incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chandan Purushothama <Chandan.Purushoth...@citrix.com>
Subject RE: Questions related to nTier Apps 2.0
Date Mon, 28 Jan 2013 23:59:10 GMT
Kishan,

May I know by when will the nTier Apps 2.0 FS be complete?

Thank you,
Chandan.

-----Original Message-----
From: Manan Shah [mailto:manan.shah@citrix.com] 
Sent: Thursday, January 24, 2013 5:32 PM
To: cloudstack-dev@incubator.apache.org
Subject: Re: Questions related to nTier Apps 2.0

Comments inline.

Regards,
Manan Shah




On 1/24/13 5:06 PM, "Chiradeep Vittal" <Chiradeep.Vittal@citrix.com> wrote:

>Comments inline
>
>On 1/24/13 1:59 AM, "Kishan Kavala" <Kishan.Kavala@citrix.com> wrote:
>
>>
>>
>>> -----Original Message-----
>>> From: Manan Shah [mailto:manan.shah@citrix.com]
>>> Sent: Thursday, 17 January 2013 5:13 AM
>>> To: cloudstack-dev@incubator.apache.org
>>> Subject: Questions related to nTier Apps 2.0
>>> 
>>> Kishan,
>>> 
>>> I reviewed the FS and I have quite a few questions. Please see the 
>>>questions  below and let me know your thoughts.
>>> 
>>> We should try and capture all of these items in the nTier Apps 2.0 
>>>FS / Design  spec if possible:
>>> 
>>> 
>>> Open Questions:
>>> 
>>> 1. Requirement 2.1: Combine VR and VPC VR:
>>>      * Are we going to do this one or not?
>>>      * If we do, would we support FW as well as Network ACLs or both?
>>>Are we
>>> going to deprecate one of the terminologies and stick to one?
>>>           * Currently, Ingress FW is applied on Public IP and 
>>>Network ACLs is on  the private network
>>>      * Upgrade: On upgrade, would all isolated networks go away and 
>>>become  VPCs with 1 tier each?
>>
>>[KK] This is a huge item and currently unassigned.
>>
>>> 2. Requirement 2.2: Load Balancing on all Tiers:
>>>      * Assuming VPC VR is providing LB service for all tiers, would 
>>>the LB on  non-web tiers have a private LB VIP or would it have to be 
>>>public VIP?
>>> Meaning can I go from web-tier to app tier LB without NAT?
>>
>>
>>[KK] Yes, LB will be supported across tiers without requiring NAT
>>
>>> 3. Requirement 2.4: Physical Devices support:
>>>      * Would we support both in-line as well as side-by-side mode?
>>
>>
>>[KK] Only in-line mode will be supported.
>>
>>>      * Would we support external LB when using LB service for 
>>>tier-to-tier  traffic?
>>
>>
>>[KK] Yes
>>
>>>      * What role will VPC VR play? Only DHCP and DNS? What about 
>>>tier-to-tier  Network ACLs?
>>
>>[KK]  Tier to tier traffic will still go though VR Network ACLs
>>
>>>       * What about S2S VPN, Private GWs?
>>>      * For SRX, we lose the IP CIDR flexibility, how will this 
>>>impact VPC?
>>
>> [KK] This should not be impacted  by external LB
>>
>>>      * Upgrade: Would we continue to upgrade VPC Tier Network from 
>>> one that doesn't support external devices to the one with external devices?
>>
>>
>>[KK] Upgrade won't be supported
>>
>>> 4. Requirement 2.5: KVM Support:
>>>      * Are we going to pick this one up? Is the sub-feature complete?
>>
>>[KK] Marcus has already completed this. I'll check if there are any 
>>gaps still.
>>
>>> 5. Requirement 2.6: Blacklist of Routes:
>>>      * Assuming we will allow a list to be entered
>>
>>[KK] Admin can specify a list using global config.
>
>[CV] Are we sure this satisfies the requirement? Perhaps there is a 
>blacklist per VPC?
>Or perhaps a list of blacklist profiles, any of which can be applied to 
>a particular VPC?
[Manan] Yes, this meets the requirements.
>
>>
>>6. Requirement 2.8: Static
>>> Routes on VPN Gateway:
>>>      * Is this happening?
>>
>>[KK] This is not technically feasible since VPN is policy based
>>
>>> 7. Requirement 2.9: Remote-access VPN on VPC
>>>      * Is this happening?
>>
>>
>>[KK] This is not happening. Also 2.1 should take care of this.
>>
>>> 8. Requirement 2.11: Ability to give tiers any CIDR, not just from 
>>>super-net
>>>      * Why not just remove the CIDR specification on VPC creation?
>>
>>[KK]  Yes, CIDR specification can be removed.
>
>[CV] I hope you meant "made optional"
>
>>
>>> 9. Requirement 2.14: Allow ACL on all layer 4 protocols
>>>      * I believe the customers wanted more flexibility on protocols 
>>>than just  adding a "All" keyword 10. Requirement
>>
>>[KK] I'll make it more flexible to support protocol number.
>>
>>2.15: Support guest networks
>>> outside of RFC 1918 addresses
>>>      * Should we have admins specifically allow this feature?
>>>      * Why is this restriction placed? Even if a network is re-used, 
>>>wouldn't it go  out through NAT?
>>
>>
>>[KK]  I'll get back to you on this.
>>
>>> 11. Requirement 2.17: Redundant VR for VPC: Is this happening?
>>
>>[KK]  This is not happening
>>
>>> 
>>> 
>>> Regards,
>>> Manan Shah
>>
>


Mime
View raw message