Return-Path: X-Original-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Delivered-To: apmail-incubator-cloudstack-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 9E634E149 for ; Fri, 25 Jan 2013 14:37:08 +0000 (UTC) Received: (qmail 42554 invoked by uid 500); 25 Jan 2013 14:37:08 -0000 Delivered-To: apmail-incubator-cloudstack-dev-archive@incubator.apache.org Received: (qmail 42398 invoked by uid 500); 25 Jan 2013 14:37:08 -0000 Mailing-List: contact cloudstack-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cloudstack-dev@incubator.apache.org Delivered-To: mailing list cloudstack-dev@incubator.apache.org Received: (qmail 42333 invoked by uid 99); 25 Jan 2013 14:37:06 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 25 Jan 2013 14:37:06 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of Simon.Waterhouse@eu.citrix.com designates 46.33.159.39 as permitted sender) Received: from [46.33.159.39] (HELO SMTP.EU.CITRIX.COM) (46.33.159.39) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 25 Jan 2013 14:37:01 +0000 X-IronPort-AV: E=Sophos;i="4.84,538,1355097600"; d="scan'208";a="894579" Received: from lonpmailmx01.citrite.net ([10.30.203.162]) by LONPIPO01.EU.CITRIX.COM with ESMTP/TLS/RC4-MD5; 25 Jan 2013 14:36:39 +0000 Received: from LONPMAILBOX01.citrite.net ([10.30.224.160]) by LONPMAILMX01.citrite.net ([10.30.203.162]) with mapi; Fri, 25 Jan 2013 14:36:40 +0000 From: Simon Waterhouse To: "cloudstack-dev@incubator.apache.org" CC: Chiradeep Vittal Date: Fri, 25 Jan 2013 14:36:37 +0000 Subject: RE: [DISCUSS] add/remove NIC on VM Thread-Topic: [DISCUSS] add/remove NIC on VM Thread-Index: Ac36khqW5ICuN/iyRgOpyoO9JTr9iAAWhDSgAAc4+SA= Message-ID: <4B2EA7702410EE4FB4AF54931A777FED011E92548080@LONPMAILBOX01.citrite.net> References: <4B2EA7702410EE4FB4AF54931A777FED011E92547C6D@LONPMAILBOX01.citrite.net> <4B2EA7702410EE4FB4AF54931A777FED011E92548020@LONPMAILBOX01.citrite.net> In-Reply-To: <4B2EA7702410EE4FB4AF54931A777FED011E92548020@LONPMAILBOX01.citrite.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org Sorry, just looked again at the AWS spec and saw the ability to change secu= rity groups on a NIC I will add support for this in the spec. too. -----Original Message----- From: Simon Waterhouse [mailto:Simon.Waterhouse@eu.citrix.com]=20 Sent: 25 January 2013 11:20 To: cloudstack-dev@incubator.apache.org Cc: Chiradeep Vittal Subject: RE: [DISCUSS] add/remove NIC on VM Chiradeep, Thanks for the comments. I will update the design spec. as follows: 1. Add a requirement to update instance metadata 2. Add API changes for enableStaticNat and createPortForwardingRule so thes= e can take either virtualmachineid or nicid as request parameters. 3. Add a requirement to provide upgrade scripts/mechanisms To answer the other questions 1. I had not anticipated providing a command to change the security group(s= ) on a NIC - is this a desired feature? 2. I regarded any UI changes as not in the initial scope of the change - as= suming there were UI specialists who would control and design a consistent= UI for the product. If the normal practice is for any new UI to be impleme= nted along with the feature please let me know.=20 Regards Simon -----Original Message----- From: Chiradeep Vittal=20 Sent: 25 January 2013 00:23 To: cloudstack-dev@incubator.apache.org Cc: Simon Waterhouse Subject: Re: [DISCUSS] add/remove NIC on VM Thanks Simon. AWS also updates the instance metadata [1] with the nic information. Are yo= u going to be taking care of this? For example: network/interfaces/macs/mac/device-number network/interfaces/macs/mac/security-group-ids network/interfaces/macs/mac/subnet-id CloudStack supports the Static NAT feature (like the EIP feature of AWS): cmd=3DenableStaticNat&ipaddressid=3Dfoo&vm_id=3Dblah Are we going to update this API to take the nic id instead of the vm id? Ditto for the createPortForwardingRule API Do you plan to relax the restriction that instances cannot change security = groups? That is, nics can change security groups. Do you anticipate any UI changes? During an upgrade from 4.1 -> 4.2, are you going to be creating / modifying= any nic entries? [1] http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AESDG-chapter-instanceda ta.html#instancedata-data-categories On 1/23/13 4:43 AM, "Simon Waterhouse" wrote: >I submitted a feature request (CLOUDSTACK-1043) and put together an=20 >initial design document (principally API specification) at=20 >https://cwiki.apache.org/confluence/display/CLOUDSTACK/AWS+Style+NIC+su >ppo >rt > >I would appreciate comments & suggestions > >Simon > >-----Original Message----- >From: Marcus Sorensen [mailto:shadowsor@gmail.com] >Sent: 10 January 2013 19:07 >To: cloudstack-dev@incubator.apache.org >Subject: Re: [DISCUSS] add/remove NIC on VM > >That would be great. We'll put the code in a feature branch and you can=20 >look at it and help us make any adjustments. Brian has been spending a=20 >lot of time on it, and I've wanted him to have credit for that by=20 >submitting to reviews.apache.org, once that happens we can create a=20 >branch for it. > >I think the proposal is a bit out of scope of 645 as it's more about=20 >making NICs their own entity like volumes are (and potentially=20 >entailing all of the extras Chiradeep mentions), whereas 645 is much=20 >simpler, its about modifying a VM that is already deployed rather than=20 >having to recreate it to get a network you want, but ultimately yours=20 >is a better long term method. > >I am wondering if it would be best to leave this particular feature 645=20 >as-is, and then take on a separate effort to make NICs into standalone=20 >resources and pull in all of those other associated features. 645 would=20 >be a subset of the proposed functionality without really hindering us=20 >from moving on to the better solution. Alternatively we can drop 645=20 >or make it a child of the bigger effort and just work toward it for 4.2. > > >On Thu, Jan 10, 2013 at 11:45 AM, Chiradeep Vittal <=20 >Chiradeep.Vittal@citrix.com> wrote: > >> +1 on ENI-compatibility. >> Note that there is more than just CLOUDSTACK-645 >> - with ENI you can have multiple Ips per ENI >> - with ENI the security group is attached to the nic instead of the=20 >> vm >> - there's additional APIs obviously to manage the lifecycle. >> >> On 1/10/13 8:36 AM, "Simon Waterhouse" >> >> wrote: >> >> >There is an issue >> >https://issues.apache.org/jira/browse/CLOUDSTACK-645 to add/remove a >>network on VM. >> > >> >I would like to alter the interface proposed so we instead add=20 >> >methods to explicitly create/destroy a NIC and attach/detach it from=20 >> >a VM - the feature would then be directly analogous to the AWS=20 >> >Elastic Network Interface. >> > >> >I am a newcomer to CloudStack development, but I would be happy to=20 >> >take on some work in this area (write feature spec, implement API=20 >> >methods >> >etc.) to build upon the work contributed by Marcus and team - from=20 >> >what I can see from CLOUDSTACK-645 much of the required=20 >> >functionality is already in place; I am just suggesting we expose it=20 >> >in a slightly different way... >> > >> >Regards >> >Simon >> >>