northd: Add support for disabling vxlan mode.

Commit [1] introduced a "vxlan mode" concept. It brought a limitation for available tunnel IDs because of lack of space in VXLAN VNI. In vxlan mode OVN is limited by 4095 datapaths (LRs or non-transit LSs) and 2047 logical switch ports per datapath. Prior to this patch vxlan mode was enabled automatically if at least one chassis had encap of vxlan type. In scenarios where one want to use VXLAN only for HW VTEP (RAMP) switch, such limitation makes no sence. This patch adds support for explicit disabling of vxlan mode via Northbound database. 1: ovn-org@b07f1bc3d068 Signed-off-by: Vladislav Odintsov <odivlad@gmail.com>
odivlad · May 2, 2024 · 3846953 · 3846953
1 parent bc7fdb5
commit 3846953
Show file tree

Hide file tree

Showing 6 changed files with 58 additions and 0 deletions.
diff --git a/NEWS b/NEWS
@@ -17,6 +17,9 @@ Post v24.03.0
     external-ids, the option is no longer needed as it became effectively
     "true" for all scenarios.
   - Added DHCPv4 relay support.
+  - Added new global config option NB_Global:options:disable_vxlan_mode to
+    extend available tunnel IDs space for datapaths from 4095 to 16711680.
+    For more details see man ovn-nb(5) for mentioned option.
 
 OVN v24.03.0 - 01 Mar 2024
 --------------------------

diff --git a/northd/en-global-config.c b/northd/en-global-config.c
@@ -533,6 +533,11 @@ check_nb_options_out_of_sync(const struct nbrec_nb_global *nb,
         return true;
     }
 
+    if (config_out_of_sync(&nb->options, &config_data->nb_options,
+                           "disable_vxlan_mode", false)) {
+        return true;
+    }
+
     return false;
 }
 

diff --git a/northd/northd.c b/northd/northd.c
@@ -889,6 +889,11 @@ void
 init_vxlan_mode(const struct smap *nb_options,
                 const struct sbrec_chassis_table *sbrec_chassis_table)
 {
+    if (smap_get_bool(nb_options, "disable_vxlan_mode", false)) {
+        vxlan_mode = false;
+        return;
+    }
+
     const struct sbrec_chassis *chassis;
     SBREC_CHASSIS_TABLE_FOR_EACH (chassis, sbrec_chassis_table) {
         for (int i = 0; i < chassis->n_encaps; i++) {

diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml
@@ -2919,4 +2919,10 @@
     the future, gateways that do not support encapsulations with large amounts
     of metadata may continue to have a reduced feature set.
   </p>
+  <p>
+    <code>vxlan mode</code> is recommended to be disabled if VXLAN encap at
+    hypervisors is needed only to support HW VTEP L2 Gateway functionality.
+    See man ovn-nb(5) for table <code>NB_Global</code> column
+    <code>options</code> key <code>disable_vxlan_mode</code> for more details.
+  </p>
 </manpage>
diff --git a/ovn-nb.xml b/ovn-nb.xml
@@ -381,6 +381,16 @@
         of SB changes would be very noticeable.
       </column>
 
+      <column name="options" key="disable_vxlan_mode">
+        By default if at least one chassis in OVN cluster has VXLAN encap,
+        northd will run in a <code>vxlan mode</code>. See man
+        ovn-architecture(7) <code>Tunnel Encapsulations</code> paragraph for
+        more details.  In case VXLAN encaps are needed on chassis only to
+        support HW VTEP functionality and main encap type is GENEVE or STT, set
+        this option to `false` to use default non-`vxlan mode` tunnel IDs
+        allocation logic.
+      </column>
+
       <group title="Options for configuring interconnection route advertisement">
         <p>
           These options control how routes are advertised between OVN

diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
@@ -2847,6 +2847,35 @@ AT_CHECK(
 get_tunnel_keys
 AT_CHECK([test $lsp02 = 3 && test $ls1 = 123])
 
+AT_CLEANUP
+])
+OVN_FOR_EACH_NORTHD_NO_HV([
+AT_SETUP([check vxlan mode disabling])
+ovn_start
+
+# Create a fake chassis with vxlan encap to implicitly enable vxlan mode.
+ovn-sbctl \
+    --id=@e create encap chassis_name=hv1 ip="192.168.0.1" type="vxlan" \
+    -- --id=@c create chassis name=hv1 encaps=@e
+
+cmd="ovn-nbctl --wait=sb"
+for i in {1..4097..1}; do
+    cmd="${cmd} -- ls-add lsw-${i}"
+done
+
+check $cmd
+
+check_row_count nb:Logical_Switch 4097
+wait_row_count sb:Datapath_Binding 4095
+
+OVS_WAIT_UNTIL([grep "all datapath tunnel ids exhausted" northd/ovn-northd.log])
+
+# Explicitly disable vxlan mode and check that two remaining datapaths were created.
+check ovn-nbctl set NB_Global . options:disable_vxlan_mode=true
+
+check_row_count nb:Logical_Switch 4097
+wait_row_count sb:Datapath_Binding 4097
+
 AT_CLEANUP
 ])