Details
-
Bug
-
Status: Resolved
-
Resolution: Done
-
unspecified
-
None
-
None
-
Operating System: All
Platform: All
-
4971
Description
From: Suryanarayanan, Aswin <aswin.suryanarayanan@hpe.com>
Date: Thu, Jan 14, 2016 at 10:52 AM
Subject: RE: IT test for SG's is failing
To: Flavio Fernandes <ffernand@redhat.com>, Sam Hague <shague@redhat.com>
Cc: "Kenchappa, Ravindra" <ravindra.kenchappa@hpe.com>, isaku yamahata <isaku.yamahata@gmail.com>, "Gaddam, Sridhar" <sgaddam@redhat.com>, "Viswanatha, Badrinath" <badrinath_viswanatha@dell.com>
Yes Sam, as Flavio confirmed , l3 enabled check is not required for SG. We can move it outside the check. The cache as well needs to be outside.
Thanks
Aswin
From: Flavio Fernandes ffernand@redhat.com
Sent: Thursday, January 14, 2016 8:56 PM
To: Sam Hague
Cc: Suryanarayanan, Aswin; Kenchappa, Ravindra; isaku yamahata; Gaddam, Sridhar; Viswanatha, Badrinath
Subject: Re: IT test for SG's is failing
+Sridhar, Badri
On Thu, Jan 14, 2016 at 8:47 AM, Sam Hague <shague@redhat.com> wrote:
Including Flavio
Isaku, Flavio,
can you look at [2] and see if there is any issue with doing the Security Group stuff outside of the l3.enabled? That patch is breaking the NetvirtIT. Aswin also mentioned a concern about [1] so can you look at that also?
Hi Sam,
Yes, SG should not care whether ODL_L3=True or False.
When ODL_L3=True, one big difference is that there is no L3Agent used; which means that there are no OVS ports created
for the neutron router (only neutron ports). If SG uses rules that do not depend on OVS ports than it should be able to be agnostic
to the L3 stack being deployed.
We have had some cache added to NeutronL3Adapter.java code that makes me a little worried about this.
That [11] may need to be re-visited; and possible moved into SGImpl so it remains independent of ODL_L3.
– flavio
