbox priveleges.

</grrr>

Hello

I'd be very happy if we had some time to design taxonomies change too. There
are two things that we should probably separate - feature and implementation.

In terms of feature I'd suggest getting rid of nested taxonomies and replace
them by explicitly selecting subset of orgs or locs to which a resource
belongs. Taxonomies could still be organized into a tree but just for
organizational purposes. IMHO another confusing concept is mismatches. I think
we should think about related objects and their association to a taxonomy, in
remote execution we got several problems with different objects being
associated with different taxonomies.

In terms of implementation, there are many things that I'd like to see
improved. To name few

• multiple SQL queries because of missing proper relations (esp. nesting)
• any org/log should be a real org, otherwise we have to many ifs
• Taxonomix concern always make object taxable by orgs and locs
• taxonomies is second authorization system, all scoping can be achieved
  through existing permissions (we'd have to improve UX first though)
• performance issues [1]

> Context" really means "No Context" - What? Can we make "any" really mean
> "any"?

could you please elaborate this, I'm not sure what you mean exactly. For
admin, any context is really any, for user it means all orgs and locs he or
she could use so also any but limited to their scope.

[1] Bug #10138: Manage Location and Organization unusable once thousands of nodes are assigned - Foreman

Hi,

I think this discussion belongs on foreman-users at first.
Maybe create a small survey to collect users' feedback about taxonomies to
see what users like/don't like/use/don't use etc. first so we don't go
about a major redesign that is not really needed?
Once we have some feedback from users, we can start here how we need to
redesign them that is based on actual user data rather then developer
hunches or specific cases you've dealt with in the past.

> * taxonomies is second authorization system, all scoping can be achieved
> through existing permissions (we'd have to improve UX first though)
>

This is particularly frustrating for me as a user. Applying locations to a
user directly (there is frustratingly, no other way currently!) correctly
restricts that user from certain objects in a manner that setting location
= <location> in the filters simply doesn't.

> Hi,
>
> I think this discussion belongs on foreman-users at first.
> Maybe create a small survey to collect users' feedback about taxonomies to
> see what users like/don't like/use/don't use etc. first so we don't go
> about a major redesign that is not really needed?
> Once we have some feedback from users, we can start here how we need to
> redesign them that is based on actual user data rather then developer
> hunches or specific cases you've dealt with in the past.

While I agree the user feedback is needed here, I don't think
the developers couldn't initiate this. I can just testify that reasoning
about the taxonomies right now is very hard, as we hit this several times
in remote execution: many times, there was some design drafted, it got
much more complicated when taking taxonomies into account. And the level
of complexity grows as one starts reasoning about:

• taxonomies nesting
• orthogonal taxonomies - combination of organizations and locations

The current state leads to developers fighting with the taxonomies
infrastructure or just avoiding using it, because otherwise there would
be too many edge cases with undefined behavior. So from developer point of view
(and I don't think I'm and exception here), the taxonomies need major redesign.

In general, it seems the taxonomies as they are today try to solve too many
things (or we want to use them for things they were not designed for):

• classification - where the resource lies (physically or logically)
  • maybe tagging would be more flexible for this
• multi-tenancy - resources separation
  • we are still missing this. What would help here is having one and only one owner for every resource
    (parent-relation could still work here). The things be unique by combination of owner tenant and name.
    The only role of the tenant would be scoping the uniqueness of the resources. Permissions would be
    still build rather in authorization with filters, rather than the tenant dealing with it.
• authorization - what resources can I see
  • since the permissions system is already build around filters, filtering around tags
    (and building more user friendly tools around building the permissions: the current model
    is very powerful, but hard to use)

Please don't take that as a design proposal, rather as an example of a possible
way we could move to make the things more usable, understandable and deterministic
(or at least where the reasons could be for it not being perceived that way right now).

– Ivan

As per last year, we'll have a community survey which will go out at
CfgMgmtCamp, and the results will make a blog post a bit later on. I'm
currently drafting the question list, and would happily include a question
or two on this. I already have "do you use Orgs/Locs?" - what else would
you like to know?

Hello,

for the first part I mentioned - Feature - I agree. For the implementation I
think it's dev discussion, how to improve it to make our lives easier.
Implementation change does not necessarily imply any change for users.

Well put, Ivan!

Taxonomies were utterly complex from the day one. I was keen into giving
our users something lightweight like string tags (and the well known
tag-cloud) for classification. That's what would upstream like for sure.

And those who need multi tenancy (enterprise users) could get simple
implementation. Perhaps organization could be enough because locations
could be done via tags. Location is very broad concept, these applies to
datacenters, clouds, rooms or physical places. Taxonomy tries to solve
too much here.

What I don't like at all is we disable taxonomy in the upstream by
default. This opens up scissors between upstream and downstream too
much. If we have an implementation that is acceptable upstream, we could
no longer make it option. Or perhaps to always create at least one
organization as a null object pattern (hiding the UI for those who are
not interested).

> * authorization - what resources can I see
> - since the permissions system is already build around filters, filtering around tags
> (and building more user friendly tools around building the permissions: the current model
> is very powerful, but hard to use)

Having simple organizational support, I also agree that our
authorization features are featured enough to fulfill most requirements.

> Please don't take that as a design proposal, rather as an example of a possible
> way we could move to make the things more usable, understandable and deterministic
> (or at least where the reasons could be for it not being perceived that way right now).

I am afraid we have what we have and there is no easy way back.

I'd change the question to

Do you use Orgs, Locs, both or none at the same time?

And some additional interesting items (please reword if needed)

Do you use nested Org/Loc (and if so, please describe your setup)
Would you like to see all resources scoped? (E.g. architectures)
Do you share resources among multiple Orgs or Locs

> or two on this. I already have "do you use Orgs/Locs?" - what else would
> you like to know?

Instead of "do you use" I suggest to ask "how do you use". I'd be
interested in real organization hierarchy of our users. Do they use
organizations only? Locations? What for? Are these datacenters? Physical
locations? Is one level of location enough for them?

> > As per last year, we'll have a community survey which will go out at
> > CfgMgmtCamp, and the results will make a blog post a bit later on. I'm
> > currently drafting the question list, and would happily include a
> question
> > or two on this. I already have "do you use Orgs/Locs?" - what else would
> > you like to know?
>
> I'd change the question to
>
> Do you use Orgs, Locs, both or none at the same time?
>

Indeed, that's how it was last year and currently is again this year. I was
just saving typing. Thanks for checking though

> And some additional interesting items (please reword if needed)
>
> Do you use nested Org/Loc (and if so, please describe your setup)
> Would you like to see all resources scoped? (E.g. architectures)
> Do you share resources among multiple Orgs or Locs
>

Good thoughts, thanks!

As a user, I certainly have some input into here that I'd like to share
when this becomes a more formal RFC - from a large enterprise setup (which
we're in the design phase).

Since we don't really have a formal RFC process (which maybe we should
consider), I'd dive right in and share your thoughts - the sooner we hear
it, and the wider the input, the better decisions we can make. We're always
saying that we'd love to know how people are using taxonomies today, or
what their requirements would be if we changed it, so fire away!

Greg