17:05:32 #startmeeting networking_l2gw 17:05:33 Meeting started Mon Apr 27 17:05:32 2015 UTC and is due to finish in 60 minutes. The chair is Sukhdev. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:05:34 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 17:05:37 The meeting name has been set to 'networking_l2gw' 17:05:54 #topic: Agenda 17:05:59 #link: https://wiki.openstack.org/wiki/Meetings/L2Gateway#Agenda 17:06:12 Hope everybody had a chance to look at the agenda 17:06:24 Does anybody want to add anything to Agenda? 17:06:37 #Announcements: 17:06:47 yes can we include the https://review.openstack.org/#/c/172855/ for review 17:06:48 Ashish wants to add review https://review.openstack.org/#/c/172855/ 17:07:22 marutikamat: Lets discuss these in the Bugs section 17:07:31 sure 17:07:53 Kilo is out and the Liberty Summit is in 3 weeks - 17:08:07 anybody wants to announce anything for the team? 17:09:07 marutikamat, ashishg: You are free to add things to the agenda beforehand - just update the wiki directly 17:09:28 #topic: Action Items from previous week 17:09:40 I saw the presentation for the summit 17:10:00 I have not had time to review it yet - just did a quick glance at it 17:10:02 More things to be fleshed out in the slides 17:10:10 marutikamat: correct 17:10:14 they are just a draft version 17:10:24 Anyone is free to edit them 17:10:32 marutikamat: Understood 17:11:02 marutikamat: the version you sent, I could not edit - can you send it either google or powerpoint slides form? 17:11:28 sure 17:12:08 yamahata: did you have an opportunity to look at them? 17:12:30 Sukhdev: Not yet. I'll do this week. 17:12:58 marutikamat: Also, one more observation - these say HP Helium - Do you want them to be HP specific? 17:13:39 marutikamat: my suggestion will be remove this - thoughts? 17:13:50 We received an e-mail from management to use that template 17:14:02 I will check and let you know tomorrow. 17:14:20 Helion? 17:14:26 marutikamat: Please do - 17:14:38 yamahata: Yes 17:14:38 Yes 17:15:31 marutikamat: My suggestion would be to keep the deck generic and then mention at some point about HP solution 17:15:54 Yes makes sense 17:16:12 marutikamat: When you talk about the solution and demo - use HP switches and specific products 17:16:31 agreed 17:16:53 marutikamat: I will do the same - BTW, it is working on Arista TORs as well - I tested in multi-switch topology 17:17:57 marutikamat: Once you send the editable version, I will make the updates and send it back to the team for review/discussion 17:18:11 Our next meeting will be the last before Summit - 17:18:17 Great news! :) 17:18:24 We should iron out everything by them 17:18:33 Great news that the solution is working with Arista as well 17:18:49 Anything else on this? 17:19:01 I sent you the editable version just now 17:19:25 marutikamat: Cool - thanks - is it in the powerpoint or Google ? 17:19:39 power point 17:19:56 I am an Apple guy - have to make sure have appropriate packages to edit :-):-) 17:20:15 Anything on the Summit session planning? 17:20:39 First let's get the slides in shape 17:20:48 What do you say? 17:21:00 Actually, I have couple of question - will ask later in the meeting 17:21:08 marutikamat: Yes - agree 17:21:27 marutikamat: lets iterate over email 17:21:32 Only then we will come to know how much time it will take for us to go through the slides 17:21:53 Sounds good 17:22:03 We will also meet in person before the session and will finalize. 17:22:20 marutikamat: good idea 17:22:35 #topic: Versioning and Release Management 17:22:50 I will check if Alok/Ashish can record a demo too 17:23:24 Armando has to approve the review posted by Sukhdev 17:23:54 Sukhdev can you check with him? 17:24:00 marutikamat: Yes, I was looking for him. 17:24:25 Are we in a position to cut the release - there are some critical bugs still open 17:24:36 I do not know if you saw this https://review.openstack.org/#/c/177637/ 17:24:41 #link: https://review.openstack.org/#/c/177637/ 17:24:49 We will fix them in a few more days 17:25:27 Our project was not setup with correct ACLs, hence, I could not tag the release - now that this patch is approved, I can tag our project with branches 17:25:47 I will create a kilo/stable release branch - within this week. 17:26:11 As soon as armax approves my patch, this will be ready to go 17:26:16 This is good 17:26:31 Then I will release networing-l2gw package on pypi 17:26:47 I have been purposely dragging my feel to get things stablize 17:27:05 I opened a bug late last week - which is very annoying as well - 17:27:28 require unstack/stack to move forward - those kinds of bugs are annoying :-) 17:27:40 A few developers need some clarifications from you on some bugs 17:27:53 :) 17:28:12 marutikamat: That is why I added Bugs as a topic to the agenda - lets cover all of that in there 17:28:26 I have one more topic before we jump into Bugs 17:28:32 ok 17:28:54 #topic: OVSDB Sever <-> Neutron Controller connection initiation 17:29:09 I wanted to have brief discussion on this - 17:29:35 Per the blueprint spec, only l2gw agent opens a connection with the OVSDB server unlike NSX 17:29:40 Our present solution requires Neutron to open a connection with OVSDB server 17:29:57 We can include it in the next release 17:30:26 marutikamat: correct - I noticed it leaves a security hole (during my testing) - hence, thought if we can discuss and fix 17:30:38 ok 17:30:43 next release is fine - as long as we understand the issue. 17:31:04 marutikamat: Perhaps we can add to our future work items. 17:31:08 You may SSL between the l2gw agent and the OVSDB server to fill this security hole. Any thoughts? 17:31:33 L2 gw agent already supports SSL 17:32:41 There are multiple ways to address the security - but, I was accidently attaching to the wrong switches, and it will let me do it 17:33:21 I was launching devstack (forgot to update the IP of the devices) and it will gladly connect to the switches, it was not suppose to connect 17:33:33 Sukhdev: in that case SSL do the trick right ? 17:34:38 selvakumar_s: Probably (and will also admit that it was an operator fault) - nonetheless, if we allowed the connection initiation in the reverse direction, this will make it safe 17:35:28 selvakumar_s: Also, for those who are used to NSX type of deployments, this will come more natural for them 17:35:32 We will implement it in the next release. 17:35:39 selvakumar_s: for new comers this will not matter 17:36:01 marutikamat: Cool - we will add to our future items 17:36:04 lets move on 17:36:10 Ok 17:36:15 #Bugs: 17:36:24 Let me start with one - 17:36:34 the one I added to the agenda 17:36:48 #link: https://bugs.launchpad.net/networking-l2gw/+bug/1444188 17:36:48 Launchpad bug 1444188 in networking-l2gw "can not create l2 gateway connection without specifying segmentation ID" [Undecided,New] 17:37:07 I tried to explain the limitation in the bug explanation - did it make sense? 17:37:43 Alok/Selva, your observation/analysis on this one. 17:37:44 If we allowed segmentation-ID = 0 (to mean untagged packets) that will do the trick 17:38:00 Sukhdev: we need the OVSDB Dump how it should look like in case of no segmentation id 17:38:29 selvakumar_s: When I get on the system next, I will capture and paste it to the bug 17:38:44 Sukhdev: we discussed with Alok and HP switch will not work for emtpy vlan_binding for the port table 17:38:44 Sukhdev, when you do this with NSX, what is the VNI to VLAN binding on the physical port on the OVSDB server table? 17:39:17 in general, I want to make sure we are on the same page in terms of tagged vs untagged packets 17:39:17 Selva, we can try with 0 as Sukhdev mentioned 17:39:47 Sukhdev: For This bug : Making changes in Front end is easy and we need to understand deeper how it works in OVSDB side if we dont allow segmentation id . 17:39:54 It will be clear after Sukhdev supplies the OVSDB table dump 17:40:14 Yes Maruti: 17:40:40 selvakumar_s: I am not expert on NSX (hence I am working with Artista internal people who are expert in that area) - But, I think NSX allows segmentation ID = 0 for untagged packets 17:41:17 AI on Sukhdev: Supply the OVSDB dump when you configure with 0 seg ID. 17:41:24 selvakumar_s: I will collect more information and how it works on NSX and add to the bug description 17:41:32 Please paste in the bug report. 17:41:49 Sukhdev: Sure meanwhil we will discuss internally tomorrow 17:41:52 #action: Sukhdev to provide the dump of OVSDB server for untagged configuration 17:41:58 Sure 17:42:11 Next bug: 17:42:30 #link: https://review.openstack.org/#/c/172855/ 17:43:34 ashishg: you are looking for approval on this, right? 17:43:40 Sukhdev: Please review it if time permits. 17:43:47 Sukhdev: we have reviewed this patchset internally and we are waiting for armax and you for further reviewing 17:43:58 ashishg: or do you want to discuss anything about it? 17:44:21 yes i want this to be reviewed 17:44:34 selvakumar_s: my bad - I actually looked at it twice, but, could not complete the review (because the patch is big) :-) 17:44:55 ashishg: I will get to it this week - unless armax beats me to it :-) 17:45:03 next bug 17:45:06 ok thanks 17:45:10 #link: https://review.openstack.org/#/c/172855/ 17:45:43 Opps - sorry it the same one 17:45:50 :) 17:45:56 marutikamat: you had two - what is the other one? 17:46:26 Other one was yours 17:46:37 https://review.openstack.org/#/c/172742/ 17:47:05 Oh OK - we are waiting for armax to approve this - unless marutikamat you want to approve it? 17:47:37 Just wanted armax to check whether his review comments are addressed. 17:48:18 marutikamat: sounds good - I will look for him on IRC later 17:48:29 ok thanks. 17:48:38 armax: I see you are online now - 17:48:55 There is one more bug - I wanted to bring up - 17:49:01 #link: https://bugs.launchpad.net/networking-l2gw/+bug/1447910 17:49:01 Launchpad bug 1447910 in networking-l2gw "L2 Gateway creates multiple entries for logical switch" [Undecided,New] - Assigned to MANJUNATH PATIL (mpatil) 17:49:09 Did you have a chance to look at this one? 17:49:21 This was the latest one I discovered - 17:49:38 The worst part is it hard to clear the condition. 17:49:42 We will figure out the root cause tomorrow. 17:50:26 I remved duplicate entry from mysql - as well as reset the OVSDB server (removed from it as well), but will reappear - :-) 17:50:50 the only way to clear it was by unstacking/stacking - which is kinda annoying :-) 17:51:12 If you could described how you ran into this situation (reproducible steps), it will help us to understand it quickly. 17:51:14 Anything else on the Bugs? 17:51:58 marutikamat: I could not figure out how I got into this mess - All I know is it was working fine with one TOR. I was trying to another TOR to the topology 17:52:48 OK. We will look into this tomorrow. 17:52:50 Once I had all the underlay worked out for the second TOR and went to create a GW and connection and it started rejecting - that is how I discovered this condition 17:53:30 Anything else? 17:53:39 #Open Discussion: 17:53:51 I had couple of question - that I mentioned I will ask later 17:53:57 Let me ask them now 17:54:18 First question is neutron-l2gw vs, just neutron 17:54:42 why did we choose to start our api's with -l2gw option? 17:54:47 Selva, do you know this info from Preeti? 17:55:20 It almost gives the feeling that we are orphan children :-):-) 17:55:21 No idea Maruti . I think armax might be knowing this 17:55:22 It is because the CLIs code is not part of python neutron client 17:55:49 marutikamat: do we intend to align evantually? 17:56:17 perhaps I will ask armax when I run into him 17:56:27 Second question - 17:56:30 ok 17:56:36 it is related to future work - 17:56:55 Shall we plug these APIs into Horizon? 17:56:57 Sukhdev:https://review.openstack.org/#/c/164114/ 17:57:17 this review is for l2gateway cli using neutronclient extension. 17:57:19 Options I can think of: 1. Using manager table of OVSDB to initiate connections from the OVSDB server. 17:57:26 2. S/W l2 gateway 17:57:32 3. Supporting DVR with l2gw. 17:58:48 selvakumar_s: Thanks for the link - I will look at this 17:59:07 Having l2gw APIs in Horizon looks good too. 18:00:01 marutikamat: Yes, all of those are good to add 18:00:24 marutikamat: perhaps we should add those to slide deck 18:00:42 true 18:00:54 marutikamat: I can think of another one - VLAN<->VLAN gateway support 18:01:17 Sukhdev: Good point 18:01:32 Racha wanted to support other types like FLAT or GRE (I don't remember) 18:02:10 marutikamat: yes, that is true - we should list these all and then we can prioritize based upon the interest 18:02:19 We are out of time - anything else? 18:02:44 This is excellent discussion - wish armax was here too :-( 18:02:54 Thanks folks 18:03:04 #endmeeting