Mailing-List: contact cloudstack-dev-help@incubator.apache.org; run by ezmlm
Precedence: bulk
Reply-To: cloudstack-dev@incubator.apache.org
Received-SPF: unknown mxinclude:zoho.com~all (athena.apache.org: encountered
 unrecognized mechanism during SPF processing of domain of jlk@stratosec.co)
From: John Kinsella <jlk@stratosec.co>
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_2BDD38BC-2B40-45BC-907A-6ADC501D3942"
Message-ID: <1FA27156-E68B-4D36-AA31-3C09776F7973@stratosec.co>
MIME-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
Subject: Re: Functional Specification for the multiple IPs per NIC
Date: Tue, 18 Dec 2012 11:05:24 -0800
References: <CCF5F7F2.3C619%chiradeep.vittal@citrix.com>
 <66D929FF-4DDD-485F-8863-2F86E8301745@stratosec.co>
 <02e401cddd51$b74a9420$25dfbc60$@backbonetechnology.com>
To: <cloudstack-dev@incubator.apache.org>
In-Reply-To: <02e401cddd51$b74a9420$25dfbc60$@backbonetechnology.com>

--Apple-Mail=_2BDD38BC-2B40-45BC-907A-6ADC501D3942
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="us-ascii"

Well, not quite. The question I might be clearly asking is: Do we build =
MIPN now with intention to rewrite, or do we update the =
metadata/user-data code first?

On Dec 18, 2012, at 10:58 AM, "Kelcey Damage (BT)" =
<kelcey@backbonetechnology.com>
 wrote:

> I guess we are all in agreement them :)
>=20
>> -----Original Message-----
>> From: John Kinsella [mailto:jlk@stratosec.co]
>> Sent: Tuesday, December 18, 2012 10:56 AM
>> To: cloudstack-dev@incubator.apache.org
>> Subject: Re: Functional Specification for the multiple IPs per NIC
>>=20
>> cloud-init's (more specifically, user-data) being mentioned because I =
see
> an
>> ongoing need of wanting to get instance-specific data into an =
instance.
>>=20
>> So, we can tweak meta-data to add support for multi-IP per NIC =
(MIPN), or
>> we can take a step back and talk through how the metadata side of =
things
>> could be beefed up before implementing MIPN to minimize future =
rewriting.
>>=20
>> The result is better compatibility with AWS, better security, and =
more
>> standardized functionality going forward.
>>=20
>> Yes, this is a separate feature than the MIPN by itself. I meant to =
call
> that out
>> in my first bullet, apologies.
>>=20
>> John
>>=20
>> On Dec 18, 2012, at 10:39 AM, Chiradeep Vittal
>> <Chiradeep.Vittal@citrix.com>
>> wrote:
>>=20
>>> Sorry, not sure why cloud-init is being clubbed into this feature.
>>>=20
>>> The secondary ips can be made available through the usual metadata
>> scheme.
>>>=20
>>> On 12/18/12 10:36 AM, "John Kinsella" <jlk@stratosec.co> wrote:
>>>=20
>>>> Is there any logic behind 30? At some point, we're going to be =
asked,
>>>> so I'd like to have a decent answer. :)
>>>>=20
>>>> On the rest of this, I'd like to get some level of consensus on the
>>>> design. What looks best to me:
>>>> * Improve UserData/CloudInit support in CloudStack (I'm willing to
>>>> work on this, consider it important) - allow expiration of data,
>>>> wider variety of data supported
>>>> * Create the multi-IPs-per-NIC code to get IPs via CloudInit (Need =
to
>>>> think through Windows equivalent)
>>>> * Update the password changing script to use CloudInit
>>>>=20
>>>> Thoughts? Or Jayapal have you already started work on the multi-IP
>>>> feature?
>>>>=20
>>>> On Dec 18, 2012, at 2:03 AM, Jayapal Reddy Uradi
>>>> <jayapalreddy.uradi@citrix.com> wrote:
>>>>=20
>>>>> Regarding IP limit,  it can be made as configurable using global
>>>>> settings and default value will be 30.
>>>>>=20
>>>>>=20
>>>>> Thanks,
>>>>> Jayapal
>>>>>=20
>>>>>> -----Original Message-----
>>>>>> From: Chiradeep Vittal [mailto:Chiradeep.Vittal@citrix.com]
>>>>>> Sent: Monday, December 17, 2012 12:59 PM
>>>>>> To: CloudStack DeveloperList
>>>>>> Subject: Re: Functional Specification for the multiple IPs per =
NIC
>>>>>>=20
>>>>>> In basic/shared networks the allocation is bounded by what is
>>>>>> already
>>>>>> "used-
>>>>>> up". To prevent tenants from hogging all the available ips, there
>>>>>> needs to be limits.
>>>>>>=20
>>>>>> On 12/15/12 8:38 AM, "John Kinsella" <jlk@stratosec.co> wrote:
>>>>>>=20
>>>>>>> I'd remove the limitation of having 30 IPs per interface. Modern
>>>>>>> OSes can support way more.
>>>>>>>=20
>>>>>>> Why no support for basic networking? I can see a small hosting
>>>>>>> provider with a basic setup wanting to manage web servers...
>>>>>>>=20
>>>>>>> John
>>>>>>>=20
>>>>>>> On Dec 14, 2012, at 9:37 AM, Jayapal Reddy Uradi
>>>>>>> <jayapalreddy.uradi@citrix.com> wrote:
>>>>>>>=20
>>>>>>>> Hi All,
>>>>>>>>=20
>>>>>>>> Current guest VM by default having one NIC and one IP address
>>>>>>>> assigned.
>>>>>>>> If your wants extra IP for the guest VM, there no provision =
from
>>>>>>>> the CS.
>>>>>>>>=20
>>>>>>>> Using multiple IP address per NIC feature CS can associate IP
>>>>>>>> address for the NIC,  user can take that IP and assign it to =
the VM.
>>>>>>>>=20
>>>>>>>> Please find the FS for  the more details.
>>>>>>>>=20
>>>>>>>>=20
>>>>>>>> =
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Multiple+I
>>>>>>>> P+a
>>>>>> dd
>>>>>>>> res
>>>>>>>> s+per+NIC
>>>>>>>>=20
>>>>>>>> Please provide your comments on the FS.
>>>>>>>>=20
>>>>>>>>=20
>>>>>>>> Thanks,
>>>>>>>> jayapal
>>>>>>>=20
>>>>>>> Stratosec - Secure Infrastructure as a Service
>>>>>>> o: 415.315.9385
>>>>>>> @johnlkinsella
>>>>>>>=20
>>>>>=20
>>>>>=20
>>>>=20
>>>> Stratosec - Secure Infrastructure as a Service
>>>> o: 415.315.9385
>>>> @johnlkinsella
>>>>=20
>>>=20
>>>=20
>>=20
>> Stratosec - Secure Infrastructure as a Service
>> o: 415.315.9385
>> @johnlkinsella
>=20
>=20
>=20

Stratosec - Secure Infrastructure as a Service
o: 415.315.9385
@johnlkinsella


--Apple-Mail=_2BDD38BC-2B40-45BC-907A-6ADC501D3942--