Thursday, 2019-08-08

« Wednesday, 2019-08-07 Index Friday, 2019-08-09 »
*** yamamoto has quit IRC00:04
*** markvoelker has joined #openstack-neutron00:09
*** slaweq_ has joined #openstack-neutron00:11
*** slaweq_ has quit IRC00:15
*** ociuhandu has joined #openstack-neutron00:30
*** ociuhandu has quit IRC00:35
*** betherly has joined #openstack-neutron00:35
*** betherly has quit IRC00:39
*** markvoelker has quit IRC00:42
openstackgerritZhouHeng proposed openstack/neutron master: remove try_again from _commit_port_binding  https://review.opendev.org/67503400:42
*** kevinz has quit IRC00:43
*** markvoelker has joined #openstack-neutron00:43
*** kevinz has joined #openstack-neutron00:44
*** _mmethot_ has joined #openstack-neutron01:02
*** mmethot_ has quit IRC01:07
*** abaindur has quit IRC01:12
*** betherly has joined #openstack-neutron01:30
*** tbachman has quit IRC01:32
*** betherly has quit IRC01:35
*** markvoelker has quit IRC01:37
*** markvoelker has joined #openstack-neutron01:44
*** yamamoto has joined #openstack-neutron01:45
*** armax has quit IRC01:47
*** tbachman has joined #openstack-neutron01:53
*** betherly has joined #openstack-neutron02:01
*** betherly has quit IRC02:05
*** slaweq_ has joined #openstack-neutron02:10
*** tbachman has quit IRC02:12
*** slaweq_ has quit IRC02:15
*** henriqueof has joined #openstack-neutron02:17
*** iyamahat has quit IRC02:19
*** henriqueof has quit IRC02:21
*** iyamahat has joined #openstack-neutron02:33
*** tbachman has joined #openstack-neutron02:35
*** betherly has joined #openstack-neutron02:40
*** ramishra has joined #openstack-neutron02:42
*** yamamoto has quit IRC02:49
*** yamamoto has joined #openstack-neutron02:51
*** tbachman has quit IRC02:53
*** betherly has quit IRC02:53
*** betherly has joined #openstack-neutron03:08
*** whoami-rajat has joined #openstack-neutron03:12
*** igordc has joined #openstack-neutron03:16
*** BjoernT has joined #openstack-neutron03:17
*** tbachman has joined #openstack-neutron03:18
*** betherly has quit IRC03:21
*** BjoernT has quit IRC03:21
*** BjoernT has joined #openstack-neutron03:21
openstackgerritMerged openstack/neutron master: test_l3: Be a bit more selective where to inject a failiure  https://review.opendev.org/67504403:28
*** yamamoto has quit IRC03:30
*** gkadam has joined #openstack-neutron03:31
*** kevinz has quit IRC03:35
*** kevinz has joined #openstack-neutron03:35
*** yamamoto has joined #openstack-neutron03:37
*** betherly has joined #openstack-neutron03:39
*** gkadam has quit IRC03:40
*** betherly has quit IRC03:44
openstackgerritLIU Yulong proposed openstack/neutron master: Check dvr local router is up during port creation  https://review.opendev.org/63387104:08
*** slaweq_ has joined #openstack-neutron04:10
*** slaweq_ has quit IRC04:15
*** BjoernT has quit IRC04:17
*** iyamahat has quit IRC04:25
*** BjoernT has joined #openstack-neutron04:26
*** betherly has joined #openstack-neutron04:38
*** betherly has quit IRC04:42
*** kevinz has quit IRC04:48
*** henriqueof has joined #openstack-neutron04:56
*** yamamoto has quit IRC04:59
*** Luzi has joined #openstack-neutron05:00
*** spsurya has joined #openstack-neutron05:02
*** iyamahat has joined #openstack-neutron05:08
*** iyamahat has left #openstack-neutron05:10
*** BjoernT has quit IRC05:15
*** fnordahl has quit IRC05:23
*** lennyb has quit IRC05:26
*** betherly has joined #openstack-neutron05:29
*** yamamoto has joined #openstack-neutron05:29
*** yamamoto has quit IRC05:30
*** betherly has quit IRC05:37
*** fnordahl has joined #openstack-neutron05:38
*** yamamoto has joined #openstack-neutron05:41
*** ratailor has joined #openstack-neutron05:44
*** igordc has quit IRC05:59
*** ccamposr__ has joined #openstack-neutron05:59
*** betherly has joined #openstack-neutron06:01
*** ccamposr has quit IRC06:03
*** betherly has quit IRC06:06
*** slaweq_ has joined #openstack-neutron06:11
*** slaweq_ has quit IRC06:16
*** rcernin has quit IRC06:18
*** ralonsoh has joined #openstack-neutron06:25
*** lennyb has joined #openstack-neutron06:26
*** maciejjozefczyk has joined #openstack-neutron06:49
*** gcheresh has joined #openstack-neutron06:50
*** slaweq_ has joined #openstack-neutron06:59
*** betherly has joined #openstack-neutron07:00
*** aojea has joined #openstack-neutron07:05
*** betherly has quit IRC07:05
*** devx has quit IRC07:07
*** baojg has joined #openstack-neutron07:08
*** devx has joined #openstack-neutron07:09
*** betherly has joined #openstack-neutron07:20
*** tssurya has joined #openstack-neutron07:23
*** betherly has quit IRC07:25
*** tesseract has joined #openstack-neutron07:31
*** panda has quit IRC07:35
*** panda has joined #openstack-neutron07:38
openstackgerritMaciej Józefczyk proposed openstack/networking-ovn master: Fix test_update_port_with_empty_data  https://review.opendev.org/67526107:48
openstackgerritMaciej Józefczyk proposed openstack/networking-ovn master: Add mock for _check_for_socket_ready  https://review.opendev.org/67457407:50
openstackgerritMaciej Józefczyk proposed openstack/networking-ovn master: Fix test_update_port_with_empty_data  https://review.opendev.org/67526107:50
*** lucasagomes has joined #openstack-neutron07:56
*** ociuhandu has joined #openstack-neutron07:56
*** ccamposr has joined #openstack-neutron07:58
*** brault has joined #openstack-neutron07:59
*** ccamposr__ has quit IRC08:01
*** rpittau|afk is now known as rpittau08:04
*** takamatsu has quit IRC08:06
openstackgerritRodolfo Alonso Hernandez proposed openstack/neutron master: Kill all processes running in a namespace before deletion  https://review.opendev.org/67482008:14
*** ivve has joined #openstack-neutron08:19
*** betherly has joined #openstack-neutron08:22
openstackgerritYAMAMOTO Takashi proposed openstack/networking-midonet master: TEST FOR CI DO NOT REVIEW  https://review.opendev.org/19938708:23
*** ksambor has quit IRC08:36
*** ksambor has joined #openstack-neutron08:39
openstackgerritMaciej Józefczyk proposed openstack/networking-ovn master: Fix test_update_port_with_empty_data  https://review.opendev.org/67526108:42
*** davidsha has joined #openstack-neutron08:58
openstackgerritMaciej Józefczyk proposed openstack/networking-ovn master: Fix test_update_port_with_empty_data and add mock for _check_for_socket_ready  https://review.opendev.org/67457408:59
*** henriqueof has quit IRC09:28
*** dmellado has quit IRC09:53
openstackgerritRodolfo Alonso Hernandez proposed openstack/neutron master: Kill all processes running in a namespace before deletion  https://review.opendev.org/67482009:53
*** dmellado has joined #openstack-neutron09:55
*** dsneddon has quit IRC09:55
*** kdean has quit IRC10:21
*** ociuhandu has quit IRC10:26
*** yamamoto has quit IRC10:33
*** ociuhandu has joined #openstack-neutron10:47
openstackgerritMerged openstack/os-vif master: only disable mac ageing for ovs hybrid plug  https://review.opendev.org/67283410:50
*** yamamoto has joined #openstack-neutron10:51
*** kevinz has joined #openstack-neutron11:06
*** tbachman has quit IRC11:08
*** aojea has quit IRC11:24
*** lpetrut has joined #openstack-neutron11:34
*** tbachman has joined #openstack-neutron11:35
*** baojg has quit IRC11:39
*** baojg has joined #openstack-neutron11:41
*** baojg has quit IRC11:41
*** lpetrut has quit IRC11:49
*** tssurya has quit IRC11:50
*** tssurya has joined #openstack-neutron11:50
*** dsneddon has joined #openstack-neutron11:51
*** ratailor has quit IRC12:02
openstackgerritMaciej Józefczyk proposed openstack/networking-ovn master: Fix gateway blockers  https://review.opendev.org/67457412:25
*** Luzi has quit IRC12:32
*** jmlowe has quit IRC12:43
openstackgerritOleg Bondarev proposed openstack/neutron stable/rocky: Check for agent restarted after checking for DVR port  https://review.opendev.org/67196513:03
openstackgerritOleg Bondarev proposed openstack/neutron stable/queens: Check for agent restarted after checking for DVR port  https://review.opendev.org/67196613:03
openstackgerritOleg Bondarev proposed openstack/neutron stable/pike: Check for agent restarted after checking for DVR port  https://review.opendev.org/67196713:03
*** mriedem has joined #openstack-neutron13:16
*** jcosmao has joined #openstack-neutron13:27
*** BjoernT has joined #openstack-neutron13:28
*** slaweq_ is now known as slaweq13:29
*** sm806 has quit IRC13:32
*** sm806 has joined #openstack-neutron13:32
*** snierodz has quit IRC13:35
*** snierodz has joined #openstack-neutron13:38
*** yamamoto has quit IRC13:38
*** mchlumsky has joined #openstack-neutron13:41
*** maciejjozefczyk is now known as mjozefcz|lunch13:48
*** dsneddon has quit IRC13:50
*** kevinz has quit IRC13:51
*** dave-mccowan has joined #openstack-neutron13:55
*** yamamoto has joined #openstack-neutron13:59
*** yamamoto has quit IRC13:59
*** yamamoto has joined #openstack-neutron14:00
*** yamamoto has quit IRC14:04
*** brault has quit IRC14:05
*** yamamoto has joined #openstack-neutron14:05
*** liuyulong has quit IRC14:05
*** dsneddon has joined #openstack-neutron14:11
*** dsneddon has quit IRC14:16
*** jlibosva has joined #openstack-neutron14:25
*** mjozefcz|lunch is now known as mjozefcz14:26
*** dave-mccowan has quit IRC14:30
*** ociuhandu has quit IRC14:30
*** dsneddon has joined #openstack-neutron14:30
*** ociuhandu has joined #openstack-neutron14:31
*** ociuhandu has quit IRC14:35
*** dsneddon has quit IRC14:35
*** gcheresh has quit IRC14:42
*** mlavalle has joined #openstack-neutron14:43
*** tbachman has quit IRC14:52
*** ociuhandu has joined #openstack-neutron15:04
*** jlibosva has quit IRC15:04
*** dsneddon has joined #openstack-neutron15:08
*** tbachman has joined #openstack-neutron15:30
*** dave-mccowan has joined #openstack-neutron15:31
*** spsurya has quit IRC15:34
*** tssurya has quit IRC15:43
*** armax has joined #openstack-neutron15:44
*** mjozefcz has quit IRC16:00
*** lucasagomes has quit IRC16:03
*** tidwellr has joined #openstack-neutron16:13
*** brault has joined #openstack-neutron16:15
*** beekneemech has joined #openstack-neutron16:16
*** beekneemech has quit IRC16:16
*** yamamoto has quit IRC16:18
*** brault has quit IRC16:19
*** mattw4 has joined #openstack-neutron16:29
*** davidsha has quit IRC16:34
*** rpittau is now known as rpittau|afk16:36
*** mattw4 has quit IRC16:39
*** mattw4 has joined #openstack-neutron16:39
*** jangutter has quit IRC16:44
*** yamamoto has joined #openstack-neutron16:51
*** armax has quit IRC16:56
openstackgerritMerged openstack/neutron master: remove try_again from _commit_port_binding  https://review.opendev.org/67503417:02
*** BjoernT has quit IRC17:02
*** BjoernT has joined #openstack-neutron17:03
*** BjoernT has quit IRC17:03
*** BjoernT_ has joined #openstack-neutron17:03
*** BjoernT_ has quit IRC17:04
*** yamamoto has quit IRC17:04
*** BjoernT has joined #openstack-neutron17:06
*** BjoernT has quit IRC17:06
*** BjoernT_ has joined #openstack-neutron17:07
*** BjoernT_ has quit IRC17:08
*** BjoernT has joined #openstack-neutron17:09
*** BjoernT has quit IRC17:10
*** BjoernT_ has joined #openstack-neutron17:12
*** markvoelker has quit IRC17:12
*** BjoernT_ has quit IRC17:12
*** igordc has joined #openstack-neutron17:13
*** BjoernT has joined #openstack-neutron17:13
*** BjoernT has quit IRC17:14
*** ociuhandu has quit IRC17:14
*** BjoernT has joined #openstack-neutron17:15
*** BjoernT has quit IRC17:16
*** BjoernT has joined #openstack-neutron17:16
*** BjoernT has quit IRC17:17
*** BjoernT_ has joined #openstack-neutron17:17
*** BjoernT_ has quit IRC17:17
*** BjoernT has joined #openstack-neutron17:18
*** BjoernT has quit IRC17:18
*** BjoernT has joined #openstack-neutron17:19
*** BjoernT has quit IRC17:20
*** BjoernT_ has joined #openstack-neutron17:20
*** BjoernT_ has quit IRC17:20
*** BjoernT has joined #openstack-neutron17:21
*** BjoernT has quit IRC17:21
*** BjoernT has joined #openstack-neutron17:22
*** BjoernT has quit IRC17:22
*** BjoernT has joined #openstack-neutron17:22
*** BjoernT has quit IRC17:23
*** BjoernT_ has joined #openstack-neutron17:23
*** markvoelker has joined #openstack-neutron17:26
*** tesseract has quit IRC17:27
*** BjoernT_ has quit IRC17:28
*** ociuhandu has joined #openstack-neutron17:36
*** armax has joined #openstack-neutron17:39
*** ociuhandu has quit IRC17:40
*** panda has quit IRC17:53
*** ralonsoh has quit IRC17:54
*** panda has joined #openstack-neutron17:54
*** BjoernT has joined #openstack-neutron17:57
*** nweinber has joined #openstack-neutron18:12
*** igordc has quit IRC18:28
*** mchlumsky has quit IRC18:39
*** armax has quit IRC19:01
*** armax has joined #openstack-neutron19:02
*** ramishra has quit IRC19:02
*** dsneddon has quit IRC19:11
*** BjoernT has quit IRC19:15
*** BjoernT has joined #openstack-neutron19:16
*** BjoernT has quit IRC19:20
*** ivve has quit IRC19:29
*** dsneddon has joined #openstack-neutron19:55
*** panda has quit IRC19:57
*** panda has joined #openstack-neutron19:59
openstackgerritMerged openstack/neutron master: Add 3 retry attempts to initialize ovs agent  https://review.opendev.org/67408520:07
*** tbachman has quit IRC20:13
*** tbachman has joined #openstack-neutron20:13
*** nweinber has quit IRC20:23
*** betherly has quit IRC20:27
*** tbachman has quit IRC20:29
*** ivve has joined #openstack-neutron20:32
*** betherly has joined #openstack-neutron20:48
*** abaindur has joined #openstack-neutron20:50
*** betherly has quit IRC20:52
*** whoami-rajat has quit IRC21:01
*** rm_work has quit IRC21:05
*** rm_work has joined #openstack-neutron21:05
*** betherly has joined #openstack-neutron21:08
*** betherly has quit IRC21:12
*** igordc has joined #openstack-neutron21:13
gregworkis PVLAN a thing for neutron?21:14
gregworki am trying to stop backdoor access between tenants on my manila nfs network by using pvlan to register the port uplink of the instances to the vip of the nfs ganesha vip.. however im not sure if neutron can do that21:16
*** dsneddon has quit IRC21:20
*** abaindur has quit IRC21:25
*** abaindur has joined #openstack-neutron21:25
tidwellrgregwork: TLDR I don't see an obvious way to support this. I doubt neutron in its current state can support PVLAN, although you've now got me thinking that perhaps routed provider networks or trunks could somehow be extended to support it. Could be an interesting blueprint, I'd have to think about this a little more21:27
gregworkthere is no l2 port security mechanic in neutron as is right ?21:28
*** betherly has joined #openstack-neutron21:28
gregworkclient mac <-> remote mac acl ?21:28
*** dsneddon has joined #openstack-neutron21:29
tidwellryou get anti-spoofing, but yeah security groups don't offer MAC filtering, they offer filtering at a higher layer21:30
*** vishwanathj has joined #openstack-neutron21:31
gregworkso i wonder .. how ARE people stoping tenant backdoor chatter when using manila/ganesha-nfs21:31
gregworkthe docs are pretty basic "create storagenfs network during overcloud deploy, plug ports on said network in, connect to vip for nfs"21:32
*** betherly has quit IRC21:33
gregworkwithout using some elaborate transit tenant with firewalls21:33
gregworkconnecting the client tenants21:33
gregworkyou are also routing a bit which impacts performance ? (compared to straight L2)21:34
tidwellrI take it your nfs network is a shared provider network?21:35
gregworkyes21:35
*** markvoelker has quit IRC21:36
*** betherly has joined #openstack-neutron21:36
*** dsneddon has quit IRC21:39
tidwellrjust so I understand, your concern is that different tenants are able to sniff broadcasts from other tenants on that storage network?21:39
*** betherly has quit IRC21:40
gregworkso its a nic with an ip21:42
gregworkif that instance is not locked down21:42
gregworksomebody can pop it potentially21:42
tidwellrso, as the operator you want some backup so you don't have tenants over-exposing themselves?21:44
gregworkyeah also audit issues21:46
tidwellrI can totally understand that, so you're thinking of PVLAN as a way of quietly isolating tenants while allowing them access to a shared provider network?21:47
*** dsneddon has joined #openstack-neutron21:48
gregworkyeah, only the uplink would be visible21:49
gregworkand id set that to the mac/ip of the vip21:49
gregworkthey wouldnt see any other traffic21:49
tidwellryou want fixed IP's to be routable, right? no hiding behind a floating IP?21:50
*** markvoelker has joined #openstack-neutron21:53
tidwellrsticking a logical router in the mix and putting VM's on an overlay network with DVR may add some latency but give you the isolation you're looking for. And if you want fixed IP's to be routable, you can use BGP to make that happen. I hadn't thought of this use case, providing access to a shared network does imply some level of trust between tenants so I think best practice has been to just not share provider networks if21:56
tidwellrthere's a concern21:56
*** betherly has joined #openstack-neutron21:57
*** markvoelker has quit IRC21:57
*** betherly has quit IRC22:01
*** panda has quit IRC22:03
*** dsneddon has quit IRC22:03
*** panda has joined #openstack-neutron22:03
*** mattw4 has quit IRC22:04
*** mattw4 has joined #openstack-neutron22:04
*** mattw4 has quit IRC22:14
*** mattw4 has joined #openstack-neutron22:14
*** slaweq has quit IRC22:15
*** panda has quit IRC22:16
*** betherly has joined #openstack-neutron22:18
*** abaindur has quit IRC22:18
*** panda has joined #openstack-neutron22:20
gregworki agree, but the storagenfs network and the way manila leverages it is kind of foundational22:22
gregworkwe like the idea of file share as a servive for cephfs/nfs22:22
gregworkour clents love the notion of being able to not need to maintain the whole ha/nfs/cephfs backend22:22
gregworkthe can just create/use shares out of their quota and keep their apps lightwieght22:23
*** betherly has quit IRC22:23
gregworksomething like pvlan would make solving this access control trivial, the neighbors literally dont exist22:23
*** dsneddon has joined #openstack-neutron22:24
gregworkits just you and the ganesha vip22:24
*** whoami-rajat has joined #openstack-neutron22:24
gregworkno routing no middle men no overlays22:24
gregworkjust high perf layer 222:24
*** dsneddon has quit IRC22:29
*** ociuhandu has joined #openstack-neutron22:30
*** ociuhandu has quit IRC22:35
*** mattw4 has quit IRC22:44
*** dsneddon has joined #openstack-neutron22:51
*** rcernin has joined #openstack-neutron22:53
*** mattw4 has joined #openstack-neutron22:54
*** betherly has joined #openstack-neutron23:01
*** mattw4 has quit IRC23:03
*** mattw4 has joined #openstack-neutron23:04
*** betherly has quit IRC23:06
*** tbachman has joined #openstack-neutron23:09
*** slaweq has joined #openstack-neutron23:11
*** tbachman has quit IRC23:14
*** tbachman has joined #openstack-neutron23:14
*** slaweq has quit IRC23:15
*** armax has quit IRC23:22
*** mlavalle has quit IRC23:31
*** tbachman has quit IRC23:40
*** mattw4 has quit IRC23:52
*** betherly has joined #openstack-neutron23:54
*** betherly has quit IRC23:59
« Wednesday, 2019-08-07 Index Friday, 2019-08-09 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!