From patchwork Fri Jun 11 10:17:33 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lorenzo Bianconi X-Patchwork-Id: 1490895 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=bev2vgSc; dkim-atps=neutral Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4G1cHF3V31z9sRf for ; Fri, 11 Jun 2021 20:18:01 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id F30B84157D; Fri, 11 Jun 2021 10:17:57 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7GN_uQzaS6u3; Fri, 11 Jun 2021 10:17:56 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp4.osuosl.org (Postfix) with ESMTPS id 8C29E4159A; Fri, 11 Jun 2021 10:17:55 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 5C521C000D; Fri, 11 Jun 2021 10:17:55 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 2DECAC0024 for ; Fri, 11 Jun 2021 10:17:54 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id DE171404CF for ; Fri, 11 Jun 2021 10:17:53 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp2.osuosl.org (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lE36lTI6f5R7 for ; Fri, 11 Jun 2021 10:17:52 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id AD222404CB for ; Fri, 11 Jun 2021 10:17:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1623406671; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=m8DEYbdNhh3kPFc75kJMeczGYr4SdzytijH64UQaOrA=; b=bev2vgScG4KM8TIoMh9EkzaAZa1Xl2YbBZaC+nkCbpUu84uA61ZYFP+N/E3O2eVvIGIraW 1l5KEqCuH/EZThCAdNpmOgwTCLAyXs+erQR/LVLYi/4M9MA65QzC3RLGKYN+G9EU/l6Qr2 fIiF5cUIAHvc3CbeYq9DIehRVaN5yqQ= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-555-cKQSSAbRM9aILNmx23fDFQ-1; Fri, 11 Jun 2021 06:17:49 -0400 X-MC-Unique: cKQSSAbRM9aILNmx23fDFQ-1 Received: by mail-wm1-f69.google.com with SMTP id h9-20020a05600c3509b02901b985251fdcso3351706wmq.9 for ; Fri, 11 Jun 2021 03:17:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=m8DEYbdNhh3kPFc75kJMeczGYr4SdzytijH64UQaOrA=; b=iIoMK1DeoUR1orc3/irjvbwCyS5LwUxfLZtE6sXikD03EbvKz22v0b8VigCRE7rxzg xfmTSQjD9HwjRpNrnL0taBCdZhgTg/nWkoKs9Lsd8LyouuzK1v/SGp7+nHCmt4byEbhN Q722hzZrTdq/tt+nhfhXXOXadSZHRC1pGSk2BHJ0+I0O6K9fKvm+Fak2WEbJMH2M2FLQ DkgfjyBaIbHiaEl2JRqzgsUp1rm7hFEE9m7KH7EdhFHsQLRaHCiTvSqwhgOQXrgWGhTe SSK+wD8vYQ2GFRGEEYXOZdOc2rSJFIGE0a0zB4Pun2GZZUk1la7NaBuxOEQ65ErqBJTU 7X0w== X-Gm-Message-State: AOAM533r7gaBB1zMBPb4FveKyEwrbOecimhwV7Ox3SBTQr0yEUQNPJhK PFAKcdFPghsadVe6JerpA8MWKsL8ddyeZmhfmTpqj+0ff1G+NVXN3hbrNCJEhEbCEYk6rGmCA9Z AhXsBIDLQY1fFQ9nFNnYsrX7o97hFBDoS6dMOjBcX1SLrrtlwMmBP8QEp8SmzHhZ7U0qoqlNurm kxWtU/ X-Received: by 2002:adf:df8a:: with SMTP id z10mr3431846wrl.62.1623406667957; Fri, 11 Jun 2021 03:17:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzOw4eYOo2oDMnxeNMlDAJsPoed+igQdpnlJ3efzbM0MKYcRd4N5RBJNpzJklgr0SHVuq4L9w== X-Received: by 2002:adf:df8a:: with SMTP id z10mr3431824wrl.62.1623406667719; Fri, 11 Jun 2021 03:17:47 -0700 (PDT) Received: from lore-desk.redhat.com (net-47-53-237-43.cust.vodafonedsl.it. [47.53.237.43]) by smtp.gmail.com with ESMTPSA id x18sm6465331wrw.19.2021.06.11.03.17.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 11 Jun 2021 03:17:47 -0700 (PDT) From: Lorenzo Bianconi To: ovs-dev@openvswitch.org Date: Fri, 11 Jun 2021 12:17:33 +0200 Message-Id: <8530ab56ba03f76f7e33bb350281ddd2e63c708b.1623405172.git.lorenzo.bianconi@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lorenzo.bianconi@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH ovn 3/6] northd: move build_empty_lb_event_flow in build_lrouter_flows_for_lb X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Introduce build_lrouter_flows_for_lb routine in order to visit first each load_balancer and then related datapath during lb flow installation. This patch allows to reduce memory footprint and cpu utilization in ovn-northd. Signed-off-by: Lorenzo Bianconi --- northd/ovn-northd.c | 109 +++++++++++++++++++++++++++++--------------- 1 file changed, 73 insertions(+), 36 deletions(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index 35d205eab..701cc4fbb 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -5125,52 +5125,53 @@ ls_has_dns_records(const struct nbrec_logical_switch *nbs) return false; } -static void -build_empty_lb_event_flow(struct ovn_datapath *od, struct hmap *lflows, - struct ovn_lb_vip *lb_vip, - struct nbrec_load_balancer *lb, - int pl, struct shash *meter_groups) +static bool +build_empty_lb_event_flow(struct ovn_lb_vip *lb_vip, + const struct nbrec_load_balancer *lb, + struct shash *meter_groups, + struct ds *match, struct ds *action) { bool controller_event = smap_get_bool(&lb->options, "event", false) || controller_event_en; /* deprecated */ if (!controller_event || lb_vip->n_backends || lb_vip->empty_backend_rej) { - return; + return false; } + ds_clear(action); + ds_clear(match); + bool ipv4 = IN6_IS_ADDR_V4MAPPED(&lb_vip->vip); - struct ds match = DS_EMPTY_INITIALIZER; - char *meter = "", *action; + char *meter = ""; if (meter_groups && shash_find(meter_groups, "event-elb")) { meter = "event-elb"; } - ds_put_format(&match, "ip%s.dst == %s && %s", + ds_put_format(match, "ip%s.dst == %s && %s", ipv4 ? "4": "6", lb_vip->vip_str, lb->protocol); char *vip = lb_vip->vip_str; if (lb_vip->vip_port) { - ds_put_format(&match, " && %s.dst == %u", lb->protocol, + ds_put_format(match, " && %s.dst == %u", lb->protocol, lb_vip->vip_port); vip = xasprintf("%s%s%s:%u", ipv4 ? "" : "[", lb_vip->vip_str, ipv4 ? "" : "]", lb_vip->vip_port); } - action = xasprintf("trigger_event(event = \"%s\", " - "meter = \"%s\", vip = \"%s\", " - "protocol = \"%s\", " - "load_balancer = \"" UUID_FMT "\");", - event_to_string(OVN_EVENT_EMPTY_LB_BACKENDS), - meter, vip, lb->protocol, - UUID_ARGS(&lb->header_.uuid)); - ovn_lflow_add_with_hint(lflows, od, pl, 130, ds_cstr(&match), action, - &lb->header_); - ds_destroy(&match); + ds_put_format(action, + "trigger_event(event = \"%s\", " + "meter = \"%s\", vip = \"%s\", " + "protocol = \"%s\", " + "load_balancer = \"" UUID_FMT "\");", + event_to_string(OVN_EVENT_EMPTY_LB_BACKENDS), + meter, vip, lb->protocol, + UUID_ARGS(&lb->header_.uuid)); if (lb_vip->vip_port) { free(vip); } - free(action); + + return true; } static bool @@ -5226,16 +5227,28 @@ build_pre_lb(struct ovn_datapath *od, struct hmap *lflows, ovn_northd_lb_find(lbs, &nb_lb->header_.uuid); ovs_assert(lb); + struct ds action = DS_EMPTY_INITIALIZER; + struct ds match = DS_EMPTY_INITIALIZER; + for (size_t j = 0; j < lb->n_vips; j++) { struct ovn_lb_vip *lb_vip = &lb->vips[j]; - build_empty_lb_event_flow(od, lflows, lb_vip, nb_lb, - S_SWITCH_IN_PRE_LB, meter_groups); + + ds_clear(&action); + ds_clear(&match); + if (build_empty_lb_event_flow(lb_vip, nb_lb, meter_groups, + &match, &action)) { + ovn_lflow_add_with_hint(lflows, od, S_SWITCH_IN_PRE_LB, 130, + ds_cstr(&match), ds_cstr(&action), + &nb_lb->header_); + } /* Ignore L4 port information in the key because fragmented packets * may not have L4 information. The pre-stateful table will send * the packet through ct() action to de-fragment. In stateful * table, we will eventually look at L4 information. */ } + ds_destroy(&action); + ds_destroy(&match); vip_configured = (vip_configured || lb->n_vips); } @@ -8720,11 +8733,8 @@ add_router_lb_flow(struct hmap *lflows, struct ovn_datapath *od, struct ds *match, struct ds *actions, int priority, enum lb_snat_type snat_type, struct ovn_lb_vip *lb_vip, const char *proto, struct nbrec_load_balancer *lb, - struct shash *meter_groups, struct sset *nat_entries) + struct sset *nat_entries) { - build_empty_lb_event_flow(od, lflows, lb_vip, lb, S_ROUTER_IN_DNAT, - meter_groups); - /* A match and actions for new connections. */ char *new_match = xasprintf("ct.new && %s", ds_cstr(match)); if (snat_type == FORCE_SNAT || snat_type == SKIP_SNAT) { @@ -8835,11 +8845,37 @@ add_router_lb_flow(struct hmap *lflows, struct ovn_datapath *od, ds_destroy(&undnat_match); } +static void +build_lrouter_flows_for_lb(struct ovn_northd_lb *lb, struct hmap *lflows, + struct shash *meter_groups) +{ + if (!lb->n_nb_lr) { + return; + } + + struct ds action = DS_EMPTY_INITIALIZER; + struct ds match = DS_EMPTY_INITIALIZER; + + for (size_t i = 0; i < lb->n_vips; i++) { + if (build_empty_lb_event_flow(&lb->vips[i], lb->nlb, meter_groups, + &match, &action)) { + for (int j = 0; j < lb->n_nb_lr; j++) { + ovn_lflow_add_with_hint(lflows, lb->nb_lr[j], S_ROUTER_IN_DNAT, + 130, ds_cstr(&match), + ds_cstr(&action), + &lb->nlb->header_); + } + } + } + + ds_destroy(&action); + ds_destroy(&match); +} + static void build_lrouter_lb_flows(struct hmap *lflows, struct ovn_datapath *od, - struct hmap *lbs, struct shash *meter_groups, - struct sset *nat_entries, struct ds *match, - struct ds *actions) + struct hmap *lbs, struct sset *nat_entries, + struct ds *match, struct ds *actions) { /* A set to hold all ips that need defragmentation and tracking. */ struct sset all_ips = SSET_INITIALIZER(&all_ips); @@ -8924,7 +8960,7 @@ build_lrouter_lb_flows(struct hmap *lflows, struct ovn_datapath *od, } add_router_lb_flow(lflows, od, match, actions, prio, snat_type, lb_vip, proto, nb_lb, - meter_groups, nat_entries); + nat_entries); } } sset_destroy(&all_ips); @@ -11680,7 +11716,6 @@ lrouter_check_nat_entry(struct ovn_datapath *od, const struct nbrec_nat *nat, static void build_lrouter_nat_defrag_and_lb(struct ovn_datapath *od, struct hmap *lflows, - struct shash *meter_groups, struct hmap *lbs, struct ds *match, struct ds *actions) { @@ -11882,8 +11917,7 @@ build_lrouter_nat_defrag_and_lb(struct ovn_datapath *od, return; } - build_lrouter_lb_flows(lflows, od, lbs, meter_groups, &nat_entries, - match, actions); + build_lrouter_lb_flows(lflows, od, lbs, &nat_entries, match, actions); sset_destroy(&nat_entries); } @@ -11949,8 +11983,8 @@ build_lswitch_and_lrouter_iterate_by_od(struct ovn_datapath *od, &lsi->actions); build_misc_local_traffic_drop_flows_for_lrouter(od, lsi->lflows); build_lrouter_arp_nd_for_datapath(od, lsi->lflows); - build_lrouter_nat_defrag_and_lb(od, lsi->lflows, lsi->meter_groups, - lsi->lbs, &lsi->match, &lsi->actions); + build_lrouter_nat_defrag_and_lb(od, lsi->lflows, lsi->lbs, &lsi->match, + &lsi->actions); } /* Helper function to combine all lflow generation which is iterated by port. @@ -12058,6 +12092,8 @@ build_lflows_thread(void *arg) build_lswitch_arp_nd_service_monitor(lb, lsi->lflows, &lsi->match, &lsi->actions); + build_lrouter_flows_for_lb(lb, lsi->lflows, + lsi->meter_groups); } } for (bnum = control->id; @@ -12221,6 +12257,7 @@ build_lswitch_and_lrouter_flows(struct hmap *datapaths, struct hmap *ports, build_lswitch_arp_nd_service_monitor(lb, lsi.lflows, &lsi.actions, &lsi.match); + build_lrouter_flows_for_lb(lb, lsi.lflows, lsi.meter_groups); } HMAP_FOR_EACH (igmp_group, hmap_node, igmp_groups) { build_lswitch_ip_mcast_igmp_mld(igmp_group,