yahoo-eng-team team mailing list archive

[Brian Haley <1652071@xxxxxxxxxxxxxxxxxx>]

Closing this as no one (afaik) has asked further about this, and/or the
installation/upgrade tools from the distros deal with it.

The thing we do document is moving from ML2/OVS to OVN, and there are
scripts around that. As it is more apropos these days I don't see a
reason to keep this bug open, but anyone is free to re-open this and
continue the work if they desire.

** Changed in: neutron
       Status: Triaged => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1652071

Title:
  [RFE] Implement migration from iptables-based security groups to ovsfw

Status in neutron:
  Won't Fix

Bug description:
  When switching an ovs-agent from iptables to ovsfw, new instances will
  be created using the ovsfw, but old instances will stick with
  iptables. In fact, there isn't a way to migrate an instance from
  iptables to ovsfw, and one should be provided.

  Considerations:
  a. It isn't enough to just remove the qvo/qvb/qbr interfaces and then attach the tap device directly to the integration bridge - we should also change the domain xml of the instance itself, so that when migrating an instance from one compute node to the other, nova won't depend on non-existent devices. Should this be done in Nova or in Neutron? Should Nova be notified?
  b. On Neutron side, we should also change the Port table to indicate a change. This might require a new RPC call from the agent side.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1652071/+subscriptions