nova-feature-parity team mailing list archive
-
nova-feature-parity team
-
Mailing list archive
-
Message #00000
XenAPI support for security groups
Hi,
Regarding AWS-style security groups for the XenAPI backend, it is my opinion that we should diverge as less as possible from the libvirt implementation, reusing code that has already been written whenever possible.
I had a look at the existing code and devised a possible implementation strategy, which can be found at this page: http://wiki.openstack.org/xenapi-security-groups
It is my opinion that we could initially focus on a driver based on iptables, and then try and develop a driver for enforcing security groups in Open vSwitch - for both XenAPI and libvirt.
Regards,
Salvatore