| *** longkb has joined #openstack-fwaas | 00:05 | |
| *** longkb has quit IRC | 07:36 | |
| *** longkb has joined #openstack-fwaas | 07:36 | |
| *** annp has quit IRC | 07:37 | |
| *** hoangcx has quit IRC | 07:37 | |
| *** hoangcx has joined #openstack-fwaas | 07:38 | |
| *** velizarx has joined #openstack-fwaas | 08:02 | |
| *** velizarx has quit IRC | 08:18 | |
| *** obre has joined #openstack-fwaas | 08:30 | |
| *** velizarx has joined #openstack-fwaas | 08:35 | |
| *** longkb has quit IRC | 11:42 | |
| *** velizarx has quit IRC | 12:35 | |
| *** velizarx has joined #openstack-fwaas | 12:47 | |
| *** velizarx has quit IRC | 13:35 | |
| *** ml has joined #openstack-fwaas | 13:49 | |
| *** velizarx has joined #openstack-fwaas | 13:50 | |
| *** longkb has joined #openstack-fwaas | 13:55 | |
| *** SridarK has joined #openstack-fwaas | 14:01 | |
| SridarK | Hi FWaaS folks | 14:02 |
|---|---|---|
| amotoki | no meeting today? | 14:02 |
| SridarK | sorry to be late | 14:02 |
| amotoki | np | 14:02 |
| SridarK | #startmeeting fwaas | 14:02 |
| openstack | Meeting started Thu Aug 23 14:02:25 2018 UTC and is due to finish in 60 minutes. The chair is SridarK. Information about MeetBot at http://wiki.debian.org/MeetBot. | 14:02 |
| openstack | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 14:02 |
| *** openstack changes topic to " (Meeting topic: fwaas)" | 14:02 | |
| openstack | The meeting name has been set to 'fwaas' | 14:02 |
| longkb | o/ | 14:02 |
| *** SridarK_ has joined #openstack-fwaas | 14:03 | |
| SridarK_ | I seemed to have gotten knocked off | 14:03 |
| SridarK_ | I am not sure what quorom we have | 14:04 |
| amotoki | i have one thing to ask you about the need for fwaas RC2 | 14:04 |
| *** longkb has quit IRC | 14:04 | |
| SridarK_ | sure amotoki go ahead | 14:05 |
| amotoki | acording to https://review.openstack.org/#/q/status:open+project:openstack/neutron-fwaas+branch:stable/rocky | 14:05 |
| SridarK_ | i see an email from yushiro that he will not make it | 14:05 |
| amotoki | there is one patch proposed to stable/rocky | 14:05 |
| SridarK_ | and xgerman is out | 14:05 |
| amotoki | I heard yushiro cannot join today's meeting | 14:06 |
| SridarK_ | u mean this: #link https://review.openstack.org/#/c/593990/ | 14:06 |
| amotoki | yes, that one | 14:06 |
| *** SridarK has quit IRC | 14:06 | |
| SridarK_ | IIRC there was an issue found in testing to check for regression | 14:07 |
| SridarK_ | we had discussed validating any impacts from the logging code | 14:08 |
| SridarK_ | there was no issue as such with baseline but i belive this issue was found | 14:08 |
| *** longkb_ has joined #openstack-fwaas | 14:08 | |
| amotoki | I see. this only affects the fwaas logging feature, so this sounds like best-effort fix. | 14:09 |
| SridarK_ | amotoki: yes this only impacts the logging feature | 14:10 |
| SridarK_ | longkb_: can u add ur thoughts on this fix as well | 14:10 |
| longkb_ | Sorry. Am I missed something? My network is too slow :( | 14:10 |
| SridarK_ | longkb_: amotoki is asking abt #link https://review.openstack.org/#/c/593990/ | 14:11 |
| amotoki | longkb_: I'd like to know how it is important from the fwaas logging point of view. | 14:12 |
| *** wkite has joined #openstack-fwaas | 14:13 | |
| longkb_ | amotoki: could you give me the title of this patch. I cannot reach this URL https://review.openstack.org/#/c/593990/ | 14:13 |
| longkb_ | My network is too slow now | 14:14 |
| SridarK_ | amotoki: are u validating if we can live with this issue as a release note ? | 14:14 |
| amotoki | longkb_: the title is "Remove remaining NFLOG rules on deleting log resource" | 14:14 |
| SridarK_ | Remove remaining NFLOG rules on deleting log resource | 14:14 |
| SridarK_ | longkb_: ^^ | 14:14 |
| longkb_ | Thanks. amotoki, SridarK :) | 14:14 |
| amotoki | SridarK_: no. I try to validate the need for RC2. | 14:14 |
| SridarK_ | amotoki: yes got it | 14:15 |
| amotoki | SridarK_: if the fwaas logging is broken without this, it is worth for RC2 | 14:15 |
| longkb_ | This patch aims to fix a bug related to Log resource deletion | 14:15 |
| SridarK_ | amotoki: yes agreed | 14:15 |
| longkb_ | If we delete Log resource with event=ALL. It works | 14:15 |
| SridarK_ | longkb_: ok so there is a workaround | 14:15 |
| amotoki | longkb_: do you mean we need to use log event=ALL to make the fwaas logging work? | 14:16 |
| amotoki | if someone use event=ACCEPT or DROP, iptable entries are not cleanup, right? | 14:17 |
| *** reedipb has joined #openstack-fwaas | 14:18 | |
| SridarK_ | amotoki: as i understand that is correct - so basically a clean up issue | 14:19 |
| reedipb | o/ | 14:19 |
| SridarK_ | seems like longkb_ has connectivity issues | 14:19 |
| *** longkb_ has quit IRC | 14:20 | |
| amotoki | from my understanding so far, we can land it as usual fix (as it is a resource leak in an optional feature) | 14:20 |
| amotoki | but I will ping mlavalle and haleyb. if it lands soon we can consider fwaas rc2. | 14:20 |
| SridarK_ | amotoki: ok - i will sync up with yushiro and fujitsu folks as well | 14:21 |
| SridarK_ | amotoki: also it seems there is a workaround as well | 14:21 |
| SridarK_ | amotoki: hopefully we can get clarification by ur morning time | 14:22 |
| amotoki | SridarK_: totally agree. | 14:22 |
| SridarK_ | amotoki: ok - i will have an email out for fujitsu folks as well | 14:23 |
| amotoki | I pinged them in #-neutron. let's see what happens and wait their opinions. | 14:23 |
| SridarK_ | amotoki: ok | 14:23 |
| SridarK_ | amotoki: anything else for discussion | 14:23 |
| amotoki | SridarK_: nothing from me | 14:23 |
| ml | Yea, I'd like your advice on the fwaas v2 implementation in openstacksdk | 14:24 |
| SridarK_ | amotoki: thx - ok i will close out the mtg due to lack of quorom | 14:24 |
| SridarK_ | ml: hi | 14:24 |
| ml | hi | 14:24 |
| *** longkb has joined #openstack-fwaas | 14:24 | |
| SridarK_ | ml: pls go ahead | 14:25 |
| ml | I've been working on ansible modules to manage fwaas services and had to touch openstacksdk | 14:25 |
| ml | my change: https://review.openstack.org/#/c/591650/ | 14:25 |
| ml | around the same time, there was another change which had something similar in mind: https://review.openstack.org/#/c/592303/ | 14:26 |
| amotoki | In my understanding, both are needed. it looks better to merge these two. | 14:27 |
| ml | the second approach is using resource.Resource for the communication with the API | 14:27 |
| amotoki | openstacksdk provides two interfaces | 14:27 |
| SridarK_ | ml ok | 14:27 |
| SridarK_ | amotoki: thx for chiming in i am not too familiar on the sdk | 14:27 |
| ml | so there is no need to, for example, adjust my changes to use the implementation of Wang Weijia? | 14:28 |
| SridarK_ | ml: i will certainly look thru the patches | 14:28 |
| amotoki | ml: my suggestion is to talk with the author of the other patch | 14:28 |
| ml | SridarK_: thanks, appreciate it | 14:28 |
| amotoki | and discuss how you two can coordinate the effort. | 14:28 |
| SridarK_ | amotoki: +1 | 14:28 |
| ml | amotoki: I already contacted him. The communication is slow, but I think we're getting there | 14:29 |
| amotoki | ml: if you have questions on the direction, you can also ask them in #openstack-sdks irc channels. | 14:29 |
| *** longkb has quit IRC | 14:29 | |
| ml | alright, noted | 14:29 |
| *** longkb has joined #openstack-fwaas | 14:30 | |
| amotoki | mordred and other active members are there. | 14:30 |
| longkb | Sorry. I am just come back. My network connection is terrible :( | 14:30 |
| SridarK_ | ml: and feel free to raise any fwaas related support u may need here in this forum | 14:30 |
| SridarK_ | longkb: dont worry | 14:30 |
| SridarK_ | longkb: i will summarize in an email to u & team | 14:30 |
| longkb | Thanks SridarK :D | 14:31 |
| SridarK_ | amotoki: thx for pointing out the discussion reg RC2 | 14:32 |
| SridarK_ | ml: thx | 14:32 |
| amotoki | regarding the fwaas dashboard bug mentioned in the last meeting, https://bugs.launchpad.net/neutron-fwaas-dashboard/+bug/1787518 was filed | 14:33 |
| openstack | Launchpad bug 1787518 in Neutron FWaaS dashboard "Update Firewall rule incorrectly by FW Dashboard" [High,Confirmed] | 14:33 |
| amotoki | and I confirmed it is reproduceable. | 14:33 |
| amotoki | i haven't looked into the detail but it seeems fwaas dashboard only somehow. | 14:33 |
| amotoki | it seems to occurs in fwaas dashboard only... | 14:34 |
| SridarK_ | amotoki: thx ok and i see ur evaluation as backport potential | 14:34 |
| SridarK_ | amotoki: let me check if SarathMekala has bandwidth to pick it up or perhaps yushiro as someone in mind to work on dashboard | 14:35 |
| amotoki | SridarK_: thanks | 14:35 |
| SridarK_ | amotoki: thx | 14:35 |
| SridarK_ | ok if nothing else will end, next week we should be back to normal quorum | 14:37 |
| longkb | About https://review.openstack.org/#/c/593990/. This patch aims to fix a bug related to log resource deletion. | 14:38 |
| longkb | If we delete log resource with event = ALL, it works. However, if we delete log resource with event=ACCEPT or event=DROP, it will raise an error. | 14:38 |
| longkb | So I think it could be a critical bug for logging feature, and it should be backport to Rocky. | 14:38 |
| SridarK_ | longkb: ok, deleting with event = ALL is the currently available workaround | 14:39 |
| SridarK_ | but it has a side effect of deleting for all events even if we did not want to | 14:39 |
| longkb | No, I don't think so | 14:40 |
| SridarK_ | longkb: hmm ok pls clarify | 14:41 |
| longkb | deleting with event=ALL mean: deleting with event=ACCEPT and event=DROP. | 14:41 |
| SridarK_ | longkb: yes so we will delete both ACCEPT and DROP events | 14:42 |
| longkb | If we have 02 log: a log with event=ALL and a log with event=ACCEPT. And you delete log with event=ALL. | 14:43 |
| longkb | Only NFLOG rules for event=DROP is deleted | 14:43 |
| longkb | The NFLOG rules for event=ACCEPT will be kept until log with event=ACCEPT is deleted. | 14:43 |
| SridarK_ | longkb: oh ok | 14:45 |
| longkb | SridarK_ +1. Please go ahead :D | 14:46 |
| SridarK_ | longkb: ok i think i understand | 14:47 |
| longkb | +1 SridarK_ :) | 14:47 |
| SridarK_ | longkb: so the workaround is u will need to check if something is not cleaned up | 14:48 |
| SridarK_ | and then delete it explicitly | 14:48 |
| longkb | SridarK_: I got it | 14:49 |
| *** Swami has joined #openstack-fwaas | 14:50 | |
| SridarK_ | longkb: so i will send an email and we can clarify so we can list the effects, possible workarounds - that helps justification for RC2 | 14:50 |
| longkb | +1 SridarK_ :d | 14:51 |
| SridarK_ | longkb: thx u can clarify and add any specifics. I think during ur morning time we can reach for a decision. | 14:53 |
| SridarK_ | longkb: thx | 14:53 |
| SridarK_ | I will end the mtg | 14:53 |
| SridarK_ | #endmeeting | 14:53 |
| *** SridarK_ has quit IRC | 14:53 | |
| longkb | Bye folks :d | 14:54 |
| *** SridarK has joined #openstack-fwaas | 14:54 | |
| SridarK | #endmeeting | 14:54 |
| *** openstack changes topic to "Queens (Meeting topic: fwaas)" | 14:54 | |
| openstack | Meeting ended Thu Aug 23 14:54:30 2018 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 14:54 |
| openstack | Minutes: http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-08-23-14.02.html | 14:54 |
| openstack | Minutes (text): http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-08-23-14.02.txt | 14:54 |
| openstack | Log: http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-08-23-14.02.log.html | 14:54 |
| SridarK | longkb: never mind | 14:56 |
| SridarK | looks like it is approved | 14:56 |
| SridarK | amotoki: thx | 14:57 |
| amotoki | SridarK: yeah, I just saw it :) | 15:00 |
| *** longkb has quit IRC | 15:00 | |
| SridarK | :-) | 15:01 |
| *** velizarx has quit IRC | 15:36 | |
| *** Swami has quit IRC | 16:49 | |
| *** SridarK has quit IRC | 16:55 | |
| *** bbbbzhao_ has quit IRC | 18:14 | |
| *** ml has left #openstack-fwaas | 18:26 | |
| *** threestrands has joined #openstack-fwaas | 22:53 | |
| *** njohnston has quit IRC | 23:30 | |
| *** wkite has quit IRC | 23:30 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!