[openstack-dev] [Neutron] Group Based Policy and the way forward

Kyle Mestery mestery at mestery.com
Wed Aug 6 12:28:11 UTC 2014 

On Wed, Aug 6, 2014 at 3:11 AM, Aaron Rosen <aaronorosen at gmail.com> wrote:
>
>
>
> On Wed, Aug 6, 2014 at 12:59 AM, Gary Kotton <gkotton at vmware.com> wrote:
>>
>>
>>
>> From: Aaron Rosen <aaronorosen at gmail.com>
>> Reply-To: OpenStack List <openstack-dev at lists.openstack.org>
>> Date: Wednesday, August 6, 2014 at 10:09 AM
>>
>> To: OpenStack List <openstack-dev at lists.openstack.org>
>> Subject: Re: [openstack-dev] [Neutron] Group Based Policy and the way
>> forward
>>
>>
>> On Tue, Aug 5, 2014 at 11:18 PM, Gary Kotton <gkotton at vmware.com> wrote:
>>>
>>>
>>>
>>> On 8/5/14, 8:53 PM, "Russell Bryant" <rbryant at redhat.com> wrote:
>>>
>>> >On 08/05/2014 01:23 PM, Gary Kotton wrote:
>>> >> Ok, thanks for the clarification. This means that it will not be done
>>> >> automagically as it is today ­ the tenant will need to create a
>>> >> Neutron
>>> >> port and then pass that through.
>>> >
>>> >FWIW, that's the direction we've wanted to move in Nova anyway.  We'd
>>> >like to get rid of automatic port creation, but can't do that in the
>>> >current stable API.
>>>
>>> Can you elaborate on what you mean here? What are the issues with port
>>> creation?
>>>
>>
>> Having nova-compute create ports for neutron is problematic if timeouts
>> occur between nova and neutron as you have to garbage collect neutron ports
>> in nova to cleanup (which was the cause of several bug in the cache handing
>> allowing ports to leak into the info_cache in nova).  Pushing this out to
>> the tenant is less orchestration nova has to do.
>>
>> [gary] my take on this is that we should allocate this via the n-api and
>> not via the nova compute (which is far too late in the process. But that is
>> another discussion :)
>
>
> I agree, I had actually proposed this here:
> https://blueprints.launchpad.net/nova/+spec/nova-api-quantum-create-port
> :),   though there are some issues we need to solve in neutron first --
> allowing the mac_address on the port to be updated in neutron. This is
> required for bare metal support as when the port is created we don't know
> which physical mac will need to be mapped to the port.
>>
Looks like someone has proposed a patch which does just that, please
have a look below:

https://review.openstack.org/#/c/112129/

>>
>>> >
>>> >--
>>> >Russell Bryant
>>> >
>>> >_______________________________________________
>>> >OpenStack-dev mailing list
>>> >OpenStack-dev at lists.openstack.org
>>> >http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>>
>>> _______________________________________________
>>> OpenStack-dev mailing list
>>> OpenStack-dev at lists.openstack.org
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>

More information about the OpenStack-dev mailing list