Mailing-List: contact cloudstack-dev-help@incubator.apache.org; run by ezmlm
Precedence: bulk
Reply-To: cloudstack-dev@incubator.apache.org
Received-SPF: pass (athena.apache.org: domain of Nitin.Mehta@citrix.com
 designates 203.166.19.134 as permitted sender)
From: Nitin Mehta <Nitin.Mehta@citrix.com>
To: "cloudstack-dev@incubator.apache.org"
	<cloudstack-dev@incubator.apache.org>
Date: Thu, 27 Dec 2012 10:31:02 +0530
Subject: Re: [DISCUSS] Dedicated Resources: Dedicate Pods, Clusters, Hosts
 to a domain
Thread-Topic: [DISCUSS] Dedicated Resources: Dedicate Pods, Clusters, Hosts
 to a domain
Thread-Index: Ac3j7y2mNtXOVdm/TmuecmvnWSdn0Q==
Message-ID: <71B440E4-2B16-4FB8-926D-FCDFF95D47F9@citrix.com>
References: 
 <F903CD64D5FE5B47878921870531C1800108A90AC41A@BANPMAILBOX01.citrite.net>
 <CALT7reqwiE_eLGWGhoc5qo+-3ATvUY7WHLDfw3GnHwCLjHL9xQ@mail.gmail.com>
 <F903CD64D5FE5B47878921870531C1800108A90AC4D7@BANPMAILBOX01.citrite.net>
 <B1DF26ECC0458748AC97CECE2DA98D41012FA385E046@SJCPMAILBOX01.citrite.net>
 <2529883E7B666F4E8F21F85AADA43CA7010C8EB1BF82@BANPMAILBOX01.citrite.net>
 <7A92FF96DF135843B4B608FB576BFC3E012DA2CF1FB2@SJCPMAILBOX01.citrite.net>
 <2529883E7B666F4E8F21F85AADA43CA7010C8EB1BFBB@BANPMAILBOX01.citrite.net>
 <7A92FF96DF135843B4B608FB576BFC3E012DA2CF1FB3@SJCPMAILBOX01.citrite.net>
 <B1DF26ECC0458748AC97CECE2DA98D41012FA385E268@SJCPMAILBOX01.citrite.net>
 <6E004C34C1C59E45A35B4338808BC315013014D30E62@SJCPMAILBOX01.citrite.net>
In-Reply-To: 
 <6E004C34C1C59E45A35B4338808BC315013014D30E62@SJCPMAILBOX01.citrite.net>
Accept-Language: en-US
Content-Language: en-US
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0


On 27-Dec-2012, at 4:47 AM, Hari Kannan wrote:

> Hi Alex,
>=20
> There is no requirement for the end user administer the hardware -
>=20
> Regarding the OAMP, I believe the resources are still owner, administered=
, maintained and provisioned by the root admin - they are simply "reserved"=
 for the said domain/sub-domain
>=20

But, what would the admin view of all the resources be. Lets say he has ded=
icated Pod P1 to domain D1 and Cluster C1 to domain D2  and Host h1 to doma=
in D3 then in this case how will his dashboard look like ?=20

> Regarding CRUD/Mice's question - I don't believe that is the intention - =
For context, Mice wrote " but if further sub-domain is assigned a different=
 pod then it cannot access its parent domain's pod. 2. Sub-domain and its c=
hild domains will have the sole access to that new pod. when child domain a=
lready has some VMs on parent domain's dedicated pod, is it allowed to assi=
gn a pod to the child domain? or the existing VMs will be migrated to the n=
ew pod?"=20
>=20
> However, I think of this feature more along the lines of what Saurav wrot=
e " Lets say that  the resources on the pod dedicated to the child-domain a=
re exhausted and resources on parent pod are available. In this case will p=
rovisioning of vms for the child-domain happen on parent's pod. So essentia=
lly provisioning has a affinity for local pods if available. And if resourc=
es are not available on the local pod but available on the parent pod then =
use that.  Would it be good to configure this  affinity"
>=20

I am afraid affinity is not the right thing to configure. The child domain =
has the expectation and is paying for dedicating resources just to itself. =
If these resources exhaust we should definitely fail deploying his vm. Inst=
ead if we deploy it in its parent dedicated resources and still charge him =
premium that is not correct. We should set the expectations right.

Also what will be the change in usage ? How will we be metering the end use=
r here  with dedicated resources?

I also think we need to have a flag in the service offering asking the end =
user if he/she wants to deploy vm on dedicated or shared resources.


> Hari
>=20
> -----Original Message-----
> From: Alex Huang [mailto:Alex.Huang@citrix.com]=20
> Sent: Friday, December 21, 2012 9:48 AM
> To: cloudstack-dev@incubator.apache.org
> Subject: RE: [DISCUSS] Dedicated Resources: Dedicate Pods, Clusters, Host=
s to a domain
>=20
> Planners are also plugins.  It just means your dedicated piece needs to i=
mplement a different planner. =20
>=20
> We may need some cloud-engine work.  Prachi and I talked about the idea t=
o let the service offering contain the planner cloud-engine should use to d=
eploy a vm.  You can explore that idea.
>=20
> But this part is just action acl.  This is the easy part. The more diffic=
ult part is the read part.  How do you limit what they can access.  That pa=
rt you need to talk with Prachi about on her design.
>=20
> Is there any requirement to let the end user administer the hardware sinc=
e the hardware is dedicated to them? =20
>=20
> My problem right now is the list of requirements sent in your email is no=
t enough.  We need to send out a list with regard to the following.
>=20
> - OAMP. This means (Operations, Administrations, Maintenance, Provisionin=
g) of hardware/physical entities/capacities.  Who is ultimately responsible=
 for the OAMP aspects of the dedicated resources?  Is it the domain admin/s=
ystem amdin/ or some new role?  Depending on this, your interaction with th=
e new ACL work can range from low to high.  This needs to be clearly outlin=
ed in the requirements. =20
> - CRUD operations.  This means (Create, Read, Update, Delete) on virtual =
entities and physical entities.  How does dedication affect those operation=
s?  For example, questions asked by Mice in another email.  Here, you need =
to gather up the list of virtual entities we have and specify what it means=
 for that entities in terms of CRUD.
>=20
> This is not a small feature.  Tread carefully.
>=20
> --Alex
>=20
>> -----Original Message-----
>> From: Prachi Damle [mailto:Prachi.Damle@citrix.com]
>> Sent: Friday, December 21, 2012 2:59 AM
>> To: cloudstack-dev@incubator.apache.org
>> Subject: RE: [DISCUSS] Dedicated Resources: Dedicate Pods, Clusters,=20
>> Hosts to a domain
>>=20
>> Comments inline.
>>=20
>> -Prachi
>> -----Original Message-----
>> From: Devdeep Singh [mailto:devdeep.singh@citrix.com]
>> Sent: Friday, December 21, 2012 4:16 PM
>> To: cloudstack-dev@incubator.apache.org
>> Subject: RE: [DISCUSS] Dedicated Resources: Dedicate Pods, Clusters,=20
>> Hosts to a domain
>>=20
>> Some queries inline
>>=20
>>> -----Original Message-----
>>> From: Prachi Damle [mailto:Prachi.Damle@citrix.com]
>>> Sent: Friday, December 21, 2012 3:04 PM
>>> To: cloudstack-dev@incubator.apache.org
>>> Subject: RE: [DISCUSS] Dedicated Resources: Dedicate Pods, Clusters,=20
>>> Hosts to a domain
>>>=20
>>> Planners and allocators work on a DeploymentPlan provided as input.
>>> The caller can specify particular zone, pod, cluster, host, pool=20
>>> etc., to be used for deployment.
>>> So for enforcing the use of a dedicated pod, caller can set the=20
>>> podId in the plan and planners will search under the specific pod only.
>>=20
>>>> If a deploy vm request is from a user belonging to a domain which=20
>>>> has a
>> dedicated resource, then setting the podid/clusterid etc. will work.=20
>> However, if I understand correctly there is a requirement that no user=20
>> from outside the domain, should be able >>to use the dedicated=20
>> resource. They cannot be restricted by how the planner is implemented=20
>> right now. Should the avoid list be used? But it doesn't seem like the r=
ight use of the field.
>>=20
>>=20
>> Yes avoid set lets you set the zone,pods,clusters,hosts to be avoided=20
>> by the planner. It can be used for this purpose.
>>=20
>>=20
>>>=20
>>> There may be some changes necessary (like accepting a list of=20
>>> pods/clusters instead of single Ids) but this design of planners=20
>>> should let you enforce the use of dedicated resources without major
>> changes to planners.
>>=20
>>>> Doesn't this mean that we are changing the core cloudstack code to
>> achieve dedicated resources features?
>>=20
>>=20
>> This change is not necessary; it is an optimization.
>>=20
>> Also, another way is to add a custom planner say=20
>> DedicatedResourcePlanner that will search for only dedicated resources f=
or the given account.
>>=20
>>=20
>>> -----Original Message-----
>>> From: Devdeep Singh [mailto:devdeep.singh@citrix.com]
>>> Sent: Friday, December 21, 2012 2:58 PM
>>> To: cloudstack-dev@incubator.apache.org
>>> Subject: RE: [DISCUSS] Dedicated Resources: Dedicate Pods, Clusters,=20
>>> Hosts to a domain
>>>=20
>>> Hi Alex,
>>>=20
>>> I assume some apis will be added for letting an admin dedicate a=20
>>> pod/cluster etc to a domain. This can be contained in a plugin.
>>> However, for enforcing that a dedicated resource is picked up for=20
>>> servicing deploy vm requests from a user; wouldn't planners and=20
>>> allocators have to be updated to take care of this?
>>>=20
>>> Regards,
>>> Devdeep
>>>=20
>>>> -----Original Message-----
>>>> From: Alex Huang [mailto:Alex.Huang@citrix.com]
>>>> Sent: Thursday, December 20, 2012 7:21 PM
>>>> To: cloudstack-dev@incubator.apache.org
>>>> Subject: RE: [DISCUSS] Dedicated Resources: Dedicate Pods,=20
>>>> Clusters, Hosts to a domain
>>>>=20
>>>> Deepti,
>>>>=20
>>>> As Chiradeep pointed out, you should get in contact with Prachi.
>>>> You should plan on this after the ACL change or you can help out=20
>>>> on the ACL
>>> change.
>>>>=20
>>>> For this feature, you really need to think about the stats=20
>>>> collection side of this because you'll need to provide a lot of=20
>>>> warnings about being near capacity so people can plan accordingly.
>>>> It cannot be a case of the dedicated resource explodes and then=20
>>>> they go and work on expanding it.  So you should also talk with=20
>>>> Murali about how to do alerts in
>>> his new notification system.
>>>>=20
>>>> And then in your spec, you need to plan out how to do this in a=20
>>>> plugin architecture and not modify the core code.
>>>>=20
>>>> --Alex
>>>>=20
>>>>> -----Original Message-----
>>>>> From: Deepti Dohare [mailto:deepti.dohare@citrix.com]
>>>>> Sent: Thursday, December 20, 2012 4:32 AM
>>>>> To: cloudstack-dev@incubator.apache.org
>>>>> Subject: RE: [DISCUSS] Dedicated Resources: Dedicate Pods,=20
>>>>> Clusters, Hosts to a domain
>>>>>=20
>>>>> Hi Mice,
>>>>>=20
>>>>> Once a new pod is dedicated to the child-domain,  deployment of=20
>>>>> the new VMs will happen only  in the new pod.
>>>>> The existing VMs will keep running on parent-domain's pod.
>>>>>=20
>>>>> Do you have any other suggestion on this.
>>>>>=20
>>>>> - Deepti
>>>>>> -----Original Message-----
>>>>>> From: Mice Xia [mailto:weiran.xia1@gmail.com]
>>>>>> Sent: Thursday, December 20, 2012 4:52 PM
>>>>>> To: cloudstack-dev@incubator.apache.org
>>>>>> Subject: RE: [DISCUSS] Dedicated Resources: Dedicate Pods,=20
>>>>>> Clusters, Hosts to a domain
>>>>>>=20
>>>>>> but if further sub-domain is assigned a different pod then it=20
>>>>>> cannot access
>>>>> its
>>>>>> parent domain's pod. 2. Sub-domain and its child domains will=20
>>>>>> have the sole access to that new pod.
>>>>>>=20
>>>>>> when child domain already has some VMs on parent domain's=20
>>>>>> dedicated pod, is it allowed to assign a pod to the child domain?
>>>>>> or the existing VMs
>>>>> will
>>>>>> be migrated to the new pod?
>>>>>>=20
>>>>>> mice