Thoughts about the firewaller

[Gustavo Niemeyer]

On Wed, Oct 10, 2012 at 11:49 AM, Frank Mueller
<frank.mueller at canonical.com> wrote:
> - problem: we have a bad scaling due to the re-opening of all needed ports after a restart

This is actually not a problem we have to solve now, because it's
actually not even a problem we really have at the moment. The
number of security groups is limited to a very low number by Amazon
itself, so it's impossible for now to pass through that limit to a
scale where this would be visible.

The ideas that follow also seem to address the firewaller general
implementation, while I'm hoping we can keep our focus on implementing
global mode support without introducing further problems.

Here is what I suggest we try to do, and why:

1) Introduce FwInstance, so that we can tell outside of the providers
what the default mode is. We can't ever use FwDefault outside of the
provider, since default in this case means the *provider's* default,
which we cannot tell what it is without asking the provider itself.

2) In the EnvironProvider.Validate methods of ec2 and dummy, transform
FwDefault into FwInstance

3) Introduce EnvironProvider.OpenPort, ClosePort, and OpenedPorts.
These methods act on the global group at all times, and return an
error in case the provider does not support the global mode

4) Rollback the changes we did to ec2 and dummy to have FwGlobal
changing what Instance.OpenPort means. If we ask to open a port on an
instance, we should open the port on *that* instance, not everywhere.

5) Make Instance.OpenPort, ClosePort and OpenedPorts fail if the
provider does not support FwInstance.

6) Change the firewaller so that it checks the mode. If it is
FwGlobal, it should start by asking the provider about all the opened
ports, and should open and close ports against the provider itself as
necessary, rather than against the individual instances.

Comments?


gustavo @ http://niemeyer.net