[openstack-dev] [nova][neutron] Networks without subnets

Ben Nemec openstack at nemebean.com
Fri Jul 11 22:36:37 UTC 2014


FWIW, I believe TripleO will need this if we're going to be able to do
https://blueprints.launchpad.net/tripleo/+spec/tripleo-on-openstack

Being able to have instances without IPs assigned is basically required
for that.

-Ben

On 07/11/2014 04:41 PM, Brent Eagles wrote:
> Hi,
> 
> A bug titled "Creating quantum L2 networks (without subnets) doesn't
> work as expected" (https://bugs.launchpad.net/nova/+bug/1039665) was
> reported quite some time ago. Beyond the discussion in the bug report,
> there have been related bugs reported a few times.
> 
> * https://bugs.launchpad.net/nova/+bug/1304409
> * https://bugs.launchpad.net/nova/+bug/1252410
> * https://bugs.launchpad.net/nova/+bug/1237711
> * https://bugs.launchpad.net/nova/+bug/1311731
> * https://bugs.launchpad.net/nova/+bug/1043827
> 
> BZs on this subject seem to have a hard time surviving. The get marked
> as incomplete or invalid, or in the related issues, the problem NOT
> related to the feature is addressed and the bug closed. We seem to dance
> around actually getting around to implementing this. The multiple
> reports show there *is* interest in this functionality but at the moment
> we are without an actual implementation.
> 
> At the moment there are multiple related blueprints:
> 
> * https://review.openstack.org/#/c/99873/ ML2 OVS: portsecurity
>   extension support
> * https://review.openstack.org/#/c/106222/ Add Port Security
>   Implementation in ML2 Plugin
> * https://review.openstack.org/#/c/97715 NFV unaddressed interfaces
> 
> The first two blueprints, besides appearing to be very similar, propose
> implementing the "port security" extension currently employed by one of
> the neutron plugins. It is related to this issue as it allows a port to
> be configured indicating it does not want security groups to apply. This
> is relevant because without an address, a security group cannot be
> applied and this is treated as an error. Being able to specify
> "skipping" the security group criteria gets us a port on the network
> without an address, which is what happens when there is no subnet.
> 
> The third approach is, on the face of it, related in that it proposes an
> interface without an address. However, on review it seems that the
> intent is not necessarily inline with the some of the BZs mentioned
> above. Indeed there is text that seems to pretty clearly state that it
> is not intended to cover the port-without-an-IP situation. As an aside,
> the title in the commit message in the review could use revising.
> 
> In order to implement something that finally implements the
> functionality alluded to in the above BZs in Juno, we need to settle on
> a blueprint and direction. Barring the happy possiblity of a resolution
> beforehand, can this be made an agenda item in the next Nova and/or
> Neutron meetings?
> 
> Cheers,
> 
> Brent
> 
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> 




More information about the OpenStack-dev mailing list