[openstack-dev] [nova][neutron] Networks without subnets
Ben Nemec
openstack at nemebean.com
Fri Jul 11 22:36:37 UTC 2014
FWIW, I believe TripleO will need this if we're going to be able to do
https://blueprints.launchpad.net/tripleo/+spec/tripleo-on-openstack
Being able to have instances without IPs assigned is basically required
for that.
-Ben
On 07/11/2014 04:41 PM, Brent Eagles wrote:
> Hi,
>
> A bug titled "Creating quantum L2 networks (without subnets) doesn't
> work as expected" (https://bugs.launchpad.net/nova/+bug/1039665) was
> reported quite some time ago. Beyond the discussion in the bug report,
> there have been related bugs reported a few times.
>
> * https://bugs.launchpad.net/nova/+bug/1304409
> * https://bugs.launchpad.net/nova/+bug/1252410
> * https://bugs.launchpad.net/nova/+bug/1237711
> * https://bugs.launchpad.net/nova/+bug/1311731
> * https://bugs.launchpad.net/nova/+bug/1043827
>
> BZs on this subject seem to have a hard time surviving. The get marked
> as incomplete or invalid, or in the related issues, the problem NOT
> related to the feature is addressed and the bug closed. We seem to dance
> around actually getting around to implementing this. The multiple
> reports show there *is* interest in this functionality but at the moment
> we are without an actual implementation.
>
> At the moment there are multiple related blueprints:
>
> * https://review.openstack.org/#/c/99873/ ML2 OVS: portsecurity
> extension support
> * https://review.openstack.org/#/c/106222/ Add Port Security
> Implementation in ML2 Plugin
> * https://review.openstack.org/#/c/97715 NFV unaddressed interfaces
>
> The first two blueprints, besides appearing to be very similar, propose
> implementing the "port security" extension currently employed by one of
> the neutron plugins. It is related to this issue as it allows a port to
> be configured indicating it does not want security groups to apply. This
> is relevant because without an address, a security group cannot be
> applied and this is treated as an error. Being able to specify
> "skipping" the security group criteria gets us a port on the network
> without an address, which is what happens when there is no subnet.
>
> The third approach is, on the face of it, related in that it proposes an
> interface without an address. However, on review it seems that the
> intent is not necessarily inline with the some of the BZs mentioned
> above. Indeed there is text that seems to pretty clearly state that it
> is not intended to cover the port-without-an-IP situation. As an aside,
> the title in the commit message in the review could use revising.
>
> In order to implement something that finally implements the
> functionality alluded to in the above BZs in Juno, we need to settle on
> a blueprint and direction. Barring the happy possiblity of a resolution
> beforehand, can this be made an agenda item in the next Nova and/or
> Neutron meetings?
>
> Cheers,
>
> Brent
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
More information about the OpenStack-dev
mailing list