diff mbox series

[ovs-dev,v6,2/2] northd: Add support for disabling vxlan mode.

Message ID 20240607135404.758245-3-odivlad@gmail.com
State Accepted
Headers show
Series Add support to disable VXLAN mode. | expand

Checks

Context Check Description
ovsrobot/apply-robot success apply and check: success
ovsrobot/github-robot-_Build_and_Test success github build: passed
ovsrobot/github-robot-_ovn-kubernetes success github build: passed

Commit Message

Vladislav Odintsov June 7, 2024, 1:54 p.m. UTC
Commit [1] introduced a "VXLAN mode" concept.  It brought a limitation
for available tunnel IDs because of lack of space in VXLAN VNI.
In VXLAN mode OVN is limited by 4095 datapaths (LRs or non-transit LSs)
and 2047 logical ports per datapath.

Prior to this patch VXLAN mode was enabled automatically if at least one
chassis had encap of VXLAN type.  In scenarios where one want to use
VXLAN only for HW VTEP (RAMP) switch, such limitation makes no sence.

This patch adds support for explicit disabling of VXLAN mode via
Northbound database.

1: https://github.com/ovn-org/ovn/commit/b07f1bc3d068

Acked-By: Ihar Hrachyshka <ihrachys@redhat.com>
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Vladislav Odintsov <odivlad@gmail.com>
---
 NEWS                      |  4 ++++
 northd/en-global-config.c |  8 +++++++-
 northd/northd.c           | 10 ++++++++--
 northd/northd.h           |  3 ++-
 ovn-architecture.7.xml    |  6 ++++++
 ovn-nb.xml                | 10 ++++++++++
 tests/ovn-northd.at       | 29 +++++++++++++++++++++++++++++
 7 files changed, 66 insertions(+), 4 deletions(-)

Comments

Ales Musil June 28, 2024, 8:07 a.m. UTC | #1
On Fri, Jun 7, 2024 at 3:54 PM Vladislav Odintsov <odivlad@gmail.com> wrote:

> Commit [1] introduced a "VXLAN mode" concept.  It brought a limitation
> for available tunnel IDs because of lack of space in VXLAN VNI.
> In VXLAN mode OVN is limited by 4095 datapaths (LRs or non-transit LSs)
> and 2047 logical ports per datapath.
>
> Prior to this patch VXLAN mode was enabled automatically if at least one
> chassis had encap of VXLAN type.  In scenarios where one want to use
> VXLAN only for HW VTEP (RAMP) switch, such limitation makes no sence.
>
> This patch adds support for explicit disabling of VXLAN mode via
> Northbound database.
>
> 1: https://github.com/ovn-org/ovn/commit/b07f1bc3d068
>
> Acked-By: Ihar Hrachyshka <ihrachys@redhat.com>
> Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
> Signed-off-by: Vladislav Odintsov <odivlad@gmail.com>
> ---
>  NEWS                      |  4 ++++
>  northd/en-global-config.c |  8 +++++++-
>  northd/northd.c           | 10 ++++++++--
>  northd/northd.h           |  3 ++-
>  ovn-architecture.7.xml    |  6 ++++++
>  ovn-nb.xml                | 10 ++++++++++
>  tests/ovn-northd.at       | 29 +++++++++++++++++++++++++++++
>  7 files changed, 66 insertions(+), 4 deletions(-)
>
> diff --git a/NEWS b/NEWS
> index 3bdc55172..aa1669d9c 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -31,6 +31,10 @@ Post v24.03.0
>      has been renamed to "options:ic-route-denylist" in order to comply
> with
>      inclusive language guidelines. The previous name is still recognized
> to
>      aid with backwards compatibility.
> +  - Added new global config option NB_Global:options:vxlan_mode to support
> +    ability to disable "VXLAN mode" to extend available tunnel IDs space
> for
> +    datapaths from 4095 to 16711680.  For more details see man ovn-nb(5)
> for
> +    mentioned option.
>
>  OVN v24.03.0 - 01 Mar 2024
>  --------------------------
> diff --git a/northd/en-global-config.c b/northd/en-global-config.c
> index df0f8e58c..784538a14 100644
> --- a/northd/en-global-config.c
> +++ b/northd/en-global-config.c
> @@ -117,7 +117,8 @@ en_global_config_run(struct engine_node *node , void
> *data)
>
>      char *max_tunid = xasprintf("%d",
>                                  get_ovn_max_dp_key_local(
> -                                    is_vxlan_mode(sbrec_chassis_table)));
> +                                    is_vxlan_mode(&nb->options,
> +                                                  sbrec_chassis_table)));
>      smap_replace(options, "max_tunid", max_tunid);
>      free(max_tunid);
>
> @@ -534,6 +535,11 @@ check_nb_options_out_of_sync(const struct
> nbrec_nb_global *nb,
>          return true;
>      }
>
> +    if (config_out_of_sync(&nb->options, &config_data->nb_options,
> +                           "vxlan_mode", false)) {
> +        return true;
> +    }
> +
>      return false;
>  }
>
> diff --git a/northd/northd.c b/northd/northd.c
> index 6d118a19a..a4937b472 100644
> --- a/northd/northd.c
> +++ b/northd/northd.c
> @@ -886,8 +886,13 @@ join_datapaths(const struct
> nbrec_logical_switch_table *nbrec_ls_table,
>  }
>
>  bool
> -is_vxlan_mode(const struct sbrec_chassis_table *sbrec_chassis_table)
> +is_vxlan_mode(const struct smap *nb_options,
> +              const struct sbrec_chassis_table *sbrec_chassis_table)
>  {
> +    if (!smap_get_bool(nb_options, "vxlan_mode", true)) {
> +        return false;
> +    }
> +
>      const struct sbrec_chassis *chassis;
>      SBREC_CHASSIS_TABLE_FOR_EACH (chassis, sbrec_chassis_table) {
>          for (int i = 0; i < chassis->n_encaps; i++) {
> @@ -17605,7 +17610,8 @@ ovnnb_db_run(struct northd_input *input_data,
>      use_common_zone = smap_get_bool(input_data->nb_options,
> "use_common_zone",
>                                      false);
>
> -    vxlan_mode = is_vxlan_mode(input_data->sbrec_chassis_table);
> +    vxlan_mode = is_vxlan_mode(input_data->nb_options,
> +                               input_data->sbrec_chassis_table);
>
>      build_datapaths(ovnsb_txn,
>                      input_data->nbrec_logical_switch_table,
> diff --git a/northd/northd.h b/northd/northd.h
> index 987f82954..2f2fdb673 100644
> --- a/northd/northd.h
> +++ b/northd/northd.h
> @@ -790,7 +790,8 @@ lr_has_multiple_gw_ports(const struct ovn_datapath *od)
>  }
>
>  bool
> -is_vxlan_mode(const struct sbrec_chassis_table *sbrec_chassis_table);
> +is_vxlan_mode(const struct smap *nb_options,
> +              const struct sbrec_chassis_table *sbrec_chassis_table);
>
>  uint32_t get_ovn_max_dp_key_local(bool _vxlan_mode);
>
> diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml
> index e32d1a9f7..640944faf 100644
> --- a/ovn-architecture.7.xml
> +++ b/ovn-architecture.7.xml
> @@ -2920,4 +2920,10 @@
>      the future, gateways that do not support encapsulations with large
> amounts
>      of metadata may continue to have a reduced feature set.
>    </p>
> +  <p>
> +    <code>VXLAN mode</code> is recommended to be disabled if VXLAN encap
> at
> +    hypervisors is needed only to support HW VTEP L2 Gateway
> functionality.
> +    See man ovn-nb(5) for table <code>NB_Global</code> column
> +    <code>options</code> key <code>vxlan_mode</code> for more details.
> +  </p>
>  </manpage>
> diff --git a/ovn-nb.xml b/ovn-nb.xml
> index 83f3d5f83..abc96502c 100644
> --- a/ovn-nb.xml
> +++ b/ovn-nb.xml
> @@ -381,6 +381,16 @@
>          of SB changes would be very noticeable.
>        </column>
>
> +      <column name="options" key="vxlan_mode">
> +        By default if at least one chassis in OVN cluster has VXLAN encap,
> +        northd will run in a <code>VXLAN mode</code>. See man
> +        ovn-architecture(7) <code>Tunnel Encapsulations</code> paragraph
> for
> +        more details.  In case VXLAN encaps are needed on chassis only to
> +        support HW VTEP functionality and main encap type is GENEVE or
> STT, set
> +        this option to <code>false</code> to use default
> +        non-<code>VXLAN mode</code> tunnel IDs allocation logic.
> +      </column>
> +
>        <group title="Options for configuring interconnection route
> advertisement">
>          <p>
>            These options control how routes are advertised between OVN
> diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
> index 8a1db5fc0..2f9fe693b 100644
> --- a/tests/ovn-northd.at
> +++ b/tests/ovn-northd.at
> @@ -2847,6 +2847,35 @@ AT_CHECK(
>  get_tunnel_keys
>  AT_CHECK([test $lsp02 = 3 && test $ls1 = 123])
>
> +AT_CLEANUP
> +])
> +OVN_FOR_EACH_NORTHD_NO_HV([
> +AT_SETUP([check VXLAN mode disabling])
> +ovn_start
> +
> +# Create a fake chassis with vxlan encap to implicitly enable VXLAN mode.
> +ovn-sbctl \
> +    --id=@e create encap chassis_name=hv1 ip="192.168.0.1" type="vxlan" \
> +    -- --id=@c create chassis name=hv1 encaps=@e
> +
> +cmd="ovn-nbctl --wait=sb"
> +for i in {1..4097..1}; do
> +    cmd="${cmd} -- ls-add lsw-${i}"
> +done
> +
> +check $cmd
> +
> +check_row_count nb:Logical_Switch 4097
> +wait_row_count sb:Datapath_Binding 4095
> +
> +OVS_WAIT_UNTIL([grep "all datapath tunnel ids exhausted"
> northd/ovn-northd.log])
> +
> +# Explicitly disable VXLAN mode and check that two remaining datapaths
> were created.
> +check ovn-nbctl set NB_Global . options:vxlan_mode=false
> +
> +check_row_count nb:Logical_Switch 4097
> +wait_row_count sb:Datapath_Binding 4097
> +
>  AT_CLEANUP
>  ])
>
> --
> 2.44.0
>
> _______________________________________________
> dev mailing list
> dev@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
>
Looks good to me, thanks.

Acked-by: Ales Musil <amusil@redhat.com>
diff mbox series

Patch

diff --git a/NEWS b/NEWS
index 3bdc55172..aa1669d9c 100644
--- a/NEWS
+++ b/NEWS
@@ -31,6 +31,10 @@  Post v24.03.0
     has been renamed to "options:ic-route-denylist" in order to comply with
     inclusive language guidelines. The previous name is still recognized to
     aid with backwards compatibility.
+  - Added new global config option NB_Global:options:vxlan_mode to support
+    ability to disable "VXLAN mode" to extend available tunnel IDs space for
+    datapaths from 4095 to 16711680.  For more details see man ovn-nb(5) for
+    mentioned option.
 
 OVN v24.03.0 - 01 Mar 2024
 --------------------------
diff --git a/northd/en-global-config.c b/northd/en-global-config.c
index df0f8e58c..784538a14 100644
--- a/northd/en-global-config.c
+++ b/northd/en-global-config.c
@@ -117,7 +117,8 @@  en_global_config_run(struct engine_node *node , void *data)
 
     char *max_tunid = xasprintf("%d",
                                 get_ovn_max_dp_key_local(
-                                    is_vxlan_mode(sbrec_chassis_table)));
+                                    is_vxlan_mode(&nb->options,
+                                                  sbrec_chassis_table)));
     smap_replace(options, "max_tunid", max_tunid);
     free(max_tunid);
 
@@ -534,6 +535,11 @@  check_nb_options_out_of_sync(const struct nbrec_nb_global *nb,
         return true;
     }
 
+    if (config_out_of_sync(&nb->options, &config_data->nb_options,
+                           "vxlan_mode", false)) {
+        return true;
+    }
+
     return false;
 }
 
diff --git a/northd/northd.c b/northd/northd.c
index 6d118a19a..a4937b472 100644
--- a/northd/northd.c
+++ b/northd/northd.c
@@ -886,8 +886,13 @@  join_datapaths(const struct nbrec_logical_switch_table *nbrec_ls_table,
 }
 
 bool
-is_vxlan_mode(const struct sbrec_chassis_table *sbrec_chassis_table)
+is_vxlan_mode(const struct smap *nb_options,
+              const struct sbrec_chassis_table *sbrec_chassis_table)
 {
+    if (!smap_get_bool(nb_options, "vxlan_mode", true)) {
+        return false;
+    }
+
     const struct sbrec_chassis *chassis;
     SBREC_CHASSIS_TABLE_FOR_EACH (chassis, sbrec_chassis_table) {
         for (int i = 0; i < chassis->n_encaps; i++) {
@@ -17605,7 +17610,8 @@  ovnnb_db_run(struct northd_input *input_data,
     use_common_zone = smap_get_bool(input_data->nb_options, "use_common_zone",
                                     false);
 
-    vxlan_mode = is_vxlan_mode(input_data->sbrec_chassis_table);
+    vxlan_mode = is_vxlan_mode(input_data->nb_options,
+                               input_data->sbrec_chassis_table);
 
     build_datapaths(ovnsb_txn,
                     input_data->nbrec_logical_switch_table,
diff --git a/northd/northd.h b/northd/northd.h
index 987f82954..2f2fdb673 100644
--- a/northd/northd.h
+++ b/northd/northd.h
@@ -790,7 +790,8 @@  lr_has_multiple_gw_ports(const struct ovn_datapath *od)
 }
 
 bool
-is_vxlan_mode(const struct sbrec_chassis_table *sbrec_chassis_table);
+is_vxlan_mode(const struct smap *nb_options,
+              const struct sbrec_chassis_table *sbrec_chassis_table);
 
 uint32_t get_ovn_max_dp_key_local(bool _vxlan_mode);
 
diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml
index e32d1a9f7..640944faf 100644
--- a/ovn-architecture.7.xml
+++ b/ovn-architecture.7.xml
@@ -2920,4 +2920,10 @@ 
     the future, gateways that do not support encapsulations with large amounts
     of metadata may continue to have a reduced feature set.
   </p>
+  <p>
+    <code>VXLAN mode</code> is recommended to be disabled if VXLAN encap at
+    hypervisors is needed only to support HW VTEP L2 Gateway functionality.
+    See man ovn-nb(5) for table <code>NB_Global</code> column
+    <code>options</code> key <code>vxlan_mode</code> for more details.
+  </p>
 </manpage>
diff --git a/ovn-nb.xml b/ovn-nb.xml
index 83f3d5f83..abc96502c 100644
--- a/ovn-nb.xml
+++ b/ovn-nb.xml
@@ -381,6 +381,16 @@ 
         of SB changes would be very noticeable.
       </column>
 
+      <column name="options" key="vxlan_mode">
+        By default if at least one chassis in OVN cluster has VXLAN encap,
+        northd will run in a <code>VXLAN mode</code>. See man
+        ovn-architecture(7) <code>Tunnel Encapsulations</code> paragraph for
+        more details.  In case VXLAN encaps are needed on chassis only to
+        support HW VTEP functionality and main encap type is GENEVE or STT, set
+        this option to <code>false</code> to use default
+        non-<code>VXLAN mode</code> tunnel IDs allocation logic.
+      </column>
+
       <group title="Options for configuring interconnection route advertisement">
         <p>
           These options control how routes are advertised between OVN
diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
index 8a1db5fc0..2f9fe693b 100644
--- a/tests/ovn-northd.at
+++ b/tests/ovn-northd.at
@@ -2847,6 +2847,35 @@  AT_CHECK(
 get_tunnel_keys
 AT_CHECK([test $lsp02 = 3 && test $ls1 = 123])
 
+AT_CLEANUP
+])
+OVN_FOR_EACH_NORTHD_NO_HV([
+AT_SETUP([check VXLAN mode disabling])
+ovn_start
+
+# Create a fake chassis with vxlan encap to implicitly enable VXLAN mode.
+ovn-sbctl \
+    --id=@e create encap chassis_name=hv1 ip="192.168.0.1" type="vxlan" \
+    -- --id=@c create chassis name=hv1 encaps=@e
+
+cmd="ovn-nbctl --wait=sb"
+for i in {1..4097..1}; do
+    cmd="${cmd} -- ls-add lsw-${i}"
+done
+
+check $cmd
+
+check_row_count nb:Logical_Switch 4097
+wait_row_count sb:Datapath_Binding 4095
+
+OVS_WAIT_UNTIL([grep "all datapath tunnel ids exhausted" northd/ovn-northd.log])
+
+# Explicitly disable VXLAN mode and check that two remaining datapaths were created.
+check ovn-nbctl set NB_Global . options:vxlan_mode=false
+
+check_row_count nb:Logical_Switch 4097
+wait_row_count sb:Datapath_Binding 4097
+
 AT_CLEANUP
 ])