14:00:38 #startmeeting networking 14:00:38 Meeting started Tue Feb 21 14:00:38 2023 UTC and is due to finish in 60 minutes. The chair is ralonsoh. Information about MeetBot at http://wiki.debian.org/MeetBot. 14:00:38 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 14:00:38 The meeting name has been set to 'networking' 14:00:41 o/ 14:00:42 hello all 14:00:44 Hi 14:00:47 hi 14:00:56 o/ 14:01:04 o/ 14:01:49 let's start 14:01:59 #topic announcements 14:02:02 \o 14:02:08 Antelope / 2023.1 schedule: https://releases.openstack.org/antelope/schedule.html 14:02:19 we are in R-4 14:02:26 this week I'll push https://releases.openstack.org/antelope/schedule.html#a-cycle-highlights 14:02:42 once I have this patch, i'll ping you to review it and comment 14:02:52 and remember next week is the RC-1 14:03:21 +1, thanks 14:03:24 o/ 14:03:28 same as last week, I'll remember here the bobcat etherpads 14:03:35 for the PTG: https://etherpad.opendev.org/p/neutron-bobcat-ptg 14:03:43 for Vancouver: https://etherpad.opendev.org/p/neutron-vancouver-2023 14:04:10 please, don't hesitate to add your topics (I'll send a mail today again) 14:04:59 and that's all I have in this topic. Good news are that the CI is working 1 week before the RC1 and nothing seems to be broken 14:05:02 fingers crossed 14:05:34 next topic 14:05:38 #topic bugs 14:05:46 ykarel, had a very busy week 14:05:51 #link https://lists.openstack.org/pipermail/openstack-discuss/2023-February/032314.html 14:06:09 there are some bugs that need to be commented here 14:06:18 #link https://bugs.launchpad.net/neutron/+bug/2007357 14:06:28 ykarel, do you have any update? 14:06:45 ralonsoh, for that i pushed a patch in grenade to catch console log to debug further 14:06:52 https://review.opendev.org/c/openstack/grenade/+/874417 14:06:53 do you have the link? 14:06:55 perfect 14:07:01 seems not linked in bug, will update 14:07:03 I'll add it to the bug 14:07:38 ok, with this patch we'll have more info 14:07:39 thanks! 14:08:24 next one 14:08:33 #link https://bugs.launchpad.net/neutron/+bug/2007353 14:08:45 I'll take this one this week 14:08:56 it's failing too often 14:09:09 ++ thx 14:09:17 next one 14:09:20 #topic https://bugs.launchpad.net/neutron/+bug/1934666 14:09:35 this is something slaweq is working on 14:09:46 patch: https://review.opendev.org/c/openstack/neutron/+/874536 14:10:06 that used a 3 node set and only the controller is dvr_snat 14:10:14 ^^ please review this patch 14:10:17 I'm working only on change for the ci job, not bug itself 14:10:23 k let's link that too to the bug 14:10:24 just to be clear :) 14:10:47 yeah but this is the bug itself: that we can't use snat_dvr on computes 14:10:55 Slawek Kaplonski proposed openstack/neutron master: Change neutron-ovs-tempest-dvr-ha-multinode-full job's config https://review.opendev.org/c/openstack/neutron/+/874536 14:11:08 I'll add this link in the bug too 14:11:36 thanks! 14:11:40 ykarel done 14:11:52 thx 14:12:16 next one 14:12:19 #link https://bugs.launchpad.net/neutron/+bug/2007414 14:12:28 a low hanging fruit one 14:12:52 next one 14:12:54 #link https://bugs.launchpad.net/nova/+bug/2006467 14:12:57 ykarel, ^^ 14:12:59 any update? 14:13:17 is the cirros 0.6.1 image affecting nova-next? 14:13:28 ralonsoh, no cirros 0.6.1 not related there 14:13:33 ok 14:13:42 i commented what i found, can you please check based on that comment 14:14:17 ok, I'll check last comment this afternoon (I see my name there) 14:14:24 yeap, Thanks 14:14:39 cool, next one 14:14:41 #link https://bugs.launchpad.net/neutron/+bug/2007674 14:14:50 IMO, this could be a RFE 14:15:01 good to have but not a bug itself 14:15:29 so if you agree, I'll add the RFE tag 14:16:09 i didn't digged much there on why those many connections are opened by openvswitch-agent, 14:16:16 so those are for purpose? 14:16:39 we create one per topic 14:16:47 ports, sg, networks, etcv 14:16:49 We can make it an RFE, but first should be to understand the current situation 14:17:04 and what can we cause if we change it 14:17:25 agree. To be honest, I don't know if we can't make this change with our current RPC implementation 14:17:33 but I didn't spend too much time on this 14:18:13 +1 14:18:18 so first thing is to tag it as RFE and then investigate if that is possible 14:18:28 +1 14:18:32 I'll do it after this meeting 14:19:19 last one is 14:19:21 #link https://bugs.launchpad.net/neutron/+bug/2007938 14:19:31 rubasov, ^^ can you check that? 14:19:43 did you check this feature with multiple DHCP agents? 14:19:49 yep 14:20:04 probably not 14:20:06 because when I have 2, the second one can't spawn the metadata service 14:21:09 when using the metadata service + ipv6 from the dhcp agent, we'll probably need to check that and spawn only one (despite the DHCP agent redundancy) 14:21:23 I'll put this on my todo list 14:21:25 this is because we can only have one ipv6 metadata IP 14:21:29 rubasov, thanks a lot! 14:21:42 how is that different with v4? 14:22:01 I have a vague memory that we already had a similar bug, I will check more throughly 14:22:14 I would need to check that, yes I remember somethign related 14:22:29 I just reproduced this issue and reported the cause 14:23:14 thanks 14:23:38 last week we talked about https://bugs.launchpad.net/neutron/+bug/2006145, I responded on the bug, but I'm still not sure whether this is a bug really or an RFE 14:24:29 I think the goal is, as in other agents, to keep the agent functionality without RPC communication 14:24:38 but I understand the current implementation 14:25:02 to be honest, not having RPC link is a broken env, so the current behaviour is valid 14:25:08 I would consider that as a RFE 14:25:49 ok, I'd be fine with that. question either way would be who is willing to work on that 14:26:39 I'll check if ltomasbo can (or maybe he can point me to someone else) 14:27:33 if not, we could also just keep it as wishlist bug 14:27:36 can't we ask the reporter if they can work on this? 14:27:46 for sure, I'll do it too 14:27:59 new Neutron policy: you report, you fix!! 14:28:02 agree, if nobody works on it the RFE is still valid, just hangs 14:28:14 :D 14:28:39 note to self: stop reporting bugs at once ;) 14:28:58 we can be honest that currently nobody has free time for it, if you need it try to fix it :-) 14:29:15 exactly 14:29:26 ok, any other bug to be discussed? 14:30:20 this week bcafarel is the deputy, next week will be lajoskatona 14:30:44 let's move to the next topic 14:30:51 #topic community_goals 14:30:57 1) Consistent and Secure Default RBAC 14:31:03 ralonsoh: ack 14:31:14 there are some backports related to RBAC 14:31:50 and a new one reported this morning: https://review.opendev.org/c/openstack/neutron/+/874398 14:32:02 slaweq, ^ do we need to backport it to previous releases? 14:32:51 that's good question 14:33:09 I didn't propose it to other branches basically because it changes default policies 14:33:19 I don't even know if we should backport it to Zed 14:33:35 especially that new RBACs are still documented as "experimental" in Neutron 14:34:29 so this patch should only be in master (actually in bobcat that is when we'll enable sRABC by default) 14:34:33 right? 14:35:23 I proposed it to Zed as Zed may have all other fixes too so it should works there 14:35:24 but I'm also fine with abandoning that backport 14:35:35 I just want to hear about others' opinions 14:35:58 I can also backport it to older branches if that's ok for everyone 14:36:11 if sRBAC is not available in Zed, that will affect the current policy behaviour 14:36:27 so we should not backport it 14:36:41 I think mnaser had some interest in getting that to work on zed? 14:36:48 if I understand well, I agree 14:37:02 yes, I can try to change that backport to not delete old default policy but maybe modify just new default's part 14:37:07 I mean if that is not supported on older branches..... 14:37:37 frickler, I would think in other deployments that won't use sRBAC 14:37:44 because this is not supported in Zed 14:37:54 starting from 2023.1 we have tempest job which tests new defaults, but in Zed we didn't had it 14:38:04 that's the point 14:38:09 we may propose that job to Zed also and backport all to Zed 14:38:26 but I'm not sure if we should go to older branches too 14:38:41 this is a community effort 14:38:46 maybe leaving zed backports to interested downstreams would be fine, too 14:38:47 sRBAC is not supported in Zed 14:39:47 frickler: +1 14:39:58 slaweq, I would check that with gmann but he +1 this patch 14:40:21 ok, I will discuss it with gmann 14:40:37 thanks, please ping us with the conclusion 14:41:06 sure 14:41:23 and this is all I have in this topic, so let's move to the next one 14:41:30 #topic on_demand 14:41:37 I have nothing in the agenda 14:41:46 please present your topics 14:41:52 just one thing/reminder 14:42:06 I saw email that this week is deadline for cycle highlights 14:42:19 yes, I'm doing it now 14:42:25 ahh, great 14:42:26 thx 14:42:30 so that's all from me 14:42:33 :) 14:42:38 I'll ping all of you with the patch to add any comment 14:42:45 ++ 14:42:55 thanks 14:43:49 remember the CI meeting is in 15 mins (today on video) 14:43:55 thank you all for attending 14:44:03 yep 14:44:06 #endmeeting