[Engine-devel] port mirroring REST API

Michael Pasternak mpastern at redhat.com
Mon May 21 13:19:03 UTC 2012 

On 05/21/2012 03:54 PM, Shahar Havivi wrote:
> On 21.05.12 15:38, Michael Pasternak wrote:
>>
>> Hi Livnat,
>>
>> On 05/21/2012 02:55 PM, Livnat Peer wrote:
>>> Hi All,
>>>
>>> After digging into the port mirroring feature I suggest a different
>>> modeling of it in the API.
>>>
>>> The current modeling is to add to vnic a boolean property of
>>> port-mirroring, e.g.
>>>
>>> api/vms/{vm-id}/nics
>>>
>>> <nics>
>>>  <nic>
>>>   ...
>>>   <network href="/api/networks/{network-id}" id="{network-id}"/>
>>>   <port-mirroring> true </port mirroring>
>>>  </nic>
>>> </VM>
>>>
>>> This modeling imply 2 limitations:
>>> 1. The vnic must be connected to the network it wants to monitor
>>> 2. the nic can mirror only a single network
>>>
>>> Both of the above limitations are correct to the current implementation.
>>> Going forward we might want to introduce the above functionalities and
>>> the above modeling won't hold.
>>> Instead of the above I suggest to change the port-mirroring property to
>>> a list of networks.
>>>
>>> <nics>
>>>  <nic>
>>>   ...
>>>   <network href="/api/networks/{network-id}" id="{network-id}"/>
>>>   <port-mirroring>
>>>    <network href="/api/networks/{network-id}" id="{network-id}"/>
>>>     ....
>>>   </port mirroring>
>>>  </nic>
>>> </VM>
>>>
>>> In this version we'll validate that the network under port-mirroring is
>>> equal to the network the vnic is connected to, in future versions we can
>>> remove this validation without changing the API.
>>
>> iiuc you saying that in future vnic might be connected to several
>> networks simultaneously?
> yes, maybe in next version

in this case, api should be changed as at the moment we permit single network
peer vnic, another option may be:

 <nics>
  <nic>
   ...
   <networks>
     <network href="/api/networks/{network-id}" id="{network-id}">
       <port-mirroring> true </port_mirroring>
     </network>
     <network href="/api/networks/{network-id}" id="{network-id}">
       <port-mirroring> true </port_mirroring>
     </network>
   </networks>
  </nic>
</nics>

this way we won't have to double network references, only disadvantage
of this approach is abuse of network link, but we already have such
precedents in api.

>>
>>>
>>>
>>>
>>> Thanks, Livnat
>>
>>
>> -- 
>>
>> Michael Pasternak
>> RedHat, ENG-Virtualization R&D


-- 

Michael Pasternak
RedHat, ENG-Virtualization R&D

More information about the Engine-devel mailing list