- It might be better to support VPC instead of "isolated". Even if it means that some features are not supported initially. I feel that "isolated is a special case of "VPC", except for the firewall function. - What about support for systemvm / NS as an LB appliance? - Although the ASA DHCP server cannot be programmed, it might be desirable in enterprise use cases (where they may not care about userdata/metadata) to support the ASA DHCP server as a DHCP provider. In this case we have to figure out how to update the NIC information in CloudStack DB after the VM has acquired its IP.
On 3/11/13 6:11 AM, "Koushik Das" <koushik....@citrix.com> wrote: >Updated the FS with following changes: > >- Use case section updated, classified use cases that will be supported >for 4.2 and beyond. Also removed items like VSG and VXLAN support to >"Open items" section as not planning to do them as part of "ASA >integration". >- Updated the deployment model section and added HV limitation (Vmware >only feature) >- Also updated the API section with parameter details. > >Comments/feedback? > >Thanks, >Koushik > >> -----Original Message----- >> From: Koushik Das [mailto:koushik....@citrix.com] >> Sent: Monday, February 11, 2013 7:08 PM >> To: cloudstack-dev@incubator.apache.org >> Subject: RE: [DISCUSS] Integrate Cisco ASA 1000v into CloudStack >> >> Updated the FS with API, Db changes and current deployment limitations. >> Also updated the UI section as to what all needs to be added. >> >> Chiradeep, >> I looked at the option of spinning up templates from ovf template but >>didn't >> find a way (was looking for some samples) to pass custom parameters like >> vnmc ip, password etc. while creating VM instance. So for now the ASA >> instance creation is a manual step similar to VNMC appliance. In case >>there is >> a way out, the auto-creation can be done as a future enhancement. >> >> Thanks, >> Koushik >> >> > -----Original Message----- >> > From: Chiradeep Vittal [mailto:chiradeep.vit...@citrix.com] >> > Sent: Friday, January 25, 2013 1:39 AM >> > To: CloudStack DeveloperList >> > Subject: Re: [DISCUSS] Integrate Cisco ASA 1000v into CloudStack >> > >> > Thanks for the FS updates. >> > Good progress. >> > I had forgotten about registering the ASA 1000v with VNMC < that makes >> > it harder to spin these appliances up/down. However we can plan to >> > login via the CLI just for this step. >> > >> > I believe it is better to use a pre-setup pool of ASA appliances. >> > Let's say we start with N appliances (created via an admin API call to >> CloudStack). >> > createASA1000vPool(ovf template id, zone, vnmc ip, N, increment, >> > threshold) Then as the capacity reaches threshold%, the pool capacity >> > is incremented by increment% asynchronously. >> > >> > >> > >> > >> > >> > On 1/21/13 12:46 AM, "Koushik Das" <koushik....@citrix.com> wrote: >> > >> > >Thanks Chiradeep for explaining the vnmc/asa integration stuff that >> > >you are working on and listing down all the use cases. >> > > >> > >Manan, >> > >CLOUDSTACK-742 is covered as part of Chiradeep's work (refer use >> > >cases >> > >#1 and #2 from the doc). >> > > >> > >-Koushik >> > > >> > >-----Original Message----- >> > >From: Chiradeep Vittal [mailto:chiradeep.vit...@citrix.com] >> > >Sent: Saturday, January 19, 2013 1:30 AM >> > >To: CloudStack DeveloperList >> > >Subject: Re: [DISCUSS] Integrate Cisco ASA 1000v into CloudStack >> > > >> > >Take a look here: >> > >> >https://cwiki.apache.org/confluence/display/CLOUDSTACK/Cisco+VNMC+i >> > nteg >> > >rat >> > >i >> > >on >> > > >> > > >> > >This is something I had been prototyping without any real enthusiasm. >> > > >> > >There's 3 ways to control the ASA1000v: >> > >1. By logging in via the CLI. Strongly against this. >> > >2. By using VNMC >> > >3. Via Cisco's Network Services Manager (NSM)[1] >> > > >> > >The NSM is comprehensive, covers a large range of physical and >> > >virtual devices and has an easy northbound API. This would be my >> > >preferred solution. >> > > >> > >However as of now (NSM v5.0.2), the ASA1000v is not supported. >> > >It may also be the case that using VNMC may be a cheaper (albeit less >> > >supported) option >> > > >> > >[1] http://www.cisco.com/en/US/products/ps11636/index.html >> > > >> > >On 1/17/13 9:26 PM, "Koushik Das" <koushik....@citrix.com> wrote: >> > > >> > >>Manan, >> > >>Can you answer the questions that Chiradeep has raised? >> > >> >> > >>Chiradeep, >> > >>I saw that you have started working on asa/vnmc here >> > >>(https://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo?p >> > >>=i >> > >>n >> > >>cub >> > >>ator-cloudstack.git;a=shortlog;h=refs/heads/cisco-vnmc-api- >> integration). >> > >>I would like to understand the functionalities that you are planning >> > >>to cover and what is the overlap between your work and the feature >> > >>that Manan has proposed (supporting asa1000v as an external >>firewall). >> > >> >> > >>Thanks, >> > >>Koushik >> > >> >> > >>> -----Original Message----- >> > >>> From: Alex Huang [mailto:alex.hu...@citrix.com] >> > >>> Sent: Sunday, January 06, 2013 2:18 AM >> > >>> To: cloudstack-dev@incubator.apache.org >> > >>> Subject: RE: [DISCUSS] Integrate Cisco ASA 1000v into CloudStack >> > >>> >> > >>> Manan, >> > >>> >> > >>> Can you address the issues that Chiradeep has brought up? I think >> > >>>for a requirements discussion it is just as important to indicate >> > >>>what we will not do or what is considered a feature of a later >> > >>>release. >> > >>> >> > >>> --Alex >> > >>> >> > >>> > -----Original Message----- >> > >>> > From: Chiradeep Vittal [mailto:chiradeep.vit...@citrix.com] >> > >>> > Sent: Thursday, January 03, 2013 6:16 PM >> > >>> > To: CloudStack DeveloperList >> > >>> > Subject: Re: [DISCUSS] Integrate Cisco ASA 1000v into CloudStack >> > >>> > >> > >>> > There cannot be feature parity since the ASA1000v is only >> > >>> > supported on VMWare. >> > >>> > >> > >>> > Should the ASA1000v be created on demand, or do we expect the >> > >>> > admin to provision a pool of virtual ASAs? >> > >>> > >> > >>> > Should we support VXLAN as the isolation technology or VLANs? >> > >>> > >> > >>> > >> > >>> > On 1/3/13 5:08 PM, "Manan Shah" <manan.s...@citrix.com> wrote: >> > >>> > >> > >>> > >Hi, >> > >>> > > >> > >>> > >I would like to propose a new feature for integrating Cisco ASA >> > >>> > >1000v in CS 4.1. I have created a JIRA ticket and provided the >> > >>> > >requirements at the following location. Please provide >> > >>> > >feedback on the >> > >>>requirements. >> > >>> > > >> > >>> > >JIRA Ticket: >> > >>> > >https://issues.apache.org/jira/browse/CLOUDSTACK-742 >> > >>> > >Requirements: >> > >>> > >> > >>> >> > >https://cwiki.apache.org/confluence/display/CLOUDSTACK/Integrate+Ci >> > >>> >s >> > >>> >c >> > >>> > >o >> > >>> > +ASA >> > >>> > >+ >> > >>> > >1000v+as+a+FW+for+CloudStack >> > >>> > > >> > >>> > >Additional details would be provided in the FS. >> > >>> > > >> > >>> > >Regards, >> > >>> > >Manan Shah >> > >>> > > >> > >> >> > > >
