Thursday, 2018-01-11

*** yamamoto has quit IRC		00:24
*** yamamoto has joined #openstack-fwaas		00:27
*** yamamoto has quit IRC		00:39
*** threestrands has quit IRC		01:03
*** yamamoto has joined #openstack-fwaas		01:39
*** yamamoto has quit IRC		01:47
*** annp has joined #openstack-fwaas		02:11
*** yamamoto has joined #openstack-fwaas		02:19
*** threestrands has joined #openstack-fwaas		02:47
*** yamamoto_ has joined #openstack-fwaas		03:12
*** yamamoto has quit IRC		03:16
*** annp has quit IRC		06:38
*** yamamoto has joined #openstack-fwaas		06:45
*** yamamoto_ has quit IRC		06:49
*** threestrands has quit IRC		07:00
*** threestrands has joined #openstack-fwaas		07:01
*** threestrands has quit IRC		07:01
*** threestrands has joined #openstack-fwaas		07:01
*** threestrands has quit IRC		07:02
*** threestrands has joined #openstack-fwaas		07:03
*** threestrands has quit IRC		07:03
*** threestrands has joined #openstack-fwaas		07:03
*** threestrands has quit IRC		07:04
*** threestrands has joined #openstack-fwaas		07:04
*** jafeha__ is now known as jafeha		07:23
*** reedip has quit IRC		07:34
*** reedip has joined #openstack-fwaas		07:47
*** annp has joined #openstack-fwaas		08:01
*** AlexeyAbashkin has joined #openstack-fwaas		08:08
*** threestrands has quit IRC		08:08
*** reedip has quit IRC		08:34
*** reedip has joined #openstack-fwaas		08:46
*** chandanc has joined #openstack-fwaas		09:15
chandanc	hello annp	09:15
chandanc	i am seeing the following in a co-existance setup	09:15
chandanc	cookie=0xb23259d96259d97f, duration=63946.011s, table=91, n_packets=1515, n_bytes=166194, idle_age=76, priority=1 actions=NORMAL	09:15
chandanc	cookie=0xb23259d96259d97f, duration=63946.002s, table=92, n_packets=1247, n_bytes=124056, idle_age=1, priority=0 actions=drop	09:15
chandanc	cookie=0xb23259d96259d97f, duration=63945.993s, table=93, n_packets=2, n_bytes=180, idle_age=63762, priority=0 actions=drop	09:15
chandanc	i think table 92 should be NORMAL action	09:16
chandanc	ref: https://review.openstack.org/#/c/526488/	09:17
*** openstackgerrit has joined #openstack-fwaas		10:08
openstackgerrit	Cuong Nguyen proposed openstack/neutron-fwaas master: [WIP] Add log validator for FWaaS side https://review.openstack.org/532792	10:08
*** AlexeyAbashkin has quit IRC		11:06
*** chandanc has quit IRC		11:16
*** AlexeyAbashkin has joined #openstack-fwaas		11:25
*** yamamoto has quit IRC		12:01
*** yamamoto has joined #openstack-fwaas		12:01
annp	chandanc, Let's discuss on today meeting. I have to go home, now. :) See you later.	12:03
*** annp has quit IRC		12:05
*** chandanc has joined #openstack-fwaas		12:46
*** chandanc has quit IRC		13:00
*** hoangcx_ has joined #openstack-fwaas		13:01
*** chandanc has joined #openstack-fwaas		13:02
*** chandanc has quit IRC		13:05
*** yushiro has joined #openstack-fwaas		13:58
*** annp has joined #openstack-fwaas		13:58
*** SridarK has joined #openstack-fwaas		13:59
xgerman_	o/	14:00
yushiro	Hi fwaas folks!	14:00
annp	hi	14:00
yushiro	#startmeeting fwaas	14:00
openstack	Meeting started Thu Jan 11 14:00:42 2018 UTC and is due to finish in 60 minutes. The chair is yushiro. Information about MeetBot at http://wiki.debian.org/MeetBot.	14:00
openstack	Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.	14:00
*** openstack changes topic to " (Meeting topic: fwaas)"		14:00
openstack	The meeting name has been set to 'fwaas'	14:00
yushiro	#chair SridarK yushiro xgerman_	14:00
openstack	Current chairs: SridarK xgerman_ yushiro	14:00
SridarK	Hi FWaaS folks	14:01
yushiro	Hi SridarK. How are you? Is it fine?	14:01
SridarK	yushiro: ah thank u - much better today	14:02
SridarK	many thx for the enquiry	14:02
yushiro	SridarK, That's good :)	14:02
xgerman_	+1	14:02
SridarK	yushiro: would u or xgerman_ run the mtg today	14:02
xgerman_	I ran last time — yushiro?	14:03
yushiro	Yes, sure :)	14:03
xgerman_	thx	14:03
yushiro	OK, let's start	14:03
yushiro	#topic Queens	14:03
*** openstack changes topic to "Queens (Meeting topic: fwaas)"		14:03
xgerman_	everybody remmeber to vote this week in the board elections…	14:03
yushiro	xgerman_, +1 Thanks for your announcement.	14:04
SridarK	+1	14:04
xgerman_	2 weeks until Q-3/code-freeze	14:04
annp	+1	14:05
xgerman_	and OpenStack will stick with 6 month cycles for now	14:05
yushiro	Yes.	14:05
annp	:)	14:05
xgerman_	http://lists.openstack.org/pipermail/openstack-dev/2018-January/126080.html	14:05
SridarK	This is always a short cycle with the winter break	14:05
*** chandanc has joined #openstack-fwaas		14:06
yushiro	Yes, it's seasonal characteristic..	14:06
chandanc	Hello All	14:06
yushiro	chandanc, Hi!	14:07
chandanc	sorry, i am late	14:07
annp	chandanc hi	14:07
yushiro	chandanc, NP :)	14:07
chandanc	hello annp yushiro	14:07
yushiro	OK, anything announcement?	14:07
yushiro	OK, go on the current topic(Q-3)	14:08
xgerman_	yep	14:08
yushiro	As xgerman_ said, we have only 1 week a little.	14:08
yushiro	until feature freeze.	14:09
yushiro	So, I'd like to determine some patches to focus on.	14:10
SridarK	at least all the L2 support patches are in	14:10
xgerman_	+1	14:10
chandanc	ya	14:10
yushiro	agree	14:10
yushiro	#link https://review.openstack.org/#/c/475183 - Add configurable option for default_fwg association	14:11
annp	+1	14:11
yushiro	In addition, in neutron side, security-group logging feature has totally been merged(now pending for zuul job)	14:12
xgerman_	sweet	14:13
yushiro	In order to use SG + SG-logging + FWaaS v2 correctly, we need to add following patch.	14:13
yushiro	#link https://review.openstack.org/#/c/530450/	14:13
annp	yeah	14:13
SridarK	nice	14:13
yushiro	Therefore, for fwaas v2 with L2 perspective, we need to merge above 2 patches I think.	14:14
chandanc	ok	14:14
xgerman_	ok	14:14
SridarK	ok got it	14:15
chandanc	annp i had a doubt about the tables	14:15
yushiro	So, chandanc , I need your help for reviewing https://review.openstack.org/#/c/530450/ if possible :)	14:15
chandanc	yushiro: sure	14:15
yushiro	chandanc, thanks :)	14:15
chandanc	as i mentioned earlier in IRC can you please explain the drop action	14:16
chandanc	no pb	14:16
chandanc	i mean	14:16
chandanc	chandanc: cookie=0xb23259d96259d97f, duration=63946.011s, table=91, n_packets=1515, n_bytes=166194, idle_age=76, priority=1 actions=NORMAL	14:16
chandanc	[2:45pm] chandanc: cookie=0xb23259d96259d97f, duration=63946.002s, table=92, n_packets=1247, n_bytes=124056, idle_age=1, priority=0 actions=drop	14:16
chandanc	[2:45pm] chandanc: cookie=0xb23259d96259d97f, duration=63945.993s, table=93, n_packets=2, n_bytes=180, idle_age=63762, priority=0 actions=drop	14:16
chandanc	[2:46pm] chandanc: i think table 92 should be NORMAL action	14:16
*** annp has quit IRC		14:17
chandanc	ok i will discuss with annp to understand the above, feel free to move on	14:18
xgerman_	k	14:18
yushiro	chandanc, oops, OK, I see.	14:18
chandanc	yushiro no pb	14:18
yushiro	currently, doude has posted pluggable driver patch.	14:19
yushiro	#link https://review.openstack.org/#/c/480265/ - Implements a plugable backend driver	14:19
yushiro	I think it's worth to merge until Queens because it's a big change in 1 patch. SridarK and xgerman_ , how do you think about it?	14:20
chandanc	big one	14:21
*** annp has joined #openstack-fwaas		14:21
SridarK	yushiro: yes it is significant change	14:21
xgerman_	doude has been working on it for a while so if we get it in would be good	14:21
SridarK	lets keep the review going	14:21
xgerman_	but I think L2 support has precedence	14:22
SridarK	xgerman_: +1	14:22
yushiro	SridarK, xgerman_ +1	14:22
annp	sorry my connection is lost. :(	14:22
chandanc	doe it open up fwaas for vendors ?	14:22
SridarK	worst case - we will get it in first thing next cycle	14:23
yushiro	OK, the priority is 1. L2 remaining patches 2. plugable backend driver	14:23
SridarK	chandanc: I am not sure that it is a requirement for vendors - it will make things easier	14:23
chandanc	SridarK: ok, will be interesting, will go through the patch	14:24
yushiro	chandanc, In my understanting, there is some usecase not to refer DB layer in FWaaS for some vendors.	14:24
chandanc	yushiro: ok	14:25
xgerman_	yeah, if we can avoid vendors not accessing DB directly wiuld be good	14:25
chandanc	agree	14:25
SridarK	+1	14:26
SridarK	also some cleanup on commit hooks	14:26
yushiro	annp, So, could you help for https://review.openstack.org/#/c/475183	14:26
annp	yushiro, yes, I can help :)	14:27
yushiro	Tomorrow, I don't have bandwidth for it due to some powerpoint creation.... :(	14:27
annp	yushiro, I will do that for you tomorrow. :)	14:27
yushiro	Anyway :)	14:27
doude	Hi there	14:27
yushiro	annp, thanks	14:28
doude	sorry I'm late (again)	14:28
xgerman_	+1	14:28
annp	chandanc, sorry my connection is lost.	14:28
chandanc	no pb	14:28
doude	my patch looks big but it's essentially code re-organization	14:28
yushiro	Hi doude , NP. We just talked your patch. Thanks for your update :)	14:28
chandanc	can you please explain the drop action	14:28
annp	chandanc, please see there https://review.openstack.org/#/c/526488/1/neutron/agent/linux/openvswitch_firewall/firewall.py@447	14:29
chandanc	oh ok	14:29
chandanc	:)	14:29
yushiro	doude, I know. I think it's difficult to split any patches. That's why you pushed in 1 patch I think.	14:29
doude	yes yushiro	14:30
annp	chandanc, :)	14:30
doude	the in	14:30
doude	the only code I added is the code for the driver interface https://review.openstack.org/#/c/480265/9/neutron_fwaas/services/firewall/service_drivers/driver_api.py	14:30
doude	anything else is existing code I moved	14:30
yushiro	Yes, we'll keep on reviewing your patch and will try to merge it until Q-3 after merged L2 remaining patches.	14:32
SridarK	+1	14:32
yushiro	L2 remaining patches are only 2. 1st: https://review.openstack.org/#/c/475183 2nd: https://review.openstack.org/#/c/530450/	14:33
yushiro	doude, Therefore, it will be great if you can help these patches with us :)	14:33
yushiro	s/help/help reviewing	14:33
annp	yushrio, that means remote fwg will be do in Rocky, right?	14:34
doude	can I help you on that l2 patches?	14:34
doude	sure I'll try yushiro	14:35
xgerman_	annp I still have hope	14:35
xgerman_	but getting neutron to merge neutron_lib patch is like pulling teeth	14:35
yushiro	annp, Hmm, hopefully I'd like to merge.	14:35
yushiro	doude, +100	14:35
annp	xgerman_, I can propose the patch for that in next week. But I'm afraid we don't have enough time for review	14:36
yushiro	annp, However, it is challenging	14:36
annp	But I will try best :)	14:36
yushiro	annp, great :)	14:36
xgerman_	+1	14:37
yushiro	OK, let's move on	14:37
yushiro	#topic Horizon support	14:37
*** openstack changes topic to "Horizon support (Meeting topic: fwaas)"		14:37
xgerman_	one more Q-3 thing: https://review.openstack.org/#/c/470912/33	14:38
xgerman_	came to my attention this week — confused if we still need that…	14:38
yushiro	xgerman_, wow, thanks.	14:38
yushiro	hoangcx, ping	14:39
xgerman_	yeah, I think with OVS this is obsolete but…	14:39
hoangcx_	xgerman_: that is for sg in neutron side	14:40
yushiro	annp, I think it's for netlink for SG, right?	14:40
hoangcx_	for fwaas annp has a patch for that. AFAIR	14:40
yushiro	s/annp/hoangcx	14:40
annp	:)	14:40
annp	https://review.openstack.org/#/c/527044/	14:41
annp	xgerman_ Is this patch?	14:41
xgerman_	this is our path, yes	14:42
yushiro	OK, this patch is also necessary.	14:42
xgerman_	+1	14:42
hoangcx_	annp: is the patch for both v1 and v2 OR v1 only?	14:42
annp	for both of them	14:42
yushiro	yup	14:42
hoangcx_	great :)	14:43
hoangcx_	xgerman_: I think it is safe to land the patch	14:43
yushiro	OK, I'll update etherpad for reviewing during Q-3.	14:44
hoangcx_	xgerman_: because in fwaas we have configuration option to switch each other	14:44
xgerman_	ok, thanks	14:44
hoangcx_	xgerman_: but it is not in sg in neutron	14:44
yushiro	+1 FWaaS is configurable to use netlink or not.	14:45
hoangcx_	yushiro: right!	14:45
yushiro	hoangcx_, will review it.	14:45
xgerman_	+1	14:45
yushiro	so... Sarath is planning to update: https://docs.google.com/document/d/1yKreFzwHsp-TMhB1xDH-EhGHBTGawFAaG1x6ukGJUK4/edit?usp=sharing	14:45
annp	+1	14:46
yushiro	Today, Sarath is not here but we can put on comment into above google doc.	14:46
yushiro	#topic Stadium Compliance	14:47
*** openstack changes topic to "Stadium Compliance (Meeting topic: fwaas)"		14:47
yushiro	Is there any update ?	14:48
yushiro	reedip, here?	14:48
xgerman_	don’t think so - all tempest/zuul stuff we punted to Rocky	14:48
yushiro	xgerman_, Aha, OK.	14:49
xgerman_	that’s my impression	14:49
yushiro	xgerman_, ya, my point of view, there is no update in these days either.	14:50
yushiro	#topic Open Discussion	14:50
*** openstack changes topic to "Open Discussion (Meeting topic: fwaas)"		14:50
xgerman_	we should make that a topic for PTG planning	14:50
yushiro	Yes, I'd like to talk about it too :)	14:50
xgerman_	:-)	14:50
yushiro	Are you guys going to attend dublin PTG? It's OK to join virtual meeting :)	14:51
xgerman_	will be there	14:51
yushiro	xgerman_, great	14:51
xgerman_	With all the L2 patches we will need to do some documentation + maybe some video	14:51
yushiro	I'll be there too.	14:52
xgerman_	chandanc: volunteered for making a demo video ;-)	14:52
chandanc	ya, will get to it during the weekend	14:52
xgerman_	sweet!!	14:52
yushiro	chandanc, perfect	14:52
xgerman_	I need to figure out how we can promote it on superuser ;-)	14:53
SridarK	:-)	14:53
yushiro	SridarK, How about you about dublin PTG ?	14:53
chandanc	BTW xgerman_ i thing the SG issue that you mentioned might be coming from the layers above driver	14:53
SridarK	No i cannot make PTG	14:53
xgerman_	:-(	14:53
SridarK	yushiro: will u make it ?	14:53
chandanc	i saw the same behavor for iptables driver as well	14:53
yushiro	Yes, I will be there (maybe)	14:54
xgerman_	chandanc: yes, I think keeping our explicit behavior makes sense	14:54
yushiro	So, we can communicate in skype or webEX during PTG.	14:54
xgerman_	+1	14:55
SridarK	so maybe atleast xgerman_ and possibly yushiro will be there	14:55
chandanc	xgerman_: +1	14:55
SridarK	yes we can do something virtual	14:55
chandanc	+2	14:55
xgerman_	in the past wifi was questionable so wish us luck	14:56
SridarK	oh yes	14:56
yushiro	I'll have portable wi-fi.	14:56
annp	SridarK +1	14:56
chandanc	:)	14:56
yushiro	for redundancy :)	14:56
chandanc	awesome	14:56
SridarK	we can also do a quick sync up before the PTG	14:56
annp	great yushiro :)	14:56
xgerman_	SridarK: +1	14:57
yushiro	SridarK, +1	14:57
annp	+1	14:57
chandanc	yushiro failover mode or load balancing mode :)	14:57
annp	:)	14:58
SridarK	:-)	14:58
yushiro	chandanc, I hope active-active :)	14:58
yushiro	haha	14:58
xgerman_	lol	14:58
chandanc	cool :)	14:58
yushiro	Maybe dublin is cold but we're 'Firewall'. I think it's a little warm.	14:58
SridarK	:-)	14:59
xgerman_	:-)	14:59
chandanc	sure	14:59
annp	:)	14:59
yushiro	So, let's do our best in Q-3!!	14:59
SridarK	+1	14:59
annp	+1	14:59
yushiro	#endmeeting	15:00
*** openstack changes topic to "Queens (Meeting topic: fwaas)"		15:00
openstack	Meeting ended Thu Jan 11 15:00:00 2018 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)	15:00
SridarK	Ok thanks all for joining	15:00
openstack	Minutes: http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-01-11-14.00.html	15:00
openstack	Minutes (text): http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-01-11-14.00.txt	15:00
openstack	Log: http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-01-11-14.00.log.html	15:00
xgerman_	o/	15:00
annp	see you guys.	15:00
SridarK	bye all	15:00
yushiro	Thanks all!	15:00
yushiro	will update on etherpad..	15:00
annp	+1 yushiro	15:00
chandanc	annp yushiro can you be around for 5 mins	15:00
annp	yes	15:00
chandanc	i am was testing the OVS driver and I might have found a bug	15:01
chandanc	the change in driver seems to be small	15:01
yushiro	chandanc, sure	15:01
chandanc	will it be possible to make it part of the other ovs patch ?	15:02
chandanc	https://review.openstack.org/#/c/530450	15:02
annp	chandanc, of course, please propose that	15:02
chandanc	sure will do,	15:02
yushiro	yes, please :)	15:03
chandanc	thanks	15:03
yushiro	chandanc, ah, it's better to put -1 and put your comment.	15:03
yushiro	After that, plz update as you like :)	15:03
chandanc	ok sure	15:03
annp	yeah, +1	15:03
yushiro	Thanks chandanc	15:03
chandanc	thanks guys, catch you tomorrow	15:04
annp	thanks and see you tomorrow	15:04
annp	good night yushiro :)	15:04
chandanc	bye	15:04
*** chandanc has quit IRC		15:04
annp	Have a great day ahead, chandanc, xgerman, SridarK, doube	15:05
annp	bye bye	15:05
SridarK	annp: thx u too GN	15:05
*** annp has quit IRC		15:05
yushiro	good night	15:09
*** yushiro has quit IRC		15:09
*** hoangcx_ has quit IRC		15:12
*** mlavalle has joined #openstack-fwaas		15:18
*** cleong has joined #openstack-fwaas		15:20
*** yamamoto has quit IRC		15:37
*** yamamoto has joined #openstack-fwaas		15:38
*** yamamoto has quit IRC		15:43
*** mlavalle has quit IRC		16:14
*** AlexeyAbashkin has quit IRC		16:53
*** amotoki has quit IRC		17:24
-openstackstatus- NOTICE: Due to an unexpected issue with zuulv3.o.o, we were not able to preserve running jobs for a restart. As a result, you'll need to recheck your previous patchsets		17:46
*** yamamoto has joined #openstack-fwaas		18:00
*** yamamoto has quit IRC		18:04
*** SridarK has quit IRC		18:07
*** SumitNaiksatam has joined #openstack-fwaas		18:19
*** AlexeyAbashkin has joined #openstack-fwaas		18:20
*** AlexeyAbashkin has quit IRC		18:24
*** AlexeyAbashkin has joined #openstack-fwaas		18:57
*** AlexeyAbashkin has quit IRC		19:01
*** SumitNaiksatam has quit IRC		20:29
*** cleong has quit IRC		21:33
*** threestrands has joined #openstack-fwaas		21:58
*** threestrands has quit IRC		21:58
*** threestrands has joined #openstack-fwaas		21:58
*** threestrands has quit IRC		21:59
*** threestrands has joined #openstack-fwaas		21:59
*** threestrands has quit IRC		21:59
*** threestrands has joined #openstack-fwaas		21:59
*** threestrands has quit IRC		22:00
*** threestrands has joined #openstack-fwaas		22:01
*** threestrands has quit IRC		22:02
*** threestrands has joined #openstack-fwaas		22:02

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!