Open Stack

All,

Thank you for submitting use cases. We now have critical mass in [1] (https://etherpad.openstack.org/p/fwaas_use_cases). I am wondering if everybody interested to review them by 7/14. Our plan is to ratify them in the FWaaS IRC meeting on 7/15 so we can move on to the next step which is mapping them to the existing API and identifying gaps…

Thanks,
German

From: Sameer Satyam <sameer.satyam at outlook.com<mailto:sameer.satyam at outlook.com>>
Reply-To: "OpenStack Development Mailing List (not for usage questions)" <openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>>
Date: Thursday, May 28, 2015 at 5:30 PM
To: OpenStack Development Mailing List not for usage questions <openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>>
Subject: Re: [openstack-dev] [neutron] [fwaas] - Collecting use cases for API improvements

German,

Thanks for the initiative. From a Rackspace perspective, we would love to participate and provide inputs on the use cases. As discussed during the meeting at the summit (and as you alluded to in your email), it's about user experience and clear separation of use cases between FWaaS and SG as well as any any necessary reconciliation between the two sets of APIs to make the distinctions (or integration points if needed) obvious to the user.

Thanks,
Sameer

> From: german.eichberger at hp.com<mailto:german.eichberger at hp.com>
> To: openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>
> Date: Wed, 27 May 2015 22:36:47 +0000
> Subject: [openstack-dev] [neutron] [fwaas] - Collecting use cases for API improvements
>
> All,
>
>
> During the FWaaS session in Vancouver [1] it became apparent that both the FWaaS API and the Security Groups API are lacking in functionality and the connection between the two is not well defined.
>
>
> For instance if a cloud user opens up all ports in the security groups they still can’t connect and might figure out days later that there is a second API (FWaaS) which prevents him from connecting to his service. This will probably make for a frustrating experience.
>
>
> Similarly, the operators I spoke to all said that the current FWaaS implementation isn’t going far enough and needs a lot of missing functionality added to fulfill their requirements on a Firewall implementation.
>
>
> With that backdrop I am proposing to take a step back and assemble a group of operators and users to collect use cases for the firewall service – both FWaaS and Security Groups based. I believe it is important at this juncture to really focus on the users and less on technical limitations. I also think this reset is necessary to make a service which meets the needs of operators and users better.
>
>
> Once we have collected the use cases we can evaluate our current API’s and functionality and start making the necessary improvements to turn FWaaS into a service which covers most of the use cases and requirements.
>
>
> Please join me in this effort. We have set up an etherpad [2] to start collecting the use cases and will discuss them in an upcoming meeting.
>
>
> Thanks,
>
> German
>
>
>
>
>
> [1] https://etherpad.openstack.org/p/YVR-neutron-sg-fwaas-future-direction
>
> [2] https://etherpad.openstack.org/p/fwaas_use_cases
>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org<mailto:OpenStack-dev-request at lists.openstack.org>?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev