Sorry, adding [neutron] to the subject. Miguel Ángel Ajo
On Thursday, 4 de December de 2014 at 15:06, Miguel Ángel Ajo wrote: > > > During Juno, we introduced the enhanced security groups rpc > (security_groups_info_for_devices) instead of > (security_group_rules_for_devices), > and the ipset functionality to offload iptable chains a bit. > > > Here I propose to: > > 1) Remove the old security_group_info_for_devices, which was left to ease > operators upgrade > path from I to J (allowing running old openvswitch agents as we upgrade) > > Doing this we can cleanup the current iptables firewall driver a bit from > unused code paths. > > > I suppose this would require a major RPC version bump. > > 2) Remove the option to disable ipset (now it’s enabled by default and seems > to be working without problems), and make it an standard way to handle “IP” > groups > from the iptables perspective. > > > Thoughts?, > > Best regards, > Miguel Ángel Ajo > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org (mailto:OpenStack-dev@lists.openstack.org) > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > >
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
