Re: [ovs-dev] [PATCH v10 ovn] Add a new logical switch port type - 'virtual'
Acked-by: Mark Michelson
On 7/30/19 1:29 AM, nusid...@redhat.com wrote:
From: Numan Siddique
This new type is added for the following reasons:
- When a load balancer is created in an OpenStack deployment with Octavia
service, it creates a logical port 'VIP' for the virtual ip.
- This logical port is not bound to any VIF.
- Octavia service creates a service VM (with another logical port 'P' which
belongs to the same logical switch)
- The virtual ip 'VIP' is configured on this service VM.
- This service VM provides the load balancing for the VIP with the configured
backend IPs.
- Octavia service can be configured to create few service VMs with
active-standby mode
with the active VM configured with the VIP. The VIP can move between
these service nodes.
Presently there are few problems:
- When a floating ip (externally reachable IP) is associated to the VIP and
if
the compute nodes have external connectivity then the external traffic
cannot
reach the VIP using the floating ip as the VIP logical port would be down.
dnat_and_snat entry in NAT table for this vip will have 'external_mac' and
'logical_port' configured.
- The only way to make it work is to clear the 'external_mac' entry so that
the gateway chassis does the DNAT for the VIP.
To solve these problems, this patch proposes a new logical port type - virtual.
CMS when creating the logical port for the VIP, should
- set the type as 'virtual'
- configure the VIP in the options - Logical_Switch_Port.options:virtual-ip
- And set the virtual parents in the options
Logical_Switch_Port.options:virtual-parents.
These virtual parents are the one which can be configured with the VIP.
If suppose the virtual_ip is configured to 10.0.0.10 on a virtual logical port
'sw0-vip'
and the virtual_parents are set to - [sw0-p1, sw0-p2] then below logical flows
are added in the
lsp_in_arp_rsp logical switch pipeline
- table=11(ls_in_arp_rsp), priority=100,
match=(inport == "sw0-p1" && !is_chassis_resident("sw0-vip") &&
((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) ||
(arp.op == 2 && arp.spa == 10.0.0.10))),
action=(bind_vport("sw0-vip", inport); next;)
- table=11(ls_in_arp_rsp), priority=100,
match=(inport == "sw0-p2" && !is_chassis_resident("sw0-vip") &&
((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) ||
(arp.op == 2 && arp.spa == 10.0.0.10))),
action=(bind_vport("sw0-vip", inport); next;)
The action bind_vport will claim the logical port - sw0-vip on the chassis
where this action
is executed. Since the port - sw0-vip is claimed by a chassis, the
dnat_and_snat rule for
the VIP will be handled by the compute node.
Co-authored-by: Ben Pfaff
Signed-off-by: Ben Pfaff
Acked-by: Gurucharan Shetty
Signed-off-by: Numan Siddique
---
v9 -> v10
* Resubmitting targeting OVN repo.
v8 -> v9
===
* Added entry in NEWS.
v7 -> v8
===
* Applied the code suggestions from Ben.
v6 -> v7
* Resolved merge conflicts.
v5 -> v6
* Resolved conflicts after rebasing to latest master in tests/ovn.at
v4 -> v5
===
* Rebased to master to resolve merge conflicts.
v3 -> v4
===
* Addressed the review comment and removed the code in northd which
referenced the Southbound db state while adding the logical flows. Instead
using the ovn match - is_chassis_resident() - which I should have used
it in the first place.
v2 -> v3
===
* Addressed the review comments from Ben - deleted the new columns -
virtual_ip and virtual_parents from Logical_Switch_Port and instead
is making use of options column for this purpose.
v1 -> v2
* In v1, was not updating the 'put_vport_binding' struct if it already
exists in the put_vport_bindings hmap in the function -
pinctrl_handle_bind_vport().
In v2 handled it.
* Improved the if else check in binding.c when releasing the lports.
NEWS| 1 +
controller/binding.c| 30 +++-
controller/pinctrl.c| 174 +++
include/ovn/actions.h | 18 ++-
lib/actions.c | 59
lib/ovn-util.c | 1 +
northd/ovn-northd.8.xml | 61 +++-
northd/ovn-northd.c | 306 ++--
ovn-nb.xml | 45 ++
ovn-sb.ovsschema| 6 +-
ovn-sb.xml | 46 ++
tests/ovn.at| 290 +
tests/test-ovn.c| 1 +
utilities/ovn-trace.c | 3 +
14 files changed, 954 insertions(+), 87 deletions(-)
diff --git a/NEWS b/NEWS
index 293531db0..f47698470 100644
--- a/NEWS
+++ b/NEWS
@@ -38,6 +38,7 @@ Post-v2.11.0
* Support for Transport Zones, a way to separate chassis into
logical groups which results in tunnels only been formed between
members of
Re: [ovs-dev] [PATCH v10 ovn] Add a new logical switch port type - 'virtual'
Bleep bloop. Greetings Numan Siddique, I am a robot and I have tried out your patch. Thanks for your contribution. I encountered some error that I wasn't expecting. See the details below. checkpatch: WARNING: Line is 236 characters long (recommended limit is 79) #513 FILE: northd/ovn-northd.8.xml:530: inport == P !is_chassis_resident(V) ((arp.op == 1 arp.spa == VIP arp.tpa == VIP) || (arp.op == 2 arp.spa == VIP)) Lines checked: 1437, Warnings: 1, Errors: 0 Please check this out. If you feel there has been an error, please email acon...@bytheb.org Thanks, 0-day Robot ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH v10 ovn] Add a new logical switch port type - 'virtual'
From: Numan Siddique
This new type is added for the following reasons:
- When a load balancer is created in an OpenStack deployment with Octavia
service, it creates a logical port 'VIP' for the virtual ip.
- This logical port is not bound to any VIF.
- Octavia service creates a service VM (with another logical port 'P' which
belongs to the same logical switch)
- The virtual ip 'VIP' is configured on this service VM.
- This service VM provides the load balancing for the VIP with the configured
backend IPs.
- Octavia service can be configured to create few service VMs with
active-standby mode
with the active VM configured with the VIP. The VIP can move between
these service nodes.
Presently there are few problems:
- When a floating ip (externally reachable IP) is associated to the VIP and if
the compute nodes have external connectivity then the external traffic
cannot
reach the VIP using the floating ip as the VIP logical port would be down.
dnat_and_snat entry in NAT table for this vip will have 'external_mac' and
'logical_port' configured.
- The only way to make it work is to clear the 'external_mac' entry so that
the gateway chassis does the DNAT for the VIP.
To solve these problems, this patch proposes a new logical port type - virtual.
CMS when creating the logical port for the VIP, should
- set the type as 'virtual'
- configure the VIP in the options - Logical_Switch_Port.options:virtual-ip
- And set the virtual parents in the options
Logical_Switch_Port.options:virtual-parents.
These virtual parents are the one which can be configured with the VIP.
If suppose the virtual_ip is configured to 10.0.0.10 on a virtual logical port
'sw0-vip'
and the virtual_parents are set to - [sw0-p1, sw0-p2] then below logical flows
are added in the
lsp_in_arp_rsp logical switch pipeline
- table=11(ls_in_arp_rsp), priority=100,
match=(inport == "sw0-p1" && !is_chassis_resident("sw0-vip") &&
((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) ||
(arp.op == 2 && arp.spa == 10.0.0.10))),
action=(bind_vport("sw0-vip", inport); next;)
- table=11(ls_in_arp_rsp), priority=100,
match=(inport == "sw0-p2" && !is_chassis_resident("sw0-vip") &&
((arp.op == 1 && arp.spa == 10.0.0.10 && arp.tpa == 10.0.0.10) ||
(arp.op == 2 && arp.spa == 10.0.0.10))),
action=(bind_vport("sw0-vip", inport); next;)
The action bind_vport will claim the logical port - sw0-vip on the chassis
where this action
is executed. Since the port - sw0-vip is claimed by a chassis, the
dnat_and_snat rule for
the VIP will be handled by the compute node.
Co-authored-by: Ben Pfaff
Signed-off-by: Ben Pfaff
Acked-by: Gurucharan Shetty
Signed-off-by: Numan Siddique
---
v9 -> v10
* Resubmitting targeting OVN repo.
v8 -> v9
===
* Added entry in NEWS.
v7 -> v8
===
* Applied the code suggestions from Ben.
v6 -> v7
* Resolved merge conflicts.
v5 -> v6
* Resolved conflicts after rebasing to latest master in tests/ovn.at
v4 -> v5
===
* Rebased to master to resolve merge conflicts.
v3 -> v4
===
* Addressed the review comment and removed the code in northd which
referenced the Southbound db state while adding the logical flows. Instead
using the ovn match - is_chassis_resident() - which I should have used
it in the first place.
v2 -> v3
===
* Addressed the review comments from Ben - deleted the new columns -
virtual_ip and virtual_parents from Logical_Switch_Port and instead
is making use of options column for this purpose.
v1 -> v2
* In v1, was not updating the 'put_vport_binding' struct if it already
exists in the put_vport_bindings hmap in the function -
pinctrl_handle_bind_vport().
In v2 handled it.
* Improved the if else check in binding.c when releasing the lports.
NEWS| 1 +
controller/binding.c| 30 +++-
controller/pinctrl.c| 174 +++
include/ovn/actions.h | 18 ++-
lib/actions.c | 59
lib/ovn-util.c | 1 +
northd/ovn-northd.8.xml | 61 +++-
northd/ovn-northd.c | 306 ++--
ovn-nb.xml | 45 ++
ovn-sb.ovsschema| 6 +-
ovn-sb.xml | 46 ++
tests/ovn.at| 290 +
tests/test-ovn.c| 1 +
utilities/ovn-trace.c | 3 +
14 files changed, 954 insertions(+), 87 deletions(-)
diff --git a/NEWS b/NEWS
index 293531db0..f47698470 100644
--- a/NEWS
+++ b/NEWS
@@ -38,6 +38,7 @@ Post-v2.11.0
* Support for Transport Zones, a way to separate chassis into
logical groups which results in tunnels only been formed between
members of the same transport zone(s).
+ * Support for new logical switch port type - 'virtual'.
- New QoS type "linux-netem" on Linux.
- Added
