[ovs-dev,v1,15/18] northd: Add ls_lbacls handler for lflow engine node.

Message ID	20231024005002.4134039-1-numans@ovn.org
State	Superseded
Headers	show Return-Path: <ovs-dev-bounces@openvswitch.org> From: numans@ovn.org To: dev@openvswitch.org Date: Mon, 23 Oct 2023 20:50:02 -0400 Message-ID: <20231024005002.4134039-1-numans@ovn.org> In-Reply-To: <20231024004244.4133452-1-numans@ovn.org> References: <20231024004244.4133452-1-numans@ovn.org> MIME-Version: 1.0 Subject: [ovs-dev] [PATCH ovn v1 15/18] northd: Add ls_lbacls handler for lflow engine node. Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" <ovs-dev-bounces@openvswitch.org>
Series	lflow incremental processing \| expand [ovs-dev,v1,00/18] lflow incremental processing [ovs-dev,v1,01/18] northd: Refactor the northd change tracking. [ovs-dev,v1,02/18] northd: Track ovn_datapaths in northd engine track data. [ovs-dev,v1,03/18] tests: Add a couple of tests in ovn-northd for I-P. [ovs-dev,v1,04/18] northd: Move router ports SB PB options sync to sync_to_sb_pb node. [ovs-dev,v1,05/18] northd: Add a new engine 'lr-nat' to manage lr NAT data. [ovs-dev,v1,06/18] northd: Add a new engine 'lr-lb-nat-data' to manage routers' lb data. [ovs-dev,v1,07/18] northd: Generate logical router's LB and NAT flows using lr_lbnat_data. [ovs-dev,v1,08/18] northd: Don't commit dhcp response flows in the conntrack. [ovs-dev,v1,09/18] northd: Add a new node ls_lbacls. [ovs-dev,v1,10/18] northd: Refactor lflow management into a separate module. [ovs-dev,v1,11/18] northd: Use lflow_ref when adding all logical flows. [ovs-dev,v1,12/18] northd: Move ovn_lb_datapaths from lib to northd module. [ovs-dev,v1,13/18] northd: Handle lb changes in lflow engine. [ovs-dev,v1,14/18] northd: Add lr_lb_nat_data handler for lflow engine node. [ovs-dev,v1,15/18] northd: Add ls_lbacls handler for lflow engine node. [ovs-dev,v1,16/18] northd: Add I-P for NB_Global and SB_Global. [ovs-dev,v1,17/18] northd: Add a noop handler for northd SB mac binding. [ovs-dev,v1,18/18] northd: Add northd change handler for sync_to_sb_lb node.

Context	Check	Description
ovsrobot/apply-robot	success	apply and check: success
ovsrobot/github-robot-_Build_and_Test	success	github build: passed
ovsrobot/github-robot-_ovn-kubernetes	success	github build: passed

diff --git a/northd/en-lflow.c b/northd/en-lflow.c index 613351eba2..90ebb97657 100644 --- a/northd/en-lflow.c +++ b/northd/en-lflow.c @@ -192,6 +192,36 @@ lflow_lr_lb_nat_data_handler(struct engine_node *node, void *data) return true; } +bool +lflow_ls_lbacls_handler(struct engine_node *node, void *data) +{ + struct ed_type_ls_lbacls *ls_lbacls_data = + engine_get_input_data("ls_lbacls", node); + + if (!ls_lbacls_data->tracked || + !hmapx_is_empty(&ls_lbacls_data->tracked_data.deleted)) { + return false; + } + + const struct engine_context *eng_ctx = engine_get_context(); + struct lflow_data *lflow_data = data; + + struct lflow_input lflow_input; + lflow_get_input_data(node, &lflow_input); + + if (!lflow_handle_ls_lbacls_changes(eng_ctx->ovnsb_idl_txn, + &ls_lbacls_data->tracked_data, + &lflow_input, + lflow_data->lflow_table)) { + return false; + } + + + engine_set_node_state(node, EN_UPDATED); + + return true; +} + void *en_lflow_init(struct engine_node *node OVS_UNUSED, struct engine_arg *arg OVS_UNUSED) { diff --git a/northd/en-lflow.h b/northd/en-lflow.h index adbd8767c9..7f4fe43d55 100644 --- a/northd/en-lflow.h +++ b/northd/en-lflow.h @@ -21,5 +21,6 @@ void en_lflow_cleanup(void *data); bool lflow_northd_handler(struct engine_node *, void *data); bool lflow_port_group_handler(struct engine_node *, void *data); bool lflow_lr_lb_nat_data_handler(struct engine_node *, void *data); +bool lflow_ls_lbacls_handler(struct engine_node *node, void *data); #endif /* EN_LFLOW_H */ diff --git a/northd/en-ls-lb-acls.c b/northd/en-ls-lb-acls.c index 1ba7ecb3e2..643c8caab2 100644 --- a/northd/en-ls-lb-acls.c +++ b/northd/en-ls-lb-acls.c @@ -39,6 +39,7 @@ #include "lib/ovn-sb-idl.h" #include "lib/ovn-util.h" #include "lib/stopwatch-names.h" +#include "lflow-mgr.h" #include "northd.h" VLOG_DEFINE_THIS_MODULE(en_ls_lbacls); @@ -356,6 +357,7 @@ ls_lbacls_record_create(struct ls_lbacls_table *table, struct ls_lbacls_record *ls_lbacls_rec = xzalloc(sizeof *ls_lbacls_rec); ls_lbacls_rec->od = od; ls_lbacls_record_init(ls_lbacls_rec, od, NULL, ls_pgs); + ls_lbacls_rec->lflow_ref = lflow_ref_alloc(od->nbs->name); hmap_insert(&table->entries, &ls_lbacls_rec->key_node, uuid_hash(&ls_lbacls_rec->od->nbs->header_.uuid)); @@ -366,6 +368,7 @@ ls_lbacls_record_create(struct ls_lbacls_table *table, static void ls_lbacls_record_destroy(struct ls_lbacls_record *ls_lbacls_rec) { + lflow_ref_destroy(ls_lbacls_rec->lflow_ref); free(ls_lbacls_rec); } diff --git a/northd/en-ls-lb-acls.h b/northd/en-ls-lb-acls.h index ccb75e40e8..71126aa4f4 100644 --- a/northd/en-ls-lb-acls.h +++ b/northd/en-ls-lb-acls.h @@ -31,6 +31,8 @@ #include "lib/ovn-util.h" #include "lib/stopwatch-names.h" +struct lflow_ref; + struct ls_lbacls_record { struct hmap_node key_node; @@ -39,6 +41,8 @@ struct ls_lbacls_record { bool has_lb_vip; bool has_acls; uint64_t max_acl_tier; + + struct lflow_ref *lflow_ref; }; struct ls_lbacls_table { diff --git a/northd/inc-proc-northd.c b/northd/inc-proc-northd.c index 955b5e2ed1..5c3d9faafa 100644 --- a/northd/inc-proc-northd.c +++ b/northd/inc-proc-northd.c @@ -236,11 +236,11 @@ void inc_proc_northd_init(struct ovsdb_idl_loop *nb, engine_add_input(&en_lflow, &en_sb_multicast_group, NULL); engine_add_input(&en_lflow, &en_sb_igmp_group, NULL); engine_add_input(&en_lflow, &en_sb_logical_dp_group, NULL); - engine_add_input(&en_lflow, &en_ls_lbacls, NULL); engine_add_input(&en_lflow, &en_northd, lflow_northd_handler); engine_add_input(&en_lflow, &en_port_group, lflow_port_group_handler); engine_add_input(&en_lflow, &en_lr_lb_nat_data, lflow_lr_lb_nat_data_handler); + engine_add_input(&en_lflow, &en_ls_lbacls, lflow_ls_lbacls_handler); engine_add_input(&en_sync_to_sb_addr_set, &en_nb_address_set, sync_to_sb_addr_set_nb_address_set_handler); diff --git a/northd/northd.c b/northd/northd.c index 5c12194454..1f87102a05 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -15747,13 +15747,14 @@ build_ls_lbacls_flows(const struct ls_lbacls_record *ls_lbacls_rec, ovs_assert(ls_lbacls_rec->od); build_ls_lbacls_rec_pre_acls(ls_lbacls_rec, ls_pgs, lflows, - NULL); + ls_lbacls_rec->lflow_ref); build_ls_lbacls_rec_pre_lb(ls_lbacls_rec, lflows, - NULL); - build_acl_hints(ls_lbacls_rec, features, lflows, NULL); + ls_lbacls_rec->lflow_ref); + build_acl_hints(ls_lbacls_rec, features, lflows, + ls_lbacls_rec->lflow_ref); build_acls(ls_lbacls_rec, features, lflows, ls_pgs, meter_groups, - NULL); - build_lb_hairpin(ls_lbacls_rec, lflows, NULL); + ls_lbacls_rec->lflow_ref); + build_lb_hairpin(ls_lbacls_rec, lflows, ls_lbacls_rec->lflow_ref); } struct lswitch_flow_build_info { @@ -16721,6 +16722,45 @@ lflow_handle_lr_lb_nat_data_changes(struct ovsdb_idl_txn *ovnsb_txn, return true; } +bool +lflow_handle_ls_lbacls_changes(struct ovsdb_idl_txn *ovnsb_txn, + struct ls_lbacls_tracked_data *trk_data, + struct lflow_input *lflow_input, + struct lflow_table *lflows) +{ + struct ls_lbacls_record *ls_lbacls_rec; + struct hmapx_node *hmapx_node; + + HMAPX_FOR_EACH (hmapx_node, &trk_data->crupdated) { + ls_lbacls_rec = hmapx_node->data; + + lflow_ref_clear_lflows(ls_lbacls_rec->lflow_ref, ls_lbacls_rec->od, + lflows); + + /* Generate new lflows. */ + struct ds match = DS_EMPTY_INITIALIZER; + struct ds actions = DS_EMPTY_INITIALIZER; + + build_ls_lbacls_flows(ls_lbacls_rec, lflow_input->ls_port_groups, + lflow_input->features, lflow_input->meter_groups, + lflows); + + ds_destroy(&match); + ds_destroy(&actions); + + /* Sync the new flows to SB. */ + lflow_ref_sync_lflows_to_sb(ls_lbacls_rec->lflow_ref, lflows, + ovnsb_txn, + lflow_input->ls_datapaths, + lflow_input->lr_datapaths, + lflow_input->ovn_internal_version_changed, + lflow_input->sbrec_logical_flow_table, + lflow_input->sbrec_logical_dp_group_table); + } + + return true; +} + static bool mirror_needs_update(const struct nbrec_mirror *nb_mirror, const struct sbrec_mirror *sb_mirror) diff --git a/northd/northd.h b/northd/northd.h index 98d3593dc1..3008c7855f 100644 --- a/northd/northd.h +++ b/northd/northd.h @@ -706,6 +706,7 @@ void northd_indices_create(struct northd_data *data, struct lflow_table; struct lr_lb_nat_data_tracked_data; +struct ls_lbacls_tracked_data; void build_lflows(struct ovsdb_idl_txn *ovnsb_txn, struct lflow_input *input_data, @@ -722,6 +723,10 @@ bool lflow_handle_lr_lb_nat_data_changes(struct ovsdb_idl_txn *, struct lr_lb_nat_data_tracked_data *, struct lflow_input *, struct lflow_table *lflows); +bool lflow_handle_ls_lbacls_changes(struct ovsdb_idl_txn *, + struct ls_lbacls_tracked_data *, + struct lflow_input *, + struct lflow_table *lflows); bool northd_handle_sb_port_binding_changes( const struct sbrec_port_binding_table *, struct hmap *ls_ports, struct hmap *lr_ports); diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index 3c330a051f..e083c8925f 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -10502,11 +10502,12 @@ check ovn-nbctl --wait=sb ls-lb-add sw0 lb1 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute # A LB applied to a switch/router triggers: # - a recompute in the first iteration (handling northd change) # - a compute in the second iteration (handling SB update) check_engine_stats sync_to_sb_lb recompute compute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE # Modify the backend of the lb1 vip @@ -10515,7 +10516,8 @@ check ovn-nbctl --wait=sb set load_balancer lb1 vips:'"10.0.0.10:80"'='"10.0.0.1 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10525,7 +10527,8 @@ check ovn-nbctl --wait=sb clear load_Balancer lb1 vips check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10535,7 +10538,8 @@ check ovn-nbctl --wait=sb lb-add lb1 10.0.0.10:80 10.0.0.3:80 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10545,7 +10549,8 @@ check ovn-nbctl --wait=sb lb-add lb1 10.0.0.20:80 10.0.0.30:8080 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10555,6 +10560,7 @@ check ovn-nbctl --wait=sb ls-lb-del sw0 lb1 check_engine_stats lb_data norecompute compute check_engine_stats northd recompute nocompute check_engine_stats lr_lb_nat_data recompute nocompute +check_engine_stats ls_lbacls recompute nocompute check_engine_stats lflow recompute nocompute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10566,7 +10572,8 @@ check ovn-nbctl --wait=sb ls-lb-add sw0 lb1 -- lsp-add sw0 sw0p1 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10685,7 +10692,7 @@ check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute check_engine_stats ls_lbacls norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute # Update lb and this should not result in northd recompute @@ -10693,8 +10700,9 @@ check as northd ovn-appctl -t NORTHD_TYPE inc-engine/clear-stats check ovn-nbctl --wait=sb set load_balancer . options:bar=foo check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute +check_engine_stats lr_lb_nat_data norecompute compute check_engine_stats ls_lbacls norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute # Modify the backend of the lb1 vip @@ -10704,7 +10712,7 @@ check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute check_engine_stats ls_lbacls norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10714,7 +10722,8 @@ check ovn-nbctl --wait=sb clear load_Balancer lb1 vips check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10724,7 +10733,8 @@ check ovn-nbctl --wait=sb lb-add lb1 10.0.0.10:80 10.0.0.3:80 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10734,7 +10744,8 @@ check ovn-nbctl --wait=sb lb-add lb1 10.0.0.20:80 10.0.0.30:8080 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10809,7 +10820,8 @@ check ovn-nbctl --wait=sb add logical_switch sw0 load_balancer_group $lbg1_uuid check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10862,7 +10874,8 @@ check ovn-nbctl --wait=sb set logical_switch sw0 load_balancer_group=$lbg1_uuid check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10880,7 +10893,8 @@ check ovn-nbctl --wait=sb ls-lb-add sw0 lb2 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute nocompute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10889,7 +10903,8 @@ check ovn-nbctl --wait=sb ls-lb-add sw0 lb3 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute nocompute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10917,6 +10932,7 @@ check ovn-nbctl --wait=sb lr-lb-del lr1 lb2 check_engine_stats lb_data norecompute compute check_engine_stats northd recompute nocompute check_engine_stats lr_lb_nat_data recompute nocompute +check_engine_stats ls_lbacls recompute nocompute check_engine_stats lflow recompute nocompute check_engine_stats sync_to_sb_lb recompute nocompute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10928,7 +10944,8 @@ check ovn-nbctl --wait=sb lb-del lb4 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -10939,7 +10956,8 @@ check ovn-nbctl --wait=sb lb-del lb2 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute check_engine_stats lr_lb_nat_data norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats ls_lbacls norecompute compute +check_engine_stats lflow norecompute compute check_engine_stats sync_to_sb_lb recompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE @@ -11006,7 +11024,7 @@ check as northd ovn-appctl -t NORTHD_TYPE inc-engine/clear-stats check ovn-nbctl --wait=sb ls-lb-add sw0 lb1 check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats lflow norecompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE # Clear the VIPs of lb1 @@ -11014,7 +11032,7 @@ check as northd ovn-appctl -t NORTHD_TYPE inc-engine/clear-stats check ovn-nbctl --wait=sb clear load_balancer . vips check_engine_stats lb_data norecompute compute check_engine_stats northd norecompute compute -check_engine_stats lflow recompute nocompute +check_engine_stats lflow norecompute compute CHECK_NO_CHANGE_AFTER_RECOMPUTE check as northd ovn-appctl -t NORTHD_TYPE inc-engine/clear-stats

[ovs-dev,v1,15/18] northd: Add ls_lbacls handler for lflow engine node.

Checks

Commit Message

Patch