Difference between revisions of "Meetings/ML2"
< Meetings
(→Meeting Dec 11, 2013) |
(→Meeting Dec 11, 2013) |
||
Line 11: | Line 11: | ||
** blueprint ovs-firewall-driver: progress and technical discussion | ** blueprint ovs-firewall-driver: progress and technical discussion | ||
*** purpose | *** purpose | ||
− | *** openvswitch statelessness and security groups frontend API and DB | + | *** openvswitch statelessness and security groups frontend API and DB: https://etherpad.openstack.org/p/ovs-firewall-driver-stateless-2 |
*** ovs_neutron_agent nuances: | *** ovs_neutron_agent nuances: | ||
**** (1) firewall invoked before agent does anything in C[R]UD operations | **** (1) firewall invoked before agent does anything in C[R]UD operations |
Revision as of 15:59, 11 December 2013
Weekly on Wednesdays at 1600 UTC on #openstack-meeting-alt
Contents
Agenda
Meeting Dec 11, 2013
- Action items from last week:
- mestery: Setup etherpad for multi-node Tempest testing
- Development discussions:
- blueprint ovs-firewall-driver: progress and technical discussion
- purpose
- openvswitch statelessness and security groups frontend API and DB: https://etherpad.openstack.org/p/ovs-firewall-driver-stateless-2
- ovs_neutron_agent nuances:
- (1) firewall invoked before agent does anything in C[R]UD operations
- (2) agent removes all flows at initialization
- (3) not sure about ovs having atomicity like iptables-restore has (all connections might be dropped/allowed)
- if extra time, quickly mention:
- working on adding IPv6 flows
- working on adding multiple ports in range (try port bitmask or N flows per N ports?)
- of course, need to add unit/integration tests; if someone wants to help on integration tests, that would be good if that's possible
- neutron-rootwrap-xen-dom0 bugs: https://bugs.launchpad.net/neutron/+bug/1185872/comments/3, https://bugs.launchpad.net/neutron/+bug/1259748
- other network types: should work as-is since the tunnel OVS flows just pass it to the integration bridge where firewall flows live, but test environment not setup to do so
- table, priority coordination: ok for now to be hard-coded in Neutron, but will need an abstraction in the future possibly
- blueprint ovs-firewall-driver: progress and technical discussion
Meeting Dec 4, 2013
- Action items from last week:
- mestery: follow up with the ci team to determine if multi-node testing can be performed in the gate.
- asomya: provide review comments for TypeDriver patch from ZangMingJie.
- Development issues
- VLAN availability issue during delete_port_postcommit()
- Testing
- Additional unit tests needed
- Multi-node devstack based gate testing
- Tempest tests
- Scenario tests around ML2+LinuxBridge
- Scenario tests around ML2+L2 Population
- Scenario tests around ML2+OpenDaylight (coming soon)
- Vendor Tempest testing discussion for MechanismDrivers
- Revisit "Modular L2 TypeDriver extra port information"
Previous Agenda
- ML2 Sessions Etherpads from Icehouse summit:
- Extensibility of ML2 (Wednesday 4:40PM): https://etherpad.openstack.org/p/ML2_Extensibility
- ML2 QoS and Deprecated Plugin Migration (Wednesday 5:30PM): https://etherpad.openstack.org/p/neutron-qos-hk and https://etherpad.openstack.org/p/ML2_Deprecated_Plugin_Migration
- ML2 Multiple Backend Support (Friday 9:50AM)
- ML2 Mechanism Drivers and Modular Agents (Friday 1:30PM)
- devstack ML2 patches
- Default devstack to ML2: https://bugs.launchpad.net/devstack/+bug/1220745
- Correctly set L3 service plugin for ML2: https://review.openstack.org/#/c/48522/
- Documentation
- Need to focus on this now
- Documentation BP link: https://blueprints.launchpad.net/openstack-manuals/+spec/neutron-ml2-docs
- ML2 documentation bugs link: https://bugs.launchpad.net/openstack-manuals/+bugs?field.tag=ml2
- Need to document ML3 with ML2
- Testing and bug fixes
- Testing of ML2 by everyone would be appreciated
- We need to find and fix any bugs in the next couple of weeks
- Icehouse Design Summit Topic ideas
- RPC handling in ML2 for Type and Mechanism Drivers
- More extensible TypeDrivers for controller-based MechanismDrivers
- Monolithic Plugin vs. ML2 MechanismDriver - current and future plugins
- Future Directions for ML2 (orchestration, deployment, management, ...)
- Migration from deprecated Plugins (openvswitch, linuxbridge) to ML2 - automation?
- Add support for VXLAN multicast to the OVS agent with newer versions of OVS and Linux kernel.
- Multi-segment provider network implementations in MechanismDrivers, specifically OVS.
- Additional provider network attributes for controller-based plugins such as ODL for networks created outside of Neutron.
Icehouse ML2 work for reference
- ML2 TypeDriver Extra Port Info
- Campus Network Blueprint and ML2 integration
- OpenDaylight Driver
Questions?
Previous Meeting Logs
- Available here: ML2 Meeting Logs
General ML2 Information
Here are the current ml2-specific blueprints for havana:
- https://blueprints.launchpad.net/quantum/+spec/ml2-gre
- https://blueprints.launchpad.net/quantum/+spec/ml2-mechanism-drivers
- https://blueprints.launchpad.net/quantum/+spec/ml2-portbinding
- https://blueprints.launchpad.net/quantum/+spec/ml2-vxlan
- https://blueprints.launchpad.net/quantum/+spec/ml2-multi-segment-api
These tunnel-related blueprints effect the openvswitch and/or
linuxbridge agents, and the features should also (or exclusively) be
supported (using both agents simultaneously where applicable) by the ml2
plugin:
- https://blueprints.launchpad.net/quantum/+spec/ovs-vxlan-lisp-tunnel
- https://blueprints.launchpad.net/quantum/+spec/openvswitch-kernel-vxlan
- https://blueprints.launchpad.net/quantum/+spec/vxlan-linuxbridge
- https://blueprints.launchpad.net/quantum/+spec/ovs-tunnel-partial-mesh
- https://blueprints.launchpad.net/quantum/+spec/l2-population
These blueprints involve the ml2 MechanismDriver API: