3 # /etc/init.d/openvswitch-switch
5 # Written by Miquel van Smoorenburg <miquels@cistron.nl>.
6 # Modified for Debian by Ian Murdock <imurdock@gnu.ai.mit.edu>.
7 # Further changes by Javier Fernandez-Sanguino <jfs@debian.org>
8 # Modified for openvswitch-switch.
10 # Version: @(#)skeleton 1.9 26-Feb-2001 miquels@cistron.nl
13 # Provides: openvswitch-switch
14 # Required-Start: $network $named $remote_fs $syslog
16 # Default-Start: 2 3 4 5
18 # Short-Description: Open vSwitch switch
21 PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
22 DAEMON=/usr/sbin/ovs-openflowd
26 test -x $DAEMON || exit 0
30 LOGDIR=/var/log/openvswitch
31 PIDFILE=/var/run/$NAME.pid
32 DHCLIENT_PIDFILE=/var/run/dhclient.of0.pid
33 DODTIME=1 # Time to wait for the server to die, in seconds
34 # If this value is set too low you might not
35 # let some servers to die gracefully and
36 # 'restart' will not work
38 # Include ovs-openflowd defaults if available
52 default=/etc/default/openvswitch-switch
53 if [ -f $default ] ; then
61 # Check if a given process pid's cmdline matches a given name
64 [ -z "$pid" ] && return 1
65 [ ! -d /proc/$pid ] && return 1
66 cmd=`cat /proc/$pid/cmdline | tr "\000" "\n"|head -n 1 |cut -d : -f 1`
67 # Is this the expected child?
80 # Check if the process is running looking at /proc
81 # (works for all users)
83 # No pidfile, probably no daemon present
84 [ ! -f "$PIDFILE" ] && return 1
85 # Obtain the pid and check it against the binary name
87 running_pid $pid $NAME || return 1
92 # Forcefully kill the process
93 [ ! -f "$PIDFILE" ] && return
97 [ -n "$DODTIME" ] && sleep "$DODTIME"s
100 [ -n "$DODTIME" ] && sleep "$DODTIME"s
102 echo "Cannot kill $NAME (pid=$pid)!"
133 if (test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap) \
134 || test ! -e "$PRIVKEY" || test ! -e "$CERT" \
135 || (test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap); then
136 if test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap
138 echo "CACERT_MODE is not set to 'secure' or 'bootstrap'"
140 if test ! -e "$PRIVKEY"; then
141 echo "$PRIVKEY: private key missing" >&2
143 if test ! -e "$CERT"; then
144 echo "$CERT: certificate for private key missing" >&2
146 if test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap; then
147 echo "$CACERT: CA certificate missing (and CA certificate bootstrapping not enabled)" >&2
149 echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2
150 if test "$MODE" = discovery; then
151 echo "You may also delete or rename $PRIVKEY to disable SSL requirement" >&2
156 SSL_OPTS="--private-key=$PRIVKEY --certificate=$CERT"
157 if test ! -e "$CACERT" && test "$CACERT_MODE" = bootstrap; then
158 SSL_OPTS="$SSL_OPTS --bootstrap-ca-cert=$CACERT"
160 SSL_OPTS="$SSL_OPTS --ca-cert=$CACERT"
166 if test -n "$value"; then
167 if expr "X$value" : 'X[0-9][0-9]*$' > /dev/null 2>&1; then
168 if test $value -lt $2; then
169 echo "warning: The $1 option may not be set to a value below $2, treating as $2" >&2
173 echo "warning: The $1 option must be set to a number, ignoring" >&2
182 echo "warning: The $1 option in DAEMON_OPTS may now be set with the $2 variable in $default. The setting in DAEMON_OPTS will override the $2 variable, which will prevent the switch UI from configuring $1." >&2
189 if test -z "$NETDEVS"; then
190 echo "$default: No network devices configured, switch disabled" >&2
191 echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2
194 if test "$MODE" = discovery; then
196 elif test "$MODE" = in-band || test "$MODE" = out-of-band; then
197 if test -z "$CONTROLLER"; then
198 echo "$default: No controller configured and not configured for discovery, switch disabled" >&2
199 echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2
203 echo "$default: MODE must set to 'discovery', 'in-band', or 'out-of-band'" >&2
204 echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2
207 : ${PRIVKEY:=/etc/openvswitch-switch/of0-privkey.pem}
208 : ${CERT:=/etc/openvswitch-switch/of0-cert.pem}
209 : ${CACERT:=/etc/openvswitch-switch/cacert.pem}
213 if test -e "$PRIVKEY"; then
223 echo "$default: CONTROLLER must be in the form 'ssl:IP[:PORT]' or 'tcp:IP[:PORT]' when not in discovery mode" >&2
224 echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2
227 case $DISCONNECTED_MODE in
229 *) echo "$default: warning: DISCONNECTED_MODE is not 'switch' or 'drop'" >&2 ;;
232 check_int_var RATE_LIMIT 100
233 check_int_var INACTIVITY_PROBE 5
234 check_int_var MAX_BACKOFF 1
236 check_new_option --fail DISCONNECTED_MODE
237 check_new_option --stp STP
238 check_new_option --rate-limit RATE_LIMIT
239 check_new_option --inactivity INACTIVITY_PROBE
240 check_new_option --max-backoff MAX_BACKOFF
243 echo "$default: --rate-limit may now be set with RATE_LIMIT" >&2
246 echo -n "Loading openvswitch_mod: "
247 if grep -q '^openvswitch_mod$' /proc/modules; then
248 echo "already loaded, nothing to do."
249 elif modprobe openvswitch_mod; then
253 echo "openvswitch_mod has probably not been built for this kernel."
254 if ! test -d /usr/share/doc/openvswitch-datapath-source; then
255 echo "Install the openvswitch-datapath-source package, then read"
256 echo "/usr/share/doc/openvswitch-datapath-source/README.Debian"
258 echo "For instructions, read"
259 echo "/usr/share/doc/openvswitch-datapath-source/README.Debian"
264 echo -n "Loading ip_gre_mod: "
265 if grep -q '^ip_gre$' /proc/modules; then
268 if grep -q '^ip_gre_mod$' /proc/modules; then
269 echo "already loaded, nothing to do."
270 elif modprobe ip_gre_mod; then
273 echo "could not find module."
276 for netdev in $NETDEVS; do
277 check_op "Removing IP address from $netdev" ifconfig $netdev 0.0.0.0
280 must_succeed "Creating datapath" ovs-dpctl add-dp of0 $NETDEVS
282 xx='[0-9abcdefABCDEF][0-9abcdefABCDEF]'
285 # Check if the DMI System UUID contains a Nicira mac address
286 # that should be used for this datapath. The UUID is assumed
287 # to be RFC 4122 compliant.
288 DMIDECODE=`which dmidecode`
289 if [ -n $DMIDECODE ]; then
290 UUID_MAC=`$DMIDECODE -s system-uuid | cut -d'-' -f 5`
294 must_succeed "Setting of0 MAC address to $UUID_MAC" ifconfig of0 hw ether $UUID_MAC
300 $xx:$xx:$xx:$xx:$xx:$xx)
302 must_succeed "Setting of0 MAC address to $DATAPATH_ID" ifconfig of0 hw ether $DATAPATH_ID
306 echo "DATAPATH_ID is not a valid MAC address in the form XX:XX:XX:XX:XX:XX, ignoring" >&2
310 if test "$MODE" = in-band; then
311 if test "$SWITCH_IP" = dhcp; then
312 must_succeed "Temporarily disabling of0" ifconfig of0 down
314 COMMAND="ifconfig of0 $SWITCH_IP"
315 if test -n "$SWITCH_NETMASK"; then
316 COMMAND="$COMMAND netmask $SWITCH_NETMASK"
318 must_succeed "Configuring of0: $COMMAND" $COMMAND
319 if test -n "$SWITCH_GATEWAY"; then
320 # This can fail because the route already exists,
321 # so we don't insist that it succeed.
322 COMMAND="route add default gw $SWITCH_GATEWAY"
323 check_op "Adding default route: $COMMAND" $COMMAND
327 must_succeed "Disabling of0" ifconfig of0 down
330 if test -n "$CORE_LIMIT"; then
331 check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT"
334 # Compose ovs-openflowd options.
336 set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err
337 set -- "$@" --log-file
338 set -- "$@" --detach --pidfile=$PIDFILE
339 for vconn in $MGMT_VCONNS; do
340 set -- "$@" --listen="$vconn"
342 if test -n "$COMMANDS"; then
343 set -- "$@" --command-acl="$COMMANDS"
346 yes) set -- "$@" --stp ;;
347 no) set -- "$@" --no-stp ;;
349 case $DISCONNECTED_MODE in
350 switch) set -- "$@" --fail=open ;;
351 drop) set -- "$@" --fail=closed ;;
353 if test -n "$RATE_LIMIT"; then
354 set -- "$@" --rate-limit=$RATE_LIMIT
356 if test -n "$INACTIVITY_PROBE"; then
357 set -- "$@" --inactivity-probe=$INACTIVITY_PROBE
359 if test -n "$MAX_BACKOFF"; then
360 set -- "$@" --max-backoff=$MAX_BACKOFF
362 set -- "$@" $SSL_OPTS $DAEMON_OPTS
363 if test "$MODE" = out-of-band; then
364 set -- "$@" --out-of-band
366 set -- "$@" of0 "$CONTROLLER"
367 echo -n "Starting $DESC: "
368 start-stop-daemon --start --quiet --pidfile $PIDFILE \
369 --exec $DAEMON -- "$@"
376 if test "$MODE" = in-band && test "$SWITCH_IP" = dhcp; then
377 echo -n "Starting dhclient on of0: "
378 start-stop-daemon --start --quiet --pidfile $DHCLIENT_PIDFILE \
379 --exec /sbin/dhclient -- -q -pf $DHCLIENT_PIDFILE of0
388 if test -e /var/run/dhclient.of0.pid; then
389 echo -n "Stopping dhclient on of0: "
390 start-stop-daemon --stop --quiet --oknodo \
391 --pidfile $DHCLIENT_PIDFILE --exec /sbin/dhclient
395 echo -n "Stopping $DESC: "
396 start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE \
400 check_op "Deleting datapath" ovs-dpctl del-dp of0
401 echo -n "Unloading ip_gre module: "
402 if modprobe -r ip_gre_mod; then
405 check_op "Unloading kernel module" modprobe -r openvswitch_mod
408 echo -n "Forcefully stopping $DESC: "
419 start-stop-daemon --stop --test --quiet --pidfile \
420 $PIDFILE --exec $DAEMON \
439 echo "Usage: $N {start|stop|restart|force-reload|status|force-stop}" >&2