<div dir="ltr"><div>As mentioned earlier in this thread there are few VM based L3 implementations already in neutron - from Cisco (CSR) and Brocade (Vyatta vRouter). Both extends off neutron L3 service-plugin framework. And they both have been decomposed in the current Kilo cycle into stackforge. So all you need is another L3 service-plugin for openwrt hosted in stackforge. I don't see any framework level enhancements required to support this.</div><div><br></div><div>However I do see some value in extracting common elements off these "service-VM" implementations - particularly related to launching the VM, plumbing the ports, etc into an utility library (oslo? tacker?). </div><div><br></div><div>- Sridhar</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Apr 16, 2015 at 2:06 PM, Sławek Kapłoński <span dir="ltr"><<a href="mailto:slawek@kaplonski.pl" target="_blank">slawek@kaplonski.pl</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br>
<br>
--<br>
Pozdrawiam<br>
Sławek Kapłoński<br>
<a href="mailto:slawek@kaplonski.pl">slawek@kaplonski.pl</a><br>
<span class=""><br>
On Wed, Apr 15, 2015 at 11:06:49PM +0200, Salvatore Orlando wrote:<br>
> I think this work falls into the "service VM" category.<br>
><br>
> openwrt unlike other service VMs used for networking services (like<br>
> cloudstack's router vm) is very lightweight, and it's fairly easy to<br>
> provision such VMs on the fly. It should be easy also to integrate with a<br>
> ML2 control plane or even with other plugins.<br>
><br>
> It is a decent alternative to the l3 agent. Possibly to the dhcp agent as<br>
> well. As I see this as an alternative to part of the "reference" control<br>
> plane, I expect it to provide its own metadata proxy. The only change in<br>
> neutron would be some sort of configurability in the metadata proxy<br>
> launcher (assuming you do not provide DHCP as well via openwrt, in which<br>
> case the problem would not exist, probably).<br>
><br>
> It's not my call about whether this should live in neutron or not. My vote<br>
> is not - simply because I believe that neutron is not a control plane, and<br>
> everything that is control plane or integration with it should live outside<br>
> of neutron, including our agents.<br>
><br>
> On the other hand, I don't really see what the 'aaS' part of this. You're<br>
> not exposing anything "as a service" specific to openwrt, are you?<br>
<br>
</span>I told here only my (maybe not good) idea that instead of openwrt as a<br>
service which will provide router functionalities in vm maybe better<br>
would be to provide some mechanism to make possibility to connect<br>
different vms which provide such router functionalities (something like<br>
service here).<br>
<div class="HOEnZb"><div class="h5"><br>
><br>
> Salvatore<br>
><br>
><br>
><br>
> On 15 April 2015 at 22:06, Sławek Kapłoński <<a href="mailto:slawek@kaplonski.pl">slawek@kaplonski.pl</a>> wrote:<br>
><br>
> > Hello,<br>
> ><br>
> > I agree. IMHO it should be maybe something like *aaS deployed on VM. I<br>
> > think that Octavia is something like that for LBaaS now.<br>
> > Maybe it could be something like "RouteraaS" which will provide all such<br>
> > functions in VM?<br>
> ><br>
> > --<br>
> > Best regards / Pozdrawiam<br>
> > Sławek Kapłoński<br>
> > <a href="mailto:slawek@kaplonski.pl">slawek@kaplonski.pl</a><br>
> ><br>
> > On Wed, Apr 15, 2015 at 11:55:06AM -0500, Dean Troyer wrote:<br>
> > > On Wed, Apr 15, 2015 at 2:37 AM, Guo, Ruijing <<a href="mailto:ruijing.guo@intel.com">ruijing.guo@intel.com</a>><br>
> > wrote:<br>
> > ><br>
> > > > I’d like to propose openwrt VM as service.<br>
> > > ><br>
> > > ><br>
> > > ><br>
> > > > What’s openWRT VM as service:<br>
> > > ><br>
> > > ><br>
> > > ><br>
> > > > a) Tenant can download openWRT VM from<br>
> > > > <a href="http://downloads.openwrt.org/" target="_blank">http://downloads.openwrt.org/</a><br>
> > > ><br>
> > > > b) Tenant can create WAN interface from external public<br>
> > network<br>
> > > ><br>
> > > > c) Tenant can create private network and create instance<br>
> > from<br>
> > > > private network<br>
> > > ><br>
> > > > d) Tenent can configure openWRT for several services<br>
> > including<br>
> > > > DHCP, route, QoS, ACL and VPNs.<br>
> > > ><br>
> > ><br>
> > ><br>
> > > So first off, I'll be the first on in line to promote using OpenWRT for<br>
> > the<br>
> > > basis of appliances for this sort of thing. I use it to overcome the<br>
> > 'joy'<br>
> > > of VirtualBox's local networking and love what it can do in 64M RAM.<br>
> > ><br>
> > > However, what you are describing are services, yes, but I think to focus<br>
> > on<br>
> > > the OpenWRT part of it is missing the point. For example, Neutron has a<br>
> > > VPNaaS already, but I agree it can also be built using OpenWRT and<br>
> > > OpenVPN. I don't think it is a stand-alone service though, using a<br>
> > > combination of Heat/{ansible|chef|puppet|salt}/any other<br>
> > > deployment/orchestration can get you there. I have a shell script<br>
> > > somewhere for doing exactly that on AWS from way back.<br>
> > ><br>
> > > What I've always wanted was an image builder that would customize the<br>
> > > packages pre-installed. This would be especially useful for disposable<br>
> > > ramdisk-only or JFFS images that really can't install additional<br>
> > packages.<br>
> > > Such a front-end to the SDK/imagebuilder sounds like about half of what<br>
> > you<br>
> > > are talking about above.<br>
> > ><br>
> > > Also, FWIW, a while back I packaged up a micro cloud-init replacement[0]<br>
> > in<br>
> > > shell that turns out to be really useful. It's based on something I<br>
> > > couldn't find again to give proper attribution so if anyone knows who<br>
> > > originated this I'd be grateful.<br>
> > ><br>
> > > dt<br>
> > ><br>
> > > [0] <a href="https://github.com/dtroyer/openwrt-packages/tree/master/rc.cloud" target="_blank">https://github.com/dtroyer/openwrt-packages/tree/master/rc.cloud</a><br>
> > > --<br>
> > ><br>
> > > Dean Troyer<br>
> > > <a href="mailto:dtroyer@gmail.com">dtroyer@gmail.com</a><br>
> ><br>
> > ><br>
> > __________________________________________________________________________<br>
> > > OpenStack Development Mailing List (not for usage questions)<br>
> > > Unsubscribe:<br>
> > <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
> > > <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
> ><br>
> ><br>
> > __________________________________________________________________________<br>
> > OpenStack Development Mailing List (not for usage questions)<br>
> > Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
> > <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
> ><br>
<br>
> __________________________________________________________________________<br>
> OpenStack Development Mailing List (not for usage questions)<br>
> Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br>
<br>
__________________________________________________________________________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
</div></div></blockquote></div><br></div>