Thursday, 2018-04-26

« Wednesday, 2018-04-25 Index Friday, 2018-04-27 »
*** yamamoto has quit IRC00:53
*** yamamoto has joined #openstack-fwaas00:53
*** hoangcx has joined #openstack-fwaas01:12
*** annp has joined #openstack-fwaas03:39
*** hoangcx has quit IRC06:43
*** hoangcx has joined #openstack-fwaas06:44
*** yamamoto has quit IRC07:16
*** yamamoto has joined #openstack-fwaas07:17
*** doude_ has quit IRC07:32
*** doude_ has joined #openstack-fwaas07:44
*** AlexeyAbashkin has joined #openstack-fwaas07:45
*** threestrands_ has quit IRC07:52
*** doude_ is now known as doude08:04
*** doude has quit IRC08:04
*** doude has joined #openstack-fwaas08:04
*** yamamoto has quit IRC08:11
*** yamamoto has joined #openstack-fwaas08:27
*** Alexey_Abashkin has joined #openstack-fwaas08:57
*** AlexeyAbashkin has quit IRC09:01
*** Alexey_Abashkin is now known as AlexeyAbashkin09:01
*** hoangcx has quit IRC09:27
*** hoangcx has joined #openstack-fwaas09:28
bzhao__xgerman_:  Thanks german, sorry for late reply. I saw the spec,  it seem also a big change for FW.  And thanks for your answer.  I think there may be a huge change comes from my company... Hmm, but we also face the resource issue.. :(. Haha10:07
*** hoangcx has quit IRC10:11
bzhao__May I change the default FW rule from deny to other actions(drop)? I'm not sure whether it is designed to drop the traffic at the last of fw rule list. Just a question, should we allow to change the default fw rule action?10:18
*** yamamoto has quit IRC10:55
*** threestrands_ has joined #openstack-fwaas11:01
*** yamamoto has joined #openstack-fwaas11:50
*** yamamoto has quit IRC11:50
*** hoangcx has joined #openstack-fwaas12:05
*** yamamoto has joined #openstack-fwaas12:18
*** threestrands_ has quit IRC12:58
*** SridarK has joined #openstack-fwaas13:50
*** wkite has joined #openstack-fwaas13:53
*** yamamoto has quit IRC13:56
SridarKHi FWaaS folks13:59
*** yushiro has joined #openstack-fwaas13:59
SridarK#startmeeting fwaas14:00
openstackMeeting started Thu Apr 26 14:00:07 2018 UTC and is due to finish in 60 minutes.  The chair is SridarK. Information about MeetBot at http://wiki.debian.org/MeetBot.14:00
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.14:00
*** openstack changes topic to " (Meeting topic: fwaas)"14:00
openstackThe meeting name has been set to 'fwaas'14:00
SridarK#chair yushiro xgerman_14:00
openstackCurrent chairs: SridarK xgerman_ yushiro14:00
njohnstono/14:00
yushiroHi all :)14:00
SridarKyushiro: hi - i think ur turn today14:00
yushiroSridarK, sure!14:00
yushiroOK folks, let's begin :)14:00
yushiro#topic announcements14:01
*** openstack changes topic to "announcements (Meeting topic: fwaas)"14:01
xgerman_o/14:01
yushiroGood news about OpenStack summit Vancouver's forum.14:01
yushiroOur fwaas L7 session has approved.14:02
SridarKannp: congrats14:02
xgerman_+114:02
yushiroI forgot a link... annp, Do you have some link?14:02
SridarK#link http://forumtopics.openstack.org/cfp/details/14414:03
SridarK?14:03
SridarKi think not14:04
SridarKthat was the submission14:04
yushiroSridarK, Hmm,  it returns 404 ..14:04
SridarKyes just saw that too14:04
yushiroThanks.  Anyway, let's discuss topic about our forum later :)14:05
SridarKbut that is good that14:05
SridarKit was accepted14:05
SridarKsorry go ahead yushiro14:06
yushiroOK14:06
doudeHi14:06
yushiroWe are now Rocky-2 cycle.  R-2 is until 4th Jun.  https://releases.openstack.org/rocky/schedule.html14:06
yushiroSo, anything else to announce?14:07
xgerman_TC elections are open — so if you got an e-mail make sure to vote14:07
yushirodoude, hi14:07
yushiroaha, yes, thanks xgerman_14:07
yushiroOK, so next topic.14:09
yushiro#topic Rocky14:09
*** openstack changes topic to "Rocky (Meeting topic: fwaas)"14:09
yushiroPluggable backend driver https://review.openstack.org/#/c/480265/14:09
yushirodoude, Hi.  It's your turn :)14:10
doudeyes sorry14:12
doudeso I just started to look at the issue for the port auto association to default FG14:13
doudeI've a patch, I 'm just finishing to validate unit tests14:13
doudeI also rebase the patch on master14:13
yushiroOK, good14:13
doudeI'll push new patch set in the hour14:14
yushirowow, cool.  I'll test tomorrow with 'nova boot' command and check default fwg association again.14:14
doudejust a question, that specific port association is only in case a port is automatically associated to the default FG?14:14
*** annp_ has joined #openstack-fwaas14:15
*** annp_ has quit IRC14:15
yushirodoude, auto association target is VM port (newly created or bind)14:16
yushiroAnd it is associated with default fwg.14:17
doudeif we create a port not binded to a host, and associating that port to FG, do we just need to set the association in the DB and don't send RPC FG update ?14:17
doudeha ok it's only for port VM14:17
doudeunderstood14:17
yushiroIf we try to associate non-bind port with any fwg, it returns 409 error.14:17
yushiroAha, Ok.14:17
doudeok14:17
doudethanks14:17
yushiroSo, doude, if you update your patch, please check the q-agt.service log while running 'nova boot'.  If there is no 'error' message and FWG is associated with a port, it is good.14:19
yushiroOf course, I'll test as well :)14:19
doudeoterwise, I did not had time to discuss with NSX dev about their FWaaS driver14:19
doudesure yushiro14:19
SridarKdoude: ok it will be good to close on the NSX driver too14:20
doudeI was able to reproduce and see that error before I patch the code14:20
SridarKi think it should be o14:20
SridarKk14:20
doudeyes me to SridarK14:20
SridarKmaybe just needs clarification14:20
SridarKthx doude14:20
yushirodoude, In addition, current devstack is a little strange.  Please set [fwaas]firewall_l2_driver = ovs at /etc/neutron/l3_agent.ini not /etc/neutron/plugins/ml2/ml2_conf.ini14:21
yushiroLatter case wasn't loaded correctly.14:21
yushiroOK, next14:22
yushiroWIP] Adds remote firewall group: https://review.openstack.org/52120714:22
yushiroxgerman_, go ahead :p14:22
doudethanks yushiro14:22
xgerman_not much to report.14:22
yushiroOK14:22
xgerman_Need yo make the gates work for my patch14:23
xgerman_there have been gate issues the pas few weeks in OpenStack14:23
yushirowow :(14:23
xgerman_yeah, from pip versions, to neutron purging FKs, etc.14:24
*** reedip has joined #openstack-fwaas14:24
reediphey hi guys14:24
yushiroxgerman_, Ahhhh, Yes, I remembered..14:24
njohnstonhi reedip14:24
yushiroreedip, Hi!14:24
reedipI was able to join the meeting atlast :)14:25
yushiroreedip, cool!!14:25
xgerman_o/14:25
SridarKreedip: long time, hi :-)14:25
reedipo/14:25
reedipyes, was pretty messed up with the work and other activities :|14:25
SridarK:-)14:25
yushiroGood news! I wanted to announce about that in announce topic :p14:26
yushiroOK, next14:26
yushiroLogging for FWaaS(SPEC): https://review.openstack.org/#/c/509725/14:26
SridarKSorry i forgot earlier but it looks good to me too14:27
SridarKand i added Miguel for +A14:27
yushiroThanks for your review SridarK14:27
yushirogood :)  In addition, your comment is reasonable to start L3 first.14:28
yushiroThanks cuong for update.14:28
njohnston+114:29
yushiroand thanks for all reviewing :)14:29
yushiro#topic Horizon support14:29
*** openstack changes topic to "Horizon support (Meeting topic: fwaas)"14:29
yushiroToday, chandan and Sarath are not here.14:30
SridarKYes, i will send a note to them to see if they can join next week14:30
yushiroSridarK, OK, thanks.14:30
yushiro#topic bugs14:32
*** openstack changes topic to "bugs (Meeting topic: fwaas)"14:32
yushirohttp://urx2.nu/C7UI14:32
yushiroThere are 13 bugs are 'UNDECIDED' status.14:33
xgerman_time for a bug scrub?14:33
reedipany assigned to me ?? :P14:33
SridarK+1 on bug scrub14:33
reedip+1 for the bug scrub14:34
yushiroxgerman_, GOOD!14:34
SridarKmaybe we can run thru this after we take a look offline14:34
SridarKand update them14:34
xgerman_+114:34
yushirohttps://bugs.launchpad.net/neutron/+bug/161824414:34
openstackLaunchpad bug 1618244 in neutron "Possible scale issues with neutron-fwaas requesting all tenants with firewalls after RPC failures" [Undecided,In progress] - Assigned to Bertrand Lallau (bertrand-lallau)14:34
reedipI will look at them a bit tomorrow morning ( I have some bandwidth tomorrow )14:34
SridarKsomehow i recall some work on this area done maybe by Cedric ?14:35
SridarKi am a bit foggy14:35
yushiroSridarK, OK14:36
yushiroIt seems to be backported to ocata14:37
yushiroI'll set 'low' for now.14:38
xgerman_k14:38
SridarKyes that seemed quite familiar14:39
yushirohttps://bugs.launchpad.net/neutron/+bug/162664214:39
openstackLaunchpad bug 1626642 in neutron "Cleanup and add more UT for FWaaS v2 plugin" [Undecided,Confirmed] - Assigned to Sridar Kandaswamy (skandasw)14:39
yushiroIt's you, SridarK :)14:39
SridarKlet me look to see if that is relevant14:39
yushiroOk14:40
njohnstonbrb14:40
SridarKi recall we had some coverage needed for rule updates14:40
SridarKbut will take a look14:40
yushiroAha.  OK, so, I'll set medium.14:40
yushirohttps://bugs.launchpad.net/neutron/+bug/165675414:41
openstackLaunchpad bug 1656754 in neutron "Fwaas (bind a firewall to DVR router when its floating-ip count is zero): the firewall rules does not take effect for a VM after binding a floating ip to the VM." [Undecided,New] - Assigned to wujun (wujun)14:41
yushiroI think this is about fwaas v1.14:43
SridarKyushiro: most likely will need to look14:43
yushiroOK, there are many bugs.  Let's continue next week.14:46
SridarKyushiro: +114:46
xgerman_+114:46
SridarKwe can do some digging on the list offline14:46
yushiroyeah14:46
yushiro#topic specs14:46
*** openstack changes topic to "specs (Meeting topic: fwaas)"14:46
reedipLets put a google doc for it ?14:47
yushirofwaas 2.0 address groups support https://review.openstack.org/55713714:47
wkiteI have committed a new proposafor e14:48
wkitesorry14:48
yushiroreedip, about bug?14:49
wkiteI have committed a new spec to the gerrit.14:50
yushirowkite, OK, could you paste a link for the spec??14:50
wkitei modified some inappropriate places.14:51
yushiroAh, you updated existing spec, did you?14:52
wkitehttp://logs.openstack.org/37/557137/4/check/build-openstack-sphinx-docs/3c4e754/html/specs/rocky/fwaas-2.0-address-groups-support.html14:52
wkiteyushiro: yes14:53
yushiroI cannot review last week, so I'll review tomorrow.14:53
yushiros/cannot/couldn't14:53
SridarKwkite: thx i see u have addressed most comments - i think - will go thru again also14:53
wkiteyushiro: thanks for your review14:54
yushiro:)14:55
yushiroAh, 5 minutes left !! :p14:55
wkiteSridarK: thx14:55
SridarKwkite: np14:55
yushiroEveryone, plz review his spec :)14:55
xgerman_+114:55
yushiro#topic Open Discussion14:55
*** openstack changes topic to "Open Discussion (Meeting topic: fwaas)"14:55
yushiroI'll take a holiday from 28th Apr. to 6th May  a.k.a "Golden week".14:56
SridarKyushiro: have a nice break14:57
yushiroIf you'd like to ask me something, please send e-mail <y.furukawa8@gmail.com>14:57
*** yamamoto has joined #openstack-fwaas14:57
yushiroSridarK, Yeah, thanks.14:57
amotokistable/queens fwaas-dashboard gate is broken now. the fix is here: https://review.openstack.org/#/c/564523/ please take a look.14:58
yushiroamotoki, Thank you so much14:58
SridarK+114:59
yushiroI need more time to contribute on OpenStack!!  :p14:59
SridarKyushiro: ah yes same here15:00
SridarK:-)15:00
xgerman_+1 —15:00
yushiroSame feeling :)15:00
SridarKoh time15:00
yushiroOk, this is time.15:00
yushiro#endmeeting15:00
*** openstack changes topic to "Queens (Meeting topic: fwaas)"15:00
openstackMeeting ended Thu Apr 26 15:00:28 2018 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)15:00
SridarKbye all15:00
openstackMinutes:        http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-04-26-14.00.html15:00
xgerman_o/15:00
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-04-26-14.00.txt15:00
openstackLog:            http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-04-26-14.00.log.html15:00
yushirobye bye~~~~~~15:00
wkitebye15:00
*** wkite has quit IRC15:01
*** yamamoto has quit IRC15:03
-openstackstatus- NOTICE: We've successfully troubleshooted the issue that prevented paste.openstack.org from loading and it's now back online, thank you for your patience.15:05
*** reedip has quit IRC15:08
*** hoangcx has quit IRC15:18
*** yushiro has quit IRC15:22
*** openstackgerrit has joined #openstack-fwaas15:23
openstackgerritÉdouard Thuleau proposed openstack/neutron-fwaas master: Implements a plugable backend driver  https://review.openstack.org/48026515:23
doudeSridarK, annp  --^15:24
SridarKdoude: thx15:24
*** AlexeyAbashkin has quit IRC15:56
*** yamamoto has joined #openstack-fwaas15:59
*** yamamoto has quit IRC16:04
*** SridarK has quit IRC16:47
*** yamamoto has joined #openstack-fwaas17:01
*** yamamoto has quit IRC17:06
*** SumitNaiksatam has joined #openstack-fwaas17:33
*** yamamoto has joined #openstack-fwaas18:02
*** yamamoto has quit IRC18:07
*** SumitNaiksatam has left #openstack-fwaas18:34
*** yamamoto has joined #openstack-fwaas19:04
*** yamamoto has quit IRC19:09
*** yamamoto has joined #openstack-fwaas20:05
*** yamamoto has quit IRC20:11
*** yamamoto has joined #openstack-fwaas21:07
*** yamamoto has quit IRC21:13
*** yamamoto has joined #openstack-fwaas22:09
*** yamamoto has quit IRC22:14
*** yamamoto has joined #openstack-fwaas23:11
*** annp has quit IRC23:13
*** annp has joined #openstack-fwaas23:14
*** yamamoto has quit IRC23:16
« Wednesday, 2018-04-25 Index Friday, 2018-04-27 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!