Hi Likitha, I agree with you that the 1st solution seems like a better approach.
Regards, Manan Shah On 2/21/13 9:39 PM, "Likitha Shetty" <likitha.she...@citrix.com> wrote: >Hi Manan, > >Thanks for the feedback. Please find my answers inline. > >Thank you, >Likitha > >>-----Original Message----- >>From: Manan Shah >>Sent: Friday, February 22, 2013 10:28 AM >>To: Likitha Shetty; cloudstack-users@incubator.apache.org; cloudstack- >>d...@incubator.apache.org >>Cc: Manan Shah >>Subject: Re: [DISCUSS] Dedicated Resources: Public IP Addresses and >>VLANs per >>Tenant >> >>Hi Likitha, >> >>Comments in-line belowŠ. Also, please let us know once the FS is updated. >> >>Regards, >>Manan Shah >> >> >> >> >>On 2/19/13 8:59 PM, "Likitha Shetty" <likitha.she...@citrix.com> wrote: >> >>>CCing Manan to comment on the requirements. >>> >>>>-----Original Message----- >>>>From: Likitha Shetty [mailto:likitha.she...@citrix.com] >>>>Sent: Friday, February 15, 2013 7:09 PM >>>>To: cloudstack-users@incubator.apache.org; cloudstack- >>>>d...@incubator.apache.org >>>>Subject: RE: [DISCUSS] Dedicated Resources: Public IP Addresses and >>>>VLANs per Tenant >>>> >>>>Hi All, >>>> >>>>This is with respect to Part 1 of the feature 'Dedicate Public IP >>>>range' >>>>which is >>>>already implemented in CS. >>>>Following is the observation wrt what is the current CS implementation >>>>and the proposed changes to the same, >>>> >>>>1. A public VLAN-IP range can only be associated to an account >>>>during the >>>>creation of the range >>>>Proposed change - Admin should be allowed to dedicate a range even >>>>after it has been created and also allowed to change the owner >>[Manan] Agreed with the functionality. >>>> >>>>2. If an admin associates an IP range to an account, all the IP's >>>>of that range >>>>get acquired by a single isolated network in that account >> >>[Manan] Why do you think this is the right functionality. What if the >>admin wants >>to allocate a public IP range to a account and wants to allow the tenant >>to create >>as many networks as they want and use this public IP range. >[Likitha] Manan, I agree. I don't think this is the right behavior. So >the following is what currently happens in CS, >If an admin associates an IP range to an account, all the IP's of that >range get acquired by a single isolated network in that account >1. If there are no isolated guest networks, a new network is created and >all the IP's from the range are dedicated to the new network >2. If there is 1 isolated guest network, all the IP's from the range are >dedicated to the existing network >3. If there are more than 1 isolated guest network CS throws an error > >There are 2 possible changes we can introduce to resolve this, >1. During dedication we just mark this range of IP's as dedicated. And >when the user acquires an IP for a particular network we allow the >network to choose from the dedicated range. >2. During dedication when an account is chosen, the user also has the >option to choose one of the network in the account which can acquire the >IP's >I prefer the 1st solution because with the 2nd solution, one of the >networks of the tenant will acquire all the IP's. >Thoughts? >> >>>> >>>>a. If there are no isolated guest networks, a new network is >>>>created and all >>>>the IP's from the range are dedicated to the new network >>>> >>>>b. If there is 1 isolated guest network, all the IP's from the >>>>range are >>>>dedicated to the existing network >>>> >>>>c. If there are more than 1 isolated guest network CS throws an >>>>error >>>> >>>> Proposed change - When an account is chosen, the user >>>>also has the option to choose the network in the account which can >>>>acquire the IP's >>>> >>>>3. When a network that has a dedicated IP range is deleted, the >>>>mapping >>>>between the account that owned the network and IP range persists. This >>>>implies that the admin sees that the range is associated to the >>>>account. But the IP's from this range can be acquired by any other >>>>account >>>> >>>>Proposed change - The IP range should no longer be owned by the >>>>account >>[Manan] Agree with the proposed change >>>> >>>>4. When an account is deleted the IP ranges dedicated to that >>>>account get >>>>deleted >>>> >>>>Proposed change - The range should be released back to the free pool >>>>instead >> >>[Manan] Agree with the proposed change. I am assuming if there are any >>public >>Ips that are in use (Loadbalancing, Port Forwarding, Static-NAT, >>etc) then they will remain as is. >> >>>> >>>>5. I see a potential starving scenario where a certain account >>>>that has >>>>dedicated range uses up all the IP's from the free pool as well >>>> >>>>Proposed change - Impose a configurable limit like say, at least one >>>>range should always belong to the free pool >>[Manan] Agree with the proposed change >>>> >>>>6. Even if a range is dedicated to an account, any network that >>>>belongs to >>>>this account including the one that has acquired the IP's can acquire >>>>more IP's from the free pool. This is because when we dedicate an IP >>>>range to an account, one of the networks of that account acquires all >>>>the IP's. >>>> >>>>Proposed change - During dedication we just mark this range of IP's as >>>>dedicated. And only when the user acquires an IP for a particular >>>>network we allow the network to choose from the dedicated range. If >>>>this change is implemented we will not run into issue #2. >>>> >>>>Please provide your feedback. I will publish an FS keeping in line >>>>with the requirements we decide upon. >>>> >>>> >>>> >>>>Thank you, >>>> >>>>Likitha >>>> >>>> >>>> >>>>-----Original Message----- >>>>From: Likitha Shetty [mailto:likitha.she...@citrix.com] >>>>Sent: Friday, January 18, 2013 5:11 PM >>>>To: cloudstack-users@incubator.apache.org; cloudstack- >>>>d...@incubator.apache.org >>>>Subject: RE: [DISCUSS] Dedicated Resources: Public IP Addresses and >>>>VLANs per Tenant >>>> >>>> >>>> >>>>In CloudStack we can already reserve the public IP range to an account >>>>but not release it back to the free pool, so how about we divide this >>>>requirement into 2 parts - 1) Dedicate Public IP range 2) Dedicate >>>>Guest VLAN's per tenant. >>>> >>>> >>>> >>>>Since Part 1 has already implemented, we need to only add the >>>>enhancement 'Add releasing these IP Address range to the free pool'. I >>>>will create an enhancement ticket to track this? >>>> >>>>As for Part 2, I will soon publish an FS based on the requirements. >>>> >>>> >>>> >>>>Any concerns? >>>> >>>> >>>> >>>>Thank you, >>>> >>>>Likitha >>>> >>>> >>>> >>>>>-----Original Message----- >>>> >>>>>From: Likitha Shetty [mailto:likitha.she...@citrix.com] >>>> >>>>>Sent: Thursday, January 17, 2013 3:55 PM >>>> >>>>>To: cloudstack-users@incubator.apache.org; cloudstack- >>>> >>>>>d...@incubator.apache.org >>>> >>>>>Subject: RE: [DISCUSS] Dedicated Resources: Public IP Addresses and >>>> >>>>>VLANs per Tenant >>>> >>>>> >>>> >>>>>Yes, before reserving the public ip range we do verify if the >>>> >>>>>account/domain is exceeding the limit. >>>> >>>>> >>>> >>>>>Thank You, >>>> >>>>>Likitha >>>> >>>>> >>>> >>>>>>-----Original Message----- >>>> >>>>>>From: Sailaja Mada [mailto:sailaja.m...@citrix.com] >>>> >>>>>>Sent: Thursday, January 17, 2013 3:50 PM >>>> >>>>>>To: cloudstack-users@incubator.apache.org; cloudstack- >>>> >>>>>>d...@incubator.apache.org >>>> >>>>>>Subject: RE: [DISCUSS] Dedicated Resources: Public IP Addresses and >>>> >>>>>>VLANs per Tenant >>>> >>>>>> >>>> >>>>>>Hi Likitha, >>>> >>>>>> >>>> >>>>>>Currently we can reserve the public IP range to an account. I would >>>> >>>>>>assume we are cross checking the account/domain limit for the max no >>>> >>>>>>of Public IP addresses while reserving the Public IP to an account? >>>> >>>>>> >>>> >>>>>>Please clarify. >>>> >>>>>> >>>> >>>>>>Thanks, >>>> >>>>>>Sailaja.M >>>> >>>>>> >>>> >>>>>>-----Original Message----- >>>> >>>>>>From: Likitha Shetty [mailto:likitha.she...@citrix.com] >>>> >>>>>>Sent: Thursday, January 10, 2013 7:43 PM >>>> >>>>>>To: cloudstack-users@incubator.apache.org; cloudstack- >>>> >>>>>>d...@incubator.apache.org >>>> >>>>>>Subject: RE: [DISCUSS] Dedicated Resources: Public IP Addresses and >>>> >>>>>>VLANs per Tenant >>>> >>>>>> >>>> >>>>>>For CreateVlanIpRange API call, we can set the account parameter to >>>> >>>>>>specify the VLAN owner. If specified, the Public IP's get allocated >>>>>>to >>>> >>>>>>the account and the VLAN get dedicated to it. Could you please >>>>>>clarify >>>> >>>>>>what the difference between this and the mentioned requirement is? >>>> >>>>>> >>>> >>>>>>But I couldn't figure out a way to release back the VLAN and the >>>> >>>>>>allocated IP's to the free pool. I achieved it by deleting the >>>>>>VLAN-IP >>>> >>>>>>range and then adding it back to the system account. Is there a >>>>>>better >>>> >>>>>>way to do it or do we need to implement this? >>>> >>>>>> >>>> >>>>>>Thank you, >>>> >>>>>>Likitha >>>> >>>>>> >>>> >>>>>>>-----Original Message----- >>>> >>>>>>>From: Manan Shah [mailto:manan.s...@citrix.com] >>>> >>>>>>>Sent: Friday, January 04, 2013 10:11 PM >>>> >>>>>>>To: cloudstack-users@incubator.apache.org >>>> >>>>>>>Subject: Re: [DISCUSS] Dedicated Resources: Public IP Addresses and >>>> >>>>>>>VLANs per Tenant >>>> >>>>>>> >>>> >>>>>>>Thanks Tamas for bringing up additional requirements. I have >>>>>>>updated >>>> >>>>>>>the requirements document. >>>> >>>>>>> >>>> >>>>>>>Regards, >>>> >>>>>>>Manan Shah >>>> >>>>>>> >>>> >>>>>>> >>>> >>>>>>> >>>> >>>>>>> >>>> >>>>>>>On 1/4/13 6:32 AM, "Tamas Monos" >>>><tam...@veber.co.uk<mailto:tam...@veber.co.uk>> wrote: >>>> >>>>>>> >>>> >>>>>>>>+1 >>>> >>>>>>>> >>>> >>>>>>>>Additional to the requirements: >>>> >>>>>>>>- Usage must reflect if these are assigned to an Account so the >>>> >>>>>>>>admin can see how many IP is allocated to the account. >>>> >>>>>>>>- On allocation it needs to check whether the required range is >>>> >>>>>>>>available (not in use) and conforms with the account limits >>>>>>>>(cannot >>>> >>>>>>>>allocate more IPs than maximum IPs per account). >>>> >>>>>>>> >>>> >>>>>>>>Regards >>>> >>>>>>>> >>>> >>>>>>>>Tamas Monos DDI >>>> >>>>>>>>+44(0)2034687012 >>>> >>>>>>>>Chief Technical Office >>>> >>>>>>>>+44(0)2034687000 >>>> >>>>>>>>Veber: The Hosting Specialists Fax +44(0)871 >>>>>>>>522 >>>> >>>>>>>>7057 >>>> >>>>>>>>http://www.veber.co.uk >>>> >>>>>>>> >>>> >>>>>>>>Follow us on Twitter: >>>>www.twitter.com/veberhost<http://www.twitter.com/veberhost> Follow us >>>>on >>>>Facebook: >>>> >>>>>>>>www.facebook.com/veberhost<http://www.facebook.com/veberhost> >>>> >>>>>>>> >>>> >>>>>>>> >>>> >>>>>>>>-----Original Message----- >>>> >>>>>>>>From: Manan Shah [mailto:manan.s...@citrix.com] >>>> >>>>>>>>Sent: 22 December 2012 01:03 >>>> >>>>>>>>To: cloudstack-users@incubator.apache.org >>>> >>>>>>>>Subject: [DISCUSS] Dedicated Resources: Public IP Addresses and >>>> >>>>>>>>VLANs per Tenant >>>> >>>>>>>> >>>> >>>>>>>>Hi, >>>> >>>>>>>> >>>> >>>>>>>>I would like to propose a new feature for dedicating IP Addresses >>>> >>>>>>>>and VLANs per Tenant. I have created a JIRA ticket and provided >>>>>>>>the >>>> >>>>>>>>requirements at the following location. Please provide feedback >>>>>>>>on >>>> >>>>>>>>the requirements. >>>> >>>>>>>> >>>> >>>>>>>>JIRA Ticket: https://issues.apache.org/jira/browse/CLOUDSTACK-704 >>>> >>>>>>>>Requirements: >>>> >>>>>>>>https://cwiki.apache.org/confluence/display/CLOUDSTACK/Dedicated+R >>>>>>>>es >>>> >>>>>>>>o >>>> >>>>>>>>u >>>> >>>>>>>>r >>>> >>>>>>>>ces >>>> >>>>>>>>+ >>>> >>>>>>>>-+Public+IP+Addresses+and+VLANs+per+Tenant >>>> >>>>>>>> >>>> >>>>>>>>Regards, >>>> >>>>>>>>Manan Shah >>>> >>>>>>>> >>>> >>>>>>>> >>>> >>>>>>>> >>>> >>> >
