From patchwork Tue Sep 10 13:51:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lorenzo Bianconi X-Patchwork-Id: 1983243 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=CPtMzkgm; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=smtp4.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4X34rR6X4Rz1y1C for ; Tue, 10 Sep 2024 23:52:06 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 6DDC64023E; Tue, 10 Sep 2024 13:52:03 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id EGYQtsSiVhIm; Tue, 10 Sep 2024 13:52:01 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=2605:bc80:3010:104::8cd3:938; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 5ABD9400F9 Authentication-Results: smtp4.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key, unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=CPtMzkgm Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp4.osuosl.org (Postfix) with ESMTPS id 5ABD9400F9; Tue, 10 Sep 2024 13:52:01 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 21D49C0012; Tue, 10 Sep 2024 13:52:01 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 0659FC0011 for ; Tue, 10 Sep 2024 13:52:00 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id E9312400D9 for ; Tue, 10 Sep 2024 13:51:59 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id nnZS1e3H37rR for ; Tue, 10 Sep 2024 13:51:58 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.133.124; helo=us-smtp-delivery-124.mimecast.com; envelope-from=lorenzo.bianconi@redhat.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp2.osuosl.org 481C14024C Authentication-Results: smtp2.osuosl.org; dmarc=pass (p=none dis=none) header.from=redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 481C14024C Authentication-Results: smtp2.osuosl.org; dkim=pass (1024-bit key, unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=CPtMzkgm Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id 481C14024C for ; Tue, 10 Sep 2024 13:51:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725976316; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=DwGdCuDJmqtxGsHOI99NYb0haKa5PitNAoTwHPllb3Y=; b=CPtMzkgmuAgZLoURPZrROfIDHBKnPA3ngs50GQYZb1xjB5pnFAjpwyEOqCWvwsR/tOmcJU L044AbQgtA8RDdbk7YiP8WjSSf25kDD6E0GYETLE6SwcQspI/Jr5AizZOUuMd23gJhnbcN utZ5lJdC/B2Uo25c7mNjW4FeWEldexY= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-600-rlztd34IOK2AZb8c3T_4nQ-1; Tue, 10 Sep 2024 09:51:55 -0400 X-MC-Unique: rlztd34IOK2AZb8c3T_4nQ-1 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-42caf073db8so27851115e9.3 for ; Tue, 10 Sep 2024 06:51:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725976314; x=1726581114; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=DwGdCuDJmqtxGsHOI99NYb0haKa5PitNAoTwHPllb3Y=; b=j/+5tyRfOqI78TEsv6oO1Q04LEYtT8aCBEaKuXaR/1X7B+74n112nhVqFPIYnpIXKX X18ZoPUYgBnEPrFIXFyPhLvL02cSacICudwObu1PrqxD2I/RLntoJj0j0riiJnIT9w7u uJoNz5Fb79tB3T+tAxZ+gpQion1OD/OmpFmmrKxxGcrVJaQt0H9fjvGhAzn38LpRTs13 cedofwEP2NtK5hsfcZXW10LtS2wZrvCsWbGRD4L0wHjkXx1hK76NVnkBEU/D8py4b4x2 4AOuFhmnMwoTCjq/2+5vyyVQ6j/f4giL62qBjejBW8QcVAkA8dD6O0R1TS3Ix3gQWb+T qcOQ== X-Gm-Message-State: AOJu0Yxjqds/OljMqPRY5oYo1EVp5a/2KUkQFaMl5BIAkvo1ifjKu4f7 xW2QC/I2bsE50auunfQwQWVPwABUkWBpW11GUiHnb26YH0QwOOT0mUdjqE6DYk2fIA2Ye4Ofmuf PBUqSBMTWG2oyp1C4BopKB83igW5xXSAFohlWtybtzSjiL1E2A0gesGUTUHHliChbtYhcH+E6xU JdGTFPcMfwNg3Dinrx3KjbVHtzarKsN8AUhTb55Yp5an2f4/BRzQ== X-Received: by 2002:a05:600c:4506:b0:427:ab29:30cf with SMTP id 5b1f17b1804b1-42c9f9768a5mr111818705e9.4.1725976314083; Tue, 10 Sep 2024 06:51:54 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGXZJnWgQZT7aeSnsulF2eNQLi1jILZUXFsgnE7U4YMw1Fik1upBDIR3I3L7dOmUT+N8ikBgw== X-Received: by 2002:a05:600c:4506:b0:427:ab29:30cf with SMTP id 5b1f17b1804b1-42c9f9768a5mr111818385e9.4.1725976313370; Tue, 10 Sep 2024 06:51:53 -0700 (PDT) Received: from localhost (net-188-216-76-117.cust.vodafonedsl.it. [188.216.76.117]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-42cb2ca95a6sm96345495e9.21.2024.09.10.06.51.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Sep 2024 06:51:52 -0700 (PDT) From: Lorenzo Bianconi To: ovs-dev@openvswitch.org Date: Tue, 10 Sep 2024 15:51:40 +0200 Message-ID: <3f261b2729b4059c7055a9b7617ab58faf1224ff.1725976220.git.lorenzo.bianconi@redhat.com> X-Mailer: git-send-email 2.46.0 MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH ovn] controller: Do not remove snat-ct-zone requested by the CMS. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: dceara@redhat.com Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Do not check if snat-ct-zones are compliant with min/max boundary since they have been explicitly requested by the CMS and this will trigger an unnecessary NXT_CT_FLUSH_ZONE of that zones on ovn-controller restart. Fixes: f2363f49f6a4 ("controller: Add the capability to specify a min/max value for ct_zone.") Fixes: 493ef704a973 ("controller: Prepare structure around CT zone limiting.") Reported-at: https://issues.redhat.com/browse/FDP-773 Co-developed-by: Ales Musil Signed-off-by: Lorenzo Bianconi Acked-by: Mark Michelson --- controller/ct-zone.c | 14 ++++--- tests/ovn-controller.at | 89 ++++++++++++++++++++++++++++++----------- 2 files changed, 75 insertions(+), 28 deletions(-) diff --git a/controller/ct-zone.c b/controller/ct-zone.c index 77eb16ac9..469a8fc54 100644 --- a/controller/ct-zone.c +++ b/controller/ct-zone.c @@ -216,12 +216,15 @@ ct_zones_update(const struct sset *local_lports, struct shash_node *node; SHASH_FOR_EACH_SAFE (node, &ctx->current) { struct ct_zone *ct_zone = node->data; - if (!sset_contains(&all_users, node->name) || - ct_zone->zone < min_ct_zone || ct_zone->zone > max_ct_zone) { + if (!sset_contains(&all_users, node->name)) { ct_zone_remove(ctx, node->name); } else if (!simap_find(&req_snat_zones, node->name)) { - bitmap_set1(unreq_snat_zones_map, ct_zone->zone); - simap_put(&unreq_snat_zones, node->name, ct_zone->zone); + if (ct_zone->zone < min_ct_zone || ct_zone->zone > max_ct_zone) { + ct_zone_remove(ctx, node->name); + } else { + bitmap_set1(unreq_snat_zones_map, ct_zone->zone); + simap_put(&unreq_snat_zones, node->name, ct_zone->zone); + } } } @@ -249,10 +252,11 @@ ct_zones_update(const struct sset *local_lports, struct ct_zone *ct_zone = shash_find_data(&ctx->current, snat_req_node->name); + bool flush = !(ct_zone && ct_zone->zone == snat_req_node->data); if (ct_zone && ct_zone->zone != snat_req_node->data) { ct_zone_remove(ctx, snat_req_node->name); } - ct_zone_add(ctx, snat_req_node->name, snat_req_node->data, true); + ct_zone_add(ctx, snat_req_node->name, snat_req_node->data, flush); } /* xxx This is wasteful to assign a zone to each port--even if no diff --git a/tests/ovn-controller.at b/tests/ovn-controller.at index dcab5f2e9..a43c6cffb 100644 --- a/tests/ovn-controller.at +++ b/tests/ovn-controller.at @@ -3140,12 +3140,12 @@ ovn_start check_ct_zone_min() { min_val=$1 - OVS_WAIT_UNTIL([test $(ovn-appctl -t ovn-controller ct-zone-list | awk '{print $2}' | sort | head -n1) -ge ${min_val}]) + OVS_WAIT_UNTIL([test $(ovn-appctl -t ovn-controller ct-zone-list | awk '{printf "%02d\n", $2}' | sort | head -n1) -ge ${min_val}]) } check_ct_zone_max() { max_val=$1 - AT_CHECK([test $(ovn-appctl -t ovn-controller ct-zone-list | awk '{print $2}' | sort | tail -n1) -le ${max_val}]) + AT_CHECK([test $(ovn-appctl -t ovn-controller ct-zone-list | awk '{printf "%02d\n", $2}' | sort | tail -n1) -le ${max_val}]) } net_add n1 @@ -3158,44 +3158,87 @@ check ovn-appctl -t ovn-controller vlog/set dbg:ct_zone check ovs-vsctl add-port br-int lsp0 \ -- set Interface lsp0 external-ids:iface-id=lsp0 +check ovs-vsctl add-port br-int lsp1 \ + -- set Interface lsp1 external-ids:iface-id=lsp1 check ovn-nbctl lr-add lr +check ovn-nbctl ls-add ls0 +check ovn-nbctl ls-add ls1 -check ovn-nbctl ls-add ls -check ovn-nbctl lsp-add ls ls-lr -check ovn-nbctl lsp-set-type ls-lr router -check ovn-nbctl lsp-set-addresses ls-lr router -check ovn-nbctl lrp-add lr lr-ls 00:00:00:00:00:01 10.0.0.1 +check ovn-nbctl set logical_router lr options:chassis=hv1 + +check ovn-nbctl lrp-add lr lr-ls0 00:00:00:00:ff:01 10.0.0.1/24 +check ovn-nbctl lsp-add ls0 ls0-lr +check ovn-nbctl lsp-set-type ls0-lr router +check ovn-nbctl lsp-set-addresses ls0-lr 00:00:00:00:ff:01 +check ovn-nbctl lsp-set-options ls0-lr router-port=lr-ls0 -check ovn-nbctl lsp-add ls lsp0 +check ovn-nbctl lsp-add ls0 lsp0 check ovn-nbctl lsp-set-addresses lsp0 "00:00:00:00:00:02 10.0.0.2" -check ovn-nbctl lrp-add lr lrp-gw 01:00:00:00:00:01 172.16.0.1 -check ovn-nbctl lrp-set-gateway-chassis lrp-gw hv1 +check ovn-nbctl lrp-add lr lr-ls1 00:00:00:00:ff:02 172.16.0.1/24 +check ovn-nbctl lsp-add ls1 ls1-lr +check ovn-nbctl lsp-set-type ls1-lr router +check ovn-nbctl lsp-set-addresses ls1-lr 00:00:00:00:ff:02 +check ovn-nbctl lsp-set-options ls1-lr router-port=lr-ls1 + +check ovn-nbctl lsp-add ls1 lsp1 +check ovn-nbctl lsp-set-addresses lsp1 "00:00:00:00:00:02 172.16.0.2" -# check regular boundaries +# Check regular boundaries check_ct_zone_min 1 -check_ct_zone_max 10 +check_ct_zone_max 12 # increase boundaries -ovs-vsctl set Open_vSwitch . external_ids:ct-zone-range=\"10-20\" +ovs-vsctl set Open_vSwitch . external_ids:ct-zone-range=\"10-30\" check_ct_zone_min 10 -check_ct_zone_max 20 +check_ct_zone_max 22 -# reset min boundary -ovs-vsctl set Open_vSwitch . external_ids:ct-zone-range=\"5-20\" +# Reset min boundary +ovs-vsctl set Open_vSwitch . external_ids:ct-zone-range=\"5-30\" -# add a new port to the switch -check ovs-vsctl add-port br-int lsp1 \ - -- set Interface lsp1 external-ids:iface-id=lsp1 -check ovn-nbctl lsp-add ls lsp1 -check ovn-nbctl lsp-set-addresses lsp1 "00:00:00:00:00:03 10.0.0.3" +# Add a new port to the ls0 switch +check ovs-vsctl add-port br-int lsp2 \ + -- set Interface lsp2 external-ids:iface-id=lsp2 +check ovn-nbctl lsp-add ls0 lsp2 +check ovn-nbctl lsp-set-addresses lsp2 "00:00:00:00:00:03 10.0.0.3" check_ct_zone_min 5 -check_ct_zone_max 20 +check_ct_zone_max 22 check ovn-nbctl set logical_router lr options:snat-ct-zone=2 check_ct_zone_min 2 -check_ct_zone_max 20 +check_ct_zone_max 22 +# Check lr-snat zone value +AT_CHECK([test $(ovn-appctl -t ovn-controller ct-zone-list | awk '/lr_snat/{print $2}') -eq 2]) + +check ovs-appctl vlog/disable-rate-limit +check ovs-appctl vlog/set vconn:DBG + +n_flush=$(grep -c -i flush hv1/ovs-vswitchd.log) +check ovn-appctl -t ovn-controller exit --restart +# Make sure ovn-controller stopped before restarting it +OVS_WAIT_UNTIL([test "$(ovn-appctl -t ovn-controller debug/status)" != "running"]) +start_daemon ovn-controller --verbose="ct_zone:dbg" +wait_for_ports_up + +# Check we do not have unexpected ct-flush restarting ovn-controller +AT_CHECK([test $(grep -c -i flush hv1/ovs-vswitchd.log) -eq ${n_flush}]) + +# snat-ct-zone 0 is allowed +check ovn-nbctl set logical_router lr options:snat-ct-zone=0 +check_ct_zone_min 0 +check_ct_zone_max 22 +AT_CHECK([test $(ovn-appctl -t ovn-controller ct-zone-list | awk '/lr_snat/{print $2}') -eq 0]) + +n_flush=$(grep -c -i flush hv1/ovs-vswitchd.log) +check ovn-appctl -t ovn-controller exit --restart +# Make sure ovn-controller stopped before restarting it +OVS_WAIT_UNTIL([test "$(ovn-appctl -t ovn-controller debug/status)" != "running"]) +start_daemon ovn-controller --verbose="ct_zone:dbg" +wait_for_ports_up + +# Check we do not have unexpected ct-flush restarting ovn-controller +AT_CHECK([test $(grep -c -i flush hv1/ovs-vswitchd.log) -eq ${n_flush}]) OVN_CLEANUP([hv1]) AT_CLEANUP