cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Murali Reddy <Murali.Re...@citrix.com>
Subject Re: [New Feature FS] SSL Offload Support for Cloudstack
Date Tue, 15 Oct 2013 07:01:05 GMT
On 11/10/13 9:31 PM, "Syed Ahmed" <sahmed@cloudops.com> wrote:

>Thanks for your valuable feedback Murali. Here are my comments.
>
>> IMO,
>> its better we introduce new api's say
>> registerCertifcateToLoadbalancer/deregisterCertifcateToLoadbalancer than
>> force fit existing API's for associate/dis-associate certificates.
>
>Personally, I was going to do it this way. But I am not sure how good
>of an idea it is to add a new api just for this feature as I can see
>assignToLoadbalancer is semantically similar. But if everyone agrees I
>have no problem with it.

CloudStack already has distinct API's for each of the LB sub-functionality
(health check, stickiness etc) [1]. We are not adding any redundant API,
so resulting API are much cleaner just managing SSL termination for a LB
rule. 

>
>> On second thought may be an CloudStack usage event on assigning
>> certificate seems good enough to me.
>
>So what I got from your earlier post was that when adding a  network
>offering the provider can choose to enable SSL Termination or not as it
>is a value added service. I was thinking of adding "SSL termination"
>under supportedservices for the  createNetworkOffering API call. And
>when someone calls the API to assign a cert to LB we can check if this
>network offering has SSL termination enabled. Does this make sense?

So there is notion of network service and network service capability [2].
I would attribute 'SSL termination' as capability of LB service.
createNetworkOffering API take a capability list. It does make sense to
check if the network offering has SSL termination enabled when API to
assign a cert to LB is called. Also note that, 'Network Elements' declare
their capabilities for the supported services. So it can verified that
service provider for LB actually supports 'SSL termination' capability
while creating network offering.


>
>Also when you say usage event, what does this imply? I am sorry I am
>not familiar with that term. Can you please elaborate.

Its an event generated and persisted in the DB for every resource
consumption and release. These events are used for billing etc. Please
check publishUsageEvent calls in the code.

[1] http://cloudstack.apache.org/docs/api/apidocs-4.2/TOC_User.html
[2] api/src/com/cloud/network/Network.java


Mime
View raw message