Hi,
I’m not sure about Queens but recently with [1] we switched default security
group driver in devstack to „openvswitch”.
Since at least month we have scenario gate job with this SG driver running as
voting and gating.
Currently, after switch devstack default driver to openvswitch it’s tested in
many jobs in Neutron.
[1] https://review.openstack.org/#/c/568297/
> Wiadomość napisana przez Tobias Urdin w dniu
> 11.06.2018, o godz. 05:20:
>
> Hello everybody,
> I'm cross-posting this with operators list.
>
> The openvswitch flows-based stateful firewall driver which uses the
> conntrack support in Linux kernel >= 4.3 (iirc) has been
> marked as experimental for several releases now, is there any
> information about flaws in this and why it should not be used in production?
>
> It's still marked as experimental or missing documentation in the
> networking guide [1].
>
> And to operators; is anybody running the OVS stateful firewall in
> production? (firewall_driver = openvswitch)
>
> Appreciate any feedback :)
> Best regards
>
> [1] https://docs.openstack.org/neutron/queens/admin/config-ovsfwdriver.html
>
> __
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
—
Slawek Kaplonski
Senior software engineer
Red Hat
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
