There are a couple of references to these for various build systems.
The website is going to be our "one true resource" for all docs, so
simply remove these references.
Signed-off-by: Stephen Finucane <stephen@that.guru> Signed-off-by: Ben Pfaff <blp@ovn.org>
This is a dumb move of all 'INSTALL*' docs, with very little
refactoring (mostly updating links and making the titles a little more
consistent. Additional refactoring will be done in subsequent changes.
Signed-off-by: Stephen Finucane <stephen@that.guru> Signed-off-by: Ben Pfaff <blp@ovn.org>
Create a series of sections, all of which are currently empty, using
the general design established by Jacob Kaplan-Moss and the Django
project [1]. Five sections are provided:
This is essentially the output of 'sphinx-quickstart' but with the
following changes:
- Parts of the generated Makefile are merged into the existing
Documentation/automake.mk Makefile
- A license is added to the index.rst file
- The OVS logo is added
- A 'contents' page is added, so we don't need to include a TOC on the
home page
- The theme is switched to 'bizstyle', which makes better use of
horizontal real estate than the default 'alabaster' theme
Copyright is assigned to "The Open vSwitch Development Community".
Signed-off-by: Stephen Finucane <stephen@that.guru> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Pfaff [Fri, 9 Dec 2016 18:28:04 +0000 (10:28 -0800)]
ovn-sbctl: Fix a few minor typesetting errors.
In manpages, \- is used primarily for literal "-" in literal text, that is,
it should usually be used for bold (literal) text. (It's also used for
minus signs in mathematics.) It should not generally be used for hyphens
in English text, as it was used here in italic (metasyntactic variable)
text. This fixes the problem.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Russell Bryant <russell@ovn.org>
Ilya Maximets [Thu, 8 Dec 2016 08:55:31 +0000 (11:55 +0300)]
netdev: Set the default number of queues at removal from the database
Expected behavior for attribute removal from the database is
resetting it to default value. Currently this doesn't work for
n_rxq/n_txq options of pmd netdevs (last requested value used):
Fix that by using NR_QUEUE or 1 as a default value for 'smap_get_int'.
Fixes: a14b8947fd13 ("dpif-netdev: Allow different numbers of
rx queues for different ports.") Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Tested-by: Ian Stokes <ian.stokes@intel.com> Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Jarno Rajahalme [Sat, 10 Dec 2016 01:22:42 +0000 (17:22 -0800)]
datapath: Allow compile against current net-next.
This patch allows openvswitch kernel module in the OVS tree to be
compiled against the current net-next Linux kernel. The changes are
due to these upstream commits:
56989f6d856 ("genetlink: mark families as __ro_after_init") 489111e5c25 ("genetlink: statically initialize families") a07ea4d9941 ("genetlink: no longer support using static family IDs")
struct genl_family initialization is changed be completely static and
to include the new (in Linux 4.6) __ro_after_init attribute. Compat
code defines it as an empty macro if not defined already.
GENL_ID_GENERATE is no longer defined, but since it was defined as 0,
it is safe to drop it from all initializers also on older Linux
versions. A compiletime_assert is added to make sure this is true
whenever GENL_ID_GENERATE is defined.
Tested with current Linux net-next (4.9) and 3.16.
It should be noted that there are still a number of fixes and new
features in upstream net-next that are yet to be backported.
Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Acked-by: Andy Zhou <azhou@ovn.org>
Ben Pfaff [Fri, 9 Dec 2016 23:09:42 +0000 (15:09 -0800)]
ofproto-dpif-ipfix: Fix assertion failure for bad configuration.
The assertions in dpif_ipfix_set_options() made some bad assumptions about
flow exporters. The code that added and removed exporters would add a flow
exporter even if it had an invalid configuration ("broken"), but the
assertions checked that broken flow exporters were not added. Thus, the
when a flow exporter was broken, ovs-vswitchd would crash due to an
assertion failure.
Here is an example vsctl command that, run in the sandbox, would crash
ovs-vswitchd:
The minimal fix would be to remove the assertions, but this would leave
broken flow exporters in place. This commit goes a little farther and
actually removes broken flow exporters.
This fix pulls code out of an "if" statement to a higher level, so it is a
smaller fix when viewed igoring space changes.
This bug dates back to the introduction of IPFIX in 2013.
Andy Zhou [Fri, 9 Dec 2016 01:26:10 +0000 (17:26 -0800)]
rpms: Remove more OVN files form openvswitch rpm builds
OVN is packaged with openvswitch-fedora.spec.in, but not with
openvswitch.spec.in. Remove OVN files from openvswitch.spec.in
builds to make rpm build happy.
Signed-off-by: Andy Zhou <azhou@ovn.org> Acked-by: Russell Bryant <russell@ovn.org>
ovs-vswitchd: Avoid segfault for "netdev" datapath.
When the datapath, whose type is "netdev", processes packets
in userspce action, it may cause a segmentation fault. In the
dp_execute_userspace_action(), we pass the "wc" argument to
dp_netdev_upcall() using NULL. In the dp_netdev_upcall() call tree,
the "wc" will be used. For example, dp_netdev_upcall() uses the
&wc->masks for debugging, and flow_wildcards_init_for_packet()
uses the "wc" if we disable megaflow, which is described in
more detail below.
Segmentation fault in flow_wildcards_init_for_packet:
Joe Stringer [Thu, 8 Dec 2016 18:22:16 +0000 (10:22 -0800)]
treewide: Fix recent flake8-check.
Without this patch, I see errors like this on master:
../ofproto/ipfix-gen-entities:115:1: E305 expected 2 blank lines after
class or function definition, found 1
Signed-off-by: Joe Stringer <joe@ovn.org> Acked-by: Daniele Di Proietto <diproiettod@vmware.com>
Guoshuai Li [Sat, 3 Dec 2016 07:38:12 +0000 (15:38 +0800)]
Fix ovndb_servers master and VirtualIP are not on the same node.
PCS man page says role=Stopped/Started/Master/Slave.
A role can be master or slave (if no role is specified,
it defaults to 'started').
Command line
"$pcs constraint colocation add ovndb_servers-master with
master VirtualIP"
means that the Started role node of ovsdb follows the master node of
VirtualIP. But we actually want the ovsdb master node to follow the
VirtualIP's Started node.
Guoshuai Li [Tue, 6 Dec 2016 12:35:08 +0000 (20:35 +0800)]
ovn: Fix pacemaker Master node does not monitor the OVSDB status
OVSDB resource is multi-state resource, pacemaker monitor actions are
insufficient to monitor a multi-state resource. The usual one will
cover the slave role, so it is need to configure monitoring for the
master.
Ben Pfaff [Sun, 23 Oct 2016 17:50:35 +0000 (10:50 -0700)]
tests: Fix order confusion in "ovn -- 2 HVs, 4 lports/HV, localnet ports".
The order of src and dst was swapped both in assignment and reference,
which meant that the result worked OK but was really confusing to try to
extend or modify.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Russell Bryant <russell@ovn.org>
Ilya Maximets [Tue, 6 Dec 2016 11:48:43 +0000 (14:48 +0300)]
tests/bundle: Use active_backup algorithm for up/down test.
HRW algorithm uses hash function which is dependent from the build
environment. This leads to constant fails of the testsuite
with CFLAGS='-march=native' if CPU supports hashing instructions:
Using of 'active_backup' algorithm will help to avoid such issues.
CC: Thadeu Lima de Souza Cascardo <cascardo@redhat.com> Fixes: 63460a30c53e ("tests/bundle: test bundle action with ports up and down") Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Russell Bryant [Mon, 5 Dec 2016 17:04:32 +0000 (12:04 -0500)]
ovn-controller(8): ovn-remote must be an ovsdb remote.
Document that the value of the ovn-remote configuration
option must be in the form of an ovsdb remote as previously documented
in this man page. This came up on IRC where someone trying OVN
put a hostname here and observed that it did not work.
Signed-off-by: Russell Bryant <russell@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
Jarno Rajahalme [Thu, 1 Dec 2016 21:10:53 +0000 (13:10 -0800)]
ofproto: Honor OFPFF_RESET_COUNTS flag in flow modify message.
While a flow modify must keep the original flow's flags, it must reset
counts if (and only if) the reset_counts flag is present in the flow
mod message.
Behavior prior to this patch is broken in a few ways:
- OpenFlow 1.0 and 1.1 mod-flows did reset the counts, if the flow had
reset_counts flag set. Only add-flow should reset counts.
- With OpenFlow 1.2 and later, if the old flow had the reset_counts
flag set, the counts would be reset by mod-flows, even if the
flow-mod message does not have the reset_counts flag set.
- With OpenFlow 1.2 and later, mod-flows with a reset_count did not
reset the counts, if the old flow did not have the reset_counts flag
set.
Even though the prevailing interpretation seems to be that the
reset_counts flag in the flow-mod message should be stored as part of
the flow state (and reported back in flow dumps with OpenFlow >= 1.3),
we should always just look at the reset_counts flag in the current
flow-mod and ignore the reset_counts flag stored in the flow when
processing a flow mod.
For OpenFlow 1.0 and 1.1 we already implicitly add the reset_counts
flag for add-flow messages (only) to maintain the expected behavior.
This patch adds a comprehensive test case to prevent future regressions.
Suggested-by: Tony van der Peet <tony.vanderpeet@alliedtelesis.co.nz> Fixes: 748eb2f5b1 ("ofproto-dpif: Always forward 'used' from the old_rule.") Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Acked-by: Ben Pfaff <blp@ovn.org>
Jarno Rajahalme [Thu, 1 Dec 2016 22:05:24 +0000 (14:05 -0800)]
mpls: Fix MPLS restoration after patch port and group bucket.
This patch fixes problems with MPLS handling related to patch ports
and group buckets.
If a group bucket or a peer bridge across a patch port pushes MPLS
headers to a non-MPLS packet and outputs, the flow translation after
returning from the group bucket or patch port would undo the packet
transformations so that the processing could continue with the packet
as it was before entering the patch port. There were two problems
with this:
1. As part of the first MPLS push on a non-MPLS packet, the flow
translation would first clear the L3/4 headers of the 'flow' to mark
those fields invalid. Later, when committing 'flow' changes to
datapath actions before output, the necessary datapath MPLS actions
are created and the corresponding changes updated to the 'base flow'.
This was done using the same flow_push_mpls() function that clears
the L2/3 headers, so also the 'base flow' L2/3 headers were cleared.
Then, when translation returns from a patch port or group bucket, the
original 'flow' is restored, now showing no sign of the MPLS labels.
Since the 'base flow' now has the MPLS labels, following translations
know to issue MPLS POP actions before any output actions. However, as
part of checking for changes to IP headers we test that the IP
protocol type was not changed. But now the 'base flow's 'nw_proto'
field is zero and an assert fail crashes OVS.
This is solved by not clearing the L3/4 fields of the 'base
flow'. This allows the processing after the patch port to continue
with L3/4 fields as if no MPLS was done, after first issuing the
necessary MPLS POP actions.
2. IP header updates were done before the MPLS POP actions were
issued. This caused incorrect packet output after, e.g., group action
or patch port. For example, with actions:
group 1234: all bucket=push_mpls,output:LOCAL
ip actions=group:1234,dec_ttl,output:LOCAL,output:LOCAL
the dec_ttl would only be executed before the last output to LOCAL,
since at the time of committing IP changes after the group action the
packet was still an MPLS packet.
This is solved by checking the dl_type of both 'flow' and 'base flow'
and issuing MPLS actions if they can transform the packet from an MPLS
packet to a non-MPLS packet. For an IP packet the change in ttl can
then be correctly committed before the last two output actions.
Two test cases are added to prevent future regressions.
Reported-by: Thomas Morin <thomas.morin@orange.com> Suggested-by: Takashi YAMAMOTO <yamamoto@ovn.org> Fixes: 8bfd0fdac ("Enhance userspace support for MPLS, for up to 3 labels.") Fixes: 1b035ef20 ("mpls: Allow l3 and l4 actions to prior to a push_mpls action") Signed-off-by: Jarno Rajahalme <jarno@ovn.org> Acked-by: YAMAMOTO Takashi <yamamoto@ovn.org>
billyom [Tue, 29 Nov 2016 10:24:53 +0000 (10:24 +0000)]
ovs-numa: Allow leading 0x on pmd-cpu-mask.
pmd-cpu-mask is interpreted as a hex bit mask. So it should be written
with a leading 0x to indicate this. But if this is done, while the value
is interpreted correctly and the PMDs pinned as expected, a confusing
warning message is also issued.
This patch allows but does not require a leading 0x or 0X to be used
without a warning. Existing functionality is not affected. Relevant DPDK
docs also updated.
Signed-off-by: Billy O'Mahony <billy.o.mahony@intel.com> Tested-by: Kevin Traynor <ktraynor@redhat.com> Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Ilya Maximets [Tue, 29 Nov 2016 12:20:56 +0000 (15:20 +0300)]
netdev-dpdk: Don't try to unregister empty vhost_id.
If 'vhost-server-path' not provided for vhostuserclient port,
'netdev_dpdk_vhost_destruct()' will try to unregister an empty string.
This leads to error message in log:
netdev_dpdk|ERR|vhost2: Unable to unregister vhost driver for socket ''.
CC: Ciara Loftus <ciara.loftus@intel.com> Fixes: 2d24d165d6a5 ("netdev-dpdk: Add new 'dpdkvhostuserclient' port type") Signed-off-by: Ilya Maximets <i.maximets@samsung.com> Acked-by: Ciara Loftus <ciara.loftus@intel.com> Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Ben Pfaff [Fri, 2 Dec 2016 00:34:03 +0000 (16:34 -0800)]
ovn-controller: Remove unused members from local_datapath.
Nothing used these, except to initialize and free them. 'logical_port'
wasn't meaningful in any case, it was just the name of the first logical
port encountered from a particular logical datapath when traversing the
database's Port_Binding table, which isn't in a meaningful order.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Mickey Spiegel <mickeys.dev@gmail.com>
Thomas Monjalon [Sun, 27 Nov 2016 22:22:20 +0000 (23:22 +0100)]
dpdk: update download url
The documentation and the travis script were getting the DPDK sources
from the DPDK cgit service at dpdk.org/browse/dpdk.
A fastest alternative is to use the CDN fast.dpdk.org.
Signed-off-by: Thomas Monjalon <thomas.monjalon@6wind.com> Acked-by: Kevin Traynor <ktraynor@redhat.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
Ben Pfaff [Thu, 1 Dec 2016 06:50:33 +0000 (22:50 -0800)]
ovn-controller: Remove obsolete concept of "stale" patched datapaths.
When ovn-controller implemented incremental processing, the set of
patched datapaths was revised on each trip through the main loop, so it
was necessary to notice datapaths that shouldn't exist anymore and remove
them.
With incremental processing gone, the set of patched datapaths is
built and torn down on every trip through the main loop, so there will
never be any stale datapaths. This commit retires the concept.
Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Russell Bryant <russell@ovn.org>
If nf_ct_frag6_gather() returns an error other than -EINPROGRESS, it
means that we still have a reference to the skb. We should free it
before returning from handle_fragments, as stated in the comment above.
Fixes: daaa7d647f81 ("netfilter: ipv6: avoid nf_iterate recursion") CC: Florian Westphal <fw@strlen.de> CC: Pravin B Shelar <pshelar@ovn.org> CC: Joe Stringer <joe@ovn.org> Signed-off-by: Daniele Di Proietto <diproiettod@ovn.org> Acked-by: Pravin B Shelar <pshelar@ovn.org> Signed-off-by: David S. Miller <davem@davemloft.net>
VMware-BZ: #1728498 Fixes: 2e602ea3dafa("compat: nf_defrag_ipv6: avoid nf_iterate recursion.") Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com> Acked-by: Joe Stringer <joe@ovn.org>
Alin Serdean [Thu, 27 Oct 2016 21:45:42 +0000 (21:45 +0000)]
ovsdb: Allow online compacting on Windows.
This patch allows online compacting to be done under Windows.
To achieve the above we need to close all file handles before trying to
rename the file, switch from rename to MoveFileEx (because rename/MoveFile
fails if the destination exists), reopen the right type of log after the
rename.
If we could not reopen the compacted database or the original database
after the close simply abort and rely on the service manager. This
can be changed in the future.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com> Co-authored-by: Ben Pfaff <blp@ovn.org> Signed-off-by: Ben Pfaff <blp@ovn.org> Tested-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Ben Pfaff [Thu, 24 Nov 2016 07:15:19 +0000 (23:15 -0800)]
ofp-actions: Add "ingress" and "egress" options to "sample" action.
Before Open vSwitch 2.5.90, IPFIX reports from Open vSwitch didn't include
whether the packet was ingressing or egressing the switch. Starting in
OVS 2.5.90, this information was available but only accurate if the action
included a port number that indicated a tunnel. Conflating these two does
not always make sense (not every packet involves a tunnel!), so this patch
makes it possible for the sample action to simply say whether it's for
ingress or egress.
This is difficult to test, since the "tests" directory of OVS does not have
a proper IPFIX listener. This passes those tests, plus a couple that just
verify that the actions are properly parsed and formatted. Benli did test
it end-to-end in a VMware use case.
Requested-by: Benli Ye <daniely@vmware.com> Tested-by: Benli Ye <daniely@vmware.com> Signed-off-by: Ben Pfaff <blp@ovn.org> Acked-by: Simon Horman <simon.horman@netronome.com>
ovn-northd: Force SNAT for multiple gateway routers.
When multiple gateway routers exist, a packet can
enter any gateway router. Once the packet reaches its
destination, its reverse direction should be via the
same gateway router. This is achieved by doing a SNAT
of the packet in the inward direction (towards logical space)
with a IP address of the gateway router such that packet travels back
to the same gateway router.
To do the above, we introduce two new options in the logical router.
options:dnat_force_snat_ip=$IP will force SNAT any packet to $IP if
it has been previously DNATted.
options:lb_force_snat_ip=$IP will force SNAT any packet to $IP if
it has been previously load-balanced.
Alin Serdean [Thu, 27 Oct 2016 23:48:54 +0000 (23:48 +0000)]
datapath-windows: pop buffer from packet / pop_vlan bug
Switch too memmove(RtlMoveMemory) instead of copy and predefined allocated
buffer.
Currently if we receive a pop_vlan action, and the vlan tag is inside the
Ethernet frame(not in the net buffer list information) we change the frame
without checking if the it was a vlan tagged or not.
This patch checks if it a vlan tagged frame and makes the action a
non-operation.
Ben Pfaff [Sun, 23 Oct 2016 17:49:26 +0000 (10:49 -0700)]
ovn-trace: Fix daemon exit for bad datapaths or flows.
When ovn-trace is running in daemon mode (with --detach), a trace command
received via unixctl (e.g. "ovs-appctl -t ovn-trace trace ...") should not
cause ovn-trace to exit, but it did. This fixes the problem.
Signed-off-by: Ben Pfaff <blp@ovn.org> Reviewed-by: Aaron Conole <aconole@redhat.com>
Aaron Conole [Fri, 21 Oct 2016 18:49:06 +0000 (14:49 -0400)]
checkpatch: Print file line numbers
The line numbers being printed were the line numbers for the patchfile.
This is sometimes okay to fix simple things (trailing or leading
whitespace, missing signoffs, etc). But more complicated fixes, or
those fixes which require a bit more care, aren't helped by this. So,
we use the implied file line number.
This can be useful with future work to 'mock' apply and build a real
contextual scanner for checking multi-line changes.
Signed-off-by: Aaron Conole <aconole@bytheb.org> Signed-off-by: Ben Pfaff <blp@ovn.org>
Binbin Xu [Thu, 13 Oct 2016 15:18:20 +0000 (23:18 +0800)]
netdev-dpdk: Assign value '0' to unsupported netdev features
When OVS&DPDK is used, DPDK doesn't support features 'advertised',
'supported' and 'peer'. If a physical port added to bridge, features
descirbed above can't be assigned, and the values are random.
Signed-off-by: Binbin Xu <xu.binbin1@zte.com.cn> Signed-off-by: Ben Pfaff <blp@ovn.org>
There has been enough confusion regarding logical switch datapath
arp responders in ovn to warrant some additional comments;
hence add a general description regarding why they exist and
document the special cases.
Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ramu Ramamurthy <ramu.ramamurthy@us.ibm.com> Co-authored-by: Ramu Ramamurthy <ramu.ramamurthy@us.ibm.com> Acked-by: Han Zhou <zhouhan@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Lance Richardson [Mon, 28 Nov 2016 20:50:04 +0000 (15:50 -0500)]
dist-docs: typo in IntegrationGuide.rst
Unbalanced angle bracket was causing 'Unknown target name: "ocf
<http://www.linux-ha.org/wiki/ocf_resource_agents".' error message
when building dist-docs.
Signed-off-by: Lance Richardson <lrichard@redhat.com> Signed-off-by: Russell Bryant <russell@ovn.org>
Russell Bryant [Wed, 23 Nov 2016 20:01:24 +0000 (15:01 -0500)]
rhel: Add EnvironmentFile for ovn services.
A previous commit documented how you do this using systemd
native interfaces for customizing services. However, it seems
that some people still would rather see environment variables
specified through an old-style sysconfig file. It seems harmless
enough to provide, so this patch adds it.
The "-" prefix to the filename means that systemd will ignore this
setting if the file does not exist and will not report any error.
Signed-off-by: Russell Bryant <russell@ovn.org> Acked-by: Simon Horman <simon.horman@netronome.com>
Ramu Ramamurthy [Fri, 4 Nov 2016 17:06:16 +0000 (10:06 -0700)]
ovn: Fix arping from vtep-gw physical port.
Currently, arping from a vtep-gw physical-switch port to
a VIF IP address does not work.
When a physical-switch-port arps for an IP address
of a VIF, that arp packet comes into the VIF hypervisor via a
vxlan tunnel. That arp packet must not be responded-to by the
arp responder table because, potentially, multiple hypervisors
could independently respond and confuse L2 learning at the
arp originator.
Ciara Loftus [Fri, 25 Nov 2016 10:41:11 +0000 (10:41 +0000)]
netdev-dpdk: Add support for DPDK 16.11
This commit announces support for DPDK 16.11. Compatibility with DPDK
v16.07 is not broken yet thanks to only minor code changes being needed
for the upgrade.
Signed-off-by: Ciara Loftus <ciara.loftus@intel.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
Yi-Hung Wei [Mon, 21 Nov 2016 21:42:41 +0000 (13:42 -0800)]
ovs-ofctl: Fix memory leak in bundle_print_errors().
In testcase "ofproto - bundle group mod with mod and add_or_mod command",
valgrind reports a memory leak with the following call stack.
xmalloc (util.c:112)
ofpbuf_resize__ (ofpbuf.c:246)
ofpbuf_push_uninit (ofpbuf.c:436)
ofpbuf_push (ofpbuf.c:459)
ofperr_decode_msg (ofp-errors.c:332)
bundle_print_errors (ovs-ofctl.c:692)
bundle_transact.constprop.25 (ovs-ofctl.c:728)
bundle_group_mod__ (ovs-ofctl.c:2663)
ofctl_group_mod__ (ovs-ofctl.c:2681)
ofctl_group_mod (ovs-ofctl.c:2736)
ovs_cmdl_run_command__ (command-line.c:115)
main (ovs-ofctl.c:151)
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
Ben Kelly [Sun, 20 Nov 2016 09:34:41 +0000 (20:34 +1100)]
ofproto: Drop flows between protected ports
Protected ports can not forward frames to other protected ports.
Unprotected ports can receive and forward frames to protected and other
unprotected ports.
Signed-off-by: Ben Kelly <ben@benjii.net> Signed-off-by: Simon Horman <simon.horman@netronome.com>
Lance Richardson [Mon, 21 Nov 2016 22:47:13 +0000 (17:47 -0500)]
rhel: fix ovn-common rpm installation failure
The directory /usr/lib/ocf/ does not exist if the pacemaker
package has not been installed, which causes installation of the
ovn-common rpm to fail on "mkdir /usr/lib/ocf/resource.d/ovn".
Allow for the possibility that /usr/lib/ocf does not exist by
using "mkdir -p".
Fixes: a4245b7869c8 ("ovn: Add ovn db servers ocf script in fedora packager") Signed-off-by: Lance Richardson <lrichard@redhat.com> Acked-by: Babu Shanmugam <bschanmu@redhat.com> Tested-by: Babu Shanmugam <bschanmu@redhat.com> Signed-off-by: Simon Horman <simon.horman@netronome.com>
Babu Shanmugam [Wed, 16 Nov 2016 10:13:11 +0000 (15:43 +0530)]
ovn: Add ovndb servers ocf script in debian packager
The OCF script will be present in the ovn-common package and installed
in the openvswitch scripts folder and a symbolic link to this file will
be created in the OCF resources folder.
The OCF resource agent name for this resource is ocf:ovn:ovndb-servers
Signed-off-by: Babu Shanmugam <bschanmu@redhat.com> Acked-by: Andy Zhou <azhou@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
Babu Shanmugam [Wed, 16 Nov 2016 10:13:10 +0000 (15:43 +0530)]
ovn: Add ovn db servers ocf script in fedora packager
The OCF script will be present in the ovn-common package and installed
in the openvswitch scripts folder. A symbolic link to this file will
be created in the OCF resources folder.
The OCF resource agent name for this resource is ocf:ovn:ovndb-servers
Signed-off-by: Babu Shanmugam <bschanmu@redhat.com> Acked-by: Andy Zhou <azhou@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
Babu Shanmugam [Wed, 16 Nov 2016 10:13:08 +0000 (15:43 +0530)]
ovn: ovn-ctl support for HA ovn DB servers
This patch adds support to start_ovsdb() function in ovn-ctl to start the
ovn db servers in backup mode. This can be done in the following ways
1. Use parameters --ovn-nb-sync-from-addr and --ovn-sb-sync-from-addr to
set the addresses of the active server.
2. Create files $etcdir/ovnnb-active.conf and $etcdir/ovnsb-active.conf
with the tcp url of the active servers.
Additional functions to promote a backup server to active and demote
active server to backup mode are also added in this patch
One can optionally set the DB parameters for northd in
$etcdir/ovn-northd-db-params.conf. For example,
The parameters will be used as is, by start_northd(). If this file exists,
start_northd() will not start the DB servers even if $OVN_MANAGE_OVSDB is
'yes'.
Signed-off-by: Babu Shanmugam <bschanmu@redhat.com> Acked-by: Andy Zhou <azhou@ovn.org> Signed-off-by: Andy Zhou <azhou@ovn.org>
Russell Bryant [Thu, 17 Nov 2016 13:32:28 +0000 (08:32 -0500)]
rhel: Support ovn-ctl args through env vars.
Update the systemd units for ovn-controller and ovn-northd to support
passing additional arguments to the ovn-ctl scripts through environment
variables. Also add some documentation to the top of these files that
describes how to specify these environment variables in systemd
configuration files.
Add similar documentation to the top of the ovn-controller-vtep system
unit to describe how to specify environment variables for options
passed to ovn-controller-vtep.
Signed-off-by: Russell Bryant <russell@ovn.org> Co-authored-by: Babu Shanmugam <bschanmu@redhat.com> Signed-off-by: Babu Shanmugam <bschanmu@redhat.com> Acked-by: Simon Horman <simon.horman@netronome.com>
projects / mirror_ovs.git / log