[openstack-dev] [Neutron] Service VM discussion - Use Cases

Sumit Naiksatam sumitnaiksatam at gmail.com
Wed Oct 9 21:09:40 UTC 2013 

Thanks Bob, I agree this is an important aspect of the implementation.
However, apart from being able to specify which network(s) the VM has
interfaces on, what more needs to be done specifically in the proposed
library to achieve the tenant level isolation?

Thanks,
~Sumit.


On Tue, Oct 8, 2013 at 11:34 PM, Bob Melander (bmelande) <bmelande at cisco.com
> wrote:

>  For use case 2, ability to "pin" an admin/operator owned VM to a
> particular tenant can be useful.
> I.e., the service VMs are owned by the operator but a particular service
> VM will only allow service instances from a single tenant.
>
>  Thanks,
> Bob
>
>   From: <Regnier>, Greg J <greg.j.regnier at intel.com>
> Reply-To: OpenStack Development Mailing List <
> openstack-dev at lists.openstack.org>
> Date: tisdag 8 oktober 2013 23:48
> To: "openstack-dev at lists.openstack.org" <openstack-dev at lists.openstack.org
> >
> Subject: [openstack-dev] [Neutron] Service VM discussion - Use Cases
>
>   Hi,****
>
> ** **
>
> Re: blueprint:
> https://blueprints.launchpad.net/neutron/+spec/adv-services-in-vms****
>
> Before going into more detail on the mechanics, would like to nail down
> use cases.  ****
>
> Based on input and feedback, here is what I see so far.  ****
>
> ** **
>
> Assumptions:****
>
>  ****
>
> - a 'Service VM' hosts one or more 'Service Instances'****
>
> - each Service Instance has one or more Data Ports that plug into Neutron
> networks****
>
> - each Service Instance has a Service Management i/f for Service
> management (e.g. FW rules)****
>
> - each Service Instance has a VM Management i/f for VM management (e.g.
> health monitor)****
>
>  ****
>
> Use case 1: Private Service VM ****
>
> Owned by tenant****
>
> VM hosts one or more service instances****
>
> Ports of each service instance only plug into network(s) owned by tenant**
> **
>
>  ****
>
> Use case 2: Shared Service VM****
>
> Owned by admin/operator****
>
> VM hosts multiple service instances****
>
> The ports of each service instance plug into one tenants network(s)****
>
> Service instance provides isolation from other service instances within VM
> ****
>
>  ****
>
> Use case 3: Multi-Service VM****
>
> Either Private or Shared Service VM****
>
> Support multiple service types (e.g. FW, LB, …)****
>
> ** **
>
> -          Greg****
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20131009/4e6fddc8/attachment.html>

More information about the OpenStack-dev mailing list