17:00:01 <cathy_> #startmeeting service_chaining 17:00:02 <openstack> Meeting started Thu Jul 9 17:00:01 2015 UTC and is due to finish in 60 minutes. The chair is cathy_. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:00:03 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 17:00:06 <openstack> The meeting name has been set to 'service_chaining' 17:00:22 <cathy_> hi everyone 17:00:38 <Vikram_> cathy_:hi 17:00:39 <Swami> cathy_: hi 17:00:45 <Mohankumar_> Hi ! 17:00:47 <bouthors> cathy_:hi 17:00:55 <LouisF> hi 17:01:01 <Brian__> hi 17:01:28 <pcarver> hi 17:01:31 <cathy_> #topic SFC spec, https://review.openstack.org/#/c/192933/8/doc/source/api.rst 17:01:38 <amotoki> hi 17:02:17 <cathy_> any questions you would like to discuss? 17:02:22 <cathy_> on the spec? 17:02:41 <cathy_> amotoki: hi, glad that you join the meeting 17:02:58 <s3wong> hello 17:03:24 <numan> hi 17:04:03 <cathy_> let's discuss the parameter which is now changed to ChainParameter object 17:04:22 <bouthors> cathy_: can we discuss how to make the classifier parameters more general, as per the email I sent to the list ? 17:04:23 <s3wong> cathy_: we are still in patch set 8 17:04:47 <s3wong> cathy_: so there hasn't been update based on the various comments from armax 17:05:08 <cathy_> s3wong: I am going to upload a new one soon 17:05:21 <s3wong> cathy_: OK 17:05:30 <cathy_> I have posted replies but will post a new version soon 17:05:33 <armax> s3wong, cathy_: yes I am looking forward to it 17:05:49 <cathy_> bouthors: Yes, we can discuss that 17:05:53 <armax> I’ll review it to make sure we captured all the main points of our latest discussions 17:05:59 <cathy_> armax: OK 17:06:51 <bouthors> cathy_: ok 17:06:54 <cathy_> For the Chain parameter object, Louis thinks there should be a link from the service chain object to this separate chainparam object. 17:07:26 <cathy_> OK with everyone? 17:07:28 <s3wong> cathy_: extension? 17:07:59 <LouisF> s3wong: what do you mean by extension? 17:08:06 <cathy_> s3wong: yes, the parameter will be modeled as an extension of the SFC object and there will be a separate API to create that chainparam object 17:08:51 <s3wong> LouisF: the parameter blob would not really be part of the API, but rather an extension 17:09:05 <cathy_> This is based on suggestion from Armando to create a separate chainparam object to specify the encap mechanism and failurepolicy 17:09:17 <LouisF> armando you proposed a separate chain parameter extension - seems a good idea 17:09:17 <bouthors> cathy_: so in the cli we will have to provide a name or a uuid for the chainparm object 17:09:33 <LouisF> bouthors: yes 17:09:55 <cathy_> For this phase, the encap mechansim in the chainparam will be "none" 17:10:24 <s3wong> cathy_: +1 17:10:54 <cathy_> which means we will not support the NSH for now which is suggested by Armando and Paul since OVS has not officially support NSH yet 17:10:54 <bouthors> cathy_: why do we call it "encap mechanism" instead of "chaining mechanism"? 17:11:27 <Swami> cathy_: this is to get rid of the dependency in the OVS. 17:11:45 <cathy_> bouthors: I am open to the naming. 17:12:08 <cathy_> Swami: yes, kindof 17:12:16 <Swami> cathy_: thanks 17:12:18 <LouisF> we will add the chainparam it the next version of the doc so please review 17:12:31 <LouisF> it -> to 17:12:42 <s3wong> Swami: this is more to simplify stuff to ensure we have everything we need in OVS such that we can make progress in Liberty 17:12:56 <cathy_> for naming, which one we should use? everyone? 17:12:59 <Swami> s3wong: understood 17:13:19 <cathy_> encap or chaining mechanism? 17:13:42 <pcarver> chaining mechanism sounds more general. I think that could be good. 17:13:53 <s3wong> cathy_: do we expect it to do more than specifying encap mechanism? 17:14:02 <bouthors> cathy_, there could be multiple ways to encapsulate in NSH for example. 17:14:04 <LouisF> encap-mech seems fine to me 17:14:07 <amotoki> is it about packet format? or is it more than it? 17:14:35 <cathy_> amotoki: it is about packet format 17:14:37 <pcarver> we've done some service chaining research based on MAC re-writing that doesn't use any encapsulation 17:14:53 <cathy_> pcarver: that means the mechanism is none 17:14:57 <amotoki> if it is about packet format, "encap" sounds better to me. we will think more than the format by "chaining mechanism" 17:15:33 <LouisF> dolson have a well defined way using vlan-id to steer 17:15:48 <cathy_> it is about packet format and how to correlate a packet with a chain 17:16:04 <LouisF> how about correlation-mech 17:17:11 <LouisF> i'm open to any reasonable as long as its meaning is well undestood 17:17:36 <cathy_> The mechanism could be NSH-type1, NSH-type2, VLAN, Virtual EthernetPort, etc. For this phase, it will be none. We can discuss in later phase which one to support 17:18:06 <bouthors> but then you could has NHS for data center, and NSH for Gi-LAN 17:18:27 <cathy_> bouthors: that is counted as one mechanism 17:18:41 <cathy_> it does not matter which scenario it is used. 17:19:04 <cathy_> SO how about we call it "correlation mechanism"? Any "no" to this naming? 17:19:15 <LouisF> +1 17:19:26 <bouthors> +1 17:19:31 <Vikram_> +1 17:19:31 <pcarver> +1 17:20:01 <cathy_> #agreed We will use "correlation mechanism" 17:20:22 <Mohankumar_> +1 17:20:22 <Swami> +1 17:21:04 <cathy_> In the chain object, we will have ref to the chainparam object and have a separate API to create the chainparm. Any objection on this? 17:21:23 <cathy_> Let's vote:-) 17:21:26 <LouisF> +1 17:21:30 <bouthors> +1 17:21:55 <Vikram_> +1 17:22:19 <pcarver> +1 17:22:36 <Brian__> +1 17:22:38 <Mohankumar_> +1 17:22:39 <cathy_> #agree In the chain object, we will have ref to the chainparam object and have a separate API to create the chainparm 17:22:43 <Swami> no objection 17:22:50 <cathy_> Swami: :-) 17:23:27 <cathy_> now let's discuss format of the ChainParam? 17:24:15 <cathy_> Sorry what I mean is the parameter attribute format of the flow classifier 17:24:23 <cathy_> 1. A single parameter attribute (dict of name-value pairs for the classifier fields) as shown here. 2. Individual attributes for the classifier fields. 17:24:41 <cathy_> Which option we should go for? everyone? 17:25:07 <LouisF> bouthors: you have proposed a general way of encoding the classifier parameters including L7 parameters 17:25:09 <cathy_> 1. as shown in the spec? or 2? 17:25:38 <cathy_> bouthors: what's your input? 17:25:38 <bouthors> we should push for a mechanism allowing for some extensions. 17:25:49 <cathy_> bouthors: agree 17:26:07 <bouthors> my proposal is a have a dictionnary of fields 17:26:16 <LouisF> bouthors: do you have link to your doc? 17:26:31 <cathy_> bouthors: OK, how about others' opinion? 17:26:32 <bouthors> and then the chainparm can contain a list of pairs fieldname, fieldvalue 17:26:46 <LouisF> #link https://docs.google.com/document/d/1NkDwbAkPEfe-JuO37P5ZJ3wMH3LFpKCZBoB82hsb-t8/edit 17:26:53 <bouthors> I gave an example in the mailing list. 17:27:18 <bouthors> LouisF, thx 17:27:40 <LouisF> what we have today is dict of name-value pairs 17:28:27 <LouisF> armax: you mentioned that dict result in a lot of complexity in the coding and db 17:28:42 <armax> LouisF: ues 17:28:43 <s3wong> LouisF: wow... that is complicated... 17:29:06 <LouisF> s3wong: is there a better way to handle extensibility? 17:29:21 <bouthors> For example, ODL wants a way to do chaining between GBP groups of different tenants. We will not be able to define such a chain. 17:29:40 <armax> LouisF: let’s take this offlne, I don’t think we’ll be able to wrap this up here 17:29:51 <s3wong> so how many APIs we have to go through before we can specify something like "all traffic with destination port 80" 17:30:45 <s3wong> LouisF: I do think we need to strike a balance between extensibility and usability --- particularly during phase one 17:30:46 <LouisF> s3wong: we need to have an api that is reasonably straight-foward and yet allows for extensibility 17:30:56 <bouthors> The idea is that the dictionary are preconfigured. so in practise we don't change the number of APIs 17:31:30 <bouthors> The idea is that the dictionary are preconfigured. so in practise we don't change the number of APIs used 17:31:41 <cathy_> armax: I think we need to reach consensus so that we can update the spec based on consensus. Louis has listed two options. ANy other option? Let's discuss the cons and pros of each one and pick one. 17:32:25 <cathy_> s3wong: what is your suggestion? 1 or 2 or another way? 17:32:42 <LouisF> having individual attributes for the more common classifiers fields eg protocol, src/dest port, ip-prefixies make sense 17:33:49 <s3wong> cathy_: even with dictionary of fields, the fields need to be specified, right? 17:33:59 <cathy_> Individual attributes means we do not group the flow descriptors. 17:34:05 <cathy_> s3wong: yes 17:34:21 <LouisF> then additional fields can be handled by a more extensible format 17:34:37 <LouisF> s3wong: yes 17:34:51 <armax> cathy_: let me go over LouisF’s comments on the spec 17:35:07 <cathy_> dictionary means we group the flow descriptors into a "parameter" field. 17:36:01 <LouisF> armax: my comment: The parameter attribute was introduced to allow for extensibility. Two options here: 1. A single parameter attribute (dict of name-value pairs for the classifier fields) as shown here. 2. Individual attributes for the classifier fields. Defer to experts on REST API design for best approach for extensibility, readability, and simplest design. 17:36:05 <cathy_> armax: OK. let us know your pick when you are done. 17:36:44 <bouthors> I woud rather choose option 2 17:37:03 <Vikram_> I vote for 2. 17:37:32 <LouisF> +1 for 2 17:37:54 <cathy_> s3wong: ? 17:37:57 <armax> cathy_: at first glance it looks like 2 would be the way to go 17:38:07 <cathy_> AFAIK, Armando likes 2 too 17:38:29 <cathy_> armax: cool. So looks most people likes 2 17:38:33 <armax> cathy_: well I dislkike the dict approach 17:38:36 <s3wong> cathy_: sure, option 2 would be better than parsing a dictionary either at API level or driver 17:39:26 <cathy_> #agree the flow descriptors in Flow Classifier will go for Individual attributes for the classifier fields. 17:39:35 <Swami> :q! 17:39:43 <cathy_> Cool! 17:40:06 * s3wong thinks Swami is using vi commands on his IRC client 17:40:12 <cathy_> Any more questions on the spec that anyone would like to discuss? 17:40:20 <LouisF> will update next version with option 2 17:40:22 <Swami> s3wong: sorry wrong context 17:40:38 <s3wong> Swami: :-) 17:40:49 <LouisF> Swami: understood 17:41:40 <cathy_> pcarver: do you have more comments? we can discuss here. otherwise we will update based on all the comments and consensus. We need to get the spec merged as soon as possible which is the team's desire. 17:42:33 <LouisF> will update with the CLI commands 17:42:52 <LouisF> per your suggestion armando 17:43:17 <cathy_> Do we need to post REST API (JSON) examples in the spec? 17:43:56 <Vikram_> +q 17:43:58 <Vikram_> +1 17:44:06 <Vikram_> It will be good.. 17:44:20 <LouisF> i think the tables are sufficient 17:44:25 <pcarver> cathy_: no I don't have a strong opinion on this point 17:44:27 <Mohankumar_> Vikram agree 17:44:32 <amotoki> JSON example would help us understand. I think we can skip CLI example. 17:44:44 <cathy_> pcarver: OK, thanks. 17:44:51 <Vikram_> cathy_:atleast resource name becomes clear and CLI will not have last time surprises 17:45:04 <Swami> you can just add a wiki to show how the rest api works or looks. 17:45:44 <cathy_> So we will post a few JSON examples for illustrative purpose. 17:45:57 <Vikram_> +1 17:46:17 <cathy_> #agree the next version will post a few JSON examples for illustrative purpose 17:46:44 <bouthors> Why do we need to have exclusivity between neutron_port and using other individual ones in ChainingParms? 17:48:38 <LouisF> bouthors: is a neutron port is specified that woul include MAC address, IP address, etc 17:48:48 <cathy_> Each chain can have multiple classifiers. If the user wants multiple flows to go through a chain, he cna specify multiple classifiers with one using neutron port and others using IP address etc. params. 17:49:02 <cathy_> It is more clean to not mix them in one classifier. 17:49:32 <bouthors> But we cannot say "trafic from this port, aimed at this dest" 17:49:42 <cathy_> Neutron port itself already includes IP address etc. 17:50:36 <cathy_> I think I added a reply int the spec that we will add source neutorn port and destination neutron port. 17:51:05 <LouisF> bouthors: yes, good point 17:51:44 <cathy_> bouthors: could you be more specific about your point? 17:52:09 <cathy_> we have 8 minutes left 17:52:24 <LouisF> so you mean from, say, neutron-port=X, tcp-port=80 17:53:04 <bouthors> we can take it on the mailing list, I was thinkg neutron-port-src=W, des=x.y.x.z.t/24 17:53:30 <cathy_> your case is covered already 17:53:53 <cathy_> sorry not covered 17:54:07 <bouthors> ok 17:54:26 <cathy_> Ok, I think we probably should lift the restriction to allow more flexible specificaiton of the flow descriptors 17:55:26 <LouisF> bouthors: agree we need to support that, but what if it both src-neutorn-port=X (which has an IP address) and src-ip=10.1.1.1 are specified? 17:55:32 <cathy_> I think we should remove the restriction. Any different opinions on this? 17:55:58 <LouisF> need to set precedence rules for the validation 17:56:03 <s3wong> cathy_: what is the restriction? 17:56:38 <Vikram_> LouisF: what do you mean precedence? 17:56:56 <LouisF> s3wong: see line 221 17:57:03 <bouthors> The parameters given must not contract themselves. For ex port-max < port -min , but also Louis example 17:57:19 <Vikram_> you mean follow some order for classification? 17:57:55 <LouisF> Vikram_: no, see my comment above: at if it both src-neutorn-port=X (which has an IP address) and src-ip=10.1.1.1 are specified? 17:58:06 <cathy_> Vikram_: Louis means the code internally needs to do some validation as bouthors mentioned. 17:58:33 <Vikram_> cathy_, LouisF: understood 17:58:49 <LouisF> will update spec on this 17:59:00 <cathy_> #agreed remove the restriction about Neutron port and other flow descriptors. 17:59:20 <s3wong> one minute 17:59:24 <cathy_> #agreed remove the restriction about combination of Neutron port and other flow descriptors. 17:59:30 <Vikram_> left :-) 17:59:43 <amotoki> do we have any meeting agenda wiki page? 17:59:43 <cathy_> great discussion.time is up. thanks everyone. bye now 17:59:53 <bouthors> bye 17:59:55 <amotoki> i would like to see pointers before meeitngs. 18:00:03 <Vikram_> bye 18:00:05 <s3wong> bye 18:00:05 <Swami> bye 18:00:05 <cathy_> amotoki: we will set it up 18:00:13 <cathy_> But we have meeting logs 18:00:16 <pcarver> bye 18:00:21 <cathy_> #endmeeting