Thursday, 2018-02-15

« Wednesday, 2018-02-14 Index Friday, 2018-02-16 »
*** yamamoto has joined #openstack-fwaas03:47
*** yamamoto has quit IRC03:47
*** yamamoto has joined #openstack-fwaas03:51
*** threestrands_ has joined #openstack-fwaas05:09
*** threestrands_ has quit IRC05:09
*** threestrands_ has joined #openstack-fwaas05:09
*** threestrands has quit IRC05:09
*** threestrands_ has quit IRC05:10
*** threestrands_ has joined #openstack-fwaas05:11
*** threestrands has joined #openstack-fwaas05:15
*** threestrands has quit IRC05:15
*** threestrands has joined #openstack-fwaas05:15
*** threestrands_ has quit IRC05:18
*** threestrands has quit IRC05:28
*** threestrands has joined #openstack-fwaas07:09
*** threestrands has quit IRC07:09
*** threestrands has joined #openstack-fwaas07:09
*** AlexeyAbashkin has joined #openstack-fwaas08:08
*** threestrands_ has joined #openstack-fwaas09:21
*** threestrands has quit IRC09:21
*** yamamoto has quit IRC11:01
*** yamamoto has joined #openstack-fwaas11:06
*** yamamoto has quit IRC12:09
*** yamamoto has joined #openstack-fwaas12:22
*** yamamoto has quit IRC12:39
*** yamamoto has joined #openstack-fwaas12:54
*** yamamoto has quit IRC13:05
xgerman_o/14:00
*** yamamoto has joined #openstack-fwaas14:00
*** SridarK has joined #openstack-fwaas14:00
SridarKHi FWaaS folks14:00
xgerman_#startmeeting  fwaas14:01
openstackMeeting started Thu Feb 15 14:01:24 2018 UTC and is due to finish in 60 minutes.  The chair is xgerman_. Information about MeetBot at http://wiki.debian.org/MeetBot.14:01
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.14:01
*** openstack changes topic to " (Meeting topic: fwaas)"14:01
openstackThe meeting name has been set to 'fwaas'14:01
xgerman_#chair SridarK14:01
openstackCurrent chairs: SridarK xgerman_14:01
xgerman_yushiro can’t make it today…14:01
*** chandanc has joined #openstack-fwaas14:01
xgerman_#topic Announcements14:02
*** openstack changes topic to "Announcements (Meeting topic: fwaas)"14:02
xgerman_PTG in Dublin coming up:14:02
xgerman_#link https://etherpad.openstack.org/p/fwaas-rocky-planning14:02
xgerman_RC1 went out last week - not sure if Neutron does an RC-214:03
SridarKHopefully there are no critical issues14:04
xgerman_+114:05
xgerman_Vancouver is coming up as well14:05
xgerman_#link https://www.openstack.org/summit/vancouver-2018/14:05
chandancSridarK: xgerman_ are you goint to attend the summit ?14:06
SridarKchandanc: yes i think i will make Vancouver14:06
chandancok14:07
xgerman_I put in two talks — if I get accepted I will be there and worst case self-fund14:07
SridarKat least as of now - i did make the booking but who knows14:07
chandanc:) all the best14:07
SridarKchandanc: do u think u can make it ?14:07
chandancSridarK: i dont think i can14:07
xgerman_you can always ask for travel support14:08
SridarKok i think budgets are tight for all14:08
chandancxgerman_: is that open to all ?14:08
chandanci though for Core devs14:08
xgerman_I think it’s all14:08
chandancok will try14:08
SridarKchandanc: i think yushiro has used it in the past - so may know some details also14:08
xgerman_I did, too, you fill out some form and they give you money or not14:09
chandanclet me speak to him and find out14:09
xgerman_but I only asked for hotel which is probably easier14:09
chandanclet me check14:09
xgerman_(since they have a number of rooms they need to fill)14:09
chandanc:)14:10
xgerman_aka money is already spent; flights are a different story14:10
chandancok14:10
xgerman_definitely worth a try ;-)14:10
SridarK+114:10
chandancya xgerman_ +114:10
xgerman_#topic FWaaS Dashboard14:11
*** openstack changes topic to "FWaaS Dashboard (Meeting topic: fwaas)"14:11
xgerman_#link https://etherpad.openstack.org/p/fwaas-v2-dashboard14:11
xgerman_We are still aiming to release a “Queens” version14:12
SridarKI think among amotoki: 's list - #link https://review.openstack.org/#/c/541030/ was most important14:13
SridarKI looked but will do some tests to understand more14:13
xgerman_yes, makes sense14:14
SridarKchandanc: if SarathMekala is available can u pls have him look too14:14
chandancSridarK: i spoke to him, he was busy with some work this week, but said he will review them14:14
SridarKI think we will also need to support Default FWG14:15
SridarKchandanc: ok cool thx14:15
xgerman_that was working a while back…14:15
SridarKah so we had support already added in the Dashboard - sorry i had not tested that14:16
SridarKwill look14:16
xgerman_well, it pulls up the groups on the ports — not sure how much changing they allow14:17
SridarKok we probab need something for admin role14:18
SridarKlet me check too and we can discuss14:19
xgerman_+114:20
chandancSridarK: xgerman_ as we are on the topic of dashboard, i have onne suggestion14:20
xgerman_sure14:20
chandancAs the creation of FWG by choosing individual ports is difficult, can we cllow creation of FWG based on VM metadata ?14:21
chandanclike tags/base os(derived from image)/etc14:21
SridarKah interesting14:21
xgerman_yes, we had some vm_name proposal in the Google doc14:22
chandancthis is available on vmware for creation of SG14:22
chandancwe can start a discussion, i think it is mostly UI change right ?14:23
chandancxgerman_: yes that too14:23
xgerman_well, thinking of it that might also be an API thing so you cna have different default FWG based on OS…14:24
chandancyes, can be14:24
xgerman_we should probably file an RfE for it and flesh it out further14:25
SridarKmaybe it can be at ui but u will want the non dasboard approach to also use it14:25
SridarKso i am not so sure14:25
chandanconly think that need to be verified is how to keep FWG updated14:25
chandanc*thing14:25
xgerman_When I understand you right if it’s say a WindowsVM you want an other Default FWG as opposed to a Linux VM14:27
chandancbut the Default FWG association based on attributes can be done14:27
chandancactually iwas think more simple14:27
chandancnow we create a fwg and add ports14:27
xgerman_I don’t think we have that — right now we use the same Default FWG for all VM ports14:28
chandancwaht i was thinking was to allow auery on vm attributes to gather port snd create FWG14:28
xgerman_ah, so not automatically but user needs to do that14:28
chandancyes14:28
chandancjust for the creation14:29
chandancbut we can take it in steps14:29
SridarKbut we want this on when the VM comes up14:29
xgerman_ok, I see benefits in both14:30
xgerman_user wants to apply FWG to all vms with a certian property14:30
chandancSridarK: on boot it can be in Default FWG and then let the user update/create based on attributes for easy port selection14:30
SridarKchandanc: yes defn leads to better user experience14:31
chandancya, i think that part was only UI change14:31
xgerman_yeah, as I said we should look into both… they are orthogonal14:31
xgerman_chandanc: +114:32
chandanc+114:32
SridarKas it is defn harder for VM ports to go seek out ports14:32
SridarKchandanc: may be we can discuss more on a google doc and then file a RFE14:32
chandancyes14:32
xgerman_SridarK: +114:32
chandancsure14:32
xgerman_we can add the UI one to the UI doc14:32
chandancyes14:33
*** doude has quit IRC14:33
xgerman_now, If I had the link handy…14:34
chandancI can start a doc with the first draft14:35
xgerman_sounds good14:35
xgerman_#topic Service Driver Refactor14:36
*** openstack changes topic to "Service Driver Refactor (Meeting topic: fwaas)"14:36
xgerman_trying to track that since it’s our R-1 goal14:36
xgerman_I don’t think we have doude…14:36
SridarKyes we seem to have lost him14:37
SridarKbut i think we have a plan and once the release is done - he can take it to drivers14:38
xgerman_yeah, maybe next week…14:38
xgerman_SridarK: +114:38
xgerman_#topic remote FWG14:38
*** openstack changes topic to "remote FWG (Meeting topic: fwaas)"14:38
xgerman_#link https://review.openstack.org/#/c/521207/14:38
xgerman_now as we have the neutron_lib changes unit tests pass :-)14:39
*** threestrands_ has quit IRC14:39
xgerman_I will try to get the other tests to work, too… and then I need to figure out how to get the ports into OVS14:39
chandancxgerman_: for remote FWG, am i correctly in thinking that the RFWG will define the source/dest ip address in a rule14:40
*** yamamoto has quit IRC14:41
xgerman_well, the remote FWG contains ports and ports have the IP — so if we could do port that might be better but is only L214:41
xgerman_I am not sure if ports can change their IP easily14:42
chandancoh ok got it14:42
SridarKIf i am not mistaken - we are stating "traffic from any port that is a member of the Remote FWG" is allowed14:43
SridarKfor processing the FWG14:43
SridarK* processing in the FWG14:43
xgerman_it’s on a rule so the traffic specified in that rule ;-)14:43
SridarKoh yes14:44
SridarKon the rule14:44
*** doude has joined #openstack-fwaas14:44
*** doude has quit IRC14:44
*** doude has joined #openstack-fwaas14:44
chandanchmm, will have to think 🤔14:44
xgerman_yep, I will see how SecurityGroup solves that ;-)14:45
doudeHi sorry just realized my irc bouncer was down14:45
chandancxgerman_: +114:45
xgerman_doude: no worries we have time to revisit14:46
doudeok14:46
SridarKok i think we can move on this and we dont really need another RFE14:46
xgerman_+114:46
xgerman_#topic Service Driver Refactor14:46
*** openstack changes topic to "Service Driver Refactor (Meeting topic: fwaas)"14:46
SridarKxgerman_: since this is part of the spec14:46
xgerman_+!14:47
*** yamamoto has joined #openstack-fwaas14:48
xgerman_ok, doude go ahead14:48
doudenothing much to say14:49
doudeI did nt have time to work on FWaaS since last week14:50
doudeI plan to do the RFE tomorrow14:50
xgerman_Sounds good.14:50
doudeand look on the rebasing work after14:50
doudethat's all for me14:50
xgerman_Ok14:51
SridarKdoude: sounds good14:51
xgerman_#topic Open Discussion14:51
*** openstack changes topic to "Open Discussion (Meeting topic: fwaas)"14:51
chandancxgerman_: SridarK do we need doc for the service driver14:52
SridarKdoude: has a google doc already14:52
chandancoh, will take a look14:52
doudeyes linked in the launchpad bug14:53
*** yamamoto has quit IRC14:53
chandancsure doude14:53
doudehttp://john.bitsurge.net/public/biglist.p2p.gz14:53
doudeoops wrong url14:53
SridarKdoude: maybe all u need to do is to tag ur current bug with RFE ?14:53
doudehttps://docs.google.com/presentation/d/1_9KkNgIbWYE6tucoym8N7J2xfcQ1XwN8Zuu-ALEUD3U/edit#slide=id.p14:53
doudemay be SridarK14:53
SridarKxgerman_: do u think that should do ?14:54
doudeI have to document to know exactly what is a RFE14:54
doudebut yes if the bug is enough I can use as RFE14:54
SridarKAll u need is a tag14:54
SridarKlook at some neutron drivers mtg logs - and u can see what usually happens14:55
doudehttps://bugs.launchpad.net/neutron/+bug/170231214:55
openstackLaunchpad bug 1702312 in neutron "[FWaaS v2] Does not work with core plugin non based on Neutron DB model" [Undecided,In progress] - Assigned to Édouard Thuleau (ethuleau)14:55
xgerman_yeah, that should be enough14:55
doudeok so I can set the RFE tag myself?14:56
SridarKdoude: https://bugs.launchpad.net/neutron/+bug/173873814:56
openstackLaunchpad bug 1738738 in neutron "[Neutron][Firewall] Extend FWaaS to provide DSCP filtering" [Wishlist,Confirmed] - Assigned to Reedip (reedip-banerjee)14:56
SridarKi think u need to the put the tag in the title - maybe bad example14:57
xgerman_yes, you cna set the tag and assign to yourself14:57
SridarKi think if u look at neutron driver logs u can see some example14:57
xgerman_+114:58
xgerman_also not sure when and if Neutron switches to storyboard14:58
xgerman_(that’s another thing to watch out for)14:58
SridarKoh ok14:58
doudeI updated it with prefix '[RFE]' in the title and the tag 'rfe'14:59
xgerman_+114:59
doudeand it was already assigned to me14:59
SridarK+114:59
xgerman_that should do it ;-)14:59
xgerman_#endmeeting15:00
*** openstack changes topic to "Queens (Meeting topic: fwaas)"15:00
openstackMeeting ended Thu Feb 15 15:00:29 2018 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)15:00
openstackMinutes:        http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-02-15-14.01.html15:00
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-02-15-14.01.txt15:00
openstackLog:            http://eavesdrop.openstack.org/meetings/fwaas/2018/fwaas.2018-02-15-14.01.log.html15:00
SridarKThanks all15:00
xgerman_and that’s a wrap…15:00
xgerman_Thanks all - gotta get breakfast ;-)15:01
chandancbye all15:01
SridarK:-)15:01
doudebye15:04
*** yamamoto has joined #openstack-fwaas15:33
*** yamamoto has quit IRC15:38
*** chandanc has quit IRC16:12
*** yamamoto has joined #openstack-fwaas16:18
*** yamamoto has quit IRC16:23
*** AlexeyAbashkin has quit IRC16:37
*** yamamoto has joined #openstack-fwaas17:03
*** yamamoto has quit IRC17:08
*** chandanc has joined #openstack-fwaas17:29
*** chandanc has quit IRC17:31
*** yamamoto has joined #openstack-fwaas17:32
*** yamamoto has quit IRC17:33
*** yamamoto has joined #openstack-fwaas17:41
*** yamamoto has quit IRC17:46
*** lnicolas has joined #openstack-fwaas17:53
*** SridarK has quit IRC17:53
*** AlexeyAbashkin has joined #openstack-fwaas18:01
*** AlexeyAbashkin has quit IRC18:06
*** SumitNaiksatam has joined #openstack-fwaas18:11
*** yamamoto has joined #openstack-fwaas18:11
*** yamamoto has quit IRC18:16
*** yamamoto has joined #openstack-fwaas18:35
*** yamamoto has quit IRC18:35
*** yamamoto has joined #openstack-fwaas19:35
*** yamamoto has quit IRC19:45
*** AlexeyAbashkin has joined #openstack-fwaas20:15
*** AlexeyAbashkin has quit IRC20:19
*** openstack has joined #openstack-fwaas21:45
*** ChanServ sets mode: +o openstack21:45
*** threestrands has joined #openstack-fwaas22:43
*** threestrands has quit IRC22:43
*** threestrands has joined #openstack-fwaas22:43
« Wednesday, 2018-02-14 Index Friday, 2018-02-16 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!