14:00:42 <yushiro> #startmeeting fwaas
14:00:43 <openstack> Meeting started Thu Jan 11 14:00:42 2018 UTC and is due to finish in 60 minutes.  The chair is yushiro. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:00:44 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
14:00:46 <openstack> The meeting name has been set to 'fwaas'
14:00:58 <yushiro> #chair SridarK yushiro xgerman_
14:00:59 <openstack> Current chairs: SridarK xgerman_ yushiro
14:01:15 <SridarK> Hi FWaaS folks
14:01:57 <yushiro> Hi SridarK.  How are you?  Is it fine?
14:02:12 <SridarK> yushiro: ah thank u - much better today
14:02:28 <SridarK> many thx for the enquiry
14:02:29 <yushiro> SridarK, That's good :)
14:02:41 <xgerman_> +1
14:02:51 <SridarK> yushiro: would u or xgerman_ run the mtg today
14:03:08 <xgerman_> I ran last time — yushiro?
14:03:18 <yushiro> Yes, sure :)
14:03:22 <xgerman_> thx
14:03:25 <yushiro> OK, let's start
14:03:33 <yushiro> #topic Queens
14:03:55 <xgerman_> everybody remmeber to vote this week in the board elections…
14:04:09 <yushiro> xgerman_, +1  Thanks for your announcement.
14:04:18 <SridarK> +1
14:04:47 <xgerman_> 2 weeks until Q-3/code-freeze
14:05:08 <annp> +1
14:05:09 <xgerman_> and OpenStack will stick with 6 month cycles for now
14:05:20 <yushiro> Yes.
14:05:35 <annp> :)
14:05:43 <xgerman_> http://lists.openstack.org/pipermail/openstack-dev/2018-January/126080.html
14:05:57 <SridarK> This is always a short cycle with the winter break
14:06:45 <yushiro> Yes, it's seasonal characteristic..
14:06:59 <chandanc> Hello All
14:07:04 <yushiro> chandanc, Hi!
14:07:12 <chandanc> sorry, i am late
14:07:22 <annp> chandanc hi
14:07:26 <yushiro> chandanc, NP :)
14:07:33 <chandanc> hello annp yushiro
14:07:55 <yushiro> OK, anything announcement?
14:08:34 <yushiro> OK, go on the current topic(Q-3)
14:08:39 <xgerman_> yep
14:08:54 <yushiro> As xgerman_ said, we have only 1 week a little.
14:09:06 <yushiro> until feature freeze.
14:10:09 <yushiro> So, I'd like to determine some patches to focus on.
14:10:26 <SridarK> at least all the L2 support patches are in
14:10:33 <xgerman_> +1
14:10:42 <chandanc> ya
14:10:44 <yushiro> agree
14:11:16 <yushiro> #link https://review.openstack.org/#/c/475183  - Add configurable option for default_fwg association
14:11:25 <annp> +1
14:12:31 <yushiro> In addition, in neutron side,  security-group logging feature has totally been merged(now pending for zuul job)
14:13:06 <xgerman_> sweet
14:13:12 <yushiro> In order to use SG + SG-logging + FWaaS v2 correctly, we need to add following patch.
14:13:18 <yushiro> #link https://review.openstack.org/#/c/530450/
14:13:30 <annp> yeah
14:13:39 <SridarK> nice
14:14:17 <yushiro> Therefore, for fwaas v2 with L2 perspective, we need to merge above 2 patches I think.
14:14:49 <chandanc> ok
14:14:52 <xgerman_> ok
14:15:05 <SridarK> ok got it
14:15:25 <chandanc> annp i had a doubt about the tables
14:15:25 <yushiro> So, chandanc , I need your help for reviewing https://review.openstack.org/#/c/530450/  if possible :)
14:15:35 <chandanc> yushiro: sure
14:15:44 <yushiro> chandanc, thanks :)
14:16:02 <chandanc> as i mentioned earlier in IRC can you please explain the drop action
14:16:08 <chandanc> no pb
14:16:32 <chandanc> i mean
14:16:35 <chandanc> chandanc: cookie=0xb23259d96259d97f, duration=63946.011s, table=91, n_packets=1515, n_bytes=166194, idle_age=76, priority=1 actions=NORMAL
14:16:36 <chandanc> [2:45pm] chandanc:  cookie=0xb23259d96259d97f, duration=63946.002s, table=92, n_packets=1247, n_bytes=124056, idle_age=1, priority=0 actions=drop
14:16:37 <chandanc> [2:45pm] chandanc:  cookie=0xb23259d96259d97f, duration=63945.993s, table=93, n_packets=2, n_bytes=180, idle_age=63762, priority=0 actions=drop
14:16:38 <chandanc> [2:46pm] chandanc: i think table 92 should be NORMAL action
14:18:09 <chandanc> ok i will discuss with annp to understand the above, feel free to move on
14:18:17 <xgerman_> k
14:18:25 <yushiro> chandanc, oops, OK, I see.
14:18:56 <chandanc> yushiro no pb
14:19:14 <yushiro> currently,  doude has posted pluggable driver patch.
14:19:34 <yushiro> #link https://review.openstack.org/#/c/480265/ - Implements a plugable backend driver
14:20:56 <yushiro> I think it's worth to merge until Queens because it's a big change in 1 patch.  SridarK and xgerman_ , how do you think about it?
14:21:18 <chandanc> big one
14:21:45 <SridarK> yushiro: yes it is significant change
14:21:52 <xgerman_> doude has been working on it for a while so if we get it in would be good
14:21:58 <SridarK> lets keep the review going
14:22:11 <xgerman_> but I think L2 support has precedence
14:22:20 <SridarK> xgerman_: +1
14:22:31 <yushiro> SridarK, xgerman_ +1
14:22:45 <annp> sorry my connection is lost. :(
14:22:51 <chandanc> doe it open up fwaas for vendors ?
14:23:04 <SridarK> worst case - we will get it in first thing next cycle
14:23:39 <yushiro> OK, the priority is    1. L2 remaining patches   2. plugable backend driver
14:23:39 <SridarK> chandanc: I am not sure that it is a requirement for vendors - it will make things easier
14:24:18 <chandanc> SridarK: ok, will be interesting, will go through the patch
14:24:52 <yushiro> chandanc, In my understanting, there is some usecase not to refer DB layer in FWaaS for some vendors.
14:25:14 <chandanc> yushiro: ok
14:25:20 <xgerman_> yeah, if we can avoid vendors not accessing DB directly wiuld be good
14:25:47 <chandanc> agree
14:26:01 <SridarK> +1
14:26:29 <SridarK> also some cleanup on commit hooks
14:26:32 <yushiro> annp, So, could you help for https://review.openstack.org/#/c/475183
14:27:03 <annp> yushiro, yes, I can help :)
14:27:23 <yushiro> Tomorrow, I don't have bandwidth for it due to some powerpoint creation.... :(
14:27:48 <annp> yushiro, I will do that for you tomorrow. :)
14:27:48 <yushiro> Anyway :)
14:27:59 <doude> Hi there
14:28:02 <yushiro> annp, thanks
14:28:08 <doude> sorry I'm late (again)
14:28:10 <xgerman_> +1
14:28:20 <annp> chandanc, sorry my connection is lost.
14:28:27 <chandanc> no pb
14:28:39 <doude> my patch looks big but it's essentially code re-organization
14:28:39 <yushiro> Hi doude ,  NP.  We just talked your patch.  Thanks for your update :)
14:28:40 <chandanc> can you please explain the drop action
14:29:22 <annp> chandanc, please see there https://review.openstack.org/#/c/526488/1/neutron/agent/linux/openvswitch_firewall/firewall.py@447
14:29:55 <chandanc> oh ok
14:29:57 <chandanc> :)
14:29:57 <yushiro> doude, I know.  I think it's difficult to split any patches.  That's why you pushed in 1 patch I think.
14:30:12 <doude> yes yushiro
14:30:17 <annp> chandanc, :)
14:30:17 <doude> the in
14:30:41 <doude> the only code I added is the code for the driver interface https://review.openstack.org/#/c/480265/9/neutron_fwaas/services/firewall/service_drivers/driver_api.py
14:30:54 <doude> anything else is existing code I moved
14:32:05 <yushiro> Yes, we'll keep on reviewing your patch and will try to merge it until Q-3 after merged L2 remaining patches.
14:32:23 <SridarK> +1
14:33:16 <yushiro> L2 remaining patches are only 2.  1st: https://review.openstack.org/#/c/475183   2nd: https://review.openstack.org/#/c/530450/
14:33:42 <yushiro> doude, Therefore, it will be great if you can help these patches with us :)
14:33:58 <yushiro> s/help/help reviewing
14:34:33 <annp> yushrio, that means remote fwg will be do in Rocky, right?
14:34:53 <doude> can I help you on that l2 patches?
14:35:05 <doude> sure I'll try yushiro
14:35:06 <xgerman_> annp I still have hope
14:35:25 <xgerman_> but getting neutron to merge neutron_lib patch is like pulling teeth
14:35:32 <yushiro> annp, Hmm, hopefully I'd like to merge.
14:35:41 <yushiro> doude, +100
14:36:18 <annp> xgerman_, I can propose the patch for that in next week. But I'm afraid we don't have enough time for review
14:36:19 <yushiro> annp, However, it is challenging
14:36:30 <annp> But I will try best :)
14:36:38 <yushiro> annp, great :)
14:37:05 <xgerman_> +1
14:37:20 <yushiro> OK, let's move on
14:37:30 <yushiro> #topic Horizon support
14:38:04 <xgerman_> one more Q-3 thing: https://review.openstack.org/#/c/470912/33
14:38:31 <xgerman_> came to my attention this week — confused if we still need that…
14:38:53 <yushiro> xgerman_,  wow, thanks.
14:39:34 <yushiro> hoangcx, ping
14:39:44 <xgerman_> yeah, I think with OVS this is obsolete but…
14:40:12 <hoangcx_> xgerman_: that is for sg in neutron side
14:40:16 <yushiro> annp, I think it's for netlink for SG, right?
14:40:24 <hoangcx_> for fwaas annp has a patch for that. AFAIR
14:40:29 <yushiro> s/annp/hoangcx
14:40:41 <annp> :)
14:41:03 <annp> https://review.openstack.org/#/c/527044/
14:41:49 <annp> xgerman_ Is this patch?
14:42:01 <xgerman_> this is our path, yes
14:42:20 <yushiro> OK, this patch is also necessary.
14:42:26 <xgerman_> +1
14:42:31 <hoangcx_> annp: is the patch for both v1 and v2 OR v1 only?
14:42:44 <annp> for both of them
14:42:59 <yushiro> yup
14:43:13 <hoangcx_> great :)
14:43:57 <hoangcx_> xgerman_: I think it is safe to land the patch
14:44:06 <yushiro> OK, I'll update etherpad for reviewing during Q-3.
14:44:13 <hoangcx_> xgerman_: because in fwaas we have configuration option to switch each other
14:44:14 <xgerman_> ok, thanks
14:44:23 <hoangcx_> xgerman_: but it is not in sg in neutron
14:45:00 <yushiro> +1 FWaaS is configurable to use netlink or not.
14:45:10 <hoangcx_> yushiro: right!
14:45:30 <yushiro> hoangcx_, will review it.
14:45:41 <xgerman_> +1
14:45:51 <yushiro> so... Sarath is planning to update: https://docs.google.com/document/d/1yKreFzwHsp-TMhB1xDH-EhGHBTGawFAaG1x6ukGJUK4/edit?usp=sharing
14:46:08 <annp> +1
14:46:41 <yushiro> Today, Sarath is not here but we can put on comment into above google doc.
14:47:27 <yushiro> #topic Stadium Compliance
14:48:15 <yushiro> Is there any update ?
14:48:54 <yushiro> reedip, here?
14:48:55 <xgerman_> don’t think so - all tempest/zuul stuff we punted to Rocky
14:49:15 <yushiro> xgerman_, Aha, OK.
14:49:30 <xgerman_> that’s my impression
14:50:13 <yushiro> xgerman_, ya, my point of view, there is no update in these days either.
14:50:28 <yushiro> #topic Open Discussion
14:50:29 <xgerman_> we should make that a topic for PTG planning
14:50:49 <yushiro> Yes, I'd like to talk about it too :)
14:50:56 <xgerman_> :-)
14:51:21 <yushiro> Are you guys going to attend dublin PTG?  It's OK to join virtual meeting :)
14:51:32 <xgerman_> will be there
14:51:41 <yushiro> xgerman_, great
14:51:51 <xgerman_> With all the L2 patches we will need to do some documentation + maybe some video
14:52:03 <yushiro> I'll be there too.
14:52:22 <xgerman_> chandanc: volunteered for making a demo video ;-)
14:52:38 <chandanc> ya, will get to it during the weekend
14:52:45 <xgerman_> sweet!!
14:52:49 <yushiro> chandanc, perfect
14:53:00 <xgerman_> I need to figure out how we can promote it on superuser ;-)
14:53:15 <SridarK> :-)
14:53:20 <yushiro> SridarK, How about you about dublin PTG ?
14:53:29 <chandanc> BTW xgerman_ i thing the SG issue that you mentioned might be coming from the layers above driver
14:53:30 <SridarK> No i cannot make PTG
14:53:43 <xgerman_> :-(
14:53:44 <SridarK> yushiro: will u make it ?
14:53:58 <chandanc> i saw the same behavor for iptables driver as well
14:54:12 <yushiro> Yes, I will be there (maybe)
14:54:55 <xgerman_> chandanc: yes, I think keeping our explicit behavior makes sense
14:54:56 <yushiro> So, we can communicate in skype or webEX during PTG.
14:55:02 <xgerman_> +1
14:55:14 <SridarK> so maybe atleast xgerman_ and possibly yushiro will be there
14:55:21 <chandanc> xgerman_: +1
14:55:26 <SridarK> yes we can do something virtual
14:55:34 <chandanc> +2
14:56:01 <xgerman_> in the past wifi was questionable so wish us luck
14:56:11 <SridarK> oh yes
14:56:29 <yushiro> I'll have portable wi-fi.
14:56:33 <annp> SridarK +1
14:56:37 <chandanc> :)
14:56:41 <yushiro> for redundancy :)
14:56:42 <chandanc> awesome
14:56:55 <SridarK> we can also do a quick sync up before the PTG
14:56:56 <annp> great yushiro :)
14:57:07 <xgerman_> SridarK: +1
14:57:10 <yushiro> SridarK, +1
14:57:10 <annp> +1
14:57:41 <chandanc> yushiro failover mode or load balancing mode :)
14:58:22 <annp> :)
14:58:28 <SridarK> :-)
14:58:33 <yushiro> chandanc, I hope active-active :)
14:58:37 <yushiro> haha
14:58:39 <xgerman_> lol
14:58:40 <chandanc> cool :)
14:58:46 <yushiro> Maybe dublin is cold but we're 'Firewall'.  I think it's a little warm.
14:59:04 <SridarK> :-)
14:59:06 <xgerman_> :-)
14:59:10 <chandanc> sure
14:59:20 <annp> :)
14:59:22 <yushiro> So, let's do our best in Q-3!!
14:59:30 <SridarK> +1
14:59:34 <annp> +1
15:00:00 <yushiro> #endmeeting