commit c63ebef2d58e15f4388cf064066f77b503a2f841
Author: LIU Yulong <email address hidden>
Date: Mon Nov 29 12:27:23 2021 +0800
Add tag to port more earlier
During some ml2 ovs agent port processing performance test, we noticed
that some ports are missing tag before it really done processing. While
ovs treats those ports without tag as trunk port, so some packets will
be flooded to it. In large scale cloud, if too many port added to the
bridge, the ovs-vswitchd will consume a huge amount of CPU cores if
ports are not bound in a short time.
So, in the port_bound function of ovs-agent, we set the port tag to
it after a local_vlan id is allocated. Because after that, setup
security groups (setup_port_filters) and bind devices in DB
(update_device_list) are really time-consuming.
And also fix a potential bug, port is processed as created first,
but no tag in ovsdb, so openflow security group will not be processed
successfully [1]. It must be done in a update event during next loop,
after port bound and ovsdb set the required value.
This patch can also fix some upstream test failures of waiting too
long time to ping some cases.
Reviewed: https:/ /review. opendev. org/c/openstack /neutron/ +/819567 /opendev. org/openstack/ neutron/ commit/ c63ebef2d58e15f 4388cf064066f77 b503a2f841
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit c63ebef2d58e15f 4388cf064066f77 b503a2f841
Author: LIU Yulong <email address hidden>
Date: Mon Nov 29 12:27:23 2021 +0800
Add tag to port more earlier
During some ml2 ovs agent port processing performance test, we noticed
that some ports are missing tag before it really done processing. While
ovs treats those ports without tag as trunk port, so some packets will
be flooded to it. In large scale cloud, if too many port added to the
bridge, the ovs-vswitchd will consume a huge amount of CPU cores if
ports are not bound in a short time.
So, in the port_bound function of ovs-agent, we set the port tag to port_filters) and bind devices in DB device_ list) are really time-consuming.
it after a local_vlan id is allocated. Because after that, setup
security groups (setup_
(update_
And also fix a potential bug, port is processed as created first,
but no tag in ovsdb, so openflow security group will not be processed
successfully [1]. It must be done in a update event during next loop,
after port bound and ovsdb set the required value.
This patch can also fix some upstream test failures of waiting too
long time to ping some cases.
[1] https:/ /github. com/openstack/ neutron/ blob/master/ neutron/ agent/linux/ openvswitch_ firewall/ firewall. py#L112
Closes-Bug: #1952567 8d0888ad58f9759 60d89a985d9
Change-Id: I3533f0d416d32f