<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">On 2013年08月16日 14:34, Christopher Yeoh
      wrote:<br>
    </div>
    <blockquote
cite="mid:CANCY3efXm=af=qH4gONA3iuDSSgEU05kMHDnzBZDQO921Xp77Q@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div class="gmail_extra"><br>
          <div class="gmail_quote">On Fri, Aug 16, 2013 at 10:28 AM,
            Melanie Witt <span dir="ltr"><<a moz-do-not-send="true"
                href="mailto:melwitt@yahoo-inc.com" target="_blank">melwitt@yahoo-inc.com</a>></span>
            wrote:<br>
            <blockquote class="gmail_quote" style="margin:0 0 0
              .8ex;border-left:1px #ccc solid;padding-left:1ex">
              <div class="im">On Aug 15, 2013, at 1:13 PM, Joe Gordon
                wrote:<br>
                <br>
                > +1 from me as long as this wouldn't change anything
                for the EC2 API's security groups support, which I
                assume it won't.<br>
                <br>
              </div>
              Correct, it's unrelated to the ec2 api.<br>
              <br>
              We discussed briefly in the nova meeting today and there
              was consensus that removing the standalone
              associate/disassociate actions should happen.<br>
              <br>
              Now the question is whether to keep the server create
              piece and not remove the extension entirely. The concern
              is about a delay in the newly provisioned instance being
              associated with the desired security groups. With the
              extension, the instance gets the desired security groups
              before the instance is active (I think). Without the
              extension, the client would receive the active instance
              and then call neutron to associate it with the desired
              security groups.<br>
              <br>
              Would such a delay in associating with security groups be
              a problem?<br>
            </blockquote>
            <div><br>
            </div>
            <div>I think we should keep the capability to set the
              security group on instance creation, so those who care
              about this sort of race condition can avoid if they want
              to.<br>
            </div>
            <div><br>
            </div>
          </div>
        </div>
      </div>
    </blockquote>
    <br>
    I am working v3 network. I plan to only support create new instance
    with port id, didn't support with<br>
    network id and fixed ip anymore. So that means user need create port
    from Neutron firstly, then<br>
    pass the port id into the request of creating instance. If we think
    this is ok, user can associate the <br>
    desired security groups when create port, and we can remove the
    securitygroup extension entirely.<br>
    <br>
    <blockquote
cite="mid:CANCY3efXm=af=qH4gONA3iuDSSgEU05kMHDnzBZDQO921Xp77Q@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div class="gmail_extra">
          <div class="gmail_quote">
            <div>+1 to removing the associate/disassociate actions
              though<br>
            </div>
            <div> <br>
            </div>
            <div>Chris<br>
            </div>
            <br>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
OpenStack-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a>
<a class="moz-txt-link-freetext" href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>