#openstack-meeting-alt log

15:04:17 <carl_baldwin> #startmeeting distributed_virtual_router
15:04:18 <openstack> Meeting started Wed Jul  2 15:04:17 2014 UTC and is due to finish in 60 minutes.  The chair is carl_baldwin. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:04:19 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:04:21 <openstack> The meeting name has been set to 'distributed_virtual_router'
15:04:52 <carl_baldwin> #topic agenda
15:05:12 <carl_baldwin> What agenda items do y’all have for today?
15:05:45 <armax> I don’t have anything specific besides a usual status update
15:05:50 <mrsmith> +1
15:05:58 <carl_baldwin> Sounds good.
15:06:19 <carl_baldwin> This morning, all of the patches are passing Jenkins tests.  That is great.
15:06:21 <Sam-I-Am> i'm here for the status updates
15:06:28 <Sam-I-Am> <- docs
15:07:24 <carl_baldwin> Sam-I-Am: thanks.  You have status to give?
15:07:49 <Sam-I-Am> nope. but i am curious when/where i might be able to find some hints on how to deploy dvr so we can start on the docs
15:08:22 <carl_baldwin> Sam-I-Am: I see.  The best we’ve got now in the howto page.
15:08:24 <carl_baldwin> #link https://wiki.openstack.org/wiki/Neutron/DVR/HowTo
15:08:41 <carl_baldwin> It is a bit raw at the moment but I’ve been working on it this week.
15:09:04 <carl_baldwin> #topic status
15:09:05 <armax> Sam-I-Am: we’ll be adding more info
15:09:10 <Sam-I-Am> carl_baldwin: cool. its the doc team's job to make it look pretty for the official docs
15:09:13 <phil_h> Sam-I-Am and I can help on that
15:09:17 <armax> so watch it closely :)
15:09:20 <Sam-I-Am> this stuff will probably go into the admin guide or a networking book
15:09:38 <armax> Sam-I-Am: also patches #link: https://review.openstack.org/#/q/status:open+project:openstack/neutron+branch:master+topic:bp/neutron-ovs-dvr,n,z
15:09:49 <armax> have DocImpact in their commit sections
15:10:06 <armax> to help a little more
15:10:07 <Sam-I-Am> glad to see #docimpact being used
15:10:15 <carl_baldwin> Sam-I-Am: We are planning to get together at the mid-cycle to discuss docs with emagana.
15:10:20 <Sam-I-Am> cool
15:10:25 <carl_baldwin> Will others be attending the mid-cycle next week?
15:10:59 <pcm_> yes
15:12:16 <mrsmith> carl_baldwin: I won't be able to attend
15:13:25 <carl_baldwin> Speaking of deploying the code.  I’ve been making an attempt of my own this week.
15:14:02 <carl_baldwin> It resulting in discovering some missing code which armax recovered.  Looks like the rebase to master left some behind.
15:14:10 <carl_baldwin> *resulted
15:14:11 <armax> armax: so have I
15:14:43 <mrsmith> carl_baldwin: there is the rpc out of sync issue as well as the config param change between the l3-agent and l3-scheduler
15:14:55 <armax> as we’re getting more and more into integration testing, more issues will arise and get addressed over time
15:15:18 <mrsmith> for rpc there is the missing handlers but from a review request, I bumped up the RPC version to 1.1 on the agent
15:15:24 <carl_baldwin> I attempted to convert an existing legacy router to a DVR router.  I uncovered a few bugs that I’ll be noting this morning in the reviews.
15:15:56 <armax> mrsmith: is this reflected on the patch under review?
15:15:57 <carl_baldwin> mrsmith: I believe that we’ve restored the missing RPC handlers.  I did not have any RPC problems with the latest code.
15:16:17 <mrsmith> ok
15:16:26 <carl_baldwin> There are many code paths that I’ve not touched yet though.
15:16:50 <mrsmith> we done alot of testing on icehouse
15:16:58 <mrsmith> juno has been new
15:17:06 <armax> mrsmith: as for the config param change between l3-agent and l3-sched what do you mean exactly?
15:17:27 <mrsmith> centralized -> centralized_router
15:17:41 <mrsmith> so the scheduler needs to change to follow
15:17:51 <armax> mrsmith: got it
15:18:04 <armax> mrsmith: we were also thinking of consolidating some of the config options if possible
15:18:09 <mrsmith> agreed
15:18:11 <armax> mrsmith: would you have time to look into that?
15:18:14 <mrsmith> but this is just a diff now
15:18:45 <mrsmith> consolidating the config options? we can discuss.... not sure what you had in mind
15:19:19 <armax> mrsmith: I posted my comments on the review
15:19:28 <mrsmith> k - I'll look
15:19:37 <carl_baldwin> mrsmith: Could you note in the review of the scheduler patch where the config option problem is?
15:19:48 <mrsmith> sure
15:19:52 <armax> as for centralized vs centralized_router, not sure I follow…maybe you can point out the discrepancies on the reviews in question?
15:19:54 <carl_baldwin> Thanks.
15:20:11 <armax> L3-sched and L3-agent look to be in sync, but I could see double :)
15:20:34 <mrsmith> fyi - I hope to push a new patch today for l3-agent
15:21:34 <carl_baldwin> Some of you may not be aware that I’ve started to maintain a branch on github that merges together all of the patches.
15:21:37 <carl_baldwin> #link https://github.com/ecbaldwin/neutron-dvr.git
15:22:27 <armax> carl_baldwin: this is used in this devstack patch #link https://review.openstack.org/#/c/103180/
15:23:16 <carl_baldwin> armax: What is the status of this patch?  Is it usable yet?
15:23:23 <armax> locally it should
15:23:34 <armax> I am still trying to figure out why the gate does not pick up the changes
15:23:40 <armax> more to follow
15:24:28 <carl_baldwin> I look forward to using it.  It will be very useful.
15:25:05 <carl_baldwin> Is there any other status?
15:25:25 <armax> none from me
15:25:43 <mrsmith> none from me
15:25:57 <carl_baldwin> #topic mid-cycle meeting
15:26:29 <armax> the L3 HA effort seems to have lost momentum
15:26:59 <armax> carl_baldwin: I suggest that the dvr picks it up as soon as the bulk of the dvr stuff merges
15:27:00 <carl_baldwin> #undo
15:27:01 <openstack> Removing item from minutes: <ircmeeting.items.Topic object at 0x2aa5390>
15:27:12 <carl_baldwin> #topic HA
15:27:16 <armax> carl_baldwin: sorry :)
15:27:18 <carl_baldwin> armax: good point.
15:27:22 <carl_baldwin> No worries.
15:27:31 <armax> it just came up to my mind
15:27:49 <carl_baldwin> armax: That is a good suggestion.
15:27:53 <armax> as I was saying, I’d suggest that the dvr  team picks it up as soon as the bulk of the dvr stuff merges
15:28:03 <armax> I spoke with mestery about this
15:28:12 <armax> and we agreed on a plan going forward
15:28:33 <Sam-I-Am> any plans to make l3 redundancy work with linuxbridge rather than ovs?
15:29:15 <armax> in the meantime I’ll be working on the current code being proposed
15:29:28 <armax> so that more people can work on it at the same itme
15:29:34 <armax> *time
15:29:54 <carl_baldwin> Sam-I-Am: Is the current HA code limited to ovs?
15:30:14 <phil_h> Is says so on the how to page
15:30:21 <Sam-I-Am> i was just reading through the howto and noticed it was specific to ovs and vxlan
15:30:31 <armax> rebase etc...
15:30:42 <armax> carl_baldwin: basically, reviving the code
15:31:01 <carl_baldwin> Sam-I-Am: Ah, I had shifted my thinking toward the L3 HA code.
15:31:16 <carl_baldwin> Yes, DVR is currently limited to ovs and vxlan.
15:31:21 <armax> is safchain around?
15:32:16 <Sam-I-Am> carl_baldwin: i guess my mind was also wondering about the diff between the l3 ha and dvr stuff
15:32:58 <armax> Sam-I-Am: I believe this is covered in the respective blueprints
15:34:03 <carl_baldwin> Sam-I-Am: They are fundamentally different.  DVR is about distributing routers so that routing is done on the compute node.  It does not add redundancy but rather decouples routing from the network host.
15:34:32 <safchain> armax, hi
15:34:35 <carl_baldwin> HA routing adds redundancy by running any centralized routing redundantly on multiple network hosts.
15:34:44 <Sam-I-Am> thx
15:34:52 <armax> hi safchain: we were talking about L3 HA
15:35:15 <carl_baldwin> Sam-I-Am: There is some opportunity to use to two together in the case of default SNAT which DVR does not handle in a distributed way.
15:35:28 <Sam-I-Am> ok
15:36:15 <armax> safchain: maybe we could sync up offline?
15:36:34 <safchain> armax, yes sure
15:37:57 <carl_baldwin> armax: safchain:  I hope to see this revived and merged.  I think it is long overdue.
15:38:26 <armax> carl_baldwin: will try to make this happen
15:38:36 <carl_baldwin> armax: great.
15:39:01 <carl_baldwin> #topic mid-cycle sprint
15:39:29 <carl_baldwin> I’d like to get some ideas for what we could be working on during the three day sprint coming up next week.
15:39:41 <carl_baldwin> We’ve mentioned a docs discussion.
15:40:50 <carl_baldwin> Other ideas?
15:41:54 <carl_baldwin> I think that I’ll use whatever time I can get to continue trying to get my deployment off the ground and rooting out problems with the basic use cases.
15:43:06 <carl_baldwin> What I might do in preparation is build a couple more VM-based two-node devstack clusters with the DVR code ready to test.
15:43:38 <carl_baldwin> Hopefully using the devstack patch armax is working on.
15:44:50 <carl_baldwin> If the basic use cases are working by then maybe I can flesh out the use case to convert a legacy router to distributed.
15:44:55 <carl_baldwin> Any other ideas?
15:45:17 <Sam-I-Am> that would be a good feature to help adoption
15:46:07 <mrsmith> armax: have you had success with vivek's example of multi-node devstack?
15:46:13 <mrsmith> we use it locally
15:46:15 <carl_baldwin> Sam-I-Am: Agreed.  The feature is in the merged blueprint.  Just needs some work.
15:46:21 <armax> carl_baldwin: not yet…
15:46:31 <armax> carl_baldwin: ironing out all the issues I found on a single node first
15:47:17 <carl_baldwin> armax: Understood.  I’m just hoping.  I’ll probably get to building a couple more clusters next week before flying out to Minn.
15:47:43 <armax> carl_baldwin: if there are guys from QA/infra
15:48:03 <armax> carl_baldwin: you could discuss steps to get this a non-voting experimental job
15:48:10 <armax> carl_baldwin: even though that shouldn’t be extra difficult
15:48:41 <carl_baldwin> armax: Good idea.  Let me look at the list of attendees.
15:48:50 <carl_baldwin> armax: Do you know off-hand if any will be attending?
15:49:43 <armax> carl_baldwin: not sure
15:49:46 <armax> #link: https://etherpad.openstack.org/p/neutron-juno-mid-cycle-meeting
15:49:52 <armax> lists the attendes
15:50:07 <armax> but I am not sure about affiliations nor responsibilities of some of those names
15:50:43 <carl_baldwin> armax: I’m sure that Mark or Kyle will be able to help find the right people even if they’re not in attendance.
15:51:10 <carl_baldwin> mlavelle may be able to help as well.
15:51:13 <armax> carl_baldwin: ok
15:51:33 <carl_baldwin> I’ll be sure to start a discussion on it.
15:52:29 <carl_baldwin> #topic Open Discussion
15:52:44 <yisun> Carl, this is Yi from FWaaS
15:52:49 <Sam-I-Am> whats a good place to keep up with the progress here?
15:53:03 <carl_baldwin> yisun: Hi
15:53:15 <yisun> Have you get a chance to talk to Vivek?
15:53:21 <yisun> About the detail of his idea?
15:53:54 <viveknarasimhan> hi yisun
15:53:56 <carl_baldwin> Sam-I-Am: Not sure.  I guess the meeting status reports here and in the Neutron meeting.  What could we do to help?
15:54:10 <carl_baldwin> yisun: No, I did not get a chance.  Thanks for the reminder.
15:54:36 <carl_baldwin> viveknarasimhan: I was going to ask you about your ideas for integrating FWaaS.
15:54:55 <viveknarasimhan> yes carl
15:55:02 <Sam-I-Am> carl_baldwin: i guess that works. what i'd like to see at some point is a recommended/tested configuration that we could put into official docs
15:55:08 <viveknarasimhan> i was proposing current behaviour where
15:55:33 <viveknarasimhan> in integration bridge we know whihc is DVR routed, which is traditionally routed and which is switched packet
15:55:50 <viveknarasimhan> if we could put a hook in there for DVR routed packets
15:56:27 <carl_baldwin> Sam-I-Am: Thanks.  I will document what I test.  It will take some time.
15:56:27 <viveknarasimhan> that is where FwAAs would handle the routed packet before forwarding it out/into of the DVR interface
15:57:34 <carl_baldwin> viveknarasimhan: I don’t see yet how that solves the problem of path asymmetry.
15:58:10 <viveknarasimhan> proposing a way to handle access control
15:58:22 <viveknarasimhan> i wasn't mentioning this will give a stateful firewall
15:58:32 <carl_baldwin> Ah, I see.
15:58:50 <carl_baldwin> I think there may have been some confusion there.
15:59:26 <carl_baldwin> I’m glad we got that cleared up.
15:59:48 <yisun> Vivek, got you
15:59:51 <carl_baldwin> So, the problem of running a stateful firewall with DVR E/W traffic is still an open issue.
16:00:00 <viveknarasimhan> yes ,
16:00:02 <yisun> Carl, yes
16:00:15 <yisun> Vivek:Carl: FYI—-Currently, I’m thinking the FW zone concept may not be applicable in the distribute environment . The Zone was used to group interfaces and be used ask context for policy, with the DVR, there are no interface really. So, we will could provide another type of construct to be the context of policy objects. This way we could simplify our issue
16:00:29 <carl_baldwin> I just noticed that we hit the top of the hour.
16:00:34 <viveknarasimhan> for DVR we have only bindings
16:00:35 <yisun> s/ask/as/
16:00:42 <carl_baldwin> We can take this discussion in to the neutron room.
16:00:50 <carl_baldwin> #endmeeting.