Friday, 2016-06-03

*** azbiswas has joined #openstack-neutron-ovn		00:00
openstackgerrit	Aaron Rosen proposed openstack/networking-ovn: refactor sg/sgr event handing and add code coverage https://review.openstack.org/324956	00:08
openstackgerrit	Aaron Rosen proposed openstack/networking-ovn: ignore.. testing patch below with ml2 https://review.openstack.org/324957	00:11
*** azbiswas has quit IRC		00:16
openstackgerrit	Aaron Rosen proposed openstack/networking-ovn: refactor sg/sgr event handing and add test coverage https://review.openstack.org/324956	00:17
openstackgerrit	Aaron Rosen proposed openstack/networking-ovn: ignore.. testing patch below with ml2 https://review.openstack.org/324957	00:17
*** doonhammer has quit IRC		00:18
*** banix has quit IRC		00:29
*** jckasper has joined #openstack-neutron-ovn		00:30
*** jckasper has quit IRC		00:35
*** banix has joined #openstack-neutron-ovn		00:41
*** arosen12 has quit IRC		01:15
*** stac has left #openstack-neutron-ovn		01:23
*** jckasper has joined #openstack-neutron-ovn		01:40
*** s3wong has quit IRC		01:46
*** gangil has quit IRC		01:48
*** gangil has joined #openstack-neutron-ovn		02:19
*** yamamoto_ has joined #openstack-neutron-ovn		02:48
*** azbiswas has joined #openstack-neutron-ovn		03:18
*** banix has quit IRC		03:21
*** azbiswas has quit IRC		03:23
*** yamamoto_ has quit IRC		03:45
*** jckasper has quit IRC		04:26
*** yamamoto has joined #openstack-neutron-ovn		04:30
*** chandrav has joined #openstack-neutron-ovn		04:33
*** ssalagame has joined #openstack-neutron-ovn		04:41
*** chandrav has quit IRC		04:51
*** gangil has quit IRC		04:58
*** ssalagame has quit IRC		05:00
*** ssalagame has joined #openstack-neutron-ovn		05:01
*** brad_behle has quit IRC		05:10
*** karthikp has quit IRC		05:11
*** ssalagame has quit IRC		05:15
*** gongysh has joined #openstack-neutron-ovn		05:28
*** ssalagame has joined #openstack-neutron-ovn		06:07
*** ssalagame has quit IRC		06:16
*** openstackgerrit has quit IRC		06:17
*** openstackgerrit has joined #openstack-neutron-ovn		06:18
*** numans has joined #openstack-neutron-ovn		06:23
*** jckasper has joined #openstack-neutron-ovn		06:27
*** jckasper has quit IRC		06:31
*** openstackgerrit has quit IRC		07:03
*** openstackgerrit has joined #openstack-neutron-ovn		07:03
*** fzdarsky\|afk has joined #openstack-neutron-ovn		07:18
*** azbiswas has joined #openstack-neutron-ovn		07:21
*** azbiswas has quit IRC		07:25
*** armax has joined #openstack-neutron-ovn		07:34
*** carl_baldwin has quit IRC		07:58
*** fzdarsky\|afk is now known as fzdarsky		08:19
*** fkautz_ has joined #openstack-neutron-ovn		08:37
*** fkautz_ has quit IRC		08:37
*** fkautz_ has joined #openstack-neutron-ovn		08:38
*** switchca1e has joined #openstack-neutron-ovn		08:38
*** terryw has quit IRC		08:39
*** fkautz has quit IRC		08:39
*** switchcade has quit IRC		08:39
*** otherwiseguy has joined #openstack-neutron-ovn		08:39
*** fkautz_ is now known as fkautz		08:43
*** fkautz is now known as Guest99301		08:43
*** armax has quit IRC		08:45
*** armax has joined #openstack-neutron-ovn		09:01
*** carl_baldwin has joined #openstack-neutron-ovn		09:11
-openstackstatus- NOTICE: CI is experiencing issues with test logs, all jobs are currently UNSTABLE as a result. No need to recheck until this is fixed! Thanks for your patience.		09:37
*** armax has quit IRC		09:40
*** pcaruana has joined #openstack-neutron-ovn		09:44
*** carl_baldwin has quit IRC		10:02
-openstackstatus- NOTICE: CI is experiencing issues with test logs, all jobs are currently UNSTABLE as a result. No need to recheck until this is fixed! Thanks for your patience.		10:09
*** ChanServ changes topic to "CI is experiencing issues with test logs, all jobs are currently UNSTABLE as a result. No need to recheck until this is fixed! Thanks for your patience."		10:09
*** gongysh has quit IRC		10:28
*** jckasper has joined #openstack-neutron-ovn		10:28
*** jckasper has quit IRC		10:33
*** yamamoto has quit IRC		10:35
*** carl_baldwin has joined #openstack-neutron-ovn		10:35
*** banix has joined #openstack-neutron-ovn		10:41
*** banix has quit IRC		10:53
*** palexster has joined #openstack-neutron-ovn		10:57
*** armax has joined #openstack-neutron-ovn		10:57
*** rtheis has joined #openstack-neutron-ovn		11:04
*** palexster has quit IRC		11:18
*** yamamoto has joined #openstack-neutron-ovn		11:18
*** palexster has joined #openstack-neutron-ovn		11:21
*** azbiswas has joined #openstack-neutron-ovn		11:23
*** yamamoto has quit IRC		11:24
*** azbiswas has quit IRC		11:27
-openstackstatus- NOTICE: CI is experiencing issues with test logs, all jobs are currently UNSTABLE as a result. No need to recheck until this is fixed! Thanks for your patience.		11:42
*** pcaruana has quit IRC		11:45
*** yamamoto has joined #openstack-neutron-ovn		11:52
*** yamamoto_ has joined #openstack-neutron-ovn		11:52
*** yamamoto_ has quit IRC		11:55
*** yamamoto has quit IRC		11:56
*** jckasper has joined #openstack-neutron-ovn		12:05
*** banix has joined #openstack-neutron-ovn		12:09
*** banix has quit IRC		12:24
*** yamamoto has joined #openstack-neutron-ovn		12:25
*** yamamoto has quit IRC		12:34
openstackgerrit	Richard Theis proposed openstack/networking-ovn: Convert core plugin to ML2 mechanism driver https://review.openstack.org/318095	12:40
*** yamamoto has joined #openstack-neutron-ovn		13:17
openstackgerrit	Na Zhu proposed openstack/networking-ovn: Sync static routes https://review.openstack.org/322461	13:23
*** jckasper has quit IRC		13:31
*** jckasper has joined #openstack-neutron-ovn		13:31
*** jckasper has quit IRC		13:38
*** jckasper has joined #openstack-neutron-ovn		13:38
russellb	rtheis: sounds like CI is unstable at the moment, so recheck may not work	13:48
russellb	openstackstatus set our topic :)	13:48
rtheis	russellb: thanks, I missed that but should have guessed when I saw unstable in jenkins failure	13:49
russellb	all good, just letting you know it's not your fault :)	13:50
russellb	or an ovn bug afaik	13:50
russellb	hopefully resolved soon, would be cool if we can merge that!	13:50
rtheis	yes, I hope so too	13:50
russellb	thanks again for the heroic effort the last weeks	13:51
*** ChanServ changes topic to "http://docs.openstack.org/developer/networking-ovn/ -=- OVN meeting Thursdays 10:15am Pacific / 1:15pm Eastern #openvswitch -=- Tempest health: http://goo.gl/9MaBJC"		14:00
-openstackstatus- NOTICE: Cleanup from earlier block storage disruption on static.openstack.org has been repaired, and any jobs which reported an "UNSTABLE" result or linked to missing logs between 08:00-14:00 UTC can be retriggered by leaving a "recheck" comment.		14:00
*** salv-orlando has joined #openstack-neutron-ovn		14:05
openstackgerrit	Merged openstack/networking-ovn: refactor sg/sgr event handing and add test coverage https://review.openstack.org/324956	14:29
russellb	rtheis: really minor comments on the big ML2 patch, if you file a bug for some followup, i'm happy to merge	14:30
rtheis	thanks russellb: I'll take a look and see what's going on	14:30
russellb	k	14:31
*** ssalagame has joined #openstack-neutron-ovn		14:33
*** ssalagame has quit IRC		14:34
rtheis	russellb: It appears that any exceptions taken by mechanism driver will result in MechanismDriverError exception being raised. We are indeed taking exceptions while validating the ports in these tests. So I suspect 500 is the result of this. Now need to determine why core plugin gets 400	14:36
russellb	ah, so it's a more general ML2-ism	14:36
russellb	i still think we should have a bug on it, but maybe it's not urgent	14:36
russellb	we should be able to report a proper failure for invalid input	14:37
russellb	but this is also binding:profile custom OVN-only stuff	14:37
russellb	in a perfect world, all API validation could be done at higher layers	14:37
russellb	this is sort of a hack	14:37
russellb	so....	14:37
russellb	¯\_(ツ)_/¯	14:37
russellb	maybe it's not worth worrying about?	14:37
russellb	in random other news, ben acked guru's L3 gateway patches!	14:37
rtheis	russellb: I'll see if there's a better way to report this invalid input	14:38
rtheis	cool	14:38
russellb	ok, like i said, don't need to block on it	14:38
russellb	i just don't want to forget to look closer at it	14:38
rtheis	I'll open a bug to track it	14:39
openstackgerrit	Na Zhu proposed openstack/networking-ovn: Sync static routes https://review.openstack.org/322461	14:39
russellb	sounds good	14:39
*** doonhammer has joined #openstack-neutron-ovn		14:40
rtheis	russellb: opened https://bugs.launchpad.net/networking-ovn/+bug/1588848	14:44
openstack	Launchpad bug 1588848 in networking-ovn "ML2 driver now returns 500 for invalid port bindings" [Undecided,Confirmed] - Assigned to Richard Theis (rtheis)	14:44
russellb	nice	14:44
russellb	+2	14:45
rtheis	thanks	14:46
russellb	i think it's pretty amazing that this will be in newton-1!	14:47
russellb	sounds like newton-1 deadline was actually yesterday, oops	14:51
russellb	we'll still do it, not sure what the "late" impact is	14:52
russellb	sorry everyone ....	14:54
*** ssalagame has joined #openstack-neutron-ovn		14:55
*** azbiswas has joined #openstack-neutron-ovn		15:06
russellb	i checked with the release team, we won't be doing a newton-1 since we missed the window. we just need to be sure to get newton-2 before the deadline. i apologize for the mistake.	15:08
russellb	mestery: fyi ^	15:08
*** rtheis has quit IRC		15:29
*** rtheis has joined #openstack-neutron-ovn		15:31
*** numans has quit IRC		15:40
*** doonhammer has quit IRC		15:40
*** doonhammer has joined #openstack-neutron-ovn		15:54
*** azbiswas has quit IRC		16:09
*** woodburn has joined #openstack-neutron-ovn		16:17
*** gangil has joined #openstack-neutron-ovn		16:18
*** woodburn has left #openstack-neutron-ovn		16:19
*** ssalagame has quit IRC		16:23
*** ssalagame has joined #openstack-neutron-ovn		16:34
*** chandrav has joined #openstack-neutron-ovn		16:41
*** ssalagame has quit IRC		16:44
*** ssalagame has joined #openstack-neutron-ovn		16:50
openstackgerrit	Merged openstack/networking-ovn: Convert core plugin to ML2 mechanism driver https://review.openstack.org/318095	17:06
russellb	gasp	17:07
Sam-I-Am	heh	17:07
Sam-I-Am	question is, did these patches include docs with the config changes :)	17:07
*** arosen12 has joined #openstack-neutron-ovn		17:09
rtheis	Sam-I-Am: the final patch did include doc updates with the config changes. If I missed anything, let me know	17:09
Sam-I-Am	rtheis: which # is the final patch?	17:10
rtheis	Sam-I-Am: https://review.openstack.org/318095	17:10
*** salv-orlando has quit IRC		17:11
*** salv-orlando has joined #openstack-neutron-ovn		17:12
Sam-I-Am	rtheis: is the old method still available?	17:14
rtheis	Sam-I-Am: core plugin is gone	17:16
Sam-I-Am	hmm, which means downstream things ought to break something fierce soon	17:17
Sam-I-Am	guess there was no way for a transitional period?	17:17
Sam-I-Am	rtheis: i'm a bit confused by the contents of ml2_conf.ini, re tenant_network_types, firewall_driver, etc.	17:18
Sam-I-Am	looking at the gate job	17:19
rtheis	Sam-I-Am: what is your concern?	17:21
Sam-I-Am	ovn uses geneve for tenant networks. is that option just ignored?	17:21
rtheis	Sam-I-Am: I'll check	17:22
Sam-I-Am	and the firewall_driver references something bogus	17:22
rtheis	Sam-I-Am: tenant_network_types is used as part of the network segment allocation	17:25
Sam-I-Am	yeah, in the reference arch	17:28
Sam-I-Am	ovn supports geneve and technically stt	17:28
*** azbiswas has joined #openstack-neutron-ovn		17:28
Sam-I-Am	so how is this working with vxlan?	17:28
mestery	It shouldn't work with VXLAN, it should be using geneve	17:30
Sam-I-Am	thats why the config file is confusing me	17:31
rtheis	Sam-I-Am: good question, it does work but I think that is because the segment network type isn't used by the driver	17:32
Sam-I-Am	pretty sure ovn's tunnel type is configured in ovs	17:32
Sam-I-Am	same thing with the firewall driver?	17:33
rtheis	I think so but haven't checked that one yet	17:35
mestery	rtheis: ++ I agree with that	17:35
Sam-I-Am	question is can we leave out these bogus options that do not apply	17:35
Sam-I-Am	they will create confusion	17:35
*** ssalagame has quit IRC		17:36
rtheis	I'm wondering if we should be using tenant_network_types in the driver	17:36
rtheis	rather the segment	17:37
Sam-I-Am	right now we do this	17:38
Sam-I-Am	ovs-vsctl --no-wait set open_vswitch . external-ids:ovn-encap-type="geneve"	17:38
*** ssalagame has joined #openstack-neutron-ovn		17:38
Sam-I-Am	there's not a lot of config-file-able things in ovn, they're mostly ovs commands	17:38
Sam-I-Am	it would be nice to wrap those ovs commands in config file things	17:38
Sam-I-Am	theoretically vxlan is supported for vteps, but that wouldnt be a tenant network	17:40
Sam-I-Am	its sort of an odd case because i dont think neutron itself supports vxlan provider nets	17:41
*** s3wong has joined #openstack-neutron-ovn		17:45
*** arosen12 has quit IRC		18:03
openstackgerrit	OpenStack Proposal Bot proposed openstack/networking-ovn: Updated from global requirements https://review.openstack.org/325461	18:14
*** thumpba has joined #openstack-neutron-ovn		18:23
rtheis	Sam-I-Am: I've opened https://bugs.launchpad.net/networking-ovn/+bug/1588935 related to the firewall/security issue that you pointed out	18:33
openstack	Launchpad bug 1588935 in networking-ovn "ML2 driver does not support enable_security_group configuration" [Undecided,New] - Assigned to Richard Theis (rtheis)	18:33
Sam-I-Am	thx	18:34
*** switchca1e is now known as switchcade		18:35
*** uday has joined #openstack-neutron-ovn		18:43
*** chandrav has quit IRC		18:47
*** chandrav has joined #openstack-neutron-ovn		18:52
*** gangil has quit IRC		18:57
*** doonhammer has quit IRC		19:02
*** azbiswas has quit IRC		19:04
*** chandrav has quit IRC		19:04
rtheis	Sam-I-Am: looks easy enough to fix tenant_network_types so it is set to geneve, but wondering if we can/should use the segmentation ID when creating the resulting ports	19:04
* russellb catching up on backlog		19:05
russellb	the choice of geneve vs something else is opaque to neutron with OVN	19:05
russellb	neutron has no input	19:05
russellb	in terms of Neutron, ideally it's either unspecified and we get to do what we want, or if it is explicitly specfied, i suppose the best thing is to only accept Geneve and reject anything else	19:06
rtheis	russellb: so the ovn ml2 driver is safe to ignore what neutron generates for segments	19:06
russellb	segmentation ID?	19:06
rtheis	vni	19:06
russellb	if neutron generates something, yes, we should ignore it, at least for now	19:06
russellb	there's nowhere to put it, OVN decides that on its own	19:06
rtheis	ok	19:07
russellb	we could add the ability to specify it, but that's a little awkward	19:07
Sam-I-Am	so...	19:07
*** fzdarsky has quit IRC		19:07
russellb	we need to support reading the segmentation_id for a vlan provider network	19:07
russellb	i assume that is still there?	19:07
rtheis	russellb: that is	19:07
Sam-I-Am	russellb: with the conventional ovs agent, tenant network type is somehow passed to ovs	19:07
russellb	ok	19:07
Sam-I-Am	russellb: i dont see why ovn is any different	19:08
russellb	Sam-I-Am: because ovn is different?	19:08
Sam-I-Am	well, it is, but isn't it just ovs underneath the covers when it comes to tunnels?	19:08
russellb	neutron is directly configuring ovs in that case	19:08
russellb	OVN is hiding a lot of that	19:08
Sam-I-Am	right now we hand-run an ovs-vsctl command on every ovn controller node to set the tunnel type and endpoint ip	19:08
russellb	who is we	19:09
russellb	OVN doesn't run ovs-vsctl	19:10
Sam-I-Am	we = deployment tools	19:10
Sam-I-Am	ovs-vsctl --no-wait set open_vswitch . external-ids:ovn-encap-type="geneve"	19:10
Sam-I-Am	that thing	19:10
russellb	oh	19:10
Sam-I-Am	and also the ovn-encap-ip	19:10
russellb	yes	19:10
russellb	i think it's safe to assume that's always just geneve though	19:10
russellb	stt is technically in the code, but i don't know if anyone has ever even tried it	19:10
russellb	and it doesn't really have a future since it's not in the upstream kernel	19:11
Sam-I-Am	people coming from ML2 are going to expect tenant_network_types to do something	19:11
Sam-I-Am	well, ml2 + conventional agents	19:11
russellb	ok	19:11
rtheis	We can enforce geneve is set	19:11
russellb	geneve should be fine	19:11
russellb	i guess vlan should work too	19:11
russellb	that's just the same thing as vlan provider networks, except letting neutron dynamically pick VLAN IDs	19:11
Sam-I-Am	vlan shouldnt work...	19:11
russellb	why not	19:11
Sam-I-Am	theres no vlan tenant networks in ovn	19:12
russellb	vlan tenant network and a vlan provider network are the same thing	19:12
russellb	from ovn's perspective	19:12
russellb	and in neutron, in practice it's really a matter of how it gets created	19:12
russellb	but they are mostly the same internally...	19:12
russellb	afaik...	19:12
Sam-I-Am	the difference is who creates it	19:13
* russellb nods		19:13
Sam-I-Am	and things like router:external	19:13
Sam-I-Am	currently, if a tenant creates a network and vlan type is default, it picks a vlan range out of the ml2 config	19:13
russellb	right	19:13
Sam-I-Am	and there's some sort of mapping to a bridge	19:13
russellb	i think that should work, and if it doesn't, it shouldn't be much work to make it work	19:13
russellb	since it's all the same infrastructure in ovn required to vlan provider nets	19:14
Sam-I-Am	bridge mappings move from the l2 agent config to ovs-vsctl commands	19:14
russellb	i think the best thing to do re: conversion period was rip the bandaid off and clean up any fallout as quick as we can	19:14
russellb	having both would be really painful	19:14
* russellb nods		19:15
russellb	ovn has the same style bridge mappings	19:15
russellb	network name <--> ovs bridge	19:15
*** ssalagame has quit IRC		19:15
Sam-I-Am	i guess what i'm wondering is do we need some sort of ovn-controller (agent) config file that contains stuff like local_ip, bridge mappings, etc.	19:15
*** salv-orl_ has joined #openstack-neutron-ovn		19:15
russellb	Sam-I-Am: bridge mappings exist, as an external_id right now	19:16
Sam-I-Am	right now its like yeahhhh its ml2, but most of the config is done by ovs-vsctl	19:16
Sam-I-Am	yeah	19:16
Sam-I-Am	but with the ovs agent, they're in openvswitch_agent.ini	19:16
russellb	i see the ovs-vsctl config and the config file as funcionalliy equivalent	19:16
russellb	they are both host-local configuration	19:16
Sam-I-Am	to me its easier to do config file management than command line management	19:16
Sam-I-Am	i'm thinking about this from the perspective of migrating ovs agent users to ovn	19:17
russellb	gotcha	19:17
Sam-I-Am	can we make this look like a more typical neutron config	19:17
Sam-I-Am	now that we're under ml2	19:17
russellb	btw, Babu on my team has been working on a grenade job that tests the migration	19:17
russellb	that we'll be able to iterate on	19:17
russellb	we could add config file support to ovn-controller, sure	19:17
russellb	we talked about it at one point	19:18
russellb	for the reason you suggest, being a bit easier to deal with	19:18
*** salv-orlando has quit IRC		19:18
russellb	but nobody took it on	19:18
russellb	i'm supportive of that though if someone wanted to work on it	19:18
Sam-I-Am	i think its important for getting people on board, documentation, and migrations	19:19
*** ssalagame has joined #openstack-neutron-ovn		19:19
rtheis	I can open a bug to track this config file work if you'd like	19:20
Sam-I-Am	rtheis: i dont think geneve has id ranges, or at least ones that are configurable in ovn	19:20
Sam-I-Am	rtheis: yes, pls do	19:20
russellb	correct, they are not configurable in OVN	19:20
rtheis	Sam-I-Am: will do	19:20
russellb	and i'm not particularly interested in letting neutron specify them	19:21
russellb	i don't see the value	19:21
rtheis	so we basically ignore what neutron specifies	19:21
Sam-I-Am	so we probably wouldnt need anything in a [ml2_type_geneve] that i can think of	19:21
Sam-I-Am	and thats fine	19:21
russellb	i think arosen had a geneve type driver at one point	19:21
Sam-I-Am	we solve that issue with docs "you dont need these"	19:21
russellb	not sure if that merged	19:21
Sam-I-Am	yeah, its around	19:21
*** fzdarsky has joined #openstack-neutron-ovn		19:21
Sam-I-Am	but in the case of ovn, we'd just doc it as "not configurable for reason X"	19:22
Sam-I-Am	people will be curious about securitygroup (which rtheis already posted a bug for), ml2_type_vlan, ml2_type_flat, and tenant_network_types	19:23
russellb	what's the sec group issue?	19:23
rtheis	russellb: https://bugs.launchpad.net/networking-ovn/+bug/1588935	19:23
openstack	Launchpad bug 1588935 in networking-ovn "ML2 driver does not support enable_security_group configuration" [Undecided,New] - Assigned to Richard Theis (rtheis)	19:23
Sam-I-Am	and from the agent perspective, bridge_mappings and local_ip	19:23
rtheis	looks like we don't honor security groups being disabled	19:23
russellb	Sam-I-Am: we have those, it's just ovsdb and not config file, right?	19:23
russellb	rtheis: just being able to disable them?	19:24
russellb	ok, seems easy enough	19:24
russellb	i think we have some code for seeing if port security is disabled?	19:24
rtheis	I think so, and cleaning up the devstack deployment	19:24
russellb	so the check would be similar ...	19:24
Sam-I-Am	russellb: some of them. i'm not aware of tenant network vlan ranges anywhere in ovn.	19:24
russellb	Sam-I-Am: OVN lets you specify a VLAN ID for a VLAN network	19:24
russellb	which is all we need from OVN to do it	19:24
Sam-I-Am	tenants cant specify vlan ids	19:25
Sam-I-Am	only admins can	19:25
russellb	from our driver perspective, a vlan ID is given, maybe an admin set it, maybe neutron made it up, right?	19:25
russellb	however a VLAN ID is decided upon	19:25
russellb	we have a way to tell OVN what it is	19:25
russellb	and all is happy	19:25
*** thumpba_ has joined #openstack-neutron-ovn		19:26
rtheis	so we only do that when we have PHYSICAL_NETWORK ... should we do the same for vlan tenant networks?	19:26
Sam-I-Am	so if we support network_vlan_ranges, ml2 and ovn Just Work ?	19:27
russellb	conceptually anyway :) ... rtheis, yes, that's the idea	19:27
rtheis	cool	19:27
russellb	Sam-I-Am: conceptually we should be able to, sounds like we have a fix to make based on rtheis' comment	19:27
Sam-I-Am	i was sort of under the impression that all non-provider nets use geneve	19:27
russellb	but it shouldn't be a ton of work	19:27
rtheis	I'll open another bug for that	19:27
Sam-I-Am	but theres an audience that would probably make use of vlan tenant nets	19:27
russellb	rtheis: thanks	19:27
*** thumpba has quit IRC		19:28
russellb	from ovn perspective, there's really no such thing as tenant network vs provider network	19:28
russellb	there's logical network, allowing OVN to implement it how it wants (typically geneve)	19:28
Sam-I-Am	rtheis russellb sorry i didnt think of these things earlier, but time... and i think doing the init conversion as quickly as possible was important	19:28
russellb	and then specifying that it's a flat network, or a vlan network	19:28
russellb	Sam-I-Am: no worries, these are just new things we need to work through in ML2 land	19:28
russellb	not regressions	19:28
Sam-I-Am	yeah	19:30
Sam-I-Am	i have an interesting perspective on things	19:30
Sam-I-Am	sometimes good, sometimes bad.	19:30
Sam-I-Am	as for the secgroup thing, noop should do what people expect it to do... disable secgroups. otherwise a dummy setting just lets ovn enable its secgroup model	19:31
Sam-I-Am	what i want to avoid is confusion between the native ovs secgroup driver and the ovn secgroup implementation	19:31
Sam-I-Am	thats where i fear we'll see confusion	19:32
russellb	this is a neutron-server side config item?	19:32
Sam-I-Am	good question :)	19:33
Sam-I-Am	it has gone through some changes recently	19:33
russellb	so 2 options ... enable_security_group and firewall_driver	19:34
rtheis	enable_security_group option under [securitygroup] in ml2_conf.ini.	19:34
russellb	leaving them to defaults should do what we normally expect	19:34
russellb	enable_security_group=False should make us disable security groups / not configure ACLs	19:35
rtheis	sounds good	19:35
russellb	and really, we should just ignore firewall_driver	19:35
russellb	it's not relevant at all	19:35
Sam-I-Am	yeah	19:35
Sam-I-Am	i think its just enable_security_groups	19:36
russellb	ok	19:36
Sam-I-Am	i think firewall_driver defaults to noop, which may be confusing to people	19:36
russellb	it defaults to empty / not set	19:36
russellb	noop means something a little different	19:36
russellb	it's weird	19:36
rtheis	looks like firewall_driver default is None	19:36
rtheis	we don't have a driver so that seems appropriate	19:37
russellb	yeah	19:37
russellb	we should just totally ignore that config item	19:37
rtheis	ok	19:37
Sam-I-Am	ok, thats good	19:37
Sam-I-Am	we can doc that one out	19:38
russellb	there's a lot of very mixed stuff in neutron between general abstraction and stuff very specific to the ref impl / neutron agents	19:38
russellb	this is an example of that	19:39
russellb	enable_security_group == a very generally useful config item, next to firewall_driver == a very ref impl specific thing	19:39
rtheis	yeah, definitely	19:39
russellb	¯\_(ツ)_/¯	19:39
Sam-I-Am	ok, i think we're on similar pages now	19:40
Sam-I-Am	if we put things into config files, converting from ovs agent to ovn should be a lot easier from a config management pov	19:41
Sam-I-Am	the underlying rebuilding of network bits... glhf :)	19:41
Sam-I-Am	but at least i can make the docs pretty	19:41
*** banix has joined #openstack-neutron-ovn		19:41
*** ssalagame has quit IRC		19:41
russellb	a lot easier from a technical perspective? or just "less different", so less scary to people	19:42
russellb	we're only talking about 3 or 4 config items	19:42
*** ssalagame has joined #openstack-neutron-ovn		19:43
Sam-I-Am	well, more in line with the expections of configuration with ml2	19:43
Sam-I-Am	rather than scary, somewhat obscure ovs-vsctl commands	19:43
russellb	this is the compute host / agent side	19:44
russellb	unrelated to ML2	19:44
russellb	but i understand the scariness angle	19:44
russellb	but i also wonder if most people using ovs today are familiar with ovs-vsctl?	19:45
russellb	is it that scary?	19:45
russellb	probably to most folks that want to mess with it as litle as possible and just want it to work	19:45
russellb	and if they ever have to run ovs-vsctl, they're pissed off	19:45
russellb	because that means something wasn't working and they're debugging	19:45
Sam-I-Am	yeah, this is the equiv of some of the items in the openvswitch_agent.ini file	19:47
*** ssalagame has quit IRC		19:47
Sam-I-Am	they edit file, run agent... done.	19:47
Sam-I-Am	the only ovs-vsctl command people expect to run is plugging a host interface into a provider bridge	19:47
Sam-I-Am	bridge mappings and local tunnel endpoint are in a config file	19:48
Sam-I-Am	people do fear ovs, so the more we can do to make it look more polished will help adoption	19:54
Sam-I-Am	a lot of this is from experience in #openstack, docs bugs, etc.	19:55
-openstackstatus- NOTICE: The infrastructure team is taking Gerrit offline for maintenance this afternoon, beginning shortly after 20:00 UTC. We aim to have it back online around 00:00 UTC.		19:59
russellb	cool	19:59
russellb	i'm good with config file support	20:00
russellb	Sam-I-Am: funny story, i apparently said almost a year ago that i might work on it	20:03
russellb	i clearly forgot	20:03
russellb	http://openvswitch.org/pipermail/dev/2015-July/057871.html	20:03
Sam-I-Am	russellb: lol	20:03
Sam-I-Am	guess you just signed up	20:04
*** banix has quit IRC		20:04
Sam-I-Am	re-signed up :)	20:04
russellb	heh, maybe ....	20:04
russellb	i need to finish what i've started first	20:04
russellb	and then maybe!	20:04
russellb	i'm happy for someone else to ...	20:04
-openstackstatus- NOTICE: Gerrit is offline for maintenance until 00:00 UTC		20:10
*** ChanServ changes topic to "Gerrit is offline for maintenance until 00:00 UTC"		20:10
*** gangil has joined #openstack-neutron-ovn		20:11
*** ssalagame has joined #openstack-neutron-ovn		20:12
*** banix has joined #openstack-neutron-ovn		20:28
*** azbiswas has joined #openstack-neutron-ovn		20:41
*** uday has quit IRC		20:41
*** azbiswas_ has joined #openstack-neutron-ovn		20:45
*** irenab has quit IRC		20:47
rtheis	russellb, Sam-I-Am: https://bugs.launchpad.net/networking-ovn/+bug/1588966 and https://bugs.launchpad.net/networking-ovn/+bug/1588969, I attempted to capture our discussion in these 2 bugs. Feel free to update as needed.	20:48
openstack	Launchpad bug 1588966 in networking-ovn "ML2 driver should only support geneve and vlan tenant network types" [Undecided,New] - Assigned to Richard Theis (rtheis)	20:48
openstack	Launchpad bug 1588969 in networking-ovn "Support ovn-controller configuration file" [Undecided,New]	20:48
*** azbiswas has quit IRC		20:48
*** chandrav has joined #openstack-neutron-ovn		21:00
*** salv-orl_ has quit IRC		21:06
*** salv-orlando has joined #openstack-neutron-ovn		21:07
*** doonhammer has joined #openstack-neutron-ovn		21:14
*** rtheis has quit IRC		21:15
*** a_ta has quit IRC		21:27
*** a_ta has joined #openstack-neutron-ovn		21:27
*** doonhammer has quit IRC		21:31
*** a_ta has quit IRC		21:32
*** banix has quit IRC		21:38
*** ssalagame has quit IRC		21:40
*** ssalagame has joined #openstack-neutron-ovn		21:42
*** doonhammer has joined #openstack-neutron-ovn		22:05
*** azbiswas_ has quit IRC		22:14
*** thumpba_ has quit IRC		22:27
*** ssalagame has quit IRC		23:01
*** gangil has quit IRC		23:15
*** jckasper has quit IRC		23:26
*** jckasper has joined #openstack-neutron-ovn		23:27
*** thumpba has joined #openstack-neutron-ovn		23:28
*** jckasper has quit IRC		23:31
*** thumpba has quit IRC		23:33
*** gangil has joined #openstack-neutron-ovn		23:38
*** gangil has quit IRC		23:38
*** gangil has joined #openstack-neutron-ovn		23:38
*** gangil has quit IRC		23:40
*** carl_baldwin has quit IRC		23:54
*** banix has joined #openstack-neutron-ovn		23:55
*** carl_baldwin has joined #openstack-neutron-ovn		23:57

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!