Hi all,
I'm trying to use the Nova XenAPI driver with Neutron (Open vSwitch with
VLAN). After many attempts, I managed to make it work using the
NoopFirewallDriver firewall_driver for security groups (which means,
well, no security). With the OVSHybridIptablesFirewallDriver driver, the
OVS agent running on the compute node won't configure the flows on the
OVS ports.
I noticed that the XenAPI plugin [1] doesn't manage standard input which
seems to be a blocker for running the iptables-save and iptables-restore
commands [2]. Some work has been done in the past for nova-network [3]
and I guess that something similar should be implemented for Neutron.
Am I right? If yes, I'd be happy to open a bug (or blueprint?).
Best regards,
[1]
https://github.com/openstack/neutron/blob/master/neutron/plugins/openvswitch/agent/xenapi/etc/xapi.d/plugins/netwrap
[2]
https://github.com/openstack/neutron/blob/master/neutron/agent/linux/iptables_manager.py#L346
[3] https://review.openstack.org/#/c/2071
--
Simon Pasquier
Software Engineer
Bull, Architect of an Open World
Phone: + 33 4 76 29 71 49
http://www.bull.com
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev