Wednesday, 2023-03-08

« Tuesday, 2023-03-07 Index Thursday, 2023-03-09 »
opendevreviewRodolfo Alonso proposed openstack/neutron master: [OVN] Change oslo config options entry point for the OVN agent  https://review.opendev.org/c/openstack/neutron/+/87682408:47
opendevreviewRodolfo Alonso proposed openstack/neutron stable/2023.1: [OVN] Change oslo config options entry point for the OVN agent  https://review.opendev.org/c/openstack/neutron/+/87682508:47
opendevreviewRodolfo Alonso proposed openstack/neutron-tempest-plugin master: Move test_dhcp_port_status_active to tempest  https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/86922709:31
ralonsohlajoskatona, slaweq he folks, https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/869227 is not getting into zuul (I'm asking in the infra channel)09:34
ralonsohin any case, is that 100% necessary for the release?09:34
ralonsohhttps://review.opendev.org/c/openstack/releases/+/87661609:34
ralonsohor can I update it now?09:35
lajoskatonaralonsoh: thanks for checking, It is not that urgent, it is not that we lose coverage without it, we have no duplication10:02
lajoskatonaralonsoh: as I see now it is in the gate queue10:02
ralonsohit is now??10:03
ralonsohIt has appeared now, I swear10:03
lajoskatonaralonsoh: ohh, no it is  in the release-approval queue10:03
ralonsohI +W it 10 mins ago10:03
ralonsohok, I'll wait for it 10:04
opendevreviewSlawek Kaplonski proposed openstack/neutron stable/zed: [Secure RBAC] Add shared_security_groups rule  https://review.opendev.org/c/openstack/neutron/+/87680210:08
opendevreviewSlawek Kaplonski proposed openstack/neutron-tempest-plugin master: [Secure RBAC] Add scope enforcement enabled job for Zed branch  https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/87470910:08
slaweqralonsoh hi, I'm still checking this Zed job with new policies but for sure we need new neutron-lib release for Zed: https://review.opendev.org/c/openstack/releases/+/87683710:48
slaweqas we need https://review.opendev.org/c/openstack/neutron-lib/+/874394 there10:48
opendevreviewSlawek Kaplonski proposed openstack/neutron-tempest-plugin master: [Secure RBAC] Add scope enforcement enabled job for Zed branch  https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/87470910:50
ralonsohslaweq, no no, I've pushed these patches today10:51
ralonsohhttps://review.opendev.org/q/project:openstack%252Freleases10:51
ralonsohcheck the mail10:51
slaweqahh, ok10:51
slaweqso please -1 this one10:51
opendevreviewSlawek Kaplonski proposed openstack/neutron-tempest-plugin master: [Secure RBAC] Add scope enforcement enabled job for Zed branch  https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/87470910:53
slaweqralonsoh++ thx10:53
ralonsohyw!10:53
slaweqok, so for now we for sure need that one missing backport which I proposed today and You +2 already and new neutron-lib release10:55
slaweqthen I will check again how results will look like10:55
slaweqbut I don't see anything else missing comparing it to master branch10:56
ralonsohonce we have the new n-lib release, we'll wait for the requirements patch10:56
ralonsohand then we'll be able to test n-t-p patch10:56
slaweq++10:56
ralonsohincluding this last backport10:56
opendevreviewSahid Orentino Ferdjaoui proposed openstack/neutron stable/2023.1: ovs: fix regression when vlan mapping is not already registered  https://review.opendev.org/c/openstack/neutron/+/87680310:59
opendevreviewSahid Orentino Ferdjaoui proposed openstack/neutron stable/zed: ovs: fix regression when vlan mapping is not already registered  https://review.opendev.org/c/openstack/neutron/+/87680411:00
opendevreviewBence Romsics proposed openstack/neutron master: DNM Suppress IPv6 metadata DAD failure  https://review.opendev.org/c/openstack/neutron/+/87656611:25
opendevreviewFelix Huettner proposed openstack/neutron master: Reduce lock contention on subnets  https://review.opendev.org/c/openstack/neutron/+/87593812:56
*** elodilles is now known as elodilles_afk13:20
opendevreviewSlawek Kaplonski proposed openstack/neutron-tempest-plugin master: DNM Just test of the Zed job with latest stable/zed neutron-lib  https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/87686913:25
opendevreviewSlawek Kaplonski proposed openstack/neutron-tempest-plugin master: DNM Just test of the Zed job with latest stable/zed neutron-lib  https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/87686913:26
opendevreviewRodolfo Alonso proposed openstack/neutron master: [OVN] Use the BW values retrieved from ``get_port_qos``  https://review.opendev.org/c/openstack/neutron/+/87687213:53
opendevreviewRodolfo Alonso proposed openstack/neutron stable/2023.1: [OVN] Use the BW values retrieved from ``get_port_qos``  https://review.opendev.org/c/openstack/neutron/+/87680613:54
*** elodilles_afk is now known as elodilles14:58
opendevreviewBence Romsics proposed openstack/neutron master: Suppress IPv6 metadata DAD failure  https://review.opendev.org/c/openstack/neutron/+/87656615:04
haleybrubasov: hey bence, i think i figured out a way to fix the IPv6 metadata issue, just came to me15:05
rubasovhaleyb: hi, tell me15:06
rubasov(by the way I also just pushed a new patch, but did not write an explanation for it yet in gerrit)15:06
haleybso looking at this i noticed that EC2 also supports this now, but did not use a link-local, they used a ULA address, fd00:ec2::254/12815:07
haleybi'll type quick, have more comments, but will put in bug as well...15:07
haleybif we configure that on the loopback device and inject a route to it in the dhcp reply, it should work15:08
haleybwe do this for the IPv4 case already15:08
haleybi had actually started hacking something to support multiple IPv6 metadata addresses yesterday, and when i got to the route injection part i said 'a-ha!'15:09
haleybdid that make sense?15:09
haleybit would mean we have to change the metadata address, since i couldn't put the a9fe address on lo and have it work15:09
haleybi could get a PoC patch out today that does the whole mess i think, i might have gone overboard but was a good thought experiment15:11
rubasovthen I guess each guest would have the route corresponding to where they got the dhcp offer...15:12
haleybrubasov: exactly, just like IPv4 - see code in _generate_opts_per_subnet()15:12
rubasovwhat would happen when that dhcp server fails and dhcp has to go to the other server which has a different route to push?15:12
haleybi would hope the VM would update the route, but it shouldn't need to do metadata again, right?15:13
haleybi guess technically we should have been doing this for IPv4 as well, configuring on the loopback, it just never does DAD15:15
rubasovinteresting idea, I will play with it to understand it better15:17
haleyblet me paste the two commands15:18
ralonsohin order to make this change, that is disruptive with the current behaviour, we should discuss this in the drivers meeting15:18
haleybon dhcp agent: ip a a dev lo fd00:ec2::254/12815:18
haleybon VM: ip -6 r a fd00:ec2::254/128 via DHCP-LL dev MYDEV15:19
haleybralonsoh: yes, it is disruptive, but we could have them live together until we update cloud-init. it is just a thought15:20
ralonsohwhy this IPv6 address?15:20
haleybralonsoh: well, i just chose the EC2 one, and it's ULA, not link-local, so we can route to it15:20
rubasovhaleyb: thanks for the commands15:21
rubasovno router will forward the LL address15:21
ralonsohthough what interface? the DHCP agent external interface?15:21
haleybralonsoh: it's internal interface. Look for METADATA_CIDR in _generate_opts_per_subnet() - we do it today for v415:22
ralonsohthe DHCP namespace has two interfaces, the one connected to OVS and lo15:23
ralonsohwhere is this IPv6 set?15:23
rubasovin a guest on an isolated network I have a routing table like this:15:23
rubasov$ ip r15:23
rubasovdefault via 10.0.4.1 dev eth015:23
rubasov10.0.4.0/24 dev eth0 scope link  src 10.0.4.7615:23
rubasov169.254.169.254 via 10.0.4.2 dev eth015:23
rubasov169.254.169.254 via 10.0.4.3 dev eth015:23
haleybralonsoh: my thought it lo, since i think putting on eth0 would just trigger DAD15:23
haleybrubasov: oh, it has both dhcp agent IPs, interesting15:24
rubasovhaleyb: I'm also surprised15:24
haleybthrice actually15:24
haleyboh, guess not, the .1 is the gateway15:25
ralonsohwhat IPv6 address will have the one connected to OVS?15:25
rubasovone agent pushes this: tag:subnet-9a15f085-a202-44a0-9d97-502f8752ca85,option:classless-static-route,169.254.169.254/32,10.0.4.3,0.0.0.0/0,10.0.4.115:25
rubasovthe other pushes this: tag:subnet-9a15f085-a202-44a0-9d97-502f8752ca85,option:classless-static-route,169.254.169.254/32,10.0.4.2,0.0.0.0/0,10.0.4.115:26
haleybrubasov: did you fail-over from one to the other? i guess in that case it could have added the second, since it's not technically a duplicate15:27
haleybbut like i said, metadata is long done15:27
rubasov(and IIRC option 249 is some microsoft counterpart to classless-static-route)15:27
rubasovhaleyb: I did a lot of things with this test environment already, I would not start with a clean state to make sure15:28
rubasov* I would need15:28
haleybrubasov: ack, like i said, i'll try and get something out today. it is adding the addresses on 'eth0' now so would just have to fix that somehow15:29
rubasovokay, waiting for it15:29
rubasovin the short term, this still may make sense to get rid of the dhcp side effects of the uncaught exception: https://review.opendev.org/c/openstack/neutron/+/87656615:30
* haleyb has a few meetings, but will get something out at least15:30
rubasovremoved the DNM, because I realized that it only improves things, even if it does not fix everything it should15:31
ralonsohok, I think I'm out the conversation15:31
opendevreviewMerged openstack/neutron-tempest-plugin master: Move test_dhcp_port_status_active to tempest  https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/86922715:40
ralonsohslaweq, please approve this patch15:43
ralonsohhttps://review.opendev.org/c/openstack/neutron/+/87680415:43
ralonsohto add it to the next Zed release15:43
ralonsohlajoskatona, ^15:54
ralonsoh(just to update the release patch asap)15:54
slaweqralonsoh done15:58
slaweqralonsoh I tested zed new rbac job in https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/876869 with neutron-lib from stable/zed branch and it is green15:59
slaweqso once we will have that last patch merged in neutron and neutron-lib released we should be good with it :)15:59
ralonsohthanks!16:03
ralonsohslaweq, with n-lib master cool!16:03
ralonsohnow we have the confirmation before releasing16:03
ralonsoh++16:03
slaweqralonsoh to be strict, not n-lib master but n-lib stable/zed's head :)16:04
ralonsohyeah hehehe16:04
slaweqbut yes, we have confirmation that it works with it16:04
opendevreviewMerged openstack/neutron stable/zed: [Secure RBAC] Add shared_security_groups rule  https://review.opendev.org/c/openstack/neutron/+/87680216:10
opendevreviewMerged openstack/neutron stable/2023.1: ovs: fix regression when vlan mapping is not already registered  https://review.opendev.org/c/openstack/neutron/+/87680316:10
opendevreviewRodolfo Alonso proposed openstack/neutron master: [OVS] Allow custom ethertype traffic in the ingress table  https://review.opendev.org/c/openstack/neutron/+/87656317:51
haleybralonsoh: so you will fix the other bug i noticed in https://review.opendev.org/c/openstack/neutron/+/876872 separately? if so i can change my vote18:30
opendevreviewMerged openstack/neutron master: [sqlalchemy-20] The Session.begin.subtransactions flag is deprecated  https://review.opendev.org/c/openstack/neutron/+/87493820:07
opendevreviewMerged openstack/neutron stable/wallaby: Prevent router_ha_interface port from being removed via API  https://review.opendev.org/c/openstack/neutron/+/87582021:25
opendevreviewBrian Haley proposed openstack/neutron master: Add support for multiple IPv6 metadata addresses  https://review.opendev.org/c/openstack/neutron/+/87690323:16
« Tuesday, 2023-03-07 Index Thursday, 2023-03-09 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!