Topic/network simplify #1214
Topic/network simplify #1214
Conversation
mcastelino
requested review from
amshinde,
egernst,
grahamwhaley and
jodh-intel
|
@grahamwhaley @devimc @egernst any idea The CI keeps failing |
|
restarting travis |
|
@mcastelino btw |
mcastelino
force-pushed
the
topic/network-simplify
branch
from
beca7e5 to
d5814a2
Compare
|
@mcastelino In terms of performance, we know that tc mirroring is superior to the bridged mode? |
@sameo tc mirroring is slightly less performant than macvtap. We did not measure tc mirror vs bridged mode. However as macvtap mode should support all the modes that bridged mode supports, even if tcmirror mode is lower performance that bridged mode, the user should not loose when choosing an opinionated configuration. /cc @amshinde |
|
We will also need to update https://github.com/clearcontainers/runtime/blob/master/docs/architecture/architecture.md#networking with the updated networking setup once this PR goes through |
|
/test |
So having macvtap and tc mirrroring make bridged redundant. Sounds good to me. |
|
Got this on the 16.04 CI - looks like there might be some debug/rework to do here @mcastelino before we re-fire the CIs? |
There was a problem hiding this comment.
@mcastelino please split this into 2 distincts PRs. The idea of the first patch is to simplify Kata network implementation by removing unused models, and that's fine. But the second patch, which is very simple and obvious, relates to modifying the default model used. I'm not sure this falls under the same "simplification" category, and I would prefer if this was in its own PR to make sure nobody is missing this.
@mcastelino Yes the docs need to be updated with all the changes we have done recently. Let me know if you are going to take a look at that, I can take a shot at it as well. |
@sameo @mcastelino Yes, bridged mode has shown the least performance when I measured the performance of each of the modes and all networking drivers are supported between macvtap and tc, making bridged redundant. |
@grahamwhaley I love our CI. Let me retest this with macvtap any my end. |
mcastelino
dismissed stale reviews from jodh-intel, sameo, and amshinde
via
a359db4
mcastelino
force-pushed
the
topic/network-simplify
branch
2 times, most recently
from
a359db4 to
7333a66
Compare
|
@amshinde looks like our unit test case exercises path that our code will no longer take. i.e. we create the macvtap on top of bridge that serves as the parent link. I eliminated the use of bridge interface here. |
| case NetXConnectMacVtapModel: | ||
| return govmmQemu.MACVTAP | ||
| //case ModelEnlightened: |
There was a problem hiding this comment.
Note: This is already implemented implicitly today. The interconnect model is only used today when the interface cannot be directly connected to the VM. The vhost-user interface is also handed using a special case and works with only a certain class of vhost-user plugins.
So our default model is actually ModelEnlightened when running in tcFilter or macvtap mode. The none mode is the only one that does not behave this way.
/cc @amshinde
|
@amshinde - could you possibly take over this PR maybe? |
|
@jodh-intel Will do. |
amshinde
force-pushed
the
topic/network-simplify
branch
from
7333a66 to
d1336f6
Compare
|
/test |
1 similar comment
|
/test |
amshinde
force-pushed
the
topic/network-simplify
branch
from
9389435 to
64bd5c2
Compare
|
/test |
Codecov Report
@@ Coverage Diff @@
## master #1214 +/- ##
========================================
Coverage ? 52.5%
========================================
Files ? 108
Lines ? 14085
Branches ? 0
========================================
Hits ? 7396
Misses ? 5810
Partials ? 879 |
Codecov Report
@@ Coverage Diff @@
## master #1214 +/- ##
=========================================
Coverage ? 51.25%
=========================================
Files ? 110
Lines ? 15114
Branches ? 0
=========================================
Hits ? 7747
Misses ? 6410
Partials ? 957 |
|
@jodh-intel PR updated. |
|
@egernst @jodh-intel PTAL |
|
Fedora CI fail looked like a net/repo issue (failed to update) - re-triggered... |
|
Thanks @grahamwhaley. All tests have passed now. |
|
@amshinde - need one more ack - given it's heavy network nature, and the original author is mcastelino, I'll be happy if you ack this PR, and then we can merge :-) |
|
ping @mcastelino @egernst |
|
re-ping @mcastelino @egernst - CI is happy here, just needs knowledgeable reviewers... |
|
Adding "do-not-merge" until we decide to remove "bridged". This feature has been marked as deprecated in a separate PR. |
Prior to the addition of tcMirroring support kata-runtime had compatibility issues with some CNI plugins some of which were addressed by the bridged model. With the addition of tc mode there are no gaps in networking that can be filled by the bridged mode or enlightened mode (which was never implemented). Eliminate both of these options to simplify the setup. Fixes: kata-containers#1213 Signed-off-by: Manohar Castelino <[email protected]>
Since we have dropped support for bridged model, remove it from the configuration as well. Signed-off-by: Archana Shinde <[email protected]>
If the configuration for networking is missing, tcfilter will be chosen. Signed-off-by: Archana Shinde <[email protected]>
amshinde
force-pushed
the
topic/network-simplify
branch
from
64bd5c2 to
744ccd4
Compare
|
/test |
|
@kata-containers/runtime @egernst This PR is ready for review now, since we plan to remove |
|
/test |
|
I don't see a problem for s390x. |
Eliminate legacy networking models
Prior to the addition of tcMirroring support kata-runtime had compatibility issues with some CNI plugins some of which were addressed by the bridged model. With the addition of tc mode there are no gaps in networking that can be filled by the bridged mode or enlightened mode (which was never implemented).
Eliminate both of these option to simplify the setup.
Also addresses some of the simplification needed for #1113
Fixes #1213