← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #96652

[Bug 1982287] Re: [rfe][ovn] Support address group for ovn driver

  Thread PreviousDate PreviousThread Next 
** Also affects: cloud-archive
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/caracal
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/flamingo
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/yoga
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/epoxy
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/bobcat
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/zed
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/dalmatian
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/antelope
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1982287

Title:
  [rfe][ovn] Support address group for ovn driver

Status in Ubuntu Cloud Archive:
  New
Status in Ubuntu Cloud Archive antelope series:
  New
Status in Ubuntu Cloud Archive bobcat series:
  New
Status in Ubuntu Cloud Archive caracal series:
  New
Status in Ubuntu Cloud Archive dalmatian series:
  New
Status in Ubuntu Cloud Archive epoxy series:
  New
Status in Ubuntu Cloud Archive flamingo series:
  New
Status in Ubuntu Cloud Archive yoga series:
  New
Status in Ubuntu Cloud Archive zed series:
  New
Status in neutron:
  Fix Released

Bug description:
  As the title describes, we can use 'Address_Set' of ovn to support the
  feature that address group.

  OVN is already supporting the feature 'Address_Set' that create a set
  of address contains IPv4, or IPv6 addresses with optional bitwise or
  CIDR masks. For details, we can see [0].

  For example:
  # Create an address set 
  ovn-nbctl create Address_Set name=as1 addresses=\"10.0.0.2\",\"10.0.0.3\"

  # Add acl1 uses as1 
  ovn-nbctl --wait=hv acl-add pg1 to-lport 1001 'outport == "pg1" && ip4 && ip4.src == $as1' allow

  
  So we can implement the feature that translate the neutron address group to a Address_Set entry and put this entry to a match filed of ovn acl.


  
  [0]https://github.com/ovn-org/ovn/blob/81503d661ed9449ebe85f4b6b3130b75c7dd60bd/ovn-nb.xml#L1641

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1982287/+subscriptions

References

  Thread PreviousDate PreviousThread Next