[openstack-dev] [neutron] Deprecating old security groups code / RPC.
ihrachys at redhat.com
Thu Dec 4 14:19:15 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
> On Thursday, 4 de December de 2014 at 15:06, Miguel Ángel Ajo
>> During Juno, we introduced the enhanced security groups rpc
>> (security_groups_info_for_devices) instead of
>> (security_group_rules_for_devices), and the ipset functionality
>> to offload iptable chains a bit.
>> Here I propose to:
>> 1) Remove the old security_group_info_for_devices, which was left
>> to ease operators upgrade path from I to J (allowing running old
>> openvswitch agents as we upgrade)
>> Doing this we can cleanup the current iptables firewall driver a
>> bit from unused code paths.
>> I suppose this would require a major RPC version bump.
>> 2) Remove the option to disable ipset (now it’s enabled by
>> default and seems to be working without problems), and make it an
>> standard way to handle “IP” groups from the iptables
Is ipset support present in all supported distributions?
>> Best regards, Miguel Ángel Ajo
>> _______________________________________________ OpenStack-dev
>> mailing list OpenStack-dev at lists.openstack.org
>> <mailto:OpenStack-dev at lists.openstack.org>
> _______________________________________________ OpenStack-dev
> mailing list OpenStack-dev at lists.openstack.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
-----END PGP SIGNATURE-----
More information about the OpenStack-dev