Tuesday, 2019-02-12

« Monday, 2019-02-11 Index Wednesday, 2019-02-13 »
openstackgerritMaysa de Macedo Souza proposed openstack/kuryr-kubernetes master: Fix SG rules on targetPort update  https://review.openstack.org/63503900:06
*** rh-jelabarre has quit IRC00:11
*** rh-jelabarre has joined #openstack-kuryr00:13
*** rh-jelabarre has quit IRC00:59
*** hongbin has joined #openstack-kuryr02:29
*** janki has joined #openstack-kuryr04:30
*** hongbin has quit IRC05:30
*** gcheresh has joined #openstack-kuryr06:17
*** ccamposr has joined #openstack-kuryr07:04
*** snapiri has joined #openstack-kuryr07:24
*** gkadam has joined #openstack-kuryr08:08
*** gkadam_ has joined #openstack-kuryr08:15
*** gkadam has quit IRC08:17
*** yboaron_ has joined #openstack-kuryr08:44
*** maysams has joined #openstack-kuryr08:52
*** mrostecki has quit IRC08:58
*** mrostecki has joined #openstack-kuryr09:06
*** jistr_ is now known as jistr09:09
*** yboaron_ has quit IRC09:26
*** yboaron_ has joined #openstack-kuryr09:27
*** garyloug has joined #openstack-kuryr09:45
ltomasboirenab, it will be great if you can take another look to https://review.openstack.org/#/c/634674/09:56
irenabltomasbo, sure, asap09:56
ltomasboirenab, no hurry!09:56
ltomasboirenab, thanks!09:56
irenabltomasbo, feels like some sequence diagram could be helpful to illustrate what are steps port is going though when NetPolicy is applied/changed/removed. Maybe as part of the doc update patch10:06
ltomasboirenab, yes! I agree! I think we need to re-do the spec doc to actually reflect the final implementation10:27
ltomasboirenab, specially after the problems we have been finding while implementing it (like reaction to service/port creation, relabeling, ...)10:27
*** garyloug_ has joined #openstack-kuryr10:32
*** garyloug has quit IRC10:35
openstackgerritMaysa de Macedo Souza proposed openstack/kuryr-kubernetes master: Fix SG rules on targetPort update  https://review.openstack.org/63503910:35
maysamsltomasbo, dulek: I would appreciate if you guys could take another look at ^. I've added your suggestions10:42
*** garyloug__ has joined #openstack-kuryr10:59
ltomasbomaysams, great!11:02
ltomasboI'll take a look asap...11:02
ltomasbogoing to deploy with it!11:02
*** garyloug_ has quit IRC11:03
*** garyloug__ has quit IRC11:05
*** garyloug has joined #openstack-kuryr11:18
openstackgerritMerged openstack/kuryr-kubernetes master: Pools support with Network Policies  https://review.openstack.org/63467411:29
maysamsThank you, ltomasbo!11:36
dulekltomasbo: Would you think the runc vulnerability affects us anyhow in the gate?12:29
dulekltomasbo: IMO it shouldn't matter too much, if somebody wants to do something bad to gate VM's he just need to file a patch that does it in DevStack. :P12:30
dulekltomasbo: And we're using runc from cri-o Ubuntu repos, so I assume it's either already patched or soon will be.12:31
*** janki has quit IRC12:44
*** janki has joined #openstack-kuryr12:44
*** rh-jelabarre has joined #openstack-kuryr13:01
openstackgerritGenadi Chereshnya proposed openstack/kuryr-tempest-plugin master: Fixing service connectivity testing  https://review.openstack.org/63632913:20
ltomasbodulek, umm... probably...13:27
*** openstackgerrit has quit IRC13:37
*** premsankar has joined #openstack-kuryr14:18
*** kmadac has joined #openstack-kuryr14:32
kmadacHello all, we are running project where we need use calico as neutron driver for openstack and we would like to deploy k8s into VMs running in that OpenStack. We would like to run k8s without overlay and would like to use kuryr-kubernetes to use neutron for networking. Is such scenario doable with kuryr-kubernetes? Does kuryr supports Calico, or it14:38
kmadac doesnt matter and it will work regardless used neutron driver?14:38
dulekkmadac: It'll probably fail on vif translations, can you link that calico plugin, you mention?14:42
kmadac@dulek: sure here is the plugin on github: https://github.com/openstack/networking-calico/tree/3.4.0/networking_calico/plugins/ml2/drivers/calico14:44
kmadac@dulek: calico is pure l3 solution so no overlay networks are involved14:45
dulekkmadac: At a glance that doesn't look too bad. I guess the only way would be to try this in DevStack.14:47
*** janki has quit IRC14:47
dulekkmadac: But I think it might work out of the box.14:48
kmadac@dulek: thanks. I was just curious if there are any exprience exisrs with such approach. I will try to deploy it on devstack and test it.14:49
dulekkmadac: Sure, feel free to ask about anything here. Note that all active folks seem to be in European timezones now.14:50
kmadacgreat I'm in europe TZ too14:50
*** gkadam_ has quit IRC14:54
kmadac@dulek: I have one non-technical question. What is the relationship between kuryr and kuryr-kubernetes? Are those to separate projects? Is kuryr targeted on docker networking and kuryr-kubernetes on k8s?14:54
*** gkadam has joined #openstack-kuryr14:54
dulekkmadac: kuryr was docker networking plugin, kuryr-libnetwork was libnetwork implementation and kuryr-kubernetes is CNI implementation.14:54
dulekkmadac: At the moment only the latter is active, you can consider openstack/kuryr and openstack/kuryr-libnetwork as almost dead. :P14:55
dulekkmadac: I think though, that we still import some code from kuryr-libnetwork, but whatever.14:55
*** snapiri has quit IRC14:56
kmadac@dulek: good to know, thanks for info14:56
dulekltomasbo: Oh damn, in case of bulk creation I'll still need to tag ports one-by-one.14:58
dulekltomasbo: That tags API in Neutron is really limited…14:58
ltomasbodulek, really?14:59
ltomasbodulek, can you not added directly to the request?14:59
ltomasbodulek, I think we had that at kuryr-libnetwork actually14:59
dulekltomasbo: For individual create it gave me 400 when including tags in the POST request.15:00
ltomasboumm15:03
ltomasboohh, I see we actually did it as a port_update in kuryr-libnetowrk...15:05
dulekltomasbo: Thanks for checking!15:07
kmadacdulek: yesterdat I had an interesting discussion with calico devs on slack and found out that calico doesnt support octavia in openstack neither lbaasv1/v2 so we will need to use our own LB solution. Does kuryr need lbaas service in OpenStack or can it be deployed without it?15:22
dulekkmadac: You can easily disable K8s Services handling, which would mean - no Octavia needed.15:25
kmadacdulek: perfect :)15:25
dulekkmadac: And if you enable it, Kuryr-Kubernetes will create Octavia LB per K8s Service and make sure it's up to date.15:25
dulekkmadac: Ah, right, but that won't work with Calico being the Neutron plugin. Noted.15:26
dulekkmadac: Just in case - in Stein we dropped support for neutron-lbaas, so now only Octavia is the supported OpenStack LBaaS solution.15:26
kmadac@dulek: yes I've seen that in documentation already15:27
*** gcheresh has quit IRC15:50
*** yboaron_ has quit IRC16:04
*** gkadam has quit IRC16:09
*** gkadam has joined #openstack-kuryr16:14
*** ccamposr has quit IRC16:42
*** ccamposr has joined #openstack-kuryr16:44
*** ccamposr__ has joined #openstack-kuryr16:45
*** ccamposr has quit IRC16:48
*** ccamposr__ has quit IRC16:53
*** maysams has quit IRC16:57
*** aperevalov has quit IRC17:04
*** gkadam has quit IRC17:19
*** spsurya has quit IRC17:40
*** EricAdamsZNC has quit IRC21:06
*** EricAdamsZNC2 has joined #openstack-kuryr21:06
*** premsankar has quit IRC23:48
*** rh-jelabarre has quit IRC23:48
« Monday, 2019-02-11 Index Wednesday, 2019-02-13 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!