On 6/30/21 11:34 AM, Lorenzo Bianconi wrote:
> Move stateful lb rules for logical switches in
> build_lswitch_flows_for_lb routine in order to reduce cpu utilization
>
> Signed-off-by: Lorenzo Bianconi <[email protected]>
> ---
> northd/ovn-northd.c | 42 ++++++++++++++++++------------------------
> 1 file changed, 18 insertions(+), 24 deletions(-)
>
> diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
> index e653b0dd5..3ae2b8d9f 100644
> --- a/northd/ovn-northd.c
> +++ b/northd/ovn-northd.c
> @@ -6028,8 +6028,7 @@ build_qos(struct ovn_datapath *od, struct hmap *lflows)
> {
> }
>
> static void
> -build_lb_rules(struct ovn_datapath *od, struct hmap *lflows,
> - struct ovn_northd_lb *lb)
> +build_lb_rules(struct hmap *lflows, struct ovn_northd_lb *lb)
> {
> struct ds action = DS_EMPTY_INITIALIZER;
> struct ds match = DS_EMPTY_INITIALIZER;
> @@ -6079,15 +6078,15 @@ build_lb_rules(struct ovn_datapath *od, struct hmap
> *lflows,
>
> ds_put_format(&match, "ct.new && %s.dst == %s", ip_match,
> lb_vip->vip_str);
> + int priority = 110;
> if (lb_vip->vip_port) {
> ds_put_format(&match, " && %s.dst == %d", proto,
> lb_vip->vip_port);
> - ovn_lflow_add_with_hint(lflows, od, S_SWITCH_IN_STATEFUL, 120,
> - ds_cstr(&match), ds_cstr(&action),
> - &lb->nlb->header_);
> - } else {
> - ovn_lflow_add_with_hint(lflows, od, S_SWITCH_IN_STATEFUL, 110,
> - ds_cstr(&match), ds_cstr(&action),
> - &lb->nlb->header_);
> + priority += 10;
Probably better to be explicit:
priority = 120;
Thanks,
Dumitru
> + }
> + for (int j = 0; j < lb->n_nb_ls; j++) {
> + ovn_lflow_add_with_hint(lflows, lb->nb_ls[j],
> S_SWITCH_IN_STATEFUL,
> + priority, ds_cstr(&match),
> + ds_cstr(&action), &lb->nlb->header_);
> }
> }
> ds_destroy(&action);
> @@ -6095,7 +6094,7 @@ build_lb_rules(struct ovn_datapath *od, struct hmap
> *lflows,
> }
>
> static void
> -build_stateful(struct ovn_datapath *od, struct hmap *lflows, struct hmap
> *lbs)
> +build_stateful(struct ovn_datapath *od, struct hmap *lflows)
> {
> /* Ingress and Egress stateful Table (Priority 0): Packets are
> * allowed by default. */
> @@ -6112,19 +6111,6 @@ build_stateful(struct ovn_datapath *od, struct hmap
> *lflows, struct hmap *lbs)
> ovn_lflow_add(lflows, od, S_SWITCH_OUT_STATEFUL, 100,
> REGBIT_CONNTRACK_COMMIT" == 1",
> "ct_commit { ct_label.blocked = 0; }; next;");
> -
> - /* Load balancing rules for new connections get committed to conntrack
> - * table. So even if REGBIT_CONNTRACK_COMMIT is set in a previous table
> - * a higher priority rule for load balancing below also commits the
> - * connection, so it is okay if we do not hit the above match on
> - * REGBIT_CONNTRACK_COMMIT. */
> - for (int i = 0; i < od->nbs->n_load_balancer; i++) {
> - struct ovn_northd_lb *lb =
> - ovn_northd_lb_find(lbs,
> &od->nbs->load_balancer[i]->header_.uuid);
> -
> - ovs_assert(lb);
> - build_lb_rules(od, lflows, lb);
> - }
> }
>
> static void
> @@ -6892,7 +6878,7 @@ build_lswitch_lflows_pre_acl_and_acl(struct
> ovn_datapath *od,
> build_acl_hints(od, lflows);
> build_acls(od, lflows, port_groups, meter_groups);
> build_qos(od, lflows);
> - build_stateful(od, lflows, lbs);
> + build_stateful(od, lflows);
> build_lb_hairpin(od, lflows);
> }
> }
> @@ -8988,6 +8974,7 @@ build_lswitch_flows_for_lb(struct ovn_northd_lb *lb,
> struct hmap *lflows,
> ds_clear(&action);
> ds_clear(&match);
>
> + /* pre-stateful lb */
> if (build_empty_lb_event_flow(lb_vip, lb->nlb, meter_groups,
> &match, &action)) {
> for (int j = 0; j < lb->n_nb_ls; j++) {
> @@ -9006,6 +8993,13 @@ build_lswitch_flows_for_lb(struct ovn_northd_lb *lb,
> struct hmap *lflows,
> ds_destroy(&action);
> ds_destroy(&match);
>
> + /* stateful lb
> + * Load balancing rules for new connections get committed to conntrack
> + * table. So even if REGBIT_CONNTRACK_COMMIT is set in a previous table
> + * a higher priority rule for load balancing below also commits the
> + * connection, so it is okay if we do not hit the above match on
> + * REGBIT_CONNTRACK_COMMIT. */
> + build_lb_rules(lflows, lb);
> }
>
> static void
>
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
