Firewall as a Service (FWaaS) APIs and DB Model

Registered by Sumit Naiksatam

Quantum now has the ability to load multiple service plugins. Firewall features could be managed and exposed via a Firewall service plugin (similar to LBaaS service plugin).

Work items
- Defining the resource abstractions and CRUD operations
- SQLAlchemy data model
- Backend "fake" driver for testing

Google doc: https://docs.google.com/document/d/1PJaKvsX2MzMRlLGfR0fBkrMraHYF0flvl0sqyZ704tA/edit

Blueprint information

Status:
Complete
Approver:
Mark McClain
Priority:
High
Drafter:
None
Direction:
Approved
Assignee:
Sumit Naiksatam
Definition:
Approved
Series goal:
Accepted for havana
Implementation:
Implemented
Milestone target:
milestone icon 2013.2
Started by
Sumit Naiksatam
Completed by
Mark McClain

Related branches

Sprints

Whiteboard

Is this bp includes some implementation? ( Iptables? )
I'm also considering about firewalling on the Router. (nati)

Sumit: Thanks Nati. I believe, by implementation you mean a backend plugin/driver to realize the firewall policies. If so, yes, an iptables implementation is certainly a candidate, though we can implement/track it as a separate blueprint. The scope of the model proposed here does cover the case where the firewall also serves as a gateway router.

Gerrit topic: https://review.openstack.org/#q,topic:bp/quantum-fwaas,n,z

Addressed by: https://review.openstack.org/29004
    Firewall as a Service (FWaaS) APIs and DB Model

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.