Hi,
Here is my list of comments/queries after reviewing the FS.
(1) when the shared n/w scope is set to "domain/project", how is the external
device allocation happen? Is it going to be dedicated to domain/project if we
select "dedicated" during n/w offering creation ? I have this question because
in case of isolated we dedicate devices to account.
(2) how does network GC happen? What happens in the following cases
(a) Do we GC the VR when the shared network is just enabled with DNS,
DHCP but no L4-L7 features with external devices?
(b) Do we GC the VR when the shared network is enabled with all the
services including L4-L7 features with external devices?
(3) I have a question about the following line mentioned in FS.
" listPublicIpAddresses API shall be enhanced to take network ID
corresponding to the shared network in the advanced zone. When listAll API
parameter is set to true, API shall return list of the public IP's associated
with the network which caller is authorised to see."
(a) What else is the caller (non-cloud-admin) is authorized to see
apart from what his account owns?
(b) Does this list sourceNAT IP ?
(4) Since the shared n/w is used by multiple accounts, who is allowed to call
"restartNetwork"? Is it only allowed by admin/normal accounts/ (domain admins
in case where shared n/w scope is "domain")
(5) Any differences between restartNetwork with cleanup=true and false?
(6) Any support for offering upgrades? Like upgrade from an offering using F5
to an offering using NetScaler as LB provider?
(7) Any plans to support a different public pool for shared n/w's apart from
what we define at zone level during creation?
Thanks,
SWAMY
-----Original Message-----
From: Murali Reddy [mailto:murali.re...@citrix.com]
Sent: Tuesday, October 16, 2012 8:28 PM
To: cloudstack-dev@incubator.apache.org
Subject: [4.1 feature RFC] L4-L7 network services in shared network
CloudStack supports guest networks of type isolated and shared. While there is
rich support of L4-L7 network services like firewall, NAT, LB in the isolated
networks, similar network services are not available in the networks of shared
type. While there is EIP and ELB services which provides NAT and LB service in
basic zone which uses shared network, there are no firewall, NAT, LB services
available to the shared networks created in the advanced zone. For
enterprise/private clouds and simple deployments it make sense to enable L4-L7
services in the shared networks. I am proposing that CloudStack should enable
L4-L7 network services in the shared networks created in the advanced zone. I
opened new feature request for 4.1 release [1] and documented the functional
requirements at [2]. Please comment.
[1].https://issues.apache.org/jira/browse/CLOUDSTACK-312
[2].https://cwiki.apache.org/confluence/display/CLOUDSTACK/L4-L7+network+services+in+shared+network
