18:32:57 <SumitNaiksatam> #startmeeting Networking FWaaS
18:32:58 <openstack> Meeting started Wed Nov 12 18:32:57 2014 UTC and is due to finish in 60 minutes.  The chair is SumitNaiksatam. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:32:59 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
18:33:01 <openstack> The meeting name has been set to 'networking_fwaas'
18:33:16 <SumitNaiksatam> probably light attendance today, people still getting back from the summit
18:33:26 <SridarK> SumitNaiksatam: yes seems that way
18:33:28 <SumitNaiksatam> #topic bugs
18:34:05 <SridarK> glebo: hi
18:34:07 <SumitNaiksatam> glebo: hi there
18:34:13 <glebo> 'lo
18:34:34 <SumitNaiksatam> doesnt seem like anything significant has popped up the bugs front
18:34:52 <SumitNaiksatam> we did a scrub last time, and we have a shorter list today
18:35:03 <SridarK> SumitNaiksatam: yes
18:35:17 <SumitNaiksatam> #topic Docs
18:35:41 <badveli> hello all
18:35:41 <SumitNaiksatam> SridarK: any follow up on #link https://bugs.launchpad.net/openstack-manuals/+bug/1346986
18:35:45 <SumitNaiksatam> badveli: hi!
18:35:53 <badveli> hello sumit and all
18:35:54 <SridarK> SumitNaiksatam: not much happened last week i will do this
18:35:58 <SridarK> badveli: hi
18:36:06 <badveli> hello sridar
18:36:14 <SumitNaiksatam> SridarK: great, thanks
18:36:22 <SumitNaiksatam> SridarK: i think rudrajit has unassigned himself
18:36:32 <SumitNaiksatam> SridarK: perhaps we can add the relevant fwaas part?
18:36:44 <SridarK> SumitNaiksatam: ok i will do take care of that
18:37:18 <SumitNaiksatam> SridarK: also i think we need to sync up with the DVR team if they covered the services part as well in their documentation (in the context of the FWaaS for DVR)
18:37:55 <SridarK> SumitNaiksatam: i will touch base with Swami & Rajeev on that
18:38:13 * glebo will brb
18:38:43 <SumitNaiksatam> #action SridarK SumitNaiksatam to follow up with Swami/Rajeev//DVR team on FWaaS documentation in the context of DVR (and N-S firewall functionality)
18:39:20 <SumitNaiksatam> #topic Kilo blueprints
18:39:24 <fwaas> hi
18:40:32 <SumitNaiksatam> vishwanathj: hi
18:40:43 <vishwanathj> hello
18:40:45 <SridarK> vishwanathj: hi
18:40:47 * glebo bac
18:40:56 <SumitNaiksatam> badveli: you are following up on the service groups/objects spec
18:41:06 <badveli> yes
18:41:13 <SumitNaiksatam> badveli: link?
18:41:15 <badveli> i had some comments and
18:41:47 <glebo> I have reviewed it privately w/ bauzas, and will add those comments publicly now for others to see
18:41:50 <badveli> let me post it, we are already in the review
18:41:54 <SumitNaiksatam> #link https://review.openstack.org/#/c/131596/
18:42:18 <glebo> s/ with bauzas/with badveli
18:42:20 <badveli> only one thing i was not sure was tempest
18:42:35 <badveli> one of the comment was add a tempest spec
18:43:07 <SumitNaiksatam> badveli: you had already posted a tempest patch, right?
18:43:21 <badveli> yes sumit, but they are asking a spec
18:43:27 <badveli> tempest spec
18:43:36 <SumitNaiksatam> badveli: ok, perhaps a new requirement
18:43:51 <badveli> yes, i am trying to check which one needs the tempest spec
18:44:08 <badveli> and when do we need it
18:44:11 <glebo> have we id'd who are the MUST have reviewers in order for approval to pass by PTL?
18:44:23 <SumitNaiksatam> badveli: tempest spec i guess will not get approved until the neutron implementation patch gets approved
18:45:15 <SumitNaiksatam> glebo: badveli: you can add “neutron-core” to the reviewer’s list
18:45:21 <SumitNaiksatam> this will add all the neutron cores
18:45:32 <badveli> ok, i will add it
18:45:38 <badveli> https://github.com/openstack/qa-specs/tree/master/specs
18:45:41 <SumitNaiksatam> SridharRamaswamy: hi
18:46:00 <badveli> i am going through the existing tempest specifications, to know
18:46:31 <SumitNaiksatam> badveli: do you think you are on top of the comments, or do we need to discuss anything here?
18:46:41 <SumitNaiksatam> *review comments
18:46:47 <badveli> i think i am
18:46:52 <SumitNaiksatam> badveli: okay good
18:47:02 <badveli> thanks for asking sumit
18:47:04 <glebo> SumitNaiksatam:  yes, we can, but as we learned last time, there are certain cores that matter most, i.e. PTL will not finally approve without those reviewers
18:47:14 <SridarK> badveli: we are not doing any significant changes to the data model correct ?
18:47:22 <badveli> no
18:47:25 <SumitNaiksatam> glebo: have you seen any documentation for this?
18:47:25 <SridarK> *from Juno spec
18:47:31 <glebo> SumitNaiksatam:  last time, Mark explained there needed to be a "Security" reviewer, and an API reviewer
18:48:13 <glebo> SumitNaiksatam: nothing public, only the irc chat transcript between Mark and myself a few months back
18:48:24 <SumitNaiksatam> glebo: i am not aware who those are, but please update the team with any information you dig up on this front
18:49:08 <glebo> SumitNaiksatam:  Mark said we would identify and assign them specifically once Kilo opened.
18:49:44 <SumitNaiksatam> the second spec we wanted to put immediately was on the FWaaS insertion
18:49:53 <glebo> SumitNaiksatam:  Now that Kilo is open, we need to close loop on that and identify with Mark & Kyle exactly who must be in approver chain for them to approve it themselves
18:50:17 <glebo> before we leave the Service Objects & Groups spec,
18:50:36 <glebo> does anyone understand what needs to be done to satisfy this comment from mestery:
18:50:38 <SumitNaiksatam> glebo: i believe this should be a documented policy if indeed it is, it should not be function of informal discussions
18:50:53 <glebo> "I'm particularly concerned about the lack of details of the Open Source implementation. Given the community will be left maintaining this, I'd like more details around this before we consider merging this."
18:51:28 <glebo> SumitNaiksatam:  clearly, and agreed. But it's not. This is what Mark said needed to happen. And he agreed it was not documented. So I'm following that.
18:51:29 <SumitNaiksatam> glebo: perhaps good idea to ask for explanation in the gerrit review
18:52:02 <SumitNaiksatam> glebo: to your question on the comment left in the review
18:52:08 <glebo> SumitNaiksatam:  more specifically, which part of "Open Source" implementation might he be referring to?
18:52:29 <SumitNaiksatam> glebo: i believe a similar comment was made earlier when this was -2’ed but no explanantion was provided
18:52:37 <SumitNaiksatam> glebo: so i share your confusion
18:53:11 <glebo> anyone else have any idea to what "lack of details of the Open Source implementation." may be referring to?
18:53:13 <badveli> yes, there is no open source implementation as such i am thinking to explain a bit of our reference implementaions
18:53:18 <SridarK> glebo: i agree that gerrit is a good place to seek clarification
18:53:45 <SumitNaiksatam> glebo: i am not sure if somehow the conclusion is being drawn that to implement this fucntionality we need something beyond iptables (in the reference implementation)
18:54:11 <SridarK> glebo: the patch should be covering this on our existing iptables implementation
18:54:16 <glebo> SumitNaiksatam:  & SridarK:  ok, will try to get clarification via gerrit. Just didn't want to bug in public if we were missing something obvious
18:54:38 <SumitNaiksatam> glebo: i agree
18:54:41 <badveli> Sridar, sumit, if we explain about out refernce implementaions
18:54:42 <SridarK> glebo: i think we just need to clarify about the backend on the ref impl
18:54:42 <SumitNaiksatam> glebo: which line number on the review?
18:55:29 <glebo> mestery review Nov 7 09:13, general comment (i.e. not inline to the text)
18:55:31 <badveli> cwe can explain more about our reference implementations
18:55:40 <badveli> we
18:55:52 <SridarK> badveli: i think so too
18:56:15 <glebo> badveli:  is it clear to you what is needed to address this comment?
18:56:21 <SumitNaiksatam> okay, so to me it shows that lack of understanding of the spec
18:56:29 <badveli> yes glebo,
18:56:43 <SumitNaiksatam> either the review was done in a hurry or may be we didnt do a good job of explaining
18:57:09 <SumitNaiksatam> badveli: perhaps clearly mentioning that this relies on the existing iptables library might help
18:57:21 <glebo> badveli:  great. Then lets get the change made asap and we'll validate w/ mestery that it suffices, and if not, we'll get clarification on exactly what he wants to see
18:57:30 <badveli> Yes sumit, i am not sure why do we need to explain about this
18:57:47 <badveli> glebo, they also requested i file a tempest spec
18:57:54 <badveli> i am working on that
18:57:59 <SumitNaiksatam> badveli: glebo: the other thing we can also do is bring this up for discussion in next week’s neutron IRC meeting
18:58:02 <glebo> badveli:  yup, understood
18:58:36 <SumitNaiksatam> it is an on demand agenda, so given the amount of time this has been in review, i think it makes sense to get some focussed attention on it
18:58:46 <glebo> SumitNaiksatam:  let's get a touch of text to clarify in place, ask mestery to review, and if it's not addressed, then we can bring it up in neutron. Good idea
18:59:08 <badveli> ok
18:59:20 <SumitNaiksatam> glebo: yeah, i meant it in that order; if things are resolved before the next meeting, we dont have to bring it up :-)
18:59:26 <glebo> let's get the ball back into reviewers' courts asap
18:59:41 <badveli> fine glebo
18:59:43 <glebo> SumitNaiksatam:  ack
19:00:12 <SumitNaiksatam> SridarK: regarding the firewall insertion spec, is there anything new we need to discuss?
19:01:08 <SridarK> SumitNaiksatam: i am still on the wall about router_id as the proposal from Mark, did not get a chance to discuss more with him, we can take this up in gerrit
19:02:49 <SridarK> SumitNaiksatam: in thinking more about this and also in discussion with folks that handle networks - i am getting feedback that L2 is also a strong requirement
19:03:02 <SumitNaiksatam> SridarK: so we decided that we will put the spec in as is (per demand by mark) and take it from there?
19:03:17 <SridarK> SumitNaiksatam: yes i think that is best
19:03:56 <SumitNaiksatam> ok great
19:04:45 <SumitNaiksatam> #topic Open discussion
19:05:04 <SumitNaiksatam> we all met and discussed plenty in person over the last few days
19:05:11 <glebo> back on fw insertion
19:05:15 <SumitNaiksatam> anything we missed or needs follow up today?
19:05:31 <glebo> did we send email to mark yet asking for clarification on L3 req?
19:05:37 <glebo> that was to be step 1,
19:05:39 <glebo> right?
19:05:54 * glebo behind on OS emails at present
19:06:23 <SridarK> glebo: no i have not sent an email yet - i am in some discussions with deployment and customer facing folks
19:07:25 <BrianTorresGil> Working on writing up use-cases I've learned from users, per our discussion on Monday.  Will send those to the group this week.
19:07:37 <glebo> if my notes are correct, SumitNaiksatam and SridarK say we already have published text on why L3 is not sufficient, right?
19:07:40 <SumitNaiksatam> BrianTorresGil: great, thanks for following up
19:07:44 <glebo> so we just need to point to those?
19:07:44 <SridarK> BrianTorresGil: hi & thx
19:08:00 <SumitNaiksatam> glebo: i will send pointer to existing docs
19:08:16 <glebo> BrianTorresGil:  same here.
19:08:36 <glebo> BrianTorresGil:  let's sync offline on which cases u r doing, so we don't dup efforts
19:08:46 <glebo> SumitNaiksatam:  perfect
19:08:59 <SridarK> glebo: no harm in churning again - we want to make sure we have wide consensus
19:09:11 <BrianTorresGil> glebo: sure, sounds good.  Though I'm interested in what we come up with separately, too.
19:09:22 <SumitNaiksatam> BrianTorresGil: yes, i agree
19:09:38 <SumitNaiksatam> so glebo: we also had you on the hook for the use cases ;-)
19:09:51 <SumitNaiksatam> and arvind, but i dont think arvind is here
19:10:00 <SumitNaiksatam> so will follow up separately
19:10:05 <SridarK> BrianTorresGil: yes that would be good - lets not influence each other - to take a look at this fairly independently and arrive at consensus
19:10:43 <SridarK> perhaps i did not articulate this perfectly - but i think u see what i mean too
19:11:02 <SumitNaiksatam> #action BrianTorresGil glebo arvind to exchange use cases within the fwaas team
19:11:20 <SumitNaiksatam> #action BrianTorresGil glebo arvind to exchange use cases within the fwaas team by end of the week
19:11:31 <SumitNaiksatam> we will consolidate these based on follow up discussion and proceed from there
19:12:39 <glebo> SumitNaiksatam:  great. We can map out roughly what they cases are, and then fill in the detailed description following
19:13:16 <SumitNaiksatam> glebo: perfect!
19:13:29 <SumitNaiksatam> okay, anything more for today?
19:13:37 <SridarK> SumitNaiksatam: enikanorov_ reached out in Paris for someone to handle the bugs that he does a prelim triage on - i have volunteered for that
19:13:49 <SumitNaiksatam> SridarK: nice!
19:13:50 <SridarK> and i will reach out to others to help
19:13:56 <SumitNaiksatam> anyone blocked on anything, or any other pressing concerns?
19:14:20 <SridarK> vishwanathj: welcome to the ur first fwaas irc
19:14:30 <vishwanathj> thanks
19:14:40 <vishwanathj> looking forward to guidance from you guys
19:15:18 <SumitNaiksatam> indeed, vishwanathj a warm welcome!
19:15:31 <vishwanathj> Thanks SumitNaiksatam
19:15:47 <SumitNaiksatam> okay so if nothing more, on that happy note, lets get back 15 mins of our time!
19:15:54 <SumitNaiksatam> thanks all for joining
19:15:55 <SumitNaiksatam> bye
19:15:59 <SridarK> bye all
19:16:02 <vishwanathj> awesome...bye all
19:16:10 <SumitNaiksatam> #endmeeting