]> git.proxmox.com Git - mirror_ovs.git/blob - utilities/ovs-ctl.in
projects / mirror_ovs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
rhel: Add option to enable AF_XDP on rpm package.
[mirror_ovs.git] / utilities / ovs-ctl.in
1 #! /bin/sh
2 # Copyright (C) 2009, 2010, 2011, 2012, 2013, 2014, 2016, 2017 Nicira, Inc.
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at:
7 #
8 # http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
15
16 case $0 in
17 */*) dir0=`echo "$0" | sed 's,/[^/]*$,,'` ;;
18 *) dir0=./ ;;
19 esac
20 . "$dir0/ovs-lib" || exit 1
21
22 for dir in "$sbindir" "$bindir" /sbin /bin /usr/sbin /usr/bin; do
23 case :$PATH: in
24 *:$dir:*) ;;
25 *)
26 case $dir in
27 $sbindir | $bindir) PATH=$dir:$PATH ;;
28 *) PATH=$PATH:$dir ;;
29 esac
30 esac
31 done
32
33 ## ----- ##
34 ## start ##
35 ## ----- ##
36
37 insert_mod_if_required () {
38 ## This takes care of inserting any required kernel modules
39 ovs_kmod_ctl insert
40 }
41
42 set_hostname () {
43 # 'hostname -f' needs network connectivity to work. So we should
44 # call this only after ovs-vswitchd is running.
45 if test X$FULL_HOSTNAME = Xyes; then
46 hn="$(hostname -f)" || hn="$(uname -n)"
47 else
48 hn="$(uname -n)"
49 fi
50 # Set the hostname if it wasn't set before
51 ovs_vsctl add Open_vSwitch . external-ids hostname="$hn"
52 }
53
54 set_system_ids () {
55 set ovs_vsctl set Open_vSwitch .
56
57 OVS_VERSION=`ovs-vswitchd --version | awk '/Open vSwitch/{print $NF}'`
58 set "$@" ovs-version="$OVS_VERSION"
59
60 case $SYSTEM_ID in
61 random)
62 id_file=$etcdir/system-id.conf
63 uuid_file=$etcdir/install_uuid.conf
64 if test -e "$id_file"; then
65 SYSTEM_ID=`cat "$id_file"`
66 elif test -e "$uuid_file"; then
67 # Migrate from old file name.
68 . "$uuid_file"
69 SYSTEM_ID=$INSTALLATION_UUID
70 run_as_ovsuser touch "$id_file"
71 echo "$SYSTEM_ID" > "$id_file"
72 elif SYSTEM_ID=`uuidgen`; then
73 run_as_ovsuser touch "$id_file"
74 echo "$SYSTEM_ID" > "$id_file"
75 else
76 log_failure_msg "missing uuidgen, could not generate system ID"
77 fi
78 ;;
79
80 '')
81 log_failure_msg "system ID not configured, please use --system-id"
82 ;;
83
84 *)
85 ;;
86 esac
87 set "$@" external-ids:system-id="\"$SYSTEM_ID\""
88
89 set "$@" external-ids:rundir="\"$rundir\""
90
91 if test X"$SYSTEM_TYPE" != X; then
92 set "$@" system-type="\"$SYSTEM_TYPE\""
93 else
94 log_failure_msg "no default system type, please use --system-type"
95 fi
96
97 if test X"$SYSTEM_VERSION" != X; then
98 set "$@" system-version="\"$SYSTEM_VERSION\""
99 else
100 log_failure_msg "no default system version, please use --system-version"
101 fi
102
103 action "Configuring Open vSwitch system IDs" "$@" $extra_ids
104 }
105
106 check_force_cores () {
107 if test X"$FORCE_COREFILES" = Xyes; then
108 ulimit -c 67108864
109 fi
110 }
111
112 del_transient_ports () {
113 for port in `ovs-vsctl --bare -- --columns=name find port other_config:transient=true`; do
114 ovs_vsctl -- del-port "$port"
115 done
116 }
117
118 do_start_ovsdb () {
119 check_force_cores
120
121 if daemon_is_running ovsdb-server; then
122 log_success_msg "ovsdb-server is already running"
123 else
124 # Create initial database or upgrade database schema.
125 upgrade_db $DB_FILE $DB_SCHEMA || return 1
126
127 # Start ovsdb-server.
128 set ovsdb-server "$DB_FILE"
129 for db in $EXTRA_DBS; do
130 case $db in
131 /*) ;;
132 *) db=$dbdir/$db ;;
133 esac
134
135 if test ! -f "$db"; then
136 log_warning_msg "$db (from \$EXTRA_DBS) does not exist."
137 elif ovsdb-tool db-version "$db" >/dev/null; then
138 set "$@" "$db"
139 else
140 log_warning_msg "$db (from \$EXTRA_DBS) cannot be read as a database (see error message above)"
141 fi
142 done
143 if test X"$SELF_CONFINEMENT" = Xno; then
144 set "$@" --no-self-confinement
145 fi
146 set "$@" -vconsole:emer -vsyslog:err -vfile:info
147 set "$@" --remote=punix:"$DB_SOCK"
148 set "$@" --private-key=db:Open_vSwitch,SSL,private_key
149 set "$@" --certificate=db:Open_vSwitch,SSL,certificate
150 set "$@" --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert
151 [ "$OVS_USER" != "" ] && set "$@" --user "$OVS_USER"
152 [ "$OVSDB_SERVER_OPTIONS" != "" ] && set "$@" $OVSDB_SERVER_OPTIONS
153
154 start_daemon "$OVSDB_SERVER_PRIORITY" "$OVSDB_SERVER_WRAPPER" "$@" \
155 || return 1
156
157 # Initialize database settings.
158 ovs_vsctl -- init -- set Open_vSwitch . db-version="$schemaver" \
159 || return 1
160 set_system_ids || return 1
161 if test X"$DELETE_BRIDGES" = Xyes; then
162 for bridge in `ovs_vsctl list-br`; do
163 ovs_vsctl del-br $bridge
164 done
165 fi
166 if test X"$DELETE_TRANSIENT_PORTS" = Xyes; then
167 del_transient_ports
168 fi
169 fi
170 }
171
172 start_ovsdb() {
173 if test X"$OVSDB_SERVER" = Xyes; then
174 do_start_ovsdb || return 1
175 fi
176 return 0
177 }
178
179 add_managers () {
180 # Tell ovsdb-server to connect to the remote managers. If ovs-vswitchd
181 # is not finished configuring, it may mean that remote managers will
182 # see more churn in the database at startup or restart. (For example,
183 # managers may briefly see empty datapath-id or ofport columns for
184 # records that exist at startup.). However, the alternative is a
185 # 'bricked' system, so we allow database connectivity regardless.
186 if test X"$OVSDB_SERVER" = Xyes || test X"$OVS_VSWITCHD" = Xyes; then
187 if daemon_is_running ovsdb-server; then
188 action "Enabling remote OVSDB managers" \
189 ovs-appctl -t ovsdb-server ovsdb-server/add-remote \
190 db:Open_vSwitch,Open_vSwitch,manager_options
191 fi
192 fi
193 }
194
195 do_start_forwarding () {
196 check_force_cores
197
198 insert_mod_if_required || return 1
199
200 if daemon_is_running ovs-vswitchd; then
201 log_success_msg "ovs-vswitchd is already running"
202 else
203 # Increase the limit on the number of open file descriptors.
204 # On Linux, ovs-vswitchd needs about three file descriptors
205 # per bridge and "n-handler-threads" file descriptors per bridge
206 # port, so this allows a very large number of bridges and ports.
207 MAXFD=65535
208 if [ $(ulimit -n) -lt $MAXFD ]; then
209 ulimit -n $MAXFD
210 fi
211
212 # Start ovs-vswitchd.
213 set ovs-vswitchd unix:"$DB_SOCK"
214 set "$@" -vconsole:emer -vsyslog:err -vfile:info
215 if test X"$MLOCKALL" != Xno; then
216 set "$@" --mlockall
217 fi
218 if test X"$SELF_CONFINEMENT" = Xno; then
219 set "$@" --no-self-confinement
220 fi
221 [ "$OVS_USER" != "" ] && set "$@" --user "$OVS_USER"
222 [ "$OVS_VSWITCHD_OPTIONS" != "" ] &&set "$@" $OVS_VSWITCHD_OPTIONS
223
224 start_daemon "$OVS_VSWITCHD_PRIORITY" "$OVS_VSWITCHD_WRAPPER" "$@" ||
225 return 1
226 fi
227 }
228
229 start_forwarding () {
230 if test X"$OVS_VSWITCHD" = Xyes; then
231 do_start_forwarding || return 1
232 fi
233 set_hostname &
234 return 0
235 }
236
237 start_ovs_ipsec () {
238 if test X$RESTART_IKE_DAEMON = Xno; then
239 no_restart="--no-restart-ike-daemon"
240 fi
241
242 ${datadir}/scripts/ovs-monitor-ipsec \
243 --pidfile=${rundir}/ovs-monitor-ipsec.pid \
244 --ike-daemon=$IKE_DAEMON \
245 $no_restart \
246 --log-file --detach --monitor unix:${rundir}/db.sock || return 1
247 return 0
248 }
249
250 ## ---- ##
251 ## stop ##
252 ## ---- ##
253
254 stop_ovsdb () {
255 if test X"$OVSDB_SERVER" = Xyes; then
256 stop_daemon ovsdb-server
257 fi
258 }
259
260 stop_forwarding () {
261 if test X"$OVS_VSWITCHD" = Xyes; then
262 stop_daemon ovs-vswitchd
263 fi
264 }
265
266 stop_ovs_ipsec () {
267 stop_daemon ovs-monitor-ipsec
268 }
269
270 ## --------------- ##
271 ## enable-protocol ##
272 ## --------------- ##
273
274 enable_protocol () {
275 # Translate the protocol name to a number, because "iptables -n -L" prints
276 # some protocols by name (despite the -n) and therefore we need to look for
277 # both forms.
278 #
279 # (iptables -S output is more uniform but old iptables doesn't have it.)
280 protonum=`grep "^$PROTOCOL[ ]" /etc/protocols | awk '{print $2}'`
281 if expr X"$protonum" : X'[0-9]\{1,\}$' > /dev/null; then :; else
282 log_failure_msg "unknown protocol $PROTOCOL"
283 return 1
284 fi
285
286 name=$PROTOCOL
287 match="(\$2 == \"$PROTOCOL\" || \$2 == $protonum)"
288 insert="iptables -I INPUT -p $PROTOCOL"
289 if test X"$DPORT" != X; then
290 name="$name to port $DPORT"
291 match="$match && /dpt:$DPORT/"
292 insert="$insert --dport $DPORT"
293 fi
294 if test X"$SPORT" != X; then
295 name="$name from port $SPORT"
296 match="$match && /spt:$SPORT/"
297 insert="$insert --sport $SPORT"
298 fi
299 insert="$insert -j ACCEPT"
300
301 if (iptables -n -L INPUT) >/dev/null 2>&1; then
302 if iptables -n -L INPUT | awk "$match { n++ } END { exit n == 0 }"
303 then
304 # There's already a rule for this protocol. Don't override it.
305 log_success_msg "iptables already has a rule for $name, not explicitly enabling"
306 else
307 action "Enabling $name with iptables" $insert
308 fi
309 elif (iptables --version) >/dev/null 2>&1; then
310 action "cannot list iptables rules, not adding a rule for $name"
311 else
312 action "iptables binary not installed, not adding a rule for $name"
313 fi
314 }
315
316 ## ---- ##
317 ## main ##
318 ## ---- ##
319
320 set_defaults () {
321 SYSTEM_ID=
322
323 FULL_HOSTNAME=yes
324
325 DELETE_BRIDGES=no
326 DELETE_TRANSIENT_PORTS=no
327
328 DAEMON_CWD=/
329 FORCE_COREFILES=yes
330 MLOCKALL=yes
331 SELF_CONFINEMENT=yes
332 MONITOR=yes
333 OVS_USER=
334 OVSDB_SERVER=yes
335 OVS_VSWITCHD=yes
336 OVSDB_SERVER_PRIORITY=-10
337 OVS_VSWITCHD_PRIORITY=-10
338 OVSDB_SERVER_WRAPPER=
339 OVS_VSWITCHD_WRAPPER=
340 OVSDB_SERVER_OPTIONS=
341 OVS_VSWITCHD_OPTIONS=
342
343 DB_FILE=$dbdir/conf.db
344 DB_SOCK=$rundir/db.sock
345 DB_SCHEMA=$datadir/vswitch.ovsschema
346 EXTRA_DBS=
347
348 PROTOCOL=gre
349 DPORT=
350 SPORT=
351
352 IKE_DAEMON=
353 RESTART_IKE_DAEMON=yes
354
355 type_file=$etcdir/system-type.conf
356 version_file=$etcdir/system-version.conf
357
358 if test -e "$type_file" ; then
359 SYSTEM_TYPE=`cat $type_file`
360 SYSTEM_VERSION=`cat $version_file`
361 elif test -e "@sysconfdir@/os-release"; then
362 SYSTEM_TYPE=`. '@sysconfdir@/os-release' && echo "$ID"`
363 SYSTEM_VERSION=`. '@sysconfdir@/os-release' && echo "$VERSION_ID"`
364 elif (lsb_release --id) >/dev/null 2>&1; then
365 SYSTEM_TYPE=`lsb_release --id -s`
366 system_release=`lsb_release --release -s`
367 system_codename=`lsb_release --codename -s`
368 SYSTEM_VERSION="${system_release}-${system_codename}"
369 else
370 SYSTEM_TYPE=unknown
371 SYSTEM_VERSION=unknown
372 fi
373 }
374
375 usage () {
376 set_defaults
377 cat <<EOF
378 $0: controls Open vSwitch daemons
379 usage: $0 [OPTIONS] COMMAND
380
381 This program is intended to be invoked internally by Open vSwitch startup
382 scripts. System administrators should not normally invoke it directly.
383
384 Commands:
385 start start Open vSwitch daemons
386 stop stop Open vSwitch daemons
387 restart stop and start Open vSwitch daemons
388 status check whether Open vSwitch daemons are running
389 version print versions of Open vSwitch daemons
390 load-kmod insert modules if not already present
391 force-reload-kmod save OVS network device state, stop OVS, unload kernel
392 module, reload kernel module, start OVS, restore state
393 enable-protocol enable protocol specified in options with iptables
394 delete-transient-ports delete transient (other_config:transient=true) ports
395 start-ovs-ipsec start Open vSwitch ipsec daemon
396 stop-ovs-ipsec stop Open vSwitch ipsec daemon
397 help display this help message
398
399 One of the following options is required for "start", "restart" and "force-reload-kmod":
400 --system-id=UUID set specific ID to uniquely identify this system
401 --system-id=random use a random but persistent UUID to identify this system
402
403 Other important options for "start", "restart" and "force-reload-kmod":
404 --system-type=TYPE set system type (e.g. "XenServer")
405 --system-version=VERSION set system version (e.g. "5.6.100-39265p")
406 --external-id="key=value"
407 add given key-value pair to Open_vSwitch external-ids
408 --delete-bridges delete all bridges just before starting ovs-vswitchd
409 --ovs-user="user[:group]" pass the --user flag to ovs daemons
410
411 Less important options for "start", "restart" and "force-reload-kmod":
412 --daemon-cwd=DIR set working dir for OVS daemons (default: $DAEMON_CWD)
413 --no-force-corefiles do not force on core dumps for OVS daemons
414 --no-mlockall do not lock all of ovs-vswitchd into memory
415 --ovsdb-server-priority=NICE set ovsdb-server's niceness (default: $OVSDB_SERVER_PRIORITY)
416 --ovs-vswitchd-priority=NICE set ovs-vswitchd's niceness (default: $OVS_VSWITCHD_PRIORITY)
417 --no-full-hostname set short hostname instead of full hostname
418
419 Debugging options for "start", "restart" and "force-reload-kmod":
420 --ovsdb-server-wrapper=WRAPPER
421 --ovs-vswitchd-wrapper=WRAPPER
422 run specified daemon under WRAPPER (either 'valgrind' or 'strace')
423
424 File location options:
425 --db-file=FILE database file name (default: $DB_FILE)
426 --db-sock=SOCKET JSON-RPC socket name (default: $DB_SOCK)
427 --db-schema=FILE database schema file name (default: $DB_SCHEMA)
428
429 Options for "enable-protocol":
430 --protocol=PROTOCOL protocol to enable with iptables (default: gre)
431 --sport=PORT source port to match (for tcp or udp protocol)
432 --dport=PORT ddestination port to match (for tcp or udp protocol)
433
434 Option for "start-ovs-ipsec":
435 --ike-daemon=IKE_DAEMON
436 the IKE daemon for ipsec tunnels (either libreswan or strongswan)
437 --no-restart-ike-daemon
438 do not restart the IKE daemon on startup
439
440 Other options:
441 -h, --help display this help message
442 -V, --version display version information
443
444 Default directories with "configure" option and environment variable override:
445 logs: @LOGDIR@ (--with-logdir, OVS_LOGDIR)
446 pidfiles and sockets: @RUNDIR@ (--with-rundir, OVS_RUNDIR)
447 conf.db: @DBDIR@ (--with-dbdir, OVS_DBDIR)
448 system configuration: @sysconfdir@ (--sysconfdir, OVS_SYSCONFDIR)
449 data files: @pkgdatadir@ (--pkgdatadir, OVS_PKGDATADIR)
450 user binaries: @bindir@ (--bindir, OVS_BINDIR)
451 system binaries: @sbindir@ (--sbindir, OVS_SBINDIR)
452
453 Please report bugs to bugs@openvswitch.org (see REPORTING-BUGS for details).
454 EOF
455
456 exit 0
457 }
458
459 set_option () {
460 var=`echo "$option" | tr abcdefghijklmnopqrstuvwxyz- ABCDEFGHIJKLMNOPQRSTUVWXYZ_`
461 eval set=\${$var+yes}
462 eval old_value=\$$var
463 if test X$set = X || \
464 (test $type = bool && \
465 test X"$old_value" != Xno && test X"$old_value" != Xyes); then
466 echo >&2 "$0: unknown option \"$arg\" (use --help for help)"
467 return
468 fi
469 eval $var=\$value
470 }
471
472 daemons () {
473 echo ovsdb-server ovs-vswitchd
474 }
475
476 set_defaults
477 extra_ids=
478 command=
479 for arg
480 do
481 case $arg in
482 -h | --help)
483 usage
484 ;;
485 -V | --version)
486 echo "$0 (Open vSwitch) $VERSION"
487 exit 0
488 ;;
489 --external-id=*)
490 value=`expr X"$arg" : 'X[^=]*=\(.*\)'`
491 case $value in
492 *=*)
493 extra_ids="$extra_ids external-ids:$value"
494 ;;
495 *)
496 echo >&2 "$0: --external-id argument not in the form \"key=value\""
497 exit 1
498 ;;
499 esac
500 ;;
501 --[a-z]*=*)
502 option=`expr X"$arg" : 'X--\([^=]*\)'`
503 value=`expr X"$arg" : 'X[^=]*=\(.*\)'`
504 type=string
505 set_option
506 ;;
507 --no-[a-z]*)
508 option=`expr X"$arg" : 'X--no-\(.*\)'`
509 value=no
510 type=bool
511 set_option
512 ;;
513 --[a-z]*)
514 option=`expr X"$arg" : 'X--\(.*\)'`
515 value=yes
516 type=bool
517 set_option
518 ;;
519 -*)
520 echo >&2 "$0: unknown option \"$arg\" (use --help for help)"
521 exit 1
522 ;;
523 *)
524 if test X"$command" = X; then
525 command=$arg
526 else
527 echo >&2 "$0: exactly one non-option argument required (use --help for help)"
528 exit 1
529 fi
530 ;;
531 esac
532 done
533 case $command in
534 start)
535 start_ovsdb || exit 1
536 start_forwarding || exit 1
537 add_managers
538 ;;
539 stop)
540 stop_forwarding
541 stop_ovsdb
542 ;;
543 restart)
544 restart
545 ;;
546 status)
547 rc=0
548 for daemon in `daemons`; do
549 daemon_status $daemon || rc=$?
550 done
551 exit $rc
552 ;;
553 version)
554 for daemon in `daemons`; do
555 $daemon --version
556 done
557 ;;
558 force-reload-kmod)
559 force_reload_kmod
560 ;;
561 load-kmod)
562 insert_mod_if_required
563 ;;
564 enable-protocol)
565 enable_protocol
566 ;;
567 delete-transient-ports)
568 del_transient_ports
569 ;;
570 start-ovs-ipsec)
571 start_ovs_ipsec
572 ;;
573 stop-ovs-ipsec)
574 stop_ovs_ipsec
575 ;;
576 help)
577 usage
578 ;;
579 '')
580 echo >&2 "$0: missing command name (use --help for help)"
581 exit 1
582 ;;
583 *)
584 echo >&2 "$0: unknown command \"$command\" (use --help for help)"
585 exit 1
586 ;;
587 esac
openvswitch mirror