Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-12875 BZ#2241184 OVN security group logging - rate and burst limits return unexpected value for stateful security groups
  3. OSPRH-12876

BZ#2241184 OVN security group logging - rate and burst limits return unexpected value for stateful security groups

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False
    • Targeted
    • Committed
    • ?
    • Targeted

      What is the business rationale for this exception? Is there a specific customer that needs this RFE?

       

      There is 16.2 async release, RFE code will change anyways since other exception+ approved BZ will be in the async [1].

As far as I know the fix for current BZ is simple, trying to get exception+ status to deliver this RFE fully supported (instead of current tech preview), and without any known issues listed.

A few customers use this RFE, including ADP.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=2192918

      Are there any security concerns?

       

      Non as far as I know.

       

      What other functions, teams, or DFGs are impacted by this feature?

       

      As far as I know only Neutron.

       

      What is the estimated time to have the upstream work complete and approved?

       

      From discussion with dev who works on the RFE (Elvira), the fix is supposed to be simple, not much time.
If I understand correctly the fix may affect only downstream 16.2, since the fix is specific for this release

       

      What is the time and resources required to test this issue? On what date will automated tests be written and ready to run and report results in Polarion?

       

      Test plan for security group logging RFE is fully automated, fix can be verified easily, by this Neutron CI failure stopping:

https://rhos-ci-jenkins.lab.eng.tlv2.redhat.com/job/DFG-network-networking-ovn-16.2_director-rhel-virthost-3cont_2comp-ipv4-geneve-gate-ovn/806/testReport/neutron_plugin.tests.scenario.test_security_group_logging/StatefulSecGroupLoggingTest/test_only_accepted_traffic_logged_id_92c2ed54_f7f2_4fc0_ae93_ade8f988826a_/

       

      Is there potential doc impact?

       

      Yes, changing from tech preview to full support, and removing all known issues listed for RFE.

       

      Are there new packages needed that are not packaged in OSP or RHEL? Does it require newer versions of existing dependencies (dependency bumps)?

       

      No.

       

      No new packages or dependencies.
      What is the support level? Tech Preview or fully supported

       

      Current is tech preview, we want to change to full support in async.

       

      How invasive is the code? From very invasive, a core change to very isolated, no risk to other components?

       

      Not invasive, no risk

       

      What is the impact to deployment/updates/upgrades/FFU; what are the test plans in these areas?

      None

              Unassigned Unassigned
              jjoyce@redhat.com Jason Joyce
              rhos-dfg-networking-squad-neutron
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: