)]}'
{"/COMMIT_MSG":[{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"7a9ee55521465eea3fb8fb75fe35324289f73d83","unresolved":false,"context_lines":[{"line_number":4,"context_line":"Commit:     JayLiu \u003c1299870737@qq.com\u003e"},{"line_number":5,"context_line":"CommitDate: 2020-04-28 18:12:36 +0800"},{"line_number":6,"context_line":""},{"line_number":7,"context_line":"Altinative Distributor for L3 Active-Active,"},{"line_number":8,"context_line":"N+1 Amphora Setup"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"Octavia need to support active-active feature. The community has"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":1,"id":"1f493fa4_aad3815f","line":7,"range":{"start_line":7,"start_character":0,"end_line":7,"end_character":10},"updated":"2020-04-28 18:25:55.000000000","message":"s/Alternative","commit_id":"bcd8f7d800bc046bb70e0cf94df4d03f9cd52dab"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"7a9ee55521465eea3fb8fb75fe35324289f73d83","unresolved":false,"context_lines":[{"line_number":5,"context_line":"CommitDate: 2020-04-28 18:12:36 +0800"},{"line_number":6,"context_line":""},{"line_number":7,"context_line":"Altinative Distributor for L3 Active-Active,"},{"line_number":8,"context_line":"N+1 Amphora Setup"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"Octavia need to support active-active feature. The community has"},{"line_number":11,"context_line":"previously had a scheme for implementing active-active feature using L3"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":1,"id":"1f493fa4_cacecdb2","line":8,"updated":"2020-04-28 18:25:55.000000000","message":"This should be on previous line","commit_id":"bcd8f7d800bc046bb70e0cf94df4d03f9cd52dab"}],"specs/version1.1/alternative-active-active-l3-distributor.rst":[{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"7a9ee55521465eea3fb8fb75fe35324289f73d83","unresolved":false,"context_lines":[{"line_number":20,"context_line":"This blueprint describes in detail another way to implement an"},{"line_number":21,"context_line":"active-active topology in L3 networks. This proposal takes advantage of"},{"line_number":22,"context_line":"ECMP multi-path routing in qrouter namespace to implement Active-Active"},{"line_number":23,"context_line":"feature, so qrouter can distribute traffic to multiple Amphorae in an"},{"line_number":24,"context_line":"Amphora cluster."},{"line_number":25,"context_line":""},{"line_number":26,"context_line":"This spec inherits high level architecture of previous community"}],"source_content_type":"text/x-rst","patch_set":1,"id":"1f493fa4_ca11ad06","line":23,"range":{"start_line":23,"start_character":12,"end_line":23,"end_character":19},"updated":"2020-04-28 18:25:55.000000000","message":"So this is tied to running in an ML2/OVS/DVR environment.  I\u0027m curious if you\u0027ve thought about ML2/OVN where there are no qrouter namespaces.","commit_id":"bcd8f7d800bc046bb70e0cf94df4d03f9cd52dab"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"a07e5fc23dffafb83850a490486a89d2ab3abb63","unresolved":false,"context_lines":[{"line_number":20,"context_line":"This blueprint describes in detail another way to implement an"},{"line_number":21,"context_line":"active-active topology in L3 networks. This proposal takes advantage of"},{"line_number":22,"context_line":"ECMP multi-path routing in qrouter namespace to implement Active-Active"},{"line_number":23,"context_line":"feature, so qrouter can distribute traffic to multiple Amphorae in an"},{"line_number":24,"context_line":"Amphora cluster."},{"line_number":25,"context_line":""},{"line_number":26,"context_line":"This spec inherits high level architecture of previous community"}],"source_content_type":"text/x-rst","patch_set":1,"id":"1f493fa4_ac03eb41","line":23,"range":{"start_line":23,"start_character":12,"end_line":23,"end_character":19},"in_reply_to":"1f493fa4_611152ad","updated":"2020-05-07 20:24:42.000000000","message":"Hi Jay - I don\u0027t have any specific advice for doing this in OVN, I do know that ECMP routing was added to it just a few months ago.  The best thing would probably be to write your Neutron spec, since there are OVN people there that might know more about this particular topic.","commit_id":"bcd8f7d800bc046bb70e0cf94df4d03f9cd52dab"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"700043ffd57ee1e070d56c947c2bf076b9d04c60","unresolved":false,"context_lines":[{"line_number":20,"context_line":"This blueprint describes in detail another way to implement an"},{"line_number":21,"context_line":"active-active topology in L3 networks. This proposal takes advantage of"},{"line_number":22,"context_line":"ECMP multi-path routing in qrouter namespace to implement Active-Active"},{"line_number":23,"context_line":"feature, so qrouter can distribute traffic to multiple Amphorae in an"},{"line_number":24,"context_line":"Amphora cluster."},{"line_number":25,"context_line":""},{"line_number":26,"context_line":"This spec inherits high level architecture of previous community"}],"source_content_type":"text/x-rst","patch_set":1,"id":"1f493fa4_595ae24f","line":23,"range":{"start_line":23,"start_character":12,"end_line":23,"end_character":19},"in_reply_to":"1f493fa4_ac03eb41","updated":"2020-05-08 02:52:50.000000000","message":"Thx! It is really helpful. We will later communicate with OVN people, and then modify this spec.","commit_id":"bcd8f7d800bc046bb70e0cf94df4d03f9cd52dab"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"db8f523671af7cd4cc099e56a9dbe9b6ef5d8c61","unresolved":false,"context_lines":[{"line_number":20,"context_line":"This blueprint describes in detail another way to implement an"},{"line_number":21,"context_line":"active-active topology in L3 networks. This proposal takes advantage of"},{"line_number":22,"context_line":"ECMP multi-path routing in qrouter namespace to implement Active-Active"},{"line_number":23,"context_line":"feature, so qrouter can distribute traffic to multiple Amphorae in an"},{"line_number":24,"context_line":"Amphora cluster."},{"line_number":25,"context_line":""},{"line_number":26,"context_line":"This spec inherits high level architecture of previous community"}],"source_content_type":"text/x-rst","patch_set":1,"id":"1f493fa4_611152ad","line":23,"range":{"start_line":23,"start_character":12,"end_line":23,"end_character":19},"in_reply_to":"1f493fa4_ca11ad06","updated":"2020-05-02 02:18:13.000000000","message":"\u003e So this is tied to running in an ML2/OVS/DVR environment.  I\u0027m\n \u003e curious if you\u0027ve thought about ML2/OVN where there are no qrouter\n \u003e namespaces.\n\nYes, this proposal is based on ovs. It is now running in our product, so it is trustworthy. But we didn\u0027t think about the OVN environment before. We are working on it now to find a way to solve it in ovn. Do you have any advice for me? Thanks!","commit_id":"bcd8f7d800bc046bb70e0cf94df4d03f9cd52dab"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"d09d581e2d49cd8abd6b1e191f1032b8aba8d725","unresolved":false,"context_lines":[{"line_number":20,"context_line":"This blueprint describes in detail another way to implement an"},{"line_number":21,"context_line":"active-active topology in L3 networks. This proposal takes advantage of"},{"line_number":22,"context_line":"ECMP multi-path routing in qrouter namespace to implement Active-Active"},{"line_number":23,"context_line":"feature, so qrouter can distribute traffic to multiple Amphorae in an"},{"line_number":24,"context_line":"Amphora cluster."},{"line_number":25,"context_line":""},{"line_number":26,"context_line":"This spec inherits high level architecture of previous community"}],"source_content_type":"text/x-rst","patch_set":1,"id":"1f493fa4_0147aebe","line":23,"range":{"start_line":23,"start_character":12,"end_line":23,"end_character":19},"in_reply_to":"1f493fa4_ca11ad06","updated":"2020-05-02 02:15:45.000000000","message":"Yes, this proposal is based on ovs. It is now running in our product, so it is trustworthy. But we didn\u0027t think about the OVN environment before. We are working on it now to find a way to solve it in ovn. Do you have any advice for me? Thanks!","commit_id":"bcd8f7d800bc046bb70e0cf94df4d03f9cd52dab"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"7a9ee55521465eea3fb8fb75fe35324289f73d83","unresolved":false,"context_lines":[{"line_number":27,"context_line":"topology, it is still a highly available, scalable active-active"},{"line_number":28,"context_line":"load-balance architecture, it also uses ACM to manage the cluster, it"},{"line_number":29,"context_line":"can support both intranet and extranet traffic, avoid single point of"},{"line_number":30,"context_line":"failure and implement high availability and distributed load balance"},{"line_number":31,"context_line":"simultaneously."},{"line_number":32,"context_line":""},{"line_number":33,"context_line":".. _P2:"}],"source_content_type":"text/x-rst","patch_set":1,"id":"1f493fa4_6abdf900","line":30,"range":{"start_line":30,"start_character":61,"end_line":30,"end_character":68},"updated":"2020-04-28 18:25:55.000000000","message":"a/balancing","commit_id":"bcd8f7d800bc046bb70e0cf94df4d03f9cd52dab"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"7a9ee55521465eea3fb8fb75fe35324289f73d83","unresolved":false,"context_lines":[{"line_number":38,"context_line":"Proposed Change"},{"line_number":39,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":40,"context_line":""},{"line_number":41,"context_line":"*  The client, Amphora instance, and backend pool all locate in the same"},{"line_number":42,"context_line":"   L2 network (tenant backend network/VPC), Amphorae can communicate"},{"line_number":43,"context_line":"   with backend real servers with higher performance."},{"line_number":44,"context_line":"*  The interface on the virtual router (i.e. qrouter) in the tenant VPC"}],"source_content_type":"text/x-rst","patch_set":1,"id":"1f493fa4_ea5749c9","line":41,"range":{"start_line":41,"start_character":50,"end_line":41,"end_character":60},"updated":"2020-04-28 18:25:55.000000000","message":"s/are all located","commit_id":"bcd8f7d800bc046bb70e0cf94df4d03f9cd52dab"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"7a9ee55521465eea3fb8fb75fe35324289f73d83","unresolved":false,"context_lines":[{"line_number":51,"context_line":"*  Neutron needs to be extended to support configuring the virtual"},{"line_number":52,"context_line":"   router (will submit a separate spec in the Neutron project)."},{"line_number":53,"context_line":"*  The qrouter itself cannot sense the availability of the path to"},{"line_number":54,"context_line":"   Amphra, so Amphora cluster manager needs to do dynamic connectivity"},{"line_number":55,"context_line":"   detection. ECMP route entry must be deleted once the path is"},{"line_number":56,"context_line":"   unreachable. This can be done with the current Health Manager module"},{"line_number":57,"context_line":"   in conjunction with ACM."}],"source_content_type":"text/x-rst","patch_set":1,"id":"1f493fa4_4a4f5d33","line":54,"range":{"start_line":54,"start_character":3,"end_line":54,"end_character":9},"updated":"2020-04-28 18:25:55.000000000","message":"s/Amphora","commit_id":"bcd8f7d800bc046bb70e0cf94df4d03f9cd52dab"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"7a9ee55521465eea3fb8fb75fe35324289f73d83","unresolved":false,"context_lines":[{"line_number":88,"context_line":"                     |  +-------------+  +-------------+  |  ECMP  |"},{"line_number":89,"context_line":"                     |  |Qrouter/GW(3)|  |Qrouter/GW(4)|  |        |"},{"line_number":90,"context_line":"                     |  +-------------+  +-------------+  |        |"},{"line_number":91,"context_line":"     Managemen       +------------------------------------+        |"},{"line_number":92,"context_line":"      Network                                                      |"},{"line_number":93,"context_line":"         +                        +------------+                   |"},{"line_number":94,"context_line":"         |                        | Amphora(1) |                   |         +----------+"}],"source_content_type":"text/x-rst","patch_set":1,"id":"1f493fa4_4ababd09","line":91,"range":{"start_line":91,"start_character":5,"end_line":91,"end_character":14},"updated":"2020-04-28 18:25:55.000000000","message":"s/Management","commit_id":"bcd8f7d800bc046bb70e0cf94df4d03f9cd52dab"},{"author":{"_account_id":28329,"name":"yangjianfeng","display_name":"JeffYang","email":"yjf1970231893@gmail.com","username":"yangjianfeng"},"change_message_id":"c63e9dc32f2b4ef53719c282e40ceefcbed67ac5","unresolved":false,"context_lines":[{"line_number":37,"context_line":"Proposed change"},{"line_number":38,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"*  The client, Amphora instance, and backend pool all located in the"},{"line_number":41,"context_line":"   same L2 network (tenant backend network/VPC), Amphorae can"},{"line_number":42,"context_line":"   communicate with backend real servers with higher performance."},{"line_number":43,"context_line":"*  The interface on the virtual router (i.e. qrouter) in the tenant VPC"},{"line_number":44,"context_line":"   needs to enable ARP proxy and responds ARP request in the same subnet"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_967904fe","line":41,"range":{"start_line":40,"start_character":3,"end_line":41,"end_character":18},"updated":"2020-05-13 02:48:08.000000000","message":"Why they must in same L2 netwrok?","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"43fc67cca160ced774b4150a3f8e9a711bd8450a","unresolved":false,"context_lines":[{"line_number":37,"context_line":"Proposed change"},{"line_number":38,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"*  The client, Amphora instance, and backend pool all located in the"},{"line_number":41,"context_line":"   same L2 network (tenant backend network/VPC), Amphorae can"},{"line_number":42,"context_line":"   communicate with backend real servers with higher performance."},{"line_number":43,"context_line":"*  The interface on the virtual router (i.e. qrouter) in the tenant VPC"},{"line_number":44,"context_line":"   needs to enable ARP proxy and responds ARP request in the same subnet"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_c9d3dad4","line":41,"range":{"start_line":40,"start_character":3,"end_line":41,"end_character":18},"in_reply_to":"ff570b3c_967904fe","updated":"2020-05-27 08:48:41.000000000","message":"I\u0027m sorry to reply so late. It is because we want to let router proxy response the mac address of vip. And we also want to achieve LVS-DR later, which requires the amphora/server/qrouter in the same L2 network.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":37,"context_line":"Proposed change"},{"line_number":38,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"*  The client, Amphora instance, and backend pool all located in the"},{"line_number":41,"context_line":"   same L2 network (tenant backend network/VPC), Amphorae can"},{"line_number":42,"context_line":"   communicate with backend real servers with higher performance."},{"line_number":43,"context_line":"*  The interface on the virtual router (i.e. qrouter) in the tenant VPC"},{"line_number":44,"context_line":"   needs to enable ARP proxy and responds ARP request in the same subnet"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_da8d4c36","line":41,"range":{"start_line":40,"start_character":3,"end_line":41,"end_character":18},"in_reply_to":"ff570b3c_c2eaf671","updated":"2020-06-12 03:16:50.000000000","message":"\u003e I don\u0027t think requiring the pool members behind the amphora\n \u003e instance to be on the same L2 is a good idea. It really limits the\n \u003e usefulness and degrades performance by creating one-armed load\n \u003e balancers.\n \u003e I would also note that direct-return (DR) has a number of issues\n \u003e that limit it\u0027s usefulness if you cannot modify the pool members,\n \u003e something Octavia does not do or support today.\n \u003e I think we can set it up so the Amphora do DR and bypass going back\n \u003e through a neutron network node in this scenario, but I think DR for\n \u003e the pool members may not be feasible or something we should attempt\n \u003e at the same time.\n\nIn my company\u0027s version, LVS-DR mode support is required due to the high performance requirements. For this reason the same l2 network needs to be supported. I discussed this with a colleague and as you said, the same L2 network can cause some issues with centralization. If we leave aside the limitations of LVS-DR, yes, I think that this solution is perfectly suited to follow the current octavia Design of vip-net. We can look further into the DR mode in a later version.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":37,"context_line":"Proposed change"},{"line_number":38,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":39,"context_line":""},{"line_number":40,"context_line":"*  The client, Amphora instance, and backend pool all located in the"},{"line_number":41,"context_line":"   same L2 network (tenant backend network/VPC), Amphorae can"},{"line_number":42,"context_line":"   communicate with backend real servers with higher performance."},{"line_number":43,"context_line":"*  The interface on the virtual router (i.e. qrouter) in the tenant VPC"},{"line_number":44,"context_line":"   needs to enable ARP proxy and responds ARP request in the same subnet"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_c2eaf671","line":41,"range":{"start_line":40,"start_character":3,"end_line":41,"end_character":18},"in_reply_to":"ff570b3c_c9d3dad4","updated":"2020-06-04 22:55:52.000000000","message":"I don\u0027t think requiring the pool members behind the amphora instance to be on the same L2 is a good idea. It really limits the usefulness and degrades performance by creating one-armed load balancers.\nI would also note that direct-return (DR) has a number of issues that limit it\u0027s usefulness if you cannot modify the pool members, something Octavia does not do or support today.\nI think we can set it up so the Amphora do DR and bypass going back through a neutron network node in this scenario, but I think DR for the pool members may not be feasible or something we should attempt at the same time.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":28329,"name":"yangjianfeng","display_name":"JeffYang","email":"yjf1970231893@gmail.com","username":"yangjianfeng"},"change_message_id":"c63e9dc32f2b4ef53719c282e40ceefcbed67ac5","unresolved":false,"context_lines":[{"line_number":40,"context_line":"*  The client, Amphora instance, and backend pool all located in the"},{"line_number":41,"context_line":"   same L2 network (tenant backend network/VPC), Amphorae can"},{"line_number":42,"context_line":"   communicate with backend real servers with higher performance."},{"line_number":43,"context_line":"*  The interface on the virtual router (i.e. qrouter) in the tenant VPC"},{"line_number":44,"context_line":"   needs to enable ARP proxy and responds ARP request in the same subnet"},{"line_number":45,"context_line":"   (need to extend Neutron to implement)."},{"line_number":46,"context_line":"*  The tenant\u0027s VPC needs to add equal-cost routes to the virtual"},{"line_number":47,"context_line":"   router. Prefix of the equal-cost routing entry is VIP, its next hop"},{"line_number":48,"context_line":"   is the backend network IP address of each Amphora (need to extend"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_5693ecfa","line":45,"range":{"start_line":43,"start_character":2,"end_line":45,"end_character":41},"updated":"2020-05-13 02:48:08.000000000","message":"I guess you want to make neutron router as distributor. If so, It\u0027s a gool idea. But I don\u0027t think the neutron need to extend , the current neutron can completely realize this scheme. The neutron API support add routes which have same destination and different gateways to a router. Like this: \n\"openstack router set 79cf5d9d-c4ab-45d7-8959-30963cba2ea4 --route destination\u003d10.30.30.35/32,gateway\u003d10.30.30.2 --route destination\u003d10.30.30.35/32,gateway\u003d10.30.30.3\"\nThe \"10.30.30.35\" can be as the VIP of amphorae. So by this way, the neutron router can be any mode. And I don\u0027t think the ARP proxy need to enable. \n\nBut, maybe that is neutron\u0027s bug: the qrouter-* namespace\u0027s route entity as below:\n10.30.30.35 via 10.30.30.3 dev qr-905cfb1e-43 \n10.30.30.35 via 10.30.30.2 dev qr-905cfb1e-43\nI think we just need to fixed it, make the route entity like this:\n10.30.30.35 \n\tnexthop via 10.30.30.2 dev qr-905cfb1e-43 weight 1 \n\tnexthop via 10.30.30.3 dev qr-905cfb1e-43 weight 1","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":40,"context_line":"*  The client, Amphora instance, and backend pool all located in the"},{"line_number":41,"context_line":"   same L2 network (tenant backend network/VPC), Amphorae can"},{"line_number":42,"context_line":"   communicate with backend real servers with higher performance."},{"line_number":43,"context_line":"*  The interface on the virtual router (i.e. qrouter) in the tenant VPC"},{"line_number":44,"context_line":"   needs to enable ARP proxy and responds ARP request in the same subnet"},{"line_number":45,"context_line":"   (need to extend Neutron to implement)."},{"line_number":46,"context_line":"*  The tenant\u0027s VPC needs to add equal-cost routes to the virtual"},{"line_number":47,"context_line":"   router. Prefix of the equal-cost routing entry is VIP, its next hop"},{"line_number":48,"context_line":"   is the backend network IP address of each Amphora (need to extend"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_227812c2","line":45,"range":{"start_line":43,"start_character":2,"end_line":45,"end_character":40},"updated":"2020-06-04 22:55:52.000000000","message":"Wouldn\u0027t the VIP on the qrouter be owned by the Octavia service account? We don\u0027t want users able to manipulate it\u0027s settings really.\nAlso, I have concerns about the ARP proxy statements, especially with the various DVR implementations in neutron. Many of them have crippled ARP support.\nCan you explain more the need for the ARP proxy?","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":40,"context_line":"*  The client, Amphora instance, and backend pool all located in the"},{"line_number":41,"context_line":"   same L2 network (tenant backend network/VPC), Amphorae can"},{"line_number":42,"context_line":"   communicate with backend real servers with higher performance."},{"line_number":43,"context_line":"*  The interface on the virtual router (i.e. qrouter) in the tenant VPC"},{"line_number":44,"context_line":"   needs to enable ARP proxy and responds ARP request in the same subnet"},{"line_number":45,"context_line":"   (need to extend Neutron to implement)."},{"line_number":46,"context_line":"*  The tenant\u0027s VPC needs to add equal-cost routes to the virtual"},{"line_number":47,"context_line":"   router. Prefix of the equal-cost routing entry is VIP, its next hop"},{"line_number":48,"context_line":"   is the backend network IP address of each Amphora (need to extend"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_bab058df","line":45,"range":{"start_line":43,"start_character":2,"end_line":45,"end_character":40},"in_reply_to":"ff570b3c_227812c2","updated":"2020-06-12 03:16:50.000000000","message":"\u003e Wouldn\u0027t the VIP on the qrouter be owned by the Octavia service\n \u003e account? We don\u0027t want users able to manipulate it\u0027s settings\n \u003e really.\n \u003e Also, I have concerns about the ARP proxy statements, especially\n \u003e with the various DVR implementations in neutron. Many of them have\n \u003e crippled ARP support.\n \u003e Can you explain more the need for the ARP proxy?\n\nYes, I also think VIP should belong to the octavia service account. I\u0027d like to further clarify the issue of ARP proxies.  User access VIP, and we enable ARP proxy on qrouter in order to \"direct\" the traffic to qrouter. The qrouter proxies its own mac address and accepts traffic from the user, then sends the data to amphora through ECMP. The back end of amphora is also configured with VIP, but the response to ARP is turned off. This allows amphora to passively receive traffic, but not actively \"steal\" it. This ensures that the traffic is distributed along the correct path.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"43fc67cca160ced774b4150a3f8e9a711bd8450a","unresolved":false,"context_lines":[{"line_number":40,"context_line":"*  The client, Amphora instance, and backend pool all located in the"},{"line_number":41,"context_line":"   same L2 network (tenant backend network/VPC), Amphorae can"},{"line_number":42,"context_line":"   communicate with backend real servers with higher performance."},{"line_number":43,"context_line":"*  The interface on the virtual router (i.e. qrouter) in the tenant VPC"},{"line_number":44,"context_line":"   needs to enable ARP proxy and responds ARP request in the same subnet"},{"line_number":45,"context_line":"   (need to extend Neutron to implement)."},{"line_number":46,"context_line":"*  The tenant\u0027s VPC needs to add equal-cost routes to the virtual"},{"line_number":47,"context_line":"   router. Prefix of the equal-cost routing entry is VIP, its next hop"},{"line_number":48,"context_line":"   is the backend network IP address of each Amphora (need to extend"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_8c6290ac","line":45,"range":{"start_line":43,"start_character":2,"end_line":45,"end_character":41},"in_reply_to":"ff570b3c_5693ecfa","updated":"2020-05-27 08:48:41.000000000","message":"Sorry I don\u0027t know whether it is my fault, because when I config my qrouter like you said, the second route entity override the first one. On the other hand, I don\u0027t know whether the bug you refered is a real bug...maybe it is just designed for this way?","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":40,"context_line":"*  The client, Amphora instance, and backend pool all located in the"},{"line_number":41,"context_line":"   same L2 network (tenant backend network/VPC), Amphorae can"},{"line_number":42,"context_line":"   communicate with backend real servers with higher performance."},{"line_number":43,"context_line":"*  The interface on the virtual router (i.e. qrouter) in the tenant VPC"},{"line_number":44,"context_line":"   needs to enable ARP proxy and responds ARP request in the same subnet"},{"line_number":45,"context_line":"   (need to extend Neutron to implement)."},{"line_number":46,"context_line":"*  The tenant\u0027s VPC needs to add equal-cost routes to the virtual"},{"line_number":47,"context_line":"   router. Prefix of the equal-cost routing entry is VIP, its next hop"},{"line_number":48,"context_line":"   is the backend network IP address of each Amphora (need to extend"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_c2b83676","line":45,"range":{"start_line":43,"start_character":2,"end_line":45,"end_character":41},"in_reply_to":"ff570b3c_5693ecfa","updated":"2020-06-04 22:55:52.000000000","message":"This can be done today in neutron, but it is a blind round roubin ECMP, which is not good for maintaining session persistence between the client and the amphora.\nThis limits the number of amphora that can be in a cluster and can seriously degrade TLS performance.\nNeutron will have to be modified to support a consistent hash (OVS supports this today).","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":47,"context_line":"   router. Prefix of the equal-cost routing entry is VIP, its next hop"},{"line_number":48,"context_line":"   is the backend network IP address of each Amphora (need to extend"},{"line_number":49,"context_line":"   Neutron to implement)."},{"line_number":50,"context_line":"*  Neutron needs to be extended to support configuring the virtual"},{"line_number":51,"context_line":"   router (will submit a separate spec in the Neutron project)."},{"line_number":52,"context_line":"*  The qrouter itself cannot sense the availability of the path to"},{"line_number":53,"context_line":"   Amphora, so Amphora cluster manager needs to do dynamic connectivity"},{"line_number":54,"context_line":"   detection. ECMP route entry must be deleted once the path is"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_6257aa27","line":51,"range":{"start_line":50,"start_character":3,"end_line":51,"end_character":63},"updated":"2020-06-04 22:55:52.000000000","message":"Can we list why in this document?\nI think it is due to the consistent hash, but I would like to capture any other reasons here.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":47,"context_line":"   router. Prefix of the equal-cost routing entry is VIP, its next hop"},{"line_number":48,"context_line":"   is the backend network IP address of each Amphora (need to extend"},{"line_number":49,"context_line":"   Neutron to implement)."},{"line_number":50,"context_line":"*  Neutron needs to be extended to support configuring the virtual"},{"line_number":51,"context_line":"   router (will submit a separate spec in the Neutron project)."},{"line_number":52,"context_line":"*  The qrouter itself cannot sense the availability of the path to"},{"line_number":53,"context_line":"   Amphora, so Amphora cluster manager needs to do dynamic connectivity"},{"line_number":54,"context_line":"   detection. ECMP route entry must be deleted once the path is"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_fa3c9031","line":51,"range":{"start_line":50,"start_character":3,"end_line":51,"end_character":63},"in_reply_to":"ff570b3c_6257aa27","updated":"2020-06-12 03:16:50.000000000","message":"\u003e Can we list why in this document?\n \u003e I think it is due to the consistent hash, but I would like to\n \u003e capture any other reasons here.\n\nThis is mainly to configure ECMP on the qrouter. By configuring different nexthop, linux itself is able to achieve stream affinity with 5 tuple hash. However, it is true that there are some problems with 5 tuple hash, which I will discuss in detail later.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":49,"context_line":"   Neutron to implement)."},{"line_number":50,"context_line":"*  Neutron needs to be extended to support configuring the virtual"},{"line_number":51,"context_line":"   router (will submit a separate spec in the Neutron project)."},{"line_number":52,"context_line":"*  The qrouter itself cannot sense the availability of the path to"},{"line_number":53,"context_line":"   Amphora, so Amphora cluster manager needs to do dynamic connectivity"},{"line_number":54,"context_line":"   detection. ECMP route entry must be deleted once the path is"},{"line_number":55,"context_line":"   unreachable. This can be done with the current Health Manager module"},{"line_number":56,"context_line":"   in conjunction with ACM."},{"line_number":57,"context_line":"*  Amphora can send a heartbeat to the Health Manager module does not"},{"line_number":58,"context_line":"   mean that Amphora is available on tenant\u0027s back-end network. In order"},{"line_number":59,"context_line":"   to dynamically detect the path abailability between the virtual"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_fd0ebf2f","line":56,"range":{"start_line":52,"start_character":3,"end_line":56,"end_character":27},"updated":"2020-06-04 22:55:52.000000000","message":"Agreed, the amphora cluster manager and/or HM would handle this.\nWe should consider the case of \"draining\" as well, which is how do you gracefully remove an amphora from the ECMP cluster to contract the number of amphora. In some load balancers setting the weight to 0 means \"don\u0027t send new conections, but allow current\", can we do this with the neutron implmentation?\nIt would be nice to capture the \"drain\" use case in this document as well.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":49,"context_line":"   Neutron to implement)."},{"line_number":50,"context_line":"*  Neutron needs to be extended to support configuring the virtual"},{"line_number":51,"context_line":"   router (will submit a separate spec in the Neutron project)."},{"line_number":52,"context_line":"*  The qrouter itself cannot sense the availability of the path to"},{"line_number":53,"context_line":"   Amphora, so Amphora cluster manager needs to do dynamic connectivity"},{"line_number":54,"context_line":"   detection. ECMP route entry must be deleted once the path is"},{"line_number":55,"context_line":"   unreachable. This can be done with the current Health Manager module"},{"line_number":56,"context_line":"   in conjunction with ACM."},{"line_number":57,"context_line":"*  Amphora can send a heartbeat to the Health Manager module does not"},{"line_number":58,"context_line":"   mean that Amphora is available on tenant\u0027s back-end network. In order"},{"line_number":59,"context_line":"   to dynamically detect the path abailability between the virtual"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_5a7adcef","line":56,"range":{"start_line":52,"start_character":3,"end_line":56,"end_character":27},"in_reply_to":"ff570b3c_fd0ebf2f","updated":"2020-06-12 03:16:50.000000000","message":"\u003e Agreed, the amphora cluster manager and/or HM would handle this.\n \u003e We should consider the case of \"draining\" as well, which is how do\n \u003e you gracefully remove an amphora from the ECMP cluster to contract\n \u003e the number of amphora. In some load balancers setting the weight to\n \u003e 0 means \"don\u0027t send new conections, but allow current\", can we do\n \u003e this with the neutron implmentation?\n \u003e It would be nice to capture the \"drain\" use case in this document\n \u003e as well.\n\nI\u0027ve been discussing the issue of \"drain\" with a colleague, but haven\u0027t come up with a good solution yet....T.T","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":54,"context_line":"   detection. ECMP route entry must be deleted once the path is"},{"line_number":55,"context_line":"   unreachable. This can be done with the current Health Manager module"},{"line_number":56,"context_line":"   in conjunction with ACM."},{"line_number":57,"context_line":"*  Amphora can send a heartbeat to the Health Manager module does not"},{"line_number":58,"context_line":"   mean that Amphora is available on tenant\u0027s back-end network. In order"},{"line_number":59,"context_line":"   to dynamically detect the path abailability between the virtual"},{"line_number":60,"context_line":"   router and Amphora, and detect whether Amphora is available on"},{"line_number":61,"context_line":"   back-end network, Amphora Agent needs to be modified. Timed ICMP"},{"line_number":62,"context_line":"   detection is required between Amphoras."},{"line_number":63,"context_line":"*  Amphora needs to configure VIP on loopback interface and turn off the"},{"line_number":64,"context_line":"   ARP response, this VIP comes from the backend tenant network."},{"line_number":65,"context_line":"*  [`P2`_] Use DR (Direct Routing) to provide more efficient load"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_bd2287a1","line":62,"range":{"start_line":57,"start_character":3,"end_line":62,"end_character":42},"updated":"2020-06-04 22:55:52.000000000","message":"Can you explain why?","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":54,"context_line":"   detection. ECMP route entry must be deleted once the path is"},{"line_number":55,"context_line":"   unreachable. This can be done with the current Health Manager module"},{"line_number":56,"context_line":"   in conjunction with ACM."},{"line_number":57,"context_line":"*  Amphora can send a heartbeat to the Health Manager module does not"},{"line_number":58,"context_line":"   mean that Amphora is available on tenant\u0027s back-end network. In order"},{"line_number":59,"context_line":"   to dynamically detect the path abailability between the virtual"},{"line_number":60,"context_line":"   router and Amphora, and detect whether Amphora is available on"},{"line_number":61,"context_line":"   back-end network, Amphora Agent needs to be modified. Timed ICMP"},{"line_number":62,"context_line":"   detection is required between Amphoras."},{"line_number":63,"context_line":"*  Amphora needs to configure VIP on loopback interface and turn off the"},{"line_number":64,"context_line":"   ARP response, this VIP comes from the backend tenant network."},{"line_number":65,"context_line":"*  [`P2`_] Use DR (Direct Routing) to provide more efficient load"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_3a7568fb","line":62,"range":{"start_line":57,"start_character":3,"end_line":62,"end_character":42},"in_reply_to":"ff570b3c_bd2287a1","updated":"2020-06-12 03:16:50.000000000","message":"\u003e Can you explain why?\n\nThis is because we can no longer use vrrp to guarantee availability in active-active mode.Vrrp can only be used in active-standby mode. For amphora clusters, we need to find new ways to probe the availability of each amphorad. For example, using the following icmp probes.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":61,"context_line":"   back-end network, Amphora Agent needs to be modified. Timed ICMP"},{"line_number":62,"context_line":"   detection is required between Amphoras."},{"line_number":63,"context_line":"*  Amphora needs to configure VIP on loopback interface and turn off the"},{"line_number":64,"context_line":"   ARP response, this VIP comes from the backend tenant network."},{"line_number":65,"context_line":"*  [`P2`_] Use DR (Direct Routing) to provide more efficient load"},{"line_number":66,"context_line":"   balancing because Amphorae and backend servers are in the same L2"},{"line_number":67,"context_line":"   network (need to extend Neutron to implement)."}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_5d336bf6","line":64,"range":{"start_line":64,"start_character":17,"end_line":64,"end_character":63},"updated":"2020-06-04 22:55:52.000000000","message":"Again, I\u0027m not sure it should be limited.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":61,"context_line":"   back-end network, Amphora Agent needs to be modified. Timed ICMP"},{"line_number":62,"context_line":"   detection is required between Amphoras."},{"line_number":63,"context_line":"*  Amphora needs to configure VIP on loopback interface and turn off the"},{"line_number":64,"context_line":"   ARP response, this VIP comes from the backend tenant network."},{"line_number":65,"context_line":"*  [`P2`_] Use DR (Direct Routing) to provide more efficient load"},{"line_number":66,"context_line":"   balancing because Amphorae and backend servers are in the same L2"},{"line_number":67,"context_line":"   network (need to extend Neutron to implement)."}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_9a5d947b","line":64,"range":{"start_line":64,"start_character":17,"end_line":64,"end_character":63},"in_reply_to":"ff570b3c_5d336bf6","updated":"2020-06-12 03:16:50.000000000","message":"\u003e Again, I\u0027m not sure it should be limited.\n\nYes, of course. We no longer force everything to be under the same l2 network, so vip can come from the same vip-net and belong to the octavia service account.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":62,"context_line":"   detection is required between Amphoras."},{"line_number":63,"context_line":"*  Amphora needs to configure VIP on loopback interface and turn off the"},{"line_number":64,"context_line":"   ARP response, this VIP comes from the backend tenant network."},{"line_number":65,"context_line":"*  [`P2`_] Use DR (Direct Routing) to provide more efficient load"},{"line_number":66,"context_line":"   balancing because Amphorae and backend servers are in the same L2"},{"line_number":67,"context_line":"   network (need to extend Neutron to implement)."},{"line_number":68,"context_line":"*  [`P2`_] Support Floating IPs (FIPs). In order to support FIPs the"},{"line_number":69,"context_line":"   existing Neutron *floatingips* API would need to be extended. This"},{"line_number":70,"context_line":"   will be described in more detail in a separate spec in the Neutron"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_dd549b00","line":67,"range":{"start_line":65,"start_character":11,"end_line":67,"end_character":49},"updated":"2020-06-04 22:55:52.000000000","message":"There are a lot of complications with this. To do DR with the pool members it requires changes inside the pool member, which Octavia does not have access to.\nI think we should not attempt to target DR in this initial specification.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":62,"context_line":"   detection is required between Amphoras."},{"line_number":63,"context_line":"*  Amphora needs to configure VIP on loopback interface and turn off the"},{"line_number":64,"context_line":"   ARP response, this VIP comes from the backend tenant network."},{"line_number":65,"context_line":"*  [`P2`_] Use DR (Direct Routing) to provide more efficient load"},{"line_number":66,"context_line":"   balancing because Amphorae and backend servers are in the same L2"},{"line_number":67,"context_line":"   network (need to extend Neutron to implement)."},{"line_number":68,"context_line":"*  [`P2`_] Support Floating IPs (FIPs). In order to support FIPs the"},{"line_number":69,"context_line":"   existing Neutron *floatingips* API would need to be extended. This"},{"line_number":70,"context_line":"   will be described in more detail in a separate spec in the Neutron"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_5ac81c20","line":67,"range":{"start_line":65,"start_character":11,"end_line":67,"end_character":49},"in_reply_to":"ff570b3c_dd549b00","updated":"2020-06-12 03:16:50.000000000","message":"\u003e There are a lot of complications with this. To do DR with the pool\n \u003e members it requires changes inside the pool member, which Octavia\n \u003e does not have access to.\n \u003e I think we should not attempt to target DR in this initial\n \u003e specification.\n\nYes, the DR mode is quite complicate. In our existing implementation, we use openflow to modify the source IP of the traffic arriving at the member to achieve DR mode. But it does have problems. So maybe we can talk about it in the future, and ignore DR mode for now.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":130,"context_line":""},{"line_number":131,"context_line":"   -  The intranet client requests mac address of the VIP and accesses the"},{"line_number":132,"context_line":"      service based on this mac address. The extranet client accesses the"},{"line_number":133,"context_line":"      tenant service via floating IP (IPv4 or IPv6)."},{"line_number":134,"context_line":"   -  When the intranet client requests mac address of the VIP, the qrouter"},{"line_number":135,"context_line":"      will use gateway MAC address to respond, the client\u0027s datagram will"},{"line_number":136,"context_line":"      be transmitted to the qrouter first. The extranet client accesses the"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_fd651fe2","line":133,"range":{"start_line":133,"start_character":25,"end_line":133,"end_character":36},"updated":"2020-06-04 22:55:52.000000000","message":"It would be nice if we can continue to not require a floating IP for the \"external\" network access. Can\u0027t we still plug directly into the external network?\nThe NAT of a flip is a performance drain and causes problems for IPv6 VIPs.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":130,"context_line":""},{"line_number":131,"context_line":"   -  The intranet client requests mac address of the VIP and accesses the"},{"line_number":132,"context_line":"      service based on this mac address. The extranet client accesses the"},{"line_number":133,"context_line":"      tenant service via floating IP (IPv4 or IPv6)."},{"line_number":134,"context_line":"   -  When the intranet client requests mac address of the VIP, the qrouter"},{"line_number":135,"context_line":"      will use gateway MAC address to respond, the client\u0027s datagram will"},{"line_number":136,"context_line":"      be transmitted to the qrouter first. The extranet client accesses the"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_dafc2c41","line":133,"range":{"start_line":133,"start_character":25,"end_line":133,"end_character":36},"in_reply_to":"ff570b3c_fd651fe2","updated":"2020-06-12 03:16:50.000000000","message":"\u003e It would be nice if we can continue to not require a floating IP\n \u003e for the \"external\" network access. Can\u0027t we still plug directly\n \u003e into the external network?\n \u003e The NAT of a flip is a performance drain and causes problems for\n \u003e IPv6 VIPs.\n\nFor the average north-south traffic, this performance loss isn\u0027t that unacceptable. If we want to plug directly into an external network, we need the ability to operate and configure the ECMP for the external network, but I\u0027m not sure how this should be implemented. However it\u0027s true that the impact to octavia code is not significant.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"34b19ec689e98c5ad889a8e6241ccdad0fc7be8d","unresolved":false,"context_lines":[{"line_number":130,"context_line":""},{"line_number":131,"context_line":"   -  The intranet client requests mac address of the VIP and accesses the"},{"line_number":132,"context_line":"      service based on this mac address. The extranet client accesses the"},{"line_number":133,"context_line":"      tenant service via floating IP (IPv4 or IPv6)."},{"line_number":134,"context_line":"   -  When the intranet client requests mac address of the VIP, the qrouter"},{"line_number":135,"context_line":"      will use gateway MAC address to respond, the client\u0027s datagram will"},{"line_number":136,"context_line":"      be transmitted to the qrouter first. The extranet client accesses the"}],"source_content_type":"text/x-rst","patch_set":4,"id":"bf51134e_1833c863","line":133,"range":{"start_line":133,"start_character":25,"end_line":133,"end_character":36},"in_reply_to":"ff570b3c_fd651fe2","updated":"2020-07-15 10:11:11.000000000","message":"In a production environment, the external network usually connect to a physical switch, that is out of neutron\u0027s control. So, I\u0027m afraid that the floating IP is necessary.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":138,"context_line":"      transmitted to the qrouter. Then datagrams are processed and sent to"},{"line_number":139,"context_line":"      the gateway of the back-end tenant network."},{"line_number":140,"context_line":"   -  The qrouter gateway queries equal-cost routing entries prefixed with"},{"line_number":141,"context_line":"      VIP and selects a unique Back IP as next hop based on 5 tuple hash,"},{"line_number":142,"context_line":"      then forwards the client\u0027s packets to the Amphora corresponding to"},{"line_number":143,"context_line":"      Back IP."},{"line_number":144,"context_line":"   -  Amphora accepts connections from clients, receives traffic, then"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_bda56705","line":141,"range":{"start_line":141,"start_character":60,"end_line":141,"end_character":72},"updated":"2020-06-04 22:55:52.000000000","message":"We should target a consistent hash instead of a simple 5 tuple. 5 tuple means that if we add or remove amphora all connections get redistributed. We want a follow on to Active/Active to be dynamic load balancing where the amphora will scale up and down. It also improves maintenance capabilities.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"34b19ec689e98c5ad889a8e6241ccdad0fc7be8d","unresolved":false,"context_lines":[{"line_number":138,"context_line":"      transmitted to the qrouter. Then datagrams are processed and sent to"},{"line_number":139,"context_line":"      the gateway of the back-end tenant network."},{"line_number":140,"context_line":"   -  The qrouter gateway queries equal-cost routing entries prefixed with"},{"line_number":141,"context_line":"      VIP and selects a unique Back IP as next hop based on 5 tuple hash,"},{"line_number":142,"context_line":"      then forwards the client\u0027s packets to the Amphora corresponding to"},{"line_number":143,"context_line":"      Back IP."},{"line_number":144,"context_line":"   -  Amphora accepts connections from clients, receives traffic, then"}],"source_content_type":"text/x-rst","patch_set":4,"id":"bf51134e_f8b89475","line":141,"range":{"start_line":141,"start_character":60,"end_line":141,"end_character":72},"in_reply_to":"ff570b3c_bda56705","updated":"2020-07-15 10:11:11.000000000","message":"Good news, our network team is planning to use HMARK in iptables instead of ip routes with several nexthops. You can see that part in our Neutron spec, if that comes true, existing flows will not be redistributed when Octavia find an amphora unreachable and remove it temporarily.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":138,"context_line":"      transmitted to the qrouter. Then datagrams are processed and sent to"},{"line_number":139,"context_line":"      the gateway of the back-end tenant network."},{"line_number":140,"context_line":"   -  The qrouter gateway queries equal-cost routing entries prefixed with"},{"line_number":141,"context_line":"      VIP and selects a unique Back IP as next hop based on 5 tuple hash,"},{"line_number":142,"context_line":"      then forwards the client\u0027s packets to the Amphora corresponding to"},{"line_number":143,"context_line":"      Back IP."},{"line_number":144,"context_line":"   -  Amphora accepts connections from clients, receives traffic, then"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_1a8ce4d5","line":141,"range":{"start_line":141,"start_character":60,"end_line":141,"end_character":72},"in_reply_to":"ff570b3c_bda56705","updated":"2020-06-12 03:16:50.000000000","message":"Yes it\u0027s a pretty tricky one....But the good news is that higher versions of the linux kernel seem to have implemented consistent hash.http://archive.linuxvirtualserver.org/html/lvs-devel/2018-03/msg00023.html\nWe can discuss together how to take advantage of this.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":144,"context_line":"   -  Amphora accepts connections from clients, receives traffic, then"},{"line_number":145,"context_line":"      distributes it to the back-end server pool."},{"line_number":146,"context_line":"   -  Traffic from the back-end server pool goes to the gateway through"},{"line_number":147,"context_line":"      Amphora. (it will directly go to the gateway in DR mode)."},{"line_number":148,"context_line":"*  The whole process implements two levels load balancing, i.e. load"},{"line_number":149,"context_line":"   balancing between multiple Amphorae and load balancing between the"},{"line_number":150,"context_line":"   backend real servers."}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_fdaa3fcf","line":147,"range":{"start_line":147,"start_character":54,"end_line":147,"end_character":61},"updated":"2020-06-04 22:55:52.000000000","message":"Again, I think there are lot of issues with DR that need to be addressed.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":148,"context_line":"*  The whole process implements two levels load balancing, i.e. load"},{"line_number":149,"context_line":"   balancing between multiple Amphorae and load balancing between the"},{"line_number":150,"context_line":"   backend real servers."},{"line_number":151,"context_line":"*  In Neutron\u0027s DVR mode, qrouters are distributed across compute nodes,"},{"line_number":152,"context_line":"   and the Amphora instances are anti-affinity, so client traffic is"},{"line_number":153,"context_line":"   also distributed between qrouters. In this way, we can avoid the"},{"line_number":154,"context_line":"   single point of failure of qrouter and Amphora."}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_7d88ef6f","line":151,"range":{"start_line":151,"start_character":26,"end_line":151,"end_character":71},"updated":"2020-06-04 22:55:52.000000000","message":"Is this true in all ML/2 drivers? Again here I think consistent hashing may be required to make sure sessions are persisted.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":148,"context_line":"*  The whole process implements two levels load balancing, i.e. load"},{"line_number":149,"context_line":"   balancing between multiple Amphorae and load balancing between the"},{"line_number":150,"context_line":"   backend real servers."},{"line_number":151,"context_line":"*  In Neutron\u0027s DVR mode, qrouters are distributed across compute nodes,"},{"line_number":152,"context_line":"   and the Amphora instances are anti-affinity, so client traffic is"},{"line_number":153,"context_line":"   also distributed between qrouters. In this way, we can avoid the"},{"line_number":154,"context_line":"   single point of failure of qrouter and Amphora."}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_daaa6c18","line":151,"range":{"start_line":151,"start_character":26,"end_line":151,"end_character":71},"in_reply_to":"ff570b3c_7d88ef6f","updated":"2020-06-12 03:16:50.000000000","message":"\u003e Is this true in all ML/2 drivers? Again here I think consistent\n \u003e hashing may be required to make sure sessions are persisted.\n\nYes, the DVR mode require qrouter is distributed. Maybe different ML2 drivers will not make a difference?","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":155,"context_line":"*  To ensure its availability in the back-end tenant network, timed ICMP"},{"line_number":156,"context_line":"   detection is required between Amphoras. For example:"},{"line_number":157,"context_line":""},{"line_number":158,"context_line":"   -  Amphora(1) needs to regularly send ICMP packets to probe Amphora(2)"},{"line_number":159,"context_line":"      that is \"adjacent\" to it."},{"line_number":160,"context_line":"   -  If the probe fails, it continues to probe the next Amphora(3) in the"},{"line_number":161,"context_line":"      cluster, and so on."},{"line_number":162,"context_line":"   -  Amphora(1) keeps performing probe until it succeeds and then does not"},{"line_number":163,"context_line":"      continue to probe."},{"line_number":164,"context_line":"   -  Only if all probes fail, this Amphora(1) proves itself unavailable."},{"line_number":165,"context_line":"      Amphora(1) then stops sending heartbeat to Health Manager, waiting to"},{"line_number":166,"context_line":"      be processed and recovered."},{"line_number":167,"context_line":"   -  Other Amphora perfrom the same operation as above."},{"line_number":168,"context_line":"   -  An Agent on Amphora only needs to guarantee its own availability. Due"},{"line_number":169,"context_line":"      to Amphora instances are anti-affinity, this approach is good for"},{"line_number":170,"context_line":"      detecting Amphora\u0027s connectivity throughout the VPC."},{"line_number":171,"context_line":""},{"line_number":172,"context_line":"Distributor(Qrouter) Lifecycle"},{"line_number":173,"context_line":"^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_fd935fa1","line":170,"range":{"start_line":158,"start_character":5,"end_line":170,"end_character":58},"updated":"2020-06-04 22:55:52.000000000","message":"This is all already handled by the amphora agent, VRRP, and health manager. We may need to make some changes to make down detection faster in this use case, but I don\u0027t think we need to do this ICMP setup.\nFor example, we may be able to do an in-band test with the ACM.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":155,"context_line":"*  To ensure its availability in the back-end tenant network, timed ICMP"},{"line_number":156,"context_line":"   detection is required between Amphoras. For example:"},{"line_number":157,"context_line":""},{"line_number":158,"context_line":"   -  Amphora(1) needs to regularly send ICMP packets to probe Amphora(2)"},{"line_number":159,"context_line":"      that is \"adjacent\" to it."},{"line_number":160,"context_line":"   -  If the probe fails, it continues to probe the next Amphora(3) in the"},{"line_number":161,"context_line":"      cluster, and so on."},{"line_number":162,"context_line":"   -  Amphora(1) keeps performing probe until it succeeds and then does not"},{"line_number":163,"context_line":"      continue to probe."},{"line_number":164,"context_line":"   -  Only if all probes fail, this Amphora(1) proves itself unavailable."},{"line_number":165,"context_line":"      Amphora(1) then stops sending heartbeat to Health Manager, waiting to"},{"line_number":166,"context_line":"      be processed and recovered."},{"line_number":167,"context_line":"   -  Other Amphora perfrom the same operation as above."},{"line_number":168,"context_line":"   -  An Agent on Amphora only needs to guarantee its own availability. Due"},{"line_number":169,"context_line":"      to Amphora instances are anti-affinity, this approach is good for"},{"line_number":170,"context_line":"      detecting Amphora\u0027s connectivity throughout the VPC."},{"line_number":171,"context_line":""},{"line_number":172,"context_line":"Distributor(Qrouter) Lifecycle"},{"line_number":173,"context_line":"^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_da6f0cf8","line":170,"range":{"start_line":158,"start_character":5,"end_line":170,"end_character":58},"in_reply_to":"ff570b3c_fd935fa1","updated":"2020-06-12 03:16:50.000000000","message":"\u003e This is all already handled by the amphora agent, VRRP, and health\n \u003e manager. We may need to make some changes to make down detection\n \u003e faster in this use case, but I don\u0027t think we need to do this ICMP\n \u003e setup.\n \u003e For example, we may be able to do an in-band test with the ACM.\n\nYes, octavia implements an excellent set of mechanisms for health checks.But as I said before, vrrp has lost its usefulness in detecting cluster availability. We want to inherit octavia\u0027s original health management mechanism, but need another way to replace vrrp. This may also require the health manager with stronger management capabilities for amphora.\n\nBut your words enlightened me. I was looking for information about vrrp support for cluster availability and came across a new protocol called \"vrrpe\". This protocol enables multiple routers to work simultaneously and ensure high availability. It was proposed by H3C and implemented on their own routers. If we can implement the vrrpe protocol on amphora, then we can do it with minimal cost. active-active topology. we don\u0027t have to use a separate distributor and we don\u0027t have to think about the ECMP issues. See this document for more details:\n\nhttps://techhub.hpe.com/eginfolib/ networking/docs/switches/5920-5900/5998- 5303a_hi-avail_cg/content/414623810.htm\n\nBut for now, it\u0027s just an idea....","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":348,"context_line":""},{"line_number":349,"context_line":"      The ip address of VIP."},{"line_number":350,"context_line":""},{"line_number":351,"context_line":"Security impact"},{"line_number":352,"context_line":"---------------"},{"line_number":353,"context_line":""},{"line_number":354,"context_line":"Notifications impact"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_5de40b3c","line":351,"updated":"2020-06-04 22:55:52.000000000","message":"Currently we protect the amphora with neutron security groups. How would that work in this scenario? Would we still configure SGs on the amphora ports?","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":348,"context_line":""},{"line_number":349,"context_line":"      The ip address of VIP."},{"line_number":350,"context_line":""},{"line_number":351,"context_line":"Security impact"},{"line_number":352,"context_line":"---------------"},{"line_number":353,"context_line":""},{"line_number":354,"context_line":"Notifications impact"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_1a286495","line":351,"in_reply_to":"ff570b3c_5de40b3c","updated":"2020-06-12 03:16:50.000000000","message":"\u003e Currently we protect the amphora with neutron security groups. How\n \u003e would that work in this scenario? Would we still configure SGs on\n \u003e the amphora ports?\n\nWe no longer force everything to be under the same l2 network. We can follow Octavia\u0027s security design.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":357,"context_line":"Other end user impact"},{"line_number":358,"context_line":"---------------------"},{"line_number":359,"context_line":""},{"line_number":360,"context_line":"Performance Impact"},{"line_number":361,"context_line":"------------------"},{"line_number":362,"context_line":""},{"line_number":363,"context_line":"Other deployer impact"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_9dd34360","line":360,"updated":"2020-06-04 22:55:52.000000000","message":"Obviously this is to raise performance and scale the number of concurrent connections an Octavia amphora load balancer can handle.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":11628,"name":"Michael Johnson","email":"johnsomor@gmail.com","username":"johnsom"},"change_message_id":"cad100c77d2b697912d83a26078049a7f4c009c6","unresolved":false,"context_lines":[{"line_number":390,"context_line":"The API-Ref documentation will need to be updated for load balancer"},{"line_number":391,"context_line":"create/update/delete."},{"line_number":392,"context_line":""},{"line_number":393,"context_line":"References"},{"line_number":394,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":395,"context_line":""},{"line_number":396,"context_line":"*  `Active-Active"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_bdcc47bb","line":393,"updated":"2020-06-04 22:55:52.000000000","message":"Can we reference the neutron specification here now that it is posted?","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"c94883cae4b1deaf0e913340294303477139372d","unresolved":false,"context_lines":[{"line_number":390,"context_line":"The API-Ref documentation will need to be updated for load balancer"},{"line_number":391,"context_line":"create/update/delete."},{"line_number":392,"context_line":""},{"line_number":393,"context_line":"References"},{"line_number":394,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":395,"context_line":""},{"line_number":396,"context_line":"*  `Active-Active"}],"source_content_type":"text/x-rst","patch_set":4,"id":"ff570b3c_9a15944c","line":393,"in_reply_to":"ff570b3c_bdcc47bb","updated":"2020-06-12 03:16:50.000000000","message":"\u003e Can we reference the neutron specification here now that it is\n \u003e posted?\n\nYes, I will modify the spec later.","commit_id":"1203689124980ec127826165b30e3a47a4f46dbb"},{"author":{"_account_id":6469,"name":"Carlos Gonçalves","display_name":"Carlos Goncalves","email":"cgoncalves@redhat.com","username":"cgoncalves"},"change_message_id":"4f04223498a3a958887a75b035e427e8b2c187be","unresolved":false,"context_lines":[{"line_number":55,"context_line":"   in conjunction with ACM."},{"line_number":56,"context_line":""},{"line_number":57,"context_line":"*  Amphora can send a heartbeat to the Health Manager module does not"},{"line_number":58,"context_line":"   mean that Amphora is available on tenant\u0027s back-end network. In order"},{"line_number":59,"context_line":"   to dynamically detect the path abailability between the virtual"},{"line_number":60,"context_line":"   router and Amphora, and detect whether Amphora is available on"},{"line_number":61,"context_line":"   back-end network, Amphora Agent needs to be modified. Timed ICMP"}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_33a64855","line":58,"range":{"start_line":58,"start_character":37,"end_line":58,"end_character":62},"updated":"2020-08-17 12:49:01.000000000","message":"Do you mean the VIP network (\"Tenant Backend Network\" in your diagram below)?","commit_id":"1a2c9c289ed2cdec0a5884bb5fde36731bd07134"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"f632b51799d9f42131c5442da25f690cd94fe87f","unresolved":false,"context_lines":[{"line_number":55,"context_line":"   in conjunction with ACM."},{"line_number":56,"context_line":""},{"line_number":57,"context_line":"*  Amphora can send a heartbeat to the Health Manager module does not"},{"line_number":58,"context_line":"   mean that Amphora is available on tenant\u0027s back-end network. In order"},{"line_number":59,"context_line":"   to dynamically detect the path abailability between the virtual"},{"line_number":60,"context_line":"   router and Amphora, and detect whether Amphora is available on"},{"line_number":61,"context_line":"   back-end network, Amphora Agent needs to be modified. Timed ICMP"}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_58abf087","line":58,"range":{"start_line":58,"start_character":37,"end_line":58,"end_character":62},"in_reply_to":"9f560f44_33a64855","updated":"2020-08-19 11:57:31.000000000","message":"\u003e Do you mean the VIP network (\"Tenant Backend Network\" in your\n \u003e diagram below)?\n\nyes","commit_id":"1a2c9c289ed2cdec0a5884bb5fde36731bd07134"},{"author":{"_account_id":6469,"name":"Carlos Gonçalves","display_name":"Carlos Goncalves","email":"cgoncalves@redhat.com","username":"cgoncalves"},"change_message_id":"4f04223498a3a958887a75b035e427e8b2c187be","unresolved":false,"context_lines":[{"line_number":59,"context_line":"   to dynamically detect the path abailability between the virtual"},{"line_number":60,"context_line":"   router and Amphora, and detect whether Amphora is available on"},{"line_number":61,"context_line":"   back-end network, Amphora Agent needs to be modified. Timed ICMP"},{"line_number":62,"context_line":"   detection is required between Amphoras."},{"line_number":63,"context_line":""},{"line_number":64,"context_line":"*  Amphora needs to configure VIP on loopback interface and turn off the"},{"line_number":65,"context_line":"   ARP response."}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_d36c2c0a","line":62,"range":{"start_line":62,"start_character":25,"end_line":62,"end_character":41},"updated":"2020-08-17 12:49:01.000000000","message":"Could you expand why ICMP detection is required between amphorae while just before you say that path availability is between the router and the amphora? If the router \"cannot sense the availability of the pat to the amphora\", could amphorae send timed ICMP detection to the router?","commit_id":"1a2c9c289ed2cdec0a5884bb5fde36731bd07134"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"f632b51799d9f42131c5442da25f690cd94fe87f","unresolved":false,"context_lines":[{"line_number":59,"context_line":"   to dynamically detect the path abailability between the virtual"},{"line_number":60,"context_line":"   router and Amphora, and detect whether Amphora is available on"},{"line_number":61,"context_line":"   back-end network, Amphora Agent needs to be modified. Timed ICMP"},{"line_number":62,"context_line":"   detection is required between Amphoras."},{"line_number":63,"context_line":""},{"line_number":64,"context_line":"*  Amphora needs to configure VIP on loopback interface and turn off the"},{"line_number":65,"context_line":"   ARP response."}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_93128b57","line":62,"range":{"start_line":62,"start_character":25,"end_line":62,"end_character":41},"in_reply_to":"9f560f44_d36c2c0a","updated":"2020-08-19 11:57:31.000000000","message":"\u003e Could you expand why ICMP detection is required between amphorae\n \u003e while just before you say that path availability is between the\n \u003e router and the amphora? If the router \"cannot sense the\n \u003e availability of the pat to the amphora\", could amphorae send timed\n \u003e ICMP detection to the router?\n\nConsidering the DVR mode, the ICMP detetions going to gateway can only be sent to the router ns on where the amphora is running, this approach cannot verify the cross-node connectivity of the amphora.","commit_id":"1a2c9c289ed2cdec0a5884bb5fde36731bd07134"},{"author":{"_account_id":6469,"name":"Carlos Gonçalves","display_name":"Carlos Goncalves","email":"cgoncalves@redhat.com","username":"cgoncalves"},"change_message_id":"4f04223498a3a958887a75b035e427e8b2c187be","unresolved":false,"context_lines":[{"line_number":156,"context_line":"   -  Amphora(1) needs to regularly send ICMP packets to probe Amphora(2)"},{"line_number":157,"context_line":"      that is \"adjacent\" to it."},{"line_number":158,"context_line":"   -  If the probe fails, it continues to probe the next Amphora(3) in the"},{"line_number":159,"context_line":"      cluster, and so on."},{"line_number":160,"context_line":"   -  Amphora(1) keeps performing probe until it succeeds and then does not"},{"line_number":161,"context_line":"      continue to probe."},{"line_number":162,"context_line":"   -  Only if all probes fail, this Amphora(1) proves itself unavailable."}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_aea78f0b","line":159,"range":{"start_line":159,"start_character":19,"end_line":159,"end_character":24},"updated":"2020-08-17 12:49:01.000000000","message":"Which amphora would you consider to be the adjacent of the last amphora (Amphora N)?","commit_id":"1a2c9c289ed2cdec0a5884bb5fde36731bd07134"},{"author":{"_account_id":6469,"name":"Carlos Gonçalves","display_name":"Carlos Goncalves","email":"cgoncalves@redhat.com","username":"cgoncalves"},"change_message_id":"4f04223498a3a958887a75b035e427e8b2c187be","unresolved":false,"context_lines":[{"line_number":159,"context_line":"      cluster, and so on."},{"line_number":160,"context_line":"   -  Amphora(1) keeps performing probe until it succeeds and then does not"},{"line_number":161,"context_line":"      continue to probe."},{"line_number":162,"context_line":"   -  Only if all probes fail, this Amphora(1) proves itself unavailable."},{"line_number":163,"context_line":"      Amphora(1) then stops sending heartbeat to Health Manager, waiting to"},{"line_number":164,"context_line":"      be processed and recovered."},{"line_number":165,"context_line":"   -  Other Amphora perfrom the same operation as above."}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_0e979b92","line":162,"range":{"start_line":162,"start_character":6,"end_line":162,"end_character":72},"updated":"2020-08-17 12:49:01.000000000","message":"I think this can lead to complete service shutdown when only one remaining amphora is available. In other words, if all other amphorae are unavailable but not the one sending the probes, the probe will fail and the amphora will stop sending heartbeat to the Health Manager.","commit_id":"1a2c9c289ed2cdec0a5884bb5fde36731bd07134"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"f632b51799d9f42131c5442da25f690cd94fe87f","unresolved":false,"context_lines":[{"line_number":159,"context_line":"      cluster, and so on."},{"line_number":160,"context_line":"   -  Amphora(1) keeps performing probe until it succeeds and then does not"},{"line_number":161,"context_line":"      continue to probe."},{"line_number":162,"context_line":"   -  Only if all probes fail, this Amphora(1) proves itself unavailable."},{"line_number":163,"context_line":"      Amphora(1) then stops sending heartbeat to Health Manager, waiting to"},{"line_number":164,"context_line":"      be processed and recovered."},{"line_number":165,"context_line":"   -  Other Amphora perfrom the same operation as above."}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_f8f2c46e","line":162,"range":{"start_line":162,"start_character":6,"end_line":162,"end_character":72},"in_reply_to":"9f560f44_0e979b92","updated":"2020-08-19 11:57:31.000000000","message":"Yes, you are right, we realized that sending ICMP packets among amphoraes maybe is not a good option, and we changed this plan to send ICMP packets to SNAT ns and DHCP ns from amphoraes, at least we can make sure the amphora can be connected from other openstack nodes.","commit_id":"1a2c9c289ed2cdec0a5884bb5fde36731bd07134"},{"author":{"_account_id":6469,"name":"Carlos Gonçalves","display_name":"Carlos Goncalves","email":"cgoncalves@redhat.com","username":"cgoncalves"},"change_message_id":"4f04223498a3a958887a75b035e427e8b2c187be","unresolved":false,"context_lines":[{"line_number":260,"context_line":""},{"line_number":261,"context_line":"  ``create loadbalancer``\\:"},{"line_number":262,"context_line":""},{"line_number":263,"context_line":"  Add a `topology` parameter into the existing API"},{"line_number":264,"context_line":"  Then user can choose `single`/`stand-by` or `multi-active` mode"},{"line_number":265,"context_line":"  When he create a loadbalancer instance."},{"line_number":266,"context_line":""}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_0ecf9b7f","line":263,"range":{"start_line":263,"start_character":2,"end_line":263,"end_character":50},"updated":"2020-08-17 12:49:01.000000000","message":"This can be accomplished via the Octavia Flavor Profile and Flavor APIs. The amphora provider driver supports \"loadbalancer_topology\".\n\nhttps://docs.openstack.org/api-ref/load-balancer/v2/#flavors\nhttps://docs.openstack.org/api-ref/load-balancer/v2/#flavor-profiles","commit_id":"1a2c9c289ed2cdec0a5884bb5fde36731bd07134"},{"author":{"_account_id":31843,"name":"Jay Liu","email":"1299870737@qq.com","username":"JayLiu"},"change_message_id":"f632b51799d9f42131c5442da25f690cd94fe87f","unresolved":false,"context_lines":[{"line_number":260,"context_line":""},{"line_number":261,"context_line":"  ``create loadbalancer``\\:"},{"line_number":262,"context_line":""},{"line_number":263,"context_line":"  Add a `topology` parameter into the existing API"},{"line_number":264,"context_line":"  Then user can choose `single`/`stand-by` or `multi-active` mode"},{"line_number":265,"context_line":"  When he create a loadbalancer instance."},{"line_number":266,"context_line":""}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_73453715","line":263,"range":{"start_line":263,"start_character":2,"end_line":263,"end_character":50},"in_reply_to":"9f560f44_0ecf9b7f","updated":"2020-08-19 11:57:31.000000000","message":"Thank you for the reminder, I\u0027ll think about it carefully.","commit_id":"1a2c9c289ed2cdec0a5884bb5fde36731bd07134"},{"author":{"_account_id":6469,"name":"Carlos Gonçalves","display_name":"Carlos Goncalves","email":"cgoncalves@redhat.com","username":"cgoncalves"},"change_message_id":"4f04223498a3a958887a75b035e427e8b2c187be","unresolved":false,"context_lines":[{"line_number":261,"context_line":"  ``create loadbalancer``\\:"},{"line_number":262,"context_line":""},{"line_number":263,"context_line":"  Add a `topology` parameter into the existing API"},{"line_number":264,"context_line":"  Then user can choose `single`/`stand-by` or `multi-active` mode"},{"line_number":265,"context_line":"  When he create a loadbalancer instance."},{"line_number":266,"context_line":""},{"line_number":267,"context_line":"  Add a `num-amphroa` parameter, let user can determine the size"}],"source_content_type":"text/x-rst","patch_set":6,"id":"9f560f44_2ec41f5f","line":264,"range":{"start_line":264,"start_character":23,"end_line":264,"end_character":60},"updated":"2020-08-17 12:49:01.000000000","message":"There should be three options, not two: single, active-standby and multi-active.","commit_id":"1a2c9c289ed2cdec0a5884bb5fde36731bd07134"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":42,"context_line":""},{"line_number":43,"context_line":"*  After those changes in Neutron, Octavia will be able to create a"},{"line_number":44,"context_line":"   multi-active Loadbalancer with many amphoras, these amphoras will"},{"line_number":45,"context_line":"   share a VIP, and having their own IPs."},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"*  By sending new routes with same destination and different nexthop"},{"line_number":48,"context_line":"   to Neutron, there will be a ECMP rule in qrouter, so packets will"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_542c6646","line":45,"range":{"start_line":45,"start_character":20,"end_line":45,"end_character":26},"updated":"2020-11-04 17:26:00.000000000","message":"s/have","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":44,"context_line":"   multi-active Loadbalancer with many amphoras, these amphoras will"},{"line_number":45,"context_line":"   share a VIP, and having their own IPs."},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"*  By sending new routes with same destination and different nexthop"},{"line_number":48,"context_line":"   to Neutron, there will be a ECMP rule in qrouter, so packets will"},{"line_number":49,"context_line":"   be distuibuted to amphoras by qrouter.(qrouter will enable ARP proxy)"},{"line_number":50,"context_line":""}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_941d5e11","line":47,"range":{"start_line":47,"start_character":30,"end_line":47,"end_character":34},"updated":"2020-11-04 17:26:00.000000000","message":"s/the same","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":45,"context_line":"   share a VIP, and having their own IPs."},{"line_number":46,"context_line":""},{"line_number":47,"context_line":"*  By sending new routes with same destination and different nexthop"},{"line_number":48,"context_line":"   to Neutron, there will be a ECMP rule in qrouter, so packets will"},{"line_number":49,"context_line":"   be distuibuted to amphoras by qrouter.(qrouter will enable ARP proxy)"},{"line_number":50,"context_line":""},{"line_number":51,"context_line":"*  The qrouter itself cannot sense the availability of the path to"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_f41c9213","line":48,"range":{"start_line":48,"start_character":29,"end_line":48,"end_character":30},"updated":"2020-11-04 17:26:00.000000000","message":"s/an","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":46,"context_line":""},{"line_number":47,"context_line":"*  By sending new routes with same destination and different nexthop"},{"line_number":48,"context_line":"   to Neutron, there will be a ECMP rule in qrouter, so packets will"},{"line_number":49,"context_line":"   be distuibuted to amphoras by qrouter.(qrouter will enable ARP proxy)"},{"line_number":50,"context_line":""},{"line_number":51,"context_line":"*  The qrouter itself cannot sense the availability of the path to"},{"line_number":52,"context_line":"   Amphora, so Amphora cluster manager needs to do dynamic connectivity"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_14d78e25","line":49,"range":{"start_line":49,"start_character":40,"end_line":49,"end_character":41},"updated":"2020-11-04 17:26:00.000000000","message":"period should be after the )","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":54,"context_line":"   unreachable. This can be done with the current Health Manager module"},{"line_number":55,"context_line":"   in conjunction with ACM."},{"line_number":56,"context_line":""},{"line_number":57,"context_line":"*  Amphora can send a heartbeat to the Health Manager module does not"},{"line_number":58,"context_line":"   mean that amphora is available on VIP network. In order to dynamically"},{"line_number":59,"context_line":"   detect whether amphora is available on the VIP network, amphora"},{"line_number":60,"context_line":"   agent needs to be modified. Timed ICMP detection from amphora to"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_14c02e50","line":57,"updated":"2020-11-04 17:26:00.000000000","message":"The beginning of this sentence seems a little grammatically wrong, seems like it should start like:\n\n\"Just because an amphora can...\"","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":55,"context_line":"   in conjunction with ACM."},{"line_number":56,"context_line":""},{"line_number":57,"context_line":"*  Amphora can send a heartbeat to the Health Manager module does not"},{"line_number":58,"context_line":"   mean that amphora is available on VIP network. In order to dynamically"},{"line_number":59,"context_line":"   detect whether amphora is available on the VIP network, amphora"},{"line_number":60,"context_line":"   agent needs to be modified. Timed ICMP detection from amphora to"},{"line_number":61,"context_line":"   DHCP namespace and SNAT namespace is required."}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_d4ecf6f4","line":58,"range":{"start_line":58,"start_character":34,"end_line":58,"end_character":36},"updated":"2020-11-04 17:26:00.000000000","message":"s/on the","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":122,"context_line":""},{"line_number":123,"context_line":"*  An example of high-level data-flow:"},{"line_number":124,"context_line":""},{"line_number":125,"context_line":"   -  The intranet client requests mac address of the VIP and accesses the"},{"line_number":126,"context_line":"      service based on this mac address. The extranet client accesses the"},{"line_number":127,"context_line":"      tenant service via floating IP (IPv4 or IPv6)."},{"line_number":128,"context_line":"   -  When the intranet client requests mac address of the VIP, the qrouter"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_f4cad26a","line":125,"range":{"start_line":125,"start_character":35,"end_line":125,"end_character":38},"updated":"2020-11-04 17:26:00.000000000","message":"nit: MAC\n\nbelow as well","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":125,"context_line":"   -  The intranet client requests mac address of the VIP and accesses the"},{"line_number":126,"context_line":"      service based on this mac address. The extranet client accesses the"},{"line_number":127,"context_line":"      tenant service via floating IP (IPv4 or IPv6)."},{"line_number":128,"context_line":"   -  When the intranet client requests mac address of the VIP, the qrouter"},{"line_number":129,"context_line":"      will use gateway MAC address to respond, the client\u0027s datagram will"},{"line_number":130,"context_line":"      be transmitted to the qrouter first. The extranet client accesses the"},{"line_number":131,"context_line":"      VIP through floating IP, and the client\u0027s datagram is also"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_d4c5165d","line":128,"range":{"start_line":128,"start_character":40,"end_line":128,"end_character":43},"updated":"2020-11-04 17:26:00.000000000","message":"s/the MAC","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":126,"context_line":"      service based on this mac address. The extranet client accesses the"},{"line_number":127,"context_line":"      tenant service via floating IP (IPv4 or IPv6)."},{"line_number":128,"context_line":"   -  When the intranet client requests mac address of the VIP, the qrouter"},{"line_number":129,"context_line":"      will use gateway MAC address to respond, the client\u0027s datagram will"},{"line_number":130,"context_line":"      be transmitted to the qrouter first. The extranet client accesses the"},{"line_number":131,"context_line":"      VIP through floating IP, and the client\u0027s datagram is also"},{"line_number":132,"context_line":"      transmitted to the qrouter. Then datagrams are processed and sent to"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_34a28aaf","line":129,"range":{"start_line":129,"start_character":11,"end_line":129,"end_character":14},"updated":"2020-11-04 17:26:00.000000000","message":"s/use its","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":127,"context_line":"      tenant service via floating IP (IPv4 or IPv6)."},{"line_number":128,"context_line":"   -  When the intranet client requests mac address of the VIP, the qrouter"},{"line_number":129,"context_line":"      will use gateway MAC address to respond, the client\u0027s datagram will"},{"line_number":130,"context_line":"      be transmitted to the qrouter first. The extranet client accesses the"},{"line_number":131,"context_line":"      VIP through floating IP, and the client\u0027s datagram is also"},{"line_number":132,"context_line":"      transmitted to the qrouter. Then datagrams are processed and sent to"},{"line_number":133,"context_line":"      the gateway of the back-end tenant network."}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_5488e61d","line":130,"range":{"start_line":130,"start_character":21,"end_line":130,"end_character":41},"updated":"2020-11-04 17:26:00.000000000","message":"do you mean \"via the qrouter\" ?  i.e. it\u0027s just a proxy","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":128,"context_line":"   -  When the intranet client requests mac address of the VIP, the qrouter"},{"line_number":129,"context_line":"      will use gateway MAC address to respond, the client\u0027s datagram will"},{"line_number":130,"context_line":"      be transmitted to the qrouter first. The extranet client accesses the"},{"line_number":131,"context_line":"      VIP through floating IP, and the client\u0027s datagram is also"},{"line_number":132,"context_line":"      transmitted to the qrouter. Then datagrams are processed and sent to"},{"line_number":133,"context_line":"      the gateway of the back-end tenant network."},{"line_number":134,"context_line":"   -  The qrouter gateway queries equal-cost routing entries prefixed with"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_14a5ceb5","line":131,"range":{"start_line":131,"start_character":18,"end_line":131,"end_character":26},"updated":"2020-11-04 17:26:00.000000000","message":"s/its floating","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":129,"context_line":"      will use gateway MAC address to respond, the client\u0027s datagram will"},{"line_number":130,"context_line":"      be transmitted to the qrouter first. The extranet client accesses the"},{"line_number":131,"context_line":"      VIP through floating IP, and the client\u0027s datagram is also"},{"line_number":132,"context_line":"      transmitted to the qrouter. Then datagrams are processed and sent to"},{"line_number":133,"context_line":"      the gateway of the back-end tenant network."},{"line_number":134,"context_line":"   -  The qrouter gateway queries equal-cost routing entries prefixed with"},{"line_number":135,"context_line":"      VIP and selects a unique Back IP as next hop, then forwards the"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_9479de30","line":132,"range":{"start_line":132,"start_character":18,"end_line":132,"end_character":32},"updated":"2020-11-04 17:26:00.000000000","message":"same as above, it this \"via the qrouter\" ?","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":138,"context_line":"      distributes it to the back-end server pool."},{"line_number":139,"context_line":"   -  Traffic from the back-end server pool goes to the gateway through"},{"line_number":140,"context_line":"      Amphora."},{"line_number":141,"context_line":"*  The whole process implements two levels load balancing, i.e. load"},{"line_number":142,"context_line":"   balancing between multiple Amphorae and load balancing between the"},{"line_number":143,"context_line":"   backend real servers."},{"line_number":144,"context_line":"*  In Neutron\u0027s DVR mode, qrouters are distributed across compute nodes,"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_f478122b","line":141,"range":{"start_line":141,"start_character":43,"end_line":141,"end_character":47},"updated":"2020-11-04 17:26:00.000000000","message":"s/of","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":146,"context_line":"   also distributed between qrouters. In this way, we can avoid the"},{"line_number":147,"context_line":"   single point of failure of qrouter and Amphora."},{"line_number":148,"context_line":"*  To ensure its availability in the VIP network, amphora will send ICMP"},{"line_number":149,"context_line":"   detection to DHCP and SNAT namespace. For example:"},{"line_number":150,"context_line":""},{"line_number":151,"context_line":"   -  Amphora(1) needs to regularly send ICMP packets to DHCP address."},{"line_number":152,"context_line":"   -  If the probe fails, it continues to probe the SNAT namespace."}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_3490ca43","line":149,"range":{"start_line":149,"start_character":30,"end_line":149,"end_character":39},"updated":"2020-11-04 17:26:00.000000000","message":"s/namespaces","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":155,"context_line":"      be processed and recovered."},{"line_number":156,"context_line":"   -  Other Amphora perfrom the same operation as above."},{"line_number":157,"context_line":"   -  An Agent on Amphora only needs to guarantee its own availability. Due"},{"line_number":158,"context_line":"      to Amphora instances are anti-affinity, this approach is good for"},{"line_number":159,"context_line":"      detecting Amphora\u0027s connectivity throughout the VPC."},{"line_number":160,"context_line":""},{"line_number":161,"context_line":"Distributor(Qrouter) Lifecycle"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_f4adb288","line":158,"range":{"start_line":158,"start_character":27,"end_line":158,"end_character":30},"updated":"2020-11-04 17:26:00.000000000","message":"s/being","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":213,"context_line":"    |                                                |"},{"line_number":214,"context_line":"    +------------------------------------------------+"},{"line_number":215,"context_line":""},{"line_number":216,"context_line":"1. Enable ARP proxy on the qrouter to respond ARP request from the"},{"line_number":217,"context_line":"   client."},{"line_number":218,"context_line":"2. Create and boot Amphora. Assign port from back-end tenant network"},{"line_number":219,"context_line":"   (VPC) to Amphora and attach the interface to Amphora. IP on the"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_d4a87678","line":216,"range":{"start_line":216,"start_character":10,"end_line":216,"end_character":19},"updated":"2020-11-04 17:26:00.000000000","message":"s/proxy ARP","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":213,"context_line":"    |                                                |"},{"line_number":214,"context_line":"    +------------------------------------------------+"},{"line_number":215,"context_line":""},{"line_number":216,"context_line":"1. Enable ARP proxy on the qrouter to respond ARP request from the"},{"line_number":217,"context_line":"   client."},{"line_number":218,"context_line":"2. Create and boot Amphora. Assign port from back-end tenant network"},{"line_number":219,"context_line":"   (VPC) to Amphora and attach the interface to Amphora. IP on the"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_14bcaeb9","line":216,"range":{"start_line":216,"start_character":46,"end_line":216,"end_character":57},"updated":"2020-11-04 17:26:00.000000000","message":"s/to ARP requests","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":222,"context_line":"3. Amphora adds VIP into the loopback interface and disables the ARP"},{"line_number":223,"context_line":"   response."},{"line_number":224,"context_line":"4. Add equal-cost route to the qrouter. Equal-cost route entry uses VIP"},{"line_number":225,"context_line":"   as prefix, its next hop is Back IP of each Amphora."},{"line_number":226,"context_line":"5. Remove equal-cost route from the qrouter."},{"line_number":227,"context_line":"6. Delete VIP on Amphora."},{"line_number":228,"context_line":"7. Roll back the configuration of the load balancer on the Amphora and"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_b4d17afe","line":225,"updated":"2020-11-04 17:26:00.000000000","message":"So the above steps are for \"create\", below for \"destroy\", maybe would be good to split them up like that.","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":227,"context_line":"6. Delete VIP on Amphora."},{"line_number":228,"context_line":"7. Roll back the configuration of the load balancer on the Amphora and"},{"line_number":229,"context_line":"   detach the back-end network interface."},{"line_number":230,"context_line":"8. The qrouter disables ARP proxy (completely shuts down active-active"},{"line_number":231,"context_line":"   load balancing service)."},{"line_number":232,"context_line":""},{"line_number":233,"context_line":"Alternatives"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_74b362eb","line":230,"range":{"start_line":230,"start_character":24,"end_line":230,"end_character":33},"updated":"2020-11-04 17:26:00.000000000","message":"s/proxy ARP","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":255,"context_line":"  Then user can choose `single` or `stand-by` or `multi-active` mode"},{"line_number":256,"context_line":"  When he create a loadbalancer instance."},{"line_number":257,"context_line":""},{"line_number":258,"context_line":"  Add a `num-amphroa` parameter, let user can determine the size"},{"line_number":259,"context_line":"  of the loadbalancer when he choose `multi-active` mode."},{"line_number":260,"context_line":""},{"line_number":261,"context_line":""}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_94cc3e62","line":258,"range":{"start_line":258,"start_character":13,"end_line":258,"end_character":20},"updated":"2020-11-04 17:26:00.000000000","message":"s/amphora","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":255,"context_line":"  Then user can choose `single` or `stand-by` or `multi-active` mode"},{"line_number":256,"context_line":"  When he create a loadbalancer instance."},{"line_number":257,"context_line":""},{"line_number":258,"context_line":"  Add a `num-amphroa` parameter, let user can determine the size"},{"line_number":259,"context_line":"  of the loadbalancer when he choose `multi-active` mode."},{"line_number":260,"context_line":""},{"line_number":261,"context_line":""}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_d4d6b6f1","line":258,"range":{"start_line":258,"start_character":33,"end_line":258,"end_character":36},"updated":"2020-11-04 17:26:00.000000000","message":"s/so the","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":256,"context_line":"  When he create a loadbalancer instance."},{"line_number":257,"context_line":""},{"line_number":258,"context_line":"  Add a `num-amphroa` parameter, let user can determine the size"},{"line_number":259,"context_line":"  of the loadbalancer when he choose `multi-active` mode."},{"line_number":260,"context_line":""},{"line_number":261,"context_line":""},{"line_number":262,"context_line":"Security impact"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_140aee88","line":259,"range":{"start_line":259,"start_character":27,"end_line":259,"end_character":29},"updated":"2020-11-04 17:26:00.000000000","message":"s/they","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":270,"context_line":""},{"line_number":271,"context_line":"Different from original way to make an amphora reachable from"},{"line_number":272,"context_line":"extranet by using external network as vip-subnet, the virtual"},{"line_number":273,"context_line":"port need to bound with a floating IP, because the external"},{"line_number":274,"context_line":"network\u0027s gateway is on a physical switch,and Neutron can not"},{"line_number":275,"context_line":"configure a ECMP rule on it."},{"line_number":276,"context_line":"(This feature needs a improvement of Neutron)"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_94f55e86","line":273,"range":{"start_line":273,"start_character":10,"end_line":273,"end_character":12},"updated":"2020-11-04 17:26:00.000000000","message":"s/to be","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":271,"context_line":"Different from original way to make an amphora reachable from"},{"line_number":272,"context_line":"extranet by using external network as vip-subnet, the virtual"},{"line_number":273,"context_line":"port need to bound with a floating IP, because the external"},{"line_number":274,"context_line":"network\u0027s gateway is on a physical switch,and Neutron can not"},{"line_number":275,"context_line":"configure a ECMP rule on it."},{"line_number":276,"context_line":"(This feature needs a improvement of Neutron)"},{"line_number":277,"context_line":""}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_5404667b","line":274,"range":{"start_line":274,"start_character":41,"end_line":274,"end_character":42},"updated":"2020-11-04 17:26:00.000000000","message":"missing space after comma","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":272,"context_line":"extranet by using external network as vip-subnet, the virtual"},{"line_number":273,"context_line":"port need to bound with a floating IP, because the external"},{"line_number":274,"context_line":"network\u0027s gateway is on a physical switch,and Neutron can not"},{"line_number":275,"context_line":"configure a ECMP rule on it."},{"line_number":276,"context_line":"(This feature needs a improvement of Neutron)"},{"line_number":277,"context_line":""},{"line_number":278,"context_line":"Performance Impact"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_b4fa1a72","line":275,"range":{"start_line":275,"start_character":10,"end_line":275,"end_character":11},"updated":"2020-11-04 17:26:00.000000000","message":"s/an","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":278,"context_line":"Performance Impact"},{"line_number":279,"context_line":"------------------"},{"line_number":280,"context_line":""},{"line_number":281,"context_line":"This active-active scheme can improve Availability, and"},{"line_number":282,"context_line":"improved ability to handle highly concurrent traffic"},{"line_number":283,"context_line":""},{"line_number":284,"context_line":"Other deployer impact"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_f4f49288","line":281,"range":{"start_line":281,"start_character":38,"end_line":281,"end_character":39},"updated":"2020-11-04 17:26:00.000000000","message":"s/a","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":279,"context_line":"------------------"},{"line_number":280,"context_line":""},{"line_number":281,"context_line":"This active-active scheme can improve Availability, and"},{"line_number":282,"context_line":"improved ability to handle highly concurrent traffic"},{"line_number":283,"context_line":""},{"line_number":284,"context_line":"Other deployer impact"},{"line_number":285,"context_line":"---------------------"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_142f8ef6","line":282,"range":{"start_line":282,"start_character":0,"end_line":282,"end_character":8},"updated":"2020-11-04 17:26:00.000000000","message":"s/improve the\n\nnit: sentence missing trailing period","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"},{"author":{"_account_id":1131,"name":"Brian Haley","email":"haleyb.dev@gmail.com","username":"brian-haley"},"change_message_id":"826435d8b713b01f931074929b8d4bd13c9a1913","unresolved":false,"context_lines":[{"line_number":291,"context_line":"\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d"},{"line_number":292,"context_line":""},{"line_number":293,"context_line":"Assignee(s)"},{"line_number":294,"context_line":"-----------"},{"line_number":295,"context_line":""},{"line_number":296,"context_line":"Work Items"},{"line_number":297,"context_line":"----------"}],"source_content_type":"text/x-rst","patch_set":8,"id":"1f621f24_f44932d0","line":294,"updated":"2020-11-04 17:26:00.000000000","message":"Is there an assignee?","commit_id":"6fae2f9e8f25435436b821fdcc957a19df1c7cb1"}]}