| Message ID | 20240713212347.2466088-1-amorenoz@redhat.com |
|---|---|
| Headers | show |
| Series | Introduce local sampling with NXAST_SAMPLE action. | expand |
On 7/13/24 23:23, Adrian Moreno wrote: > (Was: Add psample support to NXAST_SAMPLE action) > > This is the userspace counterpart of the work done in the kernel > which has recently been merged in net-next [1]. There, a new > datapath action is added, called "psample". > > From the PoV of ovs-vswitchd, this new action is used to implement > "local sampling". Local sampling (or lsample for short) is configured > in a similar way as current per-flow IPFIX sampling, i.e: using the > Flow_Sample_Collector_Set table and the NXAST_SAMPLE action. > > However, instead of sending the sample to an external IPFIX collector > though the network, the sample is emitted using the new action and > made available to locally running sample collector. > > The specific way emit_sample sends the sample (and the way the local > collector shall collect it) is datapath-specific. > Currently, currently only the Linux kernel datapath implements it using > the psample netlink multicast group. > > ~~ Configuration ~~ > Local sampling is configured via a new column in the > Flow_Sample_Collector_Set (FSCS) table called "local_group_id". > Configuring this value is orthogonal to also associating the FSCS > entry to an entry in the IPFIX table. > > Once that entry in the OVSDB is configured, NXAST_SAMPLE actions coming > from the controller will be translated into the following odp action: > > sample(sample={P}%, actions(emit_sample(group={G},cookie={C}))) > > Where: > P: Is the sampling probability from NXAST_SAMPLE > G: Is the group id in the FSCS entry whose "id" matches the one in > the NXAST_SAMPLE. > C: Is a 64bit cookie result of concatenating the obs_domain and > obs_point from the NXAST_SAMPLE in network order, i.e: > "htonl(obs_domain) << 32 | htonl(obs_point)" > Notes: > - The parent sample action might be omitted if the probability is > 100% and there is no IPFIX sampling that requires the use of a > meter. > > ~~ Dpif-lsample ~~ > Internally, a new object called "dpif-lsample" is introduced to track > the configured local sampling exporters and track statistics based on > odp flow stats (using xcache). > It exposes the list of configured exporters and their statistics on a > new unixctl command called "lsample/show". > > ~~ Drop monitoring ~~ > A common use-case for this action can be to sample drops. However, > adding sample actions to drops makes the existing drop statistics > disappear. In order to fix this, patch 11 make use of explicit > drop actions to ensure statistics still report drops even if sampled. > /home/amorenoz/devel/patches/ovs/ovs_psample/v2/v2-0000-cover-letter.patch > ~~ Extended OpenFlow sample action ~~ > Given the series aims at making sampling production ready, conntrack > integration must be considered. A common use-case for state-full > pipelines is to calculate the observation metadata at connection > establishment, store it in ct_label and then use it for packets of > established connections. However, this forces OVN to create a big number > of OFP Flows (one per distinct cookie). Patch 13 solves this by allowing > controllers to specify the obs_domain and point ids from another OFP > field. > > ~~ Testing ~~ > The series includes an test utility program than can be executed by > running "tests/ovstest test-psample". This utility listens > to packets multicasted by the psample module and prints them (also > printing the obs_domain and obs_point ids). > > ~~ HW Offload ~~ > tc offload is not being introduced in this series as existing sample > or userspace actions are not currently offloadable. Also some > improvements need to be implemented in tc for it to be feasible. > > ~~ DPDK datapath ~~ DPDK is not a datapath. :) > By naming the action "psample" it was intentionally restricted to the > Linux datapath only. A follow up task would be spawned to think of a > good way of implementing local-sampling in the userspace datapath. > > [1] > https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=aae0b82b46cb5004bdf82a000c004d69a0885c33 > > --- > * v3 -> v4 > - Dropped patches 7 and 8 that added a unixctl command to gather > statistics as they would be inaccurate and of low added value. > - Addressed other small comments from Ilya. > > * v2 -> v3 > - Added a knob to configure explicit sampled drops. > - Addressed Eelco comments. > > * v1 -> v2 > - Added a patch (12/13) that implements Eelco's suggestion of adding > a global constant all-one "enum mf_subfield" > - Combined both drop-monitoring patches into one that is implemented by > tweaking the odp actions list if it ends with a sample action. > - Added a test case that includes non-100% probability for which > test-psample.c is tought to also print it. > - Support specifying smaller fields in obs_{point/domain}_id. > - Address other styling comments from Eelco and Ilya. > > * rfc_v2 -> rfc_v3 > - Added patches 11, 12 and 13 fixing drop monitoring and extending the > OpenFlow action to support field-specifiers. > > > Adrian Moreno (11): > ofproto-dpif: Allow forcing dp features. > odp-util: Add support OVS_ACTION_ATTR_PSAMPLE. > ofproto_dpif: Check for psample support. > ofproto: Add ofproto-dpif-lsample. > vswitchd: Add local sampling to vswitchd schema. > ofproto-dpif-xlate: Use psample for local sample. > tests: Add test-psample testing utility. > tests: Test local sampling. > ofproto: xlate: Make sampled drops explicit. > ofproto-dpif-xlate: Avoid allocating mf_subfield. > ofp-actions: Load data from fields in sample action. > > Documentation/ref/ovs-actions.7.rst | 15 +- > NEWS | 12 + > include/linux/automake.mk | 1 + > include/linux/openvswitch.h | 28 ++ > include/linux/psample.h | 68 +++++ > include/openvswitch/meta-flow.h | 3 + > include/openvswitch/ofp-actions.h | 8 +- > lib/dpif-netdev.c | 1 + > lib/dpif.c | 10 +- > lib/dpif.h | 1 + > lib/meta-flow.c | 2 + > lib/odp-execute.c | 25 +- > lib/odp-util.c | 91 +++++++ > lib/odp-util.h | 3 + > lib/ofp-actions.c | 245 ++++++++++++++++-- > ofproto/automake.mk | 2 + > ofproto/ofproto-dpif-ipfix.c | 1 + > ofproto/ofproto-dpif-lsample.c | 199 ++++++++++++++ > ofproto/ofproto-dpif-lsample.h | 40 +++ > ofproto/ofproto-dpif-sflow.c | 1 + > ofproto/ofproto-dpif-xlate.c | 354 +++++++++++++++++-------- > ofproto/ofproto-dpif-xlate.h | 9 +- > ofproto/ofproto-dpif.c | 124 ++++++++- > ofproto/ofproto-dpif.h | 9 +- > ofproto/ofproto-provider.h | 13 + > ofproto/ofproto.c | 21 ++ > ofproto/ofproto.h | 10 + > python/ovs/flow/odp.py | 8 + > python/ovs/flow/ofp.py | 8 +- > python/ovs/flow/ofp_act.py | 6 +- > tests/automake.mk | 3 +- > tests/drop-stats.at | 168 ++++++++++++ > tests/odp.at | 16 ++ > tests/ofp-actions.at | 8 + > tests/ofproto-dpif.at | 263 +++++++++++++++++++ > tests/ovs-ofctl.at | 14 + > tests/system-common-macros.at | 4 + > tests/system-traffic.at | 385 ++++++++++++++++++++++++++++ > tests/test-psample.c | 288 +++++++++++++++++++++ > vswitchd/bridge.c | 82 +++++- > vswitchd/vswitch.ovsschema | 9 +- > vswitchd/vswitch.xml | 70 ++++- > 42 files changed, 2462 insertions(+), 166 deletions(-) > create mode 100644 include/linux/psample.h > create mode 100644 ofproto/ofproto-dpif-lsample.c > create mode 100644 ofproto/ofproto-dpif-lsample.h > create mode 100644 tests/test-psample.c > Thanks, Adrian! I fixed a few small style issues and applied the set. Best regards, Ilya Maximets.
(Was: Add psample support to NXAST_SAMPLE action) This is the userspace counterpart of the work done in the kernel which has recently been merged in net-next [1]. There, a new datapath action is added, called "psample". From the PoV of ovs-vswitchd, this new action is used to implement "local sampling". Local sampling (or lsample for short) is configured in a similar way as current per-flow IPFIX sampling, i.e: using the Flow_Sample_Collector_Set table and the NXAST_SAMPLE action. However, instead of sending the sample to an external IPFIX collector though the network, the sample is emitted using the new action and made available to locally running sample collector. The specific way emit_sample sends the sample (and the way the local collector shall collect it) is datapath-specific. Currently, currently only the Linux kernel datapath implements it using the psample netlink multicast group. ~~ Configuration ~~ Local sampling is configured via a new column in the Flow_Sample_Collector_Set (FSCS) table called "local_group_id". Configuring this value is orthogonal to also associating the FSCS entry to an entry in the IPFIX table. Once that entry in the OVSDB is configured, NXAST_SAMPLE actions coming from the controller will be translated into the following odp action: sample(sample={P}%, actions(emit_sample(group={G},cookie={C}))) Where: P: Is the sampling probability from NXAST_SAMPLE G: Is the group id in the FSCS entry whose "id" matches the one in the NXAST_SAMPLE. C: Is a 64bit cookie result of concatenating the obs_domain and obs_point from the NXAST_SAMPLE in network order, i.e: "htonl(obs_domain) << 32 | htonl(obs_point)" Notes: - The parent sample action might be omitted if the probability is 100% and there is no IPFIX sampling that requires the use of a meter. ~~ Dpif-lsample ~~ Internally, a new object called "dpif-lsample" is introduced to track the configured local sampling exporters and track statistics based on odp flow stats (using xcache). It exposes the list of configured exporters and their statistics on a new unixctl command called "lsample/show". ~~ Drop monitoring ~~ A common use-case for this action can be to sample drops. However, adding sample actions to drops makes the existing drop statistics disappear. In order to fix this, patch 11 make use of explicit drop actions to ensure statistics still report drops even if sampled. /home/amorenoz/devel/patches/ovs/ovs_psample/v2/v2-0000-cover-letter.patch ~~ Extended OpenFlow sample action ~~ Given the series aims at making sampling production ready, conntrack integration must be considered. A common use-case for state-full pipelines is to calculate the observation metadata at connection establishment, store it in ct_label and then use it for packets of established connections. However, this forces OVN to create a big number of OFP Flows (one per distinct cookie). Patch 13 solves this by allowing controllers to specify the obs_domain and point ids from another OFP field. ~~ Testing ~~ The series includes an test utility program than can be executed by running "tests/ovstest test-psample". This utility listens to packets multicasted by the psample module and prints them (also printing the obs_domain and obs_point ids). ~~ HW Offload ~~ tc offload is not being introduced in this series as existing sample or userspace actions are not currently offloadable. Also some improvements need to be implemented in tc for it to be feasible. ~~ DPDK datapath ~~ By naming the action "psample" it was intentionally restricted to the Linux datapath only. A follow up task would be spawned to think of a good way of implementing local-sampling in the userspace datapath. [1] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=aae0b82b46cb5004bdf82a000c004d69a0885c33 --- * v3 -> v4 - Dropped patches 7 and 8 that added a unixctl command to gather statistics as they would be inaccurate and of low added value. - Addressed other small comments from Ilya. * v2 -> v3 - Added a knob to configure explicit sampled drops. - Addressed Eelco comments. * v1 -> v2 - Added a patch (12/13) that implements Eelco's suggestion of adding a global constant all-one "enum mf_subfield" - Combined both drop-monitoring patches into one that is implemented by tweaking the odp actions list if it ends with a sample action. - Added a test case that includes non-100% probability for which test-psample.c is tought to also print it. - Support specifying smaller fields in obs_{point/domain}_id. - Address other styling comments from Eelco and Ilya. * rfc_v2 -> rfc_v3 - Added patches 11, 12 and 13 fixing drop monitoring and extending the OpenFlow action to support field-specifiers. Adrian Moreno (11): ofproto-dpif: Allow forcing dp features. odp-util: Add support OVS_ACTION_ATTR_PSAMPLE. ofproto_dpif: Check for psample support. ofproto: Add ofproto-dpif-lsample. vswitchd: Add local sampling to vswitchd schema. ofproto-dpif-xlate: Use psample for local sample. tests: Add test-psample testing utility. tests: Test local sampling. ofproto: xlate: Make sampled drops explicit. ofproto-dpif-xlate: Avoid allocating mf_subfield. ofp-actions: Load data from fields in sample action. Documentation/ref/ovs-actions.7.rst | 15 +- NEWS | 12 + include/linux/automake.mk | 1 + include/linux/openvswitch.h | 28 ++ include/linux/psample.h | 68 +++++ include/openvswitch/meta-flow.h | 3 + include/openvswitch/ofp-actions.h | 8 +- lib/dpif-netdev.c | 1 + lib/dpif.c | 10 +- lib/dpif.h | 1 + lib/meta-flow.c | 2 + lib/odp-execute.c | 25 +- lib/odp-util.c | 91 +++++++ lib/odp-util.h | 3 + lib/ofp-actions.c | 245 ++++++++++++++++-- ofproto/automake.mk | 2 + ofproto/ofproto-dpif-ipfix.c | 1 + ofproto/ofproto-dpif-lsample.c | 199 ++++++++++++++ ofproto/ofproto-dpif-lsample.h | 40 +++ ofproto/ofproto-dpif-sflow.c | 1 + ofproto/ofproto-dpif-xlate.c | 354 +++++++++++++++++-------- ofproto/ofproto-dpif-xlate.h | 9 +- ofproto/ofproto-dpif.c | 124 ++++++++- ofproto/ofproto-dpif.h | 9 +- ofproto/ofproto-provider.h | 13 + ofproto/ofproto.c | 21 ++ ofproto/ofproto.h | 10 + python/ovs/flow/odp.py | 8 + python/ovs/flow/ofp.py | 8 +- python/ovs/flow/ofp_act.py | 6 +- tests/automake.mk | 3 +- tests/drop-stats.at | 168 ++++++++++++ tests/odp.at | 16 ++ tests/ofp-actions.at | 8 + tests/ofproto-dpif.at | 263 +++++++++++++++++++ tests/ovs-ofctl.at | 14 + tests/system-common-macros.at | 4 + tests/system-traffic.at | 385 ++++++++++++++++++++++++++++ tests/test-psample.c | 288 +++++++++++++++++++++ vswitchd/bridge.c | 82 +++++- vswitchd/vswitch.ovsschema | 9 +- vswitchd/vswitch.xml | 70 ++++- 42 files changed, 2462 insertions(+), 166 deletions(-) create mode 100644 include/linux/psample.h create mode 100644 ofproto/ofproto-dpif-lsample.c create mode 100644 ofproto/ofproto-dpif-lsample.h create mode 100644 tests/test-psample.c