[openstack-dev] [neutron] openwrt VM as service

A, Keshava keshava.a at hp.com
Thu Apr 16 10:09:23 UTC 2015 

Hi,
These Service-VMs are for which purpose. What are differentiations factors between “open stack Service-VM” (OSVM)  and nfv / Tenant-Service-VM (TSVM)?
[cid:image002.png at 01D0785B.7FFD05F0]
Open stack control: (OSC):

o   OSC Manages these OSVM ?

o   Each services inside OSVM are enabled by OSC ?

o   These OSVM can process the east-west packet also ? Or there scope is only program the OVS  of the open stack infrastructure ?

o   Can OSVM also have OVS ?

o   If OSVM process packet, at user level what will be impact on latency ?

o   How to protect OVSM from  Tenants  ? How to provide security w.r.t OVSM data, so in multi-tenants scenario , they will not be corrupt he OVSM.
Tenants Controller: (Ex: NFV VIM / others):

o   Each TSVM services are enabled by Tennant Controller ?

o   TSVM can write into OVS local to that VM.
Can OSC controller write into TSVM OVS, if required , to optimize the latency ?
If required OSC controller can program the OVS inside the OVSVM also ?  Are we heading in this direction ?



Regards,
keshava


From: Zang, Rui [mailto:rui.zang at intel.com]
Sent: Thursday, April 16, 2015 1:03 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [neutron] openwrt VM as service

We have a “Tacker” project aiming to manage service VMs.
https://wiki.openstack.org/wiki/ServiceVM
Personally I think all the advance network services like firewall/LB/VPN can be provided by service VMs and eventually managed by Tacker.

From: A, Keshava [mailto:keshava.a at hp.com]
Sent: Thursday, April 16, 2015 2:56 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [neutron] openwrt VM as service

Hi,
SO we are going in a direction , where Open stack Infrastructure features  also moving into Service-VM ?
                Moving into Service-VM is mixing with NFV world, where these   Tennant/NFV Services are supposed to be outside open stack infrastructure.
                Let me know if my understanding is correct here.

keshava


From: Dean Troyer [mailto:dtroyer at gmail.com]
Sent: Wednesday, April 15, 2015 10:25 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [neutron] openwrt VM as service

On Wed, Apr 15, 2015 at 2:37 AM, Guo, Ruijing <ruijing.guo at intel.com<mailto:ruijing.guo at intel.com>> wrote:
I’d like to propose openwrt VM as service.

What’s openWRT VM as service:

a)            Tenant can download openWRT VM from http://downloads.openwrt.org/
b)            Tenant can create WAN interface from external public network
c)            Tenant can create private network and create instance from private network
d)            Tenent can configure openWRT for several services including DHCP, route, QoS, ACL and VPNs.


So first off, I'll be the first on in line to promote using OpenWRT for the basis of appliances for this sort of thing.  I use it to overcome the 'joy' of VirtualBox's local networking and love what it can do in 64M RAM.

However, what you are describing are services, yes, but I think to focus on the OpenWRT part of it is missing the point.  For example, Neutron has a VPNaaS already, but I agree it can also be built using OpenWRT and OpenVPN.  I don't think it is a stand-alone service though, using a combination of Heat/{ansible|chef|puppet|salt}/any other deployment/orchestration can get you there.  I have a shell script somewhere for doing exactly that on AWS from way back.

What I've always wanted was an image builder that would customize the packages pre-installed.  This would be especially useful for disposable ramdisk-only or JFFS images that really can't install additional packages.  Such a front-end to the SDK/imagebuilder sounds like about half of what you are talking about above.

Also, FWIW, a while back I packaged up a micro cloud-init replacement[0] in shell that turns out to be really useful.  It's based on something I couldn't find again to give proper attribution so if anyone knows who originated this I'd be grateful.

dt

[0] https://github.com/dtroyer/openwrt-packages/tree/master/rc.cloud
--

Dean Troyer
dtroyer at gmail.com<mailto:dtroyer at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150416/674bb2e1/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.emz
Type: application/octet-stream
Size: 5778 bytes
Desc: image001.emz
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150416/674bb2e1/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 8655 bytes
Desc: image002.png
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150416/674bb2e1/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: oledata.mso
Type: application/octet-stream
Size: 13025 bytes
Desc: oledata.mso
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150416/674bb2e1/attachment-0001.obj>

More information about the OpenStack-dev mailing list