Versions Compared

Old Version 1

changes.mady.by.user Marcus Sorensen

Saved on

compared with

New Version Current

changes.mady.by.user Remi Bergsma

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3
Info
titleNewer version

Please also see this design that was based on work done in this design.

Bug Reference

TBD

Branch

ipv6_vpc

Introduction

Purpose

Functional specification for ipv6 support in VPC router and associated networks (Work in progress)

Bug Reference

The Jira issue associated with this design spec

Branch

What branch is this work being done in

Introduction

Purpose

State the purpose of the document; something like: this is functional specificationS of feature "..." which has Jira ID CS-xyzw

References

  • relevant links

Document History

Glossary

Feature Specifications

  • put a summary or a brief description of the feature in question 
  • list what is deliberately not supported or what the feature will not offer - to clear any prospective ambiguities
  • list all open items or unresolved issues the developer is unable to decide about without further discussion
  • quality risks (test guidelines)
    • functional
    • non functional: performance, scalability, stability, overload scenarios, etc
    • corner cases and boundary conditions
    • negative usage scenarios
  • specify supportability characteristics:
    • what new logging (or at least the important one) is introduced
    • how to debug and troubleshoot
    • what are the audit events 
    • list JMX interfaces
    • graceful failure and recovery scenarios
    • possible fallback or work around route if feature does not work as expected, if those workarounds do exist ofcourse.
    • if feature depends other run-time environment related requirements, provide sanity check list for support people to run
  • explain configuration characteristics:
    • configuration parameters or files introduced/changed
    • branding parameters or files introduced/changed
    • highlight parameters for performance tweaking
    • highlight how installation/upgrade scenarios change
  • deployment requirements (fresh install vs. upgrade) if any
  • system requirements: memory, CPU, desk space, etc
  • interoperability and compatibility requirements:
    • OS
    • xenserver, hypervisors
    • storage, networks, other
  • list localization and internationalization specifications 
  • explain the impact and possible upgrade/migration solution introduced by the feature 
  • explain performance & scalability implications when feature is used from small scale to large scale
  • explain security specifications
    • list your evaluation of possible security attacks against the feature and the answers in your design* *
  • explain marketing specifications
  • explain levels or types of users communities of this feature (e.g. admin, user, etc)

Use cases

put the relevant use case/stories to explain how the feature is going to be used/work

Architecture and Design description

  • discussion of alternatives amongst design ideas, their resources/time tradeoffs and limitations. Explain why a certain design idea is chosen over others
  • highlight architectural patterns being used (queues, async/sync, state machines, etc)
  • talk about main algorithms used
  • explain what components are being changed and what the dependent components are
  • regarding database: talk about tables being added/modified
  • performance implications: what are the improvements or risks introduced to capacity, response time, resources usage and other relevant KPIs
  • preferably show class diagrams, sequence diagrams and state diagrams
  • if possible, publish signatures of all methods classes and interfaces implement, and the explain the object information of different classes

Web Services APIs

list changes to existing web services APIs and new APIs introduced with signatures and throughout documentation

UI flow

  • either demonstrate it visually here or link to relevant mockups

IP Clearance

  • what dependencies will you be adding to the project?
  • are you expecting to include any code developed outside the Apache CloudStack project?

Appendix

Appendix A:

  • VPC router will support a public block of IPv6 space, a "super CIDR", similar to the IPv4 private space. A /60, for example, might be assigned to the VPC, from which prefixes are carved for tiers.
  • Admin can assign prefixes from within the super CIDR space to the individual tiers in that VPC.
    • Address space can be smallest /64, largest == super CIDR.
    • IPv6 prefix will be optional for tier
    • Admin can choose a type for their prefix, SLAAC or DHCP. SLAAC requires /64 sized prefix, and is simple auto-assignment, whereas DHCP can accommodate multiple IPs per instance.
  • IPv6 DNS settings already exist for zones, but instances could also leverage existing IPv4 VPC router DNS resolver.
  • VPC router wlll run DHCPv6 and/or stateless autoconfig, some options would include:
    • stateless autoconfig addr/gw + DHCPv6 for DNS
    • stateless autoconfig addr/gw/dns (linux, freebsd guests only)
    • stateless autoconfig addr/gw + DNS via DHCPv4 addr
    • DHCPv6 ip/gw/dns
    • both stateless autoconfig and DHCPv6 ips on an instance
  • Routers have a public interface, this network will have IPv6 space assigned to it as well. Router will get an IPv6 address for its public interface from this network, just like it currently does for IPv4.
  • When a VPC is started/restarted, the super CIDR and public IP of the router are published via event bus.  We also call a plugin system, such that the admin and network equipment providers have options to program the super CIDR routes to the VPCs via SDN, API, or admin scripts. iBGP route publishing scales quadratically, and eBGP requires dealing with ASN assignments.
  • Also, when VPC is started or prefix is added to network, we need to configure the VPC router.
  • Work on IPv6 can be broken into stages
    • Basic connectivity
      • Public IPv6 space and IP allocation for VPC router public interfaces (the public network traffic type)
      • Assign super CIDRs to VPCs
      • Assign prefixes to network tiers of type SLAAC
      • publish super CIDR route upon VPC router startup
      • configure SLAAC to network tiers upon VPC router startup
    • Advanced features
      • ip6tables ACLs at VPC router
      • public load balancing via assignment of extra IP on router public interface and haproxy
      • prefixes of type DHCPv6
      • NAT66 service provided by VPC router, allows prefixes of type 'private', that don't require a super CIDR (or require a private one)

Architecture and Design description

Modify table containing VPC info to accomodate ip6 super CIDR information

create new table to track ip6 prefixes to network tiers

Web Services APIs

createNetwork: existing parameters ip6cidr, ip6gateway, startipv6, endipv6 can be leveraged for type dhcpv6, need ip6prefix for slaac and ip6type to choose dhcp,slaac for network

createVpc: add optional IPv6 parameter to assign super CIDR 'ip6cidr'

addIP6RangeToNetwork: Add an IPv6 prefix to tier, given same parameters necessary for createNetwork

updateVpc: Add/remove super CIDR to existing VPC router by adding optional ip6cidr parameterAppendix B: