Thanks for the input. I too was thinking "IP Access Control" could be solved with the firewall service in Neutron. To clarify what I mean check out our current API docs on this feature here<http://docs.rackspace.com/loadbalancers/api/v1.0/clb-devguide/content/Manage_Access_Lists-d1e3187.html>.
Cheers, --Jorge From: Eugene Nikanorov <enikano...@mirantis.com<mailto:enikano...@mirantis.com>> Reply-To: "OpenStack Development Mailing List (not for usage questions)" <openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>> Date: Thursday, March 20, 2014 1:35 AM To: "OpenStack Development Mailing List (not for usage questions)" <openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>> Subject: Re: [openstack-dev] [Neutron][LBaaS] Requirements Wiki Hi folks, my comments inlined: On Thu, Mar 20, 2014 at 6:13 AM, Youcef Laribi <youcef.lar...@citrix.com<mailto:youcef.lar...@citrix.com>> wrote: Jorge, Thanks for taking the time to put up a requirements list. Some comments below: * Static IP Addresses * Our current Cloud Load Balancing (CLB) offering utilizes static IP addresses which is something our customers really like, especially when setting up DNS. AWS for example, gives you an A record which you CNAME to. This should also already be addressed, as you can today specify the VIP’s IP address explicitly on creation. We do not have DNS-based support for LB like in AWS ELB though. Right, it's already there. Probably that's why it confused me :) * Active/Passive Failover * I think this is solved with multiple pools. The multiple pools support that is coming with L7 rules is to support content-switching based on L7 HTTP information (URL, headers, etc.). There is no support today for an active vs. passive pool. I'm not sure that's the priority. It depends on if this is widely supported among vendors. * IP Access Control * Our current CLB offering allows the user to restrict access through their load balancer by blacklisting/whitelisting cidr blocks and even individual ip addresses. This is just a basic security feature. Is this controlling access to the VIP’s IP address or to pool members IP addresses? There is also a Firewall service in Neutron. Could this feature better fit in that service? Agree, it's better to utilize what fwaas has to offer. Eugene. Youcef From: Jorge Miramontes [mailto:jorge.miramon...@rackspace.com<mailto:jorge.miramon...@rackspace.com>] Sent: Wednesday, March 19, 2014 11:44 AM To: OpenStack Development Mailing List (not for usage questions) Subject: Re: [openstack-dev] [Neutron][LBaaS] Requirements Wiki Oleg, thanks for the updates. Eugene, High/Medium/Low is fine with me. I really just wanted to find a way to rank even amongst all of 'X' priorities. As people start adding more items we may need more columns to add things such as this, links to blueprints (per Ryan's idea), etc. In terms of the requirements marked with a '?' I can try to clarify here: * Static IP Addresses * Our current Cloud Load Balancing (CLB) offering utilizes static IP addresses which is something our customers really like, especially when setting up DNS. AWS for example, gives you an A record which you CNAME to. * Active/Passive Failover * I think this is solved with multiple pools. * IP Access Control * Our current CLB offering allows the user to restrict access through their load balancer by blacklisting/whitelisting cidr blocks and even individual ip addresses. This is just a basic security feature. Cheers, --Jorge From: Eugene Nikanorov <enikano...@mirantis.com<mailto:enikano...@mirantis.com>> Reply-To: "OpenStack Development Mailing List (not for usage questions)" <openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>> Date: Wednesday, March 19, 2014 7:32 AM To: "OpenStack Development Mailing List (not for usage questions)" <openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>> Subject: Re: [openstack-dev] [Neutron][LBaaS] Requirements Wiki Hi Jorge, Thanks for taking care of the page. I've added priorities, although I'm not sure we need precise priority weights. Those features that still have '?' need further clarification. Thanks, Eugene. On Wed, Mar 19, 2014 at 11:18 AM, Oleg Bondarev <obonda...@mirantis.com<mailto:obonda...@mirantis.com>> wrote: Hi Jorge, Thanks for taking care of this and bringing it all together! This will be really useful for LBaaS discussions. I updated the wiki to include L7 rules support and also marking already implemented requirements. Thanks, Oleg On Wed, Mar 19, 2014 at 2:57 AM, Jorge Miramontes <jorge.miramon...@rackspace.com<mailto:jorge.miramon...@rackspace.com>> wrote: Hey Neutron LBaaS folks, Per last week's IRC meeting I have created a preliminary requirements & use case wiki page. I requested adding such a page since there appears to be a lot of new interest in load balancing and feel that we need a structured way to align everyone's interest in the project. Furthermore, it appears that understanding everyone's requirements and use cases will aid in the current object model discussion we all have been having. That being said, this wiki is malleable and open to discussion. I have added some preliminary requirements from my team's perspective in order to start the discussion. My vision is that people add requirements and use cases to the wiki for what they envision Neutron LBaaS becoming. That way, we can all discuss as a group, figure out what should and shouldn't be a requirement and prioritize the rest in an effort to focus development efforts. ReadyŠsetŠgo! Here is the link to the wiki ==> https://wiki.openstack.org/wiki/Neutron/LBaaS/requirements Cheers, --Jorge _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org<mailto:OpenStack-dev@lists.openstack.org> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org<mailto:OpenStack-dev@lists.openstack.org> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org<mailto:OpenStack-dev@lists.openstack.org> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
