does it require bp or bug report to submit oslo.concurrency patch ?
On Wed, Sep 3, 2014 at 7:15 PM, Davanum Srinivas wrote:
> Zang MingJie,
>
> Can you please consider submitting a review against oslo.concurrency?
>
>
> http://git.openstack.org/cgit/openstack/oslo.con
Hi all:
currently oslo provides lock utility, but unlike other languages, it is
class lock, which prevent all instances call the function. IMO, oslo should
provide an instance lock, only lock current instance to gain better
concurrency.
I have written a lock in a patch[1], please consider pick it
I don't like the idea that uses bind9 views to split networks, due to
follow reasons:
the designate may not or hard to know the router's public address
non-router may exist for some isolate networks
there is no routes in our dhcp namespace currently
I suggest run one bind9 instance for each netwo
Rohon wrote:
> Hi Zang,
>
> On Wed, Jul 16, 2014 at 4:43 PM, Zang MingJie wrote:
>> Hi, all:
>>
>> While resolving ovs restart rebuild br-tun flows[1], we have found
>> several l2pop problems:
>>
>> 1. L2pop is depending on agent_boot_time to decide wh
Hi, all:
While resolving ovs restart rebuild br-tun flows[1], we have found
several l2pop problems:
1. L2pop is depending on agent_boot_time to decide whether send all
port information or not, but the agent_boot_time is unreliable, for
example if the service receives port up message before agent
Hi:
We are encountered the same problem here. some of our ovs-agent
haven't received any fdb entry after a restart
To solve the problem I'm going to add a rpc call to l2pop mechanism
driver, when triggered, the l2pop send all fdb entries to the agent.
The agent call the driver while starting.
On
Although the SNAT DVR has some trade off, I still think it is
necessary. Here is pros and cons for consideration:
pros:
save W-E bandwidth
high availability (distributed, no single point failure)
cons:
waste public ips (one ip per compute node vs one ip per l3-agent, if
double-SNAT implemented)
it would be better to make the range increase dynamic, instead of create
all entries at initialize.
for example, if vxlan range 1~1M is configured, only initialize 1~1K, when
it has been used up, extend the range to 1K~2K, and so on.
___
OpenStack-dev ma
router). At that point
> you might as well give each VM a floating IP.
>
> Hence the approach taken with the initial DVR implementation is to keep
> default SNAT as a centralized service.
>
> - Jack
>
>> -Original Message-
>> From: Zang MingJie [mailto:zealot
lementation still active ? I haven't seen it has been
touched for a while
>
> yong sheng gong
>
>
> On Wed, Jun 25, 2014 at 4:30 PM, Zang MingJie wrote:
>>
>> Hi:
>>
>> In current DVR design, SNAT is north/south direction, but packets have
>> to go we
public ips, in trade of
introducing a single failure point, and limiting the bandwidth of the
network node. If the SNAT performance problem can be solved, I'll
encourage people to use SNAT over floating ips. unless the VM is
serving a public service
--
Zang Mi
Hi:
I don't like the idea of ResourceDriver and AgentDriver. I suggested
use a singleton worker thread to manager all underlying setup, so the
driver should do nothing other than fire a update event to the worker.
The worker thread may looks like this one:
# the only variable store all local sta
Hi:
Awesome! Currently we are suffering lots of bugs in ovs-agent, also
intent to rebuild a more stable flexible agent.
Taking the experience of ovs-agent bugs, I think the concurrency
problem is also a very important problem, the agent gets lots of event
from different greenlets, the rpc, the ov
On Thu, May 29, 2014 at 6:57 AM, Nachi Ueno wrote:
> Hi Zang
>
> Since, SSL-VPN for Juno bp is approved in neturon-spec,
> I would like to restart this work.
> Could you share your code if it is possible?
> Also, Let's discuss how we can collaborate in here.
Currently We are running havana branch
collect port statistics for analysis.
Look for suggestion
Regards
--
Zang MingJie
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
+1 to implement a modular framework where user can choose whether to
use barbican or sqldb
On Fri, May 2, 2014 at 4:28 AM, John Wood wrote:
> Hello Samuel,
>
> Just noting that the link below shows current-state Barbican. We are in the
> process of designing SSL certificate support for Barbican v
Hi all:
Currently I'm working on ssl vpn, based on patchsets by Nachi[1] and Rajesh[2]
There are secure issues pointed by mark, that ssl private keys are
stored plain in database and in config files of vpn-agents. As
Barbican is incubated, we can store certs and their private keys in
Barbican. Bu
On Thu, Apr 17, 2014 at 8:07 PM, Eugene Nikanorov
wrote:
> Hi Zang,
>
> 1.
>> so the tags is totally useless, and I suggest replace tags by provider
>> name/uuid. It is much more straightforward and easier.
> Funny thing is that the goal of flavor framework is directly opposite.
> We need to hide
Hi Eugene:
I have several questions
1. I wonder if tags is really needed. for example, if I want a ipsec
vpn, I'll define a flavor which is directly refer to ipsec provider.
If using current design, almost all users will end up creating flavors
like this:
ipsec tags=[ipsec]
sslvpn tags=[sslvpn]
Hi all,
I found my ovs-agent has missed some tunnels on br-tun. I have l2-pop
enabled, if some fdb entries is added while the agent is down, can it be
added back once the agent is back ?
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
ht
ack.org/#/c/37893/
--
Zang MingJie
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
n't be wildcard, maybe I just hit an
ovs bug.
> Édouard.
>
> On Fri, Nov 29, 2013 at 1:11 PM, Zang MingJie
> wrote:
> > On Fri, Nov 29, 2013 at 2:25 PM, Jian Wen
> wrote:
> >> I don't think we can implement a stateful firewall[1] now.
> >
> >
On Fri, Nov 29, 2013 at 2:25 PM, Jian Wen wrote:
> I don't think we can implement a stateful firewall[1] now.
I don't think we need a stateful firewall, a stateless one should work
well. If the stateful conntrack is completed in the future, we can
also take benefit from it.
>
> Once connection t
.
First, determine whether my solution is acceptable and meet the
requirement. Then, complete the API/Data model change, figure out how
to migrate current network. So we can start coding at next milestone.
[1] https://blueprints.launchpad.net/neutron/+spec/zone-based-router
Regards.
--
Zang MingJie
On
Hi Filipe:
I disagree your ml2-external-port BP
It is unsuitable to connect multiple l2 networks directly, there may
be ip conflict, dhcp conflict and other problems. although neutron
dhcp agent won't respond dhcp request from unknown source, an external
dhcp may respond vm dhcp request. If we mo
to the
> issue of network domain sharing was out of its scope.
>
> Salvatore
>
>
> On 5 July 2013 16:11, Zang MingJie wrote:
>>
>> Hi:
>> Currently we are working on a problem of neutron network isolation
>> and inter-communication. Currently neutron has p
Hi:
Currently we are working on a problem of neutron network isolation
and inter-communication. Currently neutron has private network and
shared network, but they are not flexible. The private network cannot
access other network, and the shared network is fully open. To solve
this problem, we got
Hi Andre:
will there be any example implementation to show what and how does it
work ? A smallest functional prototype with only local or flat network
support will help a lot
Thanks
On Mon, Jun 17, 2013 at 5:08 AM, Andre Pech wrote:
> Hi all,
>
> I've posted an initial implementation of the ml2
28 matches
Mail list logo
