Skip to content

Commit

Permalink
fix u2o policy route allocate too many openflows cause oom (#3099)
Browse files Browse the repository at this point in the history
  • Loading branch information
changluyi authored Aug 4, 2023
1 parent a9fdbf9 commit a0c5e38
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 4 deletions.
6 changes: 3 additions & 3 deletions pkg/controller/subnet.go
Original file line number Diff line number Diff line change
Expand Up @@ -2515,13 +2515,13 @@ func (c *Controller) addPolicyRouteForU2OInterconn(subnet *kubeovnv1.Subnet) err
U2OexcludeIPAs = u2oExcludeIp6Ag
}

match1 := fmt.Sprintf("%s.dst == %s && %s.dst != $%s", ipSuffix, cidrBlock, ipSuffix, U2OexcludeIPAs)
match1 := fmt.Sprintf("%s.dst == %s", ipSuffix, cidrBlock)
match2 := fmt.Sprintf("%s.dst == $%s && %s.src == %s", ipSuffix, U2OexcludeIPAs, ipSuffix, cidrBlock)
match3 := fmt.Sprintf("%s.src == %s", ipSuffix, cidrBlock)

/*
policy1:
prio 31000 match: "ip4.dst == underlay subnet cidr && ip4.dst != node ips" action: allow
prio 29400 match: "ip4.dst == underlay subnet cidr" action: allow
policy2:
prio 31000 match: "ip4.dst == node ips && ip4.src == underlay subnet cidr" action: reroute physical gw
Expand All @@ -2536,7 +2536,7 @@ func (c *Controller) addPolicyRouteForU2OInterconn(subnet *kubeovnv1.Subnet) err
action := ovnnb.LogicalRouterPolicyActionAllow
if subnet.Spec.Vpc == c.config.ClusterRouter {
klog.Infof("add u2o interconnection policy for router: %s, match %s, action %s", subnet.Spec.Vpc, match1, action)
if err := c.ovnClient.AddLogicalRouterPolicy(subnet.Spec.Vpc, util.SubnetRouterPolicyPriority, match1, action, nil, externalIDs); err != nil {
if err := c.ovnClient.AddLogicalRouterPolicy(subnet.Spec.Vpc, util.U2OSubnetPolicyPriority, match1, action, nil, externalIDs); err != nil {
klog.Errorf("failed to add u2o interconnection policy1 for subnet %s %v", subnet.Name, err)
return err
}
Expand Down
1 change: 1 addition & 0 deletions pkg/util/const.go
Original file line number Diff line number Diff line change
Expand Up @@ -187,6 +187,7 @@ const (
OvnFip = "ovn"
IptablesFip = "iptables"

U2OSubnetPolicyPriority = 29400
GatewayRouterPolicyPriority = 29000
OvnICPolicyPriority = 29500
NodeRouterPolicyPriority = 30000
Expand Down
2 changes: 1 addition & 1 deletion test/e2e/kube-ovn/underlay/underlay.go
Original file line number Diff line number Diff line change
Expand Up @@ -785,7 +785,7 @@ func checkU2OItems(f *framework.Framework, subnet *apiv1.Subnet, underlayPod, ov
asName := strings.Replace(fmt.Sprintf("%s.u2o_exclude_ip.%s", subnet.Name, protocolStr), "-", ".", -1)
if !isU2OCustomVpc {
ginkgo.By(fmt.Sprintf("checking underlay subnet's policy1 route %s", protocolStr))
hitPolicyStr := fmt.Sprintf("%d %s.dst == %s && %s.dst != $%s allow", util.SubnetRouterPolicyPriority, protocolStr, cidr, protocolStr, asName)
hitPolicyStr := fmt.Sprintf("%d %s.dst == %s allow", util.U2OSubnetPolicyPriority, protocolStr, cidr)
checkPolicy(hitPolicyStr, subnet.Spec.U2OInterconnection, subnet.Spec.Vpc)

ginkgo.By(fmt.Sprintf("checking underlay subnet's policy2 route %s", protocolStr))
Expand Down

0 comments on commit a0c5e38

Please sign in to comment.