Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add documentation for Wireguard Threaded NAPI #9440

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add documentation for Wireguard Threaded NAPI #9440

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f6fbfc8
Add documentation for Wireguard Threaded NAPI
jrcichra Nov 4, 2024
f09fba0
Reword and format links with markdown
jrcichra Nov 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion api/pkg/apis/projectcalico/v3/felixconfig.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -775,7 +775,13 @@ type FelixConfigurationSpec struct {

// WireguardEnabledV6 controls whether Wireguard is enabled for IPv6 (encapsulating IPv6 traffic over an IPv6 underlay network). [Default: false]
WireguardEnabledV6 *bool `json:"wireguardEnabledV6,omitempty"`
// WireguardThreadingEnabled controls whether Wireguard has NAPI threading enabled. [Default: false]
// WireguardThreadingEnabled controls whether Wireguard has Threaded NAPI enabled. [Default: false]
// This increases the maximum number of packets a Wireguard interface can process.
// There is a known issue https://lore.kernel.org/netdev/CALrw=nEoT2emQ0OAYCjM1d_6Xe_kNLSZ6dhjb5FxrLFYh4kozA@mail.gmail.com/T/ with this setting
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@fasaxc I think including a link in the description text is worthwhile. But we don't seen to have anything like this currently.

[1] Are there reasons not to include a link here, or in these descriptions generally?
[2] What would be a good way to format these from source so we turn them into proper links in the site?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I converted the links to use markdown instead. If there's a way to run the docs with this version of the FelixConfigurationSpec docs embedded I can test that markdown will work.

// that may cause NAPI to get stuck holding the global `rtnl_mutex` when a peer is removed.
// Wireguard peers are removed during node reboots.
// Kernels which include this patch: https://lore.kernel.org/netdev/20240228121000.526645-2-bigeasy@linutronix.de/ are able to recover after a node drain.
// This feature should only be considered if you have high packets per second workloads that are causing dropping packets due to a saturated `softirq` CPU core.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// WireguardThreadingEnabled controls whether Wireguard has Threaded NAPI enabled. [Default: false]
// This increases the maximum number of packets a Wireguard interface can process.
// There is a known issue https://lore.kernel.org/netdev/CALrw=nEoT2emQ0OAYCjM1d_6Xe_kNLSZ6dhjb5FxrLFYh4kozA@mail.gmail.com/T/ with this setting
// that may cause NAPI to get stuck holding the global `rtnl_mutex` when a peer is removed.
// Wireguard peers are removed during node reboots.
// Kernels which include this patch: https://lore.kernel.org/netdev/20240228121000.526645-2-bigeasy@linutronix.de/ are able to recover after a node drain.
// This feature should only be considered if you have high packets per second workloads that are causing dropping packets due to a saturated `softirq` CPU core.
// WireguardThreadingEnabled controls whether Wireguard has Threaded NAPI enabled. [Default: false]
// This increases the maximum number of packets a Wireguard interface can process.
// Consider threaded NAPI only if you have high packets per second workloads that are causing dropping packets due to a saturated `softirq` CPU core.
// There is a known issue https://lore.kernel.org/netdev/CALrw=nEoT2emQ0OAYCjM1d_6Xe_kNLSZ6dhjb5FxrLFYh4kozA@mail.gmail.com/T/ with this setting
// that may cause NAPI to get stuck holding the global `rtnl_mutex` when a peer is removed.
// Workaround: Make sure your Linux kernel includes this patch: https://lore.kernel.org/netdev/20240228121000.526645-2-bigeasy@linutronix.de/.

Some edits for clarity and concision. A few other ideas:

  • If there's a patch for this, do we expect this to be fixed in most distros? For one, it would be useful to specify major distro versions that are clear (for example: run Ubuntu 20.02 or later). Second, if it's likely to get distributed widely, this note may go stale very quickly.
  • I removed a clause from your original, but I assumed you meant the same thing when you spoke of node drain and node reboot. If you intend for them to be different, let me know.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I included the Github link to the patch and it shows the tags that include the commit. It is in the main kernel so it may go stale.
Yes I meant the same thing. Your refactor of the docs looks good!

WireguardThreadingEnabled *bool `json:"wireguardThreadingEnabled,omitempty"`
// WireguardListeningPort controls the listening port used by IPv4 Wireguard. [Default: 51820]
WireguardListeningPort *int `json:"wireguardListeningPort,omitempty" validate:"omitempty,gt=0,lte=65535"`
Expand Down
2 changes: 1 addition & 1 deletion api/pkg/openapi/generated.openapi.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions felix/docs/config-params.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion felix/docs/config-params.md
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion libcalico-go/config/crd/crd.projectcalico.org_felixconfigurations.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion manifests/calico-bpf.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion manifests/calico-policy-only.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion manifests/calico-typha.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion manifests/calico-vxlan.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion manifests/calico.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion manifests/canal.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion manifests/crds.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion manifests/flannel-migration/calico.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion manifests/ocp/crd.projectcalico.org_felixconfigurations.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion manifests/operator-crds.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading