Uploaded image for project: 'Fast Datapath Product'
  1. Fast Datapath Product
  2. FDP-434

CLONE [ovn23.06 fast-datapath-rhel-8] - ovn-northd creates unused meters for ACLs with logging disabled

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Obsolete
    • Icon: Undefined Undefined
    • None
    • None
    • ovn23.06
    • 1
    • False
    • Hide

      None

      Show
      None
    • False
    • rhel-sst-network-fastdatapath
    • ssg_networking

      If the ACL.log is false for a fair meter, but ACL.meter is set in the Northbound database, northd will create a unique meter for this ACL in a Southbound database, even though it will never be used.

      Normal ovn-nbctl acl-add command can't create such a record, but it is possible with a plain ovn-nbctl set or a direct database transaction.

      In practice, ovn-kubernetes always sets the ACL.meter column even if the logging is not enabled in the namespace. This creates extra unnecessary load on the Southbound database and the ovn-controller that performs a linear iteration over the Southbound Meter table on every ofctrl_put().

      Logging is also not a default option, so only a fraction of ACLs will actually need meters under normal circumstances.

              imaximet@redhat.com Ilya Maximets
              ovnteam@redhat.com OVN Team
              Jianlin Shi Jianlin Shi
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: