| *** longkb has joined #openstack-fwaas | 00:32 | |
| *** lnicolas has joined #openstack-fwaas | 02:04 | |
| bzhao__ | hi, fw handsome guys | 02:05 |
|---|---|---|
| bzhao__ | I have a question about how to update the existing FWG status, as we support apply fwg towards vm ports, so each l2 agent will update the fwg status if there is any port it server? So does that mean the last update will the FWG status? | 02:07 |
| bzhao__ | hi? | 02:19 |
| bzhao__ | annp: ping, | 02:45 |
| bzhao__ | njohnston: ping | 02:50 |
| *** yamamoto has joined #openstack-fwaas | 04:37 | |
| *** yamamoto has quit IRC | 05:31 | |
| *** yamamoto has joined #openstack-fwaas | 05:46 | |
| *** reedip has quit IRC | 06:14 | |
| annp | bzhao__, ping | 06:17 |
| annp | bzhao, pong | 06:17 |
| bzhao__ | annp: hi, I need help about the fwg status, now we support adding vm port into fwg, so if several vms in different compute nodes are in the same fwg, does each l2 agent update the fwg status for processing the fwg update/create? I found the existing code seem to update the status in each l2/l3 agent. It make me confused. So please correct me. :) | 06:25 |
| annp | bzhao__, from my understanding, L2 agent will update fwg status for fwg update/create. | 06:27 |
| bzhao__ | annp: So if the vm port locates different compute node, it will update the status twice, if the first is error, the second will overide it... So I'm not sure I understand we how to decide a fwg status. | 06:29 |
| annp | bzhao__, if fwg has status error, then second process won't override it, IIRC. | 06:31 |
| bzhao__ | annp: You mean once a single port process failure from a port list which associated a fwg, it will be Error status. Could you please help me to find the code? Then I think I can make a good understand about this. Thanks. :) | 06:33 |
| annp | bzhao__, that mean if the fwg status is ERROR, then nobody can do any action on the fwg, I guess. | 06:34 |
| *** annp has quit IRC | 06:36 | |
| *** annp has joined #openstack-fwaas | 06:36 | |
| *** longkb1 has quit IRC | 06:37 | |
| bzhao__ | annp: Yeah, Users can not operate the fwg. But how to deal with the agent side to set the status. I mean the use case like: I have 2 ports, the 2 ports are from 2 VMs, and they locates different compute nodes. Then I create a new fwg with its "child" resources, and I add these ports into fwg. So the server will fanout the rpc to the compute nodes side, different l2 agent in different node process its serviced port, | 06:38 |
| bzhao__ | then update the fwg status through rpc to server. | 06:38 |
| *** longkb1 has joined #openstack-fwaas | 06:38 | |
| bzhao__ | annp: the rpc call is still set_fwg_status, and I saw the server side code is just update the status... So I'm not sure how we decide the fwg status in this case. | 06:40 |
| annp | bzhao__, you're right. Maybe It is a bug. | 06:43 |
| annp | bzhao_, In this case we have to check status of fwg before update status. if fwg status == ERROR, then don't set fwg status | 06:45 |
| bzhao__ | annp: No matter, yeah, we need the check. | 06:45 |
| bzhao__ | annp: So the status means the finnal result of all associated resources. Right? | 06:46 |
| annp | bzhao__, yes. It should be as you said. | 06:47 |
| annp | so it doesn't make user confused. | 06:48 |
| bzhao__ | annp: OK, it make sense to me. Thank you. Sorry for interrupt. :) | 06:48 |
| annp | bzhao__, No worries, you're welcome. Can you file a bug for that? | 06:50 |
| bzhao__ | annp: OK, I will do that. :) | 06:50 |
| annp | bzhao__, +1 :) | 06:50 |
| openstackgerrit | OpenStack Proposal Bot proposed openstack/neutron-fwaas-dashboard master: Imported Translations from Zanata https://review.openstack.org/567784 | 07:05 |
| *** lnicolas has quit IRC | 07:09 | |
| *** lnicolas has joined #openstack-fwaas | 07:13 | |
| *** hoangcx has joined #openstack-fwaas | 07:30 | |
| *** yamamoto_ has joined #openstack-fwaas | 07:36 | |
| *** yamamoto has quit IRC | 07:39 | |
| *** openstack has joined #openstack-fwaas | 09:26 | |
| *** ChanServ sets mode: +o openstack | 09:26 | |
| *** yamamoto has joined #openstack-fwaas | 09:40 | |
| *** hoangcx has quit IRC | 10:12 | |
| *** longkb1 has quit IRC | 10:33 | |
| *** longkb has quit IRC | 10:33 | |
| *** yamamoto has quit IRC | 11:12 | |
| *** yamamoto has joined #openstack-fwaas | 11:20 | |
| *** yamamoto has quit IRC | 11:25 | |
| *** njohnston is now known as njohnston|ooo | 11:27 | |
| *** yamamoto has joined #openstack-fwaas | 11:28 | |
| *** yamamoto has quit IRC | 11:45 | |
| *** yamamoto has joined #openstack-fwaas | 11:55 | |
| *** annp has quit IRC | 12:01 | |
| *** yamamoto has quit IRC | 12:12 | |
| *** yamamoto has joined #openstack-fwaas | 12:13 | |
| *** yamamoto has quit IRC | 12:22 | |
| *** yamamoto has joined #openstack-fwaas | 12:23 | |
| *** yamamoto has quit IRC | 12:27 | |
| *** yamamoto has joined #openstack-fwaas | 12:46 | |
| *** yamamoto has quit IRC | 12:47 | |
| *** yamamoto has joined #openstack-fwaas | 12:47 | |
| *** yamamoto_ has joined #openstack-fwaas | 12:53 | |
| *** yamamoto has quit IRC | 12:57 | |
| *** openstackstatus has joined #openstack-fwaas | 13:11 | |
| *** ChanServ sets mode: +v openstackstatus | 13:11 | |
| -openstackstatus- NOTICE: Due to a Zuul outage, patches uploaded to Gerrit between 09:00UTC and 12:50UTC, were not properly added to Zuul. Please recheck any patches during this window and apologies for the inconvenience. | 13:14 | |
| *** yamamoto_ has quit IRC | 13:21 | |
| *** hongbin has joined #openstack-fwaas | 13:49 | |
| *** mlavalle has joined #openstack-fwaas | 13:55 | |
| mlavalle | Dear FWaaS team: could a member of the FWaaS team give an opinion on this RFE: https://bugs.launchpad.net/neutron/+bug/1664814? | 13:56 |
| openstack | Launchpad bug 1664814 in neutron "RBAC for Firewall Policies" [Wishlist,New] | 13:56 |
| *** njohnston|ooo has quit IRC | 14:03 | |
| *** yamamoto has joined #openstack-fwaas | 14:21 | |
| *** yamamoto has quit IRC | 14:27 | |
| *** yamamoto has joined #openstack-fwaas | 15:24 | |
| *** yamamoto has quit IRC | 15:32 | |
| *** yamamoto has joined #openstack-fwaas | 16:28 | |
| *** yamamoto has quit IRC | 16:34 | |
| *** openstackstatus has quit IRC | 17:00 | |
| *** openstack has joined #openstack-fwaas | 17:02 | |
| *** ChanServ sets mode: +o openstack | 17:02 | |
| *** yamamoto has joined #openstack-fwaas | 17:30 | |
| *** yamamoto has quit IRC | 17:36 | |
| *** yamamoto has joined #openstack-fwaas | 18:32 | |
| *** yamamoto has quit IRC | 18:36 | |
| *** yamamoto has joined #openstack-fwaas | 19:33 | |
| *** yamamoto has quit IRC | 19:38 | |
| *** yamamoto has joined #openstack-fwaas | 20:34 | |
| *** mlavalle has left #openstack-fwaas | 20:36 | |
| *** yamamoto has quit IRC | 20:39 | |
| *** openstackgerrit has joined #openstack-fwaas | 21:29 | |
| openstackgerrit | German Eichberger proposed openstack/neutron-fwaas master: Adds remote firewall group to plugin https://review.openstack.org/521207 | 21:29 |
| *** yamamoto has joined #openstack-fwaas | 21:35 | |
| *** yamamoto has quit IRC | 21:41 | |
| *** hongbin has quit IRC | 22:49 | |
| *** yamamoto has joined #openstack-fwaas | 23:01 | |
| *** yamamoto has quit IRC | 23:26 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!