Thanks Nirmal.

I am moving the changes to latest codebase.
I will send PR shortly after that.

On Sat, Aug 2, 2014 at 9:48 PM, Nirmal Fernando <> wrote:
Hi Suriya,

Please see my comments inline. 

On Sun, Aug 3, 2014 at 4:33 AM, Sathyasuriya Priya <> wrote:
Hi Nirmal, devs,

Following are some important aspects of GCE design/implementation.
Let me know of any changes/suggestions.

1. GCE credential: Jclouds uses GCE service accounts for communicating with IaaS. This includes a service account email address (for example, and a private key in text(~1000 chars). This identity, credential can be specified in cloud-controller.xml as follows. Currently mode 1 is implemented. Based on suggestions we can implement mode 2 or 3.

Mode 1: private key in pem text.
  <identity svns:secretAlias="cloud.controller.gce.identity">
  <credential svns:secretAlias="cloud.controller.gce.credential">
#### ~15 lines of private key

Mode 2: Instead of giving the private key in text format, we can give a path to a file. The file will have the key in pem format.
  <identity svns:secretAlias="cloud.controller.gce.identity">
  <credential svns:secretAlias="cloud.controller.gce.credential">

Mode 3: Mixed mode 1 & 2. Either pem text or path to file can be there. Stratos code can try to autodetect the mode.

Ok, GCE's account authentication mechanism is key based then. It's bit different to other IaaS providers. Out of curiosity does GCE use another key pair to spawn instances? 

I'd like to have Mode2, but for the first iteration, Mode1 is perfectly fine.

2. Network: GCE instance can connect to only one network [1]. I think, this is different from EC2 or openstack, where one instance can connect to many networks. So stratos server needs to be in same network as cartridge instances. I hope this is ok for multi-tenant mode in stratos. This network name can be mentioned in cartridge json as follows (similar to EC2, but only one name should be specified)
      "networkInterfaces": [
          "networkUuid": "default-network-name"

Ya, there's no issue in multi-tenant mode. I hope this is not mandatory. 

Connecting only to one network, is certainly not a blocker IMO.

3. Naming convention: I have used 'gce' in all stratos code, and wherever needed in xml, etc. But in jclouds [2] 'google-compute-engine' is being used. So in the code copied from jclouds to stratos dependencies/jclouds/apis/google-compute-engine/, 'gce' is not used. I hope this is ok.

Ya, this is ok.

Looking forward to see a PR soon :)

Great work so far! 

Best Regards,

Nirmal Fernando.
PPMC Member & Committer of Apache Stratos,
Senior Software Engineer, WSO2 Inc.