[openstack-dev] [Neutron] Service VM discussion - Use Cases
Harshad Nakil
hnakil at contrailsystems.com
Wed Oct 9 16:56:25 UTC 2013
Admin creating service instance for a tenant could common use case. But
ownership of service can be controlled via already existing access control
mechanism in openstack. If the service instance belonged to a particular
project then other tenants should by definition should not be able to use
this instance.
On Tue, Oct 8, 2013 at 11:34 PM, Bob Melander (bmelande) <bmelande at cisco.com
> wrote:
> For use case 2, ability to "pin" an admin/operator owned VM to a
> particular tenant can be useful.
> I.e., the service VMs are owned by the operator but a particular service
> VM will only allow service instances from a single tenant.
>
> Thanks,
> Bob
>
> From: <Regnier>, Greg J <greg.j.regnier at intel.com>
> Reply-To: OpenStack Development Mailing List <
> openstack-dev at lists.openstack.org>
> Date: tisdag 8 oktober 2013 23:48
> To: "openstack-dev at lists.openstack.org" <openstack-dev at lists.openstack.org
> >
> Subject: [openstack-dev] [Neutron] Service VM discussion - Use Cases
>
> Hi,****
>
> ** **
>
> Re: blueprint:
> https://blueprints.launchpad.net/neutron/+spec/adv-services-in-vms****
>
> Before going into more detail on the mechanics, would like to nail down
> use cases. ****
>
> Based on input and feedback, here is what I see so far. ****
>
> ** **
>
> Assumptions:****
>
> ****
>
> - a 'Service VM' hosts one or more 'Service Instances'****
>
> - each Service Instance has one or more Data Ports that plug into Neutron
> networks****
>
> - each Service Instance has a Service Management i/f for Service
> management (e.g. FW rules)****
>
> - each Service Instance has a VM Management i/f for VM management (e.g.
> health monitor)****
>
> ****
>
> Use case 1: Private Service VM ****
>
> Owned by tenant****
>
> VM hosts one or more service instances****
>
> Ports of each service instance only plug into network(s) owned by tenant**
> **
>
> ****
>
> Use case 2: Shared Service VM****
>
> Owned by admin/operator****
>
> VM hosts multiple service instances****
>
> The ports of each service instance plug into one tenants network(s)****
>
> Service instance provides isolation from other service instances within VM
> ****
>
> ****
>
> Use case 3: Multi-Service VM****
>
> Either Private or Shared Service VM****
>
> Support multiple service types (e.g. FW, LB, …)****
>
> ** **
>
> - Greg****
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20131009/8e7bb972/attachment.html>
More information about the OpenStack-dev
mailing list