-
Bug
-
Resolution: Done-Errata
-
Undefined
-
None
-
None
If the ACL.log is false for a fair meter, but ACL.meter is set in the Northbound database, northd will create a unique meter for this ACL in a Southbound database, even though it will never be used.
Normal ovn-nbctl acl-add command can't create such a record, but it is possible with a plain ovn-nbctl set or a direct database transaction.
In practice, ovn-kubernetes always sets the ACL.meter column even if the logging is not enabled in the namespace. This creates extra unnecessary load on the Southbound database and the ovn-controller that performs a linear iteration over the Southbound Meter table on every ofctrl_put().
Logging is also not a default option, so only a fraction of ACLs will actually need meters under normal circumstances.
- clones
-
FDP-401 ovn-northd creates unused meters for ACLs with logging disabled
- Closed
- links to
-
RHBA-2024:136854 ovn24.03 bug fix and enhancement update