incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Animesh Chaturvedi <animesh.chaturv...@citrix.com>
Subject RE: [DISCUSS] Security Groups Isolation in Advanced Zone
Date Wed, 16 Jan 2013 21:36:06 GMT
Folks please pass on comments if any, otherwise it is assumed that the spec is approved by
the community

> -----Original Message-----
> From: Anthony Xu [mailto:Xuefei.Xu@citrix.com]
> Sent: Friday, January 11, 2013 3:53 PM
> To: cloudstack-dev@incubator.apache.org
> Subject: RE: [DISCUSS] Security Groups Isolation in Advanced Zone
> 
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Isolation+based+on+
> Security+Groups+in+Advance+zone
> 
> 
> This is upgraded spec ,
> Compared to original one, following are major changes
> 
> 1.  SG enabled is zone wide parameter, if this zone is SG enabled, all guest
> networks in this zone must be SG enabled.
> 2.  support all shared network types, includes zone-wide shared network,
> domain-wide shared networks and account-specific share networks 3.  support
> multiple SG enabled networks in one SG enabled zone.
> 4.  VM can be on multiple SG enabled networks 5.  SG rules apply to all NICs for
> a VM 6.  support both KVM and XenServer.
> 
> Comments, question, suggestion and flame are welcome!
> 
> 
> Thanks,
> Anthony
> 
> 
> > -----Original Message-----
> > From: Dave Cahill [mailto:dcahill@midokura.jp]
> > Sent: Thursday, January 10, 2013 5:29 PM
> > To: cloudstack-dev@incubator.apache.org
> > Subject: Re: [DISCUSS] Security Groups Isolation in Advanced Zone
> >
> > Hi Anthony,
> >
> > Understood - thanks for the update.
> >
> > Dave.
> >
> >
> > On Fri, Jan 11, 2013 at 2:54 AM, Anthony Xu <Xuefei.Xu@citrix.com>
> > wrote:
> >
> > > Hi Dave,
> > >
> > > For 4.1 , this feature is only for shared network on advanced zone,
> > both
> > > XenServer and KVM are supported.
> > > Will upgrade FS soon.
> > >
> > >
> > > Anthony
> > >
> > > > -----Original Message-----
> > > > From: Dave Cahill [mailto:dcahill@midokura.jp]
> > > > Sent: Thursday, January 10, 2013 12:33 AM
> > > > To: cloudstack-dev@incubator.apache.org
> > > > Subject: Re: [DISCUSS] Security Groups Isolation in Advanced Zone
> > > >
> > > > Hi Manan,
> > > >
> > > > I'm interested in this feature - when (roughly) are you planning
> > > > to commit this to master?
> > > >
> > > > Are you planning the full list of features from your requirements
> > doc
> > > > (including support for Adavnced, Isolated networks) in 4.1?
> > > >
> > > > Thanks in advance,
> > > > Dave.
> > > >
> > > >
> > > > On Sat, Jan 5, 2013 at 7:01 AM, Manan Shah <manan.shah@citrix.com>
> > > > wrote:
> > > >
> > > > > Yes, FS definitely needs updating. Please also look at the
> > "Future"
> > > > > section of Alena's FS.
> > > > >
> > > > > Regards,
> > > > > Manan Shah
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On 1/4/13 1:57 PM, "Prasanna Santhanam"
> > > > <prasanna.santhanam@citrix.com>
> > > > > wrote:
> > > > >
> > > > > >On Sat, Jan 05, 2013 at 12:16:44AM +0530, Manan Shah wrote:
> > > > > >> Hi Chip,
> > > > > >>
> > > > > >> As Alena had mentioned in her FS, her focus was to initially
> > > > support
> > > > > >>only
> > > > > >> the functionality that was enabled in CS 2.2. She had created
> > a
> > > > section
> > > > > >>in
> > > > > >> her FS that talked about Future release plans.
> > > > > >>
> > > > > >> My requirements page covers requirements for both, the CS
2.2
> > use
> > > > case
> > > > > >>as
> > > > > >> well as the broader use case.
> > > > > >>
> > > > > >> Let me know if you have additional questions.
> > > > > >>
> > > > > >Thanks - Alena's FS lists only support for KVM while you have
> > listed
> > > > > >support for XenServer and KVM. Guess the FS needs updating?
> > > > > >
> > > > > >--
> > > > > >Prasanna.,
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > Thanks,
> > > > Dave.
> > >
> >
> >
> >
> > --
> > Thanks,
> > Dave.

Mime
View raw message