Hi,
> On 7 Mar 2020, at 18:45, Ignazio Cassano <ignaziocassano@gmail.com> wrote:
>
> Hello, I have queens installation based on centos7.
>
> Before implementing security groups logs, I had the following configuration in
> /etc/neutron/plugins/ml2/openvswitch_agent.ini:
>
> firewall_driver = iptables_hybrid
>
>
> Enabling security groups log I had to change it in :
>
> firewall_driver = openvswitch
>
>
> It seems to work end security logs are logged .
> After restarting kvm nodes and controllers, virtual machines do not live migrate.
> The firewall driver change could be the cause of my problem ?
Yes, In queens there wasn’t yet migration between various firewall drivers so that can be an issue. It should works fine since Rocky release with “multiple port bindings” feature.
> firewall_driver = openvswitch is mandatory for security groups log ?
Yes, logging isn’t supported by iptables_hybrid driver.
>
> Please, any help ?
>
>
> I cannot reproduce the problem rebooting all my nodes.
> I rebooted them because I hat to transfer from a rack to another.
>
> Ignazio
>
>
—
Slawek Kaplonski
Senior software engineer
Red Hat