opendevreview | liuyulong proposed openstack/neutron master: Adds unique constraint for network segment ranges https://review.opendev.org/c/openstack/neutron/+/947898 | 03:12 |
---|---|---|
opendevreview | Rodolfo Alonso proposed openstack/neutron master: [OVN] Change the OVN QoS rule priority for floating IPs https://review.opendev.org/c/openstack/neutron/+/948894 | 05:49 |
hamidlotfi__ | ralonsoh: I read all these conversations line by line | 07:55 |
hamidlotfi__ | https://bugs.launchpad.net/neutron/+bug/2107634 | 07:55 |
hamidlotfi__ | But it didn't help me. Maybe I didn't understand the point you're interested in. | 07:55 |
ralonsoh | hamidlotfi__, the traffic in the DVR routers, the iptables rules in the namespace can forward the traffic directly | 07:58 |
ralonsoh | https://review.opendev.org/c/openstack/neutron/+/355062 | 07:58 |
ralonsoh | thus I don't know if the FWaaS rule can be enforced there | 07:59 |
ralonsoh | but I don't actually know well how fwaas works with ml2/ovs | 07:59 |
opendevreview | Maor Blaustein proposed x/whitebox-neutron-tempest-plugin master: Add WSGI check for devstack https://review.opendev.org/c/x/whitebox-neutron-tempest-plugin/+/948953 | 08:49 |
opendevreview | Maor Blaustein proposed x/whitebox-neutron-tempest-plugin master: Add WSGI check for devstack https://review.opendev.org/c/x/whitebox-neutron-tempest-plugin/+/948953 | 08:57 |
opendevreview | Jimin Shin proposed openstack/neutron master: Extend port resource request only when using qos minimum rules https://review.opendev.org/c/openstack/neutron/+/944756 | 09:21 |
opendevreview | Jimin Shin proposed openstack/neutron master: Add mock for count method https://review.opendev.org/c/openstack/neutron/+/947547 | 09:21 |
opendevreview | Maor Blaustein proposed x/whitebox-neutron-tempest-plugin master: Add WSGI check for devstack https://review.opendev.org/c/x/whitebox-neutron-tempest-plugin/+/948953 | 09:47 |
opendevreview | Maor Blaustein proposed x/whitebox-neutron-tempest-plugin master: Add WSGI check for devstack https://review.opendev.org/c/x/whitebox-neutron-tempest-plugin/+/948953 | 10:38 |
opendevreview | Maor Blaustein proposed x/whitebox-neutron-tempest-plugin master: Add WSGI check for devstack https://review.opendev.org/c/x/whitebox-neutron-tempest-plugin/+/948953 | 10:40 |
sean-k-mooney | ralonsoh: as far as im aware firewall as a service implemente all the role in the neutron router namespace so you would jsut have to make sure its enabeld in the l3 agent on the compute for dvr to function i think. i think its just an exteion to the l3 agent but maybe they have there own. if its the latter case you owuld need ot install that agent on each compute node but i | 10:58 |
sean-k-mooney | dont belive that is the case | 10:58 |
sean-k-mooney | it should be noted that firewall ass a service only providees firewallign across l3 networks i.e. it never provided facilaites for firewalling within an l2 broadcast domain. that what security groups are for, endpoint level enforcemnet. firwall as a service is for network level enforcement between diffent subnets | 11:01 |
sean-k-mooney | ralonsoh: i do no see FWaaS mentioned in https://bugs.launchpad.net/neutron/+bug/2107634 | 11:02 |
sean-k-mooney | ralonsoh: for what it wornt i dont think its a vlaid bug to say there shoudl be no routablit between tenant netowrks in this case | 11:03 |
ralonsoh | sean-k-mooney, the issue reported in ^ this bug mentions the problem of having two different network ports, not in the same L2 domain | 11:03 |
ralonsoh | I don't know exactly where the fwaas process the rules when using ml2/ovs (and l3 agent) | 11:04 |
sean-k-mooney | right but if your using networking bgp | 11:04 |
sean-k-mooney | and adress pools to provide subnets to the tenatn networks | 11:04 |
ralonsoh | this is not relevant in the bug | 11:04 |
sean-k-mooney | its expected to have routeablity betwen the tenant networks | 11:04 |
ralonsoh | yes, and this is where the fwaas should apply the rules | 11:05 |
sean-k-mooney | that is where it could | 11:05 |
ralonsoh | thus I don't know if this "fast exit" code implementation is interfering the fwaas rules | 11:05 |
sean-k-mooney | it should only apply the rule if an admin configured it to do so | 11:05 |
sean-k-mooney | neutron-bgp-dragent is ment to make the tenant network automaticlaly routable to everyone | 11:06 |
sean-k-mooney | tenatn networkin in general in neutron are inteneded to be routabel if you confiure the routing in the data center router to do that | 11:07 |
sean-k-mooney | so blockign that routing would be a backward incompatble change so not something that shoudl be done by default | 11:07 |
ralonsoh | no, I'm not suggesting to block that routing | 11:08 |
ralonsoh | actually what was proposed was to have a config option to make this "fast exit" code selectable or not | 11:09 |
sean-k-mooney | hum ok there are some iterpo issues with taht but i guess that not terribel | 11:09 |
sean-k-mooney | it might be better ot ahve an atrtibute on the subnet to contol if it shoudl be annoched | 11:10 |
sean-k-mooney | and a default in the config | 11:10 |
sean-k-mooney | at least that way you coudl discover form the api if the tenant subnet is exported via bgp and shoudl be routable | 11:11 |
sean-k-mooney | ralonsoh: anyway i just popped by to let you know that i rebased https://review.opendev.org/c/openstack/neutron/+/899956 and adressed haleyb's requst to bump pbr verion in requiremetns.txt | 11:13 |
sean-k-mooney | i didnt see a patch up to add pyproject.toml for neutron other then my old one | 11:13 |
ralonsoh | sean-k-mooney, no, we didn't push this patch before | 11:14 |
sean-k-mooney | neutron seams to have doged the breakage in devstack becasue ye are already using the seperate module due to the eventlet removal work | 11:14 |
ralonsoh | sean-k-mooney, we had last week a problem with designate | 11:15 |
ralonsoh | sean-k-mooney, and checking that, I don't know why Neutron is not failing right now | 11:15 |
sean-k-mooney | ya the patch that was merged was not correct IMO | 11:15 |
sean-k-mooney | since it droped supprot for wsgi_script wihtout deprecation | 11:16 |
ralonsoh | sean-k-mooney, but that was the patch modifying the wsgi module (instead of creating the script) | 11:16 |
ralonsoh | yes, we have this | 11:16 |
sean-k-mooney | right but they are not mutally exclisive | 11:16 |
ralonsoh | right | 11:16 |
sean-k-mooney | the the scrips still get generated work if you use setup.py installl or use an older setuptools | 11:17 |
ralonsoh | but we are using setuptools 80 now | 11:17 |
sean-k-mooney | they were not generated in devstack because without the pyproject.toml pbr was not enabled | 11:17 |
sean-k-mooney | and devstack uses -e | 11:17 |
sean-k-mooney | ralonsoh: the reason the current approch was problematic is many of the isntallers still rely on the wsgi script | 11:18 |
ralonsoh | yes but if we no longer need the script in Neutron, why the toml file is needed? | 11:19 |
ralonsoh | this is what I don't 100% understand | 11:19 |
sean-k-mooney | without it pbr is not being used | 11:19 |
sean-k-mooney | so the other thing pbr does for you is not being used right now becaue pip is provideing its own that uses setuptools withou calling our setup.py | 11:20 |
ralonsoh | right, it no longer calls setup.py | 11:20 |
sean-k-mooney | right but pbr does much more then just generate the wsgi_scripts | 11:21 |
sean-k-mooney | it provideing automatic versioning of the package https://docs.openstack.org/pbr/latest/user/features.html#version it autogeeration several files https://docs.openstack.org/pbr/latest/user/features.html#automatic-file-generation | 11:22 |
sean-k-mooney | eventully as a comunity we may want to move away form having to maintain pbr. setuptools_scm (an updatrem extention ot setup tools) can do some of this for us now but not all of it | 11:27 |
ralonsoh | I've approved the patch. I'll ping haleyb, lajoskatona and slaweq to check it too | 11:27 |
ralonsoh | ok, I think ykarel +W it! | 11:28 |
sean-k-mooney | ack thanks there are simliar patches up for other neuton* project but most of them are old | 11:28 |
sean-k-mooney | https://review.opendev.org/q/topic:%22pip-23.1-support%22 | 11:28 |
sean-k-mooney | ralonsoh: my emails say yes :) | 11:29 |
ralonsoh | I'll rebase the n-lib one | 11:29 |
opendevreview | sean mooney proposed openstack/neutron-lib master: add pyproject.toml to support pip 23.1 https://review.opendev.org/c/openstack/neutron-lib/+/899957 | 11:29 |
sean-k-mooney | you jmight want to update the version like i did too | 11:29 |
opendevreview | Lajos Katona proposed openstack/networking-bgpvpn master: Add pyproject.toml to support pip 23.1 https://review.opendev.org/c/openstack/networking-bgpvpn/+/900287 | 11:29 |
sean-k-mooney | it shoud use pbr 6.0.0 and wheel is not required | 11:29 |
sean-k-mooney | i shoudl really update the verion in my example repo to refact that | 11:30 |
sean-k-mooney | i have an etherpad and script for generating the minimal patch https://etherpad.opendev.org/p/pep-517-and-pip-23 | 11:30 |
opendevreview | Merged openstack/ovn-bgp-agent master: Fix arp_proxy LSP option formatting https://review.opendev.org/c/openstack/ovn-bgp-agent/+/945838 | 12:01 |
ralonsoh | do we have issues with focal? | 12:54 |
ralonsoh | https://2ce6b0a7d5e9590d3719-61a5ffddd2974bf904ab38b965509754.ssl.cf5.rackcdn.com/openstack/cccb3fb712b540699abd6c3c9f0d543c/job-output.txt | 12:54 |
ralonsoh | E: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/focal-updates/main/binary-amd64/Packages.xz File has unexpected size (3924420 != 3924360). Mirror sync in progress? [IP: 91.189.91.82 80] | 12:55 |
ralonsoh | I'll ask in infra | 12:55 |
opendevreview | Maor Blaustein proposed x/whitebox-neutron-tempest-plugin master: Add WSGI check for devstack https://review.opendev.org/c/x/whitebox-neutron-tempest-plugin/+/948953 | 12:56 |
opendevreview | Elod Illes proposed openstack/networking-bagpipe stable/2024.2: [CI][stable-only] Fix py311 periodic stable job for 2024.2 https://review.opendev.org/c/openstack/networking-bagpipe/+/949030 | 12:59 |
opendevreview | Merged openstack/neutron master: add pyproject.toml to support pip 23.1 https://review.opendev.org/c/openstack/neutron/+/899956 | 13:10 |
cardoe | sean-k-mooney: I think I did the needful for all of ironic but lemme know if its wrong | 13:16 |
sean-k-mooney | cardoe: i belive ironic is already covered | 13:28 |
opendevreview | Pierre Riteau proposed openstack/ovn-octavia-provider master: Respect passed arguments for Neutron client connection https://review.opendev.org/c/openstack/ovn-octavia-provider/+/925893 | 13:54 |
opendevreview | Pierre Riteau proposed openstack/ovn-octavia-provider master: Respect passed arguments for Neutron client connection https://review.opendev.org/c/openstack/ovn-octavia-provider/+/925893 | 14:56 |
*** ralonsoh is now known as ralonsoh_out | 15:15 | |
opendevreview | Lajos Katona proposed openstack/neutron-vpnaas master: [S-RBAC] New default API policies for neutron-vpnaas https://review.opendev.org/c/openstack/neutron-vpnaas/+/948914 | 16:04 |
opendevreview | Lajos Katona proposed openstack/neutron-vpnaas master: [S-RBAC] New default API policies for neutron-vpnaas https://review.opendev.org/c/openstack/neutron-vpnaas/+/948914 | 16:14 |
opendevreview | Merged openstack/networking-bgpvpn master: Add pyproject.toml to support pip 23.1 https://review.opendev.org/c/openstack/networking-bgpvpn/+/900287 | 19:43 |
Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!