Fixes RST headings for rendering
The previous template had multiple sections at the top heading level which filled the rendered specs page with sub-sections. This change leaves only one main heading and reformats other sections with section and sub-section headings. This change includes fixes to the template and all merged user stories. Change-Id: Ib1fb08b1e67896a6f160b1b1649fadfc29b947e6
This commit is contained in:
parent
274d418330
commit
5d31a35ead
|
@ -5,26 +5,26 @@ Cross Project Spec - None
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem description
|
Problem description
|
||||||
====================
|
-------------------
|
||||||
|
|
||||||
Problem description
|
Problem description
|
||||||
-------------------
|
+++++++++++++++++++
|
||||||
Operators of OpenStack environments lack a reliable source to find answers to
|
Operators of OpenStack environments lack a reliable source to find answers to
|
||||||
commonly encountered issues. The current ask.openstack.org site is not broadly
|
commonly encountered issues. The current ask.openstack.org site is not broadly
|
||||||
functional or well contributed to by the broader community.
|
functional or well contributed to by the broader community.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
A workable community knowledge base is a critical component of any successful
|
A workable community knowledge base is a critical component of any successful
|
||||||
software. Even more so in free open-source projects. Having a simple place for
|
software. Even more so in free open-source projects. Having a simple place for
|
||||||
operators to go to acquire the collective community knowledge on a given topic
|
operators to go to acquire the collective community knowledge on a given topic
|
||||||
will significantly reduce the barrier to entry to utilizing OpenStack.
|
will significantly reduce the barrier to entry to utilizing OpenStack.
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
*As an Operator, I want to be able to quickly find reliable answers to common
|
*As an Operator, I want to be able to quickly find reliable answers to common
|
||||||
operational issues and questions so that I can continue to support my users
|
operational issues and questions so that I can continue to support my users
|
||||||
*As an Operator, I want to ask an uncommon question in a community forum and
|
*As an Operator, I want to ask an uncommon question in a community forum and
|
||||||
|
@ -35,7 +35,7 @@ a notion to the popularity of previous answers so that I can continue to support
|
||||||
my users
|
my users
|
||||||
|
|
||||||
Usage Scenarios Examples
|
Usage Scenarios Examples
|
||||||
------------------------
|
++++++++++++++++++++++++
|
||||||
1. Common Question Usage - OpenStack Operator
|
1. Common Question Usage - OpenStack Operator
|
||||||
a. Go to common question repository
|
a. Go to common question repository
|
||||||
b. Search for error code, topic, api call, etc
|
b. Search for error code, topic, api call, etc
|
||||||
|
@ -50,21 +50,21 @@ Usage Scenarios Examples
|
||||||
f. Add support for answer if it resolves issue
|
f. Add support for answer if it resolves issue
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Requirements
|
Requirements
|
||||||
============
|
++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
External References
|
External References
|
||||||
===================
|
+++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Rejected User Stories / Usage Scenarios
|
Rejected User Stories / Usage Scenarios
|
||||||
=======================================
|
---------------------------------------
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
None.
|
None.
|
||||||
|
|
|
@ -6,10 +6,10 @@ Cross Project Spec - None
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem Description
|
Problem Description
|
||||||
====================
|
-------------------
|
||||||
|
|
||||||
*Problem Definition*
|
*Problem Definition*
|
||||||
--------------------
|
++++++++++++++++++++
|
||||||
A canonical property of an IaaS system like OpenStack is “capacity on demand”. Users expect to be able to allocate new resources via UI or API whenever needed, and to release them when the need ends. By supporting a large number of users, pooling resources, and maintaining some excess capacity, the cloud service provider (CSP) presents the illusion of infinite capacity.
|
A canonical property of an IaaS system like OpenStack is “capacity on demand”. Users expect to be able to allocate new resources via UI or API whenever needed, and to release them when the need ends. By supporting a large number of users, pooling resources, and maintaining some excess capacity, the cloud service provider (CSP) presents the illusion of infinite capacity.
|
||||||
|
|
||||||
In practice, of course, the resources are not infinite, and the CSP must institute measures to manage capacity so that resource exhaustion is minimized. This is generally done by imposing a cap or quota on the resources that a particular project may consume, and by managing the relationship between the available physical resources and the aggregate quotas for all projects. When a project requires more resources than its assigned quota, the user is generally required to submit a request, generally requiring human approval. The CSP may reject the request, or delay it until sufficient capacity is available. When the request is approved, the quota for the project is modified to reflect the new limit.
|
In practice, of course, the resources are not infinite, and the CSP must institute measures to manage capacity so that resource exhaustion is minimized. This is generally done by imposing a cap or quota on the resources that a particular project may consume, and by managing the relationship between the available physical resources and the aggregate quotas for all projects. When a project requires more resources than its assigned quota, the user is generally required to submit a request, generally requiring human approval. The CSP may reject the request, or delay it until sufficient capacity is available. When the request is approved, the quota for the project is modified to reflect the new limit.
|
||||||
|
@ -19,7 +19,7 @@ Other CSPs have introduced a number of mechanisms to provide them with flexibili
|
||||||
One common factor in all these processes is that they do not reflect temporal variations in resource usage. Yet in many cases the user knows how their usage is going to vary over time, and such information would be useful to the CSP who needs to decide how to handle each request. It might also facilitate the automation of some of the processing. The following user stories capture the possibilities here.
|
One common factor in all these processes is that they do not reflect temporal variations in resource usage. Yet in many cases the user knows how their usage is going to vary over time, and such information would be useful to the CSP who needs to decide how to handle each request. It might also facilitate the automation of some of the processing. The following user stories capture the possibilities here.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
.. This section is mandatory.
|
.. This section is mandatory.
|
||||||
.. Use this section to give opportunity details that support why
|
.. Use this section to give opportunity details that support why
|
||||||
.. pursuing these user stories would help address key barriers to adoption or
|
.. pursuing these user stories would help address key barriers to adoption or
|
||||||
|
@ -32,10 +32,10 @@ Opportunity/Justification
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
.. This section is mandatory. You may submit multiple
|
.. This section is mandatory. You may submit multiple
|
||||||
.. user stories in a single submission as long as they are inter-related and can be
|
.. user stories in a single submission as long as they are inter-related and can be
|
||||||
.. associated with a single epic and/or function. If the user stories are
|
.. associated with a single epic and/or function. If the user stories are
|
||||||
|
@ -74,7 +74,7 @@ User Stories
|
||||||
|
|
||||||
|
|
||||||
Usage Scenarios Examples
|
Usage Scenarios Examples
|
||||||
------------------------
|
++++++++++++++++++++++++
|
||||||
.. This section is mandatory.
|
.. This section is mandatory.
|
||||||
.. In order to explain your user stories, if possible, provide an example in the
|
.. In order to explain your user stories, if possible, provide an example in the
|
||||||
.. form of a scenario to show how the specified user type might interact with the
|
.. form of a scenario to show how the specified user type might interact with the
|
||||||
|
@ -92,7 +92,7 @@ Usage Scenarios Examples
|
||||||
TBD
|
TBD
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
.. This section is mandatory.
|
.. This section is mandatory.
|
||||||
.. If there are related user stories that have some overlap in the problem domain or
|
.. If there are related user stories that have some overlap in the problem domain or
|
||||||
.. that you perceive may partially share requirements or a solution, reference them
|
.. that you perceive may partially share requirements or a solution, reference them
|
||||||
|
@ -101,7 +101,7 @@ Related User Stories
|
||||||
This Use Case is related to the Infinite Elasticity use case. The latter focuses on testing the capability of an OpenStack cloud to handle large-scale capacity requests.
|
This Use Case is related to the Infinite Elasticity use case. The latter focuses on testing the capability of an OpenStack cloud to handle large-scale capacity requests.
|
||||||
|
|
||||||
*Requirements*
|
*Requirements*
|
||||||
==============
|
++++++++++++++
|
||||||
.. This section is optional. It might be useful to specify
|
.. This section is optional. It might be useful to specify
|
||||||
.. additional requirements that should be considered but may not be
|
.. additional requirements that should be considered but may not be
|
||||||
.. apparent through the user story and usage examples. This information will help
|
.. apparent through the user story and usage examples. This information will help
|
||||||
|
@ -121,7 +121,7 @@ This Use Case is related to the Infinite Elasticity use case. The latter focuses
|
||||||
* It will also require a rich monitoring, notification, and visualization system, so that both user and CSP have accurate and timely data about the behavior of the system.
|
* It will also require a rich monitoring, notification, and visualization system, so that both user and CSP have accurate and timely data about the behavior of the system.
|
||||||
|
|
||||||
*External References*
|
*External References*
|
||||||
=====================
|
+++++++++++++++++++++
|
||||||
.. This section is optional.
|
.. This section is optional.
|
||||||
.. Please use this section to add references for standards or well-defined
|
.. Please use this section to add references for standards or well-defined
|
||||||
.. mechanisms. You can also use this section to reference existing functionality
|
.. mechanisms. You can also use this section to reference existing functionality
|
||||||
|
@ -132,7 +132,7 @@ This Use Case is related to the Infinite Elasticity use case. The latter focuses
|
||||||
None.
|
None.
|
||||||
|
|
||||||
*Rejected User Stories / Usage Scenarios*
|
*Rejected User Stories / Usage Scenarios*
|
||||||
=========================================
|
-----------------------------------------
|
||||||
.. This is optional
|
.. This is optional
|
||||||
.. Please fill out this section after a User Story has been submitted as a
|
.. Please fill out this section after a User Story has been submitted as a
|
||||||
.. cross project spec to highlight any user stories deemed out of scope of the
|
.. cross project spec to highlight any user stories deemed out of scope of the
|
||||||
|
@ -141,7 +141,7 @@ None.
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
.. This section is optional.
|
.. This section is optional.
|
||||||
.. It is highly suggested that you define any terms,
|
.. It is highly suggested that you define any terms,
|
||||||
.. abbreviations that are not commonly used in order to ensure
|
.. abbreviations that are not commonly used in order to ensure
|
||||||
|
|
|
@ -6,10 +6,10 @@ Cross Project Spec - None
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem Description
|
Problem Description
|
||||||
===================
|
-------------------
|
||||||
|
|
||||||
Problem Definition
|
Problem Definition
|
||||||
------------------
|
++++++++++++++++++
|
||||||
Each operator of an OpenStack cloud needs the ability to clean up the OpenStack
|
Each operator of an OpenStack cloud needs the ability to clean up the OpenStack
|
||||||
database of objects which have been deleted. Currently a new record is created in
|
database of objects which have been deleted. Currently a new record is created in
|
||||||
the OpenStack database when an object (project, user, VM, network, volume, swift
|
the OpenStack database when an object (project, user, VM, network, volume, swift
|
||||||
|
@ -41,28 +41,25 @@ in the outcome of my proof of concept and cloud functionality.
|
||||||
database so that I can complete my upgrade in the allocated down time.
|
database so that I can complete my upgrade in the allocated down time.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
DB hygiene is required for handling OpenStack performance, operational and
|
DB hygiene is required for handling OpenStack performance, operational and
|
||||||
upgrade issues. This ensures that historical records of deleted items are not
|
upgrade issues. This ensures that historical records of deleted items are not
|
||||||
impacting operational performance and such deleted items are not polluted by
|
impacting operational performance and such deleted items are not polluted by
|
||||||
upgrades.
|
upgrades.
|
||||||
|
|
||||||
User Cases
|
User Cases
|
||||||
==========
|
----------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
WIP
|
WIP
|
||||||
|
|
||||||
Usage Scenarios Examples
|
Usage Scenarios Examples
|
||||||
------------------------
|
++++++++++++++++++++++++
|
||||||
WIP
|
WIP
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
Nova specs:
|
Nova specs:
|
||||||
* https://review.openstack.org/#/c/184645/
|
* https://review.openstack.org/#/c/184645/
|
||||||
* https://review.openstack.org/#/c/184637/
|
* https://review.openstack.org/#/c/184637/
|
||||||
|
@ -72,7 +69,7 @@ Cinder blueprint:
|
||||||
* https://blueprints.launchpad.net/cinder/+spec/db-cleanup
|
* https://blueprints.launchpad.net/cinder/+spec/db-cleanup
|
||||||
|
|
||||||
Requirements
|
Requirements
|
||||||
============
|
++++++++++++
|
||||||
* Operator should be able to specify which policy to apply for deleted objects
|
* Operator should be able to specify which policy to apply for deleted objects
|
||||||
* Operator should be able to specify which policy to apply for different tenants
|
* Operator should be able to specify which policy to apply for different tenants
|
||||||
and sub-tenants.
|
and sub-tenants.
|
||||||
|
@ -81,13 +78,13 @@ other persistent storage for a specific interval duration; Policy 2 - Remove
|
||||||
the records from database permanently.
|
the records from database permanently.
|
||||||
|
|
||||||
External References
|
External References
|
||||||
===================
|
+++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Rejected User Stories / Usage Scenarios
|
Rejected User Stories / Usage Scenarios
|
||||||
=======================================
|
---------------------------------------
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
None.
|
None.
|
||||||
|
|
|
@ -5,10 +5,10 @@ Cross Project Spec - None
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem Description
|
Problem Description
|
||||||
====================
|
-------------------
|
||||||
|
|
||||||
*Problem Definition*
|
*Problem Definition*
|
||||||
--------------------
|
++++++++++++++++++++
|
||||||
Enterprises typically have their own data classification strategies. The types
|
Enterprises typically have their own data classification strategies. The types
|
||||||
of data stored typically include (but are not limited to): financial, personal,
|
of data stored typically include (but are not limited to): financial, personal,
|
||||||
health, and confidential business data. Some enterprises (especially finance and
|
health, and confidential business data. Some enterprises (especially finance and
|
||||||
|
@ -29,14 +29,14 @@ to encrypt/decrypt the data must be rotated on a regular basis and the access of
|
||||||
keys are restricted to authorized personnel only.
|
keys are restricted to authorized personnel only.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
* As the Enterprise IT Manager, I must ensure the appropriate security for the
|
* As the Enterprise IT Manager, I must ensure the appropriate security for the
|
||||||
HR Department database containing employee records that services several
|
HR Department database containing employee records that services several
|
||||||
applications. I would like to migrate the database into our company's
|
applications. I would like to migrate the database into our company's
|
||||||
|
@ -58,18 +58,17 @@ User Stories
|
||||||
at rest, and that keys used to encrypt the data are rotated annually.
|
at rest, and that keys used to encrypt the data are rotated annually.
|
||||||
|
|
||||||
Usage Scenarios Examples
|
Usage Scenarios Examples
|
||||||
------------------------
|
++++++++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
* An application needs to be able to specify networking requirements
|
* An application needs to be able to specify networking requirements
|
||||||
* An application needs to be able to specify workload isolation requirements
|
* An application needs to be able to specify workload isolation requirements
|
||||||
|
|
||||||
*Requirements*
|
*Requirements*
|
||||||
==============
|
++++++++++++++
|
||||||
|
|
||||||
* A block & object storage solution that enables encryption/decryption at the
|
* A block & object storage solution that enables encryption/decryption at the
|
||||||
instance source
|
instance source
|
||||||
* A block & object storage solution that enables encryption/decryption for
|
* A block & object storage solution that enables encryption/decryption for
|
||||||
|
@ -84,11 +83,11 @@ Related User Stories
|
||||||
instance, in addition to at rest.
|
instance, in addition to at rest.
|
||||||
|
|
||||||
*External References*
|
*External References*
|
||||||
=====================
|
+++++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
*Gaps*
|
*Gaps*
|
||||||
======
|
++++++
|
||||||
**Cinder issues:**
|
**Cinder issues:**
|
||||||
* The storage encryption functionality exists, but requires admin status.
|
* The storage encryption functionality exists, but requires admin status.
|
||||||
Creating encrypted volumes should not require admin status.
|
Creating encrypted volumes should not require admin status.
|
||||||
|
@ -106,7 +105,7 @@ however, this does not solve for in flight data.
|
||||||
|
|
||||||
|
|
||||||
*Affected By*
|
*Affected By*
|
||||||
=============
|
+++++++++++++
|
||||||
* At the Hong Kong summit there was `a talk`_ on barbican/cinder/nova for this
|
* At the Hong Kong summit there was `a talk`_ on barbican/cinder/nova for this
|
||||||
type of functionality. Don’t know if it was successfully integrated into
|
type of functionality. Don’t know if it was successfully integrated into
|
||||||
OpenStack yet.
|
OpenStack yet.
|
||||||
|
@ -116,11 +115,11 @@ however, this does not solve for in flight data.
|
||||||
encryption (at rest).
|
encryption (at rest).
|
||||||
|
|
||||||
*Rejected User Stories / Usage Scenarios*
|
*Rejected User Stories / Usage Scenarios*
|
||||||
=========================================
|
-----------------------------------------
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
* Data in Flight - Data in transit between an instance and storage system
|
* Data in Flight - Data in transit between an instance and storage system
|
||||||
* Data at Rest - Data stored persistently on a storage system
|
* Data at Rest - Data stored persistently on a storage system
|
||||||
|
|
||||||
|
|
|
@ -6,10 +6,10 @@ Cross Project Spec - None
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem Description
|
Problem Description
|
||||||
===================
|
-------------------
|
||||||
|
|
||||||
Problem Definition
|
Problem Definition
|
||||||
------------------
|
++++++++++++++++++
|
||||||
As a deployer of an OpenStack cloud I have to provide a specific network
|
As a deployer of an OpenStack cloud I have to provide a specific network
|
||||||
configuration file to my network security team in order to enable appropriate
|
configuration file to my network security team in order to enable appropriate
|
||||||
traffic to my cloud. At the moment I have to cobble together this configuration
|
traffic to my cloud. At the moment I have to cobble together this configuration
|
||||||
|
@ -18,14 +18,14 @@ generate the bulk of this information as part of the deployment process or from
|
||||||
an available OpenStack service on demand.
|
an available OpenStack service on demand.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
* As a deployer, I want to be able to access a configuration description that I
|
* As a deployer, I want to be able to access a configuration description that I
|
||||||
can provide to my network security team to properly configure any external
|
can provide to my network security team to properly configure any external
|
||||||
firewalls so that my users can quickly begin accessing the cloud.
|
firewalls so that my users can quickly begin accessing the cloud.
|
||||||
|
@ -34,7 +34,7 @@ User Stories
|
||||||
have minimal effort required to appropriately configure the firewall
|
have minimal effort required to appropriately configure the firewall
|
||||||
|
|
||||||
Usage Scenarios Examples
|
Usage Scenarios Examples
|
||||||
------------------------
|
++++++++++++++++++++++++
|
||||||
1. Cloud Deployer
|
1. Cloud Deployer
|
||||||
a. Deploy cloud using deployment configuration
|
a. Deploy cloud using deployment configuration
|
||||||
b. Access templated firewall configuration from OpenStack service
|
b. Access templated firewall configuration from OpenStack service
|
||||||
|
@ -42,21 +42,21 @@ Usage Scenarios Examples
|
||||||
d. Network security team easily interprets configuration and configures FW
|
d. Network security team easily interprets configuration and configures FW
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Requirements
|
Requirements
|
||||||
============
|
++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
External References
|
External References
|
||||||
===================
|
+++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Rejected User Stories / Usage Scenarios
|
Rejected User Stories / Usage Scenarios
|
||||||
=======================================
|
---------------------------------------
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
None.
|
None.
|
||||||
|
|
|
@ -6,7 +6,7 @@ Cross Project Spec - None
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem description
|
Problem description
|
||||||
===================
|
-------------------
|
||||||
|
|
||||||
This use case is specifically about deploying the Perimeta Session Border
|
This use case is specifically about deploying the Perimeta Session Border
|
||||||
Controller (SBC) Virtual Network Function (VNF) from Metaswitch Networks in
|
Controller (SBC) Virtual Network Function (VNF) from Metaswitch Networks in
|
||||||
|
@ -14,10 +14,12 @@ OpenStack.
|
||||||
|
|
||||||
Perimeta, like other SBCs, sits on the edge of a service provider's network and
|
Perimeta, like other SBCs, sits on the edge of a service provider's network and
|
||||||
polices SIP and RTP (i.e. VoIP) control and media traffic passing over both
|
polices SIP and RTP (i.e. VoIP) control and media traffic passing over both
|
||||||
* the access network between end-users and the core network
|
|
||||||
* the trunk network between the core and another service provider.
|
|
||||||
|
|
||||||
::
|
* the access network between end-users and the core network
|
||||||
|
* the trunk network between the core and another service provider
|
||||||
|
|
||||||
|
.. code-block:: text
|
||||||
|
|
||||||
Access + SP A core + Trunk + SP B core
|
Access + SP A core + Trunk + SP B core
|
||||||
network | network | network | network
|
network | network | network | network
|
||||||
| | |
|
| | |
|
||||||
|
@ -63,7 +65,7 @@ does not mean this can be disabled at a host scope, or just because Perimeta
|
||||||
uses SR-IOV or DPDK it does not mean that all VMs on that host must do so.
|
uses SR-IOV or DPDK it does not mean that all VMs on that host must do so.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
|
|
||||||
Although this user story is specifically about Perimeta, it is more generally
|
Although this user story is specifically about Perimeta, it is more generally
|
||||||
representative of the issues involved in deploying in OpenStack any VNF
|
representative of the issues involved in deploying in OpenStack any VNF
|
||||||
|
@ -72,17 +74,17 @@ elements rather than more generic issues like orchestration and high
|
||||||
availability (HA).
|
availability (HA).
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
|
|
||||||
* As a communication service provider, I want to deploy a highly available,
|
* As a communication service provider, I want to deploy a highly available,
|
||||||
high scale, high performance Session Border Controller on OpenStack to police
|
high scale, high performance Session Border Controller on OpenStack to police
|
||||||
VoIP traffic at the edge of my network.
|
VoIP traffic at the edge of my network.
|
||||||
|
|
||||||
Usage Scenarios Examples
|
Usage Scenarios Examples
|
||||||
------------------------
|
++++++++++++++++++++++++
|
||||||
|
|
||||||
The Perimeta Session Border controller from Metaswitch Networks is a
|
The Perimeta Session Border controller from Metaswitch Networks is a
|
||||||
Telco-grade implementation of a Session Border Controller designed to run
|
Telco-grade implementation of a Session Border Controller designed to run
|
||||||
|
@ -90,12 +92,12 @@ either on generic PC hardware or virtualized, running on OpenStack and other
|
||||||
clouds, providing high availability, high scale and high performance.
|
clouds, providing high availability, high scale and high performance.
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
|
|
||||||
None.
|
None.
|
||||||
|
|
||||||
*Requirements*
|
*Requirements*
|
||||||
==============
|
++++++++++++++
|
||||||
|
|
||||||
The problem statement above leads to the following requirements.
|
The problem statement above leads to the following requirements.
|
||||||
|
|
||||||
|
@ -201,17 +203,17 @@ The problem statement above leads to the following requirements.
|
||||||
VLAN aware VMs: https://blueprints.launchpad.net/neutron/+spec/vlan-aware-vms
|
VLAN aware VMs: https://blueprints.launchpad.net/neutron/+spec/vlan-aware-vms
|
||||||
|
|
||||||
*External References*
|
*External References*
|
||||||
=====================
|
+++++++++++++++++++++
|
||||||
|
|
||||||
None.
|
None.
|
||||||
|
|
||||||
*Rejected User Stories / Usage Scenarios*
|
*Rejected User Stories / Usage Scenarios*
|
||||||
=========================================
|
-----------------------------------------
|
||||||
|
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
|
|
||||||
**NFV**
|
**NFV**
|
||||||
Network Functions Virtualization, the vision of deploying telecoms functions
|
Network Functions Virtualization, the vision of deploying telecoms functions
|
||||||
|
|
|
@ -22,10 +22,10 @@ Cross Project Spec - None
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem description
|
Problem description
|
||||||
====================
|
-------------------
|
||||||
|
|
||||||
*Problem Definition*
|
*Problem Definition*
|
||||||
--------------------
|
++++++++++++++++++++
|
||||||
.. This section is optional.
|
.. This section is optional.
|
||||||
.. Please use it to provide additional details (if available) about your user story
|
.. Please use it to provide additional details (if available) about your user story
|
||||||
.. (if warranted) for further expansion for clarity. A detailed description of the
|
.. (if warranted) for further expansion for clarity. A detailed description of the
|
||||||
|
@ -50,7 +50,7 @@ infrastructure you would like to manage with OpenStack
|
||||||
host and the virtual machines running on the host
|
host and the virtual machines running on the host
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
.. This section is mandatory.
|
.. This section is mandatory.
|
||||||
.. Use this section to give opportunity details that support why
|
.. Use this section to give opportunity details that support why
|
||||||
.. pursuing these user stories would help address key barriers to adoption or
|
.. pursuing these user stories would help address key barriers to adoption or
|
||||||
|
@ -77,10 +77,10 @@ Support for onboarding legacy environments in a non-disruptive manner
|
||||||
will greatly increase the adoption of OpenStack.
|
will greatly increase the adoption of OpenStack.
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
.. This section is mandatory. You may submit multiple
|
.. This section is mandatory. You may submit multiple
|
||||||
.. user stories in a single submission as long as they are inter-related and can be
|
.. user stories in a single submission as long as they are inter-related and can be
|
||||||
.. associated with a single epic and/or function. If the user stories are
|
.. associated with a single epic and/or function. If the user stories are
|
||||||
|
@ -109,7 +109,7 @@ User Stories
|
||||||
machines network resources without disrupting those virtual machines
|
machines network resources without disrupting those virtual machines
|
||||||
|
|
||||||
Usage Scenario Examples
|
Usage Scenario Examples
|
||||||
------------------------
|
+++++++++++++++++++++++
|
||||||
.. This section is mandatory.
|
.. This section is mandatory.
|
||||||
.. In order to explain your user stories, if possible, provide an example in the
|
.. In order to explain your user stories, if possible, provide an example in the
|
||||||
.. form of a scenario to show how the specified user type might interact with the
|
.. form of a scenario to show how the specified user type might interact with the
|
||||||
|
@ -135,7 +135,7 @@ Usage Scenario Examples
|
||||||
Neutron.
|
Neutron.
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
.. This section is mandatory.
|
.. This section is mandatory.
|
||||||
.. If there are related user stories that have some overlap in the problem domain or
|
.. If there are related user stories that have some overlap in the problem domain or
|
||||||
.. that you perceive may partially share requirements or a solution, reference them
|
.. that you perceive may partially share requirements or a solution, reference them
|
||||||
|
@ -150,7 +150,7 @@ Related User Stories
|
||||||
* https://blueprints.launchpad.net/cinder/+spec/over-subscription-in-thin-provisioning
|
* https://blueprints.launchpad.net/cinder/+spec/over-subscription-in-thin-provisioning
|
||||||
|
|
||||||
*Requirements*
|
*Requirements*
|
||||||
==============
|
++++++++++++++
|
||||||
.. This section is optional. It might be useful to specify
|
.. This section is optional. It might be useful to specify
|
||||||
.. additional requirements that should be considered but may not be
|
.. additional requirements that should be considered but may not be
|
||||||
.. apparent through the user story and usage examples. This information will help
|
.. apparent through the user story and usage examples. This information will help
|
||||||
|
@ -200,7 +200,7 @@ Example: Self service provisioning initiated in OpenStack Horizon would
|
||||||
result in the new VMs also showing up in vCenter
|
result in the new VMs also showing up in vCenter
|
||||||
|
|
||||||
*External References*
|
*External References*
|
||||||
=====================
|
+++++++++++++++++++++
|
||||||
.. This section is optional.
|
.. This section is optional.
|
||||||
.. Please use this section to add references for standards or well-defined
|
.. Please use this section to add references for standards or well-defined
|
||||||
.. mechanisms. You can also use this section to reference existing functionality
|
.. mechanisms. You can also use this section to reference existing functionality
|
||||||
|
@ -211,7 +211,7 @@ result in the new VMs also showing up in vCenter
|
||||||
None.
|
None.
|
||||||
|
|
||||||
*Rejected User Stories / Usage Scenarios*
|
*Rejected User Stories / Usage Scenarios*
|
||||||
=========================================
|
-----------------------------------------
|
||||||
.. This is optional
|
.. This is optional
|
||||||
.. Please fill out this section after a User Story has been submitted as a
|
.. Please fill out this section after a User Story has been submitted as a
|
||||||
.. cross project spec to highlight any user stories deemed out of scope of the
|
.. cross project spec to highlight any user stories deemed out of scope of the
|
||||||
|
@ -220,7 +220,7 @@ None.
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
.. This section is optional.
|
.. This section is optional.
|
||||||
.. It is highly suggested that you define any terms,
|
.. It is highly suggested that you define any terms,
|
||||||
.. abbreviations that are not commonly used in order to ensure
|
.. abbreviations that are not commonly used in order to ensure
|
||||||
|
|
|
@ -6,16 +6,16 @@ Cross Project Spec - None
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem Description
|
Problem Description
|
||||||
===================
|
-------------------
|
||||||
|
|
||||||
Problem Definition
|
Problem Definition
|
||||||
-------------------
|
++++++++++++++++++
|
||||||
OpenStack doesn’t have a hierarchical permission structure that allows an
|
OpenStack doesn’t have a hierarchical permission structure that allows an
|
||||||
Operator to assign different permissions for different activities or access to
|
Operator to assign different permissions for different activities or access to
|
||||||
resources to different users.
|
resources to different users.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
Role Based Access is a basic Enterprise requirement. This capability enables
|
Role Based Access is a basic Enterprise requirement. This capability enables
|
||||||
Enterprise IT Managers to set read and write permissions to different elements
|
Enterprise IT Managers to set read and write permissions to different elements
|
||||||
of the IT infrastructure for different people/positions in the organization.
|
of the IT infrastructure for different people/positions in the organization.
|
||||||
|
@ -23,26 +23,24 @@ Enterprise security requires separate access UI/ API for Network, Security,
|
||||||
Storage management, User Management, and Instance management.
|
Storage management, User Management, and Instance management.
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
* As a cloud operator I want to enable my team to be able to see all Admin
|
* As a cloud operator I want to enable my team to be able to see all Admin
|
||||||
level alerts, but not to be able to change their status. That requires review
|
level alerts, but not to be able to change their status. That requires review
|
||||||
and approval by the IT manager.
|
and approval by the IT manager.
|
||||||
|
|
||||||
Usage Scenarios Examples
|
Usage Scenarios Examples
|
||||||
------------------------
|
++++++++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Requirements
|
Requirements
|
||||||
============
|
++++++++++++
|
||||||
|
|
||||||
* Enterprise security requires separate access UI/ API for Network, Security,
|
* Enterprise security requires separate access UI/ API for Network, Security,
|
||||||
Storage management, User Management, and Instance management.
|
Storage management, User Management, and Instance management.
|
||||||
|
@ -57,7 +55,7 @@ Requirements
|
||||||
superuser problem (newly created role inherit these rights)
|
superuser problem (newly created role inherit these rights)
|
||||||
|
|
||||||
External References
|
External References
|
||||||
===================
|
+++++++++++++++++++
|
||||||
From looking at other solutions, generally there are 3 immutable system roles:
|
From looking at other solutions, generally there are 3 immutable system roles:
|
||||||
administrator, read-only, no-access. With support for specifying roles on
|
administrator, read-only, no-access. With support for specifying roles on
|
||||||
objects and their hierarchy. There is a notion of "folder", data center, host,
|
objects and their hierarchy. There is a notion of "folder", data center, host,
|
||||||
|
@ -67,12 +65,8 @@ the role that permits the complex action must contain the full set of necessary
|
||||||
privileges. For example launching a VM needs access to the datastore, OS images
|
privileges. For example launching a VM needs access to the datastore, OS images
|
||||||
files, disks, ability to create them and/or read an existing one etc.
|
files, disks, ability to create them and/or read an existing one etc.
|
||||||
|
|
||||||
Rejected User Stories / Usage Scenarios
|
|
||||||
=======================================
|
|
||||||
None.
|
|
||||||
|
|
||||||
Gaps
|
Gaps
|
||||||
====
|
++++
|
||||||
**Keystone**
|
**Keystone**
|
||||||
|
|
||||||
* Need to add a new role.
|
* Need to add a new role.
|
||||||
|
@ -98,6 +92,10 @@ Gaps
|
||||||
* Further Horizon today is "pulling" the policy files to determine which
|
* Further Horizon today is "pulling" the policy files to determine which
|
||||||
buttons/links exposed to users to guide them down the correct path.
|
buttons/links exposed to users to guide them down the correct path.
|
||||||
|
|
||||||
Glossary
|
Rejected User Stories / Usage Scenarios
|
||||||
========
|
---------------------------------------
|
||||||
|
None.
|
||||||
|
|
||||||
|
Glossary
|
||||||
|
--------
|
||||||
None.
|
None.
|
||||||
|
|
|
@ -5,10 +5,10 @@ Cross Project Spec - `Under Review <https://review.openstack.org/290977>`_
|
||||||
User Story Tracker - `Rolling Upgrades Tracker <https://github.com/openstack/openstack-user-stories/tree/master/tracker/rolling-upgrades.json>`_
|
User Story Tracker - `Rolling Upgrades Tracker <https://github.com/openstack/openstack-user-stories/tree/master/tracker/rolling-upgrades.json>`_
|
||||||
|
|
||||||
Problem description
|
Problem description
|
||||||
====================
|
-------------------
|
||||||
|
|
||||||
Problem Definition
|
Problem Definition
|
||||||
--------------------
|
++++++++++++++++++
|
||||||
OpenStack operators often shy away from upgrading or updating OpenStack due to
|
OpenStack operators often shy away from upgrading or updating OpenStack due to
|
||||||
concerns about the intrusiveness of upgrades. This prohibits operators from
|
concerns about the intrusiveness of upgrades. This prohibits operators from
|
||||||
realizing the complete value of their OpenStack cloud, specifically their
|
realizing the complete value of their OpenStack cloud, specifically their
|
||||||
|
@ -21,7 +21,7 @@ to improve their support for non-disruptive updates and upgrades, they are not
|
||||||
specifically covered in this document.
|
specifically covered in this document.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
This is a large reason why enterprises fail to gain the full value of their
|
This is a large reason why enterprises fail to gain the full value of their
|
||||||
OpenStack cloud. **Upgrades and updates have never been easy and in many
|
OpenStack cloud. **Upgrades and updates have never been easy and in many
|
||||||
environments require extended downtime of both the control and dataplane.**
|
environments require extended downtime of both the control and dataplane.**
|
||||||
|
@ -30,10 +30,10 @@ Fixing upgrades and updates would clear up many concerns which limit OpenStack
|
||||||
adoption today.
|
adoption today.
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
* As a Cloud User, I want to experience a stable, regularly updated and
|
* As a Cloud User, I want to experience a stable, regularly updated and
|
||||||
upgraded OpenStack platform in order to utilize new features, bug fixes and
|
upgraded OpenStack platform in order to utilize new features, bug fixes and
|
||||||
security enhancements, so that my cloud development experience is
|
security enhancements, so that my cloud development experience is
|
||||||
|
@ -60,7 +60,7 @@ User Stories
|
||||||
timing, dependencies, and which services would be impacted.
|
timing, dependencies, and which services would be impacted.
|
||||||
|
|
||||||
Usage Scenarios Examples
|
Usage Scenarios Examples
|
||||||
------------------------
|
++++++++++++++++++++++++
|
||||||
1. Successful upgrade
|
1. Successful upgrade
|
||||||
a. Cloud Operator schedules OpenStack upgrade to latest release
|
a. Cloud Operator schedules OpenStack upgrade to latest release
|
||||||
b. Cloud Operator can be assured that API will perform as expected from a
|
b. Cloud Operator can be assured that API will perform as expected from a
|
||||||
|
@ -91,15 +91,15 @@ Usage Scenarios Examples
|
||||||
c. Cloud Users are unaffected by the reboots
|
c. Cloud Users are unaffected by the reboots
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Requirements
|
Requirements
|
||||||
=============
|
++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Gaps
|
Gaps
|
||||||
====
|
++++
|
||||||
Upgrades today require downtime in the data plane, network connectivity and
|
Upgrades today require downtime in the data plane, network connectivity and
|
||||||
often control plane.
|
often control plane.
|
||||||
|
|
||||||
|
@ -246,17 +246,17 @@ capable of performing a rolling upgrade.
|
||||||
* Status - Implemented
|
* Status - Implemented
|
||||||
|
|
||||||
External References
|
External References
|
||||||
===================
|
+++++++++++++++++++
|
||||||
* `Dan Smith's Upgrade Blog Series <http://www.danplanet.com/blog/tag/nova-upgrade-details/>`_
|
* `Dan Smith's Upgrade Blog Series <http://www.danplanet.com/blog/tag/nova-upgrade-details/>`_
|
||||||
* `Rolling Upgrades Project Meta Data Tag <https://github.com/openstack/governance/blob/master/reference/tags/assert_supports-rolling-upgrade.rst>`_
|
* `Rolling Upgrades Project Meta Data Tag <https://github.com/openstack/governance/blob/master/reference/tags/assert_supports-rolling-upgrade.rst>`_
|
||||||
* `Grenade - OpenStack Upgrade Test Harness <https://wiki.openstack.org/wiki/Grenade>`_
|
* `Grenade - OpenStack Upgrade Test Harness <https://wiki.openstack.org/wiki/Grenade>`_
|
||||||
|
|
||||||
Rejected User Stories / Usage Scenarios
|
Rejected User Stories / Usage Scenarios
|
||||||
=======================================
|
---------------------------------------
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
* **Control Plane** Hosts or infrastructure which operate OpenStack services
|
* **Control Plane** Hosts or infrastructure which operate OpenStack services
|
||||||
(e.g. nova-api)
|
(e.g. nova-api)
|
||||||
* **Data Plane** Infrastructure instances created by cloud users on an
|
* **Data Plane** Infrastructure instances created by cloud users on an
|
||||||
|
|
|
@ -6,10 +6,10 @@ Cross Project Spec - None
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem Description
|
Problem Description
|
||||||
===================
|
-------------------
|
||||||
|
|
||||||
Problem Definition
|
Problem Definition
|
||||||
------------------
|
++++++++++++++++++
|
||||||
Cloud Operators are often confronted with the need to perform what if scenarios
|
Cloud Operators are often confronted with the need to perform what if scenarios
|
||||||
on proposed compute and block storage schedulers tweaks. As such they often
|
on proposed compute and block storage schedulers tweaks. As such they often
|
||||||
want to have access to a scheduler simulator, to make a series of "virtual"
|
want to have access to a scheduler simulator, to make a series of "virtual"
|
||||||
|
@ -17,16 +17,16 @@ requests given a specific scheduler configuration to see if the resulting
|
||||||
virtual machine load matches their expected or desired outcome.
|
virtual machine load matches their expected or desired outcome.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
This user story is valuable to cloud operators because it allows them to tune
|
This user story is valuable to cloud operators because it allows them to tune
|
||||||
the scheduler without having to run the configurations in real world
|
the scheduler without having to run the configurations in real world
|
||||||
environments.
|
environments.
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
* As a cloud operator, I want to be able to simulate my cloud's scheduler with
|
* As a cloud operator, I want to be able to simulate my cloud's scheduler with
|
||||||
a variety of virtual machine request loads under a given scheduler
|
a variety of virtual machine request loads under a given scheduler
|
||||||
configuration in order to determine the optimal configuration for my desired
|
configuration in order to determine the optimal configuration for my desired
|
||||||
|
@ -37,7 +37,7 @@ User Stories
|
||||||
|
|
||||||
|
|
||||||
Usage Scenarios Examples
|
Usage Scenarios Examples
|
||||||
------------------------
|
++++++++++++++++++++++++
|
||||||
1. Operator Runs Simulator
|
1. Operator Runs Simulator
|
||||||
a. Operator defines scheduler configuration
|
a. Operator defines scheduler configuration
|
||||||
b. Operator defines request load
|
b. Operator defines request load
|
||||||
|
@ -47,21 +47,21 @@ Usage Scenarios Examples
|
||||||
f. Operator determines if result is optimal and if not adjusts configuration
|
f. Operator determines if result is optimal and if not adjusts configuration
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Requirements
|
Requirements
|
||||||
============
|
++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
External References
|
External References
|
||||||
===================
|
+++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Rejected User Stories / Usage Scenarios
|
Rejected User Stories / Usage Scenarios
|
||||||
=======================================
|
---------------------------------------
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
None.
|
None.
|
||||||
|
|
|
@ -1,40 +1,41 @@
|
||||||
Security / Policy Enforcement for Enterprise IT
|
Security / Policy Enforcement for Enterprise IT
|
||||||
==========================
|
===============================================
|
||||||
Cross Project Spec - None
|
Cross Project Spec - None
|
||||||
|
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem Description
|
Problem Description
|
||||||
====================
|
-------------------
|
||||||
|
|
||||||
*Problem Definition*
|
*Problem Definition*
|
||||||
--------------------
|
++++++++++++++++++++
|
||||||
Many enterprise has stringent security requirements and the security policy
|
Many enterprise has stringent security requirements and the security policy
|
||||||
must be enforced by IT security. Such security policy must be enforced and applied to
|
must be enforced by IT security. Such security policy must be enforced and
|
||||||
all compute resources hosted in the enterprise environment.
|
applied to all compute resources hosted in the enterprise environment.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
TBD.
|
TBD.
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
* As an Enterprise IT security policy maker, I need to ensure that all compute
|
* As an Enterprise IT security policy maker, I need to ensure that all compute
|
||||||
resources must adhere to the security policy as defined by the IT security
|
resources must adhere to the security policy as defined by the IT security
|
||||||
department so that the cloud resources are compliant to enterprise rules and
|
department so that the cloud resources are compliant to enterprise rules and
|
||||||
regulations.
|
regulations.
|
||||||
* As an Enterprise IT security administrator, I have to create multiple security
|
|
||||||
policy for different corporate department or division. All cloud resources
|
* As an Enterprise IT security administrator, I have to create multiple
|
||||||
provisioned for that particular department or division must be applied with
|
security policy for different corporate department or division. All cloud
|
||||||
relevant security policy. Such policy (e.g firewall rules) cannot be removed
|
resources provisioned for that particular department or division must be
|
||||||
by the cloud users. A cloud users may add additional rules but cannot remove
|
applied with relevant security policy. Such policy (e.g firewall rules)
|
||||||
any rules as defined by the IT security administrator.
|
cannot be removed by the cloud users. A cloud users may add additional rules
|
||||||
|
but cannot remove any rules as defined by the IT security administrator.
|
||||||
|
|
||||||
Usage Scenarios Examples
|
Usage Scenarios Examples
|
||||||
------------------------
|
++++++++++++++++++++++++
|
||||||
The Enterprise IT needs to enforce a corporate-wide or division-wide firewall
|
The Enterprise IT needs to enforce a corporate-wide or division-wide firewall
|
||||||
policy and rules. This firewall (or security group) must be applied to all
|
policy and rules. This firewall (or security group) must be applied to all
|
||||||
compute resources of a project/tenant within that division. This policy is
|
compute resources of a project/tenant within that division. This policy is
|
||||||
|
@ -46,31 +47,32 @@ predefined rules. This security group must be automatically applied to all VM
|
||||||
whenever the VM is launched by the cloud users and cannot be removed.
|
whenever the VM is launched by the cloud users and cannot be removed.
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
None.
|
None.
|
||||||
|
|
||||||
*Requirements*
|
*Requirements*
|
||||||
==============
|
++++++++++++++
|
||||||
In order to support this user story, we need:
|
In order to support this user story, we need:
|
||||||
* A method for security administrator to create a
|
|
||||||
firewall or security policy and be able to enforce such policy to different
|
* A method for security administrator to create a firewall or security policy
|
||||||
project tenant.
|
and be able to enforce such policy to different project tenant.
|
||||||
* A mechanism to automatically attached the fireall or
|
|
||||||
security policy to each network/VM created by the cloud users within the
|
* A mechanism to automatically attached the fireall or security policy to
|
||||||
project tenant.
|
each network/VM created by the cloud users within the project tenant.
|
||||||
* The rules defined in such fireall/security policy can only
|
|
||||||
be modified by the security administrator and must not be removed or modified
|
* The rules defined in such fireall/security policy can only be modified by
|
||||||
by cloud users. This might requires "role-based access control" to specific
|
the security administrator and must not be removed or modified by cloud
|
||||||
type of resources and actions.
|
users. This might requires "role-based access control" to specific type of
|
||||||
|
resources and actions.
|
||||||
|
|
||||||
*External References*
|
*External References*
|
||||||
=====================
|
+++++++++++++++++++++
|
||||||
TBD.
|
TBD.
|
||||||
|
|
||||||
*Rejected User Stories / Usage Scenarios*
|
*Rejected User Stories / Usage Scenarios*
|
||||||
=========================================
|
-----------------------------------------
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
TBD.
|
TBD.
|
||||||
|
|
|
@ -6,10 +6,10 @@ Cross Project Spec - None
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem description
|
Problem description
|
||||||
====================
|
-------------------
|
||||||
|
|
||||||
*Problem Definition*
|
*Problem Definition*
|
||||||
--------------------
|
++++++++++++++++++++
|
||||||
This use case is about deploying a virtual IMS core as an NFV function in
|
This use case is about deploying a virtual IMS core as an NFV function in
|
||||||
OpenStack. It replaces the version previously uploaded to the TelcoWG
|
OpenStack. It replaces the version previously uploaded to the TelcoWG
|
||||||
repository [1].
|
repository [1].
|
||||||
|
@ -41,7 +41,7 @@ The requirements that such an orchestrator places on OpenStack are not
|
||||||
addressed in this use case.
|
addressed in this use case.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
|
|
||||||
Although this user story is specifically about deploying the Project
|
Although this user story is specifically about deploying the Project
|
||||||
Clearwater virtual IMS core, it is more generally representative of the
|
Clearwater virtual IMS core, it is more generally representative of the
|
||||||
|
@ -50,17 +50,17 @@ plane Virtual Network Function (VNF) deployed as a series of load-balanced
|
||||||
stateless N+k pools.
|
stateless N+k pools.
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
|
|
||||||
* As a communication service provider, I want to deploy a highly available,
|
* As a communication service provider, I want to deploy a highly available,
|
||||||
high scale, high performance virtual IMS core on OpenStack to provide my core
|
high scale, high performance virtual IMS core on OpenStack to provide my core
|
||||||
Voice-over-IP service.
|
Voice-over-IP service.
|
||||||
|
|
||||||
Usage Scenario Examples
|
Usage Scenario Examples
|
||||||
------------------------
|
+++++++++++++++++++++++
|
||||||
|
|
||||||
Project Clearwater [3] is an open-source implementation of an IMS core
|
Project Clearwater [3] is an open-source implementation of an IMS core
|
||||||
designed to run in the cloud and be massively scalable. It provides
|
designed to run in the cloud and be massively scalable. It provides
|
||||||
|
@ -68,12 +68,12 @@ P/I/S-CSCF functions together with a BGCF and an HSS cache, and includes a
|
||||||
WebRTC gateway providing interworking between WebRTC & SIP clients.
|
WebRTC gateway providing interworking between WebRTC & SIP clients.
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
|
|
||||||
None.
|
None.
|
||||||
|
|
||||||
*Requirements*
|
*Requirements*
|
||||||
==============
|
++++++++++++++
|
||||||
|
|
||||||
The problem statement above leads to the following requirements.
|
The problem statement above leads to the following requirements.
|
||||||
|
|
||||||
|
@ -114,15 +114,19 @@ The problem statement above leads to the following requirements.
|
||||||
MZ.
|
MZ.
|
||||||
|
|
||||||
*External References*
|
*External References*
|
||||||
=====================
|
+++++++++++++++++++++
|
||||||
|
|
||||||
* [1] https://review.openstack.org/#/c/179142/
|
* [1] https://review.openstack.org/#/c/179142/
|
||||||
* [2] https://en.wikipedia.org/wiki/IP_Multimedia_Subsystem
|
* [2] https://en.wikipedia.org/wiki/IP_Multimedia_Subsystem
|
||||||
* [3] http://www.projectclearwater.org
|
* [3] http://www.projectclearwater.org
|
||||||
* [4] http://www.projectclearwater.org/technical/clearwater-architecture/
|
* [4] http://www.projectclearwater.org/technical/clearwater-architecture/
|
||||||
|
|
||||||
|
Rejected User Stories / Usage Scenarios
|
||||||
|
---------------------------------------
|
||||||
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
|
|
||||||
* NFV - Networks Functions Virtualisation, see http://www.etsi.org/technologies-clusters/technologies/nfv
|
* NFV - Networks Functions Virtualisation, see http://www.etsi.org/technologies-clusters/technologies/nfv
|
||||||
* IMS - IP Multimedia Subsystem
|
* IMS - IP Multimedia Subsystem
|
||||||
|
|
|
@ -22,10 +22,10 @@ Cross Project Spec - None
|
||||||
User Story Tracker - None
|
User Story Tracker - None
|
||||||
|
|
||||||
Problem description
|
Problem description
|
||||||
====================
|
-------------------
|
||||||
|
|
||||||
*Problem Definition*
|
*Problem Definition*
|
||||||
--------------------
|
++++++++++++++++++++
|
||||||
.. This section is optional.
|
.. This section is optional.
|
||||||
.. Please use it to provide additional details (if available) about your user story
|
.. Please use it to provide additional details (if available) about your user story
|
||||||
.. (if warranted) for further expansion for clarity. A detailed description of the
|
.. (if warranted) for further expansion for clarity. A detailed description of the
|
||||||
|
@ -37,7 +37,7 @@ Problem description
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Opportunity/Justification
|
Opportunity/Justification
|
||||||
-------------------------
|
+++++++++++++++++++++++++
|
||||||
.. This section is mandatory.
|
.. This section is mandatory.
|
||||||
.. Use this section to give opportunity details that support why
|
.. Use this section to give opportunity details that support why
|
||||||
.. pursuing these user stories would help address key barriers to adoption or
|
.. pursuing these user stories would help address key barriers to adoption or
|
||||||
|
@ -50,10 +50,10 @@ Opportunity/Justification
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Use Cases
|
Use Cases
|
||||||
=========
|
---------
|
||||||
|
|
||||||
User Stories
|
User Stories
|
||||||
------------
|
++++++++++++
|
||||||
.. This section is mandatory. You may submit multiple
|
.. This section is mandatory. You may submit multiple
|
||||||
.. user stories in a single submission as long as they are inter-related and can be
|
.. user stories in a single submission as long as they are inter-related and can be
|
||||||
.. associated with a single epic and/or function. If the user stories are
|
.. associated with a single epic and/or function. If the user stories are
|
||||||
|
@ -68,7 +68,7 @@ User Stories
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Usage Scenario Examples
|
Usage Scenario Examples
|
||||||
------------------------
|
+++++++++++++++++++++++
|
||||||
.. This section is mandatory.
|
.. This section is mandatory.
|
||||||
.. In order to explain your user stories, if possible, provide an example in the
|
.. In order to explain your user stories, if possible, provide an example in the
|
||||||
.. form of a scenario to show how the specified user type might interact with the
|
.. form of a scenario to show how the specified user type might interact with the
|
||||||
|
@ -86,7 +86,7 @@ Usage Scenario Examples
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Related User Stories
|
Related User Stories
|
||||||
====================
|
++++++++++++++++++++
|
||||||
.. This section is mandatory.
|
.. This section is mandatory.
|
||||||
.. If there are related user stories that have some overlap in the problem domain or
|
.. If there are related user stories that have some overlap in the problem domain or
|
||||||
.. that you perceive may partially share requirements or a solution, reference them
|
.. that you perceive may partially share requirements or a solution, reference them
|
||||||
|
@ -95,14 +95,14 @@ Related User Stories
|
||||||
None.
|
None.
|
||||||
|
|
||||||
*Requirements*
|
*Requirements*
|
||||||
==============
|
++++++++++++++
|
||||||
.. This section is optional. It might be useful to specify
|
.. This section is optional. It might be useful to specify
|
||||||
.. additional requirements that should be considered but may not be
|
.. additional requirements that should be considered but may not be
|
||||||
.. apparent through the user story and usage examples. This information will help
|
.. apparent through the user story and usage examples. This information will help
|
||||||
.. the development be aware of any additional known constraints that need to be met
|
.. the development be aware of any additional known constraints that need to be met
|
||||||
.. for adoption of the newly implemented features/functionality. Use this section
|
.. for adoption of the newly implemented features/functionality. Use this section
|
||||||
.. to define the functions that must be available or any specific technical
|
.. to define tahe functions that must be available or any specific technical
|
||||||
.. requirements that exist in order to successfully support your use case. If there
|
.. requirementsthat exist in order to successfully support your use case. If there
|
||||||
.. are requirements that are external to OpenStack, note them as such. Please
|
.. are requirements that are external to OpenStack, note them as such. Please
|
||||||
.. always add a comprehensible description to ensure that people understand your
|
.. always add a comprehensible description to ensure that people understand your
|
||||||
.. need.
|
.. need.
|
||||||
|
@ -114,7 +114,7 @@ None.
|
||||||
None.
|
None.
|
||||||
|
|
||||||
*External References*
|
*External References*
|
||||||
=====================
|
+++++++++++++++++++++
|
||||||
.. This section is optional.
|
.. This section is optional.
|
||||||
.. Please use this section to add references for standards or well-defined
|
.. Please use this section to add references for standards or well-defined
|
||||||
.. mechanisms. You can also use this section to reference existing functionality
|
.. mechanisms. You can also use this section to reference existing functionality
|
||||||
|
@ -125,7 +125,7 @@ None.
|
||||||
None.
|
None.
|
||||||
|
|
||||||
*Rejected User Stories / Usage Scenarios*
|
*Rejected User Stories / Usage Scenarios*
|
||||||
=========================================
|
-----------------------------------------
|
||||||
.. This is optional
|
.. This is optional
|
||||||
.. Please fill out this section after a User Story has been submitted as a
|
.. Please fill out this section after a User Story has been submitted as a
|
||||||
.. cross project spec to highlight any user stories deemed out of scope of the
|
.. cross project spec to highlight any user stories deemed out of scope of the
|
||||||
|
@ -134,7 +134,7 @@ None.
|
||||||
None.
|
None.
|
||||||
|
|
||||||
Glossary
|
Glossary
|
||||||
========
|
--------
|
||||||
.. This section is optional.
|
.. This section is optional.
|
||||||
.. It is highly suggested that you define any terms,
|
.. It is highly suggested that you define any terms,
|
||||||
.. abbreviations that are not commonly used in order to ensure
|
.. abbreviations that are not commonly used in order to ensure
|
||||||
|
|
Loading…
Reference in New Issue