#openstack-meeting-alt log

13:02:02 <irenab> #startmeeting pci_passthrough
13:02:03 <openstack> Meeting started Tue Jul  8 13:02:02 2014 UTC and is due to finish in 60 minutes.  The chair is irenab. Information about MeetBot at http://wiki.debian.org/MeetBot.
13:02:04 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
13:02:06 <openstack> The meeting name has been set to 'pci_passthrough'
13:02:39 <irenab> hi all
13:02:43 <rpothier> hi
13:02:59 <sadasu> hi
13:03:29 <sadasu> I think baoli would not be able to attend today
13:03:45 <irenab> Is there anything specific someone wants to discuss?
13:04:24 <irenab> sadasu: good progress on the spec
13:04:50 <sadasu> irenab: thanks! more minor comments trickling in...
13:05:08 <irenab> I have a question regarding nova side patches
13:05:18 <heyongli> intel nic.no interface to control per vf up down from host
13:05:31 <sadasu> while we are waiting, I wanted to discuss security groups in the Sr-IOV case
13:05:52 <irenab> heyongli: thanks, will keep in mind
13:05:57 <sadasu> irenab: go ahead...we'll take up my question next
13:06:38 <sadasu> heyongli: thanks...good to know
13:06:48 <irenab> we now use baoli POC to make a progress with neutron part
13:07:10 <irenab> is all nova patches are out for review to take them instead?
13:07:35 <irenab> POC is old and need to rebase
13:07:58 <irenab> sadasu: how do you integrate with nova for now?
13:08:46 <sadasu> I just started to use the patches posted for review
13:09:29 <sadasu> integrated with my changes yesterday...haven't tested yet
13:09:48 <irenab> sadasu: there are 2 patches as far as I know, one from rpothier and one from baoli. Is it all that needed?
13:09:53 <heyongli> sadasu what is the topic of.the patch set ?
13:10:33 <sadasu> rpothier or I would be able to give you the complete patches
13:10:41 <rpothier> no, the patches are not complete
13:11:15 <heyongli> how about the.progress?
13:11:28 <irenab> heyongli:  #link https://review.openstack.org/#/q/status:open+project:openstack/nova+branch:master+topic:bp/pci-passthrough-sriov,n,z
13:11:55 <irenab> rpothier: so there is no complete support out there for nova Sr-IOV part, right?
13:12:10 <rpothier> right,
13:12:11 <heyongli> thanks i kown this sets
13:12:39 <sadasu> heyongli: talking about the existing patches & if they are complete for neutron testing
13:13:15 <irenab> sadasu: please let me know if you will be able to use new patches for work or need minor additions
13:13:36 <irenab> rporthier: what is still missing? VIF Driver?
13:13:36 <sadasu> irenab: do you want us to pass along the complete set of patches so u can proceed?
13:13:52 <irenab> sadsu: yes, it will be great
13:14:28 <heyongli> i also want a copy
13:14:45 <irenab> sadasu: working with POC complicates a lot, also need for CI
13:15:16 <sadasu> irenab: exactly, thats why I grabbed these patches but haven't used them a lot
13:16:45 <irenab> sadasu: what ever waork for you, will be glad to get
13:17:27 <sadasu> irenab: ok
13:17:53 <sadasu> irenab: is your question answered?
13:18:46 <irenab> sadasu: yes :-).  Once get all nova patches will be OK
13:18:59 <irenab> sadsu: what is your question?
13:19:52 <sadasu> how does your ML2 driver support security groups?
13:20:56 <irenab> sadasu: no
13:21:23 <irenab> sadsu: it declairs that it does not support and runs with Noop Driver on agent side
13:21:45 <sadasu> this seems to be a big sticking point in my BP spec review
13:22:51 <irenab> I saw the comment. I think it is expected to be mentionedin the spec that it does not support, and not fail for API calls
13:23:30 <sadasu> it is mentioned in the spec that sec grps are not supported...but they are looking for an alternative
13:23:47 <irenab> for my understanding it should be possible to have MD that does not support security groups, it is extension
13:24:22 <sadasu> that was my understanding too until I got a comment this morning saying that it is not optional
13:24:54 <sadasu> how does the noop firewall driver interact with your agent?
13:25:38 <irenab> sadasu: The noop firewall driver is defined on the agent side
13:26:34 <irenab> on the MD side, I declare vif_details={portbindings.CAP_PORT_FILTER: False}
13:28:22 <irenab> sadasu: Do you have more concerns on this?
13:28:33 <sadasu> yes, agreed...I guess I have to go figure out the exactly functionality provided by the noop firewall driver
13:29:06 <sadasu> I was looking for information on how the firewall driver interacts with your agent...
13:29:48 <irenab> not having sevurity groups on SR-IOV port is also required for NFV, so we have use case that needs it
13:30:34 <irenab> there is some which is quite critical for both our MDs : #link https://bugs.launchpad.net/neutron/+bug/1338202
13:30:35 <uvirtbot> Launchpad bug 1338202 in neutron "ML2 plugin update_port changes binding:profile when not changed" [Undecided,Confirmed]
13:31:39 <irenab> sadsu: sorry, I moved to another topic. Do you have questions on security groups for our MD?
13:32:15 <sadasu> irenab: not for now...go ahead
13:32:54 <irenab> so the bug I mentioned, seems to clear binding:profile for any port update API call
13:33:23 <irenab> which causes port to try to bind again and to fail, since no profile is present any more
13:33:48 <irenab> I think that I know how to fix, will work on this ASAP
13:34:47 <sadasu> irenab: I think this port_update is used when VM is migrated to a diff host
13:35:02 <sadasu> we need to check with Bob Kukura before proceeding with the fix
13:35:26 <irenab> admin/tenant can call port-update API, and even if nothing is changed, it will clear profile content (till bug is fixed)
13:35:54 <irenab> since we canot prevent api calls for this, seems to me as critical
13:36:25 <sadasu> got it. yes, seems critical
13:36:30 <irenab> sadsu: agree, could not catch rkukura on irc
13:36:51 <irenab> will try to attend ML2 meeting this week to discuss
13:37:06 <sadasu> ok
13:39:12 <irenab> any other topics to discuss?
13:40:27 <irenab> when do you expect the rest of nova patches to land?
13:41:49 <rpothier> I hope to get a second patch this week.
13:42:31 <irenab> rpothier: this is the one that completes the nova side, or there is more?
13:43:03 <rpothier> still more.
13:43:16 <irenab> rpothier: thanks
13:43:19 <rpothier> my first patch can get merged without affecting anything
13:44:41 <irenab> rpothier: I am looking for nova side patches to use to integrate internally the neutron part
13:45:22 <irenab> I guess what is working for sadasu, will work for me as well
13:46:02 <sadasu> irenab: haven't tested, just patched...willl pass them along anyways
13:46:55 <irenab> sadsu: Thanks!
13:47:00 <irenab> any other topics to discuss or shall we finish earlier?
13:47:25 <sadasu> I don't have any more topics
13:47:33 <irenab> me too
13:48:21 <irenab> sadsu: I'll folow your spec review for security groups decision
13:48:26 <yongli> me neither
13:48:37 <yongli> any neutron patch released?
13:48:46 <yongli> could we get a link here?
13:49:14 <irenab> yeongli: hope tomorrow,  adding few more unit tests
13:49:41 <yongli> thanks, drag me to the reviewer list, please
13:50:08 <irenab> yongli: sure
13:50:24 <irenab> thank you all.
13:50:25 <irenab> #endmeeting