From: Stefan Hanreich <s.hanreich@proxmox.com>
To: Stoiko Ivanov <s.ivanov@proxmox.com>,
Thomas Lamprecht <t.lamprecht@proxmox.com>
Cc: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Subject: Re: [pve-devel] [PATCH pve-network 1/1] frr: enable frr service on reloading the controller config
Date: Tue, 8 Apr 2025 21:46:10 +0200 (CEST) [thread overview]
Message-ID: <1069087022.1570.1744141570375@webmail.proxmox.com> (raw)
In-Reply-To: <20250408214228.0828b3d0@rosa.proxmox.com>
> On 08.04.2025 21:42 CEST Stoiko Ivanov <s.ivanov@proxmox.com> wrote:
>
>
> On Tue, 8 Apr 2025 20:43:17 +0200
> Thomas Lamprecht <t.lamprecht@proxmox.com> wrote:
>
> > On 08/04/2025 18:32, Stefan Hanreich wrote:
> > > Since we now ship frr with Proxmox VE, the frr service is available on
> > > the nodes but disabled on install. Prior to that users had to manually
> > > install frr, which automatically enabled the service. When applying a
> > > SDN configuration with an EVPN controller, we invoke systemctl restart
> > > frr, which leads to the service running but still being in the
> > > disabled state. This means that the EVPN setup is working until the
> > > next reboot. To avoid the situation where users configure an EVPN
> > > controller and everything seems to be working, until a restart breaks
> > > the EVPN setup, additionally enable the frr service before restarting
> > > it.
> > >
> > > Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> > > ---
> > > src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 1 +
> > > 1 file changed, 1 insertion(+)
> > >
> > > diff --git a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> > > index c245ea2..4249cc5 100644
> > > --- a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> > > +++ b/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
> > > @@ -638,6 +638,7 @@ sub reload_controller {
> > > };
> > > if ($@) {
> > > warn "frr reload command fail. Restarting frr.";
> > > + run_command(['systemctl', 'enable', 'frr']);
> >
> > can we guard this with an file exists check for
> > "/etc/systemd/system/multi-user.target.wants/frr.service"? Not a must, but does
> > not feel right to unconditionally call systemctl enable.
> while talking off-list with Gabriel and Stefan I argued that `systemctl
> is-enabled` probably costs as much as running `systemctl enable` for a
> service (open socket - tell pid 1 to do stuff, wait for result) - so
> now took the time to look into it (with strace, and ignoring what pid 1
> does) - in this case the output of `strace -yyttf systemctl enable frr`
> vs. `strace -yyttf systemctl is-enabled frr` is around 2.5 orders of
> magnitude (58k vs 9.9M) - and even for a service which does not ship an
> init-script anymore (thus causing a few forks for systemd-sysv-install),
> it's 56k vs 3.3M.
>
> in any-case a `-e /etc/systemd/system/multi-user.target.wants/frr.service`
> is probably the most economic version.
> I tried figuring out if this check could break due to external
> cirumstances - if the service is started as part of a target and that
> target is pulled into multi-user.target - the symlink is not present
> (e.g. zfs-zed) - but even then we'd fall back to the "expensive" enabling.
>
> summing up - the existence check seems sensible to me as well.
It certainly wouldn't hurt and your points sound sensible, I'll send
a v2 early tomorrow. Thanks for looking into this further!
> >
> > > eval { run_command(['systemctl', 'restart', 'frr']); };
> > > }
> > > }
> >
> >
> >
> > _______________________________________________
> > pve-devel mailing list
> > pve-devel@lists.proxmox.com
> > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
> >
> >
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-04-08 19:46 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-08 16:32 [pve-devel] [PATCH docs/network 0/2] improve behavior of frr service when pre-installed Stefan Hanreich
2025-04-08 16:32 ` [pve-devel] [PATCH pve-network 1/1] frr: enable frr service on reloading the controller config Stefan Hanreich
2025-04-08 18:43 ` Thomas Lamprecht
2025-04-08 19:39 ` Stefan Hanreich
2025-04-08 19:42 ` Stoiko Ivanov
2025-04-08 19:46 ` Stefan Hanreich [this message]
2025-04-08 16:32 ` [pve-devel] [PATCH pve-docs 1/1] sdn: frr update documentation for installing frr package Stefan Hanreich
2025-04-08 16:59 ` [pve-devel] [PATCH docs/network 0/2] improve behavior of frr service when pre-installed Stefan Hanreich
2025-04-08 17:07 ` Friedrich Weber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1069087022.1570.1744141570375@webmail.proxmox.com \
--to=s.hanreich@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
--cc=s.ivanov@proxmox.com \
--cc=t.lamprecht@proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal