Excerpts from Jay Pipes's message of 2017-06-20 10:08:54 -0400: > On 06/20/2017 09:42 AM, Doug Hellmann wrote: > > Does "service VM" need to be a first-class thing? Akanda creates > > them, using a service user. The VMs are tied to a "router" which > > is the billable resource that the user understands and interacts with > > through the API. > > Frankly, I believe all of these types of services should be built as > applications that run on OpenStack (or other) infrastructure. In other > words, they should not be part of the infrastructure itself. > > There's really no need for a user of a DBaaS to have access to the host > or hosts the DB is running on. If the user really wanted that, they > would just spin up a VM/baremetal server and install the thing themselves. >
There's one reason, and that is specialized resources that we don't trust to be multi-tenant. Baremetal done multi-tenant is hard, just ask our friends who were/are running OnMetal. But baremetal done for the purposes of running MySQL clusters that only allow users to access MySQL and control everything via an agent of sorts is a lot simpler. You can let them all share a layer 2 with no MAC filtering for instance, since you are in control at the OS level. __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev