Its been hard to see much progress on this and i wanted to checkin wrt to the current state.
The requirement of public ip on for the subnets sort of defeats the purpose of supporting non default vpcs. The use of vpc is typically around network segmentation and isolation semantics, ie db and app tier subnets don't have public ips by design. In fact at larger orgs, its not typical that an app deployment team would even have access to rearrange the network topology on demand. The learned model of inform juju of the network topology for a given env by defining/importing netspace/zone from extant subnets is more typical. cheers, kapil On Fri, Jul 24, 2015 at 3:44 PM, Dimiter Naydenov < dimiter.nayde...@canonical.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 23.07.2015 22:57, Kapil Thangavelu wrote: > > I've talked to a few folk at some conferences, but i'm curious > > what's been happening in networking? > > > > it feels like its been fairly long time w/ little visible progress > > on end user features. particularly i'm curious about aws (ie. the > > worlds biggest cloud :-).. more concretely - can i use existing > > (non default) vpcs? - can i create/use extant subnets across zones > > and specify them for services? - can i control routing between > > subnets or alternatively control/enforce iptables for a service > > based on extant relations (optional)? > > > > afaics most of the network progress was in various client libs > > afaics over the last year (and a maas centric core network > > model)... are there any plans to switch out to the aws api sdk > > instead of maintaining a separate client lib? > > > > thanks, > > > > Kapil > > > > > > > Hey Kapil, > > I can report some progress on the points you've asked about: > 1) non-default VPC support is mostly done - see bug > https://bugs.launchpad.net/juju-core/+bug/1321442, which I have mostly > finished fixing. In brief, there will be a "vpc-id" environ setting > that can be used to specify a non-default (but compatible) VPC to use. > By compatible at this stage I mean 2 things: at least one subnet per > AZ, all subnets in the VPC have MapPublicIPOnLaunch set. > 2) the AWS VPC support is ongoing in a feature branch, the MVP > proposal will include: add existing subnet to juju (make juju aware of > it); create a space including one or more subnets; deploy a service > within a space. > 3) it's on the roadmap to do more sophisticated > routing/ACL/firewalling between spaces, but it won't happen until the > 16.04 time frame most likely. > > HTH, > Dimiter > - -- > Dimiter Naydenov <dimiter.nayde...@canonical.com> > Juju Core Sapphire team <http://juju.ubuntu.com> > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.22 (GNU/Linux) > > iQEcBAEBAgAGBQJVspWBAAoJENzxV2TbLzHwoxkH/RM5JcXSNtL3wyLxafGbaCos > XMNEQAnMSE/EtQerDEfuu2GFA+Un1Rc0ng6gN6322uc0Ey3OSY9IQ2s8fGhaKFJh > NiBVHgLtlC77lKoIMGDyGf6OXXTRqZC/T/kM2Z2xrdWNcyVMySi2jH1+2kab+Ljr > 3hwKc546DjVpaigqLx/Tq66G2yoyrS8ITdudgK8K6LmPf7hUWLMPCbYam/Dw+yuC > PSiD2J8VNklOsg8U7zDPAyMcL+3ymyyIbp6aZRn5o6Hmkgfo64P+9J6waqFCfGTz > qtEE3PTHneajXES9ewOiTbY0NKn7joT2T5qlxJjrMVXeIYqzGId0iaIVwIgi1DI= > =p2Df > -----END PGP SIGNATURE----- > > -- > Juju mailing list > Juju@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/juju >
-- Juju mailing list Juju@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju
