Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
jclouds (DEPRECATED)
Home
About this group
Contact owner to join
Message from discussion EC2, VPC and security groups
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post will appear after it is approved by moderators
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
barkbarkuk  
View profile  
 More options Oct 9 2012, 6:37 pm
From: barkbarkuk <barkbar...@gmail.com>
Date: Tue, 9 Oct 2012 15:37:22 -0700 (PDT)
Local: Tues, Oct 9 2012 6:37 pm
Subject: EC2, VPC and security groups
Print | View thread | Show original | Report this message | Find messages by this author

I've been trying to use pallet and jclouds together to create some machines in the VPC, but have been struggling a little with security groups.

After a while I stumbled across the VPC section in http://www.jclouds.org/documentation/userguide/using-ec2/ which states that the VPC and security groups are mutually exclusive but I don't believe this is the case anymore.

I've had a bit of a dig through the code and lost myself a few times but it looks like the interface to make calls to create a security group with VPC specified already exists in the aws-ec2 provider.
When creating a new instance however it looks like when a subnet id is specified (i.e. the machine should be created in a specific subnet in the VPC) any named security groups are intentionally not added. This does make sense as the amazon api's don't allow a security group name to be passed when creating a VPC instance though they do allow a security group id to be passed.

I'm wondering if there are docs/discussions where this has been talked about?
If not, where's best to target my efforts as I'm happy to get my hands into the code with a little direction?

I think when a non-VPC instance is created, passing the name of a security group that doesn't exist, the group is automatically created by AWS as part of the same call that creates the instance. For a VPC security group it seems like the group would have to be created manually by jclouds code first, the id retreived and then passed as an option into the instance creation details. I was originally thinking about doing this in the code that chooses not to supply security group names when a subnet id is detected, using the subnet id to get the VPC id needed to create the new security group. This seems a bit wrong though as the code is more about building up options for the create instance call to AWS.

Maybe the right thing is to be explicitly creating VPC security groups in pallet and making sure the ids can be passed on through jclouds?

The other thing to consider is the security group name restrictions are different when making a VPC security group, notably the # symbol is not allowed.

Sorry if this is a bit rambly, trying to understand a lot of new code and how all the parts fit together.
Any direction gratefully received.
   - Pete.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google