[openstack-dev] [neutron][fwaas] Usecase classification

Sean M. Collins sean at coreitpro.com
Thu Jul 16 20:25:42 UTC 2015

Hi all,

Over the past day at the Advanced Services midcycle in Seattle[1], a
group of us gathered to try and categorize the usecases collected in the
etherpad[2] into more specific buckets.

The work product of that effort is located at

The motivation for Trello was that cards could be moved around between
lists and has good features that could capture the verbal discussions we
had, as well as the ability to use tags to group related items, and link
related items.

We used the following methodology:

We started by placing all the usecases from the etherpad into the
usecase column, then discussed each usecase - to determine if it was

* Already covered by the Security Group API

* Covered by the Firewall as a Service API, as it exists today

* A gap in the Firewall as a Service API, as it exists today

* A gap in both the Security Group API, and the Firewall as a Service API

* Currently out of scope


For the case of "Currently out of scope" list, the metric we used for
placing usecases in this list, was that there were questions or
complexities involved with creating features that meant that we would
try to defer implementing them, or perhaps gathering more data before
making a more permanent decision. In some cases, there were complex
interactions with other APIs or projects that would need to be mapped

WONTFIX was a list that we used for usecases from the etherpad that just
didn't fit with our mission, which was to define a RESTful API that
could express more advanced filtering operations than the Security Group
API. Some of the decisions are based on strong opinions, as well as
trying to limit what we could commit to doing as the FwaaS API - and in
most cases we tried to capture the discussion that led to us placing
this usecase in the WONTFIX list. We were not glib with this list, many
of the cards that we placed on it had strong discussion.

We also employed a number of tags that we added to each usecase, since
there were a couple common themes to some of the usecases, such as L7
filtering, an implementation detail of a specific driver, user oriented
usecase, or operator oriented usecase.

One of the important tags we also used was the red color "Need to
revisit" tag for things that we placed in a list, but could easily see a
decision in another direction, or perhaps didn't feel that we had firm
consensus, even within our small group. Viewers will notice that there
were cards in the WONTFIX list that also were tagged with this tag.

The overall objective of this exercise was to try and categorize the
usecases, down into smaller and more manageable pieces. Notably,
identifying usecases where we identified them as demonstrating a gap in
the current Firewall as a Service API, we could use those to guide an
effort for proposing changes to the existing API.

There is currently a spec that I jotted some of my thoughts down on[3],
but I plan on continuing to discuss it at the midcycle, in order to distill
some of the thoughts that have been shared at the midcycle and turn it
into a proposal for future work.

Finally, if you would like to be added to the trello board - I would be
happy to, although at this point it may be useful to start creating RFE
bugs with the usecases and continue discussion there.

[1]: https://etherpad.openstack.org/p/LBaaS-FWaaS-VPNaaS_Summer_Midcycle_meetup

[2]: https://etherpad.openstack.org/p/fwaas_use_cases

[3]: https://etherpad.openstack.org/p/fwaas-api-evolution-spec

Sean M. Collins

More information about the OpenStack-dev mailing list