[Expired for neutron because there has been no activity for 60 days.]
** Changed in: neutron
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1245809
Title:
Security groups cannot be used with XenAPI + OVS plugin
Status in neutron:
Expired
Bug description:
When using the Nova XenAPI driver with Neutron (Open vSwitch with
VLAN), it is not possible to use another firewall_driver than
NoopFirewallDriver ([SECURITYGROUP] section of the plugin
configuration file). With the OVSHybridIptablesFirewallDriver driver,
the OVS agent running on the compute node won't configure the flows on
the OVS ports.
The XenAPI plugin [1] doesn't manage standard input which seems to be
a blocker for running the iptables-save and iptables-restore commands
[2]. Some work has been done in the past for nova-network [3] and I
guess that something similar should be implemented for Neutron.
[1]
https://github.com/openstack/neutron/blob/master/neutron/plugins/openvswitch/agent/xenapi/etc/xapi.d/plugins/netwrap
[2]
https://github.com/openstack/neutron/blob/master/neutron/agent/linux/iptables_manager.py#L346
[3] https://review.openstack.org/#/c/2071
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1245809/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
