2
0
mirror of https://github.com/openvswitch/ovs synced 2025-10-23 14:57:06 +00:00

ovs-architecture: Recommend disable-in-band=true for integration bridge.

Also implement in ovs-sandbox.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>
This commit is contained in:
Ben Pfaff
2015-05-05 17:19:48 -07:00
parent b4e87a483a
commit a42226f0a5
2 changed files with 25 additions and 5 deletions

View File

@@ -243,11 +243,30 @@
</p> </p>
<p> <p>
The integration bridge must be configured with failure mode ``secure'' to The integration bridge should be configured as described below.
avoid switching packets between isolated logical networks before The effect of each of these settings is documented in
<code>ovs-vswitchd.conf.db</code>(5):
</p>
<dl>
<dt><code>fail-mode=secure</code></dt>
<dd>
Avoids switching packets between isolated logical networks before
<code>ovn-controller</code> starts up. See <code>Controller Failure <code>ovn-controller</code> starts up. See <code>Controller Failure
Settings</code> in <code>ovs-vsctl</code>(8) for more information. Settings</code> in <code>ovs-vsctl</code>(8) for more information.
</p> </dd>
<dt><code>other-config:disable-in-band=true</code></dt>
<dd>
Suppresses in-band control flows for the integration bridge. It would be
unusual for such flows to show up anyway, because OVN uses a local
controller (over a Unix domain socket) instead of a remote controller.
It's possible, however, for some other bridge in the same system to have
an in-band remote controller, and in that case this suppresses the flows
that in-band control would ordinarily set up. See <code>In-Band
Control</code> in <code>DESIGN.md</code> for more information.
</dd>
</dl>
<p> <p>
The customary name for the integration bridge is <code>br-int</code>, but The customary name for the integration bridge is <code>br-int</code>, but

View File

@@ -291,7 +291,8 @@ if $ovn; then
ovs-vsctl set open . external-ids:ovn-remote=unix:"$sandbox"/db.sock ovs-vsctl set open . external-ids:ovn-remote=unix:"$sandbox"/db.sock
ovs-vsctl set open . external-ids:ovn-encap-type=geneve ovs-vsctl set open . external-ids:ovn-encap-type=geneve
ovs-vsctl set open . external-ids:ovn-encap-ip=127.0.0.1 ovs-vsctl set open . external-ids:ovn-encap-ip=127.0.0.1
ovs-vsctl add-br br-int -- set bridge br-int fail-mode=secure ovs-vsctl add-br br-int \
-- set bridge br-int fail-mode=secure other-config:disable-in-band=true
rungdb $gdb_ovn_northd ovn-northd --detach --no-chdir --pidfile -vconsole:off --log-file rungdb $gdb_ovn_northd ovn-northd --detach --no-chdir --pidfile -vconsole:off --log-file
rungdb $gdb_ovn_controller ovn-controller --detach --no-chdir --pidfile -vconsole:off --log-file rungdb $gdb_ovn_controller ovn-controller --detach --no-chdir --pidfile -vconsole:off --log-file