| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
This commit removes the explicit set of 1024-bit RSA keys when the RSA
keys are generated on "make sandbox" and so the default (2048-bit) is used.
Signed-off-by: Timothy Redaelli <tredaelli@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Tested-by: Maxime Coquelin <maxime.coquelin@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commits 1e8eeb66db2e7 ("ovs-sandbox: Support starting multiple
ovn-northds.") and 047458de40391 ("ovs-sandbox: Add option to support
multiple ovn-controllers.") allowed starting multiple instances of
ovn-northd and ovn-controller, respectively. It did this by assigning a
sequence number to to the pidfile name. Unfortunately, this breaks the
method ovs-appctl uses to determine to which process it should connect.
This commit changes the behavior so that a sequence number is not added
to the first instance, so ovs-appctl will connect to that be default.
This commit also uses the same convention for naming the log file.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
| |
Commit 047458de40391 ("ovs-sandbox: Add option to support multiple
ovn-controllers.") allowed creating multiple instances of
ovn-controller. However, all instances would use the same log file
name. This commit uses the sequence number to name the log file.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
| |
It's always been OVS coding style to use spaces rather than tabs for
indentation, but some tabs have snuck in over time. This commit converts
them to spaces.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
|
|
|
|
|
|
|
|
| |
There's no value in having these testing tools log to syslog. It just
pollutes the system log.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
|
|
|
|
|
| |
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
|
|
|
|
|
|
|
|
| |
Until now, ovsdb-server in the sandbox ignored the Managers table. This
commit adds support.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Darrell Ball <dlu00998@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
current params uses two sb1.db which is redundant:
e.g. ovsdb-server --remote=punix:sb1.ovsdb sb1.db sb1.db
expected:
e.g. ovsdb-server --remote=punix:sb1.ovsdb sb1.db
tested and works as expected:
ovn-sbctl --db=unix:/root/ovs/tutorial/sandbox/sb2.ovsdb show
Chassis "chassis-1"
hostname: sandbox
Encap geneve
ip: "127.0.0.1"
options: {csum="true"}
Signed-off-by: aginwala <aginwala@ebay.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
| |
Hence removing it from ovn-setup.sh
Signed-off-by: aginwala <aginwala@ebay.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
This allows testing ovn-northd behavior when it is run in an HA
configuration.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Reviewed-by: aginwala <aginwala@asu.edu>
|
|
|
|
|
|
|
|
| |
For a clustered database instance, we want ovn-northd to connect to the
entire cluster, not just the first server.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Reviewed-by: aginwala <aginwala@asu.edu>
|
|
|
|
|
|
|
|
|
|
|
| |
As per new clustering change, ovn-northd sandbox should use nb1.ovsdb and
sb1.ovsdb. It was updated in ovn-northd --help section but missed for sandbox.
This commit fixes the same
Reported-by: Mark Michelson <mmichels@redhat.com>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2018-March/345535.html
Signed-off-by: aginwala <aginwala@ebay.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds support for OVSDB clustering via Raft. Please read
ovsdb(7) for information on how to set up a clustered database. It is
simple and boils down to running "ovsdb-tool create-cluster" on one server
and "ovsdb-tool join-cluster" on each of the others and then starting
ovsdb-server in the usual way on all of them.
One you have a clustered database, you configure ovn-controller and
ovn-northd to use it by pointing them to all of the servers, e.g. where
previously you might have said "tcp:1.2.3.4" was the database server,
now you say that it is "tcp:1.2.3.4,tcp:5.6.7.8,tcp:9.10.11.12".
This also adds support for database clustering to ovs-sandbox.
Acked-by: Justin Pettit <jpettit@ovn.org>
Tested-by: aginwala <aginwala@asu.edu>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
"echo -n" is not POSIX and has spotty support in shells.
CC: Timothy Redaelli <tredaelli@redhat.com>
CC: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
Without this, "man ovs-test" and "man ovs-vlan-test" won't work in the
sandbox.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Reviewed-by: Greg Rose <gvrose8192@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ovs-sandbox comes with a script to quickly set up a simple
OVN configuration, ovn-setup.sh. This script set up config in the OVN
northbound database, but didn't create the corresponding ports on
br-int. Add that to save another step in provisioning this simple
environment.
Add "ovn-sbctl show" output as well, to follow the existing "ovn-nbctl
show" output.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since the sandbox environment was changed to enable SSL usage for
OVN_Southbound connections, the backup southbound server emits
the log message "socket_util|ERR|6642: bind: Address already in use"
every 2.5 seconds.
Fix by configuring the backup db server to not use remote configuration
from the database (the unix: socket can still be used, as was the
case before SSL was enabled).
Fixes: 0ced2a5c5e47 ("sandbox: use ssl for ovn-controller to sb db connection")
Signed-off-by: Lance Richardson <lrichard@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
Enable OVN_Southbound RBAC by default in the sandbox environment,
provide a new option "--no-ovn-rbac" to disable it.
Signed-off-by: Lance Richardson <lrichard@redhat.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Add SSL protocol and cipher columns to SSL tables in northbound
and southbound databases. Start nb/sb ovsdb-server with command-
line options to use these columns. Add support to ovn-nbctl
and ovn-sbctl "set-ssl" commands for user-friendly management
of these settings.
Signed-off-by: Lance Richardson <lrichard@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
| |
When SSL support is available, use SSL for the ovn-controller
to southbound database connection. When configured without
SSL, unix socket connections are used.
Signed-off-by: Lance Richardson <lrichard@redhat.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A previous commit removed the original ovs-sandbox based OVN tutorial
because it became too outdated and difficult to maintain. However,
the use of ovs-sandbox for basic OVN development and testing is incredibly
useful, so we should provide at least basic documentation on how to use it.
This commit introduces a new and shorter document that shows how to use OVN
in ovs-sandbox. It provides a single sample configuration, as well as a
sample ovn-trace command.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Numan Siddique <nusiddiq@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The only thing worse than a lack of documentation is incorrect or
out-of-date documentation. Over time, this document has not kept up with
the pace of OVN and is no longer a good current resource.
For a sandbox based tutorial like this, I'd like to start over using
ovn-trace as the basis.
An even more important type of tutorial would be something along the lines
of: http://blog.spinhirne.com/p/blog-series.html
That blog series was fantastic and has been the primary tutorial reference
I have been sending people to since it was written.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The ovs-sandbox runs in the "dummy mode" by default.
In this mode of testing, no packets travel across
physical or virtual networks. But sometimes, we may
create veth network devices and add them to ovs bridge
for developing and testing. It's necessary to add an option.
Signed-off-by: nickcooper-zhangtonghao <nic@opencloud.tech>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
This is moved separately due to the sheer number of references to this
file in the codebase.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
| |
Rename 'tutorial' to 'ovs-advanced' and 'ovn-tutorial' to 'ovn-basics'.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
| |
This is a dumb move of all 'INSTALL*' docs, with very little
refactoring (mostly updating links and making the titles a little more
consistent. Additional refactoring will be done in subsequent changes.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's a mismash of absolute and relative URLs, but these will be
resolved by the move to Sphinx.
In addition, the URLs pointing to the test scripts are removed as they
will break when we move to Sphinx. This is because they won't be
published with the Sphinx docs, ruling out relative links, and OVS
evolves too fast to rely on non-breaking links to GitHub. Better to
rely on shell examples like we do elsewhere and let the user figure it
out.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
| |
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
|
| |
Submitted-at: https://github.com/openvswitch/ovs/pull/160
Signed-off-by: Genevieve LEsperance <glesperance@pivotal.io>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
| |
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
| |
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
| |
Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
|
|
|
| |
Some of these references are not valid anymore, as things were moved to
either meta-flow.h or ofp-actions.c.
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OVS implementation of buffering packets that are sent to the
controller is not compliant with the OpenFlow specifications after
OpenFlow 1.0, which is possibly true since OpenFlow 1.0 is not really
specifying the packet buffering behavior.
OVS implementation executes the buffered packet against the actions of
the modified or added rule, whereas OpenFlow (since 1.1) specifies
that the packet should be matched against the flow table 0 and
processed accordingly.
Rather than fix this behavior, and potentially break OVS users, the
packet buffering feature is removed altogether. After all, such
packet buffering is an optional OpenFlow feature, and as such any
possible users should continue to work without this feature.
This patch also makes OVS check the received 'buffer_id' values more
rigorously, and fixes some internal users accordingly.
Found by inspection.
Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
The "--ovn" argument for SANDBOXFLAGS used unicode quotes, which when
copy and pasted made the command mysteriously fail.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Lance Richardson <lrichard@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Automatically launch backup server for OVN SB database that replicates
all transactions of the active server. This can be handy for
experimenting with the newly added replication feature.
Signed-off-by: Andy Zhou <azhou@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Acked-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
|
|
|
|
|
| |
Improve the tutorial of the basic OVN features. Update the contents of
the "Locally attached networks" and "Locally attached networks with VLANs"
in detail. The logical ports of type "l2gateway" is described.
Submitted-at: https://github.com/openvswitch/ovs/pull/144
Signed-off-by: nickcooper-zhangtonghao <nickcooper-zhangtonghao@opencloud.tech>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now, there has been no reliable for the CMS (or ovn-nbctl, or
anything else) to detect when changes made to the northbound configuration
have been passed through to the southbound database or to the hypervisors.
This commit adds this feature to the system, by adding sequence numbers
to the northbound and southbound databases and adding code in ovn-nbctl,
ovn-northd, and ovn-controller to keep those sequence numbers up-to-date.
The biggest user-visible change from this commit is new a new option
--wait to ovn-nbctl. With --wait=sb, ovn-nbctl now waits for ovn-northd
to update the southbound database; with --wait=hv, it waits for the
changes to make their way to Open vSwitch on every hypervisor.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
|
|
|
|
| |
A previous patch made some additions to section 1 of this tutorial.
This patch includes updates to the sample output that I got while
testing the additions to the tutorial.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adjust the field width for a couple of elements in the output of the
lflow-list sub-command of ovn-sbctl. We now have a table ID of 10, so
set a field width of 2 to keep output aligned. Table names have grown to
a max of 19 characters, so update the field width to keep output
aligned. Finally, left justify values in fields, as I find that to look
a little nicer.
Also update sample output in OVN-Tutorial.md to match the current state.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
| |
A previous commit changed the command names in ovn-nbctl from lport-* to
lsp-*. Change lport-bind and lport-unbind in ovn-sbctl to match.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Amitabha Biswas <abiswas@us.ibm.com>
Acked-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
Improve the tutorial of the basic OVN features. The addresses and port_security
columns of the logical port is described in more detail.
Signed-off-by: nickcooper-zhangtonghao <nickcooper-zhangtonghao@opencloud.tech>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch tries to support ND versus ARP for OVN.
It adds a new OVN action 'na' in ovn-controller side, and modify lflows
for 'na' action and relevant packets in ovn-northd.
First, for ovn-northd, it will generate lflows per each lport with its
IPv6 addresses and mac addresss, with 'na' action, such as:
match=(icmp6 && icmp6.type == 135 &&
(nd.target == fd81:ce49:a948:0:f816:3eff:fe46:8a42 ||
nd.target == fd81:ce49:b123:0:f816:3eff:fe46:8a42)),
action=(na { eth.src = fa:16:3e:46:8a:42; nd.tll = fa:16:3e:46:8a:42;
outport = inport;
inport = ""; /* Allow sending out inport. */ output; };)
and new lflows will be set in tabel ls_in_arp_nd_rsp, which is renamed
from previous ls_in_arp_rsp.
Later, for ovn-controller, when it received a ND packet, it frames a
template NA packet for reply. The NA packet will be initialized based on
ND packet, such as NA packet will use:
- ND packet eth.src as eth.dst,
- ND packet eth.dst as eth.src,
- ND packet ip6.src as ip6.dst,
- ND packet nd.target as ip6.src,
- ND packet eth.dst as nd.tll.
Finally, nested actions in 'na' action will update necessary fileds
for NA packet, such as:
- eth.src, nd.tll
- inport, outport
Since patch port for IPv6 router interface is not ready yet, this
patch will only try to deal with ND from VM. This patch will set
RSO flags to 011 for NA packets.
This patch also modified current ACL lflows for ND, not to do conntrack
on ND and NA packets in following tables:
- S_SWITCH_IN_PRE_ACL
- S_SWITCH_OUT_PRE_ACL
- S_SWITCH_IN_ACL
- S_SWITCH_OUT_ACL
Signed-off-by: Zong Kai LI <zealokii@gmail.com>
[blp@ovn.org made several minor simplifications and improvements]
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A few minor changes related to logical switch commands:
- Use "ls" instead of "lswitch" to be more consistent with other
command changes.
- Use commands where possible in ovn unit tests.
- Update references from "lswitch" to "ls" (code) or "switch" (user).
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
Acked-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A few minor changes related to logical switch port commands:
- Use "lsp" instead of "lport" to be more consistent with later
changes.
- Use commands where possible in ovn unit tests.
- Update references from "lport" to "lsp" (code) or "port" (user).
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
Acked-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
| |
Correct the link to the ovn-northd man page in the OVN tutorial.
Signed-off-by: Jamie Lennox <jamielennox@gmail.com>
[russell@ovn.org updated AUTHORS file]
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Highlighted requirement on how a fresh sandbox is expected
before doing each of the tutorial sections.
Also added some mentioning of the gdb flags available for
debugging ovn programs.
Signed-off-by: Flavio Fernandes <flavio@flaviof.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update ovs-ctl to store the system hostname as an external-id, similar
to the system-id. This is largely for convenience. ovn-controller
will make use of it in a future commit. Someone in the OpenDaylight
community requested the same thing in a discussion earlier this week.
While we're at it, set external-ids:hostname in ovs-sandbox as well.
Suggested-by: Justin Pettit <jpettit@ovn.org>
Suggested-at: http://openvswitch.org/pipermail/dev/2016-March/068225.html
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
OVN NB & SB DB's should be run in separate ovsdb-server processes
and should run with ovn-ctl start_northd / stop_northd. This patch
includes changes to unit tests, tutorial and debian scripts to remain
self-consistent.
Signed-off-by: RYAN D. MOATS <rmoats@us.ibm.com>
Signed-off-by: Michael Arnaldi <arnaldimichael@gmail.com>
Co-authored-by: Michael Arnaldi <arnaldimichael@gmail.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
|
|
|
|
|
|
|
|
|
|
| |
When you run ovs-sandbox, it finishes with a note describing the dummy
environment it has set up. Add some additional text that indicates that
OVN is also enabled when that is the case.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
|