[ovs-git] [ovn-org/ovn] f89a50: lflow: Generate unique integer for each Load Balancer

Mark Gray noreply at github.com
Thu Aug 12 17:26:23 UTC 2021


  Branch: refs/heads/master
  Home:   https://github.com/ovn-org/ovn
  Commit: f89a506de2a6b211a8c8865df22c79b863421e3c
      https://github.com/ovn-org/ovn/commit/f89a506de2a6b211a8c8865df22c79b863421e3c
  Author: Mark Gray <mark.d.gray at redhat.com>
  Date:   2021-08-12 (Thu, 12 Aug 2021)

  Changed paths:
    M controller/lflow.c
    M controller/lflow.h
    M controller/ovn-controller.c

  Log Message:
  -----------
  lflow: Generate unique integer for each Load Balancer

Conjunctive flows require a unique integer as an identifier.
In a future patch, we will use conjunctive flows for LB
hairpin flows. This patch generates a unique integer id for each
LB.

Signed-off-by: Mark Gray <mark.d.gray at redhat.com>
Signed-off-by: Numan Siddique <numans at ovn.org>


  Commit: 07467cfac499b1d906478c9e9b3d332eaf773566
      https://github.com/ovn-org/ovn/commit/07467cfac499b1d906478c9e9b3d332eaf773566
  Author: Mark Gray <mark.d.gray at redhat.com>
  Date:   2021-08-12 (Thu, 12 Aug 2021)

  Changed paths:
    M controller/lflow.c
    M controller/lflow.h
    M tests/ovn.at
    M tests/test-ovn.c

  Log Message:
  -----------
  lflow: Refactor OpenFlow snat hairpin flows

Currently, ovn-controller generates N x V OpenFlow snat hairpin flows where:

N = number of datapaths
V = number of LB VIPs

In a scale setup with 120 nodes, 15k VIPs, and 3 Protocols, this can generate
5.4M OpenFlows in the OFTABLE_CT_SNAT_FOR_VIP table with the following form:

table=70, priority=100,udp,reg1=0x4001149,metadata=0x2f actions=ct(commit,zone=NXM_NX_REG12[0..15],nat(src=4.0.17.73))

As only hairpin flows match this table and as the SNAT action only specifies
the VIP, this flow is independent of the metadata match field and can be
removed. This reduces the number of SNAT flows to V.

However, OVN allows the CMS to specify what address to use for SNAT via the
"hairpin_snat_ip" option in the Load_Balancer table in the NBDB. If this is
specified, we must include the metadata field because multiple LBs which have
the same VIP (but with a different "hairpin_snat_ip" address) could be added
to different datapaths.

However, these flows can be optimized by using a conjunctive flow that matches
on the VIP in one dimension and the datapath in the other dimension. For example,
for two LBs with the same VIP but different "hairpin_snat_ip" addresses added
to different datapaths:

 table=70, priority=200,conj_id=1,ip actions=ct(commit,zone=NXM_NX_REG12[[0..15]],nat(src=88.88.88.91))
 table=70, priority=200,conj_id=2,ip actions=ct(commit,zone=NXM_NX_REG12[[0..15]],nat(src=88.88.88.90))
 table=70, priority=200,metadata=0x1 actions=conjunction(1,1/2)
 table=70, priority=200,metadata=0x2 actions=conjunction(2,1/2)
 table=70, priority=200,tcp,reg1=0x58585858,reg2=0x1f90/0xffff actions=conjunction(2,2/2),conjunction(1,2/2)

This will increase the number of snat hairpin flows from the general case but
will not be V x N due to the use of the conjuctive flows.

For the best-case scenario (no "hairpin_snat_ip"), this patch shows the
following improvements:

* A reduction in ovn-controller recompute time for
  logical flows: 16 -> 11.8s
* A reduction in total ovs-vswitchd OpenFlows: 7.7M -> 2.1M
* A reduction in ovs-vswitchd RSS: 9.9G -> 2.7G

This patch updates these flows and associated tests.

Signed-off-by: Mark Gray <mark.d.gray at redhat.com>
Signed-off-by: Numan Siddique <numans at ovn.org>


Compare: https://github.com/ovn-org/ovn/compare/0e0228beae38...07467cfac499


More information about the git mailing list