-
Notifications
You must be signed in to change notification settings - Fork 708
VPP HA
Here we describe the restart scenarios one might expect a system to support, the characteristics of VPP that need to be accounted for and a resulting recommendation for using VPP in an HA aware system.
We will use the term ‘state’ to refer to all or any configuration that the client programmes in VPP - this can be interfaces, routes, ACL, or anything else.
Mark-n-sweep is an algorithm where a user of a service declares to that service that all state that it has previously programmed is now ‘stale’ and the service marks a stale flag on all the user’s state. The user then proceeds to download new state afresh - the service will clear the stale flag from state that is updated. Once the user has completed its programming (i.e. it has converged) it issues the to the service a converged notification and the service will sweep (i.e. delete) all state that is still marked stale.
We will use the term agent to refer to an application that programmes VPP over the binary API. The agent receives the necessary information to programme VPP from the ‘control-plane’. The agent and the control-plane are separate entities whose lifetimes are not linked.
As has been repeated often on the public mailer, the CLI is not intended nor supported for use in a production system, so we do not consider it here.
in the event that VPP restarts it is necessary for the agent to download all of the state it knows about to VPP. This state will comprise two types; state that was present and correct in VPP at the moment in time when VPP restarted and new state that the agent learned whilst VPP was down. We’ll call this action ‘replay’. Note that this replay must be in the same dependency order as the state was originally added, e.g. one cannot bind an ACL to an interface that does not exist.
If the agent restarts one should not simply restart VPP. In order to be highly available, VPP and so the data-plane, should stay up and continue to forward traffic using the state that was present the moment the agent crashed - this is commonly referred to as non-stop forwarding (NSF). The clear benefit here is that although the system as a whole cannot accept new state whilst the agent is down, existing state (i.e. connections to other devices) continue to function. Again there are two types of state a newly restarted agent must consider, firstly, the state that exists in VPP (the old set) and secondly the new set of state that it is ‘replayed’ by the control-plane. The old and new set can be different either through the addition or removal of state in the new set with respect to the old. The agent therefore must perform a state reconciliation. As an example, consider a /32 route that was present in the agent and VPP at the moment the agent crashed. whilst the agent was down the control-plane removed the /32. when the agent restarts it will not relearn the /32 but must remove it from VPP.
The VPP binary API supports multiple clients (and hence multiple agents in the terms defined here), however, no state in VPP has the concept of being owned by a particular agent. Indeed in many cases state has no sense of ownership at all, so state added via the API can be removed on the CLI (FIB routes are an exception).
VPP does not support the paradigm of mark-n-sweep.
VPP does support a programmatic interface to query all its existing state, these are referred to commonly as the dump APIs.
There is a single agent that:
1) uses the binary API to programme VPP
2) has a north-bound interface to receive updates from the control-plane
no other applications use the binary API (at least not to add state).
This agent maintains a final-state data-base in non-persistent memory. Under normal operations the agent’s DB will match VPP’s. This database must maintain object (or at least object-type) dependencies.
The agent polls VPP over the binary API for liveness detection.
When the agent detects VPP is dead, since it no longer responds to polls, the agent can disconnect and reconnect to the binary API. The method by which VPP is restarted is beyond the scope of this article, we’ll just assume it is automatic. Once the connection is re-established, the agent must download all the state in its database in dependency order (e.g. interface first, then ACLs, then tables, then routes, etc).
Whilst VPP is down the agent must continue to accept updates from the control plane and add then to its database so they will be present in the replay.
When the agent restarts its first action must be to connect to VPP and retrieve (or dump) all of VPP’s state. This state is used to populate the agent’s DB and marked as stale. At this point the agents starts a ‘boot’ timer. From this point on the agent begins to accept messages from the control plane (i.e. the control plane performs a ‘replay’). All state that the control-plane updates has its stale flag cleared within the agent’s DB. If the agent is capable of issuing a ‘converged’ notification then the agent’s boot timer is not required, otherwise on expiry of the boot timer the agent will walk its DB and delete (from the DB and from VPP) any state that is still marked stale. You’ll note the similarity of this algorithm from the mark-n-sweep algorithm mentioned in the introduction. This scenario explains why it is recommended to have only one agent. If two agents were to perform this action in parallel, then they would each remove the others state and VPP would be left with nothing.
The agent represents a single, queryable oracle of truth within the system. It can disseminate information, using your favourite message bus protocol, to other applications that constitute the larger system so that, for example, they can read stats information for VPP objects.
It is not recommended to use the agent to poll for stats, since the amount of data stats produces can severely impair the throughput of programming in the agent.
The VPP object Model (VOM) is a shared library written in C++ that can be linked into a agent to provide the functions described above. VOM offers a desired state model to its clients, this means that a client constructs an object to represent the desired state in VPP (e.g. an interface or bridge-domain) and then ‘writes’ this object into VOM’s DB. VOM will then perform the necessary ‘update’ (whether it is a modification or create) to make that desired state programmed in VPP. VOM supports the notion of multiple-ownership for all the objects. If there are discrepancies in the desired state of multiply owned objects is a last update wins model). Only once an object no has owners is it deleted. The state reconciliation scenario is supported because the state learned from the initial dump is ‘owned’ by a special owner named ‘boot’. Once the boot timer expires the boot owner is removed from all state and hence if it was the only owner that state is removed. VOM maintains a static graph of object-type dependencies to ensure replay occurs I the proper order.
- VPP 2022 Make Test Use Case Poll
- VPP-AArch64
- VPP-ABF
- VPP Alternative Builds
- VPP API Concepts
- VPP API Versioning
- VPP-ApiChangeProcess
- VPP-ArtifactVersioning
- VPP-BIER
- VPP-Bihash
- VPP-BugReports
- VPP Build System Deep Dive
- VPP Build, Install, And Test Images
- VPP-BuildArtifactRetentionPolicy
- VPP-c2cpel
- VPP Code Walkthrough VoD
- VPP Code Walkthrough VoD Topic Index
- VPP Code Walkthrough VoDs
- VPP-CodeStyleConventions
- VPP-CodingTips
- VPP Command Line Arguments
- VPP Command Line Interface CLI Guide
- VPP-CommitMessages
- VPP-Committers-SMEs
- VPP-CommitterTasks-ApiFreeze
- VPP CommitterTasks Compare API Changes
- VPP-CommitterTasks-CutPointRelease
- VPP-CommitterTasks-CutRelease
- VPP-CommitterTasks-FinalReleaseCandidate
- VPP-CommitterTasks-PullThrottleBranch
- VPP-CommitterTasks-ReleasePlan
- VPP Configuration Tool
- VPP Configure An LW46 MAP E Terminator
- VPP Configure VPP As A Router Between Namespaces
- VPP Configure VPP TAP Interfaces For Container Routing
- VPP-CoreFileMismatch
- VPP-cpel
- VPP-cpeldump
- VPP-CurrentData
- VPP-DHCPKit
- VPP-DHCPv6
- VPP-DistributedOwnership
- VPP-Documentation
- VPP DPOs And Feature Arcs
- VPP EC2 Instance With SRIOV
- VPP-elog
- VPP-FAQ
- VPP Feature Arcs
- VPP-Features
- VPP-Features-IPv6
- VPP-FIB
- VPP-g2
- VPP Getting VPP 16.06
- VPP Getting VPP Release Binaries
- VPP-HA
- VPP-HostStack
- VPP-HostStack-BuiltinEchoClientServer
- VPP-HostStack-EchoClientServer
- VPP-HostStack-ExternalEchoClientServer
- VPP HostStack Hs Test
- VPP-HostStack-LDP-iperf
- VPP-HostStack-LDP-nginx
- VPP-HostStack-LDP-sshd
- VPP-HostStack-nginx
- VPP-HostStack-SessionLayerArchitecture
- VPP-HostStack-TestHttpServer
- VPP-HostStack-TestProxy
- VPP-HostStack-TLS
- VPP-HostStack-VCL
- VPP-HostStack-VclEchoClientServer
- VPP-Hotplug
- VPP How To Add A Tunnel Encapsulation
- VPP How To Build The Sample Plugin
- VPP How To Connect A PCI Interface To VPP
- VPP How To Create A VPP Binary Control Plane API
- VPP How To Deploy VPP In EC2 Instance And Use It To Connect Two Different VPCs
- VPP How To Optimize Performance %28System Tuning%29
- VPP How To Use The API Trace Tools
- VPP How To Use The C API
- VPP How To Use The Packet Generator And Packet Tracer
- VPP-Howtos
- VPP-index
- VPP Installing VPP Binaries From Packages
- VPP Interconnecting vRouters With VPP
- VPP Introduction To IP Adjacency
- VPP Introduction To N Tuple Classifiers
- VPP IP Adjacency Introduction
- VPP-IPFIX
- VPP-IPSec
- VPP IPSec And IKEv2
- VPP IPv6 SR VIRL Topology File
- VPP Java API
- VPP Java API Plugin Support
- VPP Jira Workflow
- VPP-Macswapplugin
- VPP-MakeTestFramework
- VPP-Meeting
- VPP-MFIB
- VPP Missing Prefetches
- VPP Modifying The Packet Processing Directed Graph
- VPP MPLS FIB
- VPP-NAT
- VPP Nataas Test
- VPP-OVN
- VPP Per Feature Notes
- VPP Performance Analysis Tools
- VPP-perftop
- VPP Progressive VPP Tutorial
- VPP Project Meeting Minutes
- VPP Pulling, Building, Running, Hacking And Pushing VPP Code
- VPP Pure L3 Between Namespaces With 32s
- VPP Pure L3 Container Networking
- VPP Pushing And Testing A Tag
- VPP Python API
- VPP-PythonVersionPolicy
- VPP-QuickTrexSetup
- VPP Random Hints And Kinks For KVM Usage
- VPP Release Plans Release Plan 16.09
- VPP Release Plans Release Plan 17.01
- VPP Release Plans Release Plan 17.04
- VPP Release Plans Release Plan 17.07
- VPP Release Plans Release Plan 17.10
- VPP Release Plans Release Plan 18.01
- VPP Release Plans Release Plan 18.04
- VPP Release Plans Release Plan 18.07
- VPP Release Plans Release Plan 18.10
- VPP Release Plans Release Plan 19.01
- VPP Release Plans Release Plan 19.04
- VPP Release Plans Release Plan 19.08
- VPP Release Plans Release Plan 20.01
- VPP Release Plans Release Plan 20.05
- VPP Release Plans Release Plan 20.09
- VPP Release Plans Release Plan 21.01
- VPP Release Plans Release Plan 21.06
- VPP Release Plans Release Plan 21.10
- VPP Release Plans Release Plan 22.02
- VPP Release Plans Release Plan 22.06
- VPP Release Plans Release Plan 22.10
- VPP Release Plans Release Plan 23.02
- VPP Release Plans Release Plan 23.06
- VPP Release Plans Release Plan 23.10
- VPP Release Plans Release Plan 24.02
- VPP Release Plans Release Plan 24.06
- VPP Release Plans Release Plan 24.10
- VPP Release Plans Release Plan 25.02
- VPP Release Plans Release Plan 25.06
- VPP Release Plans Release Plan 25.10
- VPP Release Plans Release Plan 26.02
- VPP Release Plans Release Plan 26.06
- VPP-RM
- VPP-SecurityGroups
- VPP Segment Routing For IPv6
- VPP Segment Routing For MPLS
- VPP Setting Up Your Dev Environment
- VPP-SNAT
- VPP Software Architecture
- VPP STN Testing
- VPP The VPP API
- VPP Training Events
- VPP-Troubleshooting
- VPP-Troubleshooting-BuildIssues
- VPP-Troubleshooting-Vagrant
- VPP Tutorial DPDK And MacSwap
- VPP Tutorial Routing And Switching
- VPP-Tutorials
- VPP Use VPP To Chain VMs Using Vhost User Interface
- VPP Use VPP To Connect VMs Using Vhost User Interface
- VPP Using mTCP User Mode TCP Stack With VPP
- VPP Using VPP As A VXLAN Tunnel Terminator
- VPP Using VPP In A Multi Thread Model
- VPP-VOM
- VPP VPP BFD Nexus
- VPP VPP Home Gateway
- VPP VPP WIKI DEPRECATED CONTENT
- VPP-VPPCommunicationsLibrary
- VPP-VPPConfig
- VPP What Is ODP4VPP
- VPP What Is VPP
- VPP Working Environments
- VPP Working With The 16.06 Throttle Branch