[ovs-git] [openvswitch/ovs] 413891: OVN ACL: Replace the usage of ct_label with ct_mark
igsilya
noreply at github.com
Wed Apr 17 17:47:41 UTC 2019
Branch: refs/heads/master
Home: https://github.com/openvswitch/ovs
Commit: 413891ecb64a66c8995ab1911f84a6a5aef34a93
https://github.com/openvswitch/ovs/commit/413891ecb64a66c8995ab1911f84a6a5aef34a93
Author: Ankur Sharma <ankur.sharma at nutanix.com>
Date: 2019-04-17 (Wed, 17 Apr 2019)
Changed paths:
M Documentation/tutorials/ovn-openstack.rst
M ovn/lib/logical-fields.c
M ovn/northd/ovn-northd.8.xml
M ovn/northd/ovn-northd.c
M tests/ovn.at
Log Message:
-----------
OVN ACL: Replace the usage of ct_label with ct_mark
OVN ACL implementation used ct_label to indicate if a previosuly
allowed connection shoudl not be allowed anymore and vice versa.
However, ct_label is a 128 bit value and we should rather leverage
on ct_mark which is a 32 bit value.
Using ct_mark for this purpose, allows us to use ct_label for storing
other values like, identifier for corresponidng OVN ACL/Security group etc.
Signed-off-by: Ankur Sharma <ankur.sharma at nutanix.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: a9d1f50d90644b160c2e22b79da2120e414f3a7a
https://github.com/openvswitch/ovs/commit/a9d1f50d90644b160c2e22b79da2120e414f3a7a
Author: Ankur Sharma <ankur.sharma at nutanix.com>
Date: 2019-04-17 (Wed, 17 Apr 2019)
Changed paths:
M include/ovn/actions.h
M ovn/lib/actions.c
M ovn/ovn-sb.xml
M tests/ovn.at
Log Message:
-----------
OVN ACL: Allow ct_mark and ct_label values to be set from register as well
OVN allows only an integer (or masked integer) to be assigned to
ct_mark and ct_label.
This patch, enhances the parser code to allow ct_mark and ct_label
to be assigned from 32 bit registers (MFF_REG0 - MFF_REG15) and 128
bit registers (MFF_XXREG0 - MFF_XXREG3) respectively.
Signed-off-by: Ankur Sharma <ankur.sharma at nutanix.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: b5f1a3b06c5cbecd2576bccbc00a471f94fc1343
https://github.com/openvswitch/ovs/commit/b5f1a3b06c5cbecd2576bccbc00a471f94fc1343
Author: Ankur Sharma <ankur.sharma at nutanix.com>
Date: 2019-04-17 (Wed, 17 Apr 2019)
Changed paths:
M ovn/ovn-nb.ovsschema
Log Message:
-----------
OVN ACL: Allow a user to input ct.label value for an acl
This patch allows user to associate a value with acl,
which will be assigned to ct.label of the corresponding
connection tracking entry.
This value can be used to map a ct entry with corresponding
OVN ACL or higher level constructs like security group.
Signed-off-by: Ankur Sharma <ankur.sharma at nutanix.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: ea20cd0d8a214827a27805117bc30a26107c9b46
https://github.com/openvswitch/ovs/commit/ea20cd0d8a214827a27805117bc30a26107c9b46
Author: Ilya Maximets <i.maximets at samsung.com>
Date: 2019-04-17 (Wed, 17 Apr 2019)
Changed paths:
M ovn/utilities/ovn-nbctl.c
Log Message:
-----------
ovn-nbctl: Fix 32-bit build with gcc.
ovn/utilities/ovn-nbctl.c: In function 'print_routing_policy':
ovn/utilities/ovn-nbctl.c:3620:23: error: format '%ld' expects argument
of type 'long int', but argument 3 has type 'int64_t'
policy->match, policy->action, next_hop);
^
ovn/utilities/ovn-nbctl.c:3624:23: error: format '%ld' expects argument
of type 'long int', but argument 3 has type 'int64_t'
policy->match, policy->action);
^
ovn/utilities/ovn-nbctl.c: In function 'cmd_ha_ch_grp_list':
ovn/utilities/ovn-nbctl.c:5056:27: error: format '%lu' expects argument
of type 'long unsigned int', but argument 10 has type 'int64_t'
ha_ch->priority);
^
cc1: all warnings being treated as errors
make[2]: *** [ovn/utilities/ovn-nbctl.o] Error 1
https://travis-ci.org/openvswitch/ovs/jobs/521015912
CC: Numan Siddique <nusiddiq at redhat.com>
CC: Mary Manohar <mary.manohar at nutanix.com>
Fixes: 1be1e0e5e0d1 ("ovn: Add generic HA chassis group")
Fixes: a64bb573468f ("Policy-based routing (PBR) in OVN.")
Signed-off-by: Ilya Maximets <i.maximets at samsung.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Compare: https://github.com/openvswitch/ovs/compare/e9cbac536dfe...ea20cd0d8a21
More information about the git
mailing list