Message ID | 1599600116-129820-1-git-send-email-hzhou@ovn.org |
---|---|
State | Accepted |
Headers | show |
Series | [ovs-dev,v2] ovn-northd: Optionally skip the check of lsp_is_up. | expand |
On Wed, Sep 9, 2020 at 2:52 AM Han Zhou <hzhou@ovn.org> wrote: > > The checking of lsp "up" status before adding ARP responder flows was > added to avoid confusion in cases when a network admin sees ARP response > for VM/containers that is not up on chassis yet. However, this check > introduces an extra round of flow change in SB and triggers computes > on hypervisors which is unnecessary cost in most cases, especially for > large scale environment. To improve this, this patch provides an option > ignore_lsp_down to disable the check for the use cases when ARP reponse for a > port that is "down" isn't considered harmful. > > Acked-by: Numan Siddique <numans@ovn.org> > Signed-off-by: Han Zhou <hzhou@ovn.org> > --- > v1 -> v2: change the option from "check_lsp_is_up" to "ignore_lsp_down" as > suggested by Numan. Hi Han, The patch LGTM. Thanks Numan > > northd/ovn-northd.8.xml | 15 ++++++++++----- > northd/ovn-northd.c | 7 ++++++- > ovn-nb.xml | 13 +++++++++++++ > tests/ovn-northd.at | 14 ++++++++++++++ > 4 files changed, 43 insertions(+), 6 deletions(-) > > diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml > index d15245a..a275442 100644 > --- a/northd/ovn-northd.8.xml > +++ b/northd/ovn-northd.8.xml > @@ -763,9 +763,11 @@ output; > > <p> > These flows are omitted for logical ports (other than router ports or > - <code>localport</code> ports) that are down, for logical ports of > - type <code>virtual</code> and for logical ports with 'unknown' > - address set. > + <code>localport</code> ports) that are down (unless <code> > + ignore_lsp_down</code> is configured as true in <code>options</code> > + column of <code>NB_Global</code> table of the <code>Northbound</code> > + database), for logical ports of type <code>virtual</code> and for > + logical ports with 'unknown' address set. > </p> > </li> > > @@ -812,8 +814,11 @@ nd_na_router { > > <p> > These flows are omitted for logical ports (other than router ports or > - <code>localport</code> ports) that are down and for logical ports of > - type <code>virtual</code>. > + <code>localport</code> ports) that are down (unless <code> > + ignore_lsp_down</code> is configured as true in <code>options</code> > + column of <code>NB_Global</code> table of the <code>Northbound</code> > + database), for logical ports of type <code>virtual</code> and for > + logical ports with 'unknown' address set. > </p> > </li> > > diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c > index bebb25a..100d9dc 100644 > --- a/northd/ovn-northd.c > +++ b/northd/ovn-northd.c > @@ -87,6 +87,8 @@ static struct eth_addr mac_prefix; > > static bool controller_event_en; > > +static bool check_lsp_is_up; > + > /* MAC allocated for service monitor usage. Just one mac is allocated > * for this purpose and ovn-controller's on each chassis will make use > * of this mac when sending out the packets to monitor the services > @@ -6741,7 +6743,8 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, > * - port type is router or > * - port type is localport > */ > - if (!lsp_is_up(op->nbsp) && strcmp(op->nbsp->type, "router") && > + if (check_lsp_is_up && > + !lsp_is_up(op->nbsp) && strcmp(op->nbsp->type, "router") && > strcmp(op->nbsp->type, "localport")) { > continue; > } > @@ -11831,6 +11834,8 @@ ovnnb_db_run(struct northd_context *ctx, > > controller_event_en = smap_get_bool(&nb->options, > "controller_event", false); > + check_lsp_is_up = !smap_get_bool(&nb->options, > + "ignore_lsp_down", false); > > build_datapaths(ctx, datapaths, lr_list); > build_ports(ctx, sbrec_chassis_by_name, datapaths, ports); > diff --git a/ovn-nb.xml b/ovn-nb.xml > index 109ffcf..0bfe626 100644 > --- a/ovn-nb.xml > +++ b/ovn-nb.xml > @@ -167,6 +167,19 @@ > </p> > </column> > > + <column name="options" key="ignore_lsp_down"> > + <p> > + If set to false, ARP/ND reply flows for logical switch ports will be > + installed only if the port is up, i.e. claimed by a Chassis. If set > + to true, these flows are installed regardless of the status of the > + port, which can result in a situation that ARP request to an IP is > + resolved even before the relevant VM/container is running. For > + environments where this is not an issue, setting it to > + <code>true</code> can reduce the load and latency of the control > + plane. The default value is <code>false</code>. > + </p> > + </column> > + > <group title="Options for configuring interconnection route advertisement"> > <p> > These options control how routes are advertised between OVN > diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at > index c6d9ae11..b89c585 100644 > --- a/tests/ovn-northd.at > +++ b/tests/ovn-northd.at > @@ -1991,3 +1991,17 @@ AT_CHECK([ovn-sbctl lflow-list | grep "ls_out_pre_lb.*priority=100" | grep reg0 > ]) > > AT_CLEANUP > + > +AT_SETUP([ovn -- ignore_lsp_down]) > +ovn_start > + > +ovn-nbctl ls-add sw0 > +ovn-nbctl lsp-add sw0 sw0-p1 -- lsp-set-addresses sw0-p1 "aa:aa:aa:aa:aa:aa 10.0.0.1" > + > +ovn-nbctl --wait=sb sync > +AT_CHECK([ovn-sbctl lflow-list | grep arp | grep 10\.0\.0\.1], [1], [ignore]) > + > +ovn-nbctl --wait=sb set NB_Global . options:ignore_lsp_down=true > +AT_CHECK([ovn-sbctl lflow-list | grep arp | grep 10\.0\.0\.1], [0], [ignore]) > + > +AT_CLEANUP > -- > 2.1.0 > > _______________________________________________ > dev mailing list > dev@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev >
On Wed, Sep 9, 2020 at 4:15 AM Numan Siddique <numans@ovn.org> wrote: > > On Wed, Sep 9, 2020 at 2:52 AM Han Zhou <hzhou@ovn.org> wrote: > > > > The checking of lsp "up" status before adding ARP responder flows was > > added to avoid confusion in cases when a network admin sees ARP response > > for VM/containers that is not up on chassis yet. However, this check > > introduces an extra round of flow change in SB and triggers computes > > on hypervisors which is unnecessary cost in most cases, especially for > > large scale environment. To improve this, this patch provides an option > > ignore_lsp_down to disable the check for the use cases when ARP reponse for a > > port that is "down" isn't considered harmful. > > > > Acked-by: Numan Siddique <numans@ovn.org> > > Signed-off-by: Han Zhou <hzhou@ovn.org> > > --- > > v1 -> v2: change the option from "check_lsp_is_up" to "ignore_lsp_down" as > > suggested by Numan. > > > Hi Han, > > The patch LGTM. > Thanks Numan. I applied this to master.
diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml index d15245a..a275442 100644 --- a/northd/ovn-northd.8.xml +++ b/northd/ovn-northd.8.xml @@ -763,9 +763,11 @@ output; <p> These flows are omitted for logical ports (other than router ports or - <code>localport</code> ports) that are down, for logical ports of - type <code>virtual</code> and for logical ports with 'unknown' - address set. + <code>localport</code> ports) that are down (unless <code> + ignore_lsp_down</code> is configured as true in <code>options</code> + column of <code>NB_Global</code> table of the <code>Northbound</code> + database), for logical ports of type <code>virtual</code> and for + logical ports with 'unknown' address set. </p> </li> @@ -812,8 +814,11 @@ nd_na_router { <p> These flows are omitted for logical ports (other than router ports or - <code>localport</code> ports) that are down and for logical ports of - type <code>virtual</code>. + <code>localport</code> ports) that are down (unless <code> + ignore_lsp_down</code> is configured as true in <code>options</code> + column of <code>NB_Global</code> table of the <code>Northbound</code> + database), for logical ports of type <code>virtual</code> and for + logical ports with 'unknown' address set. </p> </li> diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index bebb25a..100d9dc 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -87,6 +87,8 @@ static struct eth_addr mac_prefix; static bool controller_event_en; +static bool check_lsp_is_up; + /* MAC allocated for service monitor usage. Just one mac is allocated * for this purpose and ovn-controller's on each chassis will make use * of this mac when sending out the packets to monitor the services @@ -6741,7 +6743,8 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, * - port type is router or * - port type is localport */ - if (!lsp_is_up(op->nbsp) && strcmp(op->nbsp->type, "router") && + if (check_lsp_is_up && + !lsp_is_up(op->nbsp) && strcmp(op->nbsp->type, "router") && strcmp(op->nbsp->type, "localport")) { continue; } @@ -11831,6 +11834,8 @@ ovnnb_db_run(struct northd_context *ctx, controller_event_en = smap_get_bool(&nb->options, "controller_event", false); + check_lsp_is_up = !smap_get_bool(&nb->options, + "ignore_lsp_down", false); build_datapaths(ctx, datapaths, lr_list); build_ports(ctx, sbrec_chassis_by_name, datapaths, ports); diff --git a/ovn-nb.xml b/ovn-nb.xml index 109ffcf..0bfe626 100644 --- a/ovn-nb.xml +++ b/ovn-nb.xml @@ -167,6 +167,19 @@ </p> </column> + <column name="options" key="ignore_lsp_down"> + <p> + If set to false, ARP/ND reply flows for logical switch ports will be + installed only if the port is up, i.e. claimed by a Chassis. If set + to true, these flows are installed regardless of the status of the + port, which can result in a situation that ARP request to an IP is + resolved even before the relevant VM/container is running. For + environments where this is not an issue, setting it to + <code>true</code> can reduce the load and latency of the control + plane. The default value is <code>false</code>. + </p> + </column> + <group title="Options for configuring interconnection route advertisement"> <p> These options control how routes are advertised between OVN diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index c6d9ae11..b89c585 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -1991,3 +1991,17 @@ AT_CHECK([ovn-sbctl lflow-list | grep "ls_out_pre_lb.*priority=100" | grep reg0 ]) AT_CLEANUP + +AT_SETUP([ovn -- ignore_lsp_down]) +ovn_start + +ovn-nbctl ls-add sw0 +ovn-nbctl lsp-add sw0 sw0-p1 -- lsp-set-addresses sw0-p1 "aa:aa:aa:aa:aa:aa 10.0.0.1" + +ovn-nbctl --wait=sb sync +AT_CHECK([ovn-sbctl lflow-list | grep arp | grep 10\.0\.0\.1], [1], [ignore]) + +ovn-nbctl --wait=sb set NB_Global . options:ignore_lsp_down=true +AT_CHECK([ovn-sbctl lflow-list | grep arp | grep 10\.0\.0\.1], [0], [ignore]) + +AT_CLEANUP