Re: state of networking?

[Kapil Thangavelu]

The network support listed in the 1.25 alpha release notes (
https://lists.ubuntu.com/archives/juju-dev/2015-August/004721.html )  looks
pretty good, i'll give it a whirl.


On Tue, Sep 15, 2015 at 7:11 AM, Kapil Thangavelu  wrote:

> Its been hard to see much progress on this and i wanted to checkin wrt to
> the current state.
>
> The requirement of public ip on for the subnets sort of defeats the
> purpose of supporting non default vpcs. The use of vpc is typically around
> network segmentation and isolation semantics, ie db and app tier subnets
> don't have public ips by design. In fact at larger orgs, its not typical
> that an app deployment team would even have access to rearrange the network
> topology on demand. The learned model of inform juju of the network
> topology for a given env by defining/importing netspace/zone from extant
> subnets is more typical.
>
> cheers,
> kapil
>
>
> On Fri, Jul 24, 2015 at 3:44 PM, Dimiter Naydenov <
> dimiter.nayde...@canonical.com> wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> On 23.07.2015 22:57, Kapil Thangavelu wrote:
>> > I've talked to a few folk at some conferences, but i'm curious
>> > what's been happening in networking?
>> >
>> > it feels like its been fairly long time w/ little visible progress
>> > on end user features. particularly i'm curious about aws (ie. the
>> > worlds biggest cloud :-).. more concretely - can i use existing
>> > (non default) vpcs? - can i create/use extant subnets across zones
>> > and specify them for services? - can i control routing between
>> > subnets or alternatively control/enforce iptables for a service
>> > based on extant relations (optional)?
>> >
>> > afaics most of the network progress was in various client libs
>> > afaics over the last year (and a maas centric core network
>> > model)... are there any plans to switch out to the aws api sdk
>> > instead of maintaining a separate client lib?
>> >
>> > thanks,
>> >
>> > Kapil
>> >
>> >
>> >
>> Hey Kapil,
>>
>> I can report some progress on the points you've asked about:
>> 1) non-default VPC support is mostly done - see bug
>> https://bugs.launchpad.net/juju-core/+bug/1321442, which I have mostly
>> finished fixing. In brief, there will be a "vpc-id" environ setting
>> that can be used to specify a non-default (but compatible) VPC to use.
>> By compatible at this stage I mean 2 things: at least one subnet per
>> AZ, all subnets in the VPC have MapPublicIPOnLaunch set.
>> 2) the AWS VPC support is ongoing in a feature branch, the MVP
>> proposal will include: add existing subnet to juju (make juju aware of
>> it); create a space including one or more subnets; deploy a service
>> within a space.
>> 3) it's on the roadmap to do more sophisticated
>> routing/ACL/firewalling between spaces, but it won't happen until the
>> 16.04 time frame most likely.
>>
>> HTH,
>> Dimiter
>> - --
>> Dimiter Naydenov 
>> Juju Core Sapphire team 
>> -BEGIN PGP SIGNATURE-
>> Version: GnuPG v2.0.22 (GNU/Linux)
>>
>> iQEcBAEBAgAGBQJVspWBAAoJENzxV2TbLzHwoxkH/RM5JcXSNtL3wyLxafGbaCos
>> XMNEQAnMSE/EtQerDEfuu2GFA+Un1Rc0ng6gN6322uc0Ey3OSY9IQ2s8fGhaKFJh
>> NiBVHgLtlC77lKoIMGDyGf6OXXTRqZC/T/kM2Z2xrdWNcyVMySi2jH1+2kab+Ljr
>> 3hwKc546DjVpaigqLx/Tq66G2yoyrS8ITdudgK8K6LmPf7hUWLMPCbYam/Dw+yuC
>> PSiD2J8VNklOsg8U7zDPAyMcL+3ymyyIbp6aZRn5o6Hmkgfo64P+9J6waqFCfGTz
>> qtEE3PTHneajXES9ewOiTbY0NKn7joT2T5qlxJjrMVXeIYqzGId0iaIVwIgi1DI=
>> =p2Df
>> -END PGP SIGNATURE-
>>
>> --
>> Juju mailing list
>> Juju@lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/juju
>>
>
>
-- 
Juju mailing list
Juju@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/juju

Re: state of networking?

[Mark Shuttleworth]

On 17/09/15 13:09, Kapil Thangavelu wrote:
> The network support listed in the 1.25 alpha release notes ( > 
> https://lists.ubuntu.com/archives/juju-dev/2015-August/004721.html ) 
looks > pretty good, i'll give it a whirl.

Hey rockstar, nice to see you around again! Thanks for any feedback.

Mark


signature.asc
Description: OpenPGP digital signature
-- 
Juju mailing list
Juju@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/juju

Re: state of networking?

[Dimiter Naydenov]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hey Kapil,

Sorry for not responding earlier.

You raised some good points re non-default VPC support. My plan was to
introduce the support for specifying a VPC ID to use, while also
making sure initially Juju keeps the same behaviour and experience as
if the VPC was a default VPC (hence the validation I mentioned). Once
we have support for passing VPCID across the board in the EC2
provider, we can relax those requirements we're expecting the
specified VPC to meet (e.g. just print / log a warning instead of
refusing to use it). We do fully intend to support a VPC without
public IPs etc. later this year, but first we need to solve the issue
with API server nodes accessibility for all nodes in the environment
(this requirement won't change as Juju agents need to be able to
connect to the API server(s) regardless).

As for the new features in coming up in 1.25, more documentation will
be added in time for the release on how to use spaces etc. We're
actively soliciting feedback on spaces support and their
implementation. Only EC2 is supported for now and there are a few
rough edges still (e.g. it's not *yet* working end-to-end, but it will
be after I land a few fixes today in 1.25 and master).

Cheers,
Dimiter

On 17.09.2015 15:09, Kapil Thangavelu wrote:
> The network support listed in the 1.25 alpha release notes ( 
> https://lists.ubuntu.com/archives/juju-dev/2015-August/004721.html
> ) looks pretty good, i'll give it a whirl.
> 
> 
> On Tue, Sep 15, 2015 at 7:11 AM, Kapil Thangavelu
> > wrote:
> 
> Its been hard to see much progress on this and i wanted to checkin 
> wrt to the current state.
> 
> The requirement of public ip on for the subnets sort of defeats
> the purpose of supporting non default vpcs. The use of vpc is
> typically around network segmentation and isolation semantics, ie
> db and app tier subnets don't have public ips by design. In fact at
> larger orgs, its not typical that an app deployment team would even
> have access to rearrange the network topology on demand. The
> learned model of inform juju of the network topology for a given
> env by defining/importing netspace/zone from extant subnets is more
> typical.
> 
> cheers, kapil
> 
> 
> On Fri, Jul 24, 2015 at 3:44 PM, Dimiter Naydenov 
>  > wrote:
> 
> On 23.07.2015 22:57, Kapil Thangavelu wrote:
>> I've talked to a few folk at some conferences, but i'm curious 
>> what's been happening in networking?
> 
>> it feels like its been fairly long time w/ little visible
>> progress on end user features. particularly i'm curious about aws
>> (ie. the worlds biggest cloud :-).. more concretely - can i use
>> existing (non default) vpcs? - can i create/use extant subnets
>> across zones and specify them for services? - can i control
>> routing between subnets or alternatively control/enforce iptables
>> for a service based on extant relations (optional)?
> 
>> afaics most of the network progress was in various client libs 
>> afaics over the last year (and a maas centric core network 
>> model)... are there any plans to switch out to the aws api sdk 
>> instead of maintaining a separate client lib?
> 
>> thanks,
> 
>> Kapil
> 
> 
> 
> Hey Kapil,
> 
> I can report some progress on the points you've asked about: 1)
> non-default VPC support is mostly done - see bug 
> https://bugs.launchpad.net/juju-core/+bug/1321442, which I have 
> mostly finished fixing. In brief, there will be a "vpc-id" environ
> setting that can be used to specify a non-default (but compatible)
> VPC to use. By compatible at this stage I mean 2 things: at least
> one subnet per AZ, all subnets in the VPC have MapPublicIPOnLaunch
> set. 2) the AWS VPC support is ongoing in a feature branch, the
> MVP proposal will include: add existing subnet to juju (make juju 
> aware of it); create a space including one or more subnets; deploy
> a service within a space. 3) it's on the roadmap to do more
> sophisticated routing/ACL/firewalling between spaces, but it won't
> happen until the 16.04 time frame most likely.
> 
> HTH, Dimiter
> 
> -- Juju mailing list Juju@lists.ubuntu.com
>  Modify settings or unsubscribe at: 
> https://lists.ubuntu.com/mailman/listinfo/juju
> 
> 
> 

- -- 
Dimiter Naydenov 
Juju Core Sapphire team 
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJV+rgZAAoJENzxV2TbLzHw1mQIALgBwnhhcYoTgwyCU9shUpy2
I+YkbIeJ4wcpaEGAHjIWkKNYPfRiCK8MOyx+X9r0xI2enyztRBvoYwABLOwkMnP4
UyGXcNewD3S4hvgJJMSe9YgI8Xup3AO4M5eCFxCsTmqKGLLvoI7Mx5VixrM7fpj0
l/otG0yBsf93kSM+2etls92EjSyY+f3l16hqMj+ka7nz4mCv6pZNFqz3tZmPqZwb
8RqUwGgZfV/Zd+lhNBDaJas+6iegytFS6v63YP/DBbwWNvAp2DMMwDcoMnsw9qbN
nlugAAZJ/WZC6iUDEd24KFrtd4kohTEbgPEqp1OtZgoDHT3IreV+U0UewMGs11A=
=lao8
-END PGP SIGNATURE-

-- 
Juju mailing list

Juju on CloudStack

[Herman Bergwerf]

Maybe this is a noob question but I cannot find the answer online (only
posts from a couple of years ago and I believe Juju has changed since then).
(how) can I run Juju on CloudStack?

Thanks,
Herman Bergwerf
-- 
Juju mailing list
Juju@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/juju