| *** amoralej|off is now known as amoralej | 06:16 | |
| opendevreview | Slawek Kaplonski proposed openstack/os-ken master: Use py3 as the default runtime for tox https://review.opendev.org/c/openstack/os-ken/+/852334 | 06:48 |
|---|---|---|
| opendevreview | Lajos Katona proposed openstack/neutron master: Doc: New bug tags: pyroute2 and stable https://review.opendev.org/c/openstack/neutron/+/853599 | 07:33 |
| frickler | lajoskatona: seems ralonsoh was waiting for your feedback on https://review.opendev.org/c/openstack/neutron-dynamic-routing/+/851798 , could you have another look please? | 07:38 |
| ralonsoh | let me check | 07:38 |
| *** dulek_ is now known as dulek | 07:39 | |
| lajoskatona | frickler: sure | 07:42 |
| opendevreview | Slawek Kaplonski proposed openstack/neutron master: [OVN] Try to bind ports only to the ovn-controller agents https://review.opendev.org/c/openstack/neutron/+/853479 | 07:59 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron master: Script to remove duplicated port bindings https://review.opendev.org/c/openstack/neutron/+/846422 | 08:13 |
| opendevreview | Merged openstack/neutron master: Don't retrieve SG port bindings when deleting a SG https://review.opendev.org/c/openstack/neutron/+/852723 | 08:37 |
| opendevreview | Lajos Katona proposed openstack/neutron stable/stein: DNM: check stein branch fixes https://review.opendev.org/c/openstack/neutron/+/853608 | 09:18 |
| opendevreview | Merged openstack/os-ken master: Use py3 as the default runtime for tox https://review.opendev.org/c/openstack/os-ken/+/852334 | 09:24 |
| opendevreview | Merged openstack/neutron-dynamic-routing master: Don't run periodic actions for StaticScheduler https://review.opendev.org/c/openstack/neutron-dynamic-routing/+/851798 | 09:28 |
| opendevreview | renliang proposed openstack/neutron stable/yoga: Mellanox_eth.img url expires, remove the mellanox_eth.img node https://review.opendev.org/c/openstack/neutron/+/853445 | 09:41 |
| opendevreview | renliang proposed openstack/neutron stable/xena: Mellanox_eth.img url expires, remove the mellanox_eth.img node https://review.opendev.org/c/openstack/neutron/+/853446 | 09:44 |
| opendevreview | renliang proposed openstack/neutron stable/wallaby: Mellanox_eth.img url expires, remove the mellanox_eth.img node https://review.opendev.org/c/openstack/neutron/+/853447 | 09:44 |
| opendevreview | renliang proposed openstack/neutron stable/victoria: Mellanox_eth.img url expires, remove the mellanox_eth.img node https://review.opendev.org/c/openstack/neutron/+/853448 | 09:44 |
| opendevreview | renliang proposed openstack/neutron stable/ussuri: Mellanox_eth.img url expires, remove the mellanox_eth.img node https://review.opendev.org/c/openstack/neutron/+/853449 | 09:45 |
| opendevreview | renliang proposed openstack/neutron stable/train: Mellanox_eth.img url expires, remove the mellanox_eth.img node https://review.opendev.org/c/openstack/neutron/+/853630 | 09:46 |
| opendevreview | renliang proposed openstack/neutron stable/rocky: Mellanox_eth.img url expires, remove the mellanox_eth.img node https://review.opendev.org/c/openstack/neutron/+/853631 | 09:47 |
| opendevreview | renliang proposed openstack/neutron stable/queens: Mellanox_eth.img url expires, remove the mellanox_eth.img node https://review.opendev.org/c/openstack/neutron/+/853632 | 09:47 |
| opendevreview | Lajos Katona proposed openstack/neutron stable/stein: DNM: check stein branch fixes https://review.opendev.org/c/openstack/neutron/+/853608 | 09:59 |
| opendevreview | renliang proposed openstack/neutron stable/stein: Mellanox_eth.img url expires, remove the mellanox_eth.img node https://review.opendev.org/c/openstack/neutron/+/853633 | 10:08 |
| amorin | ralonsoh I am coming back on my port with device_id, I dont understand how you endup having a 409 from nova | 12:09 |
| amorin | here is what I do: | 12:09 |
| amorin | openstack port create --network public --device 09718173-3170-46b7-b313-e7adb7cc1046 p3 | 12:09 |
| amorin | and neutron accept this very nicely on my side | 12:10 |
| opendevreview | Lajos Katona proposed openstack/neutron stable/stein: DNM: check stein branch fixes https://review.opendev.org/c/openstack/neutron/+/853608 | 12:43 |
| mlavalle1 | lucasagomes: I thought you might want to chime in here: https://review.opendev.org/c/openstack/neutron/+/836608 | 13:04 |
| lucasagomes | mlavalle1, will take a look | 13:05 |
| lucasagomes | mlavalle1, I will comment on the patch | 13:07 |
| lucasagomes | sorry I forgot about that revert | 13:08 |
| mlavalle1 | lucasagomes: thanks! | 13:08 |
| lucasagomes | mlavalle1, added a comment. About 3 weeks ago dumitru (core OVN dev) refactored some parts of IGMP in core OVN and when I was testing it he explicitly said that mcast_flood should be set to False | 13:14 |
| lucasagomes | mlavalle1, that revert changes that. So I asked the author if he could test it again without the reverts using a new OVN | 13:15 |
| lucasagomes | mlavalle1, I left links and references in my comment. But for now I think we should hold that revert | 13:15 |
| lucasagomes | the core OVN change btw: https://github.com/ovn-org/ovn/commit/6aeeccdf272bc60630581e46aa42d97f4f56d4fa | 13:15 |
| mlavalle1 | lucasagomes: yeah, I was reviewing it yesterday and seeing at the history and one comment you left in the LP bug, I suspected you didn't want to merge the revert. That's why I wanted you to chime in | 13:16 |
| mlavalle1 | Thanks! | 13:16 |
| lucasagomes | mlavalle1++ thanks for checking it before! | 13:16 |
| amorin | ralonsoh out of curiosity, are you using ovs mech driver on your neutron deployment? Or maybe ovn? or something else? | 13:27 |
| opendevreview | Merged openstack/neutron master: [OVN] Try to bind ports only to the ovn-controller agents https://review.opendev.org/c/openstack/neutron/+/853479 | 13:37 |
| spatel | lucasagomes just to let you know after upgrade of OVN/OVS fix bunch of errors and now i am able to advertise VM tenant ips in BGP | 13:52 |
| spatel | currently i am stuck at here where VRF configuration not getting inject in FRR by this code - https://opendev.org/x/ovn-bgp-agent/src/branch/master/ovn_bgp_agent/drivers/openstack/utils/frr.py#L31 | 13:56 |
| spatel | what trigger this code to execute? | 13:56 |
| ralonsoh | amorin, I'm using OVN | 14:21 |
| ralonsoh | but I can try with OVS | 14:22 |
| amorin | please, thanks | 14:22 |
| amorin | I did try with my OVN and nova is not complaining neither, but I am not running the latest ovn so maybe that's why | 14:22 |
| amorin | or, maybe we have a different configuration | 14:23 |
| opendevreview | Slawek Kaplonski proposed openstack/neutron stable/yoga: [OVN] Try to bind ports only to the ovn-controller agents https://review.opendev.org/c/openstack/neutron/+/853635 | 14:23 |
| opendevreview | Merged openstack/neutron master: Use neutron-lib method is_session_active https://review.opendev.org/c/openstack/neutron/+/851192 | 14:39 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron master: [OVN] Remove session check in ``update_network_postcommit`` https://review.opendev.org/c/openstack/neutron/+/852885 | 14:42 |
| ralonsoh | amorin, same behaviour with both backends | 14:53 |
| ralonsoh | https://paste.opendev.org/show/b8RDqxL4BeSsuioJ1lOw/ | 14:53 |
| ralonsoh | (this is from one of then, the other is the same) | 14:53 |
| amorin | ok checking | 14:54 |
| amorin | hum | 14:55 |
| amorin | when you created your port20, you espacially created it with a device_id, right? | 14:56 |
| amorin | you set fistro in your example | 14:56 |
| ralonsoh | yes | 14:56 |
| amorin | my issue is there, if you set a device_id to a real nova instance ID, neutron is accepting it, but neutron is not calling nova interface-attach | 14:57 |
| ralonsoh | amorin, no, it doesn't work like this | 14:57 |
| amorin | why? | 14:57 |
| amorin | what is the purpose of leting the user setting the device_id? | 14:58 |
| ralonsoh | because is Nova who sets this device_id once applied the needed config in the backend | 14:58 |
| ralonsoh | and the port is bound to the VM | 14:58 |
| ralonsoh | no idea, to be honest | 14:58 |
| ralonsoh | but doesn't work like this | 14:58 |
| amorin | this is anyway problematic because, if you set a real device_id, and reboot hard the instance on nova side | 14:59 |
| amorin | the port will be plugged | 14:59 |
| ralonsoh | I've never tested that, I'll try it | 14:59 |
| slaweq | amorin: I think You can change API policies to allow changing device_id only for admin and nova user | 14:59 |
| slaweq | so others will not be able to do so | 15:00 |
| amorin | agree but then my openstack deployment would act diffently from upstream | 15:00 |
| amorin | and end users wont understand why | 15:00 |
| amorin | we are asking ourself why device_id is modifiable by end users | 15:01 |
| slaweq | amorin: I guess it's because neutron ports can be used not only by nova | 15:05 |
| slaweq | user can use neutron differently and create ports for some custom things | 15:05 |
| ralonsoh | btw, I've checked that and that's correct: nova retrieves the network info when rebooting and reads the manually assigned | 15:06 |
| ralonsoh | (I never tried this) | 15:06 |
| amorin | and if you do: | 15:06 |
| amorin | openstack port list --server yourserverid | 15:06 |
| amorin | the port will be visible | 15:06 |
| amorin | the port will be listed | 15:06 |
| amorin | and will stay down until the reboot hard | 15:07 |
| ralonsoh | yes | 15:07 |
| amorin | this is affecting our customers, because some of them believe that creating a port with a device_id will actually plug the port to their instance | 15:07 |
| amorin | but it's not | 15:07 |
| ralonsoh | amorin, this is just a documentation issue, IMO | 15:08 |
| amorin | true | 15:08 |
| slaweq | ralonsoh: I agree | 15:08 |
| amorin | IMO this is also very confusing | 15:08 |
| ralonsoh | I'll open a LP bug | 15:08 |
| amorin | there is also a weird effect: | 15:09 |
| amorin | imagine 2 tenants: | 15:09 |
| amorin | tenant1 with serverid1 | 15:09 |
| amorin | tenant2 is creating a port: | 15:09 |
| amorin | openstack port create --device serverid1 | 15:09 |
| amorin | neutron accept this | 15:09 |
| *** dasm|off is now known as dasm | 15:09 | |
| amorin | from tenant1, port is not visible (make sense, because it does belong to tenant2) | 15:10 |
| amorin | but, from an admin: | 15:10 |
| amorin | openstack port list --server serverid1 | 15:10 |
| amorin | will list the port from tenant2 | 15:10 |
| amorin | even if serverid1 belongs to tenant1 | 15:10 |
| amorin | nova will never plug the port, because they are checking if the port belong to the tenant1 | 15:11 |
| amorin | but this is very confusing for an administrator | 15:11 |
| ralonsoh | this could be a security bug if user1 can read user2 VM IDs | 15:11 |
| ralonsoh | (they can't) | 15:11 |
| amorin | they can't | 15:11 |
| amorin | but you know, some customers are sharing instance Id on public mailing list | 15:12 |
| amorin | so... | 15:12 |
| ralonsoh | but that shows a questionable design, in this case of the port.device_id | 15:12 |
| ralonsoh | maybe (just maybe), this value should be tested before assigned | 15:12 |
| amorin | yes, or writable only in admin context by default | 15:13 |
| amorin | maybe through a conf param | 15:13 |
| amorin | so operator that use neutron out of nova can still do what they want | 15:13 |
| ralonsoh | in any case, it is quite difficult to assign the VM ID of another project without knowing it | 15:16 |
| amorin | agree | 15:16 |
| ralonsoh | https://bugs.launchpad.net/neutron/+bug/1986969 | 15:17 |
| amorin | thanks | 15:18 |
| amorin | actually, device_owner is not mandatory | 15:19 |
| amorin | also, note that current openstack provider on terraform doc is here: | 15:20 |
| amorin | https://registry.terraform.io/providers/terraform-provider-openstack/openstack/latest/docs/resources/networking_port_v2#device_id | 15:20 |
| amorin | "The ID of the device attached to the port" | 15:20 |
| amorin | I know this is outside of the openstack scope, but maybe worth to be mentionned? | 15:21 |
| ralonsoh | I'll add it, but this should be considered in this tool | 15:23 |
| *** amoralej is now known as amoralej|off | 15:27 | |
| amorin | thanks! | 15:29 |
| opendevreview | Merged openstack/neutron stable/xena: [OVN] Fix updating network segmentation ID https://review.opendev.org/c/openstack/neutron/+/853148 | 15:51 |
| opendevreview | Fernando Royo proposed openstack/ovn-octavia-provider master: Fix healthMonitor events affecting to unrelated LB https://review.opendev.org/c/openstack/ovn-octavia-provider/+/853681 | 15:53 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron master: [OVN] Remove session check in ``update_network_postcommit`` https://review.opendev.org/c/openstack/neutron/+/852885 | 16:11 |
| opendevreview | Merged openstack/neutron master: Doc: New bug tags: pyroute2 and stable https://review.opendev.org/c/openstack/neutron/+/853599 | 19:08 |
| *** dasm is now known as dasm|off | 22:08 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!