ovs实现lb负载均衡
负载均衡定义
负载均衡器的实现原理是通过硬件或软件设备将客户端访问流量根据转发策略分发到多个服务器或设备上,以确保系统的负载均衡。常见的实现方式包括:
- 二层负载均衡:使用虚拟MAC地址方式,根据OSI模型的二层进行负载均衡。
- 四层负载均衡:基于IP+端口的负载均衡,主要分析IP层及TCP/UDP层,实现四层负载均衡。
- 七层负载均衡:从应用层开始,根据虚拟的URL或IP、主机名接收请求,再转向相应的处理服务器。
二层负载均衡
- 网络设备:交换机
- 过程分析:只有当pod访问负载均衡vip且是首包的情况下匹配switch负载均衡,在group里采用select机制根据数据包五元组哈希选择一个endpoint,打上ct_mark标记,并dnat到endpoint
- ovs流表:
table=19, priority=120,ct_state=+new+trk,tcp,metadata=0x1,nw_dst=10.96.187.144,tp_dst=10001 actions=load:0->NXM_NX_XXREG0[97],load:0xa60bb90→NXM_NX_XXREG0[64..95],load:0x2711→NXM_NX_XXREG0[32..47],group:5# 在group里进行负载均衡group_id=5,type=select,selection_method=dp_hash,bucket=bucket_id:0,weight:100,actions=ct(commit,table=20,zone=NXM_NX_REG13[0..15],nat(dst=10.244.0.4:80),exec(load:0x1->NXM_NX_CT_MARK[1])),bucket=bucket_id:1,weight:100,actions=ct(commit,table=20,zone=NXM_NX_REG13[0..15],nat(dst=10.244.0.5:80),exec(load:0x1->NXM_NX_CT_MARK[1])),bucket=bucket_id:2,weight:100,actions=ct(commit,table=20,zone=NXM_NX_REG13[0..15],nat(dst=10.244.0.6:80),exec(load:0x1->NXM_NX_CT_MARK[1])),bucket=bucket_id:3,weight:100,actions=ct(commit,table=20,zone=NXM_NX_REG13[0..15],nat(dst=10.244.0.7:80),exec(load:0x1→NXM_NX_CT_MARK[1]))
- ovn流表:
# ovn-trace --ct=new node1 'inport=="ovn-poc_service-a-89c68dc96-f75t2" && eth.src== 0a:58:0a:f4:00:04 && eth.dst == 0a:58:0a:f4:00:01 && ip4.src==10.244.0.4 && ip.ttl==64 && ip4.dst==10.96.187.144 && tcp.dst==10001'
# tcp,reg14=0x3,vlan_tci=0x0000,dl_src=0a:58:0a:f4:00:04,dl_dst=0a:58:0a:f4:00:01,nw_src=10.244.0.4,nw_dst=10.96.187.144,nw_tos=0,nw_ecn=0,nw_ttl=64,tp_src=0,tp_dst=10001,tcp_flags=0ingress(dp="node1", inport="ovn-poc_service-a-89c68dc96-f75t2")
---------------------------------------------------------------0. ls_in_check_port_sec (northd.c:7727): 1, priority 50, uuid 03dc908creg0[15] = check_in_port_sec();next;4. ls_in_pre_acl (northd.c:5649): ip, priority 100, uuid df97729freg0[0] = 1;next;5. ls_in_pre_lb (northd.c:5820): ip, priority 100, uuid 1990086areg0[2] = 1;next;6. ls_in_pre_stateful (northd.c:5852): reg0[2] == 1 && ip4 && tcp, priority 120, uuid 454a1f78reg1 = ip4.dst;reg2[0..15] = tcp.dst;ct_lb_mark;ct_lb_mark
----------7. ls_in_acl_hint (northd.c:5929): ct.new && !ct.est, priority 7, uuid 24ab3fd0reg0[7] = 1;reg0[9] = 1;next;8. ls_in_acl (northd.c:6545): ip && !ct.est, priority 1, uuid 8eaca776reg0[1] = 1;next;
11. ls_in_lb (northd.c:6858): ct.new && ip4.dst == 10.96.187.144 && tcp.dst == 10001, priority 120, uuid 4bf79ca8reg0[1] = 0;reg1 = 10.96.187.144;reg2[0..15] = 10001;ct_lb_mark(backends=10.244.0.4:80,10.244.0.5:80,10.244.0.6:80,10.244.0.7:80);ct_lb_mark /* default (use --ct to customize) */
------------------------------------------------
14. ls_in_pre_hairpin (northd.c:6931): ip && ct.trk, priority 100, uuid 1328c195reg0[6] = chk_lb_hairpin();reg0[12] = chk_lb_hairpin_reply();*** chk_lb_hairpin_reply action not implementednext;
23. ls_in_l2_lkup (northd.c:8465): eth.dst == 0a:58:0a:f4:00:01, priority 50, uuid 3c5ecd19outport = "stor-node1";output;egress(dp="node1", inport="ovn-poc_service-a-89c68dc96-f75t2", outport="stor-node1")
------------------------------------------------------------------------------------0. ls_out_pre_lb (northd.c:5538): ip && outport == "stor-node1", priority 110, uuid 2d693c30next;1. ls_out_pre_acl (northd.c:5538): ip && outport == "stor-node1", priority 110, uuid c384472dnext;3. ls_out_acl_hint (northd.c:5992): ct.est && ct_mark.blocked == 0, priority 1, uuid f77da843reg0[10] = 1;next;8. ls_out_check_port_sec (northd.c:5505): 1, priority 0, uuid 4fb4d39freg0[15] = check_out_port_sec();next;9. ls_out_apply_port_sec (northd.c:5510): 1, priority 0, uuid 6d6e8323output;/* output to "stor-node1", type "patch" */ingress(dp="ovn_cluster_router", inport="rtos-node1")
-----------------------------------------------------0. lr_in_admission (northd.c:10835): eth.dst == 0a:58:0a:f4:00:01 && inport == "rtos-node1" && is_chassis_resident("cr-rtos-node1"), priority 50, uuid be29772fxreg0[0..47] = 0a:58:0a:f4:00:01;next;1. lr_in_lookup_neighbor (northd.c:10979): 1, priority 0, uuid e1a8324creg9[2] = 1;next;2. lr_in_learn_neighbor (northd.c:10988): reg9[2] == 1, priority 100, uuid 64a7073bnext;
10. lr_in_ip_routing_pre (northd.c:11214): 1, priority 0, uuid 7dd0d651reg7 = 0;next;
11. lr_in_ip_routing (northd.c:9629): ip4.dst == 10.244.0.0/24, priority 74, uuid 7546028cip.ttl--;reg8[0..15] = 0;reg0 = ip4.dst;reg1 = 10.244.0.1;eth.src = 0a:58:0a:f4:00:01;outport = "rtos-node1";flags.loopback = 1;next;
12. lr_in_ip_routing_ecmp (northd.c:11290): reg8[0..15] == 0, priority 150, uuid 95a7470dnext;
13. lr_in_policy (northd.c:11457): 1, priority 0, uuid 9fff15f1reg8[0..15] = 0;next;
14. lr_in_policy_ecmp (northd.c:11459): reg8[0..15] == 0, priority 150, uuid f7115b27next;
15. lr_in_arp_resolve (northd.c:11660): outport == "rtos-node1" && reg0 == 10.244.0.6, priority 100, uuid 5eb2a06deth.dst = 0a:58:0a:f4:00:06;next;
18. lr_in_gw_redirect (northd.c:12060): outport == "rtos-node1", priority 50, uuid a372b2faoutport = "cr-rtos-node1";next;
19. lr_in_arp_request (northd.c:12178): 1, priority 0, uuid d469dbb2output;/* Replacing type "chassisredirect" outport "cr-rtos-node1" with distributed port "rtos-node1". */egress(dp="ovn_cluster_router", inport="rtos-node1", outport="rtos-node1")
--------------------------------------------------------------------------0. lr_out_chk_dnat_local (northd.c:13442): 1, priority 0, uuid 43040472reg9[4] = 0;next;6. lr_out_delivery (northd.c:12225): outport == "rtos-node1", priority 100, uuid c027ddcdoutput;/* output to "rtos-node1", type "patch" */ingress(dp="node1", inport="stor-node1")
----------------------------------------0. ls_in_check_port_sec (northd.c:7727): 1, priority 50, uuid 03dc908creg0[15] = check_in_port_sec();next;4. ls_in_pre_acl (northd.c:5535): ip && inport == "stor-node1", priority 110, uuid dea94017next;5. ls_in_pre_lb (northd.c:5535): ip && inport == "stor-node1", priority 110, uuid 9594bbf7next;7. ls_in_acl_hint (northd.c:5992): ct.est && ct_mark.blocked == 0, priority 1, uuid 2c071dfereg0[10] = 1;next;
14. ls_in_pre_hairpin (northd.c:6931): ip && ct.trk, priority 100, uuid 1328c195reg0[6] = chk_lb_hairpin();reg0[12] = chk_lb_hairpin_reply();*** chk_lb_hairpin_reply action not implementednext;
23. ls_in_l2_lkup (northd.c:8394): eth.dst == 0a:58:0a:f4:00:06, priority 50, uuid d57c86c5outport = "ovn-poc_service-a-89c68dc96-tgkwt";output;egress(dp="node1", inport="stor-node1", outport="ovn-poc_service-a-89c68dc96-tgkwt")
------------------------------------------------------------------------------------0. ls_out_pre_lb (northd.c:5822): ip, priority 100, uuid fe121cbfreg0[2] = 1;next;1. ls_out_pre_acl (northd.c:5651): ip, priority 100, uuid 105736e5reg0[0] = 1;next;2. ls_out_pre_stateful (northd.c:5872): reg0[2] == 1, priority 110, uuid 1c6b05efct_lb_mark;ct_lb_mark /* default (use --ct to customize) */
------------------------------------------------3. ls_out_acl_hint (northd.c:5992): ct.est && ct_mark.blocked == 0, priority 1, uuid f77da843reg0[10] = 1;next;8. ls_out_check_port_sec (northd.c:5505): 1, priority 0, uuid 4fb4d39freg0[15] = check_out_port_sec();next;9. ls_out_apply_port_sec (northd.c:5510): 1, priority 0, uuid 6d6e8323output;/* output to "ovn-poc_service-a-89c68dc96-tgkwt", type "" */
二层负载均衡
- 网络设备:路由器
- 过程分析:只host访问负载均衡vip且是首包走3层router负载均衡,在group里采用select机制根据数据包五元组哈希选择一个endpoint,dnat到endpoint,再通过dnat后的网段进行路由到ovn_cluster_router,转发到pod
- ovs流表:
table=14, priority=120,ct_state=+new+trk,tcp,reg0=0xa60bb90,reg9=0x27110000/0xffff0000,metadata=0x7 actions=load:0x1->NXM_NX_REG10[3],group:6# 在group里进行负载均衡group_id=6,type=select,selection_method=dp_hash,bucket=bucket_id:0,weight:100,actions=ct(commit,table=15,zone=NXM_NX_REG11[0..15],nat(dst=10.244.0.4:80),exec(load:0x1->NXM_NX_CT_MARK[1])),bucket=bucket_id:1,weight:100,actions=ct(commit,table=15,zone=NXM_NX_REG11[0..15],nat(dst=10.244.0.5:80),exec(load:0x1->NXM_NX_CT_MARK[1])),bucket=bucket_id:2,weight:100,actions=ct(commit,table=15,zone=NXM_NX_REG11[0..15],nat(dst=10.244.0.6:80),exec(load:0x1->NXM_NX_CT_MARK[1])),bucket=bucket_id:3,weight:100,actions=ct(commit,table=15,zone=NXM_NX_REG11[0..15],nat(dst=10.244.0.7:80),exec(load:0x1->NXM_NX_CT_MARK[1]))
- ovn流表:
# ovn-trace --ct=new ext_node1 'inport=="brenp0s10_node1" && eth.src==fa:92:01:b6:d4:fd && eth.dst==fa:92:01:b6:d4:fd && ip4.src==169.254.169.2 && ip4.dst==10.96.187.144 && ip && ip.ttl==64 && tcp.dst==10001'
# tcp,reg14=0x1,vlan_tci=0x0000,dl_src=fa:92:01:b6:d4:fd,dl_dst=fa:92:01:b6:d4:fd,nw_src=169.254.169.2,nw_dst=10.96.187.144,nw_tos=0,nw_ecn=0,nw_ttl=64,tp_src=0,tp_dst=10001,tcp_flags=0ingress(dp="ext_node1", inport="brenp0s10_node1")
-------------------------------------------------0. ls_in_check_port_sec (northd.c:7727): 1, priority 50, uuid 03dc908creg0[15] = check_in_port_sec();next;5. ls_in_pre_lb (northd.c:5535): ip && inport == "brenp0s10_node1", priority 110, uuid 51131891next;
17. ls_in_arp_rsp (northd.c:7749): inport == "brenp0s10_node1", priority 100, uuid 55db24b2next;
23. ls_in_l2_lkup (northd.c:8394): eth.dst == fa:92:01:b6:d4:fd, priority 50, uuid 034b6bbeoutport = "etor-GR_node1";output;egress(dp="ext_node1", inport="brenp0s10_node1", outport="etor-GR_node1")
-------------------------------------------------------------------------0. ls_out_pre_lb (northd.c:5538): ip && outport == "etor-GR_node1", priority 110, uuid 2762bbbbnext;8. ls_out_check_port_sec (northd.c:5505): 1, priority 0, uuid 4fb4d39freg0[15] = check_out_port_sec();next;9. ls_out_apply_port_sec (northd.c:5510): 1, priority 0, uuid 6d6e8323output;/* output to "etor-GR_node1", type "l3gateway" */ingress(dp="GR_node1", inport="rtoe-GR_node1")
----------------------------------------------0. lr_in_admission (northd.c:10835): eth.dst == fa:92:01:b6:d4:fd && inport == "rtoe-GR_node1", priority 50, uuid 8b77bd84xreg0[0..47] = fa:92:01:b6:d4:fd;next;1. lr_in_lookup_neighbor (northd.c:10979): 1, priority 0, uuid e1a8324creg9[2] = 1;next;2. lr_in_learn_neighbor (northd.c:10988): reg9[2] == 1 || reg9[3] == 0, priority 100, uuid 2c666711next;5. lr_in_defrag (northd.c:10148): ip && ip4.dst == 10.96.187.144 && tcp, priority 110, uuid d7c84c30reg0 = 10.96.187.144;reg9[16..31] = tcp.dst;ct_dnat;ct_dnat /* assuming no un-dnat entry, so no change */
-----------------------------------------------------6. lr_in_dnat (northd.c:9766): ct.new && ip4 && reg0 == 10.96.187.144 && tcp && reg9[16..31] == 10001, priority 120, uuid 16accb91flags.force_snat_for_lb = 1;ct_lb_mark(backends=10.244.0.4:80,10.244.0.5:80,10.244.0.6:80,10.244.0.7:80);ct_lb_mark /* default (use --ct to customize) */
------------------------------------------------
10. lr_in_ip_routing_pre (northd.c:11214): 1, priority 0, uuid 7dd0d651reg7 = 0;next;
11. lr_in_ip_routing (northd.c:9629): reg7 == 0 && ip4.dst == 10.244.0.0/16, priority 49, uuid b99c65d6ip.ttl--;reg8[0..15] = 0;reg0 = 100.64.0.1;reg1 = 100.64.0.3;eth.src = 0a:58:64:40:00:03;outport = "rtoj-GR_node1";flags.loopback = 1;next;
12. lr_in_ip_routing_ecmp (northd.c:11290): reg8[0..15] == 0, priority 150, uuid 95a7470dnext;
13. lr_in_policy (northd.c:11457): 1, priority 0, uuid 9fff15f1reg8[0..15] = 0;next;
14. lr_in_policy_ecmp (northd.c:11459): reg8[0..15] == 0, priority 150, uuid f7115b27next;
15. lr_in_arp_resolve (northd.c:11493): ip4, priority 0, uuid 7becfca7get_arp(outport, reg0);/* MAC binding to 0a:58:64:40:00:01. */next;
19. lr_in_arp_request (northd.c:12178): 1, priority 0, uuid d469dbb2output;egress(dp="GR_node1", inport="rtoe-GR_node1", outport="rtoj-GR_node1")
----------------------------------------------------------------------0. lr_out_chk_dnat_local (northd.c:13442): 1, priority 0, uuid 43040472reg9[4] = 0;next;1. lr_out_undnat (northd.c:13462): ip, priority 50, uuid 998e6c30flags.loopback = 1;ct_dnat;ct_dnat /* assuming no un-dnat entry, so no change */
-----------------------------------------------------2. lr_out_post_undnat (northd.c:13464): ip && ct.new, priority 50, uuid 13cbb26fct_commit;next;6. lr_out_delivery (northd.c:12225): outport == "rtoj-GR_node1", priority 100, uuid 215be6d1output;/* output to "rtoj-GR_node1", type "l3gateway" */ingress(dp="join", inport="jtor-GR_node1")
------------------------------------------0. ls_in_check_port_sec (northd.c:7727): 1, priority 50, uuid 03dc908creg0[15] = check_in_port_sec();next;5. ls_in_pre_lb (northd.c:5535): ip && inport == "jtor-GR_node1", priority 110, uuid e6087be9next;
23. ls_in_l2_lkup (northd.c:8465): eth.dst == 0a:58:64:40:00:01, priority 50, uuid 6a3b96d6outport = "jtor-ovn_cluster_router";output;egress(dp="join", inport="jtor-GR_node1", outport="jtor-ovn_cluster_router")
----------------------------------------------------------------------------0. ls_out_pre_lb (northd.c:5538): ip && outport == "jtor-ovn_cluster_router", priority 110, uuid 843f9c76next;8. ls_out_check_port_sec (northd.c:5505): 1, priority 0, uuid 4fb4d39freg0[15] = check_out_port_sec();next;9. ls_out_apply_port_sec (northd.c:5510): 1, priority 0, uuid 6d6e8323output;/* output to "jtor-ovn_cluster_router", type "patch" */ingress(dp="ovn_cluster_router", inport="rtoj-ovn_cluster_router")
------------------------------------------------------------------0. lr_in_admission (northd.c:10835): eth.dst == 0a:58:64:40:00:01 && inport == "rtoj-ovn_cluster_router", priority 50, uuid 4a2c861fxreg0[0..47] = 0a:58:64:40:00:01;next;1. lr_in_lookup_neighbor (northd.c:10979): 1, priority 0, uuid e1a8324creg9[2] = 1;next;2. lr_in_learn_neighbor (northd.c:10988): reg9[2] == 1, priority 100, uuid 64a7073bnext;
10. lr_in_ip_routing_pre (northd.c:11214): 1, priority 0, uuid 7dd0d651reg7 = 0;next;
11. lr_in_ip_routing (northd.c:9629): ip4.dst == 10.244.0.0/24, priority 74, uuid 7546028cip.ttl--;reg8[0..15] = 0;reg0 = ip4.dst;reg1 = 10.244.0.1;eth.src = 0a:58:0a:f4:00:01;outport = "rtos-node1";flags.loopback = 1;next;
12. lr_in_ip_routing_ecmp (northd.c:11290): reg8[0..15] == 0, priority 150, uuid 95a7470dnext;
13. lr_in_policy (northd.c:11457): 1, priority 0, uuid 9fff15f1reg8[0..15] = 0;next;
14. lr_in_policy_ecmp (northd.c:11459): reg8[0..15] == 0, priority 150, uuid f7115b27next;
15. lr_in_arp_resolve (northd.c:11660): outport == "rtos-node1" && reg0 == 10.244.0.4, priority 100, uuid 98d8234deth.dst = 0a:58:0a:f4:00:04;next;
18. lr_in_gw_redirect (northd.c:12060): outport == "rtos-node1", priority 50, uuid a372b2faoutport = "cr-rtos-node1";next;
19. lr_in_arp_request (northd.c:12178): 1, priority 0, uuid d469dbb2output;/* Replacing type "chassisredirect" outport "cr-rtos-node1" with distributed port "rtos-node1". */egress(dp="ovn_cluster_router", inport="rtoj-ovn_cluster_router", outport="rtos-node1")
---------------------------------------------------------------------------------------0. lr_out_chk_dnat_local (northd.c:13442): 1, priority 0, uuid 43040472reg9[4] = 0;next;6. lr_out_delivery (northd.c:12225): outport == "rtos-node1", priority 100, uuid c027ddcdoutput;/* output to "rtos-node1", type "patch" */ingress(dp="node1", inport="stor-node1")
----------------------------------------0. ls_in_check_port_sec (northd.c:7727): 1, priority 50, uuid 03dc908creg0[15] = check_in_port_sec();next;4. ls_in_pre_acl (northd.c:5535): ip && inport == "stor-node1", priority 110, uuid dea94017next;5. ls_in_pre_lb (northd.c:5535): ip && inport == "stor-node1", priority 110, uuid 9594bbf7next;7. ls_in_acl_hint (northd.c:5992): ct.est && ct_mark.blocked == 0, priority 1, uuid 2c071dfereg0[10] = 1;next;
14. ls_in_pre_hairpin (northd.c:6931): ip && ct.trk, priority 100, uuid 1328c195reg0[6] = chk_lb_hairpin();reg0[12] = chk_lb_hairpin_reply();*** chk_lb_hairpin_reply action not implementednext;
23. ls_in_l2_lkup (northd.c:8394): eth.dst == 0a:58:0a:f4:00:04, priority 50, uuid 50aab262outport = "ovn-poc_service-a-89c68dc96-f75t2";output;egress(dp="node1", inport="stor-node1", outport="ovn-poc_service-a-89c68dc96-f75t2")
------------------------------------------------------------------------------------0. ls_out_pre_lb (northd.c:5822): ip, priority 100, uuid fe121cbfreg0[2] = 1;next;1. ls_out_pre_acl (northd.c:5651): ip, priority 100, uuid 105736e5reg0[0] = 1;next;2. ls_out_pre_stateful (northd.c:5872): reg0[2] == 1, priority 110, uuid 1c6b05efct_lb_mark;ct_lb_mark /* default (use --ct to customize) */
------------------------------------------------3. ls_out_acl_hint (northd.c:5992): ct.est && ct_mark.blocked == 0, priority 1, uuid f77da843reg0[10] = 1;next;8. ls_out_check_port_sec (northd.c:5505): 1, priority 0, uuid 4fb4d39freg0[15] = check_out_port_sec();next;9. ls_out_apply_port_sec (northd.c:5510): 1, priority 0, uuid 6d6e8323output;/* output to "ovn-poc_service-a-89c68dc96-f75t2", type "" */
hairpin(特殊场景lb)
- 网络设备:交换机
- 过程分析:当pod访问serviceIP,经过负载均衡后的endpoint是自己时,snat将源ip改为vip,源目mac互换,跳过2层转发回到源pod,此过程在switch即可完成,不需要再经过router
- ovs流表:
table=22, priority=100,ct_state=+trk,ip,metadata=0x1 actions=load:0->NXM_NX_REG10[7],resubmit(,68),move:NXM_NX_REG10[7]→NXM_NX_XXREG0[102],load:0→NXM_NX_REG10[7],resubmit(,69),move:NXM_NX_REG10[7]→NXM_NX_XXREG0[108],resubmit(,23)
table=68, priority=100,ct_mark=0x2/0x2,tcp,reg1=0xa60b85f,reg2=0x2711/0xffff,nw_src=10.244.0.4,nw_dst=10.244.0.4,tp_dst=80 actions=load:0x1->NXM_NX_REG10[7],learn(table=69,delete_learned,cookie=0x8a0b4179,OXM_OF_METADATA[],eth_type=0x800,NXM_OF_IP_SRC[],ip_dst=10.96.184.95,nw_proto=6,NXM_OF_TCP_SRC[]=NXM_OF_TCP_DST[],load:0x1→NXM_NX_REG10[7])
- ovn流表:
# ovn-trace --ct=new node1 'inport=="ovn-poc_service-a-89c68dc96-fm272" && eth.src== 0a:58:0a:f4:00:04 && eth.dst == 0a:58:0a:f4:00:01 && ip4.src==10.244.0.4 && ip.ttl==64 && ip4.dst==10.96.184.95 && tcp.dst==10001'
2023-11-16T02:15:46Z|00001|ovntrace|WARN|ovn-poc_service-a-89c68dc96-f75t2: unknown logical port
2023-11-16T02:15:46Z|00002|ovntrace|WARN|ovn-poc_service-a-89c68dc96-f75t2: unknown logical port
# tcp,reg14=0x3,vlan_tci=0x0000,dl_src=0a:58:0a:f4:00:04,dl_dst=0a:58:0a:f4:00:01,nw_src=10.244.0.4,nw_dst=10.96.184.95,nw_tos=0,nw_ecn=0,nw_ttl=64,tp_src=0,tp_dst=10001,tcp_flags=0ingress(dp="node1", inport="ovn-poc_service-a-89c68dc96-fm272")
---------------------------------------------------------------0. ls_in_check_port_sec (northd.c:7727): 1, priority 50, uuid 03dc908creg0[15] = check_in_port_sec();next;4. ls_in_pre_acl (northd.c:5649): ip, priority 100, uuid df97729freg0[0] = 1;next;5. ls_in_pre_lb (northd.c:5820): ip, priority 100, uuid 1990086areg0[2] = 1;next;6. ls_in_pre_stateful (northd.c:5852): reg0[2] == 1 && ip4 && tcp, priority 120, uuid 454a1f78reg1 = ip4.dst;reg2[0..15] = tcp.dst;ct_lb_mark;ct_lb_mark
----------7. ls_in_acl_hint (northd.c:5929): ct.new && !ct.est, priority 7, uuid 24ab3fd0reg0[7] = 1;reg0[9] = 1;next;8. ls_in_acl (northd.c:6545): ip && !ct.est, priority 1, uuid 8eaca776reg0[1] = 1;next;
11. ls_in_lb (northd.c:6858): ct.new && ip4.dst == 10.96.184.95 && tcp.dst == 10001, priority 120, uuid 6b816103reg0[1] = 0;reg1 = 10.96.184.95;reg2[0..15] = 10001;ct_lb_mark(backends=10.244.0.4:80);ct_lb_mark /* default (use --ct to customize) */
------------------------------------------------
14. ls_in_pre_hairpin (northd.c:6931): ip && ct.trk, priority 100, uuid 1328c195reg0[6] = chk_lb_hairpin();reg0[12] = chk_lb_hairpin_reply();*** chk_lb_hairpin_reply action not implementednext;
15. ls_in_nat_hairpin (northd.c:6940): ip && ct.new && ct.trk && reg0[6] == 1, priority 100, uuid 89e48276ct_snat_to_vip;*** ct_snat_to_vip action not implementednext;
16. ls_in_hairpin (northd.c:6965): (reg0[6] == 1 || reg0[12] == 1), priority 1, uuid 4680c239eth.dst <-> eth.src;outport = inport;flags.loopback = 1;output;egress(dp="node1", inport="ovn-poc_service-a-89c68dc96-fm272", outport="ovn-poc_service-a-89c68dc96-fm272")
-----------------------------------------------------------------------------------------------------------0. ls_out_pre_lb (northd.c:5822): ip, priority 100, uuid fe121cbfreg0[2] = 1;next;1. ls_out_pre_acl (northd.c:5651): ip, priority 100, uuid 105736e5reg0[0] = 1;next;2. ls_out_pre_stateful (northd.c:5872): reg0[2] == 1, priority 110, uuid 1c6b05efct_lb_mark;ct_lb_mark /* default (use --ct to customize) */
------------------------------------------------3. ls_out_acl_hint (northd.c:5992): ct.est && ct_mark.blocked == 0, priority 1, uuid f77da843reg0[10] = 1;next;8. ls_out_check_port_sec (northd.c:5505): 1, priority 0, uuid 4fb4d39freg0[15] = check_out_port_sec();next;9. ls_out_apply_port_sec (northd.c:5510): 1, priority 0, uuid 6d6e8323output;/* output to "ovn-poc_service-a-89c68dc96-fm272", type "" */
相关文章:
ovs实现lb负载均衡
负载均衡定义 负载均衡器的实现原理是通过硬件或软件设备将客户端访问流量根据转发策略分发到多个服务器或设备上,以确保系统的负载均衡。常见的实现方式包括: 二层负载均衡:使用虚拟MAC地址方式,根据OSI模型的二层进行负载均…...
机器学习-核函数(Kernel Function)
核函数(Kernel Function)是一种数学函数,主要用于将数据映射到一个更高维的特征空间,以便于在这个新特征空间中更容易找到数据的结构或模式。核函数的主要作用是在不需要显式计算高维特征空间的情况下,通过内积操作来实…...
计算最接近的数
计算最接近的数 真题目录: 点击去查看 E B卷 100分题型 题目描述 给定一个数组X和正整数K,请找出使表达式: X[i] - X[i 1] - … - X[i K - 1] 结果最接近于数组中位数的下标 i ,如果有多个 i 满足条件,请返回最大的 i. 其中&…...
【QNX】QNX侧查看内存信息的方法
在QNX实时操作系统中,🉑查看内存信息的方法有showmem、pidin、top以及hogs等👇🏻。 ① showmem 🦋🦋🦋showmem可用于显示进程的内存使用情况。 🦋🦋🦋通过…...
逐笔成交逐笔委托Level2高频数据下载和分析:20250121
逐笔成交逐笔委托下载 链接: https://pan.baidu.com/s/15NI2zLXYiczrUMQtwHgUrg?pwdbeiu 提取码: beiu Level2逐笔成交逐笔委托数据分享下载 通过Level2的逐笔成交与委托记录,这种高精度的毫秒级数据能够洞察诸多重要信息,包括庄家目的、误导性行为&am…...
AutoSar架构学习笔记
1.AUTOSAR(Automotive Open System Architecture,汽车开放系统架构)是一个针对汽车行业的软件架构标准,旨在提升汽车电子系统的模块化、可扩展性、可重用性和互操作性。AUTOSAR的目标是为汽车电子控制单元(ECU…...
2024年智慧消防一体化安全管控年度回顾与2025年预测
随着科技的飞速发展,智慧营区一体化安全管控在2024年取得了显著进展,同时也为2025年的发展奠定了坚实基础。 2024年年度回顾 政策支持力度持续加大:国家对消防安全的重视程度不断提高,出台了一系列涵盖技术创新、市场应用、人才培…...
基于单片机的智能台灯设计
摘要: 方向和亮度,采用的是手动调节。而对于儿童来说,他们通常不知道如何调整以及调整到何种程度。本文设计了一款智能台灯,当有人的 台灯是用于阅读学习而设计使用的灯,一般台灯用的灯泡是白炽灯、节能灯泡以及市面上流行的护眼台灯,可以调节高度、光照的时候,可以根据…...
)
HJ108 求最小公倍数(Java版本)
一、试题地址 求最小公倍数_牛客题霸_牛客网 二、试题描述 描述 对于给定的两个正整数 a,b,它们的最小公倍数 lcm(a,b) 是指能同时被 a 和 b 整除的最小正整数。 求解 lcm(a,b)。 输入描述: 在一行上输入两个整数 a,b(1≦a,b≦105)。 输出描述…...
使用tritonserver完成clip-vit-large-patch14图像特征提取模型的工程化。
1、关于clip-vit-large-patch14模型 关于openapi开源的clip-vit-large-patch14模型的特征提取,可以参考之前的文章:Elasticsearch向量检索需要的数据集以及768维向量生成这篇文章详细介绍了模型的下载地址、使用方式、测试脚本,可以让你一步…...
实操演练第003讲-数据通途:客户端连接SQL Server的完美攻略
SQL Server简介 基本概念 SQL Server是由微软公司开发的关系型数据库管理系统。它基于SQL(Structured Query Language,结构化查询语言)来管理和操作数据。SQL Server可以存储大量结构化数据,如客户信息、订单记录、库存数据等&a…...
golang接口
1.概念 golang接口是一个动态类型和动态值的集合,定义了对象的行为,不指定实现。只要一个类型定义了接口全部的方法,就可被认为是实现接口 **动态类型:**实现接口的具体数据类型 **动态值:**实现接口的数据的值或者引…...
LeetCode:37. 解数独
跟着carl学算法,本系列博客仅做个人记录,建议大家都去看carl本人的博客,写的真的很好的! 代码随想录 LeetCode:37. 解数独 编写一个程序,通过填充空格来解决数独问题。 数独的解法需 遵循如下规则ÿ…...
数据结构与算法之递归: LeetCode 37. 解数独 (Ts版)
解数独 https://leetcode.cn/problems/sudoku-solver/description/ 描述 编写一个程序,通过填充空格来解决数独问题数独的解法需 遵循如下规则: 数字 1-9 在每一行只能出现一次数字 1-9 在每一列只能出现一次数字 1-9 在每一个以粗实线分隔的 3x3 宫内…...
【氮化镓】香港科技大学陈Kevin-单片集成GaN比较器
一、引言(Introduction) GaN HEMT的重要性 文章开篇便强调了氮化镓(GaN)高电子迁移率晶体管(HEMT)在下一代功率转换系统中的巨大潜力。GaN HEMT具备高开关频率、低导通电阻、高击穿电压以及宽工作温度范围等优势,使其成为功率电子领域的热门研究对象。这些特性使得GaN…...
axios的使用总结
一、Axios 简介 Axios 是一个基于 Promise 的 HTTP 客户端,用于浏览器和 Node.js。在 Vue 项目中,它主要用于发送 HTTP 请求来获取数据(如从 API 获取数据)或者提交数据(如用户登录、注册等表单数据)。 二…...
革新未来:高效智能数字人技术引领多元化应用
随着科技的不断进步,数字人技术已逐渐成为企业数字化转型中的重要工具。数字人不仅能够优化客户体验,还可以显著提升企业运营效率。本文将详细介绍一种高性能、高质量、低延迟、快速响应以及安全稳定的数字人技术方案,帮助企业在多元化场景中…...
使用批处理文件清除系统垃圾
第一步:打开记事本,里面的命令如下 echo off echo 正在清理临时文件,请稍候...:: 清理系统临时文件 echo 清理系统临时文件... del /q /f /s "%TEMP%\*.*" del /q /f /s "%WINDIR%\Temp\*.*" rd /s /q "%WINDIR%\T…...
总结5..
#include<stdio.h> struct nb {//结构体列队 int x, y;//x为横坐标,y为纵坐标 int s, f;//s为步数,//f为方向 }link[850100]; int n, m, x, y, p, q, f; int hard 1, tail 1; int a[52][52], b[52][52], book[52][52][91]; int main() { …...
Java 在包管理与模块化中的优势:与其他开发语言的比较
在开发复杂的、规模庞大的软件系统时,包管理和模块化设计起着至关重要的作用。它们不仅决定了代码的组织和可维护性,还直接影响到团队协作效率、扩展性和性能。在众多编程语言中,Java 凭借其成熟的生态系统、强类型系统和标准化的包管理机制&…...
day52 ResNet18 CBAM
在深度学习的旅程中,我们不断探索如何提升模型的性能。今天,我将分享我在 ResNet18 模型中插入 CBAM(Convolutional Block Attention Module)模块,并采用分阶段微调策略的实践过程。通过这个过程,我不仅提升…...
【磁盘】每天掌握一个Linux命令 - iostat
目录 【磁盘】每天掌握一个Linux命令 - iostat工具概述安装方式核心功能基础用法进阶操作实战案例面试题场景生产场景 注意事项 【磁盘】每天掌握一个Linux命令 - iostat 工具概述 iostat(I/O Statistics)是Linux系统下用于监视系统输入输出设备和CPU使…...
Java 加密常用的各种算法及其选择
在数字化时代,数据安全至关重要,Java 作为广泛应用的编程语言,提供了丰富的加密算法来保障数据的保密性、完整性和真实性。了解这些常用加密算法及其适用场景,有助于开发者在不同的业务需求中做出正确的选择。 一、对称加密算法…...
QT: `long long` 类型转换为 `QString` 2025.6.5
在 Qt 中,将 long long 类型转换为 QString 可以通过以下两种常用方法实现: 方法 1:使用 QString::number() 直接调用 QString 的静态方法 number(),将数值转换为字符串: long long value 1234567890123456789LL; …...
Java 二维码
Java 二维码 **技术:**谷歌 ZXing 实现 首先添加依赖 <!-- 二维码依赖 --><dependency><groupId>com.google.zxing</groupId><artifactId>core</artifactId><version>3.5.1</version></dependency><de…...
基于TurtleBot3在Gazebo地图实现机器人远程控制
1. TurtleBot3环境配置 # 下载TurtleBot3核心包 mkdir -p ~/catkin_ws/src cd ~/catkin_ws/src git clone -b noetic-devel https://github.com/ROBOTIS-GIT/turtlebot3.git git clone -b noetic https://github.com/ROBOTIS-GIT/turtlebot3_msgs.git git clone -b noetic-dev…...
嵌入式常见 CPU 架构
架构类型架构厂商芯片厂商典型芯片特点与应用场景PICRISC (8/16 位)MicrochipMicrochipPIC16F877A、PIC18F4550简化指令集,单周期执行;低功耗、CIP 独立外设;用于家电、小电机控制、安防面板等嵌入式场景8051CISC (8 位)Intel(原始…...
Python 训练营打卡 Day 47
注意力热力图可视化 在day 46代码的基础上,对比不同卷积层热力图可视化的结果 import torch import torch.nn as nn import torch.optim as optim from torchvision import datasets, transforms from torch.utils.data import DataLoader import matplotlib.pypl…...
五子棋测试用例
一.项目背景 1.1 项目简介 传统棋类文化的推广 五子棋是一种古老的棋类游戏,有着深厚的文化底蕴。通过将五子棋制作成网页游戏,可以让更多的人了解和接触到这一传统棋类文化。无论是国内还是国外的玩家,都可以通过网页五子棋感受到东方棋类…...
rm视觉学习1-自瞄部分
首先先感谢中南大学的开源,提供了很全面的思路,减少了很多基础性的开发研究 我看的阅读的是中南大学FYT战队开源视觉代码 链接:https://github.com/CSU-FYT-Vision/FYT2024_vision.git 1.框架: 代码框架结构:readme有…...