From patchwork Thu May 2 09:51:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladislav Odintsov X-Patchwork-Id: 1930571 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=lEsZlVPp; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::138; helo=smtp1.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VVTjP6f6qz23hd for ; Thu, 2 May 2024 19:51:37 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 2360082531; Thu, 2 May 2024 09:51:36 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 1KeNbzxWeMHh; Thu, 2 May 2024 09:51:34 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 8CC1882560 Authentication-Results: smtp1.osuosl.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=lEsZlVPp Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp1.osuosl.org (Postfix) with ESMTPS id 8CC1882560; Thu, 2 May 2024 09:51:33 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id E2AFFC0DD4; Thu, 2 May 2024 09:51:32 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id B4285C0037 for ; Thu, 2 May 2024 09:51:31 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 9778B415EF for ; Thu, 2 May 2024 09:51:31 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id Sr0P8_aLdXng for ; Thu, 2 May 2024 09:51:30 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=2a00:1450:4864:20::130; helo=mail-lf1-x130.google.com; envelope-from=odivlad@gmail.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp4.osuosl.org 268BC415E7 Authentication-Results: smtp4.osuosl.org; dmarc=pass (p=none dis=none) header.from=gmail.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 268BC415E7 Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=lEsZlVPp Received: from mail-lf1-x130.google.com (mail-lf1-x130.google.com [IPv6:2a00:1450:4864:20::130]) by smtp4.osuosl.org (Postfix) with ESMTPS id 268BC415E7 for ; Thu, 2 May 2024 09:51:30 +0000 (UTC) Received: by mail-lf1-x130.google.com with SMTP id 2adb3069b0e04-51f4d2676d1so206641e87.3 for ; Thu, 02 May 2024 02:51:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1714643487; x=1715248287; darn=openvswitch.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8pn6Ei8MFVuCTYJ9NG9rmZWHp/uq4ofBSTuM07em/Ms=; b=lEsZlVPp2ASThd27cDzCNAKvjkih+MH67keb5X/NhYSvVAkq4AybQUZnCDzhtAdO08 JeeprvKtXGGII7d8jhVdG1lmu1IqFvRJQDH5cbkmBJ5bkhoMUuWbATzBfzqIzktY3rXB 9Rt2IiIEdTomsRE0r6fO5VlP1fZq67tvsO6bSd6FVR49gY+Rf123jaQo0E8rSzxQZvAn qWOfxXlcnPQFYtCht0U4FzP6RQSGNTf5QQltPvoEi026mHa12bhcbloRNOzMJJlIvAtn 2uE0E9+yTc789kU1a60Nje2ghD2uAK390eDxtSDoBrAkISg6jzpSFPbUzgudw4sd+juH EIqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714643487; x=1715248287; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8pn6Ei8MFVuCTYJ9NG9rmZWHp/uq4ofBSTuM07em/Ms=; b=FPJ2+Twc6SWUnbN4cDC6mUh4kVTzBssBXnonbh4nfA+wC3BEsQ9xaZ8o+gI+gRQlLm zeyn0mS0gQHoRgFCe+Q2UXO+XWps1xMvr6UVDQGW2KHmoTRRawakEWLbK7hr+kjnJGzu sVEFLPnRUkfzY4PA13zFy1uDyzXXQS3A4n5clT0OvWwPl2HmSVVzVxPbvUg718xgzRqK uwZusiidd0Zr9WdQxjaIypQ6g9bbUT6VHRJr9f3d1jy5qXC/BJ8puPAqLxOx07L5ZcLF UWD9EcW17EnuZKNMVJ1nKWAQVsfv5p4FDTu/EvaiHeU9vd8bmkv7hd8sFJRGtqczh4OJ dNhA== X-Gm-Message-State: AOJu0Yx0fgQ2pS7PEe8X9nMWGSt0s//17Pc6pLu56ZGYQ7uLGcy1M+Yq D4ro6mIoOwRlckYzYVI1L86B4aSpCvMfobd7BmLnIAtPugDBE6ClEh4Fng== X-Google-Smtp-Source: AGHT+IGJ6/ygouW3Pstnx8rLjly6Naf5EGVRQrjslhwP/ecoqiNvzRSudOpHt5wTZBuHis9MbpFoNg== X-Received: by 2002:a19:ac48:0:b0:51e:2a1d:6654 with SMTP id r8-20020a19ac48000000b0051e2a1d6654mr857534lfc.31.1714643487398; Thu, 02 May 2024 02:51:27 -0700 (PDT) Received: from ip-10-70-112-12.vpc-1e810be1.internal (c2-185-102-122-48.elastic.cloud.croc.ru. [185.102.122.48]) by smtp.gmail.com with ESMTPSA id i7-20020a198c47000000b0051d5756018asm116205lfj.219.2024.05.02.02.51.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 02 May 2024 02:51:27 -0700 (PDT) From: Vladislav Odintsov To: dev@openvswitch.org Date: Thu, 2 May 2024 12:51:02 +0300 Message-ID: <20240502095104.169103-3-odivlad@gmail.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240502095104.169103-1-odivlad@gmail.com> References: <20240502095104.169103-1-odivlad@gmail.com> MIME-Version: 1.0 Cc: Vladislav Odintsov Subject: [ovs-dev] [PATCH ovn v4 2/2] northd: Add support for disabling vxlan mode. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Commit [1] introduced a "vxlan mode" concept. It brought a limitation for available tunnel IDs because of lack of space in VXLAN VNI. In vxlan mode OVN is limited by 4095 datapaths (LRs or non-transit LSs) and 2047 logical switch ports per datapath. Prior to this patch vxlan mode was enabled automatically if at least one chassis had encap of vxlan type. In scenarios where one want to use VXLAN only for HW VTEP (RAMP) switch, such limitation makes no sence. This patch adds support for explicit disabling of vxlan mode via Northbound database. 1: https://github.com/ovn-org/ovn/commit/b07f1bc3d068 CC: Ihar Hrachyshka Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings") Signed-off-by: Vladislav Odintsov Acked-By: Ihar Hrachyshka --- NEWS | 3 +++ northd/en-global-config.c | 7 ++++++- northd/northd.c | 10 ++++++++-- northd/northd.h | 3 ++- ovn-architecture.7.xml | 6 ++++++ ovn-nb.xml | 10 ++++++++++ tests/ovn-northd.at | 29 +++++++++++++++++++++++++++++ 7 files changed, 64 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index 3b5e93dc9..43ab05a68 100644 --- a/NEWS +++ b/NEWS @@ -17,6 +17,9 @@ Post v24.03.0 external-ids, the option is no longer needed as it became effectively "true" for all scenarios. - Added DHCPv4 relay support. + - Added new global config option NB_Global:options:disable_vxlan_mode to + extend available tunnel IDs space for datapaths from 4095 to 16711680. + For more details see man ovn-nb(5) for mentioned option. OVN v24.03.0 - 01 Mar 2024 -------------------------- diff --git a/northd/en-global-config.c b/northd/en-global-config.c index 873649a89..f5e2a8154 100644 --- a/northd/en-global-config.c +++ b/northd/en-global-config.c @@ -115,7 +115,7 @@ en_global_config_run(struct engine_node *node , void *data) config_data->svc_monitor_mac); } - init_vxlan_mode(sbrec_chassis_table); + init_vxlan_mode(&nb->options, sbrec_chassis_table); char *max_tunid = xasprintf("%d", get_ovn_max_dp_key_local()); smap_replace(options, "max_tunid", max_tunid); free(max_tunid); @@ -533,6 +533,11 @@ check_nb_options_out_of_sync(const struct nbrec_nb_global *nb, return true; } + if (config_out_of_sync(&nb->options, &config_data->nb_options, + "disable_vxlan_mode", false)) { + return true; + } + return false; } diff --git a/northd/northd.c b/northd/northd.c index b54219a85..d1535172e 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -886,8 +886,14 @@ join_datapaths(const struct nbrec_logical_switch_table *nbrec_ls_table, } void -init_vxlan_mode(const struct sbrec_chassis_table *sbrec_chassis_table) +init_vxlan_mode(const struct smap *nb_options, + const struct sbrec_chassis_table *sbrec_chassis_table) { + if (smap_get_bool(nb_options, "disable_vxlan_mode", false)) { + vxlan_mode = false; + return; + } + const struct sbrec_chassis *chassis; SBREC_CHASSIS_TABLE_FOR_EACH (chassis, sbrec_chassis_table) { for (int i = 0; i < chassis->n_encaps; i++) { @@ -17593,7 +17599,7 @@ ovnnb_db_run(struct northd_input *input_data, use_common_zone = smap_get_bool(input_data->nb_options, "use_common_zone", false); - init_vxlan_mode(input_data->sbrec_chassis_table); + init_vxlan_mode(input_data->nb_options, input_data->sbrec_chassis_table); build_datapaths(ovnsb_txn, input_data->nbrec_logical_switch_table, diff --git a/northd/northd.h b/northd/northd.h index be480003e..d0322e621 100644 --- a/northd/northd.h +++ b/northd/northd.h @@ -792,7 +792,8 @@ lr_has_multiple_gw_ports(const struct ovn_datapath *od) } void -init_vxlan_mode(const struct sbrec_chassis_table *sbrec_chassis_table); +init_vxlan_mode(const struct smap *nb_options, + const struct sbrec_chassis_table *sbrec_chassis_table); uint32_t get_ovn_max_dp_key_local(void); diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml index 7abb1fa83..251c9c514 100644 --- a/ovn-architecture.7.xml +++ b/ovn-architecture.7.xml @@ -2919,4 +2919,10 @@ the future, gateways that do not support encapsulations with large amounts of metadata may continue to have a reduced feature set.

+

+ vxlan mode is recommended to be disabled if VXLAN encap at + hypervisors is needed only to support HW VTEP L2 Gateway functionality. + See man ovn-nb(5) for table NB_Global column + options key disable_vxlan_mode for more details. +

diff --git a/ovn-nb.xml b/ovn-nb.xml index 5cb6ba640..a99e663e5 100644 --- a/ovn-nb.xml +++ b/ovn-nb.xml @@ -381,6 +381,16 @@ of SB changes would be very noticeable. + + By default if at least one chassis in OVN cluster has VXLAN encap, + northd will run in a vxlan mode. See man + ovn-architecture(7) Tunnel Encapsulations paragraph for + more details. In case VXLAN encaps are needed on chassis only to + support HW VTEP functionality and main encap type is GENEVE or STT, set + this option to `false` to use default non-`vxlan mode` tunnel IDs + allocation logic. + +

These options control how routes are advertised between OVN diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index 680d96675..549a28b57 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -2847,6 +2847,35 @@ AT_CHECK( get_tunnel_keys AT_CHECK([test $lsp02 = 3 && test $ls1 = 123]) +AT_CLEANUP +]) +OVN_FOR_EACH_NORTHD_NO_HV([ +AT_SETUP([check vxlan mode disabling]) +ovn_start + +# Create a fake chassis with vxlan encap to implicitly enable vxlan mode. +ovn-sbctl \ + --id=@e create encap chassis_name=hv1 ip="192.168.0.1" type="vxlan" \ + -- --id=@c create chassis name=hv1 encaps=@e + +cmd="ovn-nbctl --wait=sb" +for i in {1..4097..1}; do + cmd="${cmd} -- ls-add lsw-${i}" +done + +check $cmd + +check_row_count nb:Logical_Switch 4097 +wait_row_count sb:Datapath_Binding 4095 + +OVS_WAIT_UNTIL([grep "all datapath tunnel ids exhausted" northd/ovn-northd.log]) + +# Explicitly disable vxlan mode and check that two remaining datapaths were created. +check ovn-nbctl set NB_Global . options:disable_vxlan_mode=true + +check_row_count nb:Logical_Switch 4097 +wait_row_count sb:Datapath_Binding 4097 + AT_CLEANUP ])