[ovs-dev] 答复: 答复: [PATCH v2 0/3] userspace: enable tap interface?statistics and status update support

Aaron Conole aconole at redhat.com
Mon Sep 21 14:46:14 UTC 2020


Flavio Leitner <fbl at sysclose.org> writes:

> On Fri, Sep 18, 2020 at 02:07:51AM +0000, Yi Yang (杨燚)-云服务集团 wrote:
>> To be clarified, tap socket isn't created in netns currently because OVS doesn't have such info, current way is:
>> 
>> # Step 1, add tap interface into ovs bridge in root netns, tap socket is created at this point.
>> # step 2, move tap interface to specified netns.
>> 
>> So question, how do you get netns id from tap socket? Would you guys
>> like to add netlink API for this in Linux kernel?  I know you Redhat
>> guys are familiar with rtnl.
>> 
>> Can you two guys clearly explain how to implement the behavior you expect?
>
> The commit below implements an ioctl API to get the netns fd from the tun device.
> With that information, we can use netlink RTM_GETNSID to translate the fd to the
> netns id. Finally, call rtm_getlink with that netnsid as target netnsid to get
> all the info.
>
> Those are 3 calls, which is not really efficient. I would suggest to improve
> rtm_getlink to accept a target netns fd as well or add an ioctl to tun to
> return the netns id right away.

Yes.  We can implement this without any requirement on modifying the
kernel.  While it wouldn't be as efficient, it is still worthwhile, and
doesn't require reassigning thread netns information.

It would require ensuring that we fill the netdev->netnsid information -
and I don't have a strong opinion on the best way to do that (it will
require a special case in the code right now to call the tun ioctl).

> commit 0c3e0e3bb623c3735b8c9ab8aa8332f944f83a9f
> Author: Kirill Tkhai <ktkhai at virtuozzo.com>
> Date:   Wed Mar 20 12:16:42 2019 +0300
>
>     tun: Add ioctl() TUNGETDEVNETNS cmd to allow obtaining real net ns of tun device
>     
>     In commit f2780d6d7475 "tun: Add ioctl() SIOCGSKNS cmd to allow
>     obtaining net ns of tun device" it was missed that tun may change
>     its net ns, while net ns of socket remains the same as it was
>     created initially. SIOCGSKNS returns net ns of socket, so it is
>     not suitable for obtaining net ns of device.
>     
>     We may have two tun devices with the same names in two net ns,
>     and in this case it's not possible to determ, which of them
>     fd refers to (TUNGETIFF will return the same name).
>     
>     This patch adds new ioctl() cmd for obtaining net ns of a device.
>     
>     Reported-by: Harald Albrecht <harald.albrecht at gmx.net>
>     Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
>     Signed-off-by: David S. Miller <davem at davemloft.net>
>
> HTH,
> fbl
>
>> 
>> 
>> -----邮件原件-----
>> 发件人: Flavio Leitner [mailto:fbl at sysclose.org] 
>> 发送时间: 2020年9月17日 19:59
>> 收件人: Yi Yang (杨燚)-云服务集团 <yangyi01 at inspur.com>
>> 抄送: aconole at redhat.com; yang_y_yi at 163.com; ovs-dev at openvswitch.org; i.maximets at ovn.org
>> 主题: Re: 答复: [ovs-dev] [PATCH v2 0/3] userspace: enable tap interface?statistics and status update support
>> 
>> On Thu, Sep 17, 2020 at 01:05:22AM +0000, Yi Yang (杨燚)-云服务集团 wrote:
>> > Aaron, any caller thread just binds it to netns on calling
>> > enter_netns, once it has entered netns, it won't disappear, so
>> > exit_netns caller thread must be current thread, once it exits
>> > netns, it returns back to original root netns, at this point, this
>> > thread can disappear, not a question, isn't it? So I'm not sure
>> > why you're saying it is unsafe.
>> > 
>> > It is impossible to let Linux kernel  provide that API with netns as 
>> > argument, although it is possible to do it theoretically, it is 
>> > impractical  fantasy IMO :-)
>> 
>> OVS already uses rtm_getlink to get that information, see netdev_linux_update_via_netlink().
>> 
>> What we need is to get netnsid from the tap socket. I also think that is a reasonable kernel API addition.  See for example:
>>  a86bd14ec ("netlink: provide network namespace id from a msg.").
>> 
>> fbl
>> 
>> > 
>> > -----邮件原件-----
>> > 发件人: dev [mailto:ovs-dev-bounces at openvswitch.org] 代表 Aaron Conole
>> > 发送时间: 2020年9月17日 0:38
>> > 收件人: yang_y_yi at 163.com
>> > 抄送: ovs-dev at openvswitch.org; i.maximets at ovn.org; fbl at sysclose.org
>> > 主题: Re: [ovs-dev] [PATCH v2 0/3] userspace: enable tap interface 
>> > statistics and status update support
>> > 
>> > yang_y_yi at 163.com writes:
>> > 
>> > > From: Yi Yang <yangyi01 at inspur.com>
>> > >
>> > > OVS userspace datapath can't support tap interface statistics and 
>> > > status update, so users can't get these information by cmd 
>> > > "ovs-vsctl list interface tap1", the root cause of this issue is OVS 
>> > > doesn't know network namespace of tap interface.
>> > >
>> > > This patch series fixed this issue and make sure tap interface can 
>> > > show statistics and get status update.
>> > >
>> > > Yi Yang (3):
>> > >   Add netns option for tap interface in userspace datapath
>> > >   Fix tap interface statistics issue
>> > >   Fix tap interface status update issue in network namespace
>> > >
>> > >  lib/dpif-netlink.c         |  51 +++++
>> > >  lib/dpif-netlink.h         |   3 +
>> > >  lib/netdev-linux-private.h |   1 +
>> > >  lib/netdev-linux.c         | 481 ++++++++++++++++++++++++++++++++++++++++-----
>> > >  lib/netlink-socket.c       | 146 ++++++++++++++
>> > >  lib/netlink-socket.h       |   2 +
>> > >  lib/socket-util-unix.c     |  37 ++++
>> > >  lib/socket-util.h          |   3 +
>> > >  8 files changed, 675 insertions(+), 49 deletions(-)
>> > >
>> > > --
>> > >
>> > > Changelog
>> > >
>> > >   v1 -> v2:
>> > >     * Split pmd thread support to seperate patch series
>> > >     * Check enter_netns return error
>> > >     * Limit setns to network namespace only by CLONE_NEWNET
>> > 
>> > Sorry, but more thinking about this I don't support this series
>> > going in.  It reassociates the thread with a netns that may
>> > disappear causing faults in the middle of processing - I don't
>> > think it's safe.
>> > 
>> > NAK.
>> > 
>> > I think the correct solution is to add support in the kernel for 
>> > getting the netns/ifindex from the tap socket, and then use that to 
>> > query the statistics.  This should be solved by using (or creating if 
>> > one doesn't
>> > exist) a kernel API to do this query by getting the netns information and using that to do these get operations.
>> > 
>> > Maybe someone disagrees.
>> > 
>> > _______________________________________________
>> > dev mailing list
>> > dev at openvswitch.org
>> > https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>> 
>> 
>> 
>> --
>> fbl



More information about the dev mailing list