15:01:14 #startmeeting neutron_l3 15:01:16 Meeting started Thu Jun 21 15:01:14 2018 UTC and is due to finish in 60 minutes. The chair is mlavalle. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:01:17 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:01:17 hello 15:01:20 The meeting name has been set to 'neutron_l3' 15:01:49 hey manjeets 15:02:07 hi 15:02:33 hi 15:02:40 #topic Announcements 15:04:44 Please remember that the Rocky-3 milestone will be the week of July 23 - 27 15:05:07 so we have about 5 weeks left 15:05:40 Call for presentations for the Berlin Summit will be open until July 15th 15:06:09 any other announcements from the team? 15:06:40 ok, moving on 15:06:44 #topic Bugs 15:07:34 Before anything else, last week I took the action item of bringing this bug up in the FWaaS meeting: https://bugs.launchpad.net/neutron/+bug/1762454 15:07:35 Launchpad bug 1762454 in neutron "FWaaS: Invalid port error on associating ports (distributed router) to firewall group" [Medium,Triaged] - Assigned to Sridar Kandaswamy (skandasw) 15:07:44 which I did today 15:07:52 mlavalle: thanks 15:07:57 Sridar indicated he will be workng on it soon 15:08:13 mlavalle: nice 15:08:22 Swami: go ahead, please 15:08:25 ok 15:08:29 #link https://bugs.launchpad.net/neutron/+bug/1776984 15:08:29 Launchpad bug 1776984 in neutron "DVR: Self recover from the loss of 'fg' ports in FIP Namespace " [Medium,In progress] - Assigned to Swaminathan Vasudevan (swaminathan-vasudevan) 15:09:03 Patch is up for review. #link https://review.openstack.org/#/c/575562/ 15:09:21 But there is one question related to this bug. 15:10:06 I have seen some cases where the ovs_neutron_agent is not flagging an ovs port as an active port, in this case it is the 'fg' port. 15:10:41 Should the 'fg' port always be associated with an internal bridge of name 'br-int'? 15:12:10 #link https://github.com/openstack/neutron/blob/master/neutron/plugins/ml2/drivers/openvswitch/agent/ovs_neutron_agent.py#L1531 15:13:03 I am seeing this error in Pike, not sure if this was due to the removal of the br-ex bridge. 15:13:20 mlavalle: haleyb: Do you have any idea. 15:13:55 but it mostly works in the integration bridge, right? 15:14:21 mlavalle: yes 15:14:41 I think we should contnue on that path 15:14:51 ok. 15:14:57 and determine why the port is not found on some situations 15:15:38 is this happening in check / gate jobs 15:15:39 ? 15:16:25 mlavalle: The problem is the port is getting added to the external-bridge, but it is not getting initialized since it is not part in br-int. So I don't remember exactly how it used to be. Was it part of br-ex and now it has been moved to br-int or it always used to be in br-int 15:16:43 mlavalle: no it is happening in Pike in our internal setup. 15:17:11 Swami: hmm, i don't remember if it's always been that way 15:17:11 mlavalle: The fip namespace has the 'fg' port configured and set, but since the internal ovs port is not active it fails 15:17:52 haleyb: mlavalle: ok thanks, I will do some more investigation on why it failed. 15:18:23 haleyb: Ok, in that circumstance, do we need to fix anything in the l3 agent to take care of the internal failure. 15:19:37 Because today we only check the 'fg' port and fipnamespace and 'fpr' port within the namespace. 15:20:44 haleyb: Shouldn't the 'fg.device.exists() tell us that the ovs port underneath is not ACTIVE or dead. Since it has a vlan tag of 4095. 15:21:16 Swami: if it's there but tag 4095 i think exists() will be True 15:21:28 that's just an ip link type check right? 15:21:35 mlavalle: haleyb: Yes that is what we are seeing. 15:22:14 haleyb: ok, I will discuss this further in the channel. Just giving a heads up on this. 15:22:21 ack 15:22:30 buwhat do we do with the patch in Gerrit 15:22:37 hold it off? 15:23:09 mlavalle: we can allow this patch to merge. 15:23:17 ok 15:23:31 mlavalle: This solves the purpose when the 'fg' port in not there or was accidentally deleted. 15:23:52 mlavalle: The one that I was discussing is little different since the 'fg' port is there but not active. 15:24:00 yeap 15:24:23 #link https://bugs.launchpad.net/neutron/+bug/1761591 15:24:24 Launchpad bug 1761591 in neutron "[dvr] enable_snat attribute is ignored - centralized snat port gets created" [Undecided,New] 15:25:31 I looked at this bug. It seems that there might be an issue with the SNAT iptable rule handling in the SNAT namespace based on enable_snat. 15:26:05 I will update the bug on the findings and will address first handling of the enable_snat. 15:27:23 #link https://bugs.launchpad.net/neutron/+bug/1753434 15:27:24 Launchpad bug 1753434 in neutron "Unbound ports floating ip not working with address scopes in DVR HA " [Medium,Confirmed] - Assigned to Miguel Lavalle (minsel) 15:28:05 I have not triaged this bug yet. I will triage this bug and update my findings in there. 15:28:25 mlavalle: that's all I had for today. Back to you 15:28:35 Thanks Swami 15:29:05 First one is https://bugs.launchpad.net/neutron/+bug/1757482 15:29:06 Launchpad bug 1757482 in neutron "IP address for a router interface allowed outside the allocation range of subnet" [High,In progress] - Assigned to Miguel Lavalle (minsel) 15:29:37 Proposed fix for it is here: https://review.openstack.org/#/c/575444/ 15:29:50 I think it is good to go 15:30:14 mlavalle: ack, will look 15:30:19 Addressed some comments from slaweq, who +2ed it earlier today 15:31:22 I have come back to https://bugs.launchpad.net/neutron/+bug/1766701 15:31:23 Launchpad bug 1766701 in neutron "Trunk Tests are failing often in dvr-multinode scenario job" [High,Confirmed] - Assigned to Miguel Lavalle (minsel) 15:32:09 I have a test patch here https://review.openstack.org/#/c/571043 15:32:22 Thanks to haleyb for his comments. 15:32:29 Yeah, it makes sense 15:32:44 we re assuming the devices start with e 15:33:07 earlier today I have resorted to test the command line piece by piece 15:33:24 and will continue today with that 15:33:38 Hope to update the patch soon 15:34:13 might ping haleyb in the channel 15:34:24 i'm still here :) 15:34:28 That's all I have 15:34:39 any other bugs we should discuss today? 15:35:42 ok, moving on 15:35:50 #topic Openflow DVR 15:36:41 haleyb took a look at https://review.openstack.org/#/c/472289/ 15:36:44 Thanks 15:36:57 anything you might want to highlight from your review? 15:37:26 there was a lot of code duplication from what i could tell 15:37:59 he will be off until the week of July 5th 15:38:14 I will take alook also before he comes back 15:38:27 moving on.... 15:38:36 #topic Port forwarding 15:39:05 There is a series of four patches that start here: https://review.openstack.org/#/c/535647 15:39:13 3 for the server and one for the agent 15:39:19 they are passing zuul 15:39:33 so please take a look when you have a chance 15:40:22 #topic Open Agenda 15:40:32 Anything else to disucss today? 15:41:09 mlavalle: haleyb: Do any of you have a working 'devstack' local.conf file for the current master branch. I have some issues with mine 15:41:37 Swami: I have a vagrant script for DVR. would that help? 15:41:43 If you have can you share. 15:41:45 Swami: yes, i have one, basically i took the sample and added just two lines i think 15:41:50 mlavalle: Sure that would help. 15:41:59 i usually steal from gate job logs 15:42:02 lol 15:42:05 haleyb: yes, can you paste it in pastebin. 15:42:26 Swami: https://github.com/miguellavalle/dvrvagrant 15:42:36 I have an update for it in my local system 15:42:48 give me an hour and I'll push the update 15:42:56 mlavalle, ok thanks 15:43:21 don't pay attention to the readme. it is for a routed networks config 15:43:36 ok 15:43:41 although must of it is still applicable 15:44:03 Swami: cp samples/local.conf .; edit and add PUBLIC_INTERFACE=$your_interface and Q_DVR_MODE=dvr_snat 15:44:06 I will try to update it soon 15:44:27 i don't set any other flags and let the scripts do it 15:44:41 haleyb: ok thanks will do. 15:44:47 as the default sometimes change and break things 15:45:39 anything else today? 15:46:01 ok 15:46:08 thanks for attending 15:46:19 Enjoy the World Cup! 15:46:30 #endmeeting