You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@whirr.apache.org by "Paul Baclace (JIRA)" <ji...@apache.org> on 2012/08/26 23:43:08 UTC
[jira] [Comment Edited] (WHIRR-118) Adaptor for OpenStack Clouds
[ https://issues.apache.org/jira/browse/WHIRR-118?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13442206#comment-13442206 ]
Paul Baclace edited comment on WHIRR-118 at 8/27/12 8:42 AM:
-------------------------------------------------------------
At this time, HPCloud has this:
<extension name="SecurityGroups" namespace="http://docs.openstack.org/ext/securitygroups/api/v1.1" alias="security_groups" updated="2011-07-21T00:00:00+00:00"><description>Security group support</description></extension>
where the 1.1 security groups docs are at:
http://wiki.openstack.org/os-security-groups
which means properties like these could almost work:
\# whirr.firewall-rules.{role}=
whirr.firewall-rules.zookeeper=2181,2888,3888
\#any role#whirr.firewall-rules=80
whirr.client-cidrs=10.4.1.2/32,10.4.3.3/32
Looking at the src code, the whirr.client-cidrs are used to constrain the origins allowed to access the specified ports in whirr.firewall-rules.* props.
Note the comma sep cidr addresses using /32 for exact match, but the problem is this property cannot be specified ahead of time. Perhaps allowing whirr.client-cidrs=role1,role2 would make sense by symmetry with whirr.firewall-rules.{role}. OR, an unset whirr.client-cidrs= could mean all the nodes just allocated and whirr.client-cidrs=0.0.0.0/0 can then be used to mean everywhere.
was (Author: pbaclace):
At this time, HPCloud has this:
<extension name="SecurityGroups" namespace="http://docs.openstack.org/ext/securitygroups/api/v1.1" alias="security_groups" updated="2011-07-21T00:00:00+00:00"><description>Security group support</description></extension>
where the 1.1 security groups docs are at:
http://wiki.openstack.org/os-security-groups
which means properties like these could almost work:
# whirr.firewall-rules.{role}=
whirr.firewall-rules.zookeeper=2181,2888,3888
#any role#whirr.firewall-rules=80
whirr.client-cidrs=10.4.1.2/32,10.4.3.3/32
Looking at the src code, the whirr.client-cidrs are used to constrain the origins allowed to access the specified ports in whirr.firewall-rules.* props.
Note the comma sep cidr addresses using /32 for exact match, but the problem is this property cannot be specified ahead of time. Perhaps allowing whirr.client-cidrs=role1,role2 would make sense by symmetry with whirr.firewall-rules.{role}. OR, an unset whirr.client-cidrs= could mean all the nodes just allocated and whirr.client-cidrs=0.0.0.0/0 can then be used to mean everywhere.
> Adaptor for OpenStack Clouds
> ----------------------------
>
> Key: WHIRR-118
> URL: https://issues.apache.org/jira/browse/WHIRR-118
> Project: Whirr
> Issue Type: New Feature
> Components: new provider
> Affects Versions: 0.2.0
> Reporter: Krishna Sankar
>
> OpenStack is an emerging cloud management platform [http://openstack.org/]. We need an adaptor so that we can interface with OpenStack clouds for compute and storage resources. They had a release lthis week [10/25/10] and are having a summit next week. First we need to see how stabe the release is and also their roadmap.
> An adaptor - most probably at the JCloud level would be first try.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira