Hi Anthony, Adding you in CC in case you missed this message.
We're trying to understand in more detail your plan for Security Groups support. Thanks, Dave. On Fri, Feb 15, 2013 at 3:19 PM, Mills, Joseph <j...@midokura.jp> wrote: > *Hi Anthony, > > Thanks for the quick response. Just to check my understanding: > > CloudStack has 4 networking models: > Basic (Only in Basic Zone) > Isolated (Only in Advanced Zone) > Shared (Only in Advanced Zone) > VPC (Only in Advanced Zone) > > Zones can be Security Group enabled, or Security Group disabled - this is a > tickbox in the UI when creating a Zone. > > Network Offerings can have the Security Groups Capability enabled or not - > this is a tickbox in the UI when creating a NetworkOffering. > > You have code that is almost ready to commit (CLOUDSTACK-737, currently > adding unit tests), and you also plan to make further changes for 4.2 - > let’s call these “current” and “future”. changes. > > (1) Your “current” changes add support for the Security Groups Capability > in Advanced Shared networks, however this will be only be supported by the > Virtual Router Provider, with no option to be supported by other network > plugins. > > (2) For 4.2 (“future”), you plan to add support for the Security Groups > Capability in Advanced Isolated networks. This will also not have the > option of being supported by other network plugins. > > Is this correct? > > Any reason why you have chosen to implement this service differently than > the other Services with respect to pluggability? > > Thanks, > Joe* > > On Fri, Feb 15, 2013 at 1:11 PM, Anthony Xu <xuefei...@citrix.com> wrote: > > > I have plan to add isolated and shared networks to SG enabled zone in > 4.2, > > the service providers on these network will be supported in SG enabled > > zone, but as for SG enabled shared network, current plan is only support > > Virtual Router as service provider. If you want to add other service > > provider in SG enabled shared network, please file a feature request for > > it, and welcome work on that feature. > > > > > > Anthony > > > > > -----Original Message----- > > > From: Mills, Joseph [mailto:j...@midokura.jp] > > > Sent: Thursday, February 14, 2013 7:02 PM > > > To: cloudstack-dev@incubator.apache.org > > > Subject: Security Groups in Advanced Zone - Plugin Support > > > > > > I was looking at the FS for Security Group Isolation in Advanced Zone, > > > (CLOUDSTACK-737) and I noticed that: > > > > > > "Only one network service provider is supported in advanced SG enabled > > > zone > > > - Virtual Router" > > > > > > Are there currently any plans to add pluggability support for Security > > > Groups in 4.2, and if so, is any timeline estimate available? As far as > > > we > > > know, all other Services are pluggable, and we would like to support > > > Security Group Isolation as well. > > > > > > Thanks, > > > Joe > > >
