14:01:19 <ralonsoh> #startmeeting networking
14:01:19 <opendevmeet> Meeting started Tue Jun 27 14:01:19 2023 UTC and is due to finish in 60 minutes.  The chair is ralonsoh. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:01:19 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
14:01:19 <opendevmeet> The meeting name has been set to 'networking'
14:01:20 <lajoskatona> o/
14:01:21 <ralonsoh> hello all
14:01:24 <bcafarel> o/
14:01:33 <frickler> \o
14:01:42 <ykarel> o/
14:01:49 <obondarev> hi
14:02:08 <ralonsoh> ok, let's start
14:02:18 <ralonsoh> #topic announcements
14:02:23 <ralonsoh> #link https://releases.openstack.org/bobcat/schedule.html
14:02:37 <ralonsoh> next week is bobcat-2 milestone!
14:02:39 <rubasov> o/
14:03:07 <ralonsoh> at the end of August, we'll have the code freeze
14:03:17 <ralonsoh> I know this is in 2 months, but just in case...
14:03:37 <ralonsoh> we don't have a scheduled spec freeze, but I would like to imitate Nova in this case
14:03:54 <ralonsoh> they have the spec freeze next week and we have a pending one
14:04:02 <ralonsoh> but we'll talk about it later in this section
14:04:23 <ralonsoh> and as usual, the openinfra link
14:04:25 <ralonsoh> #link https://openinfra.dev/live/#all-episodes
14:04:35 <ralonsoh> something else that I'm missing?
14:05:15 <ralonsoh> ok, let's jump to the next section
14:05:19 <ralonsoh> #topic bugs
14:05:26 <ralonsoh> slaweq had a busy week
14:05:29 <ralonsoh> #link https://lists.openstack.org/pipermail/openstack-discuss/2023-June/034267.html
14:05:44 <ralonsoh> at least most of these bugs are addressed
14:05:52 <ralonsoh> the ones that are not
14:06:01 <ralonsoh> #link https://bugs.launchpad.net/neutron/+bug/2025126
14:06:15 <ralonsoh> I realize this bug is related to a patch I pushed 3 weeks ago
14:06:26 <ralonsoh> now they have solved the issue in sqlalchemy/alembic
14:06:39 <ralonsoh> and we need to revert it (this is the problem of testing with master branches)
14:06:48 <ralonsoh> --> https://review.opendev.org/c/openstack/neutron/+/886961
14:07:11 <ralonsoh> this is fixing sqlalchemy-master CI jobs
14:07:21 <ralonsoh> next one
14:07:25 <ralonsoh> #link https://bugs.launchpad.net/neutron/+bug/2025129
14:07:34 <ralonsoh> Adam sent a patch 1 hour ago
14:07:43 <ralonsoh> https://review.opendev.org/c/openstack/neutron/+/887036
14:07:51 <ralonsoh> good catch, btw, just minor nits
14:07:59 <ralonsoh> please check it if you have time
14:08:18 <ralonsoh> next one
14:08:20 <ralonsoh> #link https://bugs.launchpad.net/neutron/+bug/2024621
14:08:30 <ralonsoh> slaweq marked this bug as low hanging fruit
14:08:53 <ralonsoh> so this is a good one if you want to learn about neutron tempest plugin
14:09:19 <ralonsoh> next one
14:09:21 <ralonsoh> #link https://bugs.launchpad.net/neutron/+bug/2024976
14:09:37 <ralonsoh> I think haleyb found the problem in their system
14:10:02 <ralonsoh> they should use the nft-iptables-legacy binaries
14:10:19 <ralonsoh> we should wait for a reply on this one
14:11:01 <ralonsoh> next one
14:11:04 <ralonsoh> #link https://bugs.launchpad.net/ubuntu/+source/neutron-dynamic-routing/+bug/2024510
14:11:12 <ralonsoh> frickler, is it possible that you can check this one?
14:11:42 <frickler> no, I have no idea about DVR
14:12:00 <frickler> it is possibly an issue with incomplete OVN integration
14:12:25 <ralonsoh> I don't think they are using OVN
14:12:36 <ralonsoh> but this is something that we should ask, of course
14:13:13 <ralonsoh> ok, I'll ask some questions in the LP bug, to have more information about this issue
14:14:08 <ralonsoh> and we have 3 new RFEs this week (that have been added to the Neutron drivers meeting agenda)
14:14:16 <ralonsoh> #link https://bugs.launchpad.net/neutron/+bug/2024581
14:14:31 <ralonsoh> by slaweq, addressing a request from the PTG
14:14:58 <ralonsoh> to try to cache the port information (same as in OVS agent) to avoid RPC calls
14:15:09 <ralonsoh> the next one is
14:15:12 <ralonsoh> #link https://bugs.launchpad.net/neutron/+bug/2024921
14:15:25 <ralonsoh> by frickler, in order to use a new service-type for the subnets
14:15:36 <ralonsoh> to be able to evacuate them if needed
14:15:49 <ralonsoh> and the last one
14:15:51 <ralonsoh> #lin khttps://bugs.launchpad.net/neutron/+bug/2025055
14:15:53 <slaweq> this one is more about documentation and testing
14:16:06 <slaweq> I mean the one from frickler :)
14:16:08 <ralonsoh> yes, most probably
14:16:24 <ralonsoh> we have all the APIs/DB schemas
14:16:45 <ralonsoh> but we will need probably to use this new tag in the IPAM module
14:17:07 <ralonsoh> to avoid associating IP addresses from a subnet with this service type
14:17:13 <ralonsoh> but this is implementation
14:17:32 <ralonsoh> the last one, as commented
14:17:34 <ralonsoh> #link https://bugs.launchpad.net/neutron/+bug/2025055
14:17:49 <ralonsoh> to provide a new API to clone SGs (and their rules)
14:18:11 <ralonsoh> so please, for everyone with RFEs, attend to the drivers meeting next Friday at 1400UTC
14:18:24 <slaweq> this one we need to discuss in drivers meeting for sure, but for me it don't looks as something we will want to implement in Neutron
14:18:24 <ralonsoh> and that's all!
14:18:42 <ralonsoh> we can discuss it next friday, for sure
14:18:47 <slaweq> ++
14:18:53 <ralonsoh> This week haleyb is the deputy, next week will be amotoki
14:18:54 <ralonsoh> ack?
14:18:56 <lajoskatona> +1 for drivers meeting discussion of these
14:19:37 <ralonsoh> (I'll ping haleyb later, or mail him)
14:19:51 <ralonsoh> any other bug you want to discuss?
14:20:15 <ralonsoh> let's jump to the next topic
14:20:19 <ralonsoh> #topic specs
14:20:30 <ralonsoh> the only spec open is
14:20:33 <ralonsoh> #link https://review.opendev.org/c/openstack/neutron-specs/+/885324
14:21:09 <ralonsoh> with fantastic diagrams!
14:21:16 <mlavalle> :-)
14:21:42 <ralonsoh> so please, check it this week in order to merge it in the next week
14:22:02 <mlavalle> I addressed lajoskatona small nit concern last night
14:22:14 <mlavalle> so I think he will also be happy with it
14:22:24 <lajoskatona> I will check it
14:22:29 <ralonsoh> thanks!
14:22:47 <mlavalle> thanks for the reviews
14:23:01 <ralonsoh> ok, so please review it if you have some minutes
14:23:07 <ralonsoh> next topic
14:23:15 <ralonsoh> #topic community_goals
14:23:19 <ralonsoh> 1) Consistent and Secure Default RBAC
14:23:31 <ralonsoh> slaweq, something new about the service to service role?
14:23:41 <ralonsoh> or it is too soon?
14:23:49 <slaweq> I started working on service role
14:24:14 <slaweq> https://review.opendev.org/c/openstack/neutron/+/886724
14:24:31 <slaweq> it's marked as WIP because I need to check why port binding is not working as expected
14:24:40 <lajoskatona> +1 cool
14:24:42 <slaweq> but other than that You can review it
14:25:13 <slaweq> it's mostly adding unit tests for new role, and adding policies for some of the API calls to make it available for this new rile
14:25:15 <slaweq> *role
14:25:28 <ralonsoh> quick question
14:25:35 <slaweq> that's all from me about this topic
14:25:40 <ralonsoh> if we want now to manually create a port binding
14:25:44 <ralonsoh> how can we do it?
14:25:55 <ralonsoh> for debugging purposes, for example
14:26:06 <slaweq> https://review.opendev.org/c/openstack/neutron/+/886724/4/neutron/conf/policies/port_bindings.py
14:26:16 <slaweq> I made it as "admin_or_service" for now
14:26:23 <ralonsoh> ahh ok ok, perfet
14:26:27 <slaweq> so as admin You will be able to create port binding
14:26:39 <slaweq> ahh, no
14:26:41 <slaweq> sorry
14:26:49 <slaweq> create is now only for SERVICE
14:26:51 <ralonsoh> create_port_binding
14:26:56 <ralonsoh> yeah, is only service
14:26:56 <slaweq> the same as activate
14:27:07 <slaweq> only get_port_binding is for ADMIN
14:27:22 <slaweq> so You would need to have token with "service" role to do it
14:27:24 <ralonsoh> so can we impersonate a service role?
14:27:27 <ralonsoh> perfect
14:27:42 <slaweq> but if You think we should allow that for admin, please comment in the patch
14:28:06 <ralonsoh> no no, just thinking load about the testing part
14:28:10 <ralonsoh> nothing else
14:28:18 <ralonsoh> thinking loud*
14:29:00 <slaweq> sure - we definitely need discussion about some of those APIs :)
14:29:09 <ralonsoh> for sure!
14:29:41 <ralonsoh> ok, next one
14:29:47 <ralonsoh> 2) Neutron client deprecation
14:29:54 <ralonsoh> lajoskatona, any update this week?
14:30:18 <lajoskatona> yes, this week vpnaas was the selected one:
14:30:27 <opendevreview> Amit Uniyal proposed openstack/os-vif stable/yoga: set default qos policy  https://review.opendev.org/c/openstack/os-vif/+/886710
14:30:38 <lajoskatona> small sdk fix: https://review.opendev.org/c/openstack/openstacksdk/+/886822
14:30:52 <lajoskatona> and the neutronclient one: https://review.opendev.org/c/openstack/python-neutronclient/+/886729
14:31:09 <lajoskatona> next one will be sfc, and I think that will be the last stadium to change
14:31:52 <ralonsoh> good ones! thanks a lot
14:31:57 <lajoskatona> after that we can focus on other projects who use neutronclient python bindings, like Horizon, Heat (again)
14:32:15 <lajoskatona> and that's it for this topic
14:32:16 <ralonsoh> right, these are going to be more difficult
14:32:28 <ralonsoh> lajoskatona, thanks!
14:32:42 <lajoskatona> yes, this is why I am not running to start them :-)
14:32:47 <ralonsoh> hehehe
14:33:07 <ralonsoh> so last topic
14:33:13 <ralonsoh> #topic on_demand
14:33:20 <ralonsoh> please check the n-lib patches
14:33:31 <ralonsoh> https://review.opendev.org/q/project:openstack/neutron-lib+status:open
14:33:40 <ralonsoh> I would like to release a version this week
14:33:50 <ralonsoh> that's all from my side
14:34:22 <frickler> I just looked at 2024510 a bit more
14:34:33 <frickler> seems the issue is about port-forwarding only
14:34:51 <frickler> which is L4, while BGP is L3, so I don't see how this should work at all
14:35:13 <frickler> or put differently: seems everything is working as designed
14:35:49 <ralonsoh> ok so this is a misuse of BGP
14:35:56 <ralonsoh> can you update the LP bug with this comment?
14:36:02 <ralonsoh> and thanks for checking it!
14:36:38 <frickler> well IMO doing port-forwarding is misuse on its own, but yes, will comment
14:36:48 <ralonsoh> thanks
14:37:22 <ralonsoh> something else you want to comment?
14:37:37 <ralonsoh> please remember the CI meeting is in 20 min, in this channel
14:37:47 <slaweq> on irc this week
14:38:00 <ralonsoh> ok folks, thanks for attending
14:38:03 <ralonsoh> #endmeeting