| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The _Server database is valuable primarily because it provides database
clients a way to find out the details of changes to databases, schemas,
etc. in a granular, natural way. Until now, the only way that the server
could notify clients about these kinds of changes was to close the session;
when the client reconnects, it is expected to reassess the server's state.
One way to provide this kind of granular information would be to add
specific JSON-RPC requests to obtain notifications for different kinds of
changes, but since ovsdb-server already provides granular and flexible
notification support for databases, using a database for the purpose is
convenient and avoids duplicating functionality.
Initially this database only reports databases' names and schemas, but
when clustering support is added in a later commit it will also report
important aspects of clustering and cluster status. Thus, this database
also reduces the need to add JSON-RPC calls to retrieve information about
new features.
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
| |
Signed-off-by: Justin Pettit <jpettit@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, on installation or upgrade the openvswitch-switch deb package
will in some circumstances modify a pre-existing
/etc/default/openvswitch-switch configuration file.
This does not play well with modeling and configuration management tools
and may lead to unnecessary restarts of the openvswitch-switch service
after the initial restart done as part of the package upgrade. As
restarting the openvswitch-switch affects the datapath this is
something we should try to avoid.
I also believe the current behaviour to be in conflict with best practices
set out in the config files section of the
[Debian Policy](https://www.debian.org/doc/debian-policy/#s-config-files).
This commit addresses this by removing the part of the postinst script
that attempts to append missing documentation parts of the template
and leaves the installed defaults file alone when it exists.
Fixes: 0aaa379d99f4 ("Debian packaging: Add several new settings to /etc/default/openflow-switch.")
Signed-off-by: Frode Nordahl <frode.nordahl@gmail.com>
Reported-at: https://github.com/openvswitch/ovs-issues/issues/137
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
| |
Signed-off-by: Justin Pettit <jpettit@ovn.org>
|
| |
|
|
| |
Signed-off-by: Justin Pettit <jpettit@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Presently, logrotate script, searches for the pid files in /var/log/openvswitch
and passes the pid file name (without .pid) as target to ovs-appctl. This approach
doesn't work for OVN DB servers since the ctl files are generated as "ovnnb_db.ctl"
and "ovnsb_db.ctl". So search for the .ctl files instead and use them as target to
ovs-appctl.
Suggested-by: Ben Pfaff <blp@ovn.org>
Signed-off-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Mark Michelson <mmichels@redhat.com>
|
| |
|
|
|
| |
Signed-off-by: Ben Pfaff <blp@ovn.org>
Signed-off-by: Justin Pettit <jpettit@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Given that it is libopenvswitch-dev not libopenvswitch that depends on
libssl-dev, this patch updates debian/control file to reflect that
libopenvswitch-dev depends on libssl-dev, and libopenvswitch depends
on openssl.
Tested on Ubuntu 16.04 and 14.04.
VMWare-BZ: #1953215
CC: Ben Warren <ben@skyportsystems.com>
Fixes: c33e9122dbc3 ("Debian: Rework libopenvswitch packages")
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Acked-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
We had a note about the issues with adding OVS interfaces
in the "auto" section. This commit clarifies what an
"auto" section is and also adds another note about
how adding OVS bridges in the "auto" section can cause
race conditions with systemd.
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
| |
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
| |
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For a while, ubuntu used upstart scripts as an alternative
for sysv scripts. For e.g popular releases like ubuntu12.04
and ubuntu14.04 have upstart infrastructure. From Ubuntu16.04,
they have moved to systemd.
Ubuntu maintainers have a fork of openvswitch packages with
upstart scripts. When a user installs openvswitch-switch
package on a ubuntu 14.04 with 'apt-get install openvswitch-switch',
two upstart files are added to /etc/init directory.
Now, when the same user builds debian packages from this repo
and then installs them, the older upstart files don't get
deleted. What this means is that a command like
'invoke-rc.d openvswitch-switch restart' calls initctl scripts
instead of sysv script that this repo provides. In our sysv
scripts we have logic to carefully upgrade kernel module and
save openflow flows. This breaks the intent of the package from
this repo.
This commit deletes any stale upstart files that have remained
in the system.
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
| |
There was some inconsistency with some tabs and some spaces
used.
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
| |
debhelper provides helpers to get parts of the version number, including
this part which was until now figured out in an open-coded way.
Signed-off-by: Clint Byrum <clint@fewbar.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
| |
This puts all libraries and pkg-config files in architecture-specific
directories for easier cross-compiling.
Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'openvswitch-common' package did not work well with cross-compiling
since it required Python. This package is broken into two packages as
follows:
- libopenvwitch: contains library files (.a, .so)
- openvswitch-common: depends on libopenvswitch, contains command-line
tools such as ovs-ofctl, ovs-appctl etc.
In addition, this 'openvswitch-dev' library is renamed to
'libopenvswitch-dev' to align more closely with Debian policy. It
depends on libopenvswitch.
Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
|
| |
Current versions of systemd in Debian Stretch use
SYSTEMCTL_SKIP_REDIRECT instead of _SYSTEMCTL_SKIP_REDIRECT.
Provide both variables in the .init files.
Signed-off-by: Raymond Burkholder <ray@oneunified.net>
Suggested-by: Guru Shetty <guru@ovn.org>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 618a5b45ae8b ("rhel: Avoid logrotate error if /var/run/openvswitch
does not exist") updated the RHEL logrotate configuration. This commit
makes similar changes for Debian, by synchronizing with the RHEL version.
In particular:
- Indent to match logrotate.conf(5) examples.
- Use "sharedscripts" flag, because the postrotate script only needs to
run once regardless of the number of rotations.
- Drop "delaycompress", because the postrotate script does make daemons
reopen their log files.
- Ignore errors calling vlog/reopen.
Also make similar changes to the xenserver logrotate script. I confirmed
via Twitter that the xenserver packaging still has users.
CC: Timothy Redaelli <tredaelli@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Gurucharan Shetty <guru@ovn.org>
|
| |
|
|
|
| |
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's start with a simple one that lets us focus on setting up most of
the required "infrastructure" for building man pages using Sphinx.
This changes the 'check-htmldocs' target to 'check-docs' as its now
responsible for building man page docs too.
Other than that, hurrah for (mostly) legible syntaxes.
[1] http://www.tldp.org/HOWTO/Man-Page/q2.html
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Usually, when the name of a manpage has a two-letter extension, it means
that the manpage is written in the language designated by that language
code.
Reported-by: Michael Stapelberg <stapelberg@debian.org>
Reported-at: https://bugs.debian.org/850631
Signed-off-by: Ben Pfaff <blp@ovn.org>
Tested-by: nickcooper-zhangtonghao <nic@opencloud.tech>
|
| |
|
|
|
|
|
|
|
|
| |
Some debian distribution may not contain the ifconfig.
We use the ip command instead of ifconfig in debian/ifupdown.sh
Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2017-March/329503.html
CC: prochazka <prochazka@cortex.cz>
Signed-off-by: nickcooper-zhangtonghao <nic@opencloud.tech>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
| |
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
| |
Signed-off-by: Mickey Spiegel <mickeys.dev@gmail.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
"make clean" should remove all files generated by building a program, while
"make distclean" should also remove files generated by configuring the
program. Previously some generated files during the build process, such
as man pages, were left behind when "make clean" was run. This commit
only leaves configuration files after "make clean" is run, and removes
all other generated files.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
| |
Remove the experimental warning tag in documentation regarding OVS deployed
with DPDK.
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Acked-by: Kevin Traynor <ktraynor@redhat.com>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
|
| |
|
|
| |
Signed-off-by: Justin Pettit <jpettit@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The Debian packages for OVS have only supported Linux so far, but the
ovn-docker package was mistakenly marked as Architecture: any instead
of linux-any, which caused build failures. This fixes the problem.
(Perhaps OVS packaging for Debian should also support BSD, but that
would be a bigger change.)
Reported-at: https://buildd.debian.org/status/fetch.php?pkg=openvswitch&arch=kfreebsd-amd64&ver=2.6.2%7Epre%2Bgit20161223-1&stamp=1482518318&file=log
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The debian packages are ready. This patch fixes the
bug #831924 reported at debian bug tracking system.
With this patch, openvswitch-2.6.1 will be upload to
the Debian archive. If we build the packages with
"dpkg-buildpackage --target binary-indep", an error
state arises. debian/rules should be modified so that
the build-indep and binary-indep target generates
the architecture independent packages. If there are
things not be handled properly,let me know.
Reported-at: https://people.debian.org/~lucas/logs/2016/07/20/openvswitch_2.5.1~pre+git20160626-2_unstable_archallonly.log
Signed-off-by: nickcooper-zhangtonghao <nic@opencloud.tech>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
| |
Basic Sphinx integration is now complete. Remove the documentation
aspects of the 'dist-docs' target in favor of the htmldocs target.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
| |
This is mostly the exact same contents, albeit broken up into multiple
files.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
| |
This is a dumb move of all 'INSTALL*' docs, with very little
refactoring (mostly updating links and making the titles a little more
consistent. Additional refactoring will be done in subsequent changes.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
| |
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The OCF script will be present in the ovn-common package and installed
in the openvswitch scripts folder and a symbolic link to this file will
be created in the OCF resources folder.
The OCF resource agent name for this resource is ocf:ovn:ovndb-servers
Signed-off-by: Babu Shanmugam <bschanmu@redhat.com>
Acked-by: Andy Zhou <azhou@ovn.org>
Signed-off-by: Andy Zhou <azhou@ovn.org>
|
| |
|
|
|
|
|
|
|
| |
Include the ovn-trace binary and it's man page in ovn-common package
Fixes: 4acd1e87a8bf ("ovn-trace: New utility.")
Fixes: f448e5a4bb1f ("rhel: Include ovn-trace in ovn-common package")
Signed-off-by: Flavio Fernandes <flavio@flaviof.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
| |
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
| |
|
|
|
| |
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
| |
|
|
|
| |
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OVS GRE IPsec tunnel support has multiple issues, Therefore
it was deprecated in OVS 2.6.
Following patch removes support for GRE IPsec and allows external
IPsec tunnel management for any type of tunnel not just GRE.
e.g. user can encrypt Geneve or VxLan traffic.
It can be done by using openflow pipeline to set skb-mark
and using IPsec keying daemons to implement IPsec tunnels.
This packet can be matched for the skb-mark to encrypt
selective tunnel traffic.
VMware-BZ: 1710701
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Ansis Atteka <aatteka@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
OVS IPsec tunnel support has issues:
1. It only works for GRE.
2. only works on Debian.
3. It does not allow user to match on packet-mark
on packet received on tunnel ports.
This patch deprecates support for IPsec tunnel port.
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Ansis Atteka <aatteka@ovn.org>
|
| |
|
|
|
| |
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
| |
Found by flake8.
Fixes: 19cd0a87827e ("ipsec: Do not allow ipsec_gre tunnel traffic to exit unencrypted")
Signed-off-by: Amitabha Biswas <abiswas@us.ibm.com>
Acked-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If ipsec_gre tunnel configuration is changed in OVSDB,
then GRE packets may sometimes exit unencrypted until
per-tunnel IPsec policies are installed by ovs-monitor-ipsec
daemon.
This patch fixes this issue by installing single, low
priority IPsec block policy that drops all GRE packets
coming out from ipsec_gre tunnels that do not have yet
their own IPsec policies installed.
This patch depends on to two other recently committed
patches:
1. 574ff4aa (tunneling: get skb marking to work
properly with tunnels)
2. ca3574d5 (IPsec: refactor out some code in
OVS_MONITOR_IPSEC_START macro)
Signed-off-by: Ansis Atteka <aatteka@ovn.org>
Reported-by: Steffen Birkeland <Steffefb@stud.ntnu.no>
Acked-by: Jesse Gross <jesse@kernel.org>
|
| |
|
|
|
| |
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
| |
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Having a separate debian package for deploying
the ovn-controller-vtep binary enables the ability
to assign specific nodes the role of communicating
with VTEP enabled TORs.
Change-Id: Ia36aea7d89bd011a57918820b2a9f6e3469b3e04
Signed-off-by: Ryan Moats <rmoats@us.ibm.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds the conntrack module.
It is a connection tracker that resides entirely in userspace. Its
primary user will be the dpif-netdev datapath.
The module main goal is to provide conntrack_execute(), which offers a
convenient interface to implement the datapath ct() action.
The conntrack module uses two submodules to deal with the l4 protocol
details (conntrack-other for UDP and ICMP, conntrack-tcp for TCP).
The conntrack-tcp submodule implementation is adapted from FreeBSD's pf
subsystem, therefore it's BSD licensed. It has been slightly altered to
match the OVS coding style and to allow the pickup of already
established connections.
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Acked-by: Antonio Fischetti <antonio.fischetti@intel.com>
Acked-by: Joe Stringer <joe@ovn.org>
|
| |
|
|
|
|
|
|
|
|
| |
python-openvswitch uses the python "six" library, add a dependency for
this to the debian package.
VMware-BZ: #1700259
Reported-by: Devang Doshi <ddoshi@vmware.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 0dcc739e7a28 ("debian: Move ovs-lib to openvswitch-common.")
shifted a file between debian packages, but didn't update the
destination package annotations to indicate that it replaces a file
from earlier versions of the source package.
As a result, if one installs openvswitch-switch-2.5* (or earlier) and
then tries to upgrade to openvswitch-{switch,common}-2.5.90+, the
install of openvswitch-common will fail like the following:
dpkg: error processing archive
/tmp/openvswitch-common_2.5.90-1_amd64.deb (--install):
trying to overwrite '/usr/share/openvswitch/scripts/ovs-lib', which is
also in package openvswitch-switch 2.5.0-1
Fix the issue by adding "Replaces" and "Breaks" tags to the new
openvswitch-common section of debian/control.
Fixes: 0dcc739e7a28 ("debian: Move ovs-lib to openvswitch-common.")
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>
|
| |
|
|
|
|
|
|
| |
This doesn't seem to have been necessary since ovsdbmonitor was removed
in commit 7868fbc6c97c ("ovsdbmonitor: Remove."). Drop the dependency.
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
