On 3 Nov 2016, at 09:03, Thomas Goirand <z...@debian.org> wrote: > I very much agree with the above, the only issue is enough time to put > these warning in place. Maybe some text in a NEWS or README.Debian file > could do the trick. I'm not so fan of adding debconf text for such a > warning.
You need to TAKE the time! You can’t upload a package without testing (as in, does it work ‘from scratch’ _AND_ (!!) does the upgrade from _at least_ the previous version work without any problem) it properly and when you notice (or know!) of something that will affect users, then documenting that properly (in a place where they’ll actually LOOK! :) needs to be done. In a case like this, where the effect was MAJOR (basically, the whole network stopped working because there was no L3 agent!), a debconf warning MUST be issued!! It might just be something short like: The FWaaS binary have been removed because I don’t like you. Please read /usr/share/bla/bla for more information. :) Just imagine that people are actually using this in production and that their livelihood depends on this working 24/7/365 and ANY disruption (other than the ‘normal’ restart of a service) can have dyer consequences. Or in another way: What would YOU think/do if someone just shot your whole system to pieces??! > Just configure Neutron. The doc from Red Hat seems to cover it well: > > https://access.redhat.com/documentation/en/red-hat-enterprise-linux-openstack-platform/7/paged/networking-guide/chapter-16-configure-firewall-as-a-service-fwaas > > Basically, you just use the "normal" neutron-l3-agent, and configure > neutron.conf with: > > service_plugins = neutron.services.firewall.fwaas_plugin.FirewallPlugin Ok, thanx. I’ll try that.