yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #89736
[Bug 1987093] Re: [RFE] Add a port extension to set/define the switchdev capabilities
** Changed in: neutron
Status: New => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1987093
Title:
[RFE] Add a port extension to set/define the switchdev capabilities
Status in neutron:
Won't Fix
Bug description:
The aim of this RFE is to decouple the port binding profile update and
the ability of a user to set the "switchdev" flag on a port.
Since [1], a user is able to set "{"capabilities": ["switchdev"]}" on
the port binding profile in order to define this port as compatible
with the Ethernet switch device driver model (switchdev) [2]. In other
words, to be able to use a VF of a NIC with offloading capabilities.
This is currently used in ML2/OVS and ML2/OVN to offload the OpenFlow
rules on the NIC hardware.
The problem resides on the need of changing the port binding profile from the Neutron side:
* The port binding profile is a port blob that should be updated only from Nova.
* By default, this is allowed only to admin users, by is configurable via policy config. That could introduce security issues is a non-admin user can change any port binding profile, even if that is restricted to his/her own project.
This RFE will require a spec describing the needed changes on the API
side, the port object and RPC blob transmitted (needed by Nova).
[1]https://review.opendev.org/c/openstack/neutron/+/499203
[2]https://www.kernel.org/doc/html/latest/networking/switchdev.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1987093/+subscriptions
References
