<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Fri, Jul 11, 2014 at 4:41 PM, Brent Eagles <span dir="ltr"><<a href="mailto:beagles@redhat.com" target="_blank">beagles@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Hi,<br>
<br>
A bug titled "Creating quantum L2 networks (without subnets) doesn't<br>
work as expected" (<a href="https://bugs.launchpad.net/nova/+bug/1039665" target="_blank">https://bugs.launchpad.net/nova/+bug/1039665</a>) was<br>
reported quite some time ago. Beyond the discussion in the bug report,<br>
there have been related bugs reported a few times.<br>
<br>
* <a href="https://bugs.launchpad.net/nova/+bug/1304409" target="_blank">https://bugs.launchpad.net/nova/+bug/1304409</a><br>
* <a href="https://bugs.launchpad.net/nova/+bug/1252410" target="_blank">https://bugs.launchpad.net/nova/+bug/1252410</a><br>
* <a href="https://bugs.launchpad.net/nova/+bug/1237711" target="_blank">https://bugs.launchpad.net/nova/+bug/1237711</a><br>
* <a href="https://bugs.launchpad.net/nova/+bug/1311731" target="_blank">https://bugs.launchpad.net/nova/+bug/1311731</a><br>
* <a href="https://bugs.launchpad.net/nova/+bug/1043827" target="_blank">https://bugs.launchpad.net/nova/+bug/1043827</a><br>
<br>
BZs on this subject seem to have a hard time surviving. The get marked<br>
as incomplete or invalid, or in the related issues, the problem NOT<br>
related to the feature is addressed and the bug closed. We seem to dance<br>
around actually getting around to implementing this. The multiple<br>
reports show there *is* interest in this functionality but at the moment<br>
we are without an actual implementation.<br>
<br>
At the moment there are multiple related blueprints:<br>
<br>
* <a href="https://review.openstack.org/#/c/99873/" target="_blank">https://review.openstack.org/#/c/99873/</a> ML2 OVS: portsecurity<br>
extension support<br>
* <a href="https://review.openstack.org/#/c/106222/" target="_blank">https://review.openstack.org/#/c/106222/</a> Add Port Security<br>
Implementation in ML2 Plugin<br>
* <a href="https://review.openstack.org/#/c/97715" target="_blank">https://review.openstack.org/#/c/97715</a> NFV unaddressed interfaces<br>
<br>
The first two blueprints, besides appearing to be very similar, propose<br>
implementing the "port security" extension currently employed by one of<br>
the neutron plugins. It is related to this issue as it allows a port to<br>
be configured indicating it does not want security groups to apply. This<br>
is relevant because without an address, a security group cannot be<br>
applied and this is treated as an error. Being able to specify<br>
"skipping" the security group criteria gets us a port on the network<br>
without an address, which is what happens when there is no subnet.<br>
<br>
The third approach is, on the face of it, related in that it proposes an<br>
interface without an address. However, on review it seems that the<br>
intent is not necessarily inline with the some of the BZs mentioned<br>
above. Indeed there is text that seems to pretty clearly state that it<br>
is not intended to cover the port-without-an-IP situation. As an aside,<br>
the title in the commit message in the review could use revising.<br>
<br>
In order to implement something that finally implements the<br>
functionality alluded to in the above BZs in Juno, we need to settle on<br>
a blueprint and direction. Barring the happy possiblity of a resolution<br>
beforehand, can this be made an agenda item in the next Nova and/or<br>
Neutron meetings?<br>
<br></blockquote><div>I think this is worth discussing. I've added this to the "Team Discussion Topics" section of the Neutron meeting [1] on 7-14-2014. I hope you can attend Brent!</div><div><br></div><div>
Thanks,</div><div>Kyle</div><div><br></div><div>[1] <a href="https://wiki.openstack.org/wiki/Network/Meetings#Team_Discussion_Topics">https://wiki.openstack.org/wiki/Network/Meetings#Team_Discussion_Topics</a></div><div> </div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
Cheers,<br>
<br>
Brent<br>
<br>
_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
</blockquote></div><br></div></div>