Thursday, 2017-11-02

*** bbbbzhao_ has joined #openstack-fwaas		01:42
*** AlexeyAbashkin has joined #openstack-fwaas		04:18
*** bbbbzhao_ has quit IRC		04:22
*** AlexeyAbashkin has quit IRC		04:22
*** yamamoto has joined #openstack-fwaas		04:24
*** eN_Guruprasad_Rn has joined #openstack-fwaas		04:57
*** eN_Guruprasad_Rn has quit IRC		05:12
*** eN_Guruprasad_Rn has joined #openstack-fwaas		05:46
*** annp has quit IRC		07:16
*** openstackgerrit has joined #openstack-fwaas		07:40
openstackgerrit	OpenStack Proposal Bot proposed openstack/neutron-fwaas master: Updated from global requirements https://review.openstack.org/516953	07:40
openstackgerrit	OpenStack Proposal Bot proposed openstack/neutron-fwaas master: Updated from global requirements https://review.openstack.org/516953	07:40
*** AlexeyAbashkin has joined #openstack-fwaas		07:58
*** annp has joined #openstack-fwaas		08:15
*** yamamoto has quit IRC		09:18
*** yamamoto has joined #openstack-fwaas		09:24
*** yamamoto has quit IRC		09:28
*** yamamoto has joined #openstack-fwaas		09:35
*** yamamoto has quit IRC		09:35
*** yamamoto has joined #openstack-fwaas		09:57
*** yamamoto has quit IRC		11:16
*** yamamoto has joined #openstack-fwaas		11:19
*** yamamoto has quit IRC		11:24
*** yamamoto has joined #openstack-fwaas		12:11
*** yamamoto has quit IRC		12:15
*** yamamoto has joined #openstack-fwaas		12:15
*** yamamoto has quit IRC		12:20
*** eN_Guruprasad_Rn has quit IRC		12:38
*** eN_Guruprasad_Rn has joined #openstack-fwaas		12:39
*** yamamoto has joined #openstack-fwaas		12:47
*** yamamoto has quit IRC		12:47
*** yamamoto has joined #openstack-fwaas		12:50
*** eN_Guruprasad_Rn has quit IRC		12:55
*** eN_Guruprasad_Rn has joined #openstack-fwaas		12:55
*** eN_Guruprasad_Rn has quit IRC		13:03
*** eN_Guruprasad_Rn has joined #openstack-fwaas		13:05
*** eN_Guruprasad_Rn has quit IRC		13:10
*** eN_Guruprasad_Rn has joined #openstack-fwaas		13:23
*** AlexeyAbashkin has quit IRC		13:23
*** yamamoto has quit IRC		13:24
*** yamamoto has joined #openstack-fwaas		13:28
*** AlexeyAbashkin has joined #openstack-fwaas		13:45
*** hoangcx_ has joined #openstack-fwaas		13:49
openstackgerrit	OpenStack Proposal Bot proposed openstack/neutron-fwaas master: Updated from global requirements https://review.openstack.org/516953	13:50
*** hoangcx_ has quit IRC		13:52
*** annp_ has joined #openstack-fwaas		13:53
*** hoangcx_ has joined #openstack-fwaas		13:53
*** SarathMekala has joined #openstack-fwaas		13:57
*** yushiro has joined #openstack-fwaas		13:59
yushiro	hi	14:00
annp_	hi yushiro	14:00
SarathMekala	hi all O/	14:00
yushiro	#startmeeting fwaas	14:00
openstack	Meeting started Thu Nov 2 14:00:32 2017 UTC and is due to finish in 60 minutes. The chair is yushiro. Information about MeetBot at http://wiki.debian.org/MeetBot.	14:00
openstack	Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.	14:00
*** openstack changes topic to " (Meeting topic: fwaas)"		14:00
openstack	The meeting name has been set to 'fwaas'	14:00
yushiro	#chair xgerman_ yushiro	14:01
openstack	Current chairs: xgerman_ yushiro	14:01
*** SridarK has joined #openstack-fwaas		14:01
yushiro	#chair SridarK	14:01
openstack	Current chairs: SridarK xgerman_ yushiro	14:01
SridarK	Hi FWaaS folks	14:01
yushiro	OK folks, let's begin.	14:01
yushiro	#topic Queens	14:02
*** openstack changes topic to "Queens (Meeting topic: fwaas)"		14:02
yushiro	L2-agent: https://review.openstack.org/#/c/323971/	14:03
xgerman_	o/	14:04
yushiro	Sorry folks, I was in sick this week and there is no update..	14:04
annp_	Regarding to L2 agent: i just added allowed_address_pairs and port_security_enabled to port_details	14:04
yushiro	annp_, Great. thanks.	14:04
annp_	yushrio, i was in sick also :)	14:04
yushiro	annp_, Really. Please take care of it.	14:04
SridarK	yushiro: annp_ hope u guys get better soon	14:05
annp_	yushiro, yes. I got stomachache hichic	14:05
yushiro	SridarK, Thank you so much.	14:05
annp_	SridarK, thank so much.	14:05
xgerman_	SridarK: +1	14:05
SridarK	I have started a deployment and will run tests - i have been busy on some internal deadlines	14:05
annp_	SridarK, thanks so much.	14:05
yushiro	SridarK, OK.	14:06
SridarK	yushiro: we can sync on Mon and look thru things and try to merge this next week	14:06
yushiro	SridarK, Sure. will do.	14:06
yushiro	Hopefully we can meet in Sydney with fine condition :)	14:07
yushiro	OVS based L2 firewall driver https://review.openstack.org/#/c/447251	14:07
yushiro	Is there some update, annp_ ? I think we're testing in current patch.	14:08
annp_	Regarding to l2 driver, I have a concerning to egress_rules and ingress_rule	14:09
annp_	chandanc, are you here?	14:10
yushiro	SarathMekala, is chandan today ??	14:10
annp_	yushiro, currently, I'm focusing to co-existence between sg and fwg	14:10
SarathMekala	he said he will join..	14:11
yushiro	SarathMekala, Good news. Thanks :)	14:11
SarathMekala	I had a discussion in the morning :)	14:11
annp_	yushiro, SarathMekala, Can you check my comments in l2 driver patch?	14:11
annp_	Regarding to co-existence: i have a problem with conntrack	14:12
yushiro	annp_, You commented that rules are reversing 'ingress -> egress', right?	14:12
annp_	yushiro, yes!	14:12
yushiro	annp_, Is it OVS side issue? or firewall driver's issue?	14:13
annp_	issue related to co-existence: when i create VM1 is attached to SGA and VM2 is attached to SGB	14:14
annp_	SGA and SGB has icmp rule	14:14
annp_	I attached VM1 to FWGA has icmp-allow,	14:14
annp_	I try to ping from VM2 to VM1 it's ok.	14:14
SridarK	annp_: the SGA & SGB - do they have a permit or deny ?	14:15
SridarK	for icmp	14:15
annp_	But when i delete icmp-allow in FWGA, i try to ping from vm2 to vm1, i expect we couldn't reachout VM1, but result not good\	14:16
annp_	SridraK, in security group all rules are allow.	14:16
SridarK	oh sorry SG ok	14:17
annp_	conntrack state has been changed to +est-rep+rpl,	14:17
annp_	I guess problem related to conntrack change from per port to per network	14:18
annp_	https://github.com/openstack/neutron/commit/4f6aa3ffde2fd68b85bc5dfdaf6c2684931f3f61#diff-9639565b2ec91f2afe0f63f0cd4c189b	14:19
yushiro	annp_, Hmm, OK. But, is it possible to fix in firewall side?	14:21
xgerman_	yeah, also why would our L2 not work per port?	14:22
annp_	yushiro, I think we can fix that.	14:22
annp_	xgerman_, yes. I'm thinking about that.	14:23
yushiro	'per port' is suitable I think.	14:23
xgerman_	yeah, my understanding was that FWG and SG worked the same	14:24
xgerman_	in L2	14:24
annp_	xgerman_, yeah, i think so too. But i don't understand, why conntrack state change to OF_STATE_ESTABLISHED_REPLY	14:25
annp_	https://review.openstack.org/#/c/447251/47/neutron_fwaas/services/firewall/drivers/linux/l2/openvswitch_firewall/firewall.py@646	14:25
annp_	This flow made co-existence broken in above case!	14:26
yushiro	annp_, Could you write down how to reproduce into the etherpad? https://etherpad.openstack.org/p/fwaas-v2-l2	14:26
annp_	yushiro, OK. I will do that now.	14:27
yushiro	annp_, Thanks.	14:27
annp_	Can we comeback this problem later?	14:27
annp_	So Please go ahead	14:27
yushiro	OK, let's move on.	14:28
SridarK	annp_: do u need to pull in chandanc in to the discussion ?	14:28
yushiro	+1, it's better to sync with chandan about that.	14:28
annp_	SridarK, Yes. That's great!	14:28
SarathMekala	annp_, will inform him... please send a mail with him in loop as well	14:29
SridarK	annp_: maybe send an email out and sched a time for discussion	14:29
SridarK	SarathMekala: ditto	14:29
SarathMekala	:)	14:30
yushiro	+1 It's better to paste etherpad link :)	14:30
annp_	SridarK, SarathMekala, I will do on tomorrow. I'm in home now. :)	14:30
SridarK	yushiro: maybe we can discuss on Mon as well - i am not too familiar with the driver changes	14:30
SridarK	annp_: +1	14:31
yushiro	SridarK, yes	14:31
yushiro	#topic Horizon support	14:31
*** openstack changes topic to "Horizon support (Meeting topic: fwaas)"		14:31
yushiro	All of future improvements migrated into launchpad: https://bugs.launchpad.net/neutron-fwaas-dashboard	14:32
yushiro	And sorry for late. I've already pushed release for dashboard: https://review.openstack.org/#/c/516549/	14:32
SarathMekala	+1 super	14:33
xgerman_	+1	14:33
SridarK	yushiro: thx	14:33
yushiro	Regarding releasing, thanks for your +1.	14:33
yushiro	Regarding v2 dashboard bugs on launchpad, there are 2 points. 'Bug' and 'improvement'. as amotoki said, 'improvement' should be migrated into Blueprint.	14:34
SarathMekala	I have started a google doc on the enhancements @ https://docs.google.com/document/d/1yKreFzwHsp-TMhB1xDH-EhGHBTGawFAaG1x6ukGJUK4/edit?usp=sharing	14:35
SarathMekala	its still WIP.. once I get your suggestions will start a blueprint with it	14:35
yushiro	SarathMekala, awesome!!!	14:35
SridarK	SarathMekala: great	14:35
yushiro	SarathMekala, I think it's much more better to refer related bug on launchpad :)	14:36
SarathMekala	yushiro, sure.. I will do that	14:37
yushiro	I'll also comment on your google doc :)	14:37
SarathMekala	sure	14:38
yushiro	SarathMekala, Can I paste google doc link on our weekly etherpad?	14:38
SarathMekala	sure.. go ahead	14:38
SridarK	yushiro: +1	14:38
SarathMekala	even the etherpad needs some clean up.. I created some sections but could not fill them up	14:39
yushiro	SarathMekala, done.	14:39
SarathMekala	+1	14:39
yushiro	OK, anything else to discuss about dashboard?	14:40
SarathMekala	thats for now..	14:40
yushiro	OK, let's move on.	14:40
SarathMekala	amotoki, do you have anything to discuss?	14:40
*** eN_Guruprasad_Rn has quit IRC		14:41
yushiro	I heard that amotoki has not good condition. Maybe he is not here..	14:41
SarathMekala	ok.. please carry on	14:42
yushiro	#topic Stadium Compliance	14:42
*** openstack changes topic to "Stadium Compliance (Meeting topic: fwaas)"		14:42
yushiro	reedip , I think you're busy before summit. Do you have something to update?	14:43
*** reedip_ has joined #openstack-fwaas		14:43
reedip_	i m late... sorry	14:43
yushiro	reedip, OK. Anything to discuss about Stadium Compliance?	14:43
reedip_	nope, but I think there needs to be a report for fwaas, isnt it ? There were some migration patches ( where in neutron functions have been migrated to lib and the same are to be incorporated in our repo ) but I think they took a back seat some time back due to L2	14:44
xgerman_	let’s get L2 done unless we get complains	14:45
SridarK	i think most things are done except for the fullstack PS	14:45
xgerman_	+1	14:46
SridarK	and reedip_ started on that	14:46
SridarK	but xgerman_ agreed on L2 priority	14:46
reedip_	but I am stuck in that , needed some assistance a while back ... I havent been able to contrbute for some weeks owing to company work... but will start again on weekends and spare time :)	14:46
xgerman_	any manager we know and can lean on ?	14:47
SridarK	:-)	14:47
reedip_	umm , not here , but dont worry , I have been multi tasking , so will be back from Saturday	14:47
SridarK	reedip_: no worries - i think everyone is kind of in that boat	14:48
reedip_	give me tomorrow :P	14:48
reedip_	yeah, I know :D	14:48
xgerman_	SridarK +1	14:48
yushiro	wow, reedip_ you're preparing Sydney summit presentation, right? multi-task!!	14:48
reedip_	No , I am not coming to Sydney	14:48
reedip_	travel not supported :(	14:48
xgerman_	BTW: The foundation wants to play a more active role in devs getting support	14:49
reedip_	I talked to mlavalle about someone else taking my session	14:49
xgerman_	reedip	14:49
yushiro	oh, really. I've seen your presentation. I see.	14:49
reedip_	xgerman_ I hope so ... because the attrition is getting higher	14:49
reedip_	yushiro : where ? Can you send the link ? I think I may have skipped it :)	14:50
xgerman_	yeah, if you need travel grants, etc. you can reach out to them	14:50
reedip_	I dont think its possible now :)	14:50
yushiro	https://www.openstack.org/summit/sydney-2017/summit-schedule/global-search?t=reedip	14:50
reedip_	for sydney	14:50
yushiro	You're moderator.	14:51
yushiro	sorry, not prezentation but forum.	14:52
reedip_	yeah, thats the catch :(	14:52
xgerman_	yep — reedip_ give it a try — they might have hotel rooms they haven’t filled	14:52
yushiro	:)	14:53
reedip_	nevermind, next summit/PTG	14:53
reedip_	xgerman_ btw I think the foundation would like to give travel grants to core devs ;)	14:54
yushiro	#topic Open Discussion	14:54
*** openstack changes topic to "Open Discussion (Meeting topic: fwaas)"		14:54
reedip_	for eg. Yushiro got it for PTG :)	14:54
xgerman_	yeah, I got my fair share of grants, too	14:54
xgerman_	but I am funded for Dublin ;-)	14:55
yushiro	reedip_, yes, I was so lucky.	14:55
xgerman_	+1	14:55
yushiro	bzhao, Thanks for your update your audit notification spec.	14:55
yushiro	bzhao, I'll check the latest version of your spec.	14:55
reedip_	yushiro : we are doing open discussion :)	14:55
yushiro	Yes :)	14:56
reedip_	yeah , i need to get back to help bzhao .. he has been doing a lot of work on the specs , and I am not able to help him out	14:56
SarathMekala	I reviewed the firewall audit spec and gave some comments today	14:56
SarathMekala	please take a look	14:56
xgerman_	I am a bit worried about availability zones in the spec.	14:56
xgerman_	If somebody life migrates info becomes stale	14:57
reedip_	hmm... xgerman ny reason	14:57
reedip_	k	14:57
yushiro	xgerman_, Yeah, I don't catch up a correct reason to handle 'availability_zone' either.	14:57
yushiro	SarathMekala, Good :)	14:58
xgerman_	yep, the whole nova AZ, cell, etc. concept is pretty opaque to me	14:58
yushiro	So, folks, how about next week's IRC meeting?	14:58
xgerman_	and it seems to mean different things to different operators	14:58
xgerman_	yushiro +1	14:58
reedip_	lemme get an opinion on that from a nova core	14:59
xgerman_	reedip_ +1	14:59
SridarK	at time	15:00
yushiro	Oh, it's time	15:00
yushiro	#endmeeting	15:00
*** openstack changes topic to "#openstack-fwaas"		15:00
openstack	Meeting ended Thu Nov 2 15:00:38 2017 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)	15:00
openstack	Minutes: http://eavesdrop.openstack.org/meetings/fwaas/2017/fwaas.2017-11-02-14.00.html	15:00
openstack	Minutes (text): http://eavesdrop.openstack.org/meetings/fwaas/2017/fwaas.2017-11-02-14.00.txt	15:00
openstack	Log: http://eavesdrop.openstack.org/meetings/fwaas/2017/fwaas.2017-11-02-14.00.log.html	15:00
SridarK	thanks all for joining	15:00
SarathMekala	bye all O/	15:00
yushiro	Yeah, thank you.	15:00
xgerman_	o/	15:01
yushiro	Regarding next IRC meeting, will discuss in ML.	15:01
doude	hi	15:01
*** hoangcx_ has quit IRC		15:01
SridarK	yushiro: yes - i think we can cancel	15:01
SridarK	yushiro: lets figure out logistics to connect on Mon	15:02
SridarK	we can review the L2 PS and coordinate with xgerman_ to merge	15:02
amotoki	sorry for that. I was offline during the meeting :(	15:02
amotoki	was there any topic I need to be involved in?	15:02
SridarK	amotoki: i think nothing critical - SarathMekala wanted to check if there was something u wanted to discuss on Dashboard	15:03
yushiro	SridarK, Sure. I'll on Sydney on Sunday morning. It's OK to meet in after keynote or lunch time.	15:04
SridarK	yushiro: sounds good	15:04
yushiro	SridarK, I have to attend another forum from 15:20 - 16:00, so it's OK except this time :)	15:04
yushiro	SridarK, anyway, I'll send e-mail for my telephone number in Sydney tomorrow or day after tomorrow.	15:05
amotoki	SridarK: thanks. I see. we can discuss with SarathMekala later. possibly we can discuss it in Sydney too	15:05
*** reedip_ has quit IRC		15:06
yushiro	+1+1	15:06
annp_	SridarK, yushiro, xgerman_, i just updated test case for co-existence between SG and FWG: https://etherpad.openstack.org/p/fwaas-v2-l2	15:06
yushiro	Thank annp_	15:06
*** SarathMekala has quit IRC		15:06
yushiro	I'll go to bed.. Thanks today.	15:07
yushiro	good night.	15:07
annp_	yushiro, you're welcome! tomorrow, i will share with you about our implementation!	15:08
yushiro	annp_, thanks	15:08
*** yushiro has quit IRC		15:08
annp_	see you! good night.	15:08
SridarK	annp_: thx	15:17
SridarK	amotoki: sounds good will meet at Sydney	15:17
amotoki	SridarK: thanks. email or IRC will work for me. ping me if the time is fixed. i will try to join :)	15:21
*** eN_Guruprasad_Rn has joined #openstack-fwaas		15:22
annp_	SridarK, I will go bed now, see you. Good night, amotoki :)	15:23
amotoki	good night all	15:24
*** annp_ has quit IRC		15:26
*** bzhao has quit IRC		15:38
*** yamamoto has quit IRC		15:41
*** yamamoto has joined #openstack-fwaas		15:43
*** yamamoto has quit IRC		15:48
*** AlexeyAbashkin has quit IRC		15:53
*** yamamoto has joined #openstack-fwaas		16:04
*** yamamoto has quit IRC		16:04
*** eN_Guruprasad_Rn has quit IRC		16:13
*** SridarK has quit IRC		16:29
*** vks1 has joined #openstack-fwaas		16:52
*** vks11 has joined #openstack-fwaas		17:00
*** vks1 has quit IRC		17:01
*** yamamoto has joined #openstack-fwaas		17:05
*** yamamoto has quit IRC		17:12
*** AlexeyAbashkin has joined #openstack-fwaas		17:31
*** AlexeyAbashkin has quit IRC		17:35
*** vks11 has quit IRC		17:58
*** SumitNaiksatam has joined #openstack-fwaas		18:01
*** AlexeyAbashkin has joined #openstack-fwaas		18:09
*** AlexeyAbashkin has quit IRC		18:14
*** vishwanathj has quit IRC		19:23
openstackgerrit	OpenStack Proposal Bot proposed openstack/neutron-fwaas master: Updated from global requirements https://review.openstack.org/516953	19:24
openstackgerrit	OpenStack Proposal Bot proposed openstack/neutron-fwaas master: Updated from global requirements https://review.openstack.org/516953	19:32
*** SumitNaiksatam has quit IRC		20:10
*** AlexeyAbashkin has joined #openstack-fwaas		21:08
*** AlexeyAbashkin has quit IRC		21:13
*** yamamoto has joined #openstack-fwaas		21:51
*** AlexeyAbashkin has joined #openstack-fwaas		22:08
*** AlexeyAbashkin has quit IRC		22:13
openstackgerrit	OpenStack Proposal Bot proposed openstack/neutron-fwaas master: Updated from global requirements https://review.openstack.org/516953	23:15

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!