Thanks Nirmal. I am moving the changes to latest codebase. I will send PR shortly after that.
On Sat, Aug 2, 2014 at 9:48 PM, Nirmal Fernando <nirmal070...@gmail.com> wrote: > Hi Suriya, > > Please see my comments inline. > > > On Sun, Aug 3, 2014 at 4:33 AM, Sathyasuriya Priya <sathyasur...@gmail.com > > wrote: > >> Hi Nirmal, devs, >> >> Following are some important aspects of GCE design/implementation. >> Let me know of any changes/suggestions. >> >> *1. GCE credential: *Jclouds uses GCE service accounts for communicating >> with IaaS. This includes a service account email address (for example, >> 607132743639-fihqilsm9pemf9c98ppmv1otbvtmg...@developer.gserviceaccount.com) >> and a private key in text(~1000 chars). This identity, credential can be >> specified in cloud-controller.xml as follows. Currently mode 1 is >> implemented. Based on suggestions we can implement mode 2 or 3. >> >> *Mode 1:* private key in pem text. >> <identity svns:secretAlias="cloud.controller.gce.identity"> >> >> 607132743639-fihqilsm9pemf9c98ppmv1otbvtmg...@developer.gserviceaccount.com >> </identity> >> <credential svns:secretAlias="cloud.controller.gce.credential"> >> -----BEGIN PRIVATE KEY----- >> #### ~15 lines of private key >> -----END PRIVATE KEY----- >> </credential> >> >> *Mode 2:* Instead of giving the private key in text format, we can give >> a path to a file. The file will have the key in pem format. >> <identity svns:secretAlias="cloud.controller.gce.identity"> >> >> 607132743639-fihqilsm9pemf9c98ppmv1otbvtmg...@developer.gserviceaccount.com >> </identity> >> <credential svns:secretAlias="cloud.controller.gce.credential"> >> /home/suriya/key/privatekey.pem >> </credential> >> >> *Mode 3:* Mixed mode 1 & 2. Either pem text or path to file can be >> there. Stratos code can try to autodetect the mode. >> > > Ok, GCE's account authentication mechanism is key based then. It's bit > different to other IaaS providers. Out of curiosity does GCE use another > key pair to spawn instances? > > I'd like to have Mode2, but for the first iteration, Mode1 is perfectly > fine. > > >> *2. Network*: GCE instance can connect to only one network [1]. I think, >> this is different from EC2 or openstack, where one instance can connect to >> many networks. So stratos server needs to be in same network as cartridge >> instances. I hope this is ok for multi-tenant mode in stratos. This network >> name can be mentioned in cartridge json as follows (similar to EC2, but >> only one name should be specified) >> "networkInterfaces": [ >> { >> "networkUuid": "default-network-name" >> } >> ] >> >> > Ya, there's no issue in multi-tenant mode. I hope this is not mandatory. > > Connecting only to one network, is certainly not a blocker IMO. > > *3. Naming convention:* I have used 'gce' in all stratos code, and >> wherever needed in xml, etc. But in jclouds [2] 'google-compute-engine' is >> being used. So in the code copied from jclouds to stratos >> dependencies/jclouds/apis/google-compute-engine/, 'gce' is not used. I hope >> this is ok. >> > > Ya, this is ok. > > Looking forward to see a PR soon :) > > Great work so far! > >> >> [1] https://developers.google.com/compute/docs/instances-and-network >> [2] https://github.com/jclouds/jclouds-labs-google >> [3] >> https://github.com/suriyapriya/incubator-stratos/tree/gce/dependencies/jclouds/apis/google-compute-engine >> >> Thanks >> Suriya >> > > > > -- > Best Regards, > Nirmal > > Nirmal Fernando. > PPMC Member & Committer of Apache Stratos, > Senior Software Engineer, WSO2 Inc. > > Blog: http://nirmalfdo.blogspot.com/ >