Re: [ovs-dev] [PATCH 2/2] ovn/TODO: Add items proposed for 2.7 in OVN IRC meeting.
On Mon, Aug 22, 2016 at 11:27:18AM -0400, Russell Bryant wrote: > On Fri, Aug 19, 2016 at 11:01 AM, Ben Pfaff wrote: > > > On Fri, Aug 19, 2016 at 10:37:36AM +0530, Numan Siddique wrote: > > > On Thu, Aug 18, 2016 at 11:44 PM, Ben Pfaff wrote: > > > > > > > Signed-off-by: Ben Pfaff > > > > --- > > > > ovn/TODO | 55 +++ > > > > 1 file changed, 55 insertions(+) > > > > > > > > diff --git a/ovn/TODO b/ovn/TODO > > > > index b3c4831..97a5fc9 100644 > > > > --- a/ovn/TODO > > > > +++ b/ovn/TODO > > > > @@ -1,5 +1,60 @@ > > > > -*- outline -*- > > > > > > > > +* Work out database for clustering or HA properly. > > > > + > > > > +* Compromised chassis mitigation. > > > > + > > > > +Possibly depends on database solution. > > > > + > > > > +* Get incremental updates in ovn-controller and ovn-northd in some > > > > + sensible way. > > > > + > > > > > > > > > > May be the below can also be added which you mentioned in the IRC > > meeting > > > (11th August). > > > > > > -- > > > blp regXboi: We should eventually make OVN use OpenFlow "bundles" so that > > > it transactionally replaces the flow table instead of deleting and then > > > repopulating it. > > > > > > > > > - > > > > OK, added: > > > > --8<--cut here-->8-- > > > > From: Ben Pfaff > > Date: Fri, 19 Aug 2016 08:01:33 -0700 > > Subject: [PATCH] ovn/TODO: Add items proposed for 2.7 in OVN IRC meeting. > > > > Signed-off-by: Ben Pfaff > > --- > > ovn/TODO | 57 + > > 1 file changed, 57 insertions(+) > > > > diff --git a/ovn/TODO b/ovn/TODO > > index b3c4831..91600f7 100644 > > --- a/ovn/TODO > > +++ b/ovn/TODO > > @@ -1,5 +1,62 @@ > > -*- outline -*- > > > > +* Work out database for clustering or HA properly. > > + > > +* Compromised chassis mitigation. > > + > > +Possibly depends on database solution. > > > > I think this is already in the file under "Security". > > You could replace it with this. You could also include a link to the > latest discussion on the topic, which starts here: > > http://openvswitch.org/pipermail/dev/2016-August/078106.html OK, done. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH 2/2] ovn/TODO: Add items proposed for 2.7 in OVN IRC meeting.
On Fri, Aug 19, 2016 at 10:37:36AM +0530, Numan Siddique wrote: > May be the below can also be added which you mentioned in the IRC meeting > (11th August). > > -- > blp regXboi: We should eventually make OVN use OpenFlow "bundles" so that > it transactionally replaces the flow table instead of deleting and then > repopulating it. > > > - OK, I added an item for that. ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH 2/2] ovn/TODO: Add items proposed for 2.7 in OVN IRC meeting.
On Fri, Aug 19, 2016 at 11:01 AM, Ben Pfaff wrote: > On Fri, Aug 19, 2016 at 10:37:36AM +0530, Numan Siddique wrote: > > On Thu, Aug 18, 2016 at 11:44 PM, Ben Pfaff wrote: > > > > > Signed-off-by: Ben Pfaff > > > --- > > > ovn/TODO | 55 +++ > > > 1 file changed, 55 insertions(+) > > > > > > diff --git a/ovn/TODO b/ovn/TODO > > > index b3c4831..97a5fc9 100644 > > > --- a/ovn/TODO > > > +++ b/ovn/TODO > > > @@ -1,5 +1,60 @@ > > > -*- outline -*- > > > > > > +* Work out database for clustering or HA properly. > > > + > > > +* Compromised chassis mitigation. > > > + > > > +Possibly depends on database solution. > > > + > > > +* Get incremental updates in ovn-controller and ovn-northd in some > > > + sensible way. > > > + > > > > > > > May be the below can also be added which you mentioned in the IRC > meeting > > (11th August). > > > > -- > > blp regXboi: We should eventually make OVN use OpenFlow "bundles" so that > > it transactionally replaces the flow table instead of deleting and then > > repopulating it. > > > > > > - > > OK, added: > > --8<--cut here-->8-- > > From: Ben Pfaff > Date: Fri, 19 Aug 2016 08:01:33 -0700 > Subject: [PATCH] ovn/TODO: Add items proposed for 2.7 in OVN IRC meeting. > > Signed-off-by: Ben Pfaff > --- > ovn/TODO | 57 + > 1 file changed, 57 insertions(+) > > diff --git a/ovn/TODO b/ovn/TODO > index b3c4831..91600f7 100644 > --- a/ovn/TODO > +++ b/ovn/TODO > @@ -1,5 +1,62 @@ > -*- outline -*- > > +* Work out database for clustering or HA properly. > + > +* Compromised chassis mitigation. > + > +Possibly depends on database solution. > I think this is already in the file under "Security". You could replace it with this. You could also include a link to the latest discussion on the topic, which starts here: http://openvswitch.org/pipermail/dev/2016-August/078106.html The rest lgtm. -- Russell Bryant ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH 2/2] ovn/TODO: Add items proposed for 2.7 in OVN IRC meeting.
On Fri, Aug 19, 2016 at 10:37:36AM +0530, Numan Siddique wrote: > On Thu, Aug 18, 2016 at 11:44 PM, Ben Pfaff wrote: > > > Signed-off-by: Ben Pfaff > > --- > > ovn/TODO | 55 +++ > > 1 file changed, 55 insertions(+) > > > > diff --git a/ovn/TODO b/ovn/TODO > > index b3c4831..97a5fc9 100644 > > --- a/ovn/TODO > > +++ b/ovn/TODO > > @@ -1,5 +1,60 @@ > > -*- outline -*- > > > > +* Work out database for clustering or HA properly. > > + > > +* Compromised chassis mitigation. > > + > > +Possibly depends on database solution. > > + > > +* Get incremental updates in ovn-controller and ovn-northd in some > > + sensible way. > > + > > > > May be the below can also be added which you mentioned in the IRC meeting > (11th August). > > -- > blp regXboi: We should eventually make OVN use OpenFlow "bundles" so that > it transactionally replaces the flow table instead of deleting and then > repopulating it. > > > - OK, added: --8<--cut here-->8-- From: Ben Pfaff Date: Fri, 19 Aug 2016 08:01:33 -0700 Subject: [PATCH] ovn/TODO: Add items proposed for 2.7 in OVN IRC meeting. Signed-off-by: Ben Pfaff --- ovn/TODO | 57 + 1 file changed, 57 insertions(+) diff --git a/ovn/TODO b/ovn/TODO index b3c4831..91600f7 100644 --- a/ovn/TODO +++ b/ovn/TODO @@ -1,5 +1,62 @@ -*- outline -*- +* Work out database for clustering or HA properly. + +* Compromised chassis mitigation. + +Possibly depends on database solution. + +* Get incremental updates in ovn-controller and ovn-northd in some + sensible way. + +* Testing improvements, possibly heavily based on ovn-trace. + +Justin Pettit: "I'm planning to write some ovn-trace tests for IPv6. +Hopefully we can get those into 2.6." + +* Self-managing HA for ovn-northd (avoiding the need to set up + independent tooling for fail-over). + +Russell Bryant: "For bonus points, increasing N would scale out +ovn-northd if it was under too much load, but that's a secondary +concern." + +* Live migration. + +Russell Bryant: "When you're ready to have the destination take +over, you have to remove the iface-id from the source and add it at +the destination and i think it'd typically be configured on both +ends, since it's a clone of the source VM (and it's config)." + +* VLAN trunk ports. + +Russell Bryant: "Today that would require creating 4096 ports for +the VM and attach to 4096 OVN networks, so doable, but not quite +ideal." + +* IPAM enhancements. + +Russell Bryant: "Be able to specify a MAC and only have the IP be +dynamic. Right now both are dynamic." + +* Native DNS support + +Russell Bryant: "This is an OpenStack requirement to fully eliminate +the DHCP agent." + +* Service function chaining. + +* MAC learning. + +Han Zhou: "To support VMs that hosts workloads with their own macs, +e.g. containers, if not using OVN native container support." + +* Finish up ARP/ND support: re-checking bindings, expiring bindings. + +* Hitless upgrade, especially for data plane. + +* Use OpenFlow "bundles" for transactional data plane updates. + * Dynamic IP to MAC binding enhancements. OVN has basic support for establishing IP to MAC bindings dynamically, -- 2.1.3 ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH 2/2] ovn/TODO: Add items proposed for 2.7 in OVN IRC meeting.
"dev" wrote on 08/19/2016 12:07:36 AM: > From: Numan Siddique > To: Ben Pfaff > Cc: ovs dev > Date: 08/19/2016 12:07 AM > Subject: Re: [ovs-dev] [PATCH 2/2] ovn/TODO: Add items proposed for > 2.7 in OVN IRC meeting. > Sent by: "dev" > > On Thu, Aug 18, 2016 at 11:44 PM, Ben Pfaff wrote: > > > Signed-off-by: Ben Pfaff > > --- > > ovn/TODO | 55 +++ > > 1 file changed, 55 insertions(+) > > > > diff --git a/ovn/TODO b/ovn/TODO > > index b3c4831..97a5fc9 100644 > > --- a/ovn/TODO > > +++ b/ovn/TODO > > @@ -1,5 +1,60 @@ > > -*- outline -*- > > > > +* Work out database for clustering or HA properly. > > + > > +* Compromised chassis mitigation. > > + > > +Possibly depends on database solution. > > + > > +* Get incremental updates in ovn-controller and ovn-northd in some > > + sensible way. > > + > > > > May be the below can also be added which you mentioned in the IRC meeting > (11th August). > > -- > blp regXboi: We should eventually make OVN use OpenFlow "bundles" so that > it transactionally replaces the flow table instead of deleting and then > repopulating it. > > > - We've been running incremental processing in ovn-controller here for quite a while (even before it merged officially) and given our experience, I've been doing some hard thinking about it. The original goal of the patch set was to allow ovn-controller to use incremental updates as much as possible. However, the range of possible changes in inputs resulted in ovn-controller having to continue to maintain the ability to run a full update in those cases where previously calculated rules are no longer correct. What we've found is that most configuration events from our CMS (Neutron) end up triggering a full ovn-controller update, and so the end result of the incremental processing code is not that ovn-controller is doing incremental updates most of the time, but rather that ovn-controller doesn't recalculate changes in-between modifications. While we still feel that the above is a win, I'm coming to the conclusion that the current code base has added unnecessary complexity to achieve this. Based on this, I'm thinking of the following approach: 1) going back to doing full processing every cycle, while still keeping the persistence of items where we can, because I feel that persistence has allowed us to handle cases where we need to skip a poll cycle that we didn't have before and that has improved things. 2) introducing a new command flag to allow those that don't want to run in what I'm now calling quiet mode to continue to do full processing every cycle. (In retrospect, I should have proposed this up front for i-p to allow for better isolation of that code, but as they say, hindsight is always 20/20). 3) For quiet mode, check the integration bridge and Ben's sequence number information in the SB database to determine if anything has changed since the last cycle. If something has changed, run the full processing code. If not, quiesce for a poll cycle. Thoughts? ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
Re: [ovs-dev] [PATCH 2/2] ovn/TODO: Add items proposed for 2.7 in OVN IRC meeting.
On Thu, Aug 18, 2016 at 11:44 PM, Ben Pfaff wrote: > Signed-off-by: Ben Pfaff > --- > ovn/TODO | 55 +++ > 1 file changed, 55 insertions(+) > > diff --git a/ovn/TODO b/ovn/TODO > index b3c4831..97a5fc9 100644 > --- a/ovn/TODO > +++ b/ovn/TODO > @@ -1,5 +1,60 @@ > -*- outline -*- > > +* Work out database for clustering or HA properly. > + > +* Compromised chassis mitigation. > + > +Possibly depends on database solution. > + > +* Get incremental updates in ovn-controller and ovn-northd in some > + sensible way. > + > May be the below can also be added which you mentioned in the IRC meeting (11th August). -- blp regXboi: We should eventually make OVN use OpenFlow "bundles" so that it transactionally replaces the flow table instead of deleting and then repopulating it. - +* Testing improvements, possibly heavily based on ovn-trace. > + > +Justin Pettit: "I'm planning to write some ovn-trace tests for IPv6. > +Hopefully we can get those into 2.6." > + > +* Self-managing HA for ovn-northd (avoiding the need to set up > + independent tooling for fail-over). > + > +Russell Bryant: "For bonus points, increasing N would scale out > +ovn-northd if it was under too much load, but that's a secondary > +concern." > + > +* Live migration. > + > +Russell Bryant: "When you're ready to have the destination take > +over, you have to remove the iface-id from the source and add it at > +the destination and i think it'd typically be configured on both > +ends, since it's a clone of the source VM (and it's config)." > + > +* VLAN trunk ports. > + > +Russell Bryant: "Today that would require creating 4096 ports for > +the VM and attach to 4096 OVN networks, so doable, but not quite > +ideal." > + > +* IPAM enhancements. > + > +Russell Bryant: "Be able to specify a MAC and only have the IP be > +dynamic. Right now both are dynamic." > + > +* Native DNS support > + > +Russell Bryant: "This is an OpenStack requirement to fully eliminate > +the DHCP agent." > + > +* Service function chaining. > + > +* MAC learning. > + > +Han Zhou: "To support VMs that hosts workloads with their own macs, > +e.g. containers, if not using OVN native container support." > + > +* Finish up ARP/ND support: re-checking bindings, expiring bindings. > + > +* Hitless upgrade, especially for data plane. > + > * Dynamic IP to MAC binding enhancements. > > OVN has basic support for establishing IP to MAC bindings dynamically, > -- > 2.1.3 > > ___ > dev mailing list > dev@openvswitch.org > http://openvswitch.org/mailman/listinfo/dev > ___ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
