[openstack-dev] [Quantum] Quantum Firewall Service

balaji patnala patnala003 at gmail.com
Fri Apr 5 05:37:47 UTC 2013


Hi Sumit,

"* The firewall resource as expressed in the model is a logical instance in
the Quantum model. It's mapping to a physical/virtual appliance is left to
the backend."

Is it like we are trying to create a "firewall instance" in Quantum for a
Tenant and then we want to map this Quantum Instance to "Physical" or
"Virtual" Firewall Appliance.?

Can you through some light on this?

Regards,
Balaji.P

On Fri, Apr 5, 2013 at 6:03 AM, Sumit Naiksatam <sumitnaiksatam at gmail.com>wrote:

> Just wanted to give an update on the call today - we had a fairly large
> number of people attending from PayPal, VMware, Cisco, Big Switch (to name
> a few that I noted).
>
> Discussion notes:
>
> * Decided to focus in the firewall_rule attributes - current definition of
> attributes is not clear. Although the intent is to capture these as
> flexible placeholder objects, the document is not very indicative. Needs to
> be articulated better (e.g. source_ip_address should just be a "source"
> string).
>
> * Need a little more deliberation on which attributes in the
> firewall_rules need to form the core set of attributes; other lesser
> used/vendor-centric attributes can be modeled as "extended attributes".
>
> * The zone attribute/resource definition needs to be expanded.
>
> * It might be more practical to model a firewall_rule to firewall_policy
> relationship as 1:1. If we take that approach, it might be helpful to have
> a sequence number attribute in the firewall_rule.
>
> * It might be helpful to model firewall instance to firewall_policy
> relationship as 1:many
>
> * The firewall resource as expressed in the model is a logical instance in
> the Quantum model. It's mapping to a physical/virtual appliance is left to
> the backend.
>
> * Details on use cases are required. Will help to validate against the
> model.
>
> In general, we seem to have a decent start to the base model. No major
> objections on the workflow.
>
> We will continue to have discussions over emails, and have another call
> next week.
>
> Please feel free to add anything I might have missed.
>
> Thanks,
>
> ~Sumit.
>
>  On Wed, Apr 3, 2013 at 10:47 AM, Sumit Naiksatam <
> sumitnaiksatam at gmail.com> wrote:
>
>> We have set up a conference call scheduled for Thursday April 4th to
>> discuss this topic as a preparation for the upcoming summit.
>>
>> Agenda:
>> Current draft: https://wiki.openstack.org/wiki/Quantum/FWaaS/API
>>
>> Logistics (thanks to Vinay/Anand, PayPal):
>>
>> Where: Conference Bridge - (855) 227 1767 x 7152259
>>
>> When: Thursday, April 04, 2013 2:00 PM-3:00 PM. (UTC-08:00) Pacific Time (US & Canada)
>>
>> Where: Conference Bridge - (855) 227 1767 x 7152259
>>
>> Conf. Code 7152259
>> Phones Numbers:
>>
>>
>>    - (855) 227-1767(USA) - 08003765931(UK)
>>    - 0008006103229 (India – Toll Free)
>>    -
>>
>>    81080024322044 (Moscow), 4992701688(Moscow)
>>
>> Web Conf: https://myroom-na.adobeconnect.com/anandpalanisamy/
>>
>>
>>
>> More Numbers: https://www.intercallonline.com/portlets/scheduling/viewNumbers/listNumbersByCode.do?confCode=7152259&name=&email=&selectedProduct=joinMeeting
>>
>> Thanks,
>>
>> ~Sumit.
>>
>>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130405/73dcccfc/attachment.html>


More information about the OpenStack-dev mailing list