Thursday, 2017-01-19

*** hoangcx has joined #openstack-fwaas		00:50
*** yamamoto_ has joined #openstack-fwaas		01:10
*** yamamoto_ has quit IRC		01:12
*** yamamoto_ has joined #openstack-fwaas		01:13
*** yamamoto_ has quit IRC		01:23
*** yamamoto_ has joined #openstack-fwaas		01:27
*** yamamoto_ has quit IRC		01:29
*** yamamoto_ has joined #openstack-fwaas		01:31
*** TuHV has joined #openstack-fwaas		01:33
*** yamamoto_ has quit IRC		01:34
*** yamamoto_ has joined #openstack-fwaas		01:38
*** yamamoto_ has quit IRC		01:49
*** yamamoto_ has joined #openstack-fwaas		01:51
*** yamamoto_ has quit IRC		01:57
*** yamamoto_ has joined #openstack-fwaas		01:58
*** yamamoto_ has quit IRC		02:09
*** yamamoto_ has joined #openstack-fwaas		02:10
*** yamamoto_ has quit IRC		02:24
*** yamamoto_ has joined #openstack-fwaas		02:25
*** TuHV has quit IRC		02:32
*** hoangcx_ has joined #openstack-fwaas		02:38
*** Aju has joined #openstack-fwaas		02:40
*** hoangcx has quit IRC		02:41
*** afranc has quit IRC		02:41
*** yamamoto_ has quit IRC		03:01
*** yamamoto_ has joined #openstack-fwaas		03:02
*** yamamot__ has joined #openstack-fwaas		03:58
*** yamamoto_ has quit IRC		04:01
*** TuHV has joined #openstack-fwaas		04:24
*** yushiro has joined #openstack-fwaas		04:59
*** TuHV has quit IRC		05:18
*** chandanc_ has joined #openstack-fwaas		05:56
chandanc_	Hello SridarK	05:56
chandanc_	I was able to make some progress on the UTs yesterday, but still not completed	05:57
chandanc_	will send a mail to the team with the details if anyone wnats to test with fwaas v1	05:58
*** TuHV has joined #openstack-fwaas		06:04
reedip	yushiro : ping	06:14
yushiro	reedip, ping pong	06:14
reedip	yushiro : I am unable to run openstack FWaaS CLI commands	06:14
reedip	I checked out the latest neutronclient and openstackclient and ran devstack	06:14
reedip	wanted to solve this : https://bugs.launchpad.net/neutron/+bug/1657377	06:15
openstack	Launchpad bug 1657377 in neutron "FWaaS - message of FirewallGroupPortInvalidProject should be fixed" [Undecided,New] - Assigned to Reedip (reedip-banerjee)	06:15
yushiro	reedip, cool!	06:15
yushiro	reedip, Thank you for asignning this bug.	06:16
reedip	yushiro : how to run openstack fwaas client?	06:16
yushiro	reedip, Just a 10 seconds	06:16
yushiro	reedip, Please refer Command usage(Preconfiguration) and Command usage as follows: https://etherpad.openstack.org/p/fwaas-v2-l2-agent	06:17
yushiro	reedip, Current OSC plugin for fwaas has some bugs, so you need to apply 1 patchset.	06:18
reedip	yushiro : I can run this with API calls as well, right ?	06:18
reedip	that would avoid this headache ?? :)	06:18
yushiro	reedip, Yes right. CLI is more easy to execute I think :)	06:19
yushiro	https://etherpad.openstack.org/p/fwaas-v2-l2-agent you can see REST API call in "Procedure" section.	06:19
yushiro	reedip, Maybe I misunderstand what you say. Please correct me if I was wrong :)	06:20
reedip	yushiro : let me try the API call, my devstack just completed !	06:21
yushiro	reedip, I see.	06:21
*** yushiro is now known as yushiro_afk		06:21
reedip	yushiro : got it,	06:22
reedip	curl -i -X GET -H "x-auth-token:$TOKEN" 10.0.4.186:9696/v2.0/fwaas/firewall_groups.json	06:22
reedip	HTTP/1.1 200 OK	06:22
reedip	Content-Type: application/json	06:22
reedip	Content-Length: 23	06:22
reedip	X-Openstack-Request-Id: req-5683a7dd-55ee-4899-a50d-92130a84f487	06:22
reedip	Date: Thu, 19 Jan 2017 06:22:16 GMT	06:22
reedip	found an error in etherpad	06:23
*** amotoki has quit IRC		06:28
*** amotoki has joined #openstack-fwaas		06:28
reedip	yushiro : I didnt get the error that you reported in the above bug	06:35
reedip	I created a Firewall Rule, Firewall Policy of Admin User	06:35
reedip	I created a Firewall Group with NO Ports of Admin User	06:35
reedip	I then created a normal port of demo user	06:35
reedip	and then Updated Firewall Group with the demo user port	06:35
reedip	curl -X PUT -H "x-auth-token:$TOKEN" -H "content-type:application/json" -d '{"firewall_group":{"ports":["76995e52-5b34-4f1b-9866-e333b668e53d"]}}' 10.0.4.186:9696/v2.0/fwaas/firewall_groups/016ab240-cf1c-4ce3-a715-28250c7834bf	06:36
reedip	{"NeutronError": {"message": "Firewall Group Port 76995e52-5b34-4f1b-9866-e333b668e53d is invalid", "type": "FirewallGroupPortInvalid", "detail": ""}}[outofmemory@localhost devstack]$	06:36
reedip	I even tried it with DEMO USER after creating a router, adding the port as an interface to the router and then updating firewall group with the port	06:42
reedip	.	06:42
reedip	neutron port-update `neutron port-list \| grep 192.168.100.2 \| get_field 1` --name target_l3	06:42
reedip	neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.	06:42
reedip	neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.	06:42
reedip	Updated port: 578e1bfc-ea03-4c5d-a653-448c13343486	06:42
reedip	[outofmemory@localhost devstack]$ source openrc admin admin	06:42
reedip	WARNING: setting legacy OS_TENANT_NAME to support cli tools.	06:42
reedip	[outofmemory@localhost devstack]$ curl -X PUT -H "x-auth-token:$TOKEN" -H "content-type:application/json" -d '{"firewall_group":{"ports":["578e1bfc-ea03-4c5d-a653-448c13343486"]}}' 10.0.4.186:9696/v2.0/fwaas/firewall_groups/016ab240-cf1c-4ce3-a715-28250c7834bf	06:42
reedip	{"NeutronError": {"message": "Firewall Group Port 578e1bfc-ea03-4c5d-a653-448c13343486 is invalid", "type": "FirewallGroupPortInvalid", "detail": ""}}	06:42
*** yushiro_afk is now known as yushiro		06:51
yushiro	reedip, oh, really. Please check your messages.	06:52
reedip	yushiro : messages ??	06:53
yushiro	reedip, sorry. not message but IRC log.	06:53
reedip	yushiro : I am checking my IRC log, cant find the invalid project error	06:53
*** hoangcx_ has quit IRC		06:56
yushiro	hmm, I think you don't update $TOKEN when you changed 'admin' by source openrc admin admin	07:01
yushiro	3. Update firewall_group with 'ports' attribute	07:01
yushiro	In my launchpad	07:01
yushiro	It looks the last your curl request still uses 'demo' users $TOKEN.	07:04
reedip	hmm.. ok, let me try it again.	07:05
*** hoangcx has joined #openstack-fwaas		07:22
*** TuHV has quit IRC		07:29
yushiro	reedip, I've updated [how to reproduce] section. https://bugs.launchpad.net/neutron/+bug/1657377	07:54
openstack	Launchpad bug 1657377 in neutron "FWaaS - message of FirewallGroupPortInvalidProject should be fixed" [Undecided,New] - Assigned to Reedip (reedip-banerjee)	07:54
*** hoangcx_ has joined #openstack-fwaas		08:01
*** hoangcx has quit IRC		08:03
*** padkrish has joined #openstack-fwaas		08:14
*** TuHV has joined #openstack-fwaas		08:15
reedip	yushiro : I changed it a bit	08:17
yushiro	Thanks.	08:24
reedip	Yushiro : Nope	08:25
reedip	I tried it that way as well	08:25
reedip	curl -X PUT -H "x-auth-token:$TOKEN" -H "content-type:application/json" -d '{"firewall_group":{"ports":["84955818-0fb4-4039-a0c2-73e6eaddbac2"]}}' localhost:9696/v2.0/fwaas/firewall_groups/1377ed40-2431-4842-bc60-32b1912ca537	08:26
reedip	{"NeutronError": {"message": "Firewall Group 84955818-0fb4-4039-a0c2-73e6eaddbac2 in invalid Project", "type": "FirewallGroupPortInvalidProject", "detail": ""}}	08:26
reedip	Oh . got it :)	08:26
reedip	sorry	08:26
reedip	:D	08:26
yushiro	Aha, same situation reproduced, right?	08:27
*** hoangcx_ is now known as hoangcx		08:45
reedip	yushiro : yeah, its a simple issue, just the message	08:48
yushiro	Yes. fruits :)	08:49
reedip	yushiro : https://review.openstack.org/422480	09:00
yushiro	reedip, Which do you like better, "Port <port-id> in invalid Project" or "Firewall Group Port <port-id> in invalid Project"?	09:08
yushiro	reedip, TBH, I'm missing English review skill...	09:09
reedip	I dont think writing Firewall Group is necessary but thats my take	09:19
yushiro	reedip, I think 'Port' is enough to understand. :)	09:20
reedip	yushiro : lets see what others have to say	09:21
yushiro	Yes, needs other reviews.	09:21
reedip	:)	09:23
*** padkrish has quit IRC		09:25
yushiro	ping chandanc_	09:43
*** yamamot__ has quit IRC		09:44
*** mickeys has quit IRC		09:52
*** hoangcx has quit IRC		10:07
*** yamamoto has joined #openstack-fwaas		10:25
*** yamamoto has quit IRC		10:30
*** yamamoto has joined #openstack-fwaas		10:32
*** yamamoto has quit IRC		10:32
*** TuHV has quit IRC		10:38
*** mickeys has joined #openstack-fwaas		10:53
*** yamamoto has joined #openstack-fwaas		10:54
*** yamamoto has quit IRC		10:54
*** mickeys has quit IRC		10:59
*** chandanc_ has quit IRC		11:05
*** yushiro has quit IRC		11:06
*** yushiro has joined #openstack-fwaas		11:29
*** yamamoto has joined #openstack-fwaas		11:31
*** mickeys has joined #openstack-fwaas		11:55
*** mickeys has quit IRC		12:00
*** yushiro has quit IRC		12:21
*** mickeys has joined #openstack-fwaas		12:56
*** chandanc_ has joined #openstack-fwaas		13:00
*** mickeys has quit IRC		13:00
*** chandanc_ has quit IRC		13:02
*** mickeys has joined #openstack-fwaas		13:57
*** mickeys has quit IRC		14:01
*** reedip_ has joined #openstack-fwaas		14:26
xgerman	njohnston wonder what you think about https://review.openstack.org/#/c/422480/1/neutron_fwaas/extensions/firewall_v2.py	15:34
xgerman	or SridarK —	15:35
xgerman	I don't feel that strongly but would like your opinion…	15:36
reedip_	anything would do actually :P	16:44
reedip_	btw hi xgerman :)	16:44
xgerman	yeah, I don’t like forcing the user into a second step if we can avoid it but I am also not. a user ;-)	16:45
reedip_	xgerman : Yes, I understand that it is simpler to inform the user. But we would be providing the Project ID	16:47
reedip_	I mean , if there is a mismatch between the port and the firewall Project IDs, we would only inform the user ( considering your comment) , the project ID of the port	16:47
reedip_	The User would still have to run a command to know which project ID belongs to which project	16:48
reedip_	isnt it ?	16:48
reedip_	I mean, I cant remember the project IDs of the 5 projects created by devstack, wonder what would happen if a user has more than 10 projects :)	16:49
xgerman	he would need a spreadhsheet which most IT shops have	16:49
xgerman	but I understand your pint	16:50
xgerman	point	16:50
reedip_	even if u understand the pint , it works :P ( I am in need of a pint now )	16:50
xgerman	well, I won’t run UX testing and my colleagues didn’t weight in… will +2/+A it	16:51
njohnston	I am fine with it also, it is a little friendlier. If I am an operator or user and I think it should be fine, it gives a little more visibility into why the error occurred in the first place.	16:51
reedip_	so, should I add the project ID ?	16:53
xgerman	If you don’t mind	16:53
reedip_	xgerman : naah, but I will do it tomorrow morning .. m sleepy right now !	16:53
reedip_	if thats ok ?	16:53
reedip_	:)	16:53
xgerman	absolutely… you can ping me in channel if I didn’t give you a +2 in the morning (my morning)	16:54
reedip_	Sure :)	16:54
*** mickeys has joined #openstack-fwaas		17:24
*** SridarK has quit IRC		17:56
*** SumitNaiksatam has joined #openstack-fwaas		17:57
*** reedip_ has quit IRC		18:00
*** yamamoto has quit IRC		18:36
*** SumitNaiksatam has quit IRC		18:50
*** SumitNaiksatam has joined #openstack-fwaas		19:23
*** SumitNaiksatam has left #openstack-fwaas		19:25
*** yamamoto has joined #openstack-fwaas		19:36
*** yamamoto has quit IRC		19:43
*** SridarK has joined #openstack-fwaas		20:30
*** SridarK has quit IRC		22:45
*** amotoki has quit IRC		23:22
*** mickeys has quit IRC		23:44
*** yushiro has joined #openstack-fwaas		23:53
*** mickeys has joined #openstack-fwaas		23:58

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!