| opendevreview | Miguel Lavalle proposed openstack/neutron master: [PoC][DNM] Router flavors and service type for OVN https://review.opendev.org/c/openstack/neutron/+/883988 | 00:22 |
|---|---|---|
| opendevreview | Merged openstack/neutron stable/yoga: Return 409 Conflict to tenant user deleting port attached to FIP https://review.opendev.org/c/openstack/neutron/+/886272 | 02:59 |
| *** dmellado170420 is now known as dmellado17042 | 05:05 | |
| *** amoralej|off is now known as amoralej | 07:43 | |
| opendevreview | Frode Nordahl proposed openstack/neutron master: Add extra router attributes for ECMP and BFD https://review.opendev.org/c/openstack/neutron/+/874797 | 09:18 |
| opendevreview | Frode Nordahl proposed openstack/neutron master: [ovn] Implement support for external-gateway-multihoming extension https://review.opendev.org/c/openstack/neutron/+/874199 | 09:18 |
| opendevreview | Frode Nordahl proposed openstack/neutron master: [ovn] Honor `enable_default_route_ecmp` attribute https://review.opendev.org/c/openstack/neutron/+/878531 | 09:18 |
| opendevreview | Frode Nordahl proposed openstack/neutron master: [ovn] Make scheduling of unhosted gateways aware of current transaction https://review.opendev.org/c/openstack/neutron/+/874760 | 09:18 |
| ralonsoh | slaweq, https://review.opendev.org/c/openstack/neutron/+/886167 | 09:45 |
| ralonsoh | if you have 1 min | 09:45 |
| ralonsoh | to unblock the CI | 09:45 |
| ralonsoh | thanks! | 09:45 |
| slaweq | ralonsoh sure | 09:51 |
| slaweq | looking now | 09:51 |
| opendevreview | Slawek Kaplonski proposed openstack/neutron master: [S-RBAC] Fix policies for CUD subnets APIs https://review.opendev.org/c/openstack/neutron/+/886231 | 09:52 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron master: [sqlalchemy-20] Remove redundant indexes from some tables https://review.opendev.org/c/openstack/neutron/+/886213 | 09:58 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron-lib master: Removed ``HasProjectPrimaryKeyIndex`` class https://review.opendev.org/c/openstack/neutron-lib/+/886589 | 10:06 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron stable/2023.1: Delete the "Chassis_Private" register when deleting an agent https://review.opendev.org/c/openstack/neutron/+/886590 | 10:08 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron stable/zed: Delete the "Chassis_Private" register when deleting an agent https://review.opendev.org/c/openstack/neutron/+/886591 | 10:09 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron stable/yoga: Delete the "Chassis_Private" register when deleting an agent https://review.opendev.org/c/openstack/neutron/+/886592 | 10:09 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron stable/xena: Delete the "Chassis_Private" register when deleting an agent https://review.opendev.org/c/openstack/neutron/+/886593 | 10:09 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron stable/wallaby: Delete the "Chassis_Private" register when deleting an agent https://review.opendev.org/c/openstack/neutron/+/886594 | 10:09 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron-lib master: Remove unnecessary required extension for "network_ha" extension https://review.opendev.org/c/openstack/neutron-lib/+/886598 | 10:37 |
| opendevreview | Maximilian Sesterhenn proposed openstack/ovn-bgp-agent master: [WIP] Implement L2 EVPN functionality https://review.opendev.org/c/openstack/ovn-bgp-agent/+/886090 | 10:51 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron master: Use the new network HA parameter https://review.opendev.org/c/openstack/neutron/+/881742 | 10:57 |
| opendevreview | NickKush proposed openstack/neutron master: Handle fixed_ip delete in port with FIP https://review.opendev.org/c/openstack/neutron/+/885999 | 11:16 |
| opendevreview | Merged openstack/neutron master: Functional: assert multiple calls for update_virtual_port_host https://review.opendev.org/c/openstack/neutron/+/886167 | 11:18 |
| opendevreview | Fernando Royo proposed openstack/ovn-octavia-provider master: Fix port for Load Balancer Health Check for FIP https://review.opendev.org/c/openstack/ovn-octavia-provider/+/886603 | 11:39 |
| *** amoralej is now known as amoralej|lunch | 11:45 | |
| opendevreview | Rodolfo Alonso proposed openstack/neutron master: [OVN] Remove SB "Chassis"/"Chassis_Private" duplicated registers https://review.opendev.org/c/openstack/neutron/+/885794 | 11:45 |
| vvr-plv | Hi, I have a DevStack environment with OVS/DPDK (netdev datapath), huge pages on flavor, firewall driver openvswitch and enabled port security. I created security group with enabled egress and ingress icmp rules and added it to VM. Ping from VM to router/dhcp namespace doesn't work. Ping from router/dhcp namespace to VM works. Is it expected? I tried different combination of ovs_use_veth, use_namespaces. It didn't help. Please comment it. | 11:51 |
| *** mgoddard- is now known as mgoddard | 12:28 | |
| *** amoralej|lunch is now known as amoralej | 12:49 | |
| ralonsoh | vvr-plv, you can't/shouldn't use veth with DPDK. From the VM, you should be able to ping, for example, one of the DHCP interface IP address | 13:13 |
| ralonsoh | what IP address are you trying to ping from the VM? do you receive IP address during the boot process? | 13:14 |
| ralonsoh | via dnsmasq | 13:14 |
| vvr-plv | ralonsoh: I tried only without veth. server got IP address in boot process. I tried to ping IPs which I got from ip netns of router and dhcp. Ping back from namespaces works and I can disable it by removing security rules | 13:28 |
| ralonsoh | ok, ok, so this is a problem of the SG rules you have | 13:31 |
| ralonsoh | this is not a problem in the deployment | 13:31 |
| vvr-plv | openstack security group rule create --protocol icmp --ingress and openstack security group rule create --protocol icmp --egress only these rules | 13:35 |
| slaweq | lajoskatona hi, can You check https://review.opendev.org/c/openstack/neutron/+/886231 ? | 13:36 |
| slaweq | thx in advance | 13:36 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron master: [OVN] Remove SB "Chassis"/"Chassis_Private" duplicated registers https://review.opendev.org/c/openstack/neutron/+/885794 | 13:44 |
| opendevreview | Slawek Kaplonski proposed openstack/neutron master: Add missing port_binding policy https://review.opendev.org/c/openstack/neutron/+/884983 | 14:10 |
| vvr-plv | ralonsoh: and also two VMs ping each according to security groups correctly. only from with connection to namespaces from VM | 14:15 |
| ralonsoh | vvr-plv, are you using remote group or remote cidr in the SG rules? | 14:16 |
| ralonsoh | most probably remote group (by default). Use remote cidr instead | 14:16 |
| opendevreview | Merged openstack/neutron master: [OVN] The all() and count() methods should be inside a DB txn https://review.opendev.org/c/openstack/neutron/+/886457 | 14:16 |
| vvr-plv | ralonsoh, I see that by default it use remove ip, because when I tried add new rule with it openstack security group rule create --protocol icmp --ingress --remote-ip 0.0.0.0/0, I got Security group rule already exists | 14:20 |
| opendevreview | Lucas Alvares Gomes proposed openstack/neutron master: [OVN] Hash Ring: Set nodes as offline upon exit https://review.opendev.org/c/openstack/neutron/+/886279 | 14:21 |
| slaweq | gmann hi, I'm starting looking at the service-to-service role in S-RBAC in neutron now and I actually wonder if it isn't something what we kind of already have by it's called "advsvc" in our case: https://github.com/openstack/neutron/blob/master/neutron/conf/policies/base.py#L75 | 14:35 |
| slaweq | do You think it will be ok if we will deprecate that existing rule and have "service" role as replacement for it? | 14:36 |
| *** gthiemon1e is now known as gthiemonge | 16:00 | |
| opendevreview | Rodolfo Alonso proposed openstack/neutron master: [OVN trunk] Add bound info on subport when parent is bound https://review.opendev.org/c/openstack/neutron/+/882581 | 16:46 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron master: [OVN[[Trunk] Add bound info on subport when parent is bound https://review.opendev.org/c/openstack/neutron/+/882581 | 16:47 |
| gmann | slaweq: yes, at the end goal, we want all services calling with 'service' role. it will be consistent to change that to 'service' | 17:05 |
| gmann | slaweq: one thing I experienced in nova service role change (not yet merged) whihc can be helpful for you. I need to use admin context in many internal/to-cinder call of service API as those API on cinder side is admin. I mean only service role does not work for 'swap volume' nova API which call many cinder APIs internally | 17:06 |
| gmann | slaweq: if we have integration test for those service API then these things can be verified. I am adding for those service role in tempest as first step. | 17:07 |
| gmann | you can also make sure there are tests verifying that service role token work perfectly | 17:07 |
| opendevreview | Rodolfo Alonso proposed openstack/neutron master: [sqlalchemy-20] Remove redundant indexes from some tables https://review.opendev.org/c/openstack/neutron/+/886213 | 17:13 |
| *** amoralej is now known as amoralej|off | 17:19 | |
| opendevreview | Merged openstack/neutron master: Do not update static routes in snat-ns for dvr router with ha https://review.opendev.org/c/openstack/neutron/+/867678 | 22:43 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!