Friday, 2023-05-19

« Thursday, 2023-05-18 Index Saturday, 2023-05-20 »
opendevreviewMerged openstack/neutron master: Add rate-limiting to metadata agents  https://review.opendev.org/c/openstack/neutron/+/85887900:10
opendevreviewBrian Haley proposed openstack/neutron master: Fix some new pylint "W" warnings  https://review.opendev.org/c/openstack/neutron/+/88360501:56
opendevreviewBrian Haley proposed openstack/neutron master: Fix some new pylint "R" warnings  https://review.opendev.org/c/openstack/neutron/+/88360601:57
opendevreviewBrian Haley proposed openstack/neutron master: Fix some new pylint "E" warnings  https://review.opendev.org/c/openstack/neutron/+/88360701:57
opendevreviewBrian Haley proposed openstack/neutron master: Fix some new pylint "C" warnings  https://review.opendev.org/c/openstack/neutron/+/88360801:57
opendevreviewBrian Haley proposed openstack/neutron master: Fix some new pylint "W" warnings  https://review.opendev.org/c/openstack/neutron/+/88360502:32
opendevreviewzhouxinyong proposed openstack/networking-sfc master: Use new get_rpc_client API from oslo.messaging  https://review.opendev.org/c/openstack/networking-sfc/+/88318602:55
opendevreviewliuxie proposed openstack/neutron master: [OVN] Support address group for ovn driver  https://review.opendev.org/c/openstack/neutron/+/85150903:51
opendevreviewyatin proposed openstack/neutron master: [DNM] reproduce grenade issue  https://review.opendev.org/c/openstack/neutron/+/88362904:48
*** dmellado90 is now known as dmellado905:09
*** EugenMayer45 is now known as EugenMayer406:17
opendevreviewSlawek Kaplonski proposed openstack/neutron-specs master: Add "used_in_non_default_sg" attribute to the default SG rules API  https://review.opendev.org/c/openstack/neutron-specs/+/88326707:37
opendevreviewSlawek Kaplonski proposed openstack/neutron-specs master: Add "remote_address_group_id" attribute to the default SG rules API  https://review.opendev.org/c/openstack/neutron-specs/+/88326807:44
opendevreviewSlawek Kaplonski proposed openstack/neutron-specs master: Default SG rules - update fields in the API examples  https://review.opendev.org/c/openstack/neutron-specs/+/88348107:44
slaweqralonsoh ykarel lajoskatona hi, can You check https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/873380 ? I think it finally can be merged as https://review.opendev.org/c/openstack/devstack/+/880892 is merged in devstack07:46
slaweqthx in advance07:46
ralonsohsure07:46
ralonsohslaweq, but the parent patch depends on https://review.opendev.org/c/openstack/neutron/+/880890 too07:48
opendevreviewRodolfo Alonso proposed openstack/neutron master: gate: bump ovn to the latest LTS release (22.03)  https://review.opendev.org/c/openstack/neutron/+/88089007:49
opendevreviewliuxie proposed openstack/neutron master: [OVN] Support address group for ovn driver  https://review.opendev.org/c/openstack/neutron/+/85150908:11
ykarelslaweq, ack08:47
opendevreviewMerged openstack/neutron master: [alembic] Alembic operations require keywords only arguments  https://review.opendev.org/c/openstack/neutron/+/88334009:18
opendevreviewliuxie proposed openstack/neutron master: [OVN] Support address group for ovn driver  https://review.opendev.org/c/openstack/neutron/+/85150909:27
opendevreviewyatin proposed openstack/neutron master: Disable mysql gather performance in jobs  https://review.opendev.org/c/openstack/neutron/+/88364809:32
lajoskatonaralonsoh: Hi, today I can't participate on the Drivers meeting, hope you will have quorum09:35
ralonsohlajoskatona, no problem at all09:45
opendevreviewDmitrii Shcherbakov proposed openstack/neutron master: Allow Multiple External Gateways  https://review.opendev.org/c/openstack/neutron/+/87359309:48
opendevreviewDmitrii Shcherbakov proposed openstack/neutron master: Add extra router attributes for ECMP and BFD  https://review.opendev.org/c/openstack/neutron/+/87479709:49
opendevreviewDmitrii Shcherbakov proposed openstack/neutron master: [ovn] Implement support for external-gateway-multihoming extension  https://review.opendev.org/c/openstack/neutron/+/87419909:49
opendevreviewDmitrii Shcherbakov proposed openstack/neutron master: [ovn] Honor `enable_default_route_ecmp` attribute  https://review.opendev.org/c/openstack/neutron/+/87853109:49
opendevreviewDmitrii Shcherbakov proposed openstack/neutron master: [ovn] Allow L3 scheduler to be aware of current transaction  https://review.opendev.org/c/openstack/neutron/+/87476009:49
opendevreviewDmitrii Shcherbakov proposed openstack/neutron master: [ovn] Add helper for retrieving LR associated with LRP  https://review.opendev.org/c/openstack/neutron/+/87369809:49
opendevreviewDmitrii Shcherbakov proposed openstack/neutron master: [ovn] Apply soft anti-affinity for LRs with multiple LRPs when scheduling  https://review.opendev.org/c/openstack/neutron/+/87369909:49
opendevreviewDmitrii Shcherbakov proposed openstack/neutron master: [ovn] Add support for enable_default_route_bfd attribute  https://review.opendev.org/c/openstack/neutron/+/87854309:49
opendevreviewRodolfo Alonso proposed openstack/neutron master: Use ``TextClause`` to define the DB model "server_default"  https://review.opendev.org/c/openstack/neutron/+/88342109:51
mnasiadkaralonsoh: reno for neutron ovn agent mentions that it should run on compute and controllers - what about network nodes? (https://review.opendev.org/c/openstack/neutron/+/870024/12/releasenotes/notes/ovn-agent-added-84fc31c0fba02be9.yaml)10:01
ralonsohmnasiadka, so far it is not needed. The OVN agent will have the OVN metadata service by default (only needed in the compute nodes). A new extension was added to set the QoS rules on port with HW offload (but needed in compute nodes too)10:04
ralonsohactually I don't know why it should be needed in controllers10:05
mnasiadkaok, so for now compute nodes are enough?10:05
ralonsohyes10:05
mnasiadkathanks10:05
mnasiadkaSo, does it serve metadata now, or is it a plan to move the functionality from metadata-agent to ovn-agent?10:06
ralonsohyes, there is a bug for this10:07
ralonsohone sec10:07
ralonsohthe plan is to deprecate the ovn metadata agent10:07
mnasiadkabecause we need ovn metadata agent on network nodes for ironic nodes10:07
mnasiadkaOk, to be more precise - I'm asking about Antelope (2023.1) state of things10:07
ralonsohin the networker nodes?10:08
ralonsohhttps://bugs.launchpad.net/neutron/+bug/201787110:08
mnasiadkaah, ok, rfe10:08
mnasiadkayeah, for metadata on bare metal Ironic nodes - the metadata agent needs to run on network nodes10:09
opendevreviewLucas Alvares Gomes proposed openstack/neutron master: [OVN] Expose chassis hosting information in LSP  https://review.opendev.org/c/openstack/neutron/+/88270510:09
ralonsohwhy not in the controller nodes?10:09
mnasiadkaexternal ports are scheduled on network nodes, right?10:10
mnasiadkaso on the nodes that have enable-chassis-as-gw set10:11
ralonsohyes, on these chassis10:11
mnasiadkayou have it documented here https://docs.openstack.org/neutron/latest/admin/ovn/baremetal.html#metadata-access ;-)10:11
mnasiadkaok, then all clear, for now in Antelope Kolla-Ansible will deploy neutron-ovn-agent on computes only10:11
mnasiadkaonce metadata service is moved there, we'll remove neutron-ovn-metadata-agent deployment and extend also to the network nodes10:11
mnasiadkathanks again10:12
ralonsohyw10:12
ralonsohslaweq, trivial patches 10:33
ralonsohhttps://review.opendev.org/c/openstack/neutron-dynamic-routing/+/88334110:33
ralonsohhttps://review.opendev.org/c/openstack/neutron-vpnaas/+/88334310:33
ralonsohthanks in advance10:33
opendevreviewArnau Verdaguer proposed openstack/neutron master: [OVN trunk] Add bound info on subport when parent is bound  https://review.opendev.org/c/openstack/neutron/+/88258110:35
opendevreviewRodolfo Alonso proposed openstack/neutron-fwaas master: Fix issues due to rcent RBAC changes  https://review.opendev.org/c/openstack/neutron-fwaas/+/88365310:37
slaweqralonsoh I just +2 both of them10:52
ralonsohthanks10:52
opendevreviewRodolfo Alonso proposed openstack/neutron-fwaas master: Fix issues due to rcent RBAC changes  https://review.opendev.org/c/openstack/neutron-fwaas/+/88365311:25
opendevreviewMerged openstack/neutron-dynamic-routing master: [alembic] Alembic operations require keywords only arguments  https://review.opendev.org/c/openstack/neutron-dynamic-routing/+/88334111:42
ykarelslaweq, can you check https://review.opendev.org/c/openstack/neutron/+/88364812:19
dvo-plvralonsoh: Hello, I have a question regarding bp: https://review.opendev.org/c/openstack/nova-specs/+/859290/11/specs/2023.2/approved/support-napatech-linkvirtualization-smartnic.rst#5512:20
dvo-plvCould you please tell me, what you mean under nit2 comment12:20
slaweqykarel done12:44
opendevreviewFernando Royo proposed openstack/ovn-octavia-provider master: Add retry on case of sqlite3.InterfaceError on FT  https://review.opendev.org/c/openstack/ovn-octavia-provider/+/88366212:44
ykarelthx slaweq 12:47
opendevreviewMerged openstack/neutron-specs master: Add "used_in_non_default_sg" attribute to the default SG rules API  https://review.opendev.org/c/openstack/neutron-specs/+/88326712:55
opendevreviewMerged openstack/neutron-specs master: Add "remote_address_group_id" attribute to the default SG rules API  https://review.opendev.org/c/openstack/neutron-specs/+/88326812:55
opendevreviewFernando Royo proposed openstack/ovn-octavia-provider master: Add retry on case of sqlite3.InterfaceError on FT  https://review.opendev.org/c/openstack/ovn-octavia-provider/+/88366213:15
ralonsohdvo-plv, it was formated by gerrit. What I said was that you need to use double backtricks13:30
ralonsoh``OvsPlugin``13:31
dvo-plvokay, I will update13:32
dvo-plvI would like to past this link https://github.com/openstack/os-vif/blob/18bd440bbe5692229ac029937000814393898298/vif_plug_ovs/ovs.py#L4013:35
dvo-plvbut it too long, how I should add this properly?13:35
ralonsohhttps://www.urlshort.dev13:41
dvo-plvthanks13:43
ralonsohPing list: ykarel, mlavalle, mtomaska, slawek, obondarev, sahid, tobias-urdin, lajoskatona, amotoki 14:00
mlavalleo/14:00
ralonsoh#startmeeting neutron_drivers14:00
opendevmeetMeeting started Fri May 19 14:00:57 2023 UTC and is due to finish in 60 minutes.  The chair is ralonsoh. Information about MeetBot at http://wiki.debian.org/MeetBot.14:00
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.14:00
opendevmeetThe meeting name has been set to 'neutron_drivers'14:00
ralonsohhello all14:00
amotokihi14:01
slaweqo/14:01
haleybo/14:01
ralonsohLajos is not attending today14:01
ykarelo/14:01
mtomaskao/14:01
ralonsohok, I think we have quorum14:02
ralonsohlet's start with the first topic14:02
ralonsohfrom liushy 14:02
ralonsoh#link https://bugs.launchpad.net/neutron/+bug/201650414:02
ralonsoh[rfe]Support specify fixed_ip_address for DHCP or Metadata port14:02
ralonsohliushy, please14:02
liushyHi all14:02
sahido/14:02
liushyWe want define a new api that can specify the fixed_ip for dhcp port or metadata port14:03
liushyIn this time, we firstly need agree the new api extention14:04
slaweqdid You try to create manually port with fixed_ip which You want and with device_owner set as "reserved_dhcp_port"? IMO such port should be later used by dhcp agent as dhcp port when network will be scheduled to the dhcp agent14:04
sahidslaweq: whao interesting :-)14:06
liushyYeah, it is, but I have no good idea for reserved_dhcp_port14:07
ralonsohwhat do you mean? sorry, I don't understand14:07
liushyMaybe this reserved dhcp port would not been14:07
liushyUsed14:07
ralonsohby who? this is the same as any other DHCP port. In any case, this is an alternative to be explored14:09
ihrachys_(it's device_id, not device_owner014:09
ralonsohyes, device_id14:09
ralonsohif port_device_id == constants.DEVICE_ID_RESERVED_DHCP_PORT14:09
ihrachys_and I don't think it's part of API (and specific to dhcp agent...), so it doesn't directly address the request14:09
haleybi guess OVN doesn't look for such port, but guess it could...14:09
ihrachys_but I struggle to see why the request is needed. why would a user want to specify this?14:10
mlavalleyeah, what's the use case?14:10
amotokii have a same question as from ihar. what is the motivation of this RFE?14:10
slaweqyeah, this device_owner is used by neutron-dhcp-agent but ML2/OVN is using "distributed" port probably14:11
liushyYeah, we have meet many customers want specify the dhcp ip or metadata ip14:11
ihrachys_they want it to achieve what?14:11
opendevreviewMerged openstack/neutron master: Disable mysql gather performance in jobs  https://review.opendev.org/c/openstack/neutron/+/88364814:11
amotokiwhy do they want to specify such IPs?14:12
liushyAnd in any cases, we have always update the ip of metadata port, right?14:12
slaweqmetadata port, why?14:13
ihrachys_liushy I don't follow. what do you mean we update the ip of metadata port? it's created when network is initialized and in general it's not touched.14:13
ralonsohso liushy, what is the rationale behind this RFE? why your customers need to "move" this IP addresses?14:15
ralonsohhello?14:18
liushyIn any cases, the first ip of subnet is config on switch14:18
amotokiliushy: if so, you can define allocation_pools for a subnet not to use the first IP of the subnet14:19
ralonsohexactly14:19
slaweqamotoki++14:19
ralonsohdoes it solve your issue? skipping this IP address from the IPAM pool?14:20
ralonsoh(except that you manually assign the IP address to a port)14:20
slaweqactually in Your case if You would assign different IP to the dhcp port, then Your "first" ip from the subnet can be allocated to some vm14:21
slaweqso You will just move problem somewhere else, not solve it14:21
slaweqand using proper allocation pool in neutron can solve it permanently14:21
liushyOk14:22
ralonsohcool, please explore this alternative. I'll update the LP bug with amotoki's proposal14:23
mlavalle++14:23
ralonsohthanks liushy 14:24
ralonsohlet's move then to the next topic 14:24
ralonsoh#link https://bugs.launchpad.net/neutron/+bug/201996014:24
ralonsoh[RFE] Can't protect the "default" security group from regular users14:24
ralonsohI don't know if Paolo is in this channel now14:24
slaweqI know this topic14:24
ralonsohslaweq, please go on then14:25
slaweqok, all started in the ML thread few days ago14:25
slaweqauthor of this bug wanted to have policy which will not allow regular users to change SG rules in "default" SG14:25
slaweqwe are treating "default" SG in kind of special way, it's created for every project14:26
slaweqand that can be valid use case14:26
slaweqproblem is that currently we can't configure even custom API policies for SG rules base on "name" of the SG, which is parent for the SG rule14:26
slaweqI described it in https://lists.openstack.org/pipermail/openstack-discuss/2023-May/033719.html14:27
slaweqit's the same thing like using "network:shared" field for e.g. ports or subnets14:27
slaweqwe are doing that but it required special treat in the code14:28
ralonsohin this case I would avoid this special treatment in the code, I would prefer to introduce a bool field (read-only) in the SG rule object14:28
slaweqnow the question is - do we want to introduce yet another "special" handling, this time for "security_group:name" attribute so it will be possible to use it in policies for SG rules14:28
ralonsoh^ no, I prefer a new field in the SG rule object, filtered as other field with a rule14:29
slaweqralonsoh something like "sg_default: True/False" in the SG rules?14:30
slaweqor what?14:30
ralonsohyes14:30
ralonsohis_sg_default14:30
ralonsoha SG rule can be created or deleted14:30
ralonsohwhen the SG rule is created, the server will read the SG default flag and copy it to the SG rule14:31
ralonsohthat will avoid the special treatment 14:31
slaweqyes, that way You will be able to use directly this new attribute in the api policies14:31
ihrachyscan it not be generated synthetically by neutron api layer? no need to store it I think.14:31
slaweqihrachys I think that that was the idea14:32
ralonsohthat implies doing a second query every time we retrieve a SG rule14:32
slaweqit can be calculated "in flight"14:32
ralonsohyes but with a cost14:32
ralonsohhmmm maybe we can, in the SG rule OVO, implement that query to the SG.is_default column14:33
ihrachysoptimize your query if that's a concern... storing has its own cost (not just in bytes, but keeping consistency, migrating db etc.)14:33
slaweqI think that this is good idea14:34
ralonsohmaybe we can use a back reference, adding the is_default value of the SG register in the SG rule OVO (that is a SQL view, in a nutshell)14:35
ralonsohok, that's something technical14:35
ralonsohlet's vote first if this RFE (the goal) is approved14:36
*** han-guangyu is now known as Guest67214:36
slaweq+1 for that RFE and for ralonsoh's proposal how to solve it14:36
ralonsohdo you agree with having a way to limit the SG rules modification belonging to the default SG?14:36
*** Guest672 is now known as han-guangyu14:37
amotoki+1 it sounds a reasnable request to me14:37
mlavalle+114:37
ralonsohhaleyb, ?14:38
haleyb+114:38
ralonsohykarel, are you part of the drivers team? I think so14:38
ralonsohis just to have more votes14:38
ralonsohbecause I don't present this RFE, I can vote14:39
ralonsoh+1 from me14:39
ihrachys+0 from me!14:39
ralonsohhehehe14:39
ralonsohthank you all14:39
ralonsohI think this request is reasonable14:39
ralonsohI'll try to implement a POC ASAP14:40
ralonsohI'll update the LP bug14:40
ralonsohsomething else you want to discuss?14:40
ralonsohPLEASE: kind (maybe not so kind) reminder to review the specs!!14:41
ralonsohhave a nice weekend14:41
ralonsoh#endmeeting14:41
opendevmeetMeeting ended Fri May 19 14:41:26 2023 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)14:41
opendevmeetMinutes:        https://meetings.opendev.org/meetings/neutron_drivers/2023/neutron_drivers.2023-05-19-14.00.html14:41
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/neutron_drivers/2023/neutron_drivers.2023-05-19-14.00.txt14:41
opendevmeetLog:            https://meetings.opendev.org/meetings/neutron_drivers/2023/neutron_drivers.2023-05-19-14.00.log.html14:41
slaweqo/14:41
mlavalleo/14:41
amotokio/14:41
mtomaskao/14:41
opendevreviewLucas Alvares Gomes proposed openstack/neutron master: [OVN] Expose chassis hosting information in LSP  https://review.opendev.org/c/openstack/neutron/+/88270514:44
opendevreviewBrian Haley proposed openstack/neutron master: Revert "Delete sg rule which remote is the deleted sg"  https://review.opendev.org/c/openstack/neutron/+/88358214:45
ykarelralonsoh, yes i am added in drivers meeting, but i had to leave just after the meeting started so didn't follow the discussion, sorry15:05
ralonsohno, no problem15:05
han-guangyuhello, I see that when the dvr is turned on, the North/South SNAT is still in charge of the network node. I would like to ask, whether North/South SNAT is also distributed to computing nodes?15:22
han-guangyuThis requirement comes from the fact that I need to port forward many ports of only one floating ip to different ports of different vm. Such a large amount of traffic still gathers on the network nodes. Is there a way to disperse the load of the floating ip port forwarding on the network nodes?15:24
han-guangyuThank you for any help15:24
ralonsohhan-guangyu, sorry no, we still don't have distributed snat, the port forwarding is done in done in the networker/controller nodes15:30
ralonsohat least in ML2/OVS. If I'm not wrong, with ML2/OVN you have dvr for port forwarding (but I would need to check that)15:31
ralonsohslaweq, ^^ am I wrong?15:32
slaweqI think you're right15:33
han-guangyuralonsoh: hey, that's so good for me, I would try ML2/IVN15:35
opendevreviewRodolfo Alonso proposed openstack/neutron master: Improve the ``PortBindingUpdateVirtualPortsEvent`` match filter  https://review.opendev.org/c/openstack/neutron/+/88368116:01
opendevreviewRodolfo Alonso proposed openstack/neutron master: gate: bump ovn to the latest LTS release (22.03)  https://review.opendev.org/c/openstack/neutron/+/88089016:02
*** han-guangyu is now known as Guest68616:12
*** Guest686 is now known as han-guangyu16:13
han-guangyuralonsoh: sorry to bother, I want to ask if the dvr for port forwarding of ML2/OVN is releated with openstack version16:19
han-guangyuI'm now have a train env16:19
ralonsohI think so, let me check when that was added16:19
han-guangyuralonsoh: very appreciate for you16:20
ralonsohI see this extension in Train16:20
han-guangyuralonsoh: that's so good16:24
han-guangyuralonsoh: thank you 16:25
han-guangyuralonsoh: May I know more, ML2/OVS does not have distributed snat, is there a technical blocking problem, or is it mainly because there is not enough manpower to invest in development16:25
ralonsohno time for implementing and testing16:25
han-guangyuok16:26
han-guangyubest wishes for you, thank you so much for your answer about my question16:26
opendevreviewDr. Jens Harbott proposed openstack/neutron-dynamic-routing stable/zed: Fix address_scope calculation  https://review.opendev.org/c/openstack/neutron-dynamic-routing/+/88358316:36
*** kmasterson` is now known as kmasterson16:48
opendevreviewRodolfo Alonso proposed openstack/neutron master: [WIP] Stop the RPC connections when the agent exits  https://review.opendev.org/c/openstack/neutron/+/88368516:53
opendevreviewsean mooney proposed openstack/neutron master: send ovn heatbeat more often.  https://review.opendev.org/c/openstack/neutron/+/88368717:09
*** melwitt_ is now known as melwitt17:11
opendevreviewElvira GarcĂ­a Ruiz proposed openstack/neutron master: [ovn] Avoid unwanted ACL_NOT_FOUND error when deleting log objects  https://review.opendev.org/c/openstack/neutron/+/88369318:36
opendevreviewBrian Haley proposed openstack/neutron master: Fix some new pylint "E" warnings  https://review.opendev.org/c/openstack/neutron/+/88360718:53
opendevreviewMiro Tomaska proposed openstack/neutron master: [OVN][Migration] Enable settings backup subnet for NFS clients  https://review.opendev.org/c/openstack/neutron/+/86961319:18
« Thursday, 2023-05-18 Index Saturday, 2023-05-20 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!