| openstackgerrit | yuan wei proposed openstack/dragonflow: add active detection app for allowed address pairs https://review.openstack.org/339975 | 01:42 |
|---|---|---|
| openstackgerrit | yuan wei proposed openstack/dragonflow: Reset related conntrack entries when the configuration about SG changed https://review.openstack.org/393710 | 01:57 |
| openstackgerrit | Merged openstack/dragonflow: Use router_id as cache key instead of router object https://review.openstack.org/394016 | 02:29 |
| openstackgerrit | Merged openstack/dragonflow: Small refactor of methods in dhcp_app https://review.openstack.org/393251 | 02:29 |
| openstackgerrit | Merged openstack/dragonflow: Catch and print more exception for cli https://review.openstack.org/391344 | 02:29 |
| openstackgerrit | Merged openstack/dragonflow: Propose Cassandra support https://review.openstack.org/389023 | 02:29 |
| openstackgerrit | Merged openstack/dragonflow: Fix remote port tunnel not ready bug https://review.openstack.org/384054 | 02:29 |
| openstackgerrit | Merged openstack/dragonflow: Use discard to safely remove element of set https://review.openstack.org/392452 | 02:29 |
| nick-ma_ | hi all, i'm in a business trip in tencent and i guess i will be very busy in the next two weeks. i will try my best to review but for those big patches, i hope i will have time on verification during these days. i'm sorry i'm not sure about it. | 02:31 |
| *** Wang_Jian has joined #openstack-dragonflow | 02:40 | |
| *** Frank_ has joined #openstack-dragonflow | 02:43 | |
| *** Frank_ is now known as dkb | 02:43 | |
| *** DuanKebo has joined #openstack-dragonflow | 02:47 | |
| xiaohhui | Have a good time nick-ma_ :) | 02:57 |
| openstackgerrit | liuhaixia proposed openstack/dragonflow: Fix multicast bug https://review.openstack.org/394718 | 03:12 |
| openstackgerrit | liuhaixia proposed openstack/dragonflow: Fix multicast bug https://review.openstack.org/394718 | 03:14 |
| openstackgerrit | Hong Hui Xiao proposed openstack/dragonflow: Use argparse instead of parsing arguments manually https://review.openstack.org/367922 | 03:28 |
| openstackgerrit | rajiv proposed openstack/dragonflow: Moved config options for l2_app https://review.openstack.org/394725 | 03:29 |
| *** oanson has joined #openstack-dragonflow | 03:51 | |
| *** dkb has quit IRC | 04:47 | |
| *** dkb has joined #openstack-dragonflow | 04:53 | |
| *** gongysh has joined #openstack-dragonflow | 04:54 | |
| openstackgerrit | rajiv proposed openstack/dragonflow: Output format of df-db changed to display output in table https://review.openstack.org/393605 | 05:01 |
| openstackgerrit | jingting proposed openstack/dragonflow: Support VM live migration https://review.openstack.org/394759 | 05:04 |
| *** gongysh has quit IRC | 05:05 | |
| rajivk | oanson, are you there? | 05:38 |
| oanson | Yes | 05:38 |
| oanson | But I don't know for how long :) | 05:38 |
| rajivk | okay :) | 05:38 |
| rajivk | i want discuss about this specs https://review.openstack.org/#/c/385719/6/doc/source/specs/support_check_chassis_alive.rst | 05:38 |
| rajivk | have you gone through it? | 05:39 |
| oanson | Not yet | 05:39 |
| oanson | On today's todo list | 05:39 |
| rajivk | okay, when you are done, please let me know. | 05:40 |
| oanson | But if you have any comments, I can look out for them when I do | 05:40 |
| oanson | Sure | 05:40 |
| rajivk | okay, i have a few comment. | 05:40 |
| rajivk | They may be invalid, | 05:40 |
| rajivk | so this spec is about reporint status of chassis | 05:40 |
| oanson | yes | 05:41 |
| rajivk | a new command of deletion of chasis for admin is provided and discussion is done, how to allow only admin | 05:41 |
| rajivk | to delete chassis | 05:41 |
| rajivk | I think, df-db command is provided locally and it will not exposed outside the datacenter | 05:41 |
| rajivk | therefore we should not work on that part, is my understanding correct about df-db? | 05:42 |
| oanson | The key-value store should only be accessible from inside the datacentre. Even if df-db 'leaks', the key-value store cannot be accessed from outside | 05:42 |
| rajivk | I think, xiaohhui, is online he can also help us. | 05:42 |
| rajivk | xiaohhui, are you there? | 05:43 |
| oanson | Additionally, the key-value store is not protected, so from inside the datacentre, a user can connect and delete/modify the chassis information | 05:43 |
| oanson | even without df-db | 05:43 |
| rajivk | i mean, a user will not have access to database | 05:43 |
| rajivk | usually we keep openstack services in internal network and expose only floating ips to client. | 05:44 |
| oanson | rajivk, from outside the datacentre, there should be no access. | 05:44 |
| rajivk | database -> datacenter | 05:44 |
| rajivk | So i mean, it is not required. | 05:44 |
| oanson | In general we didn't take security into account in our design. | 05:44 |
| rajivk | I think, we should :) | 05:45 |
| oanson | I think you are right, it should be done separately on the whole system, and not just this record | 05:45 |
| rajivk | second part and important one. | 05:45 |
| oanson | We are starting to consider AAA regarding NB database access | 05:45 |
| oanson | rajivk, yes. We have been told that currently the security measures are unacceptable in some deployments | 05:45 |
| rajivk | chassis status is reported by the local controller | 05:46 |
| rajivk | and there is a blueprint about ha of controller therefore if local controller goes down then according to current specs it will be marked as down. | 05:46 |
| rajivk | but we will be handling flows on this machine from other machine. | 05:47 |
| rajivk | this machine --> failed | 05:47 |
| oanson | Maybe a more granular reporting mechanism will be needed once HA is implemented. | 05:47 |
| oanson | In any case, if the local controller is down, this requires immediate attention. | 05:48 |
| rajivk | You are right, | 05:48 |
| oanson | So the status should reflect that. | 05:48 |
| rajivk | actually chassis is not down only controller down(i may not be correct about terms(chassis)) | 05:49 |
| oanson | Yes. That's what I meant by more granular. We can reflect what service failed, rather than the entire chassis | 05:49 |
| oanson | I have to go. I will look out for your comment when I review the spec. I will see if I can get the security measures to a state where it can be discussed, but I think it is still early. | 05:49 |
| rajivk | okay | 05:50 |
| *** irenab has joined #openstack-dragonflow | 05:51 | |
| *** oanson has quit IRC | 06:29 | |
| openstackgerrit | hujie proposed openstack/dragonflow: uniform meaningless topic judgement https://review.openstack.org/394781 | 06:37 |
| *** dkb has quit IRC | 06:44 | |
| *** dkb has joined #openstack-dragonflow | 06:45 | |
| Wang_Jian | @oanson, I think we need enable df-publisher-service in our fullstack | 07:00 |
| openstackgerrit | jingting proposed openstack/dragonflow: Support VM live migration https://review.openstack.org/394759 | 07:00 |
| Wang_Jian | @oanson, this test case failed because no df-publisher-service enabled, http://logs.openstack.org/77/365077/28/check/gate-dragonflow-dsvm-fullstack-nv/8221c01/console.html | 07:01 |
| *** yuval has joined #openstack-dragonflow | 07:06 | |
| *** oanson has joined #openstack-dragonflow | 07:09 | |
| *** dimak has joined #openstack-dragonflow | 07:40 | |
| openstackgerrit | Christian Schulze-Wiehenbrauk proposed openstack/dragonflow: Additional fixes https://review.openstack.org/394305 | 07:40 |
| *** lihi has joined #openstack-dragonflow | 07:43 | |
| *** gampel has joined #openstack-dragonflow | 08:04 | |
| *** gampel has left #openstack-dragonflow | 08:04 | |
| *** Wang_Jian has quit IRC | 08:23 | |
| *** Wang__Jian has joined #openstack-dragonflow | 08:24 | |
| openstackgerrit | Hong Hui Xiao proposed openstack/dragonflow: Refactor nb db models https://review.openstack.org/393974 | 08:34 |
| *** zenoway has joined #openstack-dragonflow | 08:36 | |
| openstackgerrit | Hong Hui Xiao proposed openstack/dragonflow: Store local network id to nb db https://review.openstack.org/394017 | 08:36 |
| *** dkb has quit IRC | 09:00 | |
| *** dkb has joined #openstack-dragonflow | 09:01 | |
| openstackgerrit | rajiv proposed openstack/dragonflow: Moved config options of metadata_service_app https://review.openstack.org/394282 | 09:20 |
| openstackgerrit | Dima Kuznetsov proposed openstack/dragonflow: [WIP] Service Function Chaining specification https://review.openstack.org/394498 | 09:37 |
| openstackgerrit | Dima Kuznetsov proposed openstack/dragonflow: [WIP] Service Function Chaining specification https://review.openstack.org/394498 | 09:54 |
| *** xiaohhui has quit IRC | 10:20 | |
| *** Wang__Jian has quit IRC | 10:20 | |
| *** jingting has quit IRC | 10:20 | |
| *** DuanKebo has quit IRC | 10:22 | |
| *** gampel has joined #openstack-dragonflow | 10:49 | |
| *** gampel has left #openstack-dragonflow | 10:50 | |
| openstackgerrit | Hong Hui Xiao proposed openstack/dragonflow: Spec to support check if chassis is alive https://review.openstack.org/385719 | 10:54 |
| *** dkb has quit IRC | 11:16 | |
| *** dkb has joined #openstack-dragonflow | 11:17 | |
| *** gsagie has joined #openstack-dragonflow | 11:20 | |
| *** gsagie has quit IRC | 12:13 | |
| *** rajivk has quit IRC | 12:33 | |
| *** rajivk has joined #openstack-dragonflow | 12:45 | |
| openstackgerrit | hujie proposed openstack/dragonflow: Return if lswitch is None for lport process https://review.openstack.org/394951 | 13:14 |
| openstackgerrit | Hong Hui Xiao proposed openstack/dragonflow: Store local network id to nb db https://review.openstack.org/394017 | 13:23 |
| openstackgerrit | Dima Kuznetsov proposed openstack/dragonflow: Service Function Chaining specification https://review.openstack.org/394498 | 13:28 |
| *** dkb has quit IRC | 13:32 | |
| *** dkb has joined #openstack-dragonflow | 13:33 | |
| *** openstackgerrit has quit IRC | 13:48 | |
| *** openstackgerrit has joined #openstack-dragonflow | 13:49 | |
| *** irenab has quit IRC | 14:09 | |
| openstackgerrit | WangJian proposed openstack/dragonflow: Allow to change chassis info after df controller restart https://review.openstack.org/365077 | 14:35 |
| *** yuval has quit IRC | 15:12 | |
| *** mastermind has joined #openstack-dragonflow | 15:22 | |
| *** zenoway has quit IRC | 15:25 | |
| *** zenoway has joined #openstack-dragonflow | 15:28 | |
| *** mastermind has quit IRC | 15:32 | |
| *** dkb has quit IRC | 15:49 | |
| *** dkb has joined #openstack-dragonflow | 15:50 | |
| openstackgerrit | Dima Kuznetsov proposed openstack/dragonflow: Forward DNAT traffic from table 7 https://review.openstack.org/392086 | 15:51 |
| openstackgerrit | Dima Kuznetsov proposed openstack/dragonflow: Refactor local_networks in L2ML2App https://review.openstack.org/392651 | 15:51 |
| *** lihi has quit IRC | 15:58 | |
| *** saggi has quit IRC | 16:01 | |
| *** oanson has quit IRC | 16:16 | |
| *** zenoway has quit IRC | 16:17 | |
| *** zenoway has joined #openstack-dragonflow | 16:18 | |
| *** zenoway has quit IRC | 16:22 | |
| *** dimak has quit IRC | 16:33 | |
| *** dkb has quit IRC | 18:05 | |
| *** dkb has joined #openstack-dragonflow | 18:05 | |
| *** oanson has joined #openstack-dragonflow | 19:23 | |
| *** dkb has quit IRC | 20:21 | |
| *** dkb has joined #openstack-dragonflow | 20:21 | |
| *** oanson has quit IRC | 20:42 | |
| openstackgerrit | OpenStack Proposal Bot proposed openstack/dragonflow: Updated from global requirements https://review.openstack.org/395168 | 21:21 |
| *** dkb has quit IRC | 22:18 | |
| *** dkb has joined #openstack-dragonflow | 22:19 | |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!