| Message ID | 20240225174619.18990-2-donald.hunter@gmail.com (mailing list archive) |
|---|---|
| State | RFC |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | tools/net/ynl: Add batch operations for nftables | expand |
On Sun, 25 Feb 2024 17:46:16 +0000 Donald Hunter wrote: > The nftables netlink families use batch operations for create update and > delete operations. Extend the netlink-raw schema so that operations can > be marked as batch ops. Add definitions of the begin-batch and end-batch > messages. > > The begin/end messages themselves are defined as ordinary ops, but there > are new attributes that describe the op name and parameters for the > begin/end messages. > > The section of yaml spec that defines the begin/end ops looks like this; > the newtable op is marked 'is-batch: true' so the message needs to be > wrapped with 'batch-begin(res-id: 10)' and batch-end(res-id: 10) messages: I'm not familiar with nftables nl. Can you explain what the batch ops are for and how they function? Begin / end makes it sound like some form of a transaction, is it?
Jakub Kicinski <kuba@kernel.org> writes: > On Sun, 25 Feb 2024 17:46:16 +0000 Donald Hunter wrote: >> The nftables netlink families use batch operations for create update and >> delete operations. Extend the netlink-raw schema so that operations can >> be marked as batch ops. Add definitions of the begin-batch and end-batch >> messages. >> >> The begin/end messages themselves are defined as ordinary ops, but there >> are new attributes that describe the op name and parameters for the >> begin/end messages. >> >> The section of yaml spec that defines the begin/end ops looks like this; >> the newtable op is marked 'is-batch: true' so the message needs to be >> wrapped with 'batch-begin(res-id: 10)' and batch-end(res-id: 10) messages: > > I'm not familiar with nftables nl. Can you explain what the batch ops > are for and how they function? > > Begin / end makes it sound like some form of a transaction, is it? Yes, it's handled as a transaction, containing multiple messages wrapped in BATCH_BEGIN / BATCH_END in a single skb. The transaction batching could be implemented without any schema changes by just adding multi-message capability to ynl. Then it would be the caller's responsibility to specify the right begin / end messages.
On Tue, 27 Feb 2024 16:52:40 +0000 Donald Hunter wrote: > > I'm not familiar with nftables nl. Can you explain what the batch ops > > are for and how they function? > > > > Begin / end makes it sound like some form of a transaction, is it? > > Yes, it's handled as a transaction, containing multiple messages wrapped > in BATCH_BEGIN / BATCH_END in a single skb. > > The transaction batching could be implemented without any schema changes > by just adding multi-message capability to ynl. Then it would be the > caller's responsibility to specify the right begin / end messages. That's where I was going with my questions :) Feels like we need to figure out a nice API at the library level and/or CLI. That could be more generally useful if anyone wants to save syscalls.
Jakub Kicinski <kuba@kernel.org> writes: > On Tue, 27 Feb 2024 16:52:40 +0000 Donald Hunter wrote: >> > I'm not familiar with nftables nl. Can you explain what the batch ops >> > are for and how they function? >> > >> > Begin / end makes it sound like some form of a transaction, is it? >> >> Yes, it's handled as a transaction, containing multiple messages wrapped >> in BATCH_BEGIN / BATCH_END in a single skb. >> >> The transaction batching could be implemented without any schema changes >> by just adding multi-message capability to ynl. Then it would be the >> caller's responsibility to specify the right begin / end messages. > > That's where I was going with my questions :) > Feels like we need to figure out a nice API at the library level > and/or CLI. That could be more generally useful if anyone wants > to save syscalls. Yep, I'm probably guilty of trying to put too much into the schema again. From a library API perspective, it'll need to take a list of tuples, e.g. something like this: ynl.do_multi([ (method, vals, flags), ... ]) As for the CLI, it will likely take a bit of experimentation to find a usable balance between args and json payload.
On Tue, 27 Feb 2024 17:36:29 +0000 Donald Hunter wrote: > Yep, I'm probably guilty of trying to put too much into the schema > again. > > From a library API perspective, it'll need to take a list of tuples, > e.g. something like this: > > ynl.do_multi([ (method, vals, flags), ... ]) Either that or some form of "start batch", "exec batch". And any do/dump request in between the two just gets recorded and executed at the "exec" step. Not sure what's cleaner from the user perspective. > As for the CLI, it will likely take a bit of experimentation to find a > usable balance between args and json payload. Yeah :( We may need manual walking of the args given not all do's will have an associated JSON input :(
diff --git a/Documentation/netlink/netlink-raw.yaml b/Documentation/netlink/netlink-raw.yaml index ac4e05415f2f..eb35fee44898 100644 --- a/Documentation/netlink/netlink-raw.yaml +++ b/Documentation/netlink/netlink-raw.yaml @@ -446,6 +446,11 @@ properties: i.e. requests and responses have different message enums. $ref: '#/$defs/uint' # End genetlink-legacy + # Start netlink-raw + is-batch: + description: Must be part of a message batch + type: boolean + # End netlink-raw reply: *subop-attr-list pre: description: Hook for a function to run before the main callback (pre_doit or start). @@ -469,6 +474,22 @@ properties: mcgrp: description: Name of the multicast group generating given notification. type: string + # Start netlink-raw + begin-batch: &batch-params + description: Definition of a message call for a batch message + type: object + additionalProperties: False + properties: + operation: + description: Name of the operation + type: string + parameters: + description: Parameters for the operation + type: object + items: + type: object + end-batch: *batch-params + # End netlink-raw mcast-groups: description: List of multicast groups. type: object
The nftables netlink families use batch operations for create update and delete operations. Extend the netlink-raw schema so that operations can be marked as batch ops. Add definitions of the begin-batch and end-batch messages. The begin/end messages themselves are defined as ordinary ops, but there are new attributes that describe the op name and parameters for the begin/end messages. The section of yaml spec that defines the begin/end ops looks like this; the newtable op is marked 'is-batch: true' so the message needs to be wrapped with 'batch-begin(res-id: 10)' and batch-end(res-id: 10) messages: operations: enum-model: directional begin-batch: operation: batch-begin parameters: res-id: 10 end-batch: operation: batch-end parameters: res-id: 10 list: - name: batch-begin doc: Start a batch of operations attribute-set: batch-attrs fixed-header: nfgenmsg do: request: value: 0x10 attributes: - genid reply: value: 0x10 attributes: - genid - name: batch-end doc: Finish a batch of operations attribute-set: batch-attrs fixed-header: nfgenmsg do: request: value: 0x11 attributes: - genid - name: newtable doc: Create a new table. attribute-set: table-attrs fixed-header: nfgenmsg do: request: value: 0xa00 is-batch: True attributes: - name Signed-off-by: Donald Hunter <donald.hunter@gmail.com> --- Documentation/netlink/netlink-raw.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+)