18:01:47 #startmeeting networking_policy 18:01:48 Meeting started Thu Dec 11 18:01:47 2014 UTC and is due to finish in 60 minutes. The chair is SumitNaiksatam. Information about MeetBot at http://wiki.debian.org/MeetBot. 18:01:49 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 18:01:52 The meeting name has been set to 'networking_policy' 18:02:11 #info agneda https://wiki.openstack.org/wiki/Meetings/Neutron_Group_Policy#Dec_11th.2C_2014 18:02:17 #topic Bugs 18:02:43 we have one critical 18:02:50 #link https://bugs.launchpad.net/group-based-policy/+bug/1397721 18:02:58 ivar-lazzaro: thats on your plate 18:03:02 hemanthravi: hi 18:03:20 ivar-lazzaro: i know you are swamped with other stuff 18:03:26 hi 18:03:28 Youcef: hi! 18:03:35 hi 18:03:52 LouisF: hi! 18:03:56 is mageshgv here? 18:03:56 SumitNaiksatam: this is actually solved by https://review.openstack.org/#/c/140201/ 18:04:07 SumitNaiksatam:hi 18:04:15 SumitNaiksatam: not sure why the lp isn't updated 18:04:23 ivar-lazzaro: awesome 18:04:28 mageshgv: great thanks for joining 18:04:53 ivar-lazzaro: i think you it might just a need some teaking in the commit message 18:05:24 mageshgv: you seem to be making good progress with the ton of “high” priority bugs on your plate 18:05:55 mageshgv: any blockers for you at this point? 18:06:22 SumitNaiksatam: yes, making good progress, no blockers :) 18:06:31 mageshgv: great! 18:06:59 ivar-lazzaro: i did not notice, you add a second critical yesterday: #link https://bugs.launchpad.net/group-based-policy/+bug/1401347 18:07:18 its a critical if there is not workaround 18:07:20 yes, that one also fixed 18:07:28 but anyway you have the fix 18:07:31 there is not 18:07:42 once the port is deleted the PT leaks forever 18:07:44 minor pep8 issue 18:07:51 ivar-lazzaro: okay got it 18:08:03 ivar-lazzaro: i will track this as soon as you fix the pep8 18:08:16 #topic Features merged in the last week 18:08:52 Resources sharing (with shared attributed) : #link https://review.openstack.org/#/c/134692/ 18:09:26 this helps us to enable a bunch of use cases, most importantly, external connectivity (which is in review right now) 18:09:51 Extensions loading from drivers: #link https://review.openstack.org/#/c/138249/ 18:10:05 banix: this ^^^ should make you happy :-) 18:10:37 SumitNaiksatam: that’s right. thanks. 18:10:57 with the above change the GBP model becomes extensible for individual drivers if they decide to do so 18:11:07 decide -> choose 18:11:16 LouisF: perhaps you were also looking for the above change 18:11:28 unfortunately it has landed a little late in the cycle 18:11:47 but it is there, so we can start planning on how we can use it 18:11:53 thanks rkukura for that 18:11:59 SumitNaiksatam: yes 18:12:14 SumitNaiksatam, hi 18:12:14 Policy Rule Updates: #link https://review.openstack.org/138338 18:12:26 thanks to s3wong for that 18:12:37 igordcard: hi, go ahead 18:13:03 s3wong: i just finished thanking you! 18:13:09 sorry, late 18:13:18 np 18:13:20 bad weather to get to office 18:13:27 yeah, its pretty out there 18:13:47 apparently parts of SF dont have power anymore 18:14:06 juice up your laptops!! :-P 18:14:17 would have been a good excuse to leave office if it happens here too :-) 18:14:23 did the temp drop below 50 for you guys? ;) 18:14:29 s3wong: :-) 18:14:43 banix: actually, I don't think so, I think we are still @ around 60 :-) 18:14:45 banix: okay okay…not as bad as guys 18:14:55 banix: but we at least have something to whine about now :-P 18:14:59 banix: it is freezing out here :-) 18:15:11 s3wong: lol 18:15:18 okay so those were the three main features in the last week 18:15:32 any questions on those? 18:16:05 #topic Pending reviews (features) 18:16:25 External connectivity #link https://review.openstack.org/#/q/status:open+project:stackforge/group-based-policy+branch:master+topic:bp/external-connectivity,n,z 18:16:28 oops 18:16:39 well may be it was the right link 18:16:59 ivar-lazzaro is at it again! ;-) 18:17:18 on a more serious note, this is great work in a short period of time 18:17:30 SumitNaiksatam: the link doesnt show any open patch 18:17:37 mageshgv: ooops 18:17:42 I've given some manual testing to the patches yesterday, using implicit shared default ES 18:18:01 ivar-lazzaro: okay 18:18:08 perhaps ivar-lazzaro changed the topic on those patches 18:18:22 everything went fine for very simple cases, I invite you all to give a try to find any bug asap :) 18:18:34 so starting with this patch: #link https://review.openstack.org/#/c/137267/ 18:18:59 yeah now something different is in the topic field, sorry about that 18:19:02 ivar-lazzaro: it will be instructive for the team if you can create a short wiki page, and outline how you have tested this for the neutron mapping 18:19:34 ivar-lazzaro: i can create a landing page for you and you can fill it up per your convenience 18:19:35 SumitNaiksatam: sure, I'll try to get some time to do so 18:19:43 ivar-lazzaro: thanks 18:20:04 this is critical functionality for this release, so please please review if you get a chance (and also to try it out) 18:20:27 any questions for ivar-lazzaro on this? 18:20:47 does everyone understand what ivar-lazzaro is trying to do here? 18:21:03 ivar-lazzaro: perhaps a quick one line summary to level set? 18:21:12 sorry to put you on the spot 18:21:17 np 18:21:28 quick summary? 18:21:45 3 new objects have been added to the API: External Segment (ES), External Policy (EP), Nat Pool (NP) 18:22:10 together, they describe how a given L3_Policy can connect to the external world 18:22:27 The ES physically represents the external network/subnet 18:22:50 the EP is basically an External EPG, that can provide and consume contracts on behalf of a given portion of the external world 18:22:50 ivar-lazzaro: okay 18:23:09 and the Nat Pool (not used in this iteration) represents the floating IPs pool 18:23:23 ivar-lazzaro: so EP is a “special” EPG, right? 18:23:28 yes 18:23:37 ivar-lazzaro: how does it differ from EPG? 18:23:40 It exists on a given External Segment 18:23:47 errr…PTG 18:23:47 and can provide and consume contracts 18:23:56 (PRS) 18:24:04 the difference is that it doesn't have endpoints 18:24:12 ivar-lazzaro: ah there you go 18:24:36 ivar-lazzaro: also ES and EP can be CUD only by admin? 18:24:40 It defines the policy for the external segment, in particular for its routes 18:24:46 ivar-lazzaro: i guess also NAT pool 18:25:09 that's correct. Everything of course depends on the policy.json 18:25:25 so the role access can vary dynamically 18:25:44 but yeah, that's the typical use case 18:26:28 any questions? 18:26:42 ivar-lazzaro: and in the context of the neutron mapping, what we should be looking for is whether the external network gets created properly 18:26:58 ivar-lazzaro: how is the ES defined? what attributes does it have? 18:26:59 ivar-lazzaro: and the router’s external gateway is set properly? 18:27:01 yes, and also shared properly 18:27:21 ivar-lazzaro: one quick question. Does the external segment and external policy help in modelling only the external network segment the openstack uses or does it also have a way to represent anything outside the cloud 18:27:37 LouisF: #link https://github.com/stackforge/group-based-policy-specs/blob/master/specs/juno/external-connectivity.rst :) 18:27:44 ivar-lazzaro: thx 18:28:23 mageshgv: in this first iteration, especially for the RMD, it's tied on what Neutron can represent 18:28:38 ivar-lazzaro: alright 18:29:02 mageshgv: however, the idea is to make the ES very very simple, so that each driver can extend it 18:29:26 mageshgv: in order to represent the outside of the cloud however they need to 18:30:16 mageshgv: in a way the ES is meant to be extended in order to be used properly. The plan is to add more core attributes once we realize what can be defined as "common" requirement for the external world 18:31:06 ivar-lazzaro: can you provide a little more context on what “more” core attributes you anticipate 18:31:14 ivar-lazzaro: thanks. that helps. wanted to make sure we have that in mind :) 18:31:18 trying to get a feel for which direction we are going 18:31:39 so far the core attributes are *cidr* and *port_address_translation* 18:32:06 I feel that each driver will have to describe every L2 related attribute 18:32:20 like encap, physnet (in Neutron's terminology) or encap_value 18:32:56 however it's not clear now what is the common denominator 18:33:13 ivar-lazzaro: okay makes sense 18:33:55 ivar-lazzaro: i was just going to say that as long as you (as a vendor) were already mapping to the physical network in Neutron, you should be able to do it here as well 18:34:48 any more questions on this? 18:35:39 mageshgv: you are working on (1) hierarchical PRS (2) Policy Action updates 18:36:28 Support Hierarchial Policy Rule Set for Redirects: #link https://review.openstack.org/140286 18:36:43 SumitNaiksatam: yes, (1) is ready for initial review, (2) is completed 18:36:52 Handle Policy Action value update(Service Chain Spec update) #link https://review.openstack.org/138338 18:37:28 mageshgv: thats awesome, having a tough time keeping pace with the flurry of patches! 18:37:58 any questions for mageshgv on those two? 18:38:32 #topic New Policy drivers 18:38:39 ODL: #link https://review.openstack.org/#/c/138556/ 18:38:44 this is coming along nicely 18:39:11 i think this one is the first patch in the series: #link https://review.openstack.org/#/c/138235/3 18:39:43 we have yi and yapeng working on the OpenStack side, and keith and thomas bachman working on the ODL side 18:39:44 SumitNaiksatam: finally out of WIP mode? 18:39:58 s3wong: first one is, second patch is not 18:40:07 s3wong: but the testing is going well 18:40:18 SumitNaiksatam: OK 18:40:23 i mean there is end-to-end intergration tested 18:40:40 with respect to EPs being registered on the ODL side 18:40:55 we have not tested the datapath yet 18:41:10 LouisF: you probably work with yapeng? 18:41:21 is ronak here? 18:41:44 SumitNaiksatam: I think yapeng and LouisF are in different BUs and different countries :-) 18:42:36 s3wong: yeah i know yapeng is in Canada 18:42:40 #topic Packaging 18:43:00 rkukura does not seem to be here (he is probably on his flight back from the neutron mid-summit) 18:43:10 the update there is that this is proceeding well 18:43:30 rkukura’s patch to fedora was approved for the GBP server side package 18:43:52 so its a matter of now keeping it updated with the release version 18:43:56 SumitNaiksatam: yes 18:44:05 i belive he has this done for the client as well 18:44:14 and the heat and horizon packages are in the works 18:44:22 #topic Open Discussion 18:44:43 sorry we have been skipping the discussion on the kilo specs 18:45:04 but we have too many things on our plate to finish by dec 19th, hence the delay on that discussion 18:45:25 we should be able to focus our discussion on those once we reach the release point 18:45:38 LouisF: thanks for being patient on that, and apologies for not reviewing your specs 18:46:24 anything else we want to discuss today? 18:46:37 btw, the update on the Horizon front is that its shaping up well 18:46:51 there is one critical issue with creating service chain specs 18:47:09 (and another regression on creating the policy classifier) 18:47:17 but other than that its mostly functional 18:47:40 SumitNaiksatam: np 18:47:58 anything else? 18:48:30 ivar-lazzaro and mageshgv thanks for the herculean effort! 18:48:43 alrighty, !until next week 18:48:49 thanks for attending 18:48:51 bye 18:48:53 bye 18:48:54 bye 18:48:57 bye 18:48:57 thanks, bye! 18:49:00 #endmeeting