From b3a43165749f80d7f3eda34e2e2b07f7a349e298 Mon Sep 17 00:00:00 2001 From: Ben Pfaff Date: Tue, 15 Dec 2009 13:11:24 -0800 Subject: [PATCH] debian: Change openvswitch-switch deb to use ovsdb-server and ovs-vswitchd. This appears to work in that it creates the database on installation, starts and stops the programs and loads and unloads the kernel modules at the right times, but it has not been tested beyond that. --- debian/control | 2 +- debian/openvswitch-common.install | 4 + debian/openvswitch-common.manpages | 3 + debian/openvswitch-switch.init | 446 ++++++++++------------------- debian/openvswitch-switch.install | 9 +- debian/openvswitch-switch.manpages | 5 +- debian/openvswitch-switch.postinst | 24 ++ debian/openvswitch-switch.postrm | 3 + debian/openvswitch-switch.template | 156 +--------- 9 files changed, 200 insertions(+), 452 deletions(-) diff --git a/debian/control b/debian/control index 843b3d5d..f5126e87 100644 --- a/debian/control +++ b/debian/control @@ -29,7 +29,7 @@ Description: Open vSwitch common components Package: openvswitch-switch Architecture: any Suggests: openvswitch-datapath-module -Depends: ${shlibs:Depends}, ${misc:Depends}, openvswitch-common (= ${binary:Version}), dhcp3-client, module-init-tools, dmidecode, procps, debianutils +Depends: ${shlibs:Depends}, ${misc:Depends}, openvswitch-common (= ${binary:Version}), module-init-tools, procps Description: Open vSwitch switch implementations openvswitch-switch provides the userspace components and utilities for the Open vSwitch kernel-based switch. diff --git a/debian/openvswitch-common.install b/debian/openvswitch-common.install index 1967ccc1..314c7625 100644 --- a/debian/openvswitch-common.install +++ b/debian/openvswitch-common.install @@ -1,3 +1,7 @@ +_debian/ovsdb/ovsdb-client usr/bin +_debian/ovsdb/ovsdb-tool usr/bin _debian/utilities/ovs-appctl usr/sbin +_debian/utilities/ovs-ofctl usr/sbin _debian/utilities/ovs-parse-leaks usr/bin _debian/utilities/ovs-pki usr/sbin +_debian/vswitchd/vswitch-idl.ovsschema usr/share/openvswitch diff --git a/debian/openvswitch-common.manpages b/debian/openvswitch-common.manpages index 99c48bd0..52432476 100644 --- a/debian/openvswitch-common.manpages +++ b/debian/openvswitch-common.manpages @@ -1,2 +1,5 @@ +_debian/ovsdb/ovsdb-client.1 +_debian/ovsdb/ovsdb-tool.1 _debian/utilities/ovs-appctl.8 +_debian/utilities/ovs-ofctl.8 _debian/utilities/ovs-pki.8 diff --git a/debian/openvswitch-switch.init b/debian/openvswitch-switch.init index dd4bb059..6db7c95b 100755 --- a/debian/openvswitch-switch.init +++ b/debian/openvswitch-switch.init @@ -19,36 +19,20 @@ ### END INIT INFO PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/sbin/ovs-openflowd -NAME=ovs-openflowd -DESC=ovs-openflowd +ovs_vswitchd=/usr/sbin/ovs-vswitchd +ovsdb_server=/usr/bin/ovsdb-server -test -x $DAEMON || exit 0 +(test -x $ovsdb_server && test -x $ovs_vswitchd) || exit 0 -NICIRA_OUI="002320" - -LOGDIR=/var/log/openvswitch -PIDFILE=/var/run/$NAME.pid -DHCLIENT_PIDFILE=/var/run/dhclient.of0.pid DODTIME=1 # Time to wait for the server to die, in seconds # If this value is set too low you might not # let some servers to die gracefully and # 'restart' will not work # Include ovs-openflowd defaults if available -unset NETDEVS -unset MODE -unset SWITCH_IP -unset CONTROLLER -unset PRIVKEY -unset CERT -unset CACERT -unset CACERT_MODE -unset MGMT_VCONNS -unset COMMANDS -unset DAEMON_OPTS +unset OVSDB_SERVER_OPTS +unset OVS_VSWITCHD_OPTS unset CORE_LIMIT -unset DATAPATH_ID default=/etc/default/openvswitch-switch if [ -f $default ] ; then . $default @@ -56,11 +40,12 @@ fi set -e +# running_pid pid name +# +# Check if 'pid' is a process named 'name' running_pid() { - # Check if a given process pid's cmdline matches a given name - pid=$1 - name=$2 + local pid=$1 name=$2 [ -z "$pid" ] && return 1 [ ! -d /proc/$pid ] && return 1 cmd=`cat /proc/$pid/cmdline | tr "\000" "\n"|head -n 1 |cut -d : -f 1` @@ -75,36 +60,47 @@ running_pid() esac } +# running name +# +# Checks for a running process named 'name' by looking for a pidfile +# named /var/run/${name}.pid running() { -# Check if the process is running looking at /proc -# (works for all users) + local name=$1 + local pidfile=/var/run/${name}.pid # No pidfile, probably no daemon present - [ ! -f "$PIDFILE" ] && return 1 + [ ! -f "$pidfile" ] && return 1 + # Obtain the pid and check it against the binary name - pid=`cat $PIDFILE` - running_pid $pid $NAME || return 1 + pid=`cat $pidfile` + running_pid $pid $name || return 1 return 0 } +# force_stop name +# +# Checks for a running process named 'name', by looking for a pidfile +# named /var/run/${name}.pid, and then kills it and waits for it to +# die. force_stop() { -# Forcefully kill the process - [ ! -f "$PIDFILE" ] && return - if running ; then - kill -15 $pid - # Is it really dead? + local name=$1 + local pidfile=/var/run/${name}.pid + + [ ! -f "$pidfile" ] && return + if running $name; then + kill $pid [ -n "$DODTIME" ] && sleep "$DODTIME"s - if running ; then - kill -9 $pid + if running $name; then + kill -KILL $pid [ -n "$DODTIME" ] && sleep "$DODTIME"s - if running ; then - echo "Cannot kill $NAME (pid=$pid)!" + if running $name; then + echo "Cannot kill $name (pid=$pid)!" exit 1 fi fi fi - rm -f $PIDFILE + rm -f $pidfile return 0 } @@ -129,310 +125,170 @@ check_op() { fi } -configure_ssl() { - if (test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap) \ - || test ! -e "$PRIVKEY" || test ! -e "$CERT" \ - || (test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap); then - if test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap - then - echo "CACERT_MODE is not set to 'secure' or 'bootstrap'" - fi - if test ! -e "$PRIVKEY"; then - echo "$PRIVKEY: private key missing" >&2 - fi - if test ! -e "$CERT"; then - echo "$CERT: certificate for private key missing" >&2 - fi - if test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap; then - echo "$CACERT: CA certificate missing (and CA certificate bootstrapping not enabled)" >&2 - fi - echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 - if test "$MODE" = discovery; then - echo "You may also delete or rename $PRIVKEY to disable SSL requirement" >&2 - fi - exit 1 - fi +# is_module_loaded module +# +# Returns 0 if 'module' is loaded, 1 otherwise. - SSL_OPTS="--private-key=$PRIVKEY --certificate=$CERT" - if test ! -e "$CACERT" && test "$CACERT_MODE" = bootstrap; then - SSL_OPTS="$SSL_OPTS --bootstrap-ca-cert=$CACERT" - else - SSL_OPTS="$SSL_OPTS --ca-cert=$CACERT" - fi +is_module_loaded() { + local module=$1 + grep -q "^$module " /proc/modules } -check_int_var() { - eval value=\$$1 - if test -n "$value"; then - if expr "X$value" : 'X[0-9][0-9]*$' > /dev/null 2>&1; then - if test $value -lt $2; then - echo "warning: The $1 option may not be set to a value below $2, treating as $2" >&2 - eval $1=$2 - fi +# load_module module +# +# Loads 'module' into the running kernel, if it is not already loaded. +load_module() { + local module=$1 + echo -n "Loading $module: " + if is_module_loaded $module; then + echo "already loaded, nothing to do." + elif modprobe $module; then + echo "success." + else + echo "ERROR." + echo "$module has probably not been built for this kernel." + if ! test -d /usr/share/doc/openvswitch-datapath-source; then + echo "Install the openvswitch-datapath-source package, then read" + echo "/usr/share/doc/openvswitch-datapath-source/README.Debian" else - echo "warning: The $1 option must be set to a number, ignoring" >&2 - unset $1 + echo "For instructions, read" + echo "/usr/share/doc/openvswitch-datapath-source/README.Debian" fi + exit 1 fi } -check_new_option() { - case $DAEMON_OPTS in - *$1*) - echo "warning: The $1 option in DAEMON_OPTS may now be set with the $2 variable in $default. The setting in DAEMON_OPTS will override the $2 variable, which will prevent the switch UI from configuring $1." >&2 - ;; - esac -} - -case "$1" in - start) - if test -z "$NETDEVS"; then - echo "$default: No network devices configured, switch disabled" >&2 - echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 - exit 0 - fi - if test "$MODE" = discovery; then - unset CONTROLLER - elif test "$MODE" = in-band || test "$MODE" = out-of-band; then - if test -z "$CONTROLLER"; then - echo "$default: No controller configured and not configured for discovery, switch disabled" >&2 - echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 - exit 0 - fi - else - echo "$default: MODE must set to 'discovery', 'in-band', or 'out-of-band'" >&2 - echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 - exit 1 - fi - : ${PRIVKEY:=/etc/openvswitch-switch/of0-privkey.pem} - : ${CERT:=/etc/openvswitch-switch/of0-cert.pem} - : ${CACERT:=/etc/openvswitch-switch/cacert.pem} - case $CONTROLLER in - '') - # Discovery mode. - if test -e "$PRIVKEY"; then - configure_ssl - fi - ;; - tcp:*) - ;; - ssl:*) - configure_ssl - ;; - *) - echo "$default: CONTROLLER must be in the form 'ssl:IP[:PORT]' or 'tcp:IP[:PORT]' when not in discovery mode" >&2 - echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 - exit 1 - esac - case $DISCONNECTED_MODE in - ''|switch|drop) ;; - *) echo "$default: warning: DISCONNECTED_MODE is not 'switch' or 'drop'" >&2 ;; - esac - - check_int_var RATE_LIMIT 100 - check_int_var INACTIVITY_PROBE 5 - check_int_var MAX_BACKOFF 1 - - check_new_option --fail DISCONNECTED_MODE - check_new_option --stp STP - check_new_option --rate-limit RATE_LIMIT - check_new_option --inactivity INACTIVITY_PROBE - check_new_option --max-backoff MAX_BACKOFF - case $DAEMON_OPTS in - *--rate-limit*) - echo "$default: --rate-limit may now be set with RATE_LIMIT" >&2 - esac - - echo -n "Loading openvswitch_mod: " - if grep -q '^openvswitch_mod$' /proc/modules; then - echo "already loaded, nothing to do." - elif modprobe openvswitch_mod; then +# unload_module module +# +# Unloads 'module' from the running kernel, if it is loaded. +unload_module() { + local module=$1 + echo -n "Unloading $module: " + if is_module_loaded $module; then + if rmmod $module; then echo "success." else echo "ERROR." - echo "openvswitch_mod has probably not been built for this kernel." - if ! test -d /usr/share/doc/openvswitch-datapath-source; then - echo "Install the openvswitch-datapath-source package, then read" - echo "/usr/share/doc/openvswitch-datapath-source/README.Debian" - else - echo "For instructions, read" - echo "/usr/share/doc/openvswitch-datapath-source/README.Debian" - fi exit 1 fi + else + echo "not loaded, nothing to do." + fi +} - echo -n "Loading ip_gre_mod: " - if grep -q '^ip_gre$' /proc/modules; then - modprobe -r ip_gre - fi - if grep -q '^ip_gre_mod$' /proc/modules; then - echo "already loaded, nothing to do." - elif modprobe ip_gre_mod; then - echo "success." - else - echo "could not find module." - fi - - for netdev in $NETDEVS; do - check_op "Removing IP address from $netdev" ifconfig $netdev 0.0.0.0 - done - - must_succeed "Creating datapath" ovs-dpctl add-dp of0 $NETDEVS - - xx='[0-9abcdefABCDEF][0-9abcdefABCDEF]' - case $DATAPATH_ID in - '') - # Check if the DMI System UUID contains a Nicira mac address - # that should be used for this datapath. The UUID is assumed - # to be RFC 4122 compliant. - DMIDECODE=`which dmidecode` - if [ -n $DMIDECODE ]; then - UUID_MAC=`$DMIDECODE -s system-uuid | cut -d'-' -f 5` - case $UUID_MAC in - $NICIRA_OUI*) - ifconfig of0 down - must_succeed "Setting of0 MAC address to $UUID_MAC" ifconfig of0 hw ether $UUID_MAC - ifconfig of0 up - ;; - esac - fi - ;; - $xx:$xx:$xx:$xx:$xx:$xx) - ifconfig of0 down - must_succeed "Setting of0 MAC address to $DATAPATH_ID" ifconfig of0 hw ether $DATAPATH_ID - ifconfig of0 up - ;; - *) - echo "DATAPATH_ID is not a valid MAC address in the form XX:XX:XX:XX:XX:XX, ignoring" >&2 - ;; - esac - - if test "$MODE" = in-band; then - if test "$SWITCH_IP" = dhcp; then - must_succeed "Temporarily disabling of0" ifconfig of0 down +unload_modules() { + if is_module_loaded openvswitch_mod; then + for dp in $(ovs-dpctl dump-dps); do + echo -n "Deleting datapath $dp: " + if ovs-dpctl del-dp $dp; then + echo "success." else - COMMAND="ifconfig of0 $SWITCH_IP" - if test -n "$SWITCH_NETMASK"; then - COMMAND="$COMMAND netmask $SWITCH_NETMASK" - fi - must_succeed "Configuring of0: $COMMAND" $COMMAND - if test -n "$SWITCH_GATEWAY"; then - # This can fail because the route already exists, - # so we don't insist that it succeed. - COMMAND="route add default gw $SWITCH_GATEWAY" - check_op "Adding default route: $COMMAND" $COMMAND - fi + echo "ERROR." fi - else - must_succeed "Disabling of0" ifconfig of0 down - fi + done + fi + unload_module openvswitch_mod + unload_module ip_gre_mod +} + +case "$1" in + start) + load_module openvswitch_mod + unload_module ip_gre + load_module ip_gre_mod if test -n "$CORE_LIMIT"; then check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT" fi - # Compose ovs-openflowd options. + # Start ovsdb-server. set -- set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err set -- "$@" --log-file - set -- "$@" --detach --pidfile=$PIDFILE - for vconn in $MGMT_VCONNS; do - set -- "$@" --listen="$vconn" - done - if test -n "$COMMANDS"; then - set -- "$@" --command-acl="$COMMANDS" - fi - case $STP in - yes) set -- "$@" --stp ;; - no) set -- "$@" --no-stp ;; - esac - case $DISCONNECTED_MODE in - switch) set -- "$@" --fail=open ;; - drop) set -- "$@" --fail=closed ;; - esac - if test -n "$RATE_LIMIT"; then - set -- "$@" --rate-limit=$RATE_LIMIT - fi - if test -n "$INACTIVITY_PROBE"; then - set -- "$@" --inactivity-probe=$INACTIVITY_PROBE - fi - if test -n "$MAX_BACKOFF"; then - set -- "$@" --max-backoff=$MAX_BACKOFF - fi - set -- "$@" $SSL_OPTS $DAEMON_OPTS - if test "$MODE" = out-of-band; then - set -- "$@" --out-of-band - fi - set -- "$@" of0 "$CONTROLLER" - echo -n "Starting $DESC: " - start-stop-daemon --start --quiet --pidfile $PIDFILE \ - --exec $DAEMON -- "$@" - if running; then - echo "$NAME." + set -- "$@" --detach --pidfile + set -- "$@" --listen punix:/var/run/ovsdb-server + set -- "$@" /etc/openvswitch-switch/conf + set -- "$@" $OVSDB_SERVER_OPTS + echo -n "Starting ovsdb-server: " + start-stop-daemon --start --quiet --pidfile /var/run/ovsdb-server.pid \ + --exec $ovsdb_server -- "$@" + if running ovsdb-server; then + echo "ovsdb-server." else echo " ERROR." fi - if test "$MODE" = in-band && test "$SWITCH_IP" = dhcp; then - echo -n "Starting dhclient on of0: " - start-stop-daemon --start --quiet --pidfile $DHCLIENT_PIDFILE \ - --exec /sbin/dhclient -- -q -pf $DHCLIENT_PIDFILE of0 - if running; then - echo "dhclient." - else - echo " ERROR." - fi + # Start ovs-vswitchd. + set -- + set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err + set -- "$@" --log-file + set -- "$@" --detach --pidfile + set -- "$@" unix:/var/run/ovsdb-server + set -- "$@" $OVS_VSWITCHD_OPTS + echo -n "Starting ovs-vswitchd: " + start-stop-daemon --start --quiet --pidfile /var/run/ovs-vswitchd.pid \ + --exec $ovs_vswitchd -- "$@" + if running ovs-vswitchd; then + echo "ovs-vswitchd." + else + echo " ERROR." fi ;; stop) - if test -e /var/run/dhclient.of0.pid; then - echo -n "Stopping dhclient on of0: " - start-stop-daemon --stop --quiet --oknodo \ - --pidfile $DHCLIENT_PIDFILE --exec /sbin/dhclient - echo "dhclient." - fi + echo -n "Stopping ovs-vswitchd: " + start-stop-daemon --stop --quiet --oknodo \ + --pidfile /var/run/ovs-vswitchd.pid \ + --exec $ovs_vswitchd + echo "ovs-vswitchd." - echo -n "Stopping $DESC: " - start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE \ - --exec $DAEMON - echo "$NAME." + echo -n "Stopping ovsdb-server: " + start-stop-daemon --stop --quiet --oknodo \ + --pidfile /var/run/ovsdb-server.pid \ + --exec $ovsdb_server + echo "ovsdb-server." - check_op "Deleting datapath" ovs-dpctl del-dp of0 - echo -n "Unloading ip_gre module: " - if modprobe -r ip_gre_mod; then - echo "success." - fi - check_op "Unloading kernel module" modprobe -r openvswitch_mod + unload_modules ;; force-stop) - echo -n "Forcefully stopping $DESC: " - force_stop - if ! running; then - echo "$NAME." + echo -n "Forcefully stopping ovs-vswitchd: " + force_stop ovs-vswitchd + if ! running ovs-vswitchd; then + echo "ovs-vswitchd." else echo " ERROR." fi + + echo -n "Forcefully stopping ovsdb-server: " + force_stop ovsdb-server + if ! running ovsdb-server; then + echo "ovsdb-server." + else + echo " ERROR." + fi + + unload_modules ;; reload) ;; force-reload) - start-stop-daemon --stop --test --quiet --pidfile \ - $PIDFILE --exec $DAEMON \ - && $0 restart \ - || exit 0 + # Nothing to do, since ovs-vswitchd automatically reloads + # whenever its configuration changes, and ovsdb-server doesn't + # have anything to reload. ;; restart) $0 stop || true $0 start ;; status) - echo -n "$NAME is " - if running ; then - echo "running" - else - echo " not running." - exit 1 - fi + for daemon in ovs-vswitchd ovsdb-server; do + echo -n "$daemon is " + if running $daemon; then + echo "running" + else + echo " not running." + exit 1 + fi + done ;; *) N=/etc/init.d/$NAME diff --git a/debian/openvswitch-switch.install b/debian/openvswitch-switch.install index a0cf9bf2..8e9b6c11 100644 --- a/debian/openvswitch-switch.install +++ b/debian/openvswitch-switch.install @@ -1,7 +1,8 @@ -_debian/utilities/ovs-openflowd usr/sbin -_debian/utilities/ovs-dpctl usr/sbin +_debian/ovsdb/ovsdb-server usr/bin _debian/utilities/ovs-discover usr/sbin +_debian/utilities/ovs-dpctl usr/sbin _debian/utilities/ovs-kill usr/sbin -_debian/utilities/ovs-ofctl usr/sbin -debian/openvswitch/usr/share/openvswitch/commands/* usr/share/openvswitch/commands +_debian/utilities/ovs-vsctl usr/sbin +_debian/vswitchd/ovs-vswitchd usr/sbin debian/commands/* usr/share/openvswitch/commands +debian/openvswitch/usr/share/openvswitch/commands/* usr/share/openvswitch/commands diff --git a/debian/openvswitch-switch.manpages b/debian/openvswitch-switch.manpages index 821503a7..a8991142 100644 --- a/debian/openvswitch-switch.manpages +++ b/debian/openvswitch-switch.manpages @@ -1,5 +1,6 @@ -_debian/utilities/ovs-openflowd.8 +_debian/ovsdb/ovsdb-server.1 _debian/utilities/ovs-discover.8 _debian/utilities/ovs-dpctl.8 _debian/utilities/ovs-kill.8 -_debian/utilities/ovs-ofctl.8 +_debian/utilities/ovs-vsctl.8 +_debian/vswitchd/ovs-vswitchd.8 diff --git a/debian/openvswitch-switch.postinst b/debian/openvswitch-switch.postinst index 74b52ba9..39b2de46 100755 --- a/debian/openvswitch-switch.postinst +++ b/debian/openvswitch-switch.postinst @@ -33,6 +33,30 @@ case "$1" in fi done fi + + if /etc/init.d/openvswitch-switch status >/dev/null 2>&1; then + running=true + /etc/init.d/openvswitch-switch stop + else + running=false + fi + + if test ! -e /etc/openvswitch-switch/conf; then + # Create configuration database. + ovsdb-tool -vANY:console:emer \ + create /etc/openvswitch-switch/conf \ + /usr/share/openvswitch/vswitch-idl.ovsschema + + # Initialize configuration database. + ovsdb-tool -vANY:console:emer \ + transact /etc/openvswitch-switch/conf \ + '[{"op": "insert", "table": "Open_vSwitch", "row": {}}]' \ + > /dev/null + fi + + if $running; then + /etc/init.d/openvswitch-switch start + fi ;; abort-upgrade|abort-remove|abort-deconfigure) diff --git a/debian/openvswitch-switch.postrm b/debian/openvswitch-switch.postrm index 19e8ebe4..6ff5ec2c 100755 --- a/debian/openvswitch-switch.postrm +++ b/debian/openvswitch-switch.postrm @@ -21,7 +21,10 @@ set -e case "$1" in purge) + rm -f /etc/openvswitch-switch/conf + rm -f /etc/openvswitch-switch/.conf.~lock~ rm -f /etc/default/openvswitch-switch + rm -f /var/log/openvswitch/* ;; remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) diff --git a/debian/openvswitch-switch.template b/debian/openvswitch-switch.template index 44f9210c..6da1ed77 100644 --- a/debian/openvswitch-switch.template +++ b/debian/openvswitch-switch.template @@ -4,147 +4,14 @@ # uncomment them. Afterward, the switch will come up # automatically at boot time. It can be started immediately with # /etc/init.d/openvswitch-switch start -# Alternatively, use the ovs-switch-setup program (from the -# openvswitch-switch-config package) to do everything automatically. -# NETDEVS: Which network devices should the OpenFlow switch include? -# -# List the network devices that should become part of the OpenFlow -# switch, separated by spaces. At least two devices must be selected -# for this machine to be a useful switch. Unselecting all network -# devices will disable the OpenFlow switch entirely. -# -# The network devices that you select should not be configured with IP -# or IPv6 addresses, even if the switch contacts the controller over -# one of the selected network devices. This is because a running -# Open vSwitch switch takes over network devices at a low level: they -# become part of the switch and cannot be used for other purposes. -#NETDEVS="" - -# MODE: The OpenFlow switch has three modes that determine how it -# reaches the controller: -# -# * in-band with discovery: A single network is used for OpenFlow -# traffic and other data traffic; that is, the switch contacts the -# controller over one of the network devices selected as OpenFlow -# switch ports. The switch automatically determines the location of -# the controller using a DHCP request with an OpenFlow-specific -# vendor option. This is the most common case. -# -# * in-band: As above, but the location of the controller is manually -# configured. -# -# * out-of-band: OpenFlow traffic uses a network separate from the -# data traffic that it controls. If this is the case, the control -# network must already be configured on a network device other than -# one of those selected as an Open vSwitch switch port in the previous -# question. -# -# Set MODE to 'discovery', 'in-band', or 'out-of-band' for these -# respective cases. -MODE=discovery - -# SWITCH_IP: In 'in-band' mode, the switch's IP address may be -# configured statically or dynamically: -# -# * For static configuration, specify the switch's IP address as a -# string. In this case you may also set SWITCH_NETMASK and -# SWITCH_GATEWAY appropriately (see below). -# -# * For dynamic configuration with DHCP (the most common case), -# specify "dhcp". Configuration with DHCP will only work reliably -# if the network topology allows the switch to contact the DHCP -# server before it connects to the OpenFlow controller. -# -# This setting has no effect unless MODE is set to 'in-band'. -SWITCH_IP=dhcp - -# SWITCH_NETMASK: IP netmask to use in 'in-band' mode when the switch -# IP address is not 'dhcp'. -#SWITCH_NETMASK=255.255.255.0 +# OVSDB_SERVER_OPTS: Additional options to pass to ovsdb-server, +# e.g. "--fail=open" +OVSDB_SERVER_OPTS= -# SWITCH_GATEWAY: IP gateway to use in 'in-band' mode when the switch -# IP address is not 'dhcp'. -#SWITCH_GATEWAY=192.168.1.1 - -# CONTROLLER: Location of controller. -# One of the following formats: -# tcp:IP[:PORT] via TCP to PORT (default: 6633) at IP -# ssl:IP[:PORT] via SSL to PORT (default: 6633) at IP -# The default below assumes that the controller is running locally. -# This setting has no effect when MODE is set to 'discovery'. -#CONTROLLER="tcp:127.0.0.1" - -# PRIVKEY: Name of file containing switch's private key. -# Required if SSL enabled. -#PRIVKEY=/etc/openvswitch-switch/of0-privkey.pem - -# CERT: Name of file containing certificate for private key. -# Required if SSL enabled. -#CERT=/etc/openvswitch-switch/of0-cert.pem - -# CACERT: Name of file containing controller CA certificate. -# Required if SSL enabled. -#CACERT=/etc/openvswitch-switch/cacert.pem - -# CACERT_MODE: Two modes are available: -# -# * secure: The controller CA certificate named in CACERT above must exist. -# (You must copy it manually from the PKI server or another trusted source.) -# -# * bootstrap: If the controller CA certificate named in CACERT above does -# not exist, the switch will obtain it from the controller the first time -# it connects and save a copy to the file named in CACERT. This is insecure, -# in the same way that initial connections with ssh are insecure, but -# it is convenient. -# -# Set CACERT_MODE to 'secure' or 'bootstrap' for these respective cases. -#CACERT_MODE=secure - -# MGMT_VCONNS: List of vconns (space-separated) on which ovs-openflowd -# should listen for management connections from ovs-ofctl, etc. -# openvswitch-switchui by default connects to -# unix:/var/run/ovs-openflowd.mgmt, so do not disable this if you want to -# use openvswitch-switchui. -MGMT_VCONNS="punix:/var/run/ovs-openflowd.mgmt" - -# COMMANDS: Access control list for the commands that can be executed -# remotely over the OpenFlow protocol, as a comma-separated list of -# shell glob patterns. Negative patterns (beginning with !) act as a -# blacklist. To be executable, a command name must match one positive -# pattern and not match any negative patterns. -#COMMANDS="reboot,update" - -# DISCONNECTED_MODE: Switch behavior when attempts to connect to the -# controller repeatedly fail, either 'switch', to act as an L2 switch -# in this case, or 'drop', to drop all packets (except those necessary -# to connect to the controller). If unset, the default is 'drop'. -#DISCONNECTED_MODE=switch - -# STP: Enable or disabled 802.1D-1998 Spanning Tree Protocol. Set to -# 'yes' to enable STP, 'no' to disable it. If unset, ovs-openflowd's -# current default is 'no' (but this may change in the future). -#STP=no - -# RATE_LIMIT: Maximum number of received frames, that do not match any -# existing switch flow, to forward up to the controller per second. -# The valid range is 100 and up. If unset, this rate will not be -# limited. -#RATE_LIMIT=1000 - -# INACTIVITY_PROBE: The maximum number of seconds of inactivity on the -# controller connection before ovs-openflowd sends an inactivity probe -# message to the controller. The valid range is 5 and up. If unset, -# ovs-openflowd defaults to 5 seconds. -#INACTIVITY_PROBE=5 - -# MAX_BACKOFF: The maximum time that ovs-openflowd will wait between -# attempts to connect to the controller. The valid range is 1 and up. -# If unset, ovs-openflowd defaults to 8 seconds. -#MAX_BACKOFF=8 - -# DAEMON_OPTS: Additional options to pass to ovs-openflowd, e.g. "--fail=open" -DAEMON_OPTS="" +# OVS_VSWITCHD_OPTS: Additional options to pass to ovs-openflowd, +# e.g. "--fail=open" +OVS_VSWITCHD_OPTS= # CORE_LIMIT: Maximum size for core dumps. # @@ -152,14 +19,3 @@ DAEMON_OPTS="" # will disable core dumps. Setting it to "unlimited" will dump all # core files regardless of size. #CORE_LIMIT=unlimited - -# DATAPATH_ID: Identifier for this switch. -# -# By default, the switch checks if the DMI System UUID contains a Nicira -# mac address to use as a datapath ID. If not, then the switch generates -# a new, random datapath ID every time it starts up. By setting this -# value, the supplied datapath ID will always be used. -# -# Set DATAPATH_ID to a MAC address in the form XX:XX:XX:XX:XX:XX where each -# X is a hexadecimal digit (0-9 or a-f). -#DATAPATH_ID=XX:XX:XX:XX:XX:XX -- 2.30.2