Thursday, 2018-03-29

« Wednesday, 2018-03-28 Index Friday, 2018-03-30 »
*** yamamoto has joined #openstack-fwaas00:02
*** yamamoto has quit IRC00:08
*** Swami has quit IRC00:09
*** yamamoto has joined #openstack-fwaas01:04
*** AlexeyAbashkin has joined #openstack-fwaas01:08
*** yamamoto has quit IRC01:09
*** AlexeyAbashkin has quit IRC01:13
*** yamamoto has joined #openstack-fwaas02:05
*** yamamoto has quit IRC02:11
*** yamamoto has joined #openstack-fwaas02:47
*** annp has quit IRC03:49
*** bbzhao has quit IRC03:50
*** bbzhao has joined #openstack-fwaas03:51
*** AlexeyAbashkin has joined #openstack-fwaas04:09
*** AlexeyAbashkin has quit IRC04:14
*** hoangcx has quit IRC04:25
*** hoangcx has joined #openstack-fwaas04:28
*** hoangcx has quit IRC04:50
*** hoangcx has joined #openstack-fwaas04:51
*** velizarx has joined #openstack-fwaas06:56
*** velizarx has quit IRC07:16
*** yamamoto has quit IRC07:22
*** yamamoto has joined #openstack-fwaas07:23
*** velizarx has joined #openstack-fwaas07:31
*** yamamoto_ has joined #openstack-fwaas07:32
*** yamamoto has quit IRC07:34
*** hoangcx has quit IRC07:46
*** hoangcx has joined #openstack-fwaas07:46
*** AlexeyAbashkin has joined #openstack-fwaas08:00
*** AlexeyAbashkin has quit IRC08:07
*** AlexeyAbashkin has joined #openstack-fwaas08:10
*** Alexey_Abashkin has joined #openstack-fwaas08:52
*** AlexeyAbashkin has quit IRC08:54
*** Alexey_Abashkin is now known as AlexeyAbashkin08:54
*** AlexeyAbashkin has quit IRC08:55
*** AlexeyAbashkin has joined #openstack-fwaas08:58
openstackgerritThomas Morin proposed openstack/neutron-fwaas master: remove unused plugin.get_plugin_name()  https://review.openstack.org/55766910:14
*** AlexeyAbashkin has quit IRC10:53
*** yamamoto has joined #openstack-fwaas11:01
*** yamamoto_ has quit IRC11:05
*** AlexeyAbashkin has joined #openstack-fwaas11:18
*** velizarx has quit IRC11:51
*** velizarx has joined #openstack-fwaas11:52
*** velizarx has quit IRC13:04
*** velizarx has joined #openstack-fwaas13:10
*** hoangcx_ has joined #openstack-fwaas13:24
*** SridarK has joined #openstack-fwaas13:59
SridarKHi FWaaS folks13:59
*** yushiro has joined #openstack-fwaas13:59
SridarK#startmeeting fwaas13:59
openstackMeeting started Thu Mar 29 13:59:39 2018 UTC and is due to finish in 60 minutes.  The chair is SridarK. Information about MeetBot at http://wiki.debian.org/MeetBot.13:59
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.13:59
*** openstack changes topic to " (Meeting topic: fwaas)"13:59
openstackThe meeting name has been set to 'fwaas'13:59
njohnstono/13:59
SridarK#chair xgerman_ yushiro13:59
openstackCurrent chairs: SridarK xgerman_ yushiro13:59
yushiroHi14:00
doudeo/14:00
SridarKhmm oh i think xgerman_ ur turn ?14:00
yushiroYes, but I heard that xgerman_ is PTO.  So, I will.14:00
SridarKhmm ok14:01
SridarKsurely go ahead yushiro14:01
yushiroOK,14:01
yushiro#topic announcements14:01
*** openstack changes topic to "announcements (Meeting topic: fwaas)"14:01
yushiroI have 1 suggestion for njohnston.  Would it be possible to help chair for fwaas weekly meeting?14:03
njohnstonSure!  I can help with that.14:03
yushironjohnston, Thank you so much!  I'll update the etherpad for chair round :)14:04
njohnstonThanks!14:04
SridarKyushiro: lets work thru this offline14:04
yushiroSridarK, OK.14:04
yushiroSo, anything else to announcement?14:04
yushiros/announcement/announce14:05
SridarKhmm nothing specific i can think off14:05
yushiroSridarK, OK, thanks.14:05
yushiro#topic Rocky14:05
*** openstack changes topic to "Rocky (Meeting topic: fwaas)"14:05
yushiro1. Pluggable backend driver https://review.openstack.org/#/c/480265/14:06
doudehi14:06
SridarKdoude: i am on it - a bit slow as i had to be out this week14:06
doudeI continued tests and I did not find any issue14:06
SridarKi will get u first round of comments early next week14:06
doudeok SridarK14:06
douderight14:07
SridarKdoude: are u tracking the testing ?14:07
yushirodoude, I'm watching your patch either.  Now, I'm trying to deploy devstack with your patch.14:07
doudeI used the etherpad14:07
doudeI can give you my local.conf14:07
SridarKdoude: can u pls put it somewhere and point us to it14:08
yushirodoude, Did you deploy multiple environment?  I mean 2 nodes(controller + compute)14:08
doudeno14:08
doudeall-in-one node14:08
yushiroI'll try to deploy 1.All-in-one and 2.multi-nodes14:08
doudecool14:08
SridarKyushiro: great - i think we defn want to cover the multinode14:09
yushirodoude, OK, so it will be great if you share your local.conf14:09
yushiroSridarK, Yees.  After deployed multi-node, I'll try to run basically fwaas feature.14:10
SridarKyushiro: +1 and lets exchange info on the etherpad14:10
doudehttps://etherpad.openstack.org/p/fwaas-pluggable-backend-testing14:10
yushirodoude, cool!14:11
*** annp has joined #openstack-fwaas14:11
yushirodoude, OK, I'll try to test in multi-node environment either.14:12
yushiroand will update the etherpad.14:12
yushiroIf all case has passed both All-in-one and multi-nodes, I'm OK to put +214:13
SridarKagreed14:13
yushirodoude, Could you please paste your local.conf into https://etherpad.openstack.org/p/fwaas-pluggable-backend-testing  ?14:13
doudehttp://paste.openstack.org/show/717910/14:14
doudemy local.conf14:14
SridarKdoude thx14:14
yushirodoude, Thanks!14:15
yushirohaha, I just opened link  (www.local.conf)  This is hyper link for your comment "my local.conf"14:16
yushiroOK, let's move on.14:16
yushiro2. [WIP] Adds remote firewall group: https://review.openstack.org/52120714:17
yushiroI think there is no update for this patch as of now.14:17
yushiroannp and I will follow.14:18
yushironext14:18
yushiro3. Logging for FWaaS(SPEC): https://review.openstack.org/#/c/509725/14:18
annp+114:18
SridarKi think on the Remote fwg - xgerman_ mentioned targetting R-214:18
SridarKbut sorry go ahead14:19
yushiroSridarK, Yes, R-2  is.14:19
yushiroI put some minor comments on this Spec.  hoangcx will update ASAP :)14:20
njohnstondoes that spec need to be refiled from specs/queens to specs/rocky?14:20
yushironjohnston, Ah, yes, correct14:20
yushirogood catch :)14:20
SridarKyushiro: and the plan is to target the implementation for R ?14:21
yushironjohnston, could you comment it on this spec as a reminder?14:21
njohnstonjust did :-)14:21
yushiroSridarK, Yes, will implement it R.  In Rocky cycle, I'll try to focus on L3 logging only.  I think it is possible to achieve...14:23
SridarKok that is good to stage it14:24
yushiroRocky: support L3 logging,  "S" cycle: support L2 logging14:24
yushiroOK, so forks please review the spec :)14:25
njohnstonWill do14:26
SridarK+114:26
yushironjohnston, THX!!14:26
yushiro4. policy-in-code: https://governance.openstack.org/tc/goals/queens/policy-in-code.html14:27
yushiroSorry I'm not sure current status.  Does anyone know about that?14:28
SridarKWill take a look14:29
yushiroSridarK, thanks14:30
yushiro#topic Horizon support14:32
*** openstack changes topic to "Horizon support (Meeting topic: fwaas)"14:32
yushiroToday, chandan and Sarath aren't here.14:32
SridarKyes not sure14:33
yushiroamotoki has pushed patch to remove 'mox': https://review.openstack.org/#/q/status:open+project:openstack/neutron-fwaas-dashboard+branch:master+topic:mox-removal14:33
SridarKSarathMekala said he will look thru some of the missing pieces and review14:33
SridarKlets wait on that14:33
yushiroSridarK, Sure.14:33
yushiroRegarding to Akihiro's patches, I just rebased and deploy devstack.  It worked and I think there is no pleblem.14:34
yushiroOK, let's move on.14:36
yushiro#topic bugs14:37
*** openstack changes topic to "bugs (Meeting topic: fwaas)"14:37
yushiroToday, I'd like to discuss about https://bugs.launchpad.net/neutron/+bug/175977314:37
openstackLaunchpad bug 1759773 in neutron "FWaaS: Invalid port error on associating L3 ports (Router in HA) to firewall group" [Undecided,Confirmed] - Assigned to Sridar Kandaswamy (skandasw)14:37
SridarKthx yushiro14:37
yushiroSridarK, plz go ahead.14:37
SridarKso have had discussion with the submitter14:37
SridarKand got some info from him which pointed to an issue on the validation code14:38
SridarKwe need to support HA configurations14:38
SridarKputting a fix as such is quite straightfwd but will need to think thru the implications of HA14:39
SridarKsomething we have not targetted till now14:39
SridarKi mean fixing the validation is easy14:39
SridarKbut need to consider HA implications14:40
SridarKwill look thru more and update14:40
SridarKonce we have an handle we can look at backport strategy14:40
SridarKthe customer is in Ocata (so no backport is possible) but is willing to look to move to Queens14:41
SridarKso they can get L2 support as well14:41
*** Swami has joined #openstack-fwaas14:41
SridarKok i am done14:41
yushiroSridarK, Thanks for your announcement!14:41
yushiroAs SridarK said, fix is so easy but need to verify with L3 HA environment.14:42
yushiroHere is definitions of device_owner for L3: https://github.com/openstack/neutron-lib/blob/master/neutron_lib/constants.py14:43
SridarKyushiro: +1 and we only validate basic Router interface14:43
yushiroWe are targetting to handle not only 'network:router_interface' but also 'network:router_ha_interface'14:43
SridarKonce the customer provided the port attributes - i could immediately see the issue on validation14:44
yushiro'network:ha_router_replicated_interface' is for keepalive interface b/w HA routers I think.14:45
SridarKI will propose a patch for fixing the validation - and we can discuss further14:45
yushiroSridarK, OK, thanks.14:46
yushiroSwami, Hi!  Thanks for backporting https://review.openstack.org/#/c/554294/14:47
SridarKSwami: yes thx for taking care of the long standing DVR related fix14:47
SridarKSwami: i think we had been out of sync with the ns changes14:48
SwamiSridarK: no problem14:51
Swamiyushiro: you are welcome14:51
yushiro:)14:51
yushiro#topic Open Discussion14:51
*** openstack changes topic to "Open Discussion (Meeting topic: fwaas)"14:51
yushirondefigueiredo is not here today..  He proposes stateless firewall: https://bugs.launchpad.net/neutron/+bug/175346614:53
openstackLaunchpad bug 1753466 in neutron "[RFE] Support stateless security groups" [Wishlist,Confirmed] - Assigned to Giel Dops (nuage.gieldops)14:53
SridarKyes not sure on the approach with another bp in relation to SG14:53
yushiroYes,,14:54
SridarKbut last time ndefigueiredo felt that his thought was more in line with fwaas14:54
yushiro+114:55
njohnstonIs there much left as far as moving to neutron-lib?14:57
SridarKnjohnston: I am not sure much happened after u left14:58
njohnstonOk, I may take a look14:58
SridarKnjohnston: but good point to do a scan, u had defnitely taken care of a lot of that14:59
yushironjohnston, I think this exception should move into neutron-lib :)  https://github.com/openstack/neutron-fwaas/blob/master/neutron_fwaas/common/exceptions.py14:59
njohnstonI’ll take a look, thanks yushiro!15:00
yushiroNP :)15:00
yushiroOh, this is our timelimit15:00
yushiro#endmeeting15:00
*** openstack changes topic to "Queens (Meeting topic: fwaas)"15:00
openstackMeeting ended Thu Mar 29 15:00:25 2018 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)15:00
openstackMinutes:        http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-03-29-13.59.html15:00
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-03-29-13.59.txt15:00
openstackLog:            http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-03-29-13.59.log.html15:00
SridarKthanks all for joining15:00
yushiroThanks guys!!  Good night :p15:00
*** yushiro has quit IRC15:04
*** hoangcx_ has quit IRC15:07
*** annp has quit IRC15:11
*** velizarx has quit IRC15:35
*** Swami has quit IRC15:56
*** yamamoto has quit IRC16:04
*** yamamoto has joined #openstack-fwaas16:07
openstackgerritMerged openstack/neutron-fwaas master: Fix devstack configuration for fwaas v2  https://review.openstack.org/52704016:22
*** yamamoto has quit IRC16:24
*** yamamoto has joined #openstack-fwaas16:29
*** yamamoto has quit IRC16:34
*** SridarK has quit IRC16:45
*** AlexeyAbashkin has quit IRC16:53
*** yamamoto has joined #openstack-fwaas17:30
*** yamamoto has quit IRC17:37
*** AlexeyAbashkin has joined #openstack-fwaas18:18
*** AlexeyAbashkin has quit IRC18:23
*** yamamoto has joined #openstack-fwaas18:33
*** yamamoto has quit IRC18:38
*** AlexeyAbashkin has joined #openstack-fwaas19:08
*** AlexeyAbashkin has quit IRC19:13
*** yamamoto has joined #openstack-fwaas19:35
*** yamamoto has quit IRC19:40
*** yamamoto has joined #openstack-fwaas20:37
*** yamamoto has quit IRC20:42
*** yamamoto has joined #openstack-fwaas21:38
*** yamamoto has quit IRC21:44
*** yamamoto has joined #openstack-fwaas22:40
*** yamamoto has quit IRC22:45
*** AlexeyAbashkin has joined #openstack-fwaas23:08
*** AlexeyAbashkin has quit IRC23:12
*** yamamoto has joined #openstack-fwaas23:41
*** yamamoto has quit IRC23:47
« Wednesday, 2018-03-28 Index Friday, 2018-03-30 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!