Youcef,<div><br></div><div>The proposals you've described are exactly the ones being considered on the wiki page.</div><div>I am considering both at the moment, and I'm evaluating them along the following dimensions:</div>
<div>1) Flexibility (and the multiple plugins approach here is a winner, probably)</div><div>2) Impact on Quantum architecture (single plugin would be the one with the lowest impact)</div><div>3) Implementation effort (here I am still undecided, as the approach with a single plugin ends up moving the complexity from Quantum server to the plugin)</div>
<div><br></div><div>It seems we have not yet a clear decision, but several people from the community are advocating for clean, separate interfaces among plugins.</div><div>Another option we might consider is whether we start adopting 1 plugin per type of service (so 1 core plugin, 1 firewall plugin, 1 load balancing plugin), and update quantum to dispatch the call to the appropriate plugin.</div>
<div>On this single 'LB' plugin we can immediately start providing an OSS implementation, so that Quantum users will have the ability of testing the feature. Vendor-specific plugin might follow suit. What we will not have immediately (and I mean G-1 or G-2) is the ability of serving multiple providers at the same time, which is one of the fundamental requirements for LBaaS, but we can commit to add this capability by G-3.</div>
<div><br></div><div>Thanks,</div><div>Salvatore</div><div><br><br><div class="gmail_quote">On 2 November 2012 16:45, Youcef Laribi <span dir="ltr"><<a href="mailto:Youcef.Laribi@eu.citrix.com" target="_blank">Youcef.Laribi@eu.citrix.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div lang="EN-US" link="blue" vlink="purple"><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Thanks Eugene, Salvatore for validating the current situation. Now let me try to understand the changes we are proposing for incorporating LBaaS and other “advanced services”.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">All current “Core plugins” in Quantum like the “Linux Bridge” plugin implement the L2 core APIs, and some of these plugins also implement the L3 extension. Today, there can only be one “core plugin” running in Quantum. So, the total of the APIs supported will depend the core plugin that was configured.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Are we saying, that we will modify some of these core plugins to also implement the LBaaS extension, so they will expose the LBaaS APIs in addition to the L2 and L3 APIs ? If not, is the proposal to modify Quantum to support more than one plugin at a time (a “core” one + others) ? <u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Youcef<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><a name="13ac208c7ae610a0__MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></a></p><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Salvatore Orlando [mailto:<a href="mailto:sorlando@nicira.com" target="_blank">sorlando@nicira.com</a>] <br>
<b>Sent:</b> Friday, November 2, 2012 2:11 AM</span></p><div class="im"><br><b>To:</b> OpenStack Development Mailing List<br></div><b>Subject:</b> Re: [openstack-dev] [Quantum][LBaaS] Advanced Services Insertion<u></u><u></u><p>
</p><div><div class="h5"><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Youcef,<u></u><u></u></p><div><p class="MsoNormal"><u></u> <u></u></p></div><div><p class="MsoNormal">I think that picture describes quite well the framework Quantum is already adopting for l2/l3 connectivity.<u></u><u></u></p>
</div><div><p class="MsoNormal">We could do down that route for LBaaS as well. However for supporting multiple providers we'll need to keep in mind that we might need some logic, within the Quantum plugin for dispatching to the appropriate agent.<u></u><u></u></p>
</div><div><p class="MsoNormal"><u></u> <u></u></p></div><div><p class="MsoNormal">With your permission, I will take your picture and use it in the service insertion wiki page, which I will update with the outcome of the recent discussions we had.<u></u><u></u></p>
</div><div><p class="MsoNormal"><u></u> <u></u></p></div><div><p class="MsoNormal" style="margin-bottom:12.0pt">Salvatore<u></u><u></u></p><div><p class="MsoNormal">On 2 November 2012 07:22, Eugene Nikanorov <<a href="mailto:enikanorov@mirantis.com" target="_blank">enikanorov@mirantis.com</a>> wrote:<u></u><u></u></p>
<p class="MsoNormal">Hi Youcef,<u></u><u></u></p><div><p class="MsoNormal"><u></u> <u></u></p></div><div><p class="MsoNormal">The picture you've made is quite accurate. <u></u><u></u></p></div><div><p class="MsoNormal">
My opinion is that we should adopt the same approach for lbaas, e.g. extension - plugin - agent - drivers.<u></u><u></u></p></div><div><p class="MsoNormal"><u></u> <u></u></p></div><div><p class="MsoNormal">Thanks,<u></u><u></u></p>
</div><div><p class="MsoNormal" style="margin-bottom:12.0pt">Eugene.<u></u><u></u></p><div><div><div><p class="MsoNormal">On Fri, Nov 2, 2012 at 10:44 AM, Youcef Laribi <<a href="mailto:Youcef.Laribi@eu.citrix.com" target="_blank">Youcef.Laribi@eu.citrix.com</a>> wrote:<u></u><u></u></p>
</div></div><blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in"><div><div><div><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Eugene, Salvatore,</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">In order to clarify the terminology in our meetings and not get confused, I’m trying to draw a picture that represents how Quantum is organized today (mostly for myself). I have uploaded an attempt here:</span><u></u><u></u></p>
<p class="MsoNormal"><a href="http://wiki.openstack.org/Quantum/LBaaS?action=AttachFile&do=view&target=Quantum+Internal+components.png" target="_blank">http://wiki.openstack.org/Quantum/LBaaS?action=AttachFile&do=view&target=Quantum+Internal+components.png</a><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Can you please check it for accuracy since you are familiar with the code? Once we agree and understand this picture, we can more easily discuss what needs to be changed in Quantum to accommodate LBaaS.</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Youcef</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Eugene Nikanorov [mailto:<a href="mailto:enikanorov@mirantis.com" target="_blank">enikanorov@mirantis.com</a>] <br>
<b>Sent:</b> Wednesday, October 31, 2012 6:32 AM<br><b>To:</b> <a href="mailto:openstack-dev@lists.openstack.org" target="_blank">openstack-dev@lists.openstack.org</a><br><b>Subject:</b> [openstack-dev] [Quantum][LBaaS] Advanced Services Insertion</span><u></u><u></u></p>
<div><div><p class="MsoNormal"> <u></u><u></u></p><p class="MsoNormal">Hi Salvatore,<u></u><u></u></p><div><p class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">I'd like to give some feedback/questions based on yesterday's meeting discussion and your renewed <a href="http://wiki.openstack.org/Quantum/ServiceInsertion" target="_blank">http://wiki.openstack.org/Quantum/ServiceInsertion</a> page.<u></u><u></u></p>
</div><div><p class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">First of all, I think it's worth to fix the terminology just to avoid any confusion:<u></u><u></u></p></div><div><p class="MsoNormal">
<u></u><u></u></p></div><div><p class="MsoNormal">- extension (API extension) - set of REST calls<u></u><u></u></p></div><div><p class="MsoNormal">- plugin - code that implements certain API, works with quantum database, pushes calls to agents<u></u><u></u></p>
</div><div><p class="MsoNormal">- core plugin - code that implements core API (networks, subnets, ports, L3)<u></u><u></u></p></div><div><p class="MsoNormal">- agent - listens to commands from plugin, applies configuration to particular device type, ex: ovs agent, L3 agent<u></u><u></u></p>
</div><div><p class="MsoNormal">- driver - code that applies conf to particular device type. That is just another layer needed to support different device types. Example: Loadbalancing agent may have several drivers to talk to different LB devices.<u></u><u></u></p>
</div><div><p class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">Some thoughts on the Service Insertion proposal:<u></u><u></u></p></div><div><p class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">
1. It seems that multiplugin approach is the right way to move further compared to "mixin" approach where we inject and modify code of the core plugin.<u></u><u></u></p></div><div><p class="MsoNormal">This will preserve plugin independency while require some changes to infrastructure (plugin loading, extension management).<u></u><u></u></p>
</div><div><p class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">2. Having several implementations of the same service type.<u></u><u></u></p></div><div><p class="MsoNormal">If all services of the certain type implement the same calls, then something should allow to route the call to particular plugin.<u></u><u></u></p>
</div><div><p class="MsoNormal">The options include:<u></u><u></u></p></div><div><p class="MsoNormal"> 1) passing particular service impl as a url parameter<u></u><u></u></p></div><div><p class="MsoNormal"> 2) having a prefix in uri for certain svc type: /lb_svc/lbaas_impl1/call.json, /lb_svc/lbaas_impl2/call.json<u></u><u></u></p>
</div><div><p class="MsoNormal"> 3) having (tenant, service implementation) assosiation in DB that will allow to route a call automatically. But this makes 1 to 1 relation, e.g. tenant will have only 1 impl of service available<u></u><u></u></p>
</div><div><p class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">My preference is (2): first of all, it "splits" whole API between core API and Adv Svc API, and also does so for different service type implementations.<u></u><u></u></p>
</div><div><p class="MsoNormal">Although URIs may not be so short as we want them, that could prevent from naming collisions between different service types.<u></u><u></u></p></div><div><p class="MsoNormal"> <u></u><u></u></p>
</div><div><p class="MsoNormal">3. Service Insertion:<u></u><u></u></p></div><div><p class="MsoNormal">I was thinking about routed/floating-mode insertion and there is a certain thing I don't understand: the workflow.<u></u><u></u></p>
</div><div><p class="MsoNormal">It seems that the whole thing is somehow close to what we used to call "device management" in mirantis implementaion of lbaas, but it doesn't look like solving all device management tasks.<u></u><u></u></p>
</div><div><p class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">So in our implementation of LBaaS the workflow was as following:<u></u><u></u></p></div><div><p class="MsoNormal">1) admin creates the device. Essentially it's just an instruction to LBaaS of where is the device (it's address), which type is it and credentials to manage it.<u></u><u></u></p>
</div><div><p class="MsoNormal">2) tenant creates VIP. During this operation LBaaS chooses the most appropriate device from the list of available and makes appropriate device configuration<u></u><u></u></p></div><div><p class="MsoNormal">
<u></u><u></u></p></div><div><p class="MsoNormal">If we're talking about workflow within Quantum it could look like following (scenario 1 - shared HW device):<u></u><u></u></p></div><div><p class="MsoNormal">1) admin creates the device. The same as in lbaas - address, type, credentials<u></u><u></u></p>
</div><div><p class="MsoNormal">2) tenant creates VIP: Quantum LBaaS plugin chooses the device, configures connectivity between the device and tenant network (possibly with l3 router configuration), <u></u><u></u></p></div>
<div><p class="MsoNormal">configures loadbalancer according to provided VIP parameters, possibly assigns floating IP from external network<u></u><u></u></p></div><div><p class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">
If we're talking about private balancer with Quantum, then:<u></u><u></u></p></div><div><p class="MsoNormal">1) tenant creates the device. This could be a launch of VM with HA Proxy within tenant for instance.<u></u><u></u></p>
</div><div><p class="MsoNormal">2) tenant creates VIP: LBaaS configures loadbalancer according to provided VIP parameters, possibly assigns floating IP from external network. No other actions required<u></u><u></u></p></div>
<div><p class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">It would be great if you explain how service assignments for routers maps to device management scenarios and what exact workflow will be. <u></u><u></u></p>
</div><div><p class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">Thanks,<u></u><u></u></p></div><div><p class="MsoNormal">Eugene.<u></u><u></u></p></div></div></div></div></div><p class="MsoNormal"><u></u> <u></u></p>
</div></div><div><p class="MsoNormal" style="margin-bottom:12.0pt">_______________________________________________<br>OpenStack-dev mailing list<br><a href="mailto:OpenStack-dev@lists.openstack.org" target="_blank">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><u></u><u></u></p></div></blockquote></div><p class="MsoNormal">
<u></u> <u></u></p></div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>_______________________________________________<br>OpenStack-dev mailing list<br><a href="mailto:OpenStack-dev@lists.openstack.org" target="_blank">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><u></u><u></u></p></div><p class="MsoNormal"><u></u> <u></u></p>
</div></div></div></div></div><br>_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br></div>