Hi Thanks Ales for the feedback. There is also a small change needed to make userspace tests to work as well (as pointed out by ovs_robot). I'll send a v2.
Thanks Xavier On Wed, Mar 20, 2024 at 12:11 PM Ales Musil <[email protected]> wrote: > > > On Wed, Mar 20, 2024 at 8:12 AM Xavier Simonart <[email protected]> > wrote: > >> Pinctrl is responsible of creating MAC_Bindings on peer router datapaths. >> However, when sb was read-only, this did not happen. >> This caused the test "neighbor update on same HV" to fail in a flaky way. >> >> Signed-off-by: Xavier Simonart <[email protected]> >> --- >> > > Hi Xavier, > > thank you for the patch. I have one comment down below. > > controller/pinctrl.c | 2 +- >> tests/ovn-macros.at | 10 +++- >> tests/system-ovn.at | 127 +++++++++++++++++++++++++++++++++++++++++++ >> 3 files changed, 137 insertions(+), 2 deletions(-) >> >> diff --git a/controller/pinctrl.c b/controller/pinctrl.c >> index 2d3595cd2..f75b04696 100644 >> --- a/controller/pinctrl.c >> +++ b/controller/pinctrl.c >> @@ -4711,7 +4711,7 @@ send_garp_rarp_update(struct ovsdb_idl_txn >> *ovnsb_idl_txn, >> garp_rarp->announce_time = time_msec() + 1000; >> garp_rarp->backoff = 1000; /* msec. */ >> } >> - } else { >> + } else if (ovnsb_idl_txn) { >> add_garp_rarp(name, laddrs->ea, >> laddrs->ipv4_addrs[i].addr, >> binding_rec->datapath->tunnel_key, >> diff --git a/tests/ovn-macros.at b/tests/ovn-macros.at >> index ed93764d3..aaa8824cb 100644 >> --- a/tests/ovn-macros.at >> +++ b/tests/ovn-macros.at >> @@ -220,12 +220,14 @@ ovn_start_northd() { >> # options are accepted to adjust that: >> # --backup-northd Start a backup northd. >> # --backup-northd=paused Start the backup northd in the paused state. >> +# --use-tcp-to-sb Use tcp to connect to sb. >> ovn_start () { >> local backup_northd=false >> local backup_northd_options= >> case $1 in >> --backup-northd) backup_northd=true; shift ;; >> --backup-northd=paused) backup_northd=true; >> backup_northd_options=--paused; shift ;; >> + --use-tcp-to-sb) use_tcp=true; shift ;; >> esac >> local AZ=$1 >> local msg_prefix=${AZ:+$AZ: } >> @@ -246,7 +248,13 @@ ovn_start () { >> ovn_start_northd $backup_northd_options backup $AZ >> fi >> >> - if test X$HAVE_OPENSSL = Xyes; then >> + if test $use_tcp; then >> + # Create the SB DB ptcp connection. >> + ovn-sbctl \ >> + -- --id=@c create connection \ >> + target=\"ptcp:0:127.0.0.1\" \ >> + -- add SB_Global . connections @c >> + elif test X$HAVE_OPENSSL = Xyes; then >> # Create the SB DB pssl+RBAC connection. >> ovn-sbctl \ >> -- --id=@c create connection \ >> diff --git a/tests/system-ovn.at b/tests/system-ovn.at >> index 54d913c0b..20ddb487f 100644 >> --- a/tests/system-ovn.at >> +++ b/tests/system-ovn.at >> @@ -12208,3 +12208,130 @@ OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query >> port patch-.*/d >> /connection dropped.*/d"]) >> AT_CLEANUP >> ]) >> + >> +OVN_FOR_EACH_NORTHD([ >> +AT_SETUP([MAC_Bindings updates on read-only sb]) >> +ovn_start --use-tcp-to-sb >> +OVS_TRAFFIC_VSWITCHD_START() >> +ADD_BR([br-int]) >> + >> +PARSE_LISTENING_PORT([$ovs_base/ovn-sb/ovsdb-server.log], [TCP_PORT]) >> + >> +# Use tcp to connect to sb >> +ovs-vsctl \ >> + -- set Open_vSwitch . external-ids:system-id=hv1 \ >> + -- set Open_vSwitch . >> external-ids:ovn-remote=tcp:127.0.0.1:$TCP_PORT >> \ >> + -- set Open_vSwitch . external-ids:ovn-encap-type=geneve \ >> + -- set Open_vSwitch . external-ids:ovn-encap-ip=169.0.0.1 \ >> + -- set bridge br-int fail-mode=secure >> other-config:disable-in-band=true >> + >> +# Start ovn-controller >> +start_daemon ovn-controller >> + >> +# Logical network: >> +# A public switch (pub) with a localnet port connected to two LRs (lr0 >> and lr1) >> +# each with a distributed gateway port. >> +# Two VMs: lp0 on sw0 connected to lr0 >> +# lp1 on sw1 connected to lr1 >> +# >> +# This test adds a floating IP on one VM and checks the MAC_Binding >> entries to be updated properly. >> + >> +# By stopping temporarily updates from controller to sb, we are making >> sb read-only. >> +# We can't just pause sb to make it read-only, as we expect sb to still >> handle northd changes. >> +stop_ovsdb_controller_updates() { >> + TCP_PORT=$1 >> + echo Stopping updates from ovn-controller to ovsdb using port $TCP_PORT >> + on_exit 'iptables -C INPUT -p tcp --destination-port $TCP_PORT -j DROP >> 2>/dev/null && iptables -D INPUT -p tcp --destination-port $TCP_PORT -j >> DROP' >> + iptables -A INPUT -p tcp --destination-port $TCP_PORT -j DROP >> > > iptables are not available by default on Fedora (not sure about Ubuntu), > we should consider using nftables instead. > (/workspace/ovn/tests/system-kmod-testsuite.dir/at-groups/162/test-source: > line 214: iptables: command not found) > > >> +} >> +restart_ovsdb_controller_updates() { >> + TCP_PORT=$1 >> + echo Restarting updates from ovn-controller to ovsdb >> + iptables -D INPUT -p tcp --destination-port $TCP_PORT -j DROP >> +} >> + >> +# Create logical switches >> +check ovn-nbctl ls-add sw0 >> +check ovn-nbctl ls-add sw1 >> +check ovn-nbctl ls-add pub >> + >> +# Created localnet port on public switch >> +check ovn-nbctl lsp-add pub ln-pub >> +check ovn-nbctl lsp-set-type ln-pub localnet >> +check ovn-nbctl lsp-set-addresses ln-pub unknown >> +check ovn-nbctl lsp-set-options ln-pub network_name=phys >> + >> +# Create logical routers and connect them to public switch >> +AT_CHECK([(ovn-nbctl create Logical_Router name=lr0; >> + ovn-nbctl create Logical_Router name=lr1) | uuidfilt], [0], >> [<0> >> +<1> >> +]) >> +check ovn-nbctl lrp-add lr0 lr0-pub f0:00:00:00:00:01 172.24.4.220/24 >> +check ovn-nbctl lsp-add pub pub-lr0 -- set Logical_Switch_Port pub-lr0 \ >> + type=router options:router-port=lr0-pub >> options:nat-addresses="router" addresses="router" >> +check ovn-nbctl lrp-add lr1 lr1-pub f0:00:00:00:01:01 172.24.4.221/24 >> +check ovn-nbctl lsp-add pub pub-lr1 -- set Logical_Switch_Port pub-lr1 \ >> + type=router options:router-port=lr1-pub >> options:nat-addresses="router" addresses="router" >> + >> +check ovn-nbctl lrp-set-gateway-chassis lr0-pub hv1 10 >> +check ovn-nbctl lrp-set-gateway-chassis lr1-pub hv1 10 >> + >> +# Connect sw0 and sw1 to lr0 and lr1 >> +check ovn-nbctl lrp-add lr0 lr0-sw0 00:00:00:00:ff:01 10.0.0.254/24 >> +check ovn-nbctl lsp-add sw0 sw0-lr0 -- set Logical_Switch_Port sw0-lr0 >> type=router \ >> + options:router-port=lr0-sw0 addresses="router" >> +check ovn-nbctl lrp-add lr1 lr1-sw1 00:00:00:00:ff:02 20.0.0.254/24 >> +check ovn-nbctl lsp-add sw1 sw1-lr1 -- set Logical_Switch_Port sw1-lr1 >> type=router \ >> + options:router-port=lr1-sw1 addresses="router" >> + >> +check ovs-vsctl add-br br-phys >> +ovn_attach n1 br-phys 172.24.4.1 >> +check ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys >> + >> +check ovs-vsctl add-port br-int vif0 \ >> + -- set Interface vif0 external-ids:iface-id=lp0 \ >> + -- set Interface vif0 type=internal >> + >> +check ovn-nbctl lsp-add sw0 lp0 >> +check ovn-nbctl lsp-add sw1 lp1 >> +check ovn-nbctl lsp-set-addresses lp0 "50:54:00:00:00:01 10.0.0.10" >> +check ovn-nbctl lsp-set-addresses lp1 "50:54:00:00:00:02 20.0.0.10" >> + >> +OVS_WAIT_UNTIL([test x`ovn-nbctl lsp-get-up lp0` = xup]) >> +ovn-nbctl --wait=hv sync >> + >> +# Stopping updates to sb >> +stop_ovsdb_controller_updates $TCP_PORT >> + >> +# Adding lp1 : this will make sb read-only >> +check ovs-vsctl add-port br-int vif1 \ >> + -- set Interface vif1 external-ids:iface-id=lp1 \ >> + -- set Interface vif1 type=internal >> + >> +# Make sure ovn-controller handled vif1 addition. So, at this point >> ovn-controller did try to update sb >> +OVS_WAIT_UNTIL([test `ovs-vsctl get Interface vif1 >> external_ids:ovn-installed` = '"true"']) >> + >> +# Create floating IP. SB should be read-only, so we should be enable to >> update MAC_Bindings now. >> +check ovn-nbctl --wait=sb lr-nat-add lr0 dnat_and_snat 172.24.4.100 >> 10.0.0.10 >> + >> +# Restarting updates. >> +restart_ovsdb_controller_updates $TCP_PORT >> +# Check that the MAC_Binding entries have been properly created as SB is >> now writable. >> +wait_row_count MAC_Binding 1 logical_port=lr1-pub ip=172.24.4.100 >> + >> +OVS_APP_EXIT_AND_WAIT([ovn-controller]) >> + >> +as ovn-sb >> +OVS_APP_EXIT_AND_WAIT([ovsdb-server]) >> + >> +as ovn-nb >> +OVS_APP_EXIT_AND_WAIT([ovsdb-server]) >> + >> +as northd >> +OVS_APP_EXIT_AND_WAIT([ovn-northd]) >> + >> +as >> +OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d >> +/connection dropped.*/d"]) >> +AT_CLEANUP >> +]) >> -- >> 2.31.1 >> >> _______________________________________________ >> dev mailing list >> [email protected] >> https://mail.openvswitch.org/mailman/listinfo/ovs-dev >> >> > Thanks, > Ales > -- > > Ales Musil > > Senior Software Engineer - OVN Core > > Red Hat EMEA <https://www.redhat.com> > > [email protected] > <https://red.ht/sig> > _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
