Support for External Jumbo Frames (RFD 689)#10472
Conversation
| curl -fL -o "$P5P_PATH" "$P5P_URL" | ||
|
|
||
| RC=0 | ||
| pfexec pkg install -g "$P5P_PATH" driver/network/opte || RC=$? |
There was a problem hiding this comment.
This pattern was not working for me in a4x2 with Helios 3. The new form does work.
rcgoodfellow
changed the title
FelixMcFelix
left a comment
FelixMcFelix
left a comment
There was a problem hiding this comment.
Thanks Ry, I mainly have questions around the organisation of versioned types.
| let settings = self | ||
| .db_datastore | ||
| .system_networking_settings_view(opctx) | ||
| .await?; |
There was a problem hiding this comment.
It's been a while since I've paged some of the authz stuff in, but this datastore method first checks the user has read access to the fleet. Will a user of an instance create/update endpoint necessarily have that? If not we'd need to read the value directly or construct a new OpContext at the right auth level.
This would apply to the other callsites of this function in instance.rs as well, if it needs handling.
There was a problem hiding this comment.
Good catch. Removed the fleet read requirement from system_networking_settings_view and replace with comment explaining why there is not an opctx.authorize there.
| query_params: Query< | ||
| PaginatedByNameOrId<latest::project::ProjectSelector>, | ||
| >, | ||
| ) -> Result<HttpResponseOk<ResultsPage<Instance>>, HttpError> { |
There was a problem hiding this comment.
Again I haven't been on the versioned API surface much front (having had my head in illumos-gate for so long), but the bare Instance type as contrasted with latest::instance::Instance feels like it's out of the general pattern for most other endpoints:
| ) -> Result<HttpResponseOk<ResultsPage<Instance>>, HttpError> { | |
| ) -> Result<HttpResponseOk<ResultsPage<v2025_11_20_00::instance::Instance>>, HttpError> { |
But looking into it it seems like any prior change to, e.g., fn instance_update has just exposed the bare Instance type. I don't know if this is maybe because it's the first time Instance itself has actually been updated since we started handling versioning this way?
My read on this is that we need to move external::Instance into versions::initial::instance, and then update those references.
There was a problem hiding this comment.
Yeah that's probably a better way to do it. Moved to this approach, the reference updates are most of what is expanding the footprint of this PR in the latest commit.
| let settings = self | ||
| .db_datastore | ||
| .system_networking_settings_view(opctx) | ||
| .await?; | ||
| if !settings.external_jumbo_frames_opt_in_enabled { |
There was a problem hiding this comment.
Ditto on fleet read authz.
There was a problem hiding this comment.
Handled this inside system_networking_settings_view
| let settings = self | ||
| .db_datastore | ||
| .system_networking_settings_view(opctx) | ||
| .await?; | ||
| if settings.external_jumbo_frames_opt_in_enabled { |
There was a problem hiding this comment.
Ditto on fleet read authz.
There was a problem hiding this comment.
Handled this inside system_networking_settings_view
| /// Default Ethernet MTU for external-facing OPTE ports, in bytes. Used when | ||
| /// the per-instance jumbo-frames opt-in is unset or when the fleet-wide opt-in | ||
| /// is disabled. | ||
| pub const EXTERNAL_DEFAULT_MTU: u32 = 1500; |
There was a problem hiding this comment.
We're not actually reading this anywhere. Should we be sending this down rather than None? Obviously OPTE will pick the same value, but I being explicit about this as a choice the control plane is making seems beneficial to me.
| "auto_restart_policy": { | ||
| "nullable": true, | ||
| "description": "The auto-restart policy for this instance.\n\nThis policy determines whether the instance should be automatically restarted by the control plane on failure. If this is `null`, any explicitly configured auto-restart policy will be unset, and the control plane will select the default policy when determining whether the instance can be automatically restarted.\n\nCurrently, the global default auto-restart policy is \"best-effort\", so instances with `null` auto-restart policies will be automatically restarted. However, in the future, the default policy may be configurable through other mechanisms, such as on a per-project basis. In that case, any configured default policy will be used if this is `null`.", | ||
| "description": "The auto-restart policy for this instance.", |
There was a problem hiding this comment.
It looks as though something's happened to lose the extra docs information here (and on a few more fields of Instance)?
There was a problem hiding this comment.
The extra docs are back now.
omicron/openapi/nexus/nexus-2026052000.0.0-8543ef.json
Lines 22690 to 22698 in f331e2d
Not sure what happened there. Maybe it was a consequence of the composition with serde flatten that was there before the review feedback edits?
3 participants
Implements the Omicron side of RFD 689.
Depends on:
A CLI/SDK build to drive this new functionality is here
Docs for this new feature are here
Some other fixes included here.
Testing
Lab Environment Performance
I've tested this on
berlin. When the fleet level jumbo flag is set and instances have opted into jumbo, they come up with an 8500 byte MTU in linux. The numbers I see for TCP fromberlinrunning through one of the externald4x4routers is.iperf3client)For UDP
I also tested that a pair of clients with and without jumbo enabled can communicate over both TCP and UDP.
Control Bits
The fleet-level jumbo enable and instance-level jumbo enable have been tested in combination. For an instance to have jumbo frames enabled, both the fleet level setting and the instance level setting must be set to true. I've tested all combinations of these settings with an instance restart in between changes to pick up the setting, and things behave as expected.