| *** yamamot__ has joined #openstack-fwaas | 00:27 | |
| *** njohnston is now known as njohnston_ | 00:32 | |
| *** yamamot__ has quit IRC | 00:34 | |
| *** njohnston has joined #openstack-fwaas | 00:37 | |
| *** njohnston has quit IRC | 00:48 | |
| mfranc213 | hello sridarK_ and njohnston. i hope to complete the UT work for the FWaaS L3 agent extension by tonight's meeting. | 01:08 |
|---|---|---|
| mfranc213 | (two more tests to fix :) ) | 01:08 |
| *** mickeys has quit IRC | 02:24 | |
| *** diogogmt has quit IRC | 02:51 | |
| *** yamamot__ has joined #openstack-fwaas | 03:20 | |
| *** yamamot__ has quit IRC | 03:20 | |
| *** yamamot__ has joined #openstack-fwaas | 03:22 | |
| mfranc213 | it will have to be tomorrow... | 03:33 |
| *** yamamot__ has quit IRC | 03:44 | |
| *** chandanc has joined #openstack-fwaas | 04:00 | |
| *** padkrish has joined #openstack-fwaas | 04:01 | |
| *** yamamot__ has joined #openstack-fwaas | 04:11 | |
| *** yamamot__ has quit IRC | 04:36 | |
| *** padkrish has quit IRC | 05:00 | |
| *** yamamot__ has joined #openstack-fwaas | 05:16 | |
| -openstackstatus- NOTICE: zuul is being restarted to reload configuration. Jobs should be re-enqueued but if you're missing anything (and it's not on http://status.openstack.org/zuul/) please issue a recheck in 30min. | 05:24 | |
| *** Trident has quit IRC | 05:25 | |
| *** vishwanathj has quit IRC | 05:56 | |
| *** vishwanathj has joined #openstack-fwaas | 06:28 | |
| *** vishwanathj has quit IRC | 06:29 | |
| *** mickeys has joined #openstack-fwaas | 06:29 | |
| *** mickeys has quit IRC | 06:33 | |
| *** Trident has joined #openstack-fwaas | 07:52 | |
| *** Trident has quit IRC | 07:54 | |
| *** Trident has joined #openstack-fwaas | 07:55 | |
| *** Trident has quit IRC | 08:11 | |
| *** mickeys has joined #openstack-fwaas | 08:12 | |
| *** mickeys has quit IRC | 08:20 | |
| *** mickeys has joined #openstack-fwaas | 08:20 | |
| *** Trident has joined #openstack-fwaas | 08:23 | |
| *** mickeys has quit IRC | 08:24 | |
| *** yamamot__ has quit IRC | 09:44 | |
| *** Trident has quit IRC | 09:46 | |
| *** Trident has joined #openstack-fwaas | 09:47 | |
| *** Trident has quit IRC | 10:30 | |
| *** chandanc has quit IRC | 11:03 | |
| *** chandanc has joined #openstack-fwaas | 12:29 | |
| *** diogogmt has joined #openstack-fwaas | 13:10 | |
| *** vishwanathj has joined #openstack-fwaas | 13:30 | |
| *** SridarK has joined #openstack-fwaas | 13:32 | |
| chandanc | Hello guys | 13:34 |
| mfranc213 | hello chandanc :) | 13:35 |
| *** SarathMekala has joined #openstack-fwaas | 13:35 | |
| mfranc213 | hello sarath :) | 13:35 |
| SarathMekala | hi Margaret | 13:35 |
| chandanc | I will depend on Sridar for the webex invite :) | 13:35 |
| mfranc213 | okay. will the meeting participants be the 3 of us plus Sridar? | 13:36 |
| chandanc | ya | 13:36 |
| mfranc213 | sounds good. | 13:37 |
| SarathMekala | hope the time is ok with you | 13:37 |
| SarathMekala | you may need to get ready for office | 13:37 |
| mfranc213 | i'm in the office! :) | 13:38 |
| SarathMekala | :) ok cool | 13:38 |
| SarathMekala | does nate work in the same office | 13:38 |
| mfranc213 | it's 9:30 in the morning for me. nate is in reston, virginia, and i am in philadelphia, pennsylvania. | 13:39 |
| SarathMekala | oh ok | 13:39 |
| mfranc213 | we communicate over a chat line. | 13:39 |
| SridarK | i can certainly setup up a conf call to make it easier to share screens | 13:39 |
| chandanc | sure, that will be great | 13:40 |
| SarathMekala | yep | 13:40 |
| mfranc213 | thank you. | 13:40 |
| SridarK | mfranc213: for some context, i had a quick sync with chandanc: & SarathMekala: to run thru the driver changes to go in as part of ur patch for the agent | 13:40 |
| mfranc213 | excellent | 13:41 |
| *** yamamoto has joined #openstack-fwaas | 13:41 | |
| SridarK | they were looking thru the impact - mainly to change the iptable rules to be port specific instead of qr-* (all internal ports) | 13:41 |
| SridarK | shall we target in 20 mins to talk ? | 13:42 |
| chandanc | ok | 13:42 |
| mfranc213 | yes, perfect | 13:42 |
| SarathMekala | sure | 13:42 |
| SarathMekala | am signing out.. need to take my dog for a walk | 13:44 |
| SarathMekala | will be back in 20 mins | 13:44 |
| *** diogogmt has quit IRC | 13:47 | |
| *** malos_ has joined #openstack-fwaas | 13:57 | |
| mfranc213 | https://review.openstack.org/#/c/337699/4/neutron_fwaas/services/firewall/agents/l3reference/firewall_l3_agent.py@271 | 13:57 |
| mfranc213 | perhaps that, and the analogous driver calls for update and delete, are the crus of this meeting. | 13:58 |
| *** yamamoto has quit IRC | 13:59 | |
| chandanc | ya that kind of it | 13:59 |
| chandanc | thats* | 13:59 |
| * SarathMekala joins back | 14:00 | |
| chandanc | have a look at http://paste.openstack.org/show/553566/, kind of what we were thinking of | 14:01 |
| chandanc | #link http://paste.openstack.org/show/553566/ | 14:01 |
| mfranc213 | send the router for each port that is given to the driver? | 14:01 |
| chandanc | [(router_obj, [port_list]), ...] | 14:02 |
| mfranc213 | yes, makes sense. | 14:02 |
| chandanc | haven't tested, but might just work | 14:03 |
| SridarK | mfranc213: yes prev we sent the router_info | 14:03 |
| mfranc213 | would you like me to inspect and then apply the diff and ping you if i have questions? | 14:04 |
| chandanc | joining webex | 14:04 |
| SridarK | so now with this can pin the ports to the correct namespace | 14:04 |
| mfranc213 | is there a webex link? | 14:04 |
| SridarK | mfranc213: sent to u | 14:05 |
| mfranc213 | waiting for it... :) | 14:05 |
| chandanc | https://cisco.webex.com/ciscosales/e.php?MTID=m31d5e6f7d018eed87a924359ede2b642 | 14:06 |
| mfranc213 | joining now | 14:06 |
| SarathMekala | To give an overview, currently when the agent calls the driver its filtering out the ports that are present on that node | 14:06 |
| SarathMekala | in addition to this we will need the router_id | 14:06 |
| mfranc213 | i'm on the meeting but can't hear you... | 14:06 |
| SridarK | mfranc213: u need to join audio | 14:07 |
| chandanc | Sarath, joining webex ? | 14:10 |
| SarathMekala | its loading @21% | 14:12 |
| SarathMekala | slow connection :( | 14:12 |
| SarathMekala | you carry on.. will catch up | 14:12 |
| mfranc213 | :( | 14:12 |
| chandanc | jump_rule = ['-o %s+ -j %s-%s' % (if_prefix, bname, chain_name)] | 14:19 |
| chandanc | http://paste.openstack.org/show/553566/ | 14:19 |
| *** yamamoto has joined #openstack-fwaas | 14:24 | |
| chandanc | stack@devstack1:/opt/stack/neutron/neutron/agent/linux$ neutron router-port-list 966d3112-639d-448f-9858-e1cb02954c06 | 14:24 |
| chandanc | +--------------------------------------+------+-------------------+--------------------------------------------------------------+ | 14:24 |
| chandanc | | id | name | mac_address | fixed_ips | | 14:24 |
| chandanc | +--------------------------------------+------+-------------------+--------------------------------------------------------------+ | 14:24 |
| chandanc | | 12c12d84-1bce-46f1-99d0-dafd2cb1228c | | fa:16:3e:98:3e:38 | {"subnet_id": "b769e731-b98d-4e24-aa88-20d9aa4574da", | | 14:24 |
| chandanc | | | | | "ip_address": "172.24.4.8"} | | 14:24 |
| chandanc | | | | | {"subnet_id": "beefdfaa-2ca0-404c-bad9-bf992dc3187e", | | 14:24 |
| chandanc | | | | | "ip_address": "2001:db8::b"} | | 14:24 |
| chandanc | | 94faa770-d43c-4010-a982-a9e617e6ca6b | | fa:16:3e:a0:35:50 | {"subnet_id": "21062df3-5437-4d13-bc13-a550eac07e78", | | 14:24 |
| chandanc | | | | | "ip_address": "fd58:86d8:eed7::1"} | | 14:25 |
| chandanc | | c69406b7-eaeb-4e72-8e3b-3491ffeea5d8 | | fa:16:3e:58:db:3b | {"subnet_id": "dc4fc466-4da0-4836-baf7-ee229445eb29", | | 14:25 |
| chandanc | | | | | "ip_address": "10.0.0.1"} | | 14:25 |
| chandanc | +--------------------------------------+------+-------------------+--------------------------------------------------------------+ | 14:25 |
| SridarK | chandanc: ok perfect thx | 14:25 |
| SridarK | mfranc213: to ur question, this is one of the pieces that is used from the router_info: | 14:38 |
| SridarK | #link https://github.com/openstack/neutron-fwaas/blob/master/neutron_fwaas/services/firewall/drivers/linux/iptables_fwaas.py#L76 | 14:39 |
| mfranc213 | thank you Sridar. this is very helpful to see (just to give me context, if nothing else). | 14:39 |
| *** chandanc has quit IRC | 14:43 | |
| SridarK | mfranc213: np at all | 14:48 |
| *** yamamoto has quit IRC | 14:49 | |
| *** yamamoto has joined #openstack-fwaas | 14:50 | |
| *** yamamoto has quit IRC | 14:50 | |
| *** yamamoto has joined #openstack-fwaas | 14:50 | |
| *** yamamoto has quit IRC | 14:50 | |
| *** yamamoto has joined #openstack-fwaas | 14:51 | |
| *** yamamoto has quit IRC | 14:56 | |
| *** SarathMekala has quit IRC | 15:00 | |
| *** SarathMekala has joined #openstack-fwaas | 15:02 | |
| *** yamamoto has joined #openstack-fwaas | 15:12 | |
| *** yamamoto has quit IRC | 15:12 | |
| *** chandanc has joined #openstack-fwaas | 15:23 | |
| *** chandanc has quit IRC | 15:48 | |
| *** mickeys has joined #openstack-fwaas | 15:59 | |
| *** njohnston_ is now known as njohnston | 16:04 | |
| *** diogogmt has joined #openstack-fwaas | 16:07 | |
| *** SarathMekala has quit IRC | 16:11 | |
| *** yamamoto has joined #openstack-fwaas | 16:13 | |
| *** yamamoto has quit IRC | 16:19 | |
| mfranc213 | Sridark: ping | 16:27 |
| SridarK | mfranc213: hi | 16:27 |
| mfranc213 | question for you. i know that router_info has ns_name, but this line indicates that the router does too: | 16:29 |
| mfranc213 | https://github.com/openstack/neutron-fwaas/blob/master/neutron_fwaas/services/firewall/agents/l3reference/firewall_l3_agent.py#L119 | 16:29 |
| mfranc213 | can you unconfuse me? | 16:29 |
| njohnston | FYI all, there is a bug that just came in for the tenant_id to project_id migration - https://bugs.launchpad.net/neutron/+bug/1611834 - and I just submitted a fix: https://review.openstack.org/353629 | 16:30 |
| openstack | Launchpad bug 1611834 in neutron "[neutron-fwaas] "Unknown column 'r.tenant_id' in 'where clause'"" [Undecided,In progress] - Assigned to Nate Johnston (nate-johnston) | 16:30 |
| njohnston | Please review so we can short-cycle it | 16:30 |
| SridarK | mfranc213: i think we are just indexing to pick up the ns of the specific router | 16:31 |
| mfranc213 | thank you. | 16:32 |
| SridarK | njohnston: done | 16:34 |
| SridarK | mfranc213: np at all | 16:39 |
| *** xgerman has quit IRC | 16:56 | |
| *** xgerman has joined #openstack-fwaas | 16:56 | |
| *** SarathMekala has joined #openstack-fwaas | 16:56 | |
| mfranc213 | hello chandanc, SarathMekala, SridarK: i realize that the fwaas agent extension cannot send a dictionary to the driver, because | 17:11 |
| mfranc213 | a dictionary cannot have dictionaries (router_info) as keys. so i will plan to do as suggested in | 17:11 |
| mfranc213 | http://paste.openstack.org/show/553566/ which is to say, the agent extension will send a list of | 17:11 |
| mfranc213 | tuples like this: | 17:11 |
| mfranc213 | [ ( ri1, [p1, p2] ), ( ri2, [p3, p4, p5] ) ] | 17:11 |
| mfranc213 | with "ri" = router_info, and "p" = port | 17:11 |
| mfranc213 | holler if this does not sound right | 17:12 |
| SridarK | mfranc213: that looks good to me | 17:23 |
| mfranc213 | thank you SridarK | 17:23 |
| SridarK | the driver will just use ri and look for associated ports to formulate the rule on the ns referred to by ri | 17:24 |
| SridarK | going offline for a bit now | 17:24 |
| *** SridarK has quit IRC | 17:29 | |
| *** _SarathMekala_ has joined #openstack-fwaas | 17:40 | |
| *** SarathMekala has quit IRC | 17:43 | |
| *** SarathMekala_ has joined #openstack-fwaas | 17:47 | |
| *** _SarathMekala_ has quit IRC | 17:51 | |
| *** SarathMekala_ has quit IRC | 18:06 | |
| *** Trident has joined #openstack-fwaas | 18:14 | |
| *** SridarK has joined #openstack-fwaas | 18:15 | |
| *** mickeys has quit IRC | 18:25 | |
| *** Trident has quit IRC | 19:14 | |
| *** mickeys has joined #openstack-fwaas | 19:25 | |
| *** mickeys has quit IRC | 19:31 | |
| *** mickeys has joined #openstack-fwaas | 20:05 | |
| njohnston | I've been poking at this a bit, but not sure what is going on. SridarK, have you seen this issue before? http://logs.openstack.org/59/311159/22/check/gate-neutron-fwaas-python34/6ab5ecd/testr_results.html.gz | 21:00 |
| SridarK | njohnston: looking | 21:03 |
| njohnston | Thanks! | 21:04 |
| njohnston | SridarK: I am wondering if it's because of "WARNING [stevedore.named] Could not load neutron_fwaas.db.firewall.v2.firewall_db_v2.Firewall_db_mixin" but I can't figure out why that warning is getting thrown. | 21:07 |
| SridarK | njohnston: seems like some attribute may be getting mismatched | 21:07 |
| SridarK | njohnston: hmm could be | 21:07 |
| SridarK | njohnston: funny, i tested this on devstack | 21:08 |
| SridarK | but looks all other tests are good | 21:08 |
| njohnston | Well, that's the only unit test I have implemented so far. :-) | 21:09 |
| SridarK | so other resources are happy | 21:09 |
| SridarK | oh ok | 21:09 |
| SridarK | could u quickly recast the UT to check for firewall rule | 21:09 |
| SridarK | i am working on the policy update method | 21:10 |
| SridarK | once i get that done, let me spin up the UT as well | 21:10 |
| njohnston | ok, sure thing | 21:10 |
| SridarK | i try to test first on a devstack env | 21:10 |
| SridarK | njohnston: i will also debug the test failure in a bit - after i get this current thing done | 21:16 |
| mfranc213 | ping SridarK | 21:34 |
| SridarK | mfranc213: hi | 21:35 |
| mfranc213 | hello. i hope to get your advice. | 21:35 |
| SridarK | mfranc213: sure pls go ahead | 21:35 |
| mfranc213 | i have everything done and working and i could push the next ps up. but i also found some things i could clean up, along the lines of some of | 21:36 |
| mfranc213 | chandanc's comments on the changeset. | 21:36 |
| mfranc213 | one sec | 21:37 |
| mfranc213 | need to answer the door... | 21:37 |
| mfranc213 | sorry. back | 21:37 |
| mfranc213 | i've made all these other changes, but the risk of them of course is higher at this later date. | 21:38 |
| mfranc213 | do you have an opinion on how i should move forward? i could issue a PS now, and then a second one that we could roll back if you would like, for instance. | 21:38 |
| mfranc213 | i hope this made sense; my daughter was knocking on the door the whole time i was writing this. | 21:39 |
| SridarK | mfranc213: are the changes mainly on the tuple to pass in to the driver ? | 21:39 |
| mfranc213 | no. they are code clean-up, primarily. | 21:40 |
| mfranc213 | let me clarify: | 21:40 |
| mfranc213 | the PS that i have ready to go has updated the tuple sent to the driver, in the way we discussed. that's the first PS. | 21:41 |
| mfranc213 | the second one (yet to be committed in my local repo) is code clean-up stuff. | 21:41 |
| SridarK | mfranc213: sorry work interrupt | 21:44 |
| SridarK | back | 21:44 |
| mfranc213 | :) | 21:44 |
| SridarK | mfranc213: it was my boss :-) | 21:45 |
| mfranc213 | gotta talk to her/him!! | 21:45 |
| SridarK | yes exactly :-) | 21:45 |
| SridarK | mfranc213: sorry lost context, yes the first PS is good | 21:45 |
| SridarK | mfranc213: pls go ahead with the cleanup PS too | 21:45 |
| SridarK | mfranc213: i am sure we will have more iterations with the UT etc | 21:46 |
| mfranc213 | okay, thank you. should i workflow -1 this next PS (the first one)? | 21:46 |
| SridarK | we can always roll back if he hit some issues | 21:46 |
| SridarK | mfranc213: no need to workflow -1 | 21:47 |
| SridarK | i think u have enough things there that folks can review | 21:47 |
| mfranc213 | okay. thank you very much for your help. | 21:47 |
| SridarK | u could have TODO's where necessary | 21:47 |
| mfranc213 | good. makes sense. thank you Sridar. | 21:48 |
| SridarK | mfranc213: thx a lot | 21:48 |
| *** yamamoto has joined #openstack-fwaas | 22:11 | |
| *** yamamoto has quit IRC | 22:20 | |
| *** yamamoto has joined #openstack-fwaas | 22:31 | |
| *** yamamoto has quit IRC | 22:33 | |
| *** SridarK has quit IRC | 22:43 | |
| *** yamamoto has joined #openstack-fwaas | 22:47 | |
| *** yamamoto has quit IRC | 22:54 | |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!