cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chiradeep Vittal <Chiradeep.Vit...@citrix.com>
Subject Re: [DISCUSS] Integrate Cisco ASA 1000v into CloudStack
Date Tue, 12 Mar 2013 00:26:22 GMT
 - It might be better to support VPC instead of "isolated". Even if it
means that some features are not supported initially. I feel that
"isolated is a special case of "VPC", except for the firewall function.
 - What about support for systemvm / NS as an LB appliance?
 - Although the ASA DHCP server cannot be programmed, it might be
desirable in enterprise use cases (where they may not care about
userdata/metadata) to support the ASA DHCP server as a DHCP provider. In
this case we have to figure out how to update the NIC information in
CloudStack DB after the VM has acquired its IP.


On 3/11/13 6:11 AM, "Koushik Das" <koushik.das@citrix.com> wrote:

>Updated the FS with following changes:
>
>- Use case section updated, classified use cases that will be supported
>for 4.2 and beyond. Also removed items like VSG and VXLAN support to
>"Open items" section as not planning to do them as part of "ASA
>integration".
>- Updated the deployment model section and added HV limitation (Vmware
>only feature)
>- Also updated the API section with parameter details.
>
>Comments/feedback?
>
>Thanks,
>Koushik
>
>> -----Original Message-----
>> From: Koushik Das [mailto:koushik.das@citrix.com]
>> Sent: Monday, February 11, 2013 7:08 PM
>> To: cloudstack-dev@incubator.apache.org
>> Subject: RE: [DISCUSS] Integrate Cisco ASA 1000v into CloudStack
>> 
>> Updated the FS with API, Db changes and current deployment limitations.
>> Also updated the UI section as to what all needs to be added.
>> 
>> Chiradeep,
>> I looked at the option of spinning up templates from ovf template but
>>didn't
>> find a way (was looking for some samples) to pass custom parameters like
>> vnmc  ip, password etc. while creating VM instance. So for now the ASA
>> instance creation is a manual step similar to VNMC appliance. In case
>>there is
>> a way out, the auto-creation can be done as a future enhancement.
>> 
>> Thanks,
>> Koushik
>> 
>> > -----Original Message-----
>> > From: Chiradeep Vittal [mailto:Chiradeep.Vittal@citrix.com]
>> > Sent: Friday, January 25, 2013 1:39 AM
>> > To: CloudStack DeveloperList
>> > Subject: Re: [DISCUSS] Integrate Cisco ASA 1000v into CloudStack
>> >
>> > Thanks for the FS updates.
>> > Good progress.
>> > I had forgotten about registering the ASA 1000v with VNMC < that makes
>> > it harder to spin these appliances up/down. However we can plan to
>> > login via the CLI just for this step.
>> >
>> > I believe it is better to use a pre-setup pool of ASA appliances.
>> > Let's say we start with N appliances (created via an admin API call to
>> CloudStack).
>> > createASA1000vPool(ovf template id, zone, vnmc ip, N, increment,
>> > threshold) Then as the capacity reaches threshold%, the pool capacity
>> > is incremented by increment% asynchronously.
>> >
>> >
>> >
>> >
>> >
>> > On 1/21/13 12:46 AM, "Koushik Das" <koushik.das@citrix.com> wrote:
>> >
>> > >Thanks Chiradeep for explaining the vnmc/asa integration stuff that
>> > >you are working on and listing down all the use cases.
>> > >
>> > >Manan,
>> > >CLOUDSTACK-742 is covered as part of Chiradeep's work (refer use
>> > >cases
>> > >#1 and #2 from the doc).
>> > >
>> > >-Koushik
>> > >
>> > >-----Original Message-----
>> > >From: Chiradeep Vittal [mailto:Chiradeep.Vittal@citrix.com]
>> > >Sent: Saturday, January 19, 2013 1:30 AM
>> > >To: CloudStack DeveloperList
>> > >Subject: Re: [DISCUSS] Integrate Cisco ASA 1000v into CloudStack
>> > >
>> > >Take a look here:
>> >
>> >https://cwiki.apache.org/confluence/display/CLOUDSTACK/Cisco+VNMC+i
>> > nteg
>> > >rat
>> > >i
>> > >on
>> > >
>> > >
>> > >This is something I had been prototyping without any real enthusiasm.
>> > >
>> > >There's 3 ways to control the ASA1000v:
>> > >1. By logging in via the CLI. Strongly against this.
>> > >2. By using VNMC
>> > >3. Via Cisco's Network Services Manager (NSM)[1]
>> > >
>> > >The NSM is comprehensive, covers a large range of physical and
>> > >virtual devices and has an easy northbound API. This would be my
>> > >preferred solution.
>> > >
>> > >However as of now (NSM v5.0.2), the ASA1000v  is not supported.
>> > >It may also be the case that using VNMC may be a cheaper (albeit less
>> > >supported) option
>> > >
>> > >[1] http://www.cisco.com/en/US/products/ps11636/index.html
>> > >
>> > >On 1/17/13 9:26 PM, "Koushik Das" <koushik.das@citrix.com> wrote:
>> > >
>> > >>Manan,
>> > >>Can you answer the questions that Chiradeep has raised?
>> > >>
>> > >>Chiradeep,
>> > >>I saw that you have started working on asa/vnmc here
>> > >>(https://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo?p
>> > >>=i
>> > >>n
>> > >>cub
>> > >>ator-cloudstack.git;a=shortlog;h=refs/heads/cisco-vnmc-api-
>> integration).
>> > >>I would like to understand the functionalities that you are planning
>> > >>to cover and what is the overlap between your work and the feature
>> > >>that Manan has proposed (supporting asa1000v as an external
>>firewall).
>> > >>
>> > >>Thanks,
>> > >>Koushik
>> > >>
>> > >>> -----Original Message-----
>> > >>> From: Alex Huang [mailto:Alex.Huang@citrix.com]
>> > >>> Sent: Sunday, January 06, 2013 2:18 AM
>> > >>> To: cloudstack-dev@incubator.apache.org
>> > >>> Subject: RE: [DISCUSS] Integrate Cisco ASA 1000v into CloudStack
>> > >>>
>> > >>> Manan,
>> > >>>
>> > >>> Can you address the issues that Chiradeep has brought up?  I think
>> > >>>for a  requirements discussion it is just as important to indicate
>> > >>>what we will not do  or what is considered a feature of a later
>> > >>>release.
>> > >>>
>> > >>> --Alex
>> > >>>
>> > >>> > -----Original Message-----
>> > >>> > From: Chiradeep Vittal [mailto:Chiradeep.Vittal@citrix.com]
>> > >>> > Sent: Thursday, January 03, 2013 6:16 PM
>> > >>> > To: CloudStack DeveloperList
>> > >>> > Subject: Re: [DISCUSS] Integrate Cisco ASA 1000v into CloudStack
>> > >>> >
>> > >>> > There cannot be feature parity since the ASA1000v is only
>> > >>> > supported on VMWare.
>> > >>> >
>> > >>> > Should the ASA1000v be created on demand, or do we expect
the
>> > >>> > admin to provision a pool of virtual ASAs?
>> > >>> >
>> > >>> > Should we support VXLAN as the isolation technology or VLANs?
>> > >>> >
>> > >>> >
>> > >>> > On 1/3/13 5:08 PM, "Manan Shah" <manan.shah@citrix.com>
wrote:
>> > >>> >
>> > >>> > >Hi,
>> > >>> > >
>> > >>> > >I would like to propose a new feature for integrating
Cisco ASA
>> > >>> > >1000v in CS 4.1. I have created a JIRA ticket and provided
the
>> > >>> > >requirements at the following location.  Please provide
>> > >>> > >feedback on the
>> > >>>requirements.
>> > >>> > >
>> > >>> > >JIRA Ticket:
>> > >>> > >https://issues.apache.org/jira/browse/CLOUDSTACK-742
>> > >>> > >Requirements:
>> > >>> >
>> > >>>
>> > >https://cwiki.apache.org/confluence/display/CLOUDSTACK/Integrate+Ci
>> > >>> >s
>> > >>> >c
>> > >>> > >o
>> > >>> > +ASA
>> > >>> > >+
>> > >>> > >1000v+as+a+FW+for+CloudStack
>> > >>> > >
>> > >>> > >Additional details would be provided in the FS.
>> > >>> > >
>> > >>> > >Regards,
>> > >>> > >Manan Shah
>> > >>> > >
>> > >>
>> > >
>


Mime
View raw message