← Back to team overview

openstack team mailing list archive

Re: Federated Identity Management (bursting and zones)


I agree we should be able to specify network resource when launching
an instance to get around the vlan-per-owner issue. This gets
to the bigger issue of splitting out nova network as a different
network-as-a-service project and enabling more functionality there
(such as allow other resource types outside of nova be able to
interact with and specify network preferences). We shouldn't let
current limitations of other components that should hopefully be
changing soon dictate where we need to move in the future for things
like authn/authz.


On Tue, Apr 05, 2011 at 12:31:22PM -0700, Vishvananda Ishaya wrote:
> Just thought of something else to consider.
> There is a further issue with setting the owner to resource_group: Networking.  In Vlan mode, each owner gets its own vlan and communication between the instances is easy.  If users start dividing up instances into a bunch of sub-groups we will run out of vlans very quickly.
> Network communication between the subgroups will probably be much more complicated as well.  Perhaps some of this can be solved with the multinic / network refactor.  If we can specify at launch which network we want the instance created in instead of keying it off of the owner's network, we might have everything we need.