XenAPI support for Security Groups
The goal of this blueprint is to provide support for security groups on the XenAPI driver as well.
The implementation will be basically a porting og the current libvirt implementation, with the only exception that it will provide the IPTables driver only (and VIF isolation rules will be enforced through XenAPI plugins as they are enforced now).
In the future we might provide an Open vSwitch drivers, but this work item is not in the scope of this blueprint.
A full specification and implementation plan will follow soon.
- Vish Ishaya
- Nova Feature Parity Team
- Citrix OpenStack development team
- Series goal:
- Accepted for essex
- Milestone target:
- Started by
- Salvatore Orlando on 2011-11-24
- Completed by
- Thierry Carrez on 2012-01-17
Salvatore: can you collaborate with someone from the Ozone/Titan team to help implement this for the Open vSwitch implementation? You can reach out through me (pvo) initially.
[Salvatore]: provisionally targeting essex-2
[UPDATE 2011/11/23 - salvatore-orlando]:
We have now completed implementation the security groups functionality and are doing QA work on it.
We will propose it for merge as soon as all the relevant tests have passed.
Estimated date for merge proposal: 2011/11/29 (this should give us enough time for the review cycle before Essex-2)
Code preview available at:
<email address hidden>
Note: code is in need of a rebase (last rebase was to essex-1)!
Addressed by: https:/
[UPDATE 2011/12/05 - salvatore-orlando[
Code is available for review now