15:04:44 #startmeeting Distributed virtual router 15:04:45 Meeting started Wed Jan 8 15:04:44 2014 UTC and is due to finish in 60 minutes. The chair is Swami. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:04:46 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:04:49 The meeting name has been set to 'distributed_virtual_router' 15:05:07 good. I don't have to say much this time, so I'll be a silent listener. unless something related to lbaas arises 15:05:09 Swami, hi 15:05:20 safchain: hi 15:05:45 safchain: I missed you in the conference call last week. Where you not able to dial. 15:06:17 unfortunately yes 15:06:44 safchain: did you get a chance to go over the google doc 15:07:21 Swami, not since two weeks 15:07:28 enikanorov: did you get a chance to go through the google doc. 15:07:42 Swami: not yet 15:07:52 safchain: ok, thanks, if you have any questions please let me know. 15:08:11 Swami, sure 15:08:55 Swami, great to see call flows 15:09:04 enikanorov: Since you are here, I have a basic question related to services such as Lbaas. On how it should operate in a distributed Router mode. 15:09:08 safchain: thanks 15:09:50 Swami, have you change something in the global design ? 15:09:55 enikanorov: What is your thought on centralizing the services versus distributed. 15:10:10 Swami: that's a good question. Currently we don't have loadbalancers that operate as routers themselves, so vip is always on the tenant network 15:10:21 safchain: what do you mean by global design. I don't think we have changed anything . 15:10:41 so if i understand correctly, virtual router stuff would affect association of the floating ip and the vip port 15:11:07 enikanorov: Yes you are right, I am not familiar with the LBass as you are. 15:11:18 safchain, I mean the design of the solution, type of routers, routing, etc 15:11:24 Swami, ^ 15:11:43 if talking about routed-mode loadbalancers things could be different, but we have not analyzed it yet, since we doesn't have such solution. 15:11:51 safchain: nothing has changed from our original design, but we have added more content and description. 15:12:36 in fact we have one (which is nicira's or VMWare NSX), but it relies on the nicira edge router, so I'm not sure distributed routers are applicable there 15:13:23 enikanorov: in the current LBaas service model, will the lbaas service be affected when we distribute the routers, because in this case each compute node will be having an external gateway and a related floating ip., where do you intend to have the lbaas service. 15:13:48 safchain: Did you have any details on your proposal for the north-south. 15:14:46 floating ip is a nat from gateway to the port on tenant network, in fact lbaas is even unaware of that 15:14:51 enikanorov: Yes in our design we don't have a concept of edge router, yes it makes our life easier when we a tenant has an edge router. 15:15:21 Swami, no, only the document linked on the bottom of yours 15:15:22 so for existing lbaas providers it doesn't matter how floating ips are maintained, because it is out of lbaas control 15:15:49 safchain: Yes it only had the picture but no other information, that's why I was curious to know if you had any other solution. 15:16:43 enikanorov: When we have external network connectivity from each and every compute node in a multihost scenario, where will the lbaas run 15:17:20 Swami, other than yours and mine, no, I could had some details to my document 15:17:31 that totally depends on lbaas provider. existing haproxy lbaas provider choses one of the hosts where lbaas agent runs 15:17:37 and starts haproxy there 15:18:07 Swami: another providers may use VMs to bring up the balancer 15:19:44 enikanorov: In the google doc, I have a picture at the end describing the services, you can take a look at it. 15:19:56 let me do it right now 15:20:10 link https://docs.google.com/document/d/1iXMAyVMf42FTahExmGdYNGOBFyeA4e74sAO3pvr_RjA/edit 15:20:59 Swami, I think one difference between the two designs is the API/CLI changes and of course all the routing things 15:22:54 safchain: Yes I since we are also considering the east-west we have that in place. the reason for adding the new EGA command is to utilize only single ip address in the compute nodes, otherwise each EGA will consume one IP address. How are you handling it? 15:23:29 can one maintain a single routed ip address for the distributed virtual router? Do we have to have one IP address per host? 15:24:48 shivh: hi 15:25:25 hi, interesting work you are doing. I was trying to see if we can use vip concepts here as well. 15:25:26 Swami, for north-south, the traffic goes through the "classical" l3 agent, only compute node having floating ip are directly connected to external network 15:25:47 shivh: We do have only one single routed ip address for all the routers that we have for distributed routers. But for external connectivity, if you enable a Gateway on each and every node, then each node will have a public ip address. 15:26:47 got it. my question is answered. thx. 15:28:42 safchain: When you say it uses the classical l3 agent, for normal external connectivity to the public network, does the tenat still use the gateway in the network node. 15:29:26 Swami, only if the tenant doesn't use any floating ip 15:30:05 safchain: ok, if the tenant uses floating ip for a particular VM, then how do you route the traffic. 15:30:11 Swami, if the tenant use one floating ip, the floating ip is scheduled on the compute node 15:31:00 Swami, what do you mean by "route the traffic" ? north-south or east-west ? 15:31:18 safchain: I meant north-south. 15:32:52 safchain: for the floating ip case, the traffic will get out from the compute node and all other VM traffic will then move through the network node external net. ( am I right). 15:33:13 Swami, no only this vm will use the floating ip 15:33:28 Swami, all others will use the current l3 15:33:33 safchain: ok thanks. 15:33:56 enikanorov: did you get a chance to look at the doc. 15:34:05 looking at it right now. 15:34:13 enikanorov; thanks. 15:35:17 safchain: The only issue that we see in our current model is how to tie the services network with the distributed network? 15:36:48 Swami, which services, fwaas, lbaas ? 15:36:56 Swami: i need to think about the scheme. at first glance it doesn't seem different from single router at which loadbalancer works (if we had such insertion mode for lb) 15:37:28 safchain: I was talking about the VPNaaS and LbaaS 15:38:02 enikanorov: thanks, think through that and I will chat with this week. 15:38:41 Swami: we'll have an lbaas meeting tomorrow at 14 utc on #openstack-meeting 15:38:52 i'll try to raise the discussion on this 15:39:01 enikanorov: Ok I will try to join, it is too early, but will try. 15:39:40 ok. i don't think it's required, probably such discussion is a bit premature since there are no plans to introduce routed lb for icehouse 15:40:03 but I'll let folks know about the bp and your design doc 15:40:08 safchain: I need to discuss the next steps. So if you have any concerns or questions on the doc, please send me your thoughts or ideas or proposals. 15:40:31 Swami, yes of course and I will update my doc 15:40:54 safchain: Also if you want to talk to me and understand more on the design we can have a session. 15:41:18 enikanorov: Thanks for your help. 15:41:32 Swami, sure, I will update the doc, I after I will ping you to discuss about it 15:41:34 no prob 15:41:40 ok, thanks 15:41:52 folks I need to drop off early today. 15:42:22 Swami, ok no prob 15:42:30 So I will end the discussion and if anything is required please, send me an email. Folks also don't wait for the meeting and if you have any questions feel free to send me. 15:42:42 Thanks for joining. 15:42:53 Thanks for organizing. 15:43:04 #info Next week I am planning to have a global design discussion. 15:43:19 Swami, thanks for the meeting 15:43:27 Thank you all. 15:43:41 #endmeeting