[ovs-dev] [PATCH ovn v1 1/1] ovn-controller: Ensure br-int is using secure fail-mode
Frode Nordahl
frode.nordahl at canonical.com
Fri May 7 07:02:07 UTC 2021
fre. 7. mai 2021, 03:22 skrev Flavio Fernandes <flavio at flaviof.com>:
> By default, OVS bridges use standalone fail-mode, which means it is
> configured with a single row with the NORMAL action as its OpenFlow table.
> Upon system reboot, an integration bridge with many ports and such a table
> could create broadcast storms and duplicate packets. That is why
> ovn-controller creates the integration bridge with secure fail-mode.
> Under that mode, the OpenFlow table remains empty until the controller
> populates it, which could happen many seconds after the bridge is
> operational. Unfortunately, the fail-mode setting was not being
> done if the bridge was already created by the time ovn-controller
> starts. This change fixes that and logs a warning should the fail-mode
> ever needed to be corrected.
>
It would indeed be good to liberate the deployment tooling from the
responsibility of maintaining the fail-mode, so I welcome this change.
Reported-at: https://bugzilla.redhat.com/1957025
> Signed-off-by: Flavio Fernandes <flavio at flaviof.com>
> ---
> controller/ovn-controller.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/controller/ovn-controller.c b/controller/ovn-controller.c
> index 6106a9661..e4cbf3583 100644
> --- a/controller/ovn-controller.c
> +++ b/controller/ovn-controller.c
> @@ -401,6 +401,12 @@ process_br_int(struct ovsdb_idl_txn *ovs_idl_txn,
> ovs_table);
> if (!br_int) {
> br_int = create_br_int(ovs_idl_txn, ovs_table);
> + } else if (ovs_idl_txn) {
>
Would it make sense to put this code into the branch below instead? It
appears to me it already executes on the condition you want.
+ const char *fail_mode = br_int->fail_mode;
> + if (!fail_mode || strcmp(fail_mode, "secure")) {
> + ovsrec_bridge_set_fail_mode(br_int, "secure");
> + VLOG_WARN("Integration bridge fail-mode set to secure.");
>
While I agree this action should be logged, I wonder if the text could be
rephrased. As it stands it could read as having br-int in secure fail-mode
is a undesirable situation, whereas the opposite is true.
+ }
> }
> if (br_int && ovs_idl_txn) {
> const struct ovsrec_open_vswitch *cfg;
> --
> 2.25.1
>
--
Frode Nordahl
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
More information about the dev
mailing list