2 # Copyright (C) 2009, 2010, 2011 Nicira Networks, Inc.
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at:
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
17 */*) dir0=`echo "$0" | sed 's,/[^/]*$,,'` ;;
20 . "$dir0/ovs-lib.sh" || exit 1
22 for dir in "$sbindir" "$bindir" /sbin /bin /usr/sbin /usr/bin; do
33 insert_modules_if_required () {
34 # If openvswitch_mod is already loaded then we're done.
35 test -e /sys/module/openvswitch_mod && return 0
37 # Load openvswitch_mod. If that's successful then we're done.
38 action "Inserting openvswitch module" modprobe openvswitch_mod && return 0
40 # If the bridge module is loaded, then that might be blocking
41 # openvswitch_mod. Try to unload it, if there are no bridges.
42 test -e /sys/module/bridge || return 1
43 bridges=`echo /sys/class/net/*/bridge | sed 's,/sys/class/net/,,g;s,/bridge,,g'`
44 if test "$bridges" != "*"; then
45 log_warning_msg "not removing bridge module because bridges exist ($bridges)"
48 action "removing bridge module" rmmod bridge || return 1
50 # Try loading openvswitch_mod again.
51 action "Inserting openvswitch module" modprobe openvswitch_mod
55 ovs-vsctl --no-wait --timeout=5 "$@"
59 ovsdb-tool -vANY:console:emer "$@"
63 schemaver=`ovsdb_tool schema-version "$DB_SCHEMA"`
64 if test ! -e "$DB_FILE"; then
65 log_warning_msg "$DB_FILE does not exist"
66 install -d -m 755 -o root -g root `dirname $DB_FILE`
68 action "Creating empty database $DB_FILE" true
69 ovsdb_tool create "$DB_FILE" "$DB_SCHEMA"
70 elif test X"`ovsdb_tool needs-conversion "$DB_FILE" "$DB_SCHEMA"`" != Xno; then
71 # Back up the old version.
72 version=`ovsdb_tool db-version "$DB_FILE"`
73 cksum=`ovsdb_tool db-cksum "$DB_FILE" | awk '{print $1}'`
74 cp "$DB_FILE" "$DB_FILE.backup$version-$cksum"
76 # Compact database. This is important if the old schema did not enable
77 # garbage collection (i.e. if it did not have any tables with "isRoot":
78 # true) but the new schema does. In that situation the old database
79 # may contain a transaction that creates a record followed by a
80 # transaction that creates the first use of the record. Replaying that
81 # series of transactions against the new database schema (as "convert"
82 # does) would cause the record to be dropped by the first transaction,
83 # then the second transaction would cause a referential integrity
84 # failure (for a strong reference).
85 ovsdb_tool compact "$DB_FILE"
87 # Upgrade or downgrade schema.
88 ovsdb_tool convert "$DB_FILE" "$DB_SCHEMA"
93 set ovs_vsctl set Open_vSwitch .
95 OVS_VERSION=`ovs-vswitchd --version | sed 's/.*) //;1q'`
96 set "$@" ovs-version="$OVS_VERSION"
100 id_file=$etcdir/system-id.conf
101 uuid_file=$etcdir/install_uuid.conf
102 if test -e "$id_file"; then
103 SYSTEM_ID=`cat "$id_file"`
104 elif test -e "$uuid_file"; then
105 # Migrate from old file name.
107 SYSTEM_ID=$INSTALLATION_UUID
108 echo "$SYSTEM_ID" > "$id_file"
109 elif SYSTEM_ID=`uuidgen`; then
110 echo "$SYSTEM_ID" > "$id_file"
112 log_failure_msg "missing uuidgen, could not generate system ID"
117 log_failure_msg "system ID not configured, please use --system-id"
123 set "$@" external-ids:system-id="\"$SYSTEM_ID\""
125 if test X"$SYSTEM_TYPE" != X; then
126 set "$@" system-type="\"$SYSTEM_TYPE\""
128 log_failure_msg "no default system type, please use --system-type"
131 if test X"$SYSTEM_VERSION" != X; then
132 set "$@" system-version="\"$SYSTEM_VERSION\""
134 log_failure_msg "no default system version, please use --system-version"
137 action "Configuring Open vSwitch system IDs" "$@" $extra_ids
141 if test X"$FORCE_COREFILES" = Xyes; then
145 insert_modules_if_required || return 1
147 if daemon_is_running ovsdb-server; then
148 log_success_msg "ovsdb-server is already running"
150 # Create initial database or upgrade database schema.
151 upgrade_db || return 1
153 # Start ovsdb-server.
154 set ovsdb-server "$DB_FILE"
155 set "$@" -vANY:CONSOLE:EMER -vANY:SYSLOG:ERR -vANY:FILE:INFO
156 set "$@" --remote=punix:"$DB_SOCK"
157 set "$@" --remote=db:Open_vSwitch,manager_options
158 set "$@" --private-key=db:SSL,private_key
159 set "$@" --certificate=db:SSL,certificate
160 set "$@" --bootstrap-ca-cert=db:SSL,ca_cert
161 start_daemon "$OVSDB_SERVER_PRIORITY" "$@" || return 1
163 # Initialize database settings.
164 ovs_vsctl -- init -- set Open_vSwitch . db-version="$schemaver" \
166 set_system_ids || return 1
167 if test X"$DELETE_BRIDGES" = Xyes; then
168 for bridge in `ovs_vsctl list-br`; do
169 ovs_vsctl del-br $bridge
174 if daemon_is_running ovs-vswitchd; then
175 log_success_msg "ovs-vswitchd is already running"
177 # Increase the limit on the number of open file descriptors since
178 # ovs-vswitchd needs a few per bridge
181 # Start ovs-vswitchd.
182 set ovs-vswitchd unix:"$DB_SOCK"
183 set "$@" -vANY:CONSOLE:EMER -vANY:SYSLOG:ERR -vANY:FILE:INFO
184 if test X"$MLOCKALL" != Xno; then
187 start_daemon "$VSWITCHD_PRIORITY" "$@"
196 stop_daemon ovs-vswitchd
197 stop_daemon ovsdb-server
200 ## ----------------- ##
201 ## force-reload-kmod ##
202 ## ----------------- ##
204 internal_interfaces () {
205 # Outputs a list of internal interfaces:
207 # - There is an internal interface for every bridge, whether it
208 # has an Interface record or not and whether the Interface
209 # record's 'type' is properly set or not.
211 # - There is an internal interface for each Interface record whose
212 # 'type' is 'internal'.
214 # But ignore interfaces that don't really exist.
215 for d in `(ovs_vsctl --bare \
216 -- --columns=name find Interface type=internal \
217 -- list-br) | sort -u`
219 if test -e "/sys/class/net/$d"; then
226 "$datadir/scripts/ovs-save" $ifaces > "$script"
229 force_reload_kmod () {
230 ifaces=`internal_interfaces`
231 action "Detected internal interfaces: $ifaces" true
236 trap 'rm -f "$script"' 0 1 2 13 15
237 if action "Saving interface configuration" save_interfaces; then
240 log_warning_msg "Failed to save configuration, not replacing kernel module"
246 for dp in `ovs-dpctl dump-dps`; do
247 action "Removing datapath: $dp" "$dpctl" del-dp "$dp"
250 if test -e /sys/module/openvswitch_mod; then
251 action "Removing openvswitch module" rmmod openvswitch_mod
256 action "Restoring interface configuration" "$script"
258 if test $rc = 0; then
263 log="logger -p daemon.$level -t ovs-save"
264 $log "force-reload-kmod interface restore script exited with status $rc:"
268 ## --------------- ##
269 ## enable-protocol ##
270 ## --------------- ##
273 # Translate the protocol name to a number, because "iptables -n -L" prints
274 # some protocols by name (despite the -n) and therefore we need to look for
277 # (iptables -S output is more uniform but old iptables doesn't have it.)
278 protonum=`grep "^$PROTOCOL[ ]" /etc/protocols | awk '{print $2}'`
279 if expr X"$protonum" : X'[0-9]\{1,\}$' > /dev/null; then :; else
280 log_failure_msg "unknown protocol $PROTOCOL"
285 match="(\$2 == \"$PROTOCOL\" || \$2 == $protonum)"
286 insert="iptables -I INPUT -p $PROTOCOL"
287 if test X"$DPORT" != X; then
288 name="$name to port $DPORT"
289 match="$match && /dpt:$DPORT/"
290 insert="$insert --dport $DPORT"
292 if test X"$SPORT" != X; then
293 name="$name from port $SPORT"
294 match="$match && /spt:$SPORT/"
295 insert="$insert --sport $SPORT"
297 insert="$insert -j ACCEPT"
299 if (iptables -n -L INPUT) >/dev/null 2>&1; then
300 if iptables -n -L INPUT | awk "$match { n++ } END { exit n == 0 }"
302 # There's already a rule for this protocol. Don't override it.
303 log_success_msg "iptables already has a rule for $name, not explicitly enabling"
305 action "Enabling $name with iptables" $insert
307 elif (iptables --version) >/dev/null 2>&1; then
308 action "cannot list iptables rules, not adding a rule for $name"
310 action "iptables binary not installed, not adding a rule for $name"
326 OVSDB_SERVER_PRIORITY=-10
327 OVS_VSWITCHD_PRIORITY=-10
329 DB_FILE=$etcdir/conf.db
330 DB_SOCK=$rundir/db.sock
331 DB_SCHEMA=$datadir/vswitch.ovsschema
337 if (lsb_release --id) >/dev/null 2>&1; then
338 SYSTEM_TYPE=`lsb_release --id -s`
339 system_release=`lsb_release --release -s`
340 system_codename=`lsb_release --codename -s`
341 SYSTEM_VERSION="${system_release}-${system_codename}"
344 SYSTEM_VERSION=unknown
351 $0: controls Open vSwitch daemons
352 usage: $0 [OPTIONS] COMMAND
354 This program is intended to be invoked internally by Open vSwitch startup
355 scripts. System administrators should not normally invoke it directly.
358 start start Open vSwitch daemons
359 stop stop Open vSwitch daemons
360 status check whether Open vSwitch daemons are running
361 version print versions of Open vSwitch daemons
362 force-reload-kmod save OVS network device state, stop OVS, unload kernel
363 module, reload kernel module, start OVS, restore state
364 enable-protocol enable protocol specified in options with iptables
365 help display this help message
367 One of the following options should be specified when starting Open vSwitch:
368 --system-id=UUID set specific ID to uniquely identify this system
369 --system-id=random use a random but persistent UUID to identify this system
371 Other important options for starting Open vSwitch:
372 --system-type=TYPE set system type (e.g. "XenServer")
373 --system-version=VERSION set system version (e.g. "5.6.100-39265p")
374 --external-id="key=value"
375 add given key-value pair to Open_vSwitch external-ids
376 --delete-bridges delete all bridges just before starting ovs-vswitchd
378 Less important options for starting Open vSwitch:
379 --daemon-cwd=DIR current working directory for OVS daemons (default: $DAEMON_CWD)
381 do not forcibly enable core dumps for OVS daemons
382 --no-mlockall do not lock all of ovs-vswitchd into memory
383 --ovsdb-server-priority=NICE
384 set ovsdb-server's niceness (default: $OVSDB_SERVER_PRIORITY)
385 --ovs-vswitchd-priority=NICE
386 set ovs-vswitchd's niceness (default: $OVS_VSWITCHD_PRIORITY)
388 File location options:
389 --db-file=FILE database file name (default: $DB_FILE)
390 --db-sock=SOCKET JSON-RPC socket name (default: $DB_SOCK)
391 --db-schema=FILE database schema file name (default: $DB_SCHEMA)
393 Options for enable-protocol:
394 --protocol=PROTOCOL protocol to enable with iptables (default: gre)
395 --sport=PORT source port to match (for tcp or udp protocol)
396 --dport=PORT ddestination port to match (for tcp or udp protocol)
399 -h, --help display this help message
400 -V, --version display version information
402 Default directories with "configure" option and environment variable override:
403 logs: @LOGDIR@ (--log-dir, OVS_LOGDIR)
404 pidfiles and sockets: @RUNDIR@ (--run-dir, OVS_RUNDIR)
405 system configuration: @sysconfdir@ (--sysconfdir, OVS_SYSCONFDIR)
406 data files: @pkgdatadir@ (--pkgdatadir, OVS_PKGDATADIR)
407 user binaries: @bindir@ (--bindir, OVS_BINDIR)
408 system binaries: @sbindir@ (--sbindir, OVS_SBINDIR)
410 Please report bugs to bugs@openvswitch.org (see REPORTING-BUGS for details).
417 var=`echo "$option" | tr abcdefghijklmnopqrstuvwxyz- ABCDEFGHIJKLMNOPQRSTUVWXYZ_`
418 eval set=\${$var+yes}
419 eval old_value=\$$var
420 if test X$set = X || \
421 (test $type = bool && \
422 test X"$old_value" != Xno && test X"$old_value" != Xyes); then
423 echo >&2 "$0: unknown option \"$arg\" (use --help for help)"
439 echo "$0 (Open vSwitch) $VERSION$BUILDNR"
443 value=`expr X"$arg" : 'X[^=]*=\(.*\)'`
446 extra_ids="$extra_ids external-ids:$value"
449 echo >&2 "$0: --external-id argument not in the form \"key=value\""
455 option=`expr X"$arg" : 'X--\([^=]*\)'`
456 value=`expr X"$arg" : 'X[^=]*=\(.*\)'`
461 option=`expr X"$arg" : 'X--no-\(.*\)'`
467 option=`expr X"$arg" : 'X--\(.*\)'`
473 echo >&2 "$0: unknown option \"$arg\" (use --help for help)"
477 if test X"$command" = X; then
480 echo >&2 "$0: exactly one non-option argument required (use --help for help)"
494 daemon_status ovsdb-server && daemon_status ovs-vswitchd
497 ovsdb-server --version && ovs-vswitchd --version
509 echo >&2 "$0: missing command name (use --help for help)"
513 echo >&2 "$0: unknown command \"$command\" (use --help for help)"