)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"aa4e986d827f0505ffc51be330f841816aeab89a","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"7d764638_8735bc66","updated":"2024-02-07 09:33:06.000000000","message":"I have no idea what `fail_mode` does, can you add some explanation in the commit message?","commit_id":"a21e836fe8362607027f179c948605362c222edd"},{"author":{"_account_id":22629,"name":"Michal Nasiadka","email":"mnasiadka@gmail.com","username":"mnasiadka"},"change_message_id":"17549d288edfbcec54eed8a627f5c77fa2620528","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"5ee4331b_f50565f7","updated":"2024-02-07 08:56:16.000000000","message":"recheck (let\u0027s see second set of results)","commit_id":"a21e836fe8362607027f179c948605362c222edd"},{"author":{"_account_id":32553,"name":"Sven Kieske","email":"sven_oss@posteo.de","username":"skieske"},"change_message_id":"05e28751f50b3a01742e244d2faaade35ec09d6d","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":7,"id":"9cf28022_23ab8e57","updated":"2024-02-08 10:11:46.000000000","message":"Thanks for providing the missing information!","commit_id":"5016b3efafcb9bc00eb1156ec11cdf79ab0da3ff"},{"author":{"_account_id":32553,"name":"Sven Kieske","email":"sven_oss@posteo.de","username":"skieske"},"change_message_id":"a48c8b5a1faf3a0369601305132aefb2de31401f","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":7,"id":"d920966f_a411e585","updated":"2024-02-08 09:25:00.000000000","message":"Thanks for the excellent commit message giving background on the topic.\n\nWhat I don\u0027t see discussed though, is _why_ we are changing this to standalone.\n\nafaik this could result in traffic being send to instances who should no longer receive traffic, because they where reconfigured, but the ovs doesn\u0027t recognize this, because it has currently no connection to ovn.\n\nI think this is also why the other mode is labeled \"secure\"\n\nThe question thus is:\n\ndo we favor availability higher than security?\n\nI don\u0027t find any reasoning why we favor availability over security here, thus -1.\n\nTo be clear: I\u0027m not sure myself which one to favor here, but imho switching our default should warrant an explanation, and if it only is \"to align with upstream\".\n\nMaybe I\u0027m just misunderstanding the commit message though? It says:\n\n\"That is the ovs-vsctl default but Ansible module is failing in\nreconfigure step - and secure breaks external connectivity in\nOVN.\"\n\nI understand this to mean: \"the ovs-vsctl default is `standalone`, but this mode fails in the ansible mode during the reconfigure step\" \u003c- so why switch to it\n\n\"and secure breaks external connectivity in OVN\" \u003c- only if OVN is not reachable, is that the case in CI? Why? Can\u0027t we fix that? If not, why not?\n\nThese are the questions I\u0027d like to have answers to.\n\nIf there\u0027s no clear answer and this is a \"it depends on your usecase\" question I\u0027d vouch to stick with a secure default. People who need higher availability can reconfigure this value if they want to.\n\nThanks!","commit_id":"5016b3efafcb9bc00eb1156ec11cdf79ab0da3ff"},{"author":{"_account_id":32553,"name":"Sven Kieske","email":"sven_oss@posteo.de","username":"skieske"},"change_message_id":"4bf198072f6b26d1484b0ff67556aa349d880248","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":7,"id":"da8d270d_2aaf3bf0","in_reply_to":"d920966f_a411e585","updated":"2024-02-08 09:26:54.000000000","message":"Sorry, this comment was not meant to be resolved.\n\nTo add to my comment: If this is a \"bug\" seen in production I would expect a link to the bug this closes in the commit message.","commit_id":"5016b3efafcb9bc00eb1156ec11cdf79ab0da3ff"},{"author":{"_account_id":22629,"name":"Michal Nasiadka","email":"mnasiadka@gmail.com","username":"mnasiadka"},"change_message_id":"da99e115cfb5b6b4745d674a7c5ae2d933f73dcf","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":7,"id":"85981513_2b184dd9","in_reply_to":"da8d270d_2aaf3bf0","updated":"2024-02-08 09:59:27.000000000","message":"We are not changing this.\nPreviously in bash script we were creating bridge without fail_mode given - so the OVS default is standalone.\nIn Ansible modules approach I have mistakenly changed that to secure, and that obviously does not work.\nSo we\u0027re changing back to default - which is standalone.\nThere is a bug in the modules, that we can\u0027t really not set fail_mode - see https://github.com/ansible-collections/openvswitch.openvswitch/issues/86","commit_id":"5016b3efafcb9bc00eb1156ec11cdf79ab0da3ff"}]}