You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by David Nalley <da...@gnsa.us> on 2012/07/13 21:16:51 UTC
[DISCUSS] Source code from realhostip.com service
Hi folks:
As some of you may know, in it's current default configuration the
console proxy VM uses an external DNS service called realhostip.com.
Historically that has never been a part of the CloudStack code, and
was actually largely based on dnsjava (which is BSD licensed). The
CloudStack documentation provided some rudimentary design guidelines
of providing a service that provided the same functionality.
The fact that this was not open sourced was recently brought up - and
I think largely it was an oversight. So the decision within Citrix has
been made to open source this code.
The question I am bringing here is - is there interest for this to
become part of the Apache CloudStack codebase (or in a separate git
repo at the ASF) or whether this should just be hosted somewhere like
github.
If there is interest here, I surmise that we'll need to run it through
the IP clearance process, but feel free to correct me if I
misunderstand that as well.
--David
Re: [DISCUSS] Source code from realhostip.com service
Posted by Chip Childers <ch...@sungard.com>.
On Fri, Jul 13, 2012 at 3:16 PM, David Nalley <da...@gnsa.us> wrote:
> Hi folks:
>
> The question I am bringing here is - is there interest for this to
> become part of the Apache CloudStack codebase
Yes please.
> (or in a separate git
> repo at the ASF) or whether this should just be hosted somewhere like
> github.
I haven't see the code, but I would have to imagine that it's not
exceptionally large / complex. If my assumption is correct, then it
seems like the best place for it to live is in the tools folder within
CloudStack itself.
I'm assuming that the complexity is low enough to exclude wanting to
create a full "child project" of ACS, and I'm personally not in favor
of hosting it's master repo on Github. I think it should be
distributed as part of an ACS release actually.
-chip
Re: [DISCUSS] Source code from realhostip.com service
Posted by Matt Domsch <Ma...@dell.com>.
On Fri, Jul 13, 2012 at 02:16:51PM -0500, David Nalley wrote:
> Hi folks:
>
> As some of you may know, in it's current default configuration the
> console proxy VM uses an external DNS service called realhostip.com.
>
> Historically that has never been a part of the CloudStack code, and
> was actually largely based on dnsjava (which is BSD licensed). The
> CloudStack documentation provided some rudimentary design guidelines
> of providing a service that provided the same functionality.
>
> The fact that this was not open sourced was recently brought up - and
> I think largely it was an oversight. So the decision within Citrix has
> been made to open source this code.
>
> The question I am bringing here is - is there interest for this to
> become part of the Apache CloudStack codebase (or in a separate git
> repo at the ASF) or whether this should just be hosted somewhere like
> github.
>
> If there is interest here, I surmise that we'll need to run it through
> the IP clearance process, but feel free to correct me if I
> misunderstand that as well.
Thanks for correcting this oversight.
Having not seen the code, if it's trivial and an extension of
BSD-licensed code, there's no problem converting it to an Apache
license and keeping it alongside Apache CloudStack, though I'd recommend
a separate repo. If you think it could have even wider applicability
than only with CloudStack, keeping it separate would make sense, and I
wouldn't object to seeing it in github. Question is, who will
maintain it going forward (if even it needs such)?
I also note the documentation could be simplified to use a BIND 9
GENERATE statement:
55-66-77-100 IN A 55.66.77.100
55-66-77-101 IN A 55.66.77.101
55-66-77-102 IN A 55.66.77.102
...
55-66-77-200 IN A 55.66.77.200
then becomes:
$GENERATE 100-200 55-66-77-$ IN A 55.66.77.$
Thanks,
Matt
--
Matt Domsch
Technology Strategist
Dell | Office of the CTO
Re: 答复: [DISCUSS] Source code from realhostip.com service
Posted by Mohammad Nour El-Din <mn...@apache.org>.
Hi
I believe having the code with ACS would be better which will not prevent
us to make it in a separate project whether TLP or subproject or even in a
separate repo in somewhere else later on
Sent from my Samdung Galaxy S3
Apologies for any typos
On Jul 16, 2012 4:46 AM, "Mice Xia" <mi...@tcloudcomputing.com> wrote:
> For a private cloud in an isolated/trusted network environment, is it
> acceptable for users to simply access console with HTTP, controlled by a
> global configuration such as ' consoleproxy.sslEnabled'?
>
> Regards
> Mice
>
> -----邮件原件-----
> 发件人: David Nalley [mailto:david@gnsa.us]
> 发送时间: 2012年7月14日 23:58
> 收件人: cloudstack-dev@incubator.apache.org
> 主题: Re: [DISCUSS] Source code from realhostip.com service
>
> On Sat, Jul 14, 2012 at 11:49 AM, Outback Dingo <ou...@gmail.com>
> wrote:
> > On Sat, Jul 14, 2012 at 11:27 AM, David Nalley <da...@gnsa.us> wrote:
> >> Just a quick follow up - I've posted the code so it can be viewed on
> >> my personal github account. Making such a proposal without being able
> >> to see the code isn't terribly helpful, I apologize that it took me so
> >> long to do so.
> >>
> >> https://github.com/ke4qqq/RHIP
> >>
> >> --David
> >
> > Would be nice if there was a simple howto for setting up our own
> > "realhostip" like services
> > so we dont have to rely on external services for CS to work
>
> That is one of the goals of pushing this code out. (and I imagine
> documentation will follow) You could of course set one up using BIND
> as Matt pointed out, but this is the actual software that is providing
> the service on realhostip.com - and I imagine that at some point we'll
> need to configure CS to perhaps use an ASF-hosted service that the
> project administers.
>
> --David
>
答复: [DISCUSS] Source code from realhostip.com service
Posted by Mice Xia <mi...@tcloudcomputing.com>.
For a private cloud in an isolated/trusted network environment, is it acceptable for users to simply access console with HTTP, controlled by a global configuration such as ' consoleproxy.sslEnabled'?
Regards
Mice
-----邮件原件-----
发件人: David Nalley [mailto:david@gnsa.us]
发送时间: 2012年7月14日 23:58
收件人: cloudstack-dev@incubator.apache.org
主题: Re: [DISCUSS] Source code from realhostip.com service
On Sat, Jul 14, 2012 at 11:49 AM, Outback Dingo <ou...@gmail.com> wrote:
> On Sat, Jul 14, 2012 at 11:27 AM, David Nalley <da...@gnsa.us> wrote:
>> Just a quick follow up - I've posted the code so it can be viewed on
>> my personal github account. Making such a proposal without being able
>> to see the code isn't terribly helpful, I apologize that it took me so
>> long to do so.
>>
>> https://github.com/ke4qqq/RHIP
>>
>> --David
>
> Would be nice if there was a simple howto for setting up our own
> "realhostip" like services
> so we dont have to rely on external services for CS to work
That is one of the goals of pushing this code out. (and I imagine
documentation will follow) You could of course set one up using BIND
as Matt pointed out, but this is the actual software that is providing
the service on realhostip.com - and I imagine that at some point we'll
need to configure CS to perhaps use an ASF-hosted service that the
project administers.
--David
Re: [DISCUSS] Source code from realhostip.com service
Posted by Fred Wittekind <ro...@twister.dyndns.org>.
On 7/14/2012 11:57 AM, David Nalley wrote:
> On Sat, Jul 14, 2012 at 11:49 AM, Outback Dingo <ou...@gmail.com> wrote:
>> On Sat, Jul 14, 2012 at 11:27 AM, David Nalley <da...@gnsa.us> wrote:
>>> Just a quick follow up - I've posted the code so it can be viewed on
>>> my personal github account. Making such a proposal without being able
>>> to see the code isn't terribly helpful, I apologize that it took me so
>>> long to do so.
>>>
>>> https://github.com/ke4qqq/RHIP
>>>
>>> --David
>> Would be nice if there was a simple howto for setting up our own
>> "realhostip" like services
>> so we dont have to rely on external services for CS to work
> That is one of the goals of pushing this code out. (and I imagine
> documentation will follow) You could of course set one up using BIND
> as Matt pointed out, but this is the actual software that is providing
> the service on realhostip.com - and I imagine that at some point we'll
> need to configure CS to perhaps use an ASF-hosted service that the
> project administers.
>
> --David
>
My personal vote would be to require users to provide there own
certificate, or disable https. IMHO realhostip is really just an
illusion of security, since it's pretty trivial to plug the private key
into wireshark and decrypt the traffic for anyone using realhostip.
Fred
Re: [DISCUSS] Source code from realhostip.com service
Posted by David Nalley <da...@gnsa.us>.
On Sat, Jul 14, 2012 at 11:49 AM, Outback Dingo <ou...@gmail.com> wrote:
> On Sat, Jul 14, 2012 at 11:27 AM, David Nalley <da...@gnsa.us> wrote:
>> Just a quick follow up - I've posted the code so it can be viewed on
>> my personal github account. Making such a proposal without being able
>> to see the code isn't terribly helpful, I apologize that it took me so
>> long to do so.
>>
>> https://github.com/ke4qqq/RHIP
>>
>> --David
>
> Would be nice if there was a simple howto for setting up our own
> "realhostip" like services
> so we dont have to rely on external services for CS to work
That is one of the goals of pushing this code out. (and I imagine
documentation will follow) You could of course set one up using BIND
as Matt pointed out, but this is the actual software that is providing
the service on realhostip.com - and I imagine that at some point we'll
need to configure CS to perhaps use an ASF-hosted service that the
project administers.
--David
Re: [DISCUSS] Source code from realhostip.com service
Posted by Outback Dingo <ou...@gmail.com>.
On Sat, Jul 14, 2012 at 11:27 AM, David Nalley <da...@gnsa.us> wrote:
> Just a quick follow up - I've posted the code so it can be viewed on
> my personal github account. Making such a proposal without being able
> to see the code isn't terribly helpful, I apologize that it took me so
> long to do so.
>
> https://github.com/ke4qqq/RHIP
>
> --David
Would be nice if there was a simple howto for setting up our own
"realhostip" like services
so we dont have to rely on external services for CS to work
Re: [DISCUSS] Source code from realhostip.com service
Posted by Chip Childers <ch...@sungard.com>.
On Jul 14, 2012, at 11:28 AM, David Nalley <da...@gnsa.us> wrote:
> Just a quick follow up - I've posted the code so it can be viewed on
> my personal github account. Making such a proposal without being able
> to see the code isn't terribly helpful, I apologize that it took me so
> long to do so.
>
> https://github.com/ke4qqq/RHIP
>
> --David
>
Seeing the code, I'm still of the opinion that we should have it in
the tools directory (if Citrix is donating it) with docs and
instructions for build / use. You could argue that it's general
purpose, but I honestly don't think it's big enough to warrant its own
project.
-chip
Re: [DISCUSS] Source code from realhostip.com service
Posted by David Nalley <da...@gnsa.us>.
Just a quick follow up - I've posted the code so it can be viewed on
my personal github account. Making such a proposal without being able
to see the code isn't terribly helpful, I apologize that it took me so
long to do so.
https://github.com/ke4qqq/RHIP
--David