[mirror_ovs.git] / utilities / ovs-lib.in

# -*- sh -*-
# vi:syntax=sh
# This is a shell function library sourced by some Open vSwitch scripts.
# It is not intended to be invoked on its own.

# Copyright (C) 2009, 2010, 2011, 2012 Nicira, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

## ----------------- ##
## configure options ##
## ----------------- ##

# All of these should be substituted by the Makefile at build time.
logdir=${OVS_LOGDIR-'@LOGDIR@'}                 # /var/log/openvswitch
rundir=${OVS_RUNDIR-'@RUNDIR@'}                 # /var/run/openvswitch
sysconfdir=${OVS_SYSCONFDIR-'@sysconfdir@'}     # /etc
etcdir=$sysconfdir/openvswitch                  # /etc/openvswitch
datadir=${OVS_PKGDATADIR-'@pkgdatadir@'}        # /usr/share/openvswitch
bindir=${OVS_BINDIR-'@bindir@'}                 # /usr/bin
sbindir=${OVS_SBINDIR-'@sbindir@'}              # /usr/sbin

# /etc/openvswitch or /var/lib/openvswitch
if test X"$OVS_DBDIR" != X; then
    dbdir=$OVS_DBDIR
elif test X"$OVS_SYSCONFDIR" != X; then
    dbdir=$OVS_SYSCONFDIR/openvswitch
else
    dbdir='@DBDIR@'
fi

ovs_ctl_log () {
    echo "$@" >> "${logdir}/ovs-ctl.log"
}

ovs_ctl () {
    case "$@" in
        *"=strace"*)
            # In case of running the daemon with strace, piping the o/p causes
            # the script to block (strace probably does not close the inherited
            # pipe). So, do not log the o/p to ovs-ctl.log.
            "${datadir}/scripts/ovs-ctl" "$@"
        ;;
        "status")
            # In case of the command 'status', we should return the exit status
            # of ovs-ctl. It is also useful to document the o/p in ovs-ctl.log.
            display=`"${datadir}/scripts/ovs-ctl" "$@" 2>&1`
            rc=$?
            if test -w "${logdir}/ovs-ctl.log"; then
                 echo "${display}" | tee -a "${logdir}/ovs-ctl.log"
            else
                 echo "${display}"
            fi
            return ${rc}
        ;;
        *)
            echo "`date -u`:$@" >> "${logdir}/ovs-ctl.log"
            "${datadir}/scripts/ovs-ctl" "$@" 2>&1 | tee -a "${logdir}/ovs-ctl.log"
        ;;
    esac
}

VERSION='@VERSION@'

DAEMON_CWD=/

LC_ALL=C; export LC_ALL

## ------------- ##
## LSB functions ##
## ------------- ##

# Use the system's own implementations if it has any.
if test -e /etc/init.d/functions; then
    . /etc/init.d/functions
elif test -e /etc/rc.d/init.d/functions; then
    . /etc/rc.d/init.d/functions
elif test -e /lib/lsb/init-functions; then
    . /lib/lsb/init-functions
fi

# Implement missing functions (e.g. OpenSUSE lacks 'action').
if type log_success_msg >/dev/null 2>&1; then :; else
    log_success_msg () {
        printf '%s.\n' "$*"
    }
fi
if type log_failure_msg >/dev/null 2>&1; then :; else
    log_failure_msg () {
        printf '%s ... failed!\n' "$*"
    }
fi
if type log_warning_msg >/dev/null 2>&1; then :; else
    log_warning_msg () {
        printf '%s ... (warning).\n' "$*"
    }
fi
if type action >/dev/null 2>&1; then :; else
    action () {
       STRING=$1
       shift
       "$@"
       rc=$?
       if test $rc = 0; then
            log_success_msg "$STRING"
       else
            log_failure_msg "$STRING"
       fi
       return $rc
    }
fi

## ------- ##
## Daemons ##
## ------- ##

pid_exists () {
    # This is better than "kill -0" because it doesn't require permission to
    # send a signal (so daemon_status in particular works as non-root).
    test -n "$1" && test -d /proc/"$1"
}

pid_comm_check () {
    [ "$1" = "`cat /proc/$2/comm`" ]
}

# version_geq version_a version_b
#
# Compare (dot separated) version numbers.  Returns true (exit code 0) if
# version_a is greater or equal than version_b, otherwise false (exit code 1).
version_geq() {
    echo $1 $2 | awk '{
        n1 = split($1, a, ".");
        n2 = split($2, b, ".");
        n = (n1 > n2) ? n1 : n2;
        for (i = 1; i <= n; i++) {
            if (a[i]+0 < b[i]+0) exit 1
            if (a[i]+0 > b[i]+0) exit 0
        }
    }'
}

install_dir () {
    DIR="$1"
    INSTALL_MODE="${2:-755}"
    INSTALL_USER="root"
    INSTALL_GROUP="root"
    [ "$OVS_USER" != "" ] && INSTALL_USER="${OVS_USER%:*}"
    [ "${OVS_USER##*:}" != "" ] && INSTALL_GROUP="${OVS_USER##*:}"

    if test ! -d "$DIR"; then
        install -d -m "$INSTALL_MODE" -o "$INSTALL_USER" -g "$INSTALL_GROUP" "$DIR"
        restorecon "$DIR" >/dev/null 2>&1
    fi
}

start_daemon () {
    priority=$1
    wrapper=$2
    shift; shift
    daemon=$1
    strace=""

    # drop core files in a sensible place
    install_dir "$DAEMON_CWD"
    set "$@" --no-chdir
    cd "$DAEMON_CWD"

    # log file
    install_dir "$logdir" "750"
    set "$@" --log-file="$logdir/$daemon.log"

    # pidfile and monitoring
    install_dir "$rundir"
    set "$@" --pidfile="$rundir/$daemon.pid"
    set "$@" --detach
    test X"$MONITOR" = Xno || set "$@" --monitor

    # wrapper
    case $wrapper in
        valgrind)
            if (valgrind --version) > /dev/null 2>&1; then
                set valgrind -q --leak-check=full --time-stamp=yes \
                    --log-file="$logdir/$daemon.valgrind.log.%p" "$@"
            else
                log_failure_msg "valgrind not installed, running $daemon without it"
            fi
            ;;
        strace)
            if (strace -V) > /dev/null 2>&1; then
                strace="strace -tt -T -s 256 -ff"
                if (strace -DV) > /dev/null 2>&1; then
                    # Has the -D option.
                    set $strace -D -o "$logdir/$daemon.strace.log" "$@"
                    strace=""
                fi
            else
                log_failure_msg "strace not installed, running $daemon without it"
            fi
            ;;
        glibc)
            set env MALLOC_CHECK_=2 MALLOC_PERTURB_=165 "$@"
            ;;
        '')
            ;;
        *)
            log_failure_msg "unknown wrapper $wrapper, running $daemon without it"
            ;;
    esac

    # priority
    if test X"$priority" != X; then
        set nice -n "$priority" "$@"
    fi

    action "Starting $daemon" "$@" || return 1

    if test X"$strace" != X; then
        # Strace doesn't have the -D option so we attach after the fact.
        setsid $strace -o "$logdir/$daemon.strace.log" \
            -p `cat $rundir/$daemon.pid` > /dev/null 2>&1 &
    fi
}

stop_daemon () {
    if test -e "$rundir/$1.pid"; then
        if pid=`cat "$rundir/$1.pid"`; then
            if pid_exists "$pid" >/dev/null 2>&1; then :; else
                rm -f $rundir/$1.$pid.ctl $rundir/$1.$pid
                return 0
            fi

            graceful="EXIT .1 .25 .65 1"
            actions="TERM .1 .25 .65 1 1 1 1 \
                     KILL 1 1 1 2 10 15 30 \
                     FAIL"
            version=`ovs-appctl -T 1 -t $rundir/$1.$pid.ctl version \
                     | awk 'NR==1{print $NF}'`

            # Use `ovs-appctl exit` only if the running daemon version
            # is >= 2.5.90.  This script might be used during upgrade to
            # stop older versions of daemons which do not behave correctly
            # with `ovs-appctl exit` (e.g. ovs-vswitchd <= 2.5.0 deletes
            # internal ports).
            if version_geq "$version" "2.5.90"; then
                actions="$graceful $actions"
            fi
            actiontype=""
            for action in $actions; do
                if pid_exists "$pid" >/dev/null 2>&1; then :; else
                    # pid does not exist.
                    if [ -n "$actiontype" ]; then
                        return 0
                    fi
                    # But, does the file exist? We may have had a daemon
                    # segfault with `ovs-appctl exit`. Check one more time
                    # before deciding that the daemon is dead.
                    [ -e "$rundir/$1.pid" ] && sleep 2 && pid=`cat "$rundir/$1.pid"` 2>/dev/null
                    if pid_exists "$pid" >/dev/null 2>&1; then :; else
                        return 0
                    fi
                fi
                case $action in
                    EXIT)
                        action "Exiting $1 ($pid)" \
                            ${bindir}/ovs-appctl -T 1 -t $rundir/$1.$pid.ctl exit
                        # The above command could have resulted in delayed
                        # daemon segfault. And if a monitor is running, it
                        # would restart the daemon giving it a new pid.
                        ;;
                    TERM)
                        action "Killing $1 ($pid)" kill $pid
                        actiontype="force"
                        ;;
                    KILL)
                        action "Killing $1 ($pid) with SIGKILL" kill -9 $pid
                        actiontype="force"
                        ;;
                    FAIL)
                        log_failure_msg "Killing $1 ($pid) failed"
                        return 1
                        ;;
                    *)
                        sleep $action
                        ;;
                esac
            done
        fi
    fi
    log_success_msg "$1 is not running"
}

daemon_status () {
    pidfile=$rundir/$1.pid
    if test -e "$pidfile"; then
        if pid=`cat "$pidfile"`; then
            if pid_exists "$pid"; then
                echo "$1 is running with pid $pid"
                return 0
            else
                echo "Pidfile for $1 ($pidfile) is stale"
            fi
        else
            echo "Pidfile for $1 ($pidfile) exists but cannot be read"
        fi
    else
        echo "$1 is not running"
    fi
    return 1
}

daemon_is_running () {
    pidfile=$rundir/$1.pid
    test -e "$pidfile" && pid=`cat "$pidfile"` && pid_exists "$pid" && pid_comm_check $1 $pid
} >/dev/null 2>&1

# Prints commands needed to move the ip address from interface $1 to interface
# $2
move_ip_address () {
    if [ -z "$1" ] || [ -z "$2" ]; then
        return
    fi
    dev="$1"
    dst="$2"

    # IP addresses (including IPv6).
    echo "ip addr flush dev $dev 2>/dev/null" # Suppresses "Nothing to flush".
    ip addr show dev $dev | while read addr; do
        set -- $addr

        # Check and trim family.
        family=$1
        shift
        case $family in
            inet | inet6) ;;
            *) continue ;;
        esac

        # Trim device off the end--"ip" insists on having "dev" precede it.
        addrcmd=
        while test $# != 0; do
            case $1 in
                dynamic)
                    # XXX: According to 'man ip-address', "dynamic" is only
                    # used for ipv6 addresses.  But, atleast on RHEL 7.4
                    # (iproute-3.10.0-87), it is being used for ipv4
                    # addresses assigned with dhcp.
                    if [ "$family" = "inet" ]; then
                        shift
                        continue
                    fi
                    # Omit kernel-maintained route.
                    continue 2
                    ;;
                scope)
                    if test "$2" = link -a "$family" != inet6; then
                        # Omit route derived from IP address, e.g.
                        # 172.16.0.0/16 derived from 172.16.12.34,
                        # but preserve IPv6 link-local address.
                        continue 2
                    fi
                    ;;
                "$dev"|"$dev:"*)
                    # Address label string
                    label=`echo $1 | sed "s/$dev/$dst/"`
                    addrcmd="$addrcmd label $label"
                    shift
                    continue
                    ;;
            esac
            addrcmd="$addrcmd $1"
            shift
        done
        if test "$1" != "$dev"; then
            addrcmd="$addrcmd $1"
        fi

        echo ip -f $family addr add $addrcmd dev $dst
    done
}

# Prints commands needed to move the ip route of interface $1 to interface $2
move_ip_routes () {
    if [ -z "$1" ] || [ -z "$2" ]; then
        return
    fi
    dev="$1"
    dst="$2"
    echo "ip route flush dev $dev proto boot 2>/dev/null" # Suppresses "Nothing to flush".
    ip route show dev $dev | while read route; do
        # "proto kernel" routes are installed by the kernel automatically.
        case $route in
            *" proto kernel "*) continue ;;
        esac

        echo "ip route add $route dev $dst"
    done
}

run_as_ovsuser() {
    if [ "$OVS_USER" != "" ]; then
        local uid=$(id -u "${OVS_USER%:*}")
        local gid=$(id -g "${OVS_USER%:*}")
        local groups=$(id -G "${OVS_USER%:*}" | tr ' ' ',')
        setpriv --reuid "$uid" --regid "$gid" --groups "$groups" "$@"
    else
        "$@"
    fi
}

ovsdb_tool () {
    run_as_ovsuser ovsdb-tool -vconsole:off "$@"
}

create_db () {
    DB_FILE="$1"
    DB_SCHEMA="$2"
    action "Creating empty database $DB_FILE" ovsdb_tool create "$DB_FILE" "$DB_SCHEMA"
}

backup_db () {
    # Back up the old version.
    version=`ovsdb_tool db-version "$DB_FILE"`
    cksum=`ovsdb_tool db-cksum "$DB_FILE" | awk '{print $1}'`
    backup=$DB_FILE.backup$version-$cksum
    action "Backing up database to $backup" cp "$DB_FILE" "$backup" || return 1
}

upgrade_db () {
    DB_FILE="$1"
    DB_SCHEMA="$2"

    schemaver=`ovsdb_tool schema-version "$DB_SCHEMA"`
    if test ! -e "$DB_FILE"; then
        log_warning_msg "$DB_FILE does not exist"
        install_dir `dirname $DB_FILE`
        create_db "$DB_FILE" "$DB_SCHEMA"
    elif test X"`ovsdb_tool needs-conversion "$DB_FILE" "$DB_SCHEMA"`" = Xyes; then
        backup_db || return 1

        # Compact database.  This is important if the old schema did not enable
        # garbage collection (i.e. if it did not have any tables with "isRoot":
        # true) but the new schema does.  In that situation the old database
        # may contain a transaction that creates a record followed by a
        # transaction that creates the first use of the record.  Replaying that
        # series of transactions against the new database schema (as "convert"
        # does) would cause the record to be dropped by the first transaction,
        # then the second transaction would cause a referential integrity
        # failure (for a strong reference).
        #
        # Errors might occur on an Open vSwitch downgrade if ovsdb-tool doesn't
        # understand some feature of the schema used in the OVSDB version that
        # we're downgrading from, so we don't give up on error.
        action "Compacting database" ovsdb_tool compact "$DB_FILE"

        # Upgrade or downgrade schema.
        if action "Converting database schema" ovsdb_tool convert "$DB_FILE" "$DB_SCHEMA"; then
            :
        else
            log_warning_msg "Schema conversion failed, using empty database instead"
            rm -f "$DB_FILE"
            create_db "$DB_FILE" "$DB_SCHEMA"
        fi
    fi
}

upgrade_cluster () {
    local DB_SCHEMA=$1 DB_SERVER=$2
    local schema_name=$(ovsdb-tool schema-name $1) || return 1

    action "Waiting for $schema_name to come up" ovsdb-client -t 30 wait "$DB_SERVER" "$schema_name" connected || return $?
    local db_version=$(ovsdb-client -t 10 get-schema-version "$DB_SERVER" "$schema_name") || return $?
    local target_version=$(ovsdb-tool schema-version "$DB_SCHEMA") || return $?

    if ovsdb-tool compare-versions "$db_version" == "$target_version"; then
        :
    elif ovsdb-tool compare-versions "$db_version" ">" "$target_version"; then
        log_warning_msg "Database $schema_name has newer schema version ($db_version) than our local schema ($target_version), possibly an upgrade is partially complete?"
    else
        action "Upgrading database $schema_name from schema version $db_version to $target_version" ovsdb-client -t 30 convert "$DB_SERVER" "$DB_SCHEMA"
    fi
}

create_cluster () {
    DB_FILE="$1"
    DB_SCHEMA="$2"
    LOCAL_ADDR="$3"

    if test ! -e "$DB_FILE"; then
        action "Creating cluster database $DB_FILE" ovsdb_tool create-cluster "$DB_FILE" "$DB_SCHEMA" "$LOCAL_ADDR"
    elif ovsdb_tool db-is-standalone "$DB_FILE"; then
        # Convert standalone database to clustered.
        backup_db || return 1
        rm -f "$DB_FILE"
        action "Creating cluster database $DB_FILE from existing one" \
               ovsdb_tool create-cluster "$DB_FILE" "$backup" "$LOCAL_ADDR"
    fi
}

join_cluster() {
    DB_FILE="$1"
    SCHEMA_NAME="$2"
    LOCAL_ADDR="$3"
    REMOTE_ADDR="$4"

    if test ! -e "$DB_FILE"; then
        ovsdb_tool join-cluster "$DB_FILE" "$SCHEMA_NAME" "$LOCAL_ADDR" "$REMOTE_ADDR"
    elif ovsdb_tool db-is-standalone "$DB_FILE"; then
        # Backup standalone database and join cluster.
        backup_db || return 1
        action "Joining $DB_FILE to cluster" \
               ovsdb_tool join-cluster "$DB_FILE" "$SCHEMA_NAME" "$LOCAL_ADDR"
    fi
}

ovs_vsctl () {
    ovs-vsctl --no-wait "$@"
}

## ----------------- ##
## force-reload-kmod ##
## ----------------- ##

ovs_kmod_ctl () {
    "$dir0/ovs-kmod-ctl" "$@"
}

internal_interfaces () {
    # Outputs a list of internal interfaces:
    #
    #   - There is an internal interface for every bridge, whether it
    #     has an Interface record or not and whether the Interface
    #     record's 'type' is properly set or not.
    #
    #   - There is an internal interface for each Interface record whose
    #     'type' is 'internal'.
    #
    # But ignore interfaces that don't really exist.
    for d in `(ovs_vsctl --bare \
                -- --columns=name find Interface type=internal \
                    -- list-br) | sort -u`
    do
        if test -e "/sys/class/net/$d"; then
                printf "%s " "$d"
            fi
    done
}

ovs_save () {
    bridges=`ovs_vsctl -- --real list-br`
    if [ -n "${bridges}" ] && \
        "$datadir/scripts/ovs-save" "$1" ${bridges} > "$2"; then
        chmod +x "$2"
        return 0
    fi
    [ -z "${bridges}" ] && return 0
}

save_flows_if_required () {
    if test X"$DELETE_BRIDGES" != Xyes; then
        action "Saving flows" ovs_save save-flows "${script_flows}"
    fi
}

save_interfaces () {
    "$datadir/scripts/ovs-save" save-interfaces ${ifaces} \
        > "${script_interfaces}"
}

flow_restore_wait () {
    if test X"${OVS_VSWITCHD:-yes}" = Xyes; then
        ovs_vsctl set open_vswitch . other_config:flow-restore-wait="true"
    fi
}

flow_restore_complete () {
    if test X"${OVS_VSWITCHD:-yes}" = Xyes; then
        ovs_vsctl --if-exists remove open_vswitch . other_config \
                  flow-restore-wait="true"
    fi
}

restore_flows () {
    [ -x "${script_flows}" ] && \
        action "Restoring saved flows" "${script_flows}"
}

restore_interfaces () {
    [ ! -x "${script_interfaces}" ] && return 0
    action "Restoring interface configuration" "${script_interfaces}"
    rc=$?
    if test $rc = 0; then
        level=debug
    else
        level=err
    fi
    log="logger -p daemon.$level -t ovs-save"
    $log "interface restore script exited with status $rc:"
    $log -f "$script_interfaces"
}

init_restore_scripts () {
    script_interfaces=`mktemp`
    script_flows=`mktemp`
    trap 'rm -f "${script_interfaces}" "${script_flows}"' 0
}

force_reload_kmod () {

    if test X"${OVS_VSWITCHD:-yes}" != Xyes; then
        log_failure_msg "Reloading of kmod without ovs-vswitchd is an error"
        exit 1
    fi

    ifaces=`internal_interfaces`
    action "Detected internal interfaces: $ifaces" true

    init_restore_scripts
    save_flows_if_required

    # Restart the database first, since a large database may take a
    # while to load, and we want to minimize forwarding disruption.
    stop_ovsdb
    start_ovsdb || return 1

    stop_forwarding

    if action "Saving interface configuration" save_interfaces; then
        :
    else
        log_warning_msg "Failed to save configuration, not replacing kernel module"
        start_forwarding
        add_managers
        exit 1
    fi
    chmod +x "$script_interfaces"

    for dp in `ovs-dpctl dump-dps`; do
        action "Removing datapath: $dp" ovs-dpctl del-dp "$dp"
    done

    if test -e /sys/module/ip_gre; then
        action "Forcing removal of ip_gre module" rmmod ip_gre
    fi

    if test -e /sys/module/gre; then
        action "Forcing removal of gre module" rmmod gre
    fi

    ovs_kmod_ctl remove

    # Start vswitchd by asking it to wait till flow restore is finished.
    flow_restore_wait
    start_forwarding || return 1

    # Restore saved flows and inform vswitchd that we are done.
    restore_flows
    flow_restore_complete
    add_managers

    restore_interfaces

    action "Finding processes on dead interfaces" timeout 5 \
        "$datadir/scripts/ovs-check-dead-ifs" || true
}

## ------- ##
## restart ##
## ------- ##

restart () {
    if daemon_is_running ovsdb-server && daemon_is_running ovs-vswitchd; then
        init_restore_scripts
        if test X"${OVS_VSWITCHD:-yes}" = Xyes; then
            save_flows_if_required
        fi
    fi

    # Restart the database first, since a large database may take a
    # while to load, and we want to minimize forwarding disruption.
    stop_ovsdb
    start_ovsdb || return 1

    stop_forwarding

    # Start vswitchd by asking it to wait till flow restore is finished.
    flow_restore_wait
    start_forwarding || return 1

    # Restore saved flows and inform vswitchd that we are done.
    restore_flows
    flow_restore_complete
    add_managers
}
Commit	Line	Data
	1	# -- sh --
	2	# vi:syntax=sh
	3	# This is a shell function library sourced by some Open vSwitch scripts.
	4	# It is not intended to be invoked on its own.
	5
	6	# Copyright (C) 2009, 2010, 2011, 2012 Nicira, Inc.
	7	#
	8	# Licensed under the Apache License, Version 2.0 (the "License");
	9	# you may not use this file except in compliance with the License.
	10	# You may obtain a copy of the License at:
	11	#
	12	# http://www.apache.org/licenses/LICENSE-2.0
	13	#
	14	# Unless required by applicable law or agreed to in writing, software
	15	# distributed under the License is distributed on an "AS IS" BASIS,
	16	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	17	# See the License for the specific language governing permissions and
	18	# limitations under the License.
	19
	20	## ----------------- ##
	21	## configure options ##
	22	## ----------------- ##
	23
	24	# All of these should be substituted by the Makefile at build time.
	25	logdir=${OVS_LOGDIR-'@LOGDIR@'} # /var/log/openvswitch
	26	rundir=${OVS_RUNDIR-'@RUNDIR@'} # /var/run/openvswitch
	27	sysconfdir=${OVS_SYSCONFDIR-'@sysconfdir@'} # /etc
	28	etcdir=$sysconfdir/openvswitch # /etc/openvswitch
	29	datadir=${OVS_PKGDATADIR-'@pkgdatadir@'} # /usr/share/openvswitch
	30	bindir=${OVS_BINDIR-'@bindir@'} # /usr/bin
	31	sbindir=${OVS_SBINDIR-'@sbindir@'} # /usr/sbin
	32
	33	# /etc/openvswitch or /var/lib/openvswitch
	34	if test X"$OVS_DBDIR" != X; then
	35	dbdir=$OVS_DBDIR
	36	elif test X"$OVS_SYSCONFDIR" != X; then
	37	dbdir=$OVS_SYSCONFDIR/openvswitch
	38	else
	39	dbdir='@DBDIR@'
	40	fi
	41
	42	ovs_ctl_log () {
	43	echo "$@" >> "${logdir}/ovs-ctl.log"
	44	}
	45
	46	ovs_ctl () {
	47	case "$@" in
	48	"=strace")
	49	# In case of running the daemon with strace, piping the o/p causes
	50	# the script to block (strace probably does not close the inherited
	51	# pipe). So, do not log the o/p to ovs-ctl.log.
	52	"${datadir}/scripts/ovs-ctl" "$@"
	53	;;
	54	"status")
	55	# In case of the command 'status', we should return the exit status
	56	# of ovs-ctl. It is also useful to document the o/p in ovs-ctl.log.
	57	display=`"${datadir}/scripts/ovs-ctl" "$@" 2>&1`
	58	rc=$?
	59	if test -w "${logdir}/ovs-ctl.log"; then
	60	echo "${display}" \| tee -a "${logdir}/ovs-ctl.log"
	61	else
	62	echo "${display}"
	63	fi
	64	return ${rc}
	65	;;
	66	*)
	67	echo "`date -u`:$@" >> "${logdir}/ovs-ctl.log"
	68	"${datadir}/scripts/ovs-ctl" "$@" 2>&1 \| tee -a "${logdir}/ovs-ctl.log"
	69	;;
	70	esac
	71	}
	72
	73	VERSION='@VERSION@'
	74
	75	DAEMON_CWD=/
	76
	77	LC_ALL=C; export LC_ALL
	78
	79	## ------------- ##
	80	## LSB functions ##
	81	## ------------- ##
	82
	83	# Use the system's own implementations if it has any.
	84	if test -e /etc/init.d/functions; then
	85	. /etc/init.d/functions
	86	elif test -e /etc/rc.d/init.d/functions; then
	87	. /etc/rc.d/init.d/functions
	88	elif test -e /lib/lsb/init-functions; then
	89	. /lib/lsb/init-functions
	90	fi
	91
	92	# Implement missing functions (e.g. OpenSUSE lacks 'action').
	93	if type log_success_msg >/dev/null 2>&1; then :; else
	94	log_success_msg () {
	95	printf '%s.\n' "$*"
	96	}
	97	fi
	98	if type log_failure_msg >/dev/null 2>&1; then :; else
	99	log_failure_msg () {
	100	printf '%s ... failed!\n' "$*"
	101	}
	102	fi
	103	if type log_warning_msg >/dev/null 2>&1; then :; else
	104	log_warning_msg () {
	105	printf '%s ... (warning).\n' "$*"
	106	}
	107	fi
	108	if type action >/dev/null 2>&1; then :; else
	109	action () {
	110	STRING=$1
	111	shift
	112	"$@"
	113	rc=$?
	114	if test $rc = 0; then
	115	log_success_msg "$STRING"
	116	else
	117	log_failure_msg "$STRING"
	118	fi
	119	return $rc
	120	}
	121	fi
	122
	123	## ------- ##
	124	## Daemons ##
	125	## ------- ##
	126
	127	pid_exists () {
	128	# This is better than "kill -0" because it doesn't require permission to
	129	# send a signal (so daemon_status in particular works as non-root).
	130	test -n "$1" && test -d /proc/"$1"
	131	}
	132
	133	pid_comm_check () {
	134	[ "$1" = "`cat /proc/$2/comm`" ]
	135	}
	136
	137	# version_geq version_a version_b
	138	#
	139	# Compare (dot separated) version numbers. Returns true (exit code 0) if
	140	# version_a is greater or equal than version_b, otherwise false (exit code 1).
	141	version_geq() {
	142	echo $1 $2 \| awk '{
	143	n1 = split($1, a, ".");
	144	n2 = split($2, b, ".");
	145	n = (n1 > n2) ? n1 : n2;
	146	for (i = 1; i <= n; i++) {
	147	if (a[i]+0 < b[i]+0) exit 1
	148	if (a[i]+0 > b[i]+0) exit 0
	149	}
	150	}'
	151	}
	152
	153	install_dir () {
	154	DIR="$1"
	155	INSTALL_MODE="${2:-755}"
	156	INSTALL_USER="root"
	157	INSTALL_GROUP="root"
	158	[ "$OVS_USER" != "" ] && INSTALL_USER="${OVS_USER%:*}"
	159	[ "${OVS_USER##:}" != "" ] && INSTALL_GROUP="${OVS_USER##:}"
	160
	161	if test ! -d "$DIR"; then
	162	install -d -m "$INSTALL_MODE" -o "$INSTALL_USER" -g "$INSTALL_GROUP" "$DIR"
	163	restorecon "$DIR" >/dev/null 2>&1
	164	fi
	165	}
	166
	167	start_daemon () {
	168	priority=$1
	169	wrapper=$2
	170	shift; shift
	171	daemon=$1
	172	strace=""
	173
	174	# drop core files in a sensible place
	175	install_dir "$DAEMON_CWD"
	176	set "$@" --no-chdir
	177	cd "$DAEMON_CWD"
	178
	179	# log file
	180	install_dir "$logdir" "750"
	181	set "$@" --log-file="$logdir/$daemon.log"
	182
	183	# pidfile and monitoring
	184	install_dir "$rundir"
	185	set "$@" --pidfile="$rundir/$daemon.pid"
	186	set "$@" --detach
	187	test X"$MONITOR" = Xno \|\| set "$@" --monitor
	188
	189	# wrapper
	190	case $wrapper in
	191	valgrind)
	192	if (valgrind --version) > /dev/null 2>&1; then
	193	set valgrind -q --leak-check=full --time-stamp=yes \
	194	--log-file="$logdir/$daemon.valgrind.log.%p" "$@"
	195	else
	196	log_failure_msg "valgrind not installed, running $daemon without it"
	197	fi
	198	;;
	199	strace)
	200	if (strace -V) > /dev/null 2>&1; then
	201	strace="strace -tt -T -s 256 -ff"
	202	if (strace -DV) > /dev/null 2>&1; then
	203	# Has the -D option.
	204	set $strace -D -o "$logdir/$daemon.strace.log" "$@"
	205	strace=""
	206	fi
	207	else
	208	log_failure_msg "strace not installed, running $daemon without it"
	209	fi
	210	;;
	211	glibc)
	212	set env MALLOC_CHECK_=2 MALLOC_PERTURB_=165 "$@"
	213	;;
	214	'')
	215	;;
	216	*)
	217	log_failure_msg "unknown wrapper $wrapper, running $daemon without it"
	218	;;
	219	esac
	220
	221	# priority
	222	if test X"$priority" != X; then
	223	set nice -n "$priority" "$@"
	224	fi
	225
	226	action "Starting $daemon" "$@" \|\| return 1
	227
	228	if test X"$strace" != X; then
	229	# Strace doesn't have the -D option so we attach after the fact.
	230	setsid $strace -o "$logdir/$daemon.strace.log" \
	231	-p `cat $rundir/$daemon.pid` > /dev/null 2>&1 &
	232	fi
	233	}
	234
	235	stop_daemon () {
	236	if test -e "$rundir/$1.pid"; then
	237	if pid=`cat "$rundir/$1.pid"`; then
	238	if pid_exists "$pid" >/dev/null 2>&1; then :; else
	239	rm -f $rundir/$1.$pid.ctl $rundir/$1.$pid
	240	return 0
	241	fi
	242
	243	graceful="EXIT .1 .25 .65 1"
	244	actions="TERM .1 .25 .65 1 1 1 1 \
	245	KILL 1 1 1 2 10 15 30 \
	246	FAIL"
	247	version=`ovs-appctl -T 1 -t $rundir/$1.$pid.ctl version \
	248	\| awk 'NR==1{print $NF}'`
	249
	250	# Use `ovs-appctl exit` only if the running daemon version
	251	# is >= 2.5.90. This script might be used during upgrade to
	252	# stop older versions of daemons which do not behave correctly
	253	# with `ovs-appctl exit` (e.g. ovs-vswitchd <= 2.5.0 deletes
	254	# internal ports).
	255	if version_geq "$version" "2.5.90"; then
	256	actions="$graceful $actions"
	257	fi
	258	actiontype=""
	259	for action in $actions; do
	260	if pid_exists "$pid" >/dev/null 2>&1; then :; else
	261	# pid does not exist.
	262	if [ -n "$actiontype" ]; then
	263	return 0
	264	fi
	265	# But, does the file exist? We may have had a daemon
	266	# segfault with `ovs-appctl exit`. Check one more time
	267	# before deciding that the daemon is dead.
	268	[ -e "$rundir/$1.pid" ] && sleep 2 && pid=`cat "$rundir/$1.pid"` 2>/dev/null
	269	if pid_exists "$pid" >/dev/null 2>&1; then :; else
	270	return 0
	271	fi
	272	fi
	273	case $action in
	274	EXIT)
	275	action "Exiting $1 ($pid)" \
	276	${bindir}/ovs-appctl -T 1 -t $rundir/$1.$pid.ctl exit
	277	# The above command could have resulted in delayed
	278	# daemon segfault. And if a monitor is running, it
	279	# would restart the daemon giving it a new pid.
	280	;;
	281	TERM)
	282	action "Killing $1 ($pid)" kill $pid
	283	actiontype="force"
	284	;;
	285	KILL)
	286	action "Killing $1 ($pid) with SIGKILL" kill -9 $pid
	287	actiontype="force"
	288	;;
	289	FAIL)
	290	log_failure_msg "Killing $1 ($pid) failed"
	291	return 1
	292	;;
	293	*)
	294	sleep $action
	295	;;
	296	esac
	297	done
	298	fi
	299	fi
	300	log_success_msg "$1 is not running"
	301	}
	302
	303	daemon_status () {
	304	pidfile=$rundir/$1.pid
	305	if test -e "$pidfile"; then
	306	if pid=`cat "$pidfile"`; then
	307	if pid_exists "$pid"; then
	308	echo "$1 is running with pid $pid"
	309	return 0
	310	else
	311	echo "Pidfile for $1 ($pidfile) is stale"
	312	fi
	313	else
	314	echo "Pidfile for $1 ($pidfile) exists but cannot be read"
	315	fi
	316	else
	317	echo "$1 is not running"
	318	fi
	319	return 1
	320	}
	321
	322	daemon_is_running () {
	323	pidfile=$rundir/$1.pid
	324	test -e "$pidfile" && pid=`cat "$pidfile"` && pid_exists "$pid" && pid_comm_check $1 $pid
	325	} >/dev/null 2>&1
	326
	327	# Prints commands needed to move the ip address from interface $1 to interface
	328	# $2
	329	move_ip_address () {
	330	if [ -z "$1" ] \|\| [ -z "$2" ]; then
	331	return
	332	fi
	333	dev="$1"
	334	dst="$2"
	335
	336	# IP addresses (including IPv6).
	337	echo "ip addr flush dev $dev 2>/dev/null" # Suppresses "Nothing to flush".
	338	ip addr show dev $dev \| while read addr; do
	339	set -- $addr
	340
	341	# Check and trim family.
	342	family=$1
	343	shift
	344	case $family in
	345	inet \| inet6) ;;
	346	*) continue ;;
	347	esac
	348
	349	# Trim device off the end--"ip" insists on having "dev" precede it.
	350	addrcmd=
	351	while test $# != 0; do
	352	case $1 in
	353	dynamic)
	354	# XXX: According to 'man ip-address', "dynamic" is only
	355	# used for ipv6 addresses. But, atleast on RHEL 7.4
	356	# (iproute-3.10.0-87), it is being used for ipv4
	357	# addresses assigned with dhcp.
	358	if [ "$family" = "inet" ]; then
	359	shift
	360	continue
	361	fi
	362	# Omit kernel-maintained route.
	363	continue 2
	364	;;
	365	scope)
	366	if test "$2" = link -a "$family" != inet6; then
	367	# Omit route derived from IP address, e.g.
	368	# 172.16.0.0/16 derived from 172.16.12.34,
	369	# but preserve IPv6 link-local address.
	370	continue 2
	371	fi
	372	;;
	373	"$dev"\|"$dev:"*)
	374	# Address label string
	375	label=`echo $1 \| sed "s/$dev/$dst/"`
	376	addrcmd="$addrcmd label $label"
	377	shift
	378	continue
	379	;;
	380	esac
	381	addrcmd="$addrcmd $1"
	382	shift
	383	done
	384	if test "$1" != "$dev"; then
	385	addrcmd="$addrcmd $1"
	386	fi
	387
	388	echo ip -f $family addr add $addrcmd dev $dst
	389	done
	390	}
	391
	392	# Prints commands needed to move the ip route of interface $1 to interface $2
	393	move_ip_routes () {
	394	if [ -z "$1" ] \|\| [ -z "$2" ]; then
	395	return
	396	fi
	397	dev="$1"
	398	dst="$2"
	399	echo "ip route flush dev $dev proto boot 2>/dev/null" # Suppresses "Nothing to flush".
	400	ip route show dev $dev \| while read route; do
	401	# "proto kernel" routes are installed by the kernel automatically.
	402	case $route in
	403	" proto kernel ") continue ;;
	404	esac
	405
	406	echo "ip route add $route dev $dst"
	407	done
	408	}
	409
	410	run_as_ovsuser() {
	411	if [ "$OVS_USER" != "" ]; then
	412	local uid=$(id -u "${OVS_USER%:*}")
	413	local gid=$(id -g "${OVS_USER%:*}")
	414	local groups=$(id -G "${OVS_USER%:*}" \| tr ' ' ',')
	415	setpriv --reuid "$uid" --regid "$gid" --groups "$groups" "$@"
	416	else
	417	"$@"
	418	fi
	419	}
	420
	421	ovsdb_tool () {
	422	run_as_ovsuser ovsdb-tool -vconsole:off "$@"
	423	}
	424
	425	create_db () {
	426	DB_FILE="$1"
	427	DB_SCHEMA="$2"
	428	action "Creating empty database $DB_FILE" ovsdb_tool create "$DB_FILE" "$DB_SCHEMA"
	429	}
	430
	431	backup_db () {
	432	# Back up the old version.
	433	version=`ovsdb_tool db-version "$DB_FILE"`
	434	cksum=`ovsdb_tool db-cksum "$DB_FILE" \| awk '{print $1}'`
	435	backup=$DB_FILE.backup$version-$cksum
	436	action "Backing up database to $backup" cp "$DB_FILE" "$backup" \|\| return 1
	437	}
	438
	439	upgrade_db () {
	440	DB_FILE="$1"
	441	DB_SCHEMA="$2"
	442
	443	schemaver=`ovsdb_tool schema-version "$DB_SCHEMA"`
	444	if test ! -e "$DB_FILE"; then
	445	log_warning_msg "$DB_FILE does not exist"
	446	install_dir `dirname $DB_FILE`
	447	create_db "$DB_FILE" "$DB_SCHEMA"
	448	elif test X"`ovsdb_tool needs-conversion "$DB_FILE" "$DB_SCHEMA"`" = Xyes; then
	449	backup_db \|\| return 1
	450
	451	# Compact database. This is important if the old schema did not enable
	452	# garbage collection (i.e. if it did not have any tables with "isRoot":
	453	# true) but the new schema does. In that situation the old database
	454	# may contain a transaction that creates a record followed by a
	455	# transaction that creates the first use of the record. Replaying that
	456	# series of transactions against the new database schema (as "convert"
	457	# does) would cause the record to be dropped by the first transaction,
	458	# then the second transaction would cause a referential integrity
	459	# failure (for a strong reference).
	460	#
	461	# Errors might occur on an Open vSwitch downgrade if ovsdb-tool doesn't
	462	# understand some feature of the schema used in the OVSDB version that
	463	# we're downgrading from, so we don't give up on error.
	464	action "Compacting database" ovsdb_tool compact "$DB_FILE"
	465
	466	# Upgrade or downgrade schema.
	467	if action "Converting database schema" ovsdb_tool convert "$DB_FILE" "$DB_SCHEMA"; then
	468	:
	469	else
	470	log_warning_msg "Schema conversion failed, using empty database instead"
	471	rm -f "$DB_FILE"
	472	create_db "$DB_FILE" "$DB_SCHEMA"
	473	fi
	474	fi
	475	}
	476
	477	upgrade_cluster () {
	478	local DB_SCHEMA=$1 DB_SERVER=$2
	479	local schema_name=$(ovsdb-tool schema-name $1) \|\| return 1
	480
	481	action "Waiting for $schema_name to come up" ovsdb-client -t 30 wait "$DB_SERVER" "$schema_name" connected \|\| return $?
	482	local db_version=$(ovsdb-client -t 10 get-schema-version "$DB_SERVER" "$schema_name") \|\| return $?
	483	local target_version=$(ovsdb-tool schema-version "$DB_SCHEMA") \|\| return $?
	484
	485	if ovsdb-tool compare-versions "$db_version" == "$target_version"; then
	486	:
	487	elif ovsdb-tool compare-versions "$db_version" ">" "$target_version"; then
	488	log_warning_msg "Database $schema_name has newer schema version ($db_version) than our local schema ($target_version), possibly an upgrade is partially complete?"
	489	else
	490	action "Upgrading database $schema_name from schema version $db_version to $target_version" ovsdb-client -t 30 convert "$DB_SERVER" "$DB_SCHEMA"
	491	fi
	492	}
	493
	494	create_cluster () {
	495	DB_FILE="$1"
	496	DB_SCHEMA="$2"
	497	LOCAL_ADDR="$3"
	498
	499	if test ! -e "$DB_FILE"; then
	500	action "Creating cluster database $DB_FILE" ovsdb_tool create-cluster "$DB_FILE" "$DB_SCHEMA" "$LOCAL_ADDR"
	501	elif ovsdb_tool db-is-standalone "$DB_FILE"; then
	502	# Convert standalone database to clustered.
	503	backup_db \|\| return 1
	504	rm -f "$DB_FILE"
	505	action "Creating cluster database $DB_FILE from existing one" \
	506	ovsdb_tool create-cluster "$DB_FILE" "$backup" "$LOCAL_ADDR"
	507	fi
	508	}
	509
	510	join_cluster() {
	511	DB_FILE="$1"
	512	SCHEMA_NAME="$2"
	513	LOCAL_ADDR="$3"
	514	REMOTE_ADDR="$4"
	515
	516	if test ! -e "$DB_FILE"; then
	517	ovsdb_tool join-cluster "$DB_FILE" "$SCHEMA_NAME" "$LOCAL_ADDR" "$REMOTE_ADDR"
	518	elif ovsdb_tool db-is-standalone "$DB_FILE"; then
	519	# Backup standalone database and join cluster.
	520	backup_db \|\| return 1
	521	action "Joining $DB_FILE to cluster" \
	522	ovsdb_tool join-cluster "$DB_FILE" "$SCHEMA_NAME" "$LOCAL_ADDR"
	523	fi
	524	}
	525
	526	ovs_vsctl () {
	527	ovs-vsctl --no-wait "$@"
	528	}
	529
	530	## ----------------- ##
	531	## force-reload-kmod ##
	532	## ----------------- ##
	533
	534	ovs_kmod_ctl () {
	535	"$dir0/ovs-kmod-ctl" "$@"
	536	}
	537
	538	internal_interfaces () {
	539	# Outputs a list of internal interfaces:
	540	#
	541	# - There is an internal interface for every bridge, whether it
	542	# has an Interface record or not and whether the Interface
	543	# record's 'type' is properly set or not.
	544	#
	545	# - There is an internal interface for each Interface record whose
	546	# 'type' is 'internal'.
	547	#
	548	# But ignore interfaces that don't really exist.
	549	for d in `(ovs_vsctl --bare \
	550	-- --columns=name find Interface type=internal \
	551	-- list-br) \| sort -u`
	552	do
	553	if test -e "/sys/class/net/$d"; then
	554	printf "%s " "$d"
	555	fi
	556	done
	557	}
	558
	559	ovs_save () {
	560	bridges=`ovs_vsctl -- --real list-br`
	561	if [ -n "${bridges}" ] && \
	562	"$datadir/scripts/ovs-save" "$1" ${bridges} > "$2"; then
	563	chmod +x "$2"
	564	return 0
	565	fi
	566	[ -z "${bridges}" ] && return 0
	567	}
	568
	569	save_flows_if_required () {
	570	if test X"$DELETE_BRIDGES" != Xyes; then
	571	action "Saving flows" ovs_save save-flows "${script_flows}"
	572	fi
	573	}
	574
	575	save_interfaces () {
	576	"$datadir/scripts/ovs-save" save-interfaces ${ifaces} \
	577	> "${script_interfaces}"
	578	}
	579
	580	flow_restore_wait () {
	581	if test X"${OVS_VSWITCHD:-yes}" = Xyes; then
	582	ovs_vsctl set open_vswitch . other_config:flow-restore-wait="true"
	583	fi
	584	}
	585
	586	flow_restore_complete () {
	587	if test X"${OVS_VSWITCHD:-yes}" = Xyes; then
	588	ovs_vsctl --if-exists remove open_vswitch . other_config \
	589	flow-restore-wait="true"
	590	fi
	591	}
	592
	593	restore_flows () {
	594	[ -x "${script_flows}" ] && \
	595	action "Restoring saved flows" "${script_flows}"
	596	}
	597
	598	restore_interfaces () {
	599	[ ! -x "${script_interfaces}" ] && return 0
	600	action "Restoring interface configuration" "${script_interfaces}"
	601	rc=$?
	602	if test $rc = 0; then
	603	level=debug
	604	else
	605	level=err
	606	fi
	607	log="logger -p daemon.$level -t ovs-save"
	608	$log "interface restore script exited with status $rc:"
	609	$log -f "$script_interfaces"
	610	}
	611
	612	init_restore_scripts () {
	613	script_interfaces=`mktemp`
	614	script_flows=`mktemp`
	615	trap 'rm -f "${script_interfaces}" "${script_flows}"' 0
	616	}
	617
	618	force_reload_kmod () {
	619
	620	if test X"${OVS_VSWITCHD:-yes}" != Xyes; then
	621	log_failure_msg "Reloading of kmod without ovs-vswitchd is an error"
	622	exit 1
	623	fi
	624
	625	ifaces=`internal_interfaces`
	626	action "Detected internal interfaces: $ifaces" true
	627
	628	init_restore_scripts
	629	save_flows_if_required
	630
	631	# Restart the database first, since a large database may take a
	632	# while to load, and we want to minimize forwarding disruption.
	633	stop_ovsdb
	634	start_ovsdb \|\| return 1
	635
	636	stop_forwarding
	637
	638	if action "Saving interface configuration" save_interfaces; then
	639	:
	640	else
	641	log_warning_msg "Failed to save configuration, not replacing kernel module"
	642	start_forwarding
	643	add_managers
	644	exit 1
	645	fi
	646	chmod +x "$script_interfaces"
	647
	648	for dp in `ovs-dpctl dump-dps`; do
	649	action "Removing datapath: $dp" ovs-dpctl del-dp "$dp"
	650	done
	651
	652	if test -e /sys/module/ip_gre; then
	653	action "Forcing removal of ip_gre module" rmmod ip_gre
	654	fi
	655
	656	if test -e /sys/module/gre; then
	657	action "Forcing removal of gre module" rmmod gre
	658	fi
	659
	660	ovs_kmod_ctl remove
	661
	662	# Start vswitchd by asking it to wait till flow restore is finished.
	663	flow_restore_wait
	664	start_forwarding \|\| return 1
	665
	666	# Restore saved flows and inform vswitchd that we are done.
	667	restore_flows
	668	flow_restore_complete
	669	add_managers
	670
	671	restore_interfaces
	672
	673	action "Finding processes on dead interfaces" timeout 5 \
	674	"$datadir/scripts/ovs-check-dead-ifs" \|\| true
	675	}
	676
	677	## ------- ##
	678	## restart ##
	679	## ------- ##
	680
	681	restart () {
	682	if daemon_is_running ovsdb-server && daemon_is_running ovs-vswitchd; then
	683	init_restore_scripts
	684	if test X"${OVS_VSWITCHD:-yes}" = Xyes; then
	685	save_flows_if_required
	686	fi
	687	fi
	688
	689	# Restart the database first, since a large database may take a
	690	# while to load, and we want to minimize forwarding disruption.
	691	stop_ovsdb
	692	start_ovsdb \|\| return 1
	693
	694	stop_forwarding
	695
	696	# Start vswitchd by asking it to wait till flow restore is finished.
	697	flow_restore_wait
	698	start_forwarding \|\| return 1
	699
	700	# Restore saved flows and inform vswitchd that we are done.
	701	restore_flows
	702	flow_restore_complete
	703	add_managers
	704	}