I think there are other options for the vyos, but none are elegant from what I have seen so far.
On Sep 13, 2016 1:14 PM, "Will Stevens" <williamstev...@gmail.com> wrote: > Yes, not pretty, but this would probably be the best option for remote > management of the vyos. > > https://github.com/vyos/python-vyos-mgmt > > On Sep 13, 2016 1:08 PM, "Simon Weller" <swel...@ena.com> wrote: > >> Yeah, today, the agent uses a script to inject CLI via ssh into the VR. >> It's really (did I mention really) ugly. >> >> ________________________________ >> From: Marty Godsey <ma...@gonsource.com> >> Sent: Tuesday, September 13, 2016 12:05 PM >> To: dev@cloudstack.apache.org >> Subject: RE: [DISCUSS] Replacing the VR >> >> So it looks like we are eliminating CloudRouter. To many missing or non >> API managed features. >> >> But in reading VyOS, it also does not have a remote management API so >> this would have to be a "SSH to CLI" job. >> >> If I am not mistaken is this how it's done now? >> >> -----Original Message----- >> From: williamstev...@gmail.com [mailto:williamstev...@gmail.com] On >> Behalf Of Will Stevens >> Sent: Tuesday, September 13, 2016 12:58 PM >> To: dev@cloudstack.apache.org >> Subject: Re: [DISCUSS] Replacing the VR >> >> Judging from this, it does not look like IPSec is managed via the API >> though: >> https://cloudrouter.atlassian.net/wiki/display/CPD/Bridging+ >> Public+Clouds+with+CloudRouter >> >> I believe it is also missing VXLAN and VRRP, but I have not dug into it >> yet. >> >> *Will STEVENS* >> Lead Developer >> >> *CloudOps* *| *Cloud Solutions Experts >> 420 rue Guy *|* Montreal *|* Quebec *|* H3J 1S6 w cloudops.com *|* tw >> @CloudOps_ >> >> On Tue, Sep 13, 2016 at 12:53 PM, Marty Godsey <ma...@gonsource.com> >> wrote: >> >> > It does.. Its under Secure Connectivity. >> > >> > -----Original Message----- >> > From: Syed Ahmed [mailto:sah...@cloudops.com] >> > Sent: Tuesday, September 13, 2016 12:49 PM >> > To: dev@cloudstack.apache.org >> > Subject: Re: [DISCUSS] Replacing the VR >> > >> > Does CloudRouter provide VPN (site-site and client)? Looking from >> > their website I don't seem to find it. Also, missing is VVRP for >> > redundancy. Has anyone used it for this? >> > >> > On Tue, Sep 13, 2016 at 12:43 PM, Zaeem Arshad >> > <zaeem.ars...@gmail.com> >> > wrote: >> > >> > > +1 on cloudrouter. We have been looking at this as a potential >> > > replacement/addon to our existing VRs. >> > > >> > > On Tue, Sep 13, 2016 at 9:07 PM, Will Stevens >> > > <wstev...@cloudops.com> >> > > wrote: >> > > >> > > > yes, technically we should be able to just make a new VR >> > > > implementation available and then when people create their network >> > > > offerings, they just pick which VR implementation they want to use >> > > > for the different capabilities. >> > > > >> > > > *Will STEVENS* >> > > > Lead Developer >> > > > >> > > > *CloudOps* *| *Cloud Solutions Experts >> > > > 420 rue Guy *|* Montreal *|* Quebec *|* H3J 1S6 w cloudops.com *|* >> > > > tw @CloudOps_ >> > > > >> > > > On Tue, Sep 13, 2016 at 11:41 AM, Dustin Wright < >> > > > dwri...@untangledtechnology.com> wrote: >> > > > >> > > > > I would like to see a "virtual router offering" in the UI which >> > > > > lets >> > > you >> > > > > pick the legacy VR or your own. Probably a component of the >> > > > > network offering. I've had many cases were I needed Mikrotik >> > > > > RouterOS or >> > > pfSense >> > > > to >> > > > > match a clients on-premise gear. ACS should find a way to stay >> > > > > agnostic IMO. >> > > > > >> > > > > On Tue, Sep 13, 2016 at 11:36 AM, Marty Godsey >> > > > > <ma...@gonsource.com> >> > > > > wrote: >> > > > > >> > > > > > I like this idea as well. I would be willing to test both VyOS >> > > > > > and Cloudrouter if you need an active service to test with. >> > > > > > Specifically >> > > I >> > > > am >> > > > > > looking to test IPv6 since I provide IPv6 /64 spaces to my >> > > > > > customers >> > > > and >> > > > > I >> > > > > > am having to provide it via an external router at the moment >> > > > > > which >> > > has >> > > > a >> > > > > > lot of manual configurations. >> > > > > > >> > > > > > Let me know if I can help in anyway. >> > > > > > >> > > > > > -----Original Message----- >> > > > > > From: Will Stevens [mailto:williamstev...@gmail.com] >> > > > > > Sent: Tuesday, September 13, 2016 7:21 AM >> > > > > > To: dev@cloudstack.apache.org >> > > > > > Subject: Re: [DISCUSS] Replacing the VR >> > > > > > >> > > > > > Ya. If we go this way, I like the approach of building the >> > > integration >> > > > > and >> > > > > > putting it through its paces as a stand alone VR before we >> > > > > > consider replacing the old VR and making it the default. >> > > > > > >> > > > > > On Sep 13, 2016 6:52 AM, "Jayapal Uradi" < >> > > jayapal.ur...@accelerite.com >> > > > > >> > > > > > wrote: >> > > > > > >> > > > > > > Hi, >> > > > > > > >> > > > > > > Instead of replacing the VR in first place we should add >> > > > > > > VyOS/cloudrouter as provider. Once it is stable, network >> > > > > > > offerings >> > > > (on >> > > > > > > upgrade) can be updated to use it and we can drop the VR if >> > > > > > > we want >> > > > at >> > > > > > that release onwards. >> > > > > > > >> > > > > > > VR is stabilized over a period of time and some of them are >> > > > > > > running without issues. When we replicate the ACS VR >> > > > > > > features in new >> > > > solution >> > > > > > > it takes some to find the missing pieces (hidden bugs). >> > > > > > > >> > > > > > > Thanks, >> > > > > > > Jayapal >> > > > > > > >> > > > > > > > On Sep 13, 2016, at 2:52 PM, Nux! < >> > > > > > > >> > > > > > > > n...@li.nux.ro> wrote: >> > > > > > > > >> > > > > > > > Hi, >> > > > > > > > >> > > > > > > > I like the idea. >> > > > > > > > >> > > > > > > > Cloudrouter looks really promising, I'm not too keen on >> > > > > > > > VyOS (it doesn't >> > > > > > > have a proper http api etc). >> > > > > > > > >> > > > > > > > -- >> > > > > > > > Sent from the Delta quadrant using Borg technology! >> > > > > > > > >> > > > > > > > Nux! >> > > > > > > > www.nux.ro >> > > > > > > > >> > > > > > > > ----- Original Message ----- >> > > > > > > >> From: "Will Stevens" <williamstev...@gmail.com> >> > > > > > > >> To: dev@cloudstack.apache.org >> > > > > > > >> Sent: Monday, 12 September, 2016 21:20:11 >> > > > > > > >> Subject: [DISCUSS] Replacing the VR >> > > > > > > > >> > > > > > > >> *Disclaimer:* This is a thought experiment and should be >> > > > > > > >> treated >> > > > as >> > > > > > > such. >> > > > > > > >> Please weigh in with the good and bad of this idea... >> > > > > > > >> >> > > > > > > >> A couple of us have been discussing the idea of >> > > > > > > >> potentially replacing >> > > > > > > the >> > > > > > > >> ACS VR with the VyOS [1] (Open Source Vyatta VM). There >> > > > > > > >> may be >> > > a >> > > > > > > license >> > > > > > > >> issue because I think it is licensed under GPL, but for >> > > > > > > >> the sake >> > > > of >> > > > > > > >> discussion, let's assume we can overcome any license >> issues. >> > > > > > > >> >> > > > > > > >> I have spent some time recently with the VyOS and I have >> > > > > > > >> to >> > > admit, >> > > > > > > >> I was pretty impressed. It is simple and intuitive and >> > > > > > > >> it gives you a lot >> > > > > > > more >> > > > > > > >> options for auditing the configuration etc... >> > > > > > > >> >> > > > > > > >> Items of potential interest: >> > > > > > > >> - Clean up our current VR script spaghetti to a simpler >> > > > > > > >> more auditable configuration workflow. >> > > > > > > >> - Gives a cleaner path for IPv6 support. >> > > > > > > >> - Handles VPN configuration via the same configuration >> > > interface. >> > > > > > > >> - Support for OSPF & BGP. >> > > > > > > >> - VPN support through OpenVPN & StrongSwan. >> > > > > > > >> - Easily supports HA (redundant routers) through VRRP. >> > > > > > > >> - VXLAN support. >> > > > > > > >> - Transaction based changes to the VR with rollback on >> error. >> > > > > > > >> >> > > > > > > >> Items that could be difficult to solve: >> > > > > > > >> - Userdata password reset workflow and implementation. >> > > > > > > >> - Upgrade process. >> > > > > > > >> >> > > > > > > >> The VyOS is not the only option if we were to consider >> > > > > > > >> this >> > > > > approach. >> > > > > > > >> Another option, which I don't know as well, would be >> > > > > > > >> CloudRouter (AGPL >> > > > > > > >> license) [2] which is purely API driven. >> > > > > > > >> >> > > > > > > >> Anyway, would love to hear your thoughts... >> > > > > > > >> >> > > > > > > >> Will >> > > > > > > >> >> > > > > > > >> [1] https://vyos.io/ >> > > > > > > >> [2] https://cloudrouter.org/ >> > > > > > > >> > > > > > > >> > > > > > > >> > > > > > > >> > > > > > > DISCLAIMER >> > > > > > > ========== >> > > > > > > This e-mail may contain privileged and confidential >> > > > > > > information >> > > which >> > > > > > > is the property of Accelerite, a Persistent Systems business. >> > > > > > > It is intended only for the use of the individual or entity >> > > > > > > to which it >> > > is >> > > > > > > addressed. If you are not the intended recipient, you are >> > > > > > > not authorized to read, retain, copy, print, distribute or >> > > > > > > use this message. If you have received this communication in >> > > > > > > error, please notify the sender and delete all copies of >> > > > > > > this >> > message. >> > > Accelerite, >> > > > a >> > > > > > > Persistent Systems business does not accept any liability >> > > > > > > for virus >> > > > > > infected mails. >> > > > > > > >> > > > > > >> > > > > >> > > > >> > > >> > >> >
