<div><span style="font-size: 14px;">Thanks to everybody working on this,</span></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">Answers inline:</span></div>
<p style="color: #A0A0A8;">On Tuesday, 10 de March de 2015 at 0:34, Tidwell, Ryan wrote:</p>
<blockquote type="cite" style="border-left-style:solid;border-width:1px;margin-left:0px;padding-left:10px;">
<span><div><div>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 12 (filtered medium)">
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Thanks Salvatore. Here are my thoughts, hopefully there’s some merit to them:<o:p></o:p></span></p>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">With implicit allocations, the thinking is that this is where a subnet is created in a backward-compatible way with no subnetpool_id and the subnets API’s continue
to work as they always have.<o:p></o:p></span></p>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">In the case of a specific subnet allocation request (create-subnet passing a pool ID and specific CIDR), I would look in the pool’s available prefix list and
carve out a subnet from one of those prefixes and ask for it to be reserved for me. In that case I know the CIDR I’ll be getting up front. In such a case, I’m not sure I’d ever specify my gateway using notation like 0.0.0.1, even if I was allowed to. If
I know I’ll be getting 10.10.10.0/24, I can simply pass gateway_ip as 10.10.10.1 and be done with it. I see no added value in supporting that wildcard notation for a gateway on a specific subnet allocation.<o:p></o:p></span></p>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">In the case of an “any” subnet allocation request (create-subnet passing a pool ID, but no specific CIDR), I’m already delegating responsibility for addressing
my subnet to Neutron. As such, it seems reasonable to not have strong opinions about details like gateway_ip when making the request to create a subnet in this manner.<o:p></o:p></span></p>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">To me, this all points to not supporting wildcards for gateway_ip and allocation_pools on subnet create (even though it found its way into the spec). My opinion
(which I think lines up with yours) is that on an any request it makes sense to let the pool fill in allocation_pools and gateway_ip when requesting an “any” allocation from a subnet pool. When creating a specific subnet from a pool, gateway IP and allocation
pools could still be passed explicitly by the user.<o:p></o:p></span></p>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">-Ryan<o:p></o:p></span></p>
<p style="margin: 0px;"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p style="margin: 0px;"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Salvatore Orlando [<a href="mailto:sorlando@nicira.com">mailto:sorlando@nicira.com</a>]
<br>
<b>Sent:</b> Monday, March 09, 2015 6:06 AM<br>
<b>To:</b> OpenStack Development Mailing List<br>
<b>Subject:</b> [openstack-dev] [api][neutron] Best API for generating subnets from pool<o:p></o:p></span></p>
</div>
<p style="margin: 0px;"><o:p> </o:p></p>
<div>
<p style="margin: 0px;">Greetings!<o:p></o:p></p>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">Neutron is adding a new concept of "subnet pool". To put it simply, it is a collection of IP prefixes from which subnets can be allocated. In this way a user does not have to specify a full CIDR, but simply a desired prefix length, and
then let the pool generate a CIDR from its prefixes. The full spec is available at [1], whereas two patches are up for review at [2] (CRUD) and [3] (integration between subnets and subnet pools).<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">While [2] is quite straightforward, I must admit I am not really sure that the current approach chosen for generating subnets from a pool might be the best one, and I'm therefore seeking your advice on this matter.<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">A subnet can be created with or without a pool.<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">Without a pool the user will pass the desired cidr:<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">POST /v2.0/subnets<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">{'network_id': 'meh',<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'cidr': '<a href="http://192.168.0.0/24">192.168.0.0/24</a>'}<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">Instead with a pool the user will pass pool id and desired prefix lenght:<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">POST /v2.0/subnets<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">{'network_id': 'meh',<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'prefix_len': 24,<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'pool_id': 'some_pool'}<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">The response to the previous call would populate the subnet cidr.<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">So far it looks quite good. Prefix_len is a bit of duplicated information, but that's tolerable.<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">It gets a bit awkward when the user specifies also attributes such as desired gateway ip or allocation pools, as they have to be specified in a "cidr-agnostic" way. For instance:<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<div>
<p style="margin: 0px;">POST /v2.0/subnets<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">{'network_id': 'meh',<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'gateway_ip': '0.0.0.1',<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'prefix_len': 24,<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'pool_id': 'some_pool'}<o:p></o:p></p>
</div>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">would indicate that the user wishes to use the first address in the range as the gateway IP, and the API would return something like this:<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<div>
<div>
<p style="margin: 0px;">POST /v2.0/subnets<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">{'network_id': 'meh',<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'cidr': '<a href="http://10.10.10.0/24">10.10.10.0/24</a>'<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'gateway_ip': '10.10.10.1',<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'prefix_len': 24,<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'pool_id': 'some_pool'}<o:p></o:p></p>
</div>
</div>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">The problem with this approach is, in my opinion, that attributes such as gateway_ip are used with different semantics in requests and responses; this might also need users to write client applications expecting the values in the response
might differ from those in the request.<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">I have been considering alternatives, but could not find any that I would regard as winner.<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">I therefore have some questions for the neutron community and the API working group:<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">1) (this is more for neutron people) Is there a real use case for requesting specific gateway IPs and allocation pools when allocating from a pool? If not, maybe we should let the pool set a default gateway IP and allocation pools. The
user can then update them with another call. Another option would be to provide "subnet templates" from which a user can choose. For instance one template could have the gateway as first IP, and then a single pool for the rest of the CIDR.</p></div></div></div></div></div></span></blockquote><div> </div><div><span style="font-size: 14px;">a) What if the subnet pools go into an external network, so, the gateway is predefined and external, we may want to be able to specify it, we could assume the convention </span><span style="font-size: 14px;">that we’re going to expect the gateway to be on the first IP of the subnet...</span></div><div> </div><div><span style="font-size: 14px;">b) Thinking of an on-link route, the gateway could be a fixed IP (regardless of the subnet CIDR), this case is not fully supported now in neutron l3-agent now, but I plan to add it on the next cycle [5] (sorry, I’ve been a bit slow at this), it’s a very neat standard where you can route RIPE blocks as subnets to a physical net without spending any extra IP for the router.</span></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">And, how would we cover b?, </span></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">may be having gateway_ip i) “mask:0.0.0.1” or ii) gateway_ip “11.22.33.44” ? </span></div><div><br></div><div><span style="font-size: 14px;">or considering the first octect=0 to make a mask?</span></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">If we step over the REST standard, we could use gateway_ip_mask vs gateway_ip,</span></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">Another option for “i” / "ii" could be to include a fixed gateway IP / mask in the subnet CIDR, so when user doesn’t specify, it’s automatically picked up.</span></div><div><br></div><blockquote type="cite" style="border-left-style:solid;border-width:1px;margin-left:0px;padding-left:10px;"><span>
<div>
<p style="margin: 0px;">2) Is the action of creating a subnet from a pool better realized as a different way of creating a subnet, or should there be some sort of "pool action"? Eg.:<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">POST /subnet_pools/my_pool_id/subnet<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">{'prefix_len': 24}<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">which would return a subnet response like this (note prefix_len might not be needed in this case)<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">{'id': 'meh',<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'cidr': '<a href="http://192.168.0.0/24">192.168.0.0/24</a>',<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'gateway_ip': '192.168.0.1',<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'pool_id': 'my_pool_id'}<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">I am generally not a big fan of RESTful actions. But in this case the semantics of the API operation are that of a subnet creation from within a pool, so that might be ok.<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">3) Would it be possible to consider putting information about how to generate a subnet from a pool in the subnet request body as follows?<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">POST /v2.0/subnets<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">{<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'pool_info':<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> {'pool_id': my_pool_id,<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"> 'prefix_len': 24}<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">}<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">This would return a response like the previous.<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">This approach is in theory simple, but composite attributes proved to a difficult beast already - for instance you can look at external_gateway_info in the router definition [4]<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p></o:p></p></div></span></blockquote><div><span style="font-size: 14px;">Options 1, 2 or 3 make sense to me, but, considering your complexity argument I believe 1 or 2 are more reasonable.</span></div><div> </div><blockquote type="cite" style="border-left-style:solid;border-width:1px;margin-left:0px;padding-left:10px;"><span><div><p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">Thanks for your time and thanks in advance for your feedback.<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">Salvatore<o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;"><o:p> </o:p></p>
</div>
<div>
<p style="margin: 0px;">[1] <a href="http://specs.openstack.org/openstack/neutron-specs/specs/kilo/subnet-allocation.html">http://specs.openstack.org/openstack/neutron-specs/specs/kilo/subnet-allocation.html</a><o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">[2] <a href="https://review.openstack.org/#/c/148698/">https://review.openstack.org/#/c/148698/</a><o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">[3] <a href="https://review.openstack.org/#/c/157597/21/neutron/api/v2/attributes.py">https://review.openstack.org/#/c/157597/21/neutron/api/v2/attributes.py</a><o:p></o:p></p>
</div>
<div>
<p style="margin: 0px;">[4] <a href="http://git.openstack.org/cgit/openstack/neutron/tree/neutron/extensions/l3.py#n106">http://git.openstack.org/cgit/openstack/neutron/tree/neutron/extensions/l3.py#n106</a></p></div></span></blockquote><div><br></div><div><span style="font-size: 14px;">[5] </span><a href="https://bugs.launchpad.net/neutron/+bug/1398768">https://bugs.launchpad.net/neutron/+bug/1398768</a> </div><blockquote type="cite" style="border-left-style:solid;border-width:1px;margin-left:0px;padding-left:10px;"><span><div><div><div><div><div><p style="margin: 0px;"><o:p></o:p></p>
</div>
</div>
</div>
</div><div><div>__________________________________________________________________________</div><div>OpenStack Development Mailing List (not for usage questions)</div><div>Unsubscribe: <a href="mailto:OpenStack-dev-request@lists.openstack.org?subject:unsubscribe">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a></div><div><a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a></div></div></div></span>
</blockquote>
<div>
<br>
</div>