2 # Copyright (C) 2009, 2010, 2011, 2012 Nicira, Inc.
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at:
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
17 */*) dir0=`echo "$0" | sed 's,/[^/]*$,,'` ;;
20 . "$dir0/ovs-lib" || exit 1
22 for dir in "$sbindir" "$bindir" /sbin /bin /usr/sbin /usr/bin; do
33 insert_openvswitch_mod_if_required () {
34 # If openvswitch is already loaded then we're done.
35 test -e /sys/module/openvswitch -o -e /sys/module/openvswitch_mod && \
38 # Load openvswitch. If that's successful then we're done.
39 action "Inserting openvswitch module" modprobe openvswitch && return 0
41 # If the bridge module is loaded, then that might be blocking
42 # openvswitch. Try to unload it, if there are no bridges.
43 test -e /sys/module/bridge || return 1
44 bridges=`echo /sys/class/net/*/bridge | sed 's,/sys/class/net/,,g;s,/bridge,,g'`
45 if test "$bridges" != "*"; then
46 log_warning_msg "not removing bridge module because bridges exist ($bridges)"
49 action "removing bridge module" rmmod bridge || return 1
51 # Try loading openvswitch again.
52 action "Inserting openvswitch module" modprobe openvswitch
55 insert_brcompat_mod_if_required () {
56 if test -e /sys/module/bridge; then
57 log_warning_msg "bridge module is loaded, not loading brcompat"
60 test -e /sys/module/brcompat -o -e /sys/module/brcompat_mod && return 0
61 action "Inserting brcompat module" modprobe brcompat
64 insert_mod_if_required () {
65 insert_openvswitch_mod_if_required || return 1
66 if test X"$BRCOMPAT" = Xyes; then
67 insert_brcompat_mod_if_required || return 1
72 ovs-vsctl --no-wait --timeout=5 "$@"
76 ovsdb-tool -vconsole:off "$@"
80 action "Creating empty database $DB_FILE" ovsdb_tool create "$DB_FILE" "$DB_SCHEMA"
84 schemaver=`ovsdb_tool schema-version "$DB_SCHEMA"`
85 if test ! -e "$DB_FILE"; then
86 log_warning_msg "$DB_FILE does not exist"
87 install -d -m 755 -o root -g root `dirname $DB_FILE`
89 elif test X"`ovsdb_tool needs-conversion "$DB_FILE" "$DB_SCHEMA"`" != Xno; then
90 # Back up the old version.
91 version=`ovsdb_tool db-version "$DB_FILE"`
92 cksum=`ovsdb_tool db-cksum "$DB_FILE" | awk '{print $1}'`
93 backup=$DB_FILE.backup$version-$cksum
94 action "Backing up database to $backup" cp "$DB_FILE" "$backup" || return 1
96 # Compact database. This is important if the old schema did not enable
97 # garbage collection (i.e. if it did not have any tables with "isRoot":
98 # true) but the new schema does. In that situation the old database
99 # may contain a transaction that creates a record followed by a
100 # transaction that creates the first use of the record. Replaying that
101 # series of transactions against the new database schema (as "convert"
102 # does) would cause the record to be dropped by the first transaction,
103 # then the second transaction would cause a referential integrity
104 # failure (for a strong reference).
106 # Errors might occur on an Open vSwitch downgrade if ovsdb-tool doesn't
107 # understand some feature of the schema used in the OVSDB version that
108 # we're downgrading from, so we don't give up on error.
109 action "Compacting database" ovsdb_tool compact "$DB_FILE"
111 # Upgrade or downgrade schema.
112 if action "Converting database schema" ovsdb_tool convert "$DB_FILE" "$DB_SCHEMA"; then
115 log_warning_msg "Schema conversion failed, using empty database instead"
123 set ovs_vsctl set Open_vSwitch .
125 OVS_VERSION=`ovs-vswitchd --version | sed 's/.*) //;1q'`
126 set "$@" ovs-version="$OVS_VERSION"
130 id_file=$etcdir/system-id.conf
131 uuid_file=$etcdir/install_uuid.conf
132 if test -e "$id_file"; then
133 SYSTEM_ID=`cat "$id_file"`
134 elif test -e "$uuid_file"; then
135 # Migrate from old file name.
137 SYSTEM_ID=$INSTALLATION_UUID
138 echo "$SYSTEM_ID" > "$id_file"
139 elif SYSTEM_ID=`uuidgen`; then
140 echo "$SYSTEM_ID" > "$id_file"
142 log_failure_msg "missing uuidgen, could not generate system ID"
147 log_failure_msg "system ID not configured, please use --system-id"
153 set "$@" external-ids:system-id="\"$SYSTEM_ID\""
155 if test X"$SYSTEM_TYPE" != X; then
156 set "$@" system-type="\"$SYSTEM_TYPE\""
158 log_failure_msg "no default system type, please use --system-type"
161 if test X"$SYSTEM_VERSION" != X; then
162 set "$@" system-version="\"$SYSTEM_VERSION\""
164 log_failure_msg "no default system version, please use --system-version"
167 action "Configuring Open vSwitch system IDs" "$@" $extra_ids
171 if test X"$FORCE_COREFILES" = Xyes; then
175 insert_mod_if_required || return 1
177 if daemon_is_running ovsdb-server; then
178 log_success_msg "ovsdb-server is already running"
180 # Create initial database or upgrade database schema.
181 upgrade_db || return 1
183 # Start ovsdb-server.
184 set ovsdb-server "$DB_FILE"
185 set "$@" -vconsole:emer -vsyslog:err -vfile:info
186 set "$@" --remote=punix:"$DB_SOCK"
187 set "$@" --remote=db:Open_vSwitch,manager_options
188 set "$@" --private-key=db:SSL,private_key
189 set "$@" --certificate=db:SSL,certificate
190 set "$@" --bootstrap-ca-cert=db:SSL,ca_cert
191 start_daemon "$OVSDB_SERVER_PRIORITY" "$OVSDB_SERVER_WRAPPER" "$@" \
194 # Initialize database settings.
195 ovs_vsctl -- init -- set Open_vSwitch . db-version="$schemaver" \
197 set_system_ids || return 1
198 if test X"$DELETE_BRIDGES" = Xyes; then
199 for bridge in `ovs_vsctl list-br`; do
200 ovs_vsctl del-br $bridge
205 if daemon_is_running ovs-vswitchd; then
206 log_success_msg "ovs-vswitchd is already running"
208 # Increase the limit on the number of open file descriptors.
209 # ovs-vswitchd needs 16 per datapath, plus a few extra, so this
210 # should allow for 256 (or more) bridges.
213 # Start ovs-vswitchd.
214 set ovs-vswitchd unix:"$DB_SOCK"
215 set "$@" -vconsole:emer -vsyslog:err -vfile:info
216 if test X"$MLOCKALL" != Xno; then
219 start_daemon "$OVS_VSWITCHD_PRIORITY" "$OVS_VSWITCHD_WRAPPER" "$@"
222 if daemon_is_running ovs-brcompatd; then
223 log_success_msg "ovs-brcompatd is already running"
224 elif test X"$BRCOMPAT" = Xyes; then
226 set "$@" -vconsole:emer -vsyslog:err -vfile:info
227 start_daemon "$OVS_BRCOMPATD_PRIORITY" "$OVS_BRCOMPATD_WRAPPER" "$@"
236 stop_daemon ovs-brcompatd
237 stop_daemon ovs-vswitchd
238 stop_daemon ovsdb-server
241 ## ----------------- ##
242 ## force-reload-kmod ##
243 ## ----------------- ##
245 internal_interfaces () {
246 # Outputs a list of internal interfaces:
248 # - There is an internal interface for every bridge, whether it
249 # has an Interface record or not and whether the Interface
250 # record's 'type' is properly set or not.
252 # - There is an internal interface for each Interface record whose
253 # 'type' is 'internal'.
255 # But ignore interfaces that don't really exist.
256 for d in `(ovs_vsctl --bare \
257 -- --columns=name find Interface type=internal \
258 -- list-br) | sort -u`
260 if test -e "/sys/class/net/$d"; then
267 "$datadir/scripts/ovs-save" $ifaces > "$script"
270 force_reload_kmod () {
271 ifaces=`internal_interfaces`
272 action "Detected internal interfaces: $ifaces" true
277 trap 'rm -f "$script"' 0 1 2 13 15
278 if action "Saving interface configuration" save_interfaces; then
281 log_warning_msg "Failed to save configuration, not replacing kernel module"
287 for dp in `ovs-dpctl dump-dps`; do
288 action "Removing datapath: $dp" ovs-dpctl del-dp "$dp"
291 # try both old and new names in case this is post upgrade
292 if test -e /sys/module/brcompat_mod; then
293 action "Removing brcompat module" rmmod brcompat_mod
294 elif test -e /sys/module/brcompat; then
295 action "Removing brcompat module" rmmod brcompat
297 if test -e /sys/module/openvswitch_mod; then
298 action "Removing openvswitch module" rmmod openvswitch_mod
299 elif test -e /sys/module/openvswitch; then
300 action "Removing openvswitch module" rmmod openvswitch
305 action "Restoring interface configuration" "$script"
307 if test $rc = 0; then
312 log="logger -p daemon.$level -t ovs-save"
313 $log "force-reload-kmod interface restore script exited with status $rc:"
316 "$datadir/scripts/ovs-check-dead-ifs"
319 ## --------------- ##
320 ## enable-protocol ##
321 ## --------------- ##
324 # Translate the protocol name to a number, because "iptables -n -L" prints
325 # some protocols by name (despite the -n) and therefore we need to look for
328 # (iptables -S output is more uniform but old iptables doesn't have it.)
329 protonum=`grep "^$PROTOCOL[ ]" /etc/protocols | awk '{print $2}'`
330 if expr X"$protonum" : X'[0-9]\{1,\}$' > /dev/null; then :; else
331 log_failure_msg "unknown protocol $PROTOCOL"
336 match="(\$2 == \"$PROTOCOL\" || \$2 == $protonum)"
337 insert="iptables -I INPUT -p $PROTOCOL"
338 if test X"$DPORT" != X; then
339 name="$name to port $DPORT"
340 match="$match && /dpt:$DPORT/"
341 insert="$insert --dport $DPORT"
343 if test X"$SPORT" != X; then
344 name="$name from port $SPORT"
345 match="$match && /spt:$SPORT/"
346 insert="$insert --sport $SPORT"
348 insert="$insert -j ACCEPT"
350 if (iptables -n -L INPUT) >/dev/null 2>&1; then
351 if iptables -n -L INPUT | awk "$match { n++ } END { exit n == 0 }"
353 # There's already a rule for this protocol. Don't override it.
354 log_success_msg "iptables already has a rule for $name, not explicitly enabling"
356 action "Enabling $name with iptables" $insert
358 elif (iptables --version) >/dev/null 2>&1; then
359 action "cannot list iptables rules, not adding a rule for $name"
361 action "iptables binary not installed, not adding a rule for $name"
378 OVSDB_SERVER_PRIORITY=-10
379 OVS_VSWITCHD_PRIORITY=-10
380 OVS_BRCOMPATD_PRIORITY=-10
381 OVSDB_SERVER_WRAPPER=
382 OVS_VSWITCHD_WRAPPER=
383 OVS_BRCOMPATD_WRAPPER=
385 DB_FILE=$etcdir/conf.db
386 DB_SOCK=$rundir/db.sock
387 DB_SCHEMA=$datadir/vswitch.ovsschema
393 type_file=$etcdir/system-type.conf
394 version_file=$etcdir/system-version.conf
396 if test -e "$type_file" ; then
397 SYSTEM_TYPE=`cat $type_file`
398 SYSTEM_VERSION=`cat $version_file`
399 elif (lsb_release --id) >/dev/null 2>&1; then
400 SYSTEM_TYPE=`lsb_release --id -s`
401 system_release=`lsb_release --release -s`
402 system_codename=`lsb_release --codename -s`
403 SYSTEM_VERSION="${system_release}-${system_codename}"
406 SYSTEM_VERSION=unknown
413 $0: controls Open vSwitch daemons
414 usage: $0 [OPTIONS] COMMAND
416 This program is intended to be invoked internally by Open vSwitch startup
417 scripts. System administrators should not normally invoke it directly.
420 start start Open vSwitch daemons
421 stop stop Open vSwitch daemons
422 status check whether Open vSwitch daemons are running
423 version print versions of Open vSwitch daemons
424 load-kmod insert modules if not already present
425 force-reload-kmod save OVS network device state, stop OVS, unload kernel
426 module, reload kernel module, start OVS, restore state
427 enable-protocol enable protocol specified in options with iptables
428 help display this help message
430 One of the following options is required for "start" and "force-reload-kmod":
431 --system-id=UUID set specific ID to uniquely identify this system
432 --system-id=random use a random but persistent UUID to identify this system
434 Other important options for "start" and "force-reload-kmod":
435 --system-type=TYPE set system type (e.g. "XenServer")
436 --system-version=VERSION set system version (e.g. "5.6.100-39265p")
437 --external-id="key=value"
438 add given key-value pair to Open_vSwitch external-ids
439 --delete-bridges delete all bridges just before starting ovs-vswitchd
441 Less important options for "start" and "force-reload-kmod":
442 --daemon-cwd=DIR set working dir for OVS daemons (default: $DAEMON_CWD)
443 --no-force-corefiles do not force on core dumps for OVS daemons
444 --no-mlockall do not lock all of ovs-vswitchd into memory
445 --ovsdb-server-priority=NICE set ovsdb-server's niceness (default: $OVSDB_SERVER_PRIORITY)
446 --ovs-vswitchd-priority=NICE set ovs-vswitchd's niceness (default: $OVS_VSWITCHD_PRIORITY)
447 --ovs-brcompatd-priority=NICE set ovs-brcompatd's niceness (default: $OVS_BRCOMPATD_PRIORITY)
449 Debugging options for "start" and "force-reload-kmod":
450 --ovsdb-server-wrapper=WRAPPER
451 --ovs-vswitchd-wrapper=WRAPPER
452 --ovs-vswitchd-wrapper=WRAPPER
453 run specified daemon under WRAPPER (either 'valgrind' or 'strace')
455 Options for "start", "force-reload-kmod", "load-kmod", "status", and "version":
456 --brcompat enable Linux bridge compatibility module and daemon
458 File location options:
459 --db-file=FILE database file name (default: $DB_FILE)
460 --db-sock=SOCKET JSON-RPC socket name (default: $DB_SOCK)
461 --db-schema=FILE database schema file name (default: $DB_SCHEMA)
463 Options for "enable-protocol":
464 --protocol=PROTOCOL protocol to enable with iptables (default: gre)
465 --sport=PORT source port to match (for tcp or udp protocol)
466 --dport=PORT ddestination port to match (for tcp or udp protocol)
469 -h, --help display this help message
470 -V, --version display version information
472 Default directories with "configure" option and environment variable override:
473 logs: @LOGDIR@ (--log-dir, OVS_LOGDIR)
474 pidfiles and sockets: @RUNDIR@ (--run-dir, OVS_RUNDIR)
475 system configuration: @sysconfdir@ (--sysconfdir, OVS_SYSCONFDIR)
476 data files: @pkgdatadir@ (--pkgdatadir, OVS_PKGDATADIR)
477 user binaries: @bindir@ (--bindir, OVS_BINDIR)
478 system binaries: @sbindir@ (--sbindir, OVS_SBINDIR)
480 Please report bugs to bugs@openvswitch.org (see REPORTING-BUGS for details).
487 var=`echo "$option" | tr abcdefghijklmnopqrstuvwxyz- ABCDEFGHIJKLMNOPQRSTUVWXYZ_`
488 eval set=\${$var+yes}
489 eval old_value=\$$var
490 if test X$set = X || \
491 (test $type = bool && \
492 test X"$old_value" != Xno && test X"$old_value" != Xyes); then
493 echo >&2 "$0: unknown option \"$arg\" (use --help for help)"
500 echo ovsdb-server ovs-vswitchd
501 if test X"$BRCOMPAT" = Xyes; then
516 echo "$0 (Open vSwitch) $VERSION"
520 value=`expr X"$arg" : 'X[^=]*=\(.*\)'`
523 extra_ids="$extra_ids external-ids:$value"
526 echo >&2 "$0: --external-id argument not in the form \"key=value\""
532 option=`expr X"$arg" : 'X--\([^=]*\)'`
533 value=`expr X"$arg" : 'X[^=]*=\(.*\)'`
538 option=`expr X"$arg" : 'X--no-\(.*\)'`
544 option=`expr X"$arg" : 'X--\(.*\)'`
550 echo >&2 "$0: unknown option \"$arg\" (use --help for help)"
554 if test X"$command" = X; then
557 echo >&2 "$0: exactly one non-option argument required (use --help for help)"
572 for daemon in `daemons`; do
573 daemon_status $daemon || rc=$?
578 for daemon in `daemons`; do
586 insert_mod_if_required
595 echo >&2 "$0: missing command name (use --help for help)"
599 echo >&2 "$0: unknown command \"$command\" (use --help for help)"