From: "Michael S. Tsirkin" <mst@redhat.com>
To: Liran Alon <liran.alon@oracle.com>
Cc: Stephen Hemminger <stephen@networkplumber.org>,
Si-Wei Liu <si-wei.liu@oracle.com>,
Sridhar Samudrala <sridhar.samudrala@intel.com>,
Alexander Duyck <alexander.duyck@gmail.com>,
Jakub Kicinski <kubakici@wp.pl>, Jiri Pirko <jiri@resnulli.us>,
David Miller <davem@davemloft.net>,
Netdev <netdev@vger.kernel.org>,
virtualization@lists.linux-foundation.org,
boris.ostrovsky@oracle.com, vijay.balakrishna@oracle.com,
jfreimann@redhat.com, ogerlitz@mellanox.com,
vuhuong@mellanox.com
Subject: Re: [summary] virtio network device failover writeup
Date: Wed, 20 Mar 2019 06:25:01 -0400 [thread overview]
Message-ID: <20190320061632-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <79F5D7C0-BBAA-4F78-9039-27A444970002@oracle.com>
On Wed, Mar 20, 2019 at 01:25:58AM +0200, Liran Alon wrote:
>
>
> > On 19 Mar 2019, at 23:19, Michael S. Tsirkin <mst@redhat.com> wrote:
> >
> > On Tue, Mar 19, 2019 at 08:46:47AM -0700, Stephen Hemminger wrote:
> >> On Tue, 19 Mar 2019 14:38:06 +0200
> >> Liran Alon <liran.alon@oracle.com> wrote:
> >>
> >>> b.3) cloud-init: If configured to perform network-configuration, it attempts to configure all available netdevs. It should avoid however doing so on net-failover slaves.
> >>> (Microsoft has handled this by adding a mechanism in cloud-init to blacklist a netdev from being configured in case it is owned by a specific PCI driver. Specifically, they blacklist Mellanox VF driver. However, this technique doesn’t work for the net-failover mechanism because both the net-failover netdev and the virtio-net netdev are owned by the virtio-net PCI driver).
> >>
> >> Cloud-init should really just ignore all devices that have a master device.
> >> That would have been more general, and safer for other use cases.
> >
> > Given lots of userspace doesn't do this, I wonder whether it would be
> > safer to just somehow pretend to userspace that the slave links are
> > down? And add a special attribute for the actual link state.
>
> I think this may be problematic as it would also break legit use case
> of userspace attempt to set various config on VF slave.
> In general, lying to userspace usually leads to problems.
I hear you on this. So how about instead of lying,
we basically just fail some accesses to slaves
unless a flag is set e.g. in ethtool.
Some userspace will need to change to set it but in a minor way.
Arguably/hopefully failure to set config would generally be a safer
failure.
Which things to fail? Probably sending/receiving packets? Getting MAC?
More?
> If we reach
> to a scenario where we try to avoid userspace issues generically and
> not on a userspace component basis, I believe the right path should be
> to hide the net-failover slaves such that explicit action is required
> to actually manipulate them (As described in blog-post). E.g.
> Automatically move net-failover slaves by kernel to a different netns.
>
> -Liran
>
> >
> > --
> > MST
next prev parent reply other threads:[~2019-03-20 10:25 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-17 13:55 [summary] virtio network device failover writeup Michael S. Tsirkin
2019-03-19 12:38 ` Liran Alon
2019-03-19 15:46 ` Stephen Hemminger
2019-03-19 21:19 ` Michael S. Tsirkin
2019-03-19 23:25 ` Liran Alon
2019-03-20 10:25 ` Michael S. Tsirkin [this message]
2019-03-20 12:23 ` Liran Alon
2019-03-20 14:09 ` Michael S. Tsirkin
2019-03-20 21:43 ` Liran Alon
2019-03-20 22:10 ` Michael S. Tsirkin
2019-03-20 22:19 ` Liran Alon
2019-03-21 8:58 ` Michael S. Tsirkin
2019-03-21 10:07 ` Liran Alon
2019-03-21 12:37 ` Michael S. Tsirkin
2019-03-21 12:47 ` Liran Alon
2019-03-21 12:57 ` Michael S. Tsirkin
2019-03-21 13:04 ` Liran Alon
2019-03-21 13:12 ` Michael S. Tsirkin
2019-03-21 13:24 ` Liran Alon
2019-03-21 13:51 ` Michael S. Tsirkin
2019-03-21 14:16 ` Liran Alon
2019-03-21 15:15 ` Michael S. Tsirkin
2019-03-21 15:45 ` Stephen Hemminger
2019-03-21 15:50 ` Michael S. Tsirkin
2019-03-21 16:31 ` Liran Alon
2019-03-21 17:12 ` Michael S. Tsirkin
2019-03-21 17:15 ` Liran Alon
2019-03-21 15:44 ` Stephen Hemminger
2019-03-21 22:33 ` si-wei liu
2019-03-19 21:06 ` Michael S. Tsirkin
2019-03-19 23:05 ` Liran Alon
2019-03-19 21:55 ` si-wei liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190320061632-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=alexander.duyck@gmail.com \
--cc=boris.ostrovsky@oracle.com \
--cc=davem@davemloft.net \
--cc=jfreimann@redhat.com \
--cc=jiri@resnulli.us \
--cc=kubakici@wp.pl \
--cc=liran.alon@oracle.com \
--cc=netdev@vger.kernel.org \
--cc=ogerlitz@mellanox.com \
--cc=si-wei.liu@oracle.com \
--cc=sridhar.samudrala@intel.com \
--cc=stephen@networkplumber.org \
--cc=vijay.balakrishna@oracle.com \
--cc=virtualization@lists.linux-foundation.org \
--cc=vuhuong@mellanox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).