[ovs-dev] [PATCH v6 ovn 0/1] northd: Enhance the implementation of ACL log meters (pre-ddlog merge).

Flavio Fernandes flavio at flaviof.com
Fri Nov 20 18:22:10 UTC 2020


Using meters is a great way to keep the ovn-controllers from getting
overwhelmed with ACL log events. Since multiple ACL rows with logging
enabled can refer to the same meter name, I ran a little experiment
to better understand how that behaves [1].

>From that experiment, we see that a 'noisy' ACL match could consume
all the events allowed by the meter, shadowing logs for other ACLs
that also use the same meter. The thought of maintaining a meter row
per ACL at the NB side is a solution, but it could easily become a
management burden for the CMS. A much better approach would be to
leverage northd to take care of this on behalf of the ACLs.

As northd populates SB meter table from NB meter table, a new logic
checks if the meter is configured as 'fair'. Such config is kept
as a new column in the Meter table. Fair meters result in additional
rows in the SB that have the same attributes of the original (aka
template) meter except for its name has the ACL UUID appended to
it.

Last but not least, northd takes care of using the corresponding
meter name as the logical flow action for the logging of the ACL.

This change can be tracked in the following github clone/branch:
  https://github.com/flavio-fernandes/ovn/commits/acl-meters.v6
    
[1]: https://github.com/flavio-fernandes/ovsdbapp_playground/blob/acl_meter_issue/scripts/acl_meter.sh

v5 -> v6:
 * Rebase master (4da6881b6).
 * Implement changes from Numan review.
 * Keep ddlog portion as a follow up after it merges.
v4 -> v5:
 * Rebase master (e14b52a9f).
v3 -> v4:
 * Rename 'shared meters' to 'fair meters' to keep it less confusing.
 * NB schema change: Add column in Meter to track which meters are 'fair'.
 * Add optional '--fair' flag to ovn-nbctl meter-add command.
v2 -> v3:
 * Use recently introduced testing helpers (4afe409e9).
v1 -> v2:
 * Rebase master b38e10f4b.

Flavio Fernandes (1):
  northd: Enhance the implementation of ACL log meters.

 NEWS                  |   2 +
 northd/ovn-northd.c   | 168 ++++++++++++++++++++++++++++++------------
 ovn-nb.ovsschema      |   5 +-
 ovn-nb.xml            |  16 +++-
 tests/ovn-nbctl.at    |   6 +-
 tests/ovn-northd.at   |  97 ++++++++++++++++++++++++
 utilities/ovn-nbctl.c |  16 +++-
 7 files changed, 256 insertions(+), 54 deletions(-)

-- 
2.18.4



More information about the dev mailing list