<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Courier;
panose-1:2 7 4 9 2 2 5 2 4 4;}
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:"Courier New";}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.line
{mso-style-name:line;}
span.string
{mso-style-name:string;}
span.number
{mso-style-name:number;}
span.consword
{mso-style-name:consword;}
span.EmailStyle24
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='color:#1F497D'>Hi Peter,<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>The “HTTPS” protocol described is end-to-end, the load balancer is not doing any SSL-offload here. So there still no need for cert management as we agreed in San Diego.<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>On adding “GET /protocols” , “GET /lb_methods” and “GET /algorithms” APIs, they were in the spec in the initial version </span><span style='font-family:Wingdings;color:#1F497D'>J</span><span style='color:#1F497D'> I removed them after I revised the spec to include feedback, because to be complete we would also need to list the session persistence modes supported, the types of health monitors supported, etc. Where would we stop? I felt that is what the spec doc is for: to specify what the core API supports. If extensions support additional protocols, algorithms, session persistence modes, new type of health monitors, etc. then they would need to document these. <o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>This goes back to your initial point about a schema for the API. How do I discover the extensions supported by an API without reading some doc. I feel the solution is not to add calls like /protocols to compensate for the lack of schemas. I don’t know how other OpenStack APIs deal with this.<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F497D'>Youcef<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Mellquist, Peter [mailto:peter.mellquist@hp.com] <br><b>Sent:</b> Friday, November 09, 2012 2:51 PM<br><b>To:</b> OpenStack Development Mailing List<br><b>Subject:</b> [openstack-dev] Quantum LBaaS API HTTPS support<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>In the current LBaaS API spec, <a href="http://wiki.openstack.org/Quantum/LBaaS/API_1.0">http://wiki.openstack.org/Quantum/LBaaS/API_1.0</a>, I noticed that there are examples of vips with HTTPS specified as the protocol.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>{<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"vips"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>:[<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> {<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"id"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>: </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"02b1fef7-16f5-4917-bf19-c40a9af805ed"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>,<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"tenant_id"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>: </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"310df60f-2a10-4ee5-9554-98393092194c"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>,<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"name"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>: </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"web_vip"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>,<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"network_id"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>: </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"96a4386a-f8c3-42ed-afce-d7954eee77b3"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>,<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"address"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> : </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"10.30.176.47"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>,<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"protocol"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>: </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"HTTPS"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>,<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"port"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>: </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#0080C0'>443</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>,<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"pool_id"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> : </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"cfc6589d-f949-4c66-99d2-c2da56ef3764"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>,<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"session_persistence"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> : {</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"type"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>:</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"APP_COOKIE"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>, </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"cookie_name"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>:</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"jsessionid"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>},<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"admin_state_up"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>: </span><b><span lang=EN style='font-size:7.0pt;font-family:Courier;color:teal'>true</span></b><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>,<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"status"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>: </span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:#004080'>"PENDING_CREATE"</span><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'><o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> }<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'> ]<o:p></o:p></span></p><p class=MsoNormal style='line-height:9.0pt;background:#F3F5F7'><span lang=EN style='font-size:7.0pt;font-family:Courier;color:black'>}<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Is the plan to add certificate management APIs to support this? In San Diego, I recall hearing we would only go after HTTP and TCP to begin with and hold on HTTPS and cert mgmt but perhaps this is no longer the case ?<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>What about adding a /protocols resource to advertise all supported protocols ( HTTP, TCP, etc )? This would help tenants to see what is supported and only use these in the vip creation. To think of it, /lb_methods ( a.k.a. /algorithms ) would also make sense.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Peter.<o:p></o:p></p></div></body></html>