mir/openvswitch
2
0
Fork 0
mirror of https://github.com/openvswitch/ovs synced 2025-10-25 15:07:05 +00:00
Code Issues Releases Wiki Activity

debian: Change openvswitch-switch deb to use ovsdb-server and ovs-vswitchd.

Browse Source 
This appears to work in that it creates the database on installation,
starts and stops the programs and loads and unloads the kernel modules at
the right times, but it has not been tested beyond that.
This commit is contained in:
Ben Pfaff
2009-12-15 13:11:24 -08:00
parent 77ce847d0b
commit b3a4316574
9 changed files with 202 additions and 454 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
debian/control vendored
View File

@@ -29,7 +29,7 @@ Description: Open vSwitch common components
Package: openvswitch-switch Package: openvswitch-switch
Architecture: any Architecture: any
Suggests: openvswitch-datapath-module Suggests: openvswitch-datapath-module
Depends: ${shlibs:Depends}, ${misc:Depends}, openvswitch-common (= ${binary:Version}), dhcp3-client, module-init-tools, dmidecode, procps, debianutils Depends: ${shlibs:Depends}, ${misc:Depends}, openvswitch-common (= ${binary:Version}), module-init-tools, procps
Description: Open vSwitch switch implementations Description: Open vSwitch switch implementations
openvswitch-switch provides the userspace components and utilities for openvswitch-switch provides the userspace components and utilities for
the Open vSwitch kernel-based switch. the Open vSwitch kernel-based switch.

4
debian/openvswitch-common.install vendored
View File

@@ -1,3 +1,7 @@
_debian/ovsdb/ovsdb-client usr/bin
_debian/ovsdb/ovsdb-tool usr/bin
_debian/utilities/ovs-appctl usr/sbin _debian/utilities/ovs-appctl usr/sbin
_debian/utilities/ovs-ofctl usr/sbin
_debian/utilities/ovs-parse-leaks usr/bin _debian/utilities/ovs-parse-leaks usr/bin
_debian/utilities/ovs-pki usr/sbin _debian/utilities/ovs-pki usr/sbin
_debian/vswitchd/vswitch-idl.ovsschema usr/share/openvswitch

3
debian/openvswitch-common.manpages vendored
View File

@@ -1,2 +1,5 @@
_debian/ovsdb/ovsdb-client.1
_debian/ovsdb/ovsdb-tool.1
_debian/utilities/ovs-appctl.8 _debian/utilities/ovs-appctl.8
_debian/utilities/ovs-ofctl.8
_debian/utilities/ovs-pki.8 _debian/utilities/ovs-pki.8

450
debian/openvswitch-switch.init vendored
View File

@@ -19,36 +19,20 @@
### END INIT INFO ### END INIT INFO
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/sbin/ovs-openflowd ovs_vswitchd=/usr/sbin/ovs-vswitchd
NAME=ovs-openflowd ovsdb_server=/usr/bin/ovsdb-server
DESC=ovs-openflowd
test -x $DAEMON || exit 0 (test -x $ovsdb_server && test -x $ovs_vswitchd) || exit 0
NICIRA_OUI="002320"
LOGDIR=/var/log/openvswitch
PIDFILE=/var/run/$NAME.pid
DHCLIENT_PIDFILE=/var/run/dhclient.of0.pid
DODTIME=1 # Time to wait for the server to die, in seconds DODTIME=1 # Time to wait for the server to die, in seconds
# If this value is set too low you might not # If this value is set too low you might not
# let some servers to die gracefully and # let some servers to die gracefully and
# 'restart' will not work # 'restart' will not work
# Include ovs-openflowd defaults if available # Include ovs-openflowd defaults if available
unset NETDEVS unset OVSDB_SERVER_OPTS
unset MODE unset OVS_VSWITCHD_OPTS
unset SWITCH_IP
unset CONTROLLER
unset PRIVKEY
unset CERT
unset CACERT
unset CACERT_MODE
unset MGMT_VCONNS
unset COMMANDS
unset DAEMON_OPTS
unset CORE_LIMIT unset CORE_LIMIT
unset DATAPATH_ID
default=/etc/default/openvswitch-switch default=/etc/default/openvswitch-switch
if [ -f $default ] ; then if [ -f $default ] ; then
. $default . $default
@@ -56,11 +40,12 @@ fi
set -e set -e
# running_pid pid name
#
# Check if 'pid' is a process named 'name'
running_pid() running_pid()
{ {
# Check if a given process pid's cmdline matches a given name local pid=$1 name=$2
pid=$1
name=$2
[ -z "$pid" ] && return 1 [ -z "$pid" ] && return 1
[ ! -d /proc/$pid ] && return 1 [ ! -d /proc/$pid ] && return 1
cmd=`cat /proc/$pid/cmdline | tr "\000" "\n"|head -n 1 |cut -d : -f 1` cmd=`cat /proc/$pid/cmdline | tr "\000" "\n"|head -n 1 |cut -d : -f 1`
@@ -75,36 +60,47 @@ running_pid()
esac esac
} }
# running name
#
# Checks for a running process named 'name' by looking for a pidfile
# named /var/run/${name}.pid
running() running()
{ {
# Check if the process is running looking at /proc local name=$1
# (works for all users) local pidfile=/var/run/${name}.pid
# No pidfile, probably no daemon present # No pidfile, probably no daemon present
[ ! -f "$PIDFILE" ] && return 1 [ ! -f "$pidfile" ] && return 1
# Obtain the pid and check it against the binary name # Obtain the pid and check it against the binary name
pid=`cat $PIDFILE` pid=`cat $pidfile`
running_pid $pid $NAME || return 1 running_pid $pid $name || return 1
return 0 return 0
} }
# force_stop name
#
# Checks for a running process named 'name', by looking for a pidfile
# named /var/run/${name}.pid, and then kills it and waits for it to
# die.
force_stop() { force_stop() {
# Forcefully kill the process local name=$1
[ ! -f "$PIDFILE" ] && return local pidfile=/var/run/${name}.pid
if running ; then
kill -15 $pid [ ! -f "$pidfile" ] && return
# Is it really dead? if running $name; then
kill $pid
[ -n "$DODTIME" ] && sleep "$DODTIME"s [ -n "$DODTIME" ] && sleep "$DODTIME"s
if running ; then if running $name; then
kill -9 $pid kill -KILL $pid
[ -n "$DODTIME" ] && sleep "$DODTIME"s [ -n "$DODTIME" ] && sleep "$DODTIME"s
if running ; then if running $name; then
echo "Cannot kill $NAME (pid=$pid)!" echo "Cannot kill $name (pid=$pid)!"
exit 1 exit 1
fi fi
fi fi
fi fi
rm -f $PIDFILE rm -f $pidfile
return 0 return 0
} }
@@ -129,310 +125,170 @@ check_op() {
fi fi
} }
configure_ssl() { # is_module_loaded module
if (test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap) \ #
|| test ! -e "$PRIVKEY" || test ! -e "$CERT" \ # Returns 0 if 'module' is loaded, 1 otherwise.
|| (test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap); then
if test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap is_module_loaded() {
then local module=$1
echo "CACERT_MODE is not set to 'secure' or 'bootstrap'" grep -q "^$module " /proc/modules
fi }
if test ! -e "$PRIVKEY"; then
echo "$PRIVKEY: private key missing" >&2 # load_module module
fi #
if test ! -e "$CERT"; then # Loads 'module' into the running kernel, if it is not already loaded.
echo "$CERT: certificate for private key missing" >&2 load_module() {
fi local module=$1
if test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap; then echo -n "Loading $module: "
echo "$CACERT: CA certificate missing (and CA certificate bootstrapping not enabled)" >&2 if is_module_loaded $module; then
fi echo "already loaded, nothing to do."
echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 elif modprobe $module; then
if test "$MODE" = discovery; then echo "success."
echo "You may also delete or rename $PRIVKEY to disable SSL requirement" >&2 else
echo "ERROR."
echo "$module has probably not been built for this kernel."
if ! test -d /usr/share/doc/openvswitch-datapath-source; then
echo "Install the openvswitch-datapath-source package, then read"
echo "/usr/share/doc/openvswitch-datapath-source/README.Debian"
else
echo "For instructions, read"
echo "/usr/share/doc/openvswitch-datapath-source/README.Debian"
fi fi
exit 1 exit 1
fi fi
SSL_OPTS="--private-key=$PRIVKEY --certificate=$CERT"
if test ! -e "$CACERT" && test "$CACERT_MODE" = bootstrap; then
SSL_OPTS="$SSL_OPTS --bootstrap-ca-cert=$CACERT"
else
SSL_OPTS="$SSL_OPTS --ca-cert=$CACERT"
fi
} }
check_int_var() { # unload_module module
eval value=\$$1 #
if test -n "$value"; then # Unloads 'module' from the running kernel, if it is loaded.
if expr "X$value" : 'X[0-9][0-9]*$' > /dev/null 2>&1; then unload_module() {
if test $value -lt $2; then local module=$1
echo "warning: The $1 option may not be set to a value below $2, treating as $2" >&2 echo -n "Unloading $module: "
eval $1=$2 if is_module_loaded $module; then
fi if rmmod $module; then
echo "success."
else else
echo "warning: The $1 option must be set to a number, ignoring" >&2 echo "ERROR."
unset $1 exit 1
fi fi
else
echo "not loaded, nothing to do."
fi fi
} }
check_new_option() { unload_modules() {
case $DAEMON_OPTS in if is_module_loaded openvswitch_mod; then
*$1*) for dp in $(ovs-dpctl dump-dps); do
echo "warning: The $1 option in DAEMON_OPTS may now be set with the $2 variable in $default. The setting in DAEMON_OPTS will override the $2 variable, which will prevent the switch UI from configuring $1." >&2 echo -n "Deleting datapath $dp: "
;; if ovs-dpctl del-dp $dp; then
esac echo "success."
else
echo "ERROR."
fi
done
fi
unload_module openvswitch_mod
unload_module ip_gre_mod
} }
case "$1" in case "$1" in
start) start)
if test -z "$NETDEVS"; then load_module openvswitch_mod
echo "$default: No network devices configured, switch disabled" >&2 unload_module ip_gre
echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 load_module ip_gre_mod
exit 0
fi
if test "$MODE" = discovery; then
unset CONTROLLER
elif test "$MODE" = in-band || test "$MODE" = out-of-band; then
if test -z "$CONTROLLER"; then
echo "$default: No controller configured and not configured for discovery, switch disabled" >&2
echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2
exit 0
fi
else
echo "$default: MODE must set to 'discovery', 'in-band', or 'out-of-band'" >&2
echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2
exit 1
fi
: ${PRIVKEY:=/etc/openvswitch-switch/of0-privkey.pem}
: ${CERT:=/etc/openvswitch-switch/of0-cert.pem}
: ${CACERT:=/etc/openvswitch-switch/cacert.pem}
case $CONTROLLER in
'')
# Discovery mode.
if test -e "$PRIVKEY"; then
configure_ssl
fi
;;
tcp:*)
;;
ssl:*)
configure_ssl
;;
*)
echo "$default: CONTROLLER must be in the form 'ssl:IP[:PORT]' or 'tcp:IP[:PORT]' when not in discovery mode" >&2
echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2
exit 1
esac
case $DISCONNECTED_MODE in
''|switch|drop) ;;
*) echo "$default: warning: DISCONNECTED_MODE is not 'switch' or 'drop'" >&2 ;;
esac
check_int_var RATE_LIMIT 100
check_int_var INACTIVITY_PROBE 5
check_int_var MAX_BACKOFF 1
check_new_option --fail DISCONNECTED_MODE
check_new_option --stp STP
check_new_option --rate-limit RATE_LIMIT
check_new_option --inactivity INACTIVITY_PROBE
check_new_option --max-backoff MAX_BACKOFF
case $DAEMON_OPTS in
*--rate-limit*)
echo "$default: --rate-limit may now be set with RATE_LIMIT" >&2
esac
echo -n "Loading openvswitch_mod: "
if grep -q '^openvswitch_mod$' /proc/modules; then
echo "already loaded, nothing to do."
elif modprobe openvswitch_mod; then
echo "success."
else
echo "ERROR."
echo "openvswitch_mod has probably not been built for this kernel."
if ! test -d /usr/share/doc/openvswitch-datapath-source; then
echo "Install the openvswitch-datapath-source package, then read"
echo "/usr/share/doc/openvswitch-datapath-source/README.Debian"
else
echo "For instructions, read"
echo "/usr/share/doc/openvswitch-datapath-source/README.Debian"
fi
exit 1
fi
echo -n "Loading ip_gre_mod: "
if grep -q '^ip_gre$' /proc/modules; then
modprobe -r ip_gre
fi
if grep -q '^ip_gre_mod$' /proc/modules; then
echo "already loaded, nothing to do."
elif modprobe ip_gre_mod; then
echo "success."
else
echo "could not find module."
fi
for netdev in $NETDEVS; do
check_op "Removing IP address from $netdev" ifconfig $netdev 0.0.0.0
done
must_succeed "Creating datapath" ovs-dpctl add-dp of0 $NETDEVS
xx='[0-9abcdefABCDEF][0-9abcdefABCDEF]'
case $DATAPATH_ID in
'')
# Check if the DMI System UUID contains a Nicira mac address
# that should be used for this datapath. The UUID is assumed
# to be RFC 4122 compliant.
DMIDECODE=`which dmidecode`
if [ -n $DMIDECODE ]; then
UUID_MAC=`$DMIDECODE -s system-uuid | cut -d'-' -f 5`
case $UUID_MAC in
$NICIRA_OUI*)
ifconfig of0 down
must_succeed "Setting of0 MAC address to $UUID_MAC" ifconfig of0 hw ether $UUID_MAC
ifconfig of0 up
;;
esac
fi
;;
$xx:$xx:$xx:$xx:$xx:$xx)
ifconfig of0 down
must_succeed "Setting of0 MAC address to $DATAPATH_ID" ifconfig of0 hw ether $DATAPATH_ID
ifconfig of0 up
;;
*)
echo "DATAPATH_ID is not a valid MAC address in the form XX:XX:XX:XX:XX:XX, ignoring" >&2
;;
esac
if test "$MODE" = in-band; then
if test "$SWITCH_IP" = dhcp; then
must_succeed "Temporarily disabling of0" ifconfig of0 down
else
COMMAND="ifconfig of0 $SWITCH_IP"
if test -n "$SWITCH_NETMASK"; then
COMMAND="$COMMAND netmask $SWITCH_NETMASK"
fi
must_succeed "Configuring of0: $COMMAND" $COMMAND
if test -n "$SWITCH_GATEWAY"; then
# This can fail because the route already exists,
# so we don't insist that it succeed.
COMMAND="route add default gw $SWITCH_GATEWAY"
check_op "Adding default route: $COMMAND" $COMMAND
fi
fi
else
must_succeed "Disabling of0" ifconfig of0 down
fi
if test -n "$CORE_LIMIT"; then if test -n "$CORE_LIMIT"; then
check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT" check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT"
fi fi
# Compose ovs-openflowd options. # Start ovsdb-server.
set -- set --
set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err
set -- "$@" --log-file set -- "$@" --log-file
set -- "$@" --detach --pidfile=$PIDFILE set -- "$@" --detach --pidfile
for vconn in $MGMT_VCONNS; do set -- "$@" --listen punix:/var/run/ovsdb-server
set -- "$@" --listen="$vconn" set -- "$@" /etc/openvswitch-switch/conf
done set -- "$@" $OVSDB_SERVER_OPTS
if test -n "$COMMANDS"; then echo -n "Starting ovsdb-server: "
set -- "$@" --command-acl="$COMMANDS" start-stop-daemon --start --quiet --pidfile /var/run/ovsdb-server.pid \
fi --exec $ovsdb_server -- "$@"
case $STP in if running ovsdb-server; then
yes) set -- "$@" --stp ;; echo "ovsdb-server."
no) set -- "$@" --no-stp ;;
esac
case $DISCONNECTED_MODE in
switch) set -- "$@" --fail=open ;;
drop) set -- "$@" --fail=closed ;;
esac
if test -n "$RATE_LIMIT"; then
set -- "$@" --rate-limit=$RATE_LIMIT
fi
if test -n "$INACTIVITY_PROBE"; then
set -- "$@" --inactivity-probe=$INACTIVITY_PROBE
fi
if test -n "$MAX_BACKOFF"; then
set -- "$@" --max-backoff=$MAX_BACKOFF
fi
set -- "$@" $SSL_OPTS $DAEMON_OPTS
if test "$MODE" = out-of-band; then
set -- "$@" --out-of-band
fi
set -- "$@" of0 "$CONTROLLER"
echo -n "Starting $DESC: "
start-stop-daemon --start --quiet --pidfile $PIDFILE \
--exec $DAEMON -- "$@"
if running; then
echo "$NAME."
else else
echo " ERROR." echo " ERROR."
fi fi
if test "$MODE" = in-band && test "$SWITCH_IP" = dhcp; then # Start ovs-vswitchd.
echo -n "Starting dhclient on of0: " set --
start-stop-daemon --start --quiet --pidfile $DHCLIENT_PIDFILE \ set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err
--exec /sbin/dhclient -- -q -pf $DHCLIENT_PIDFILE of0 set -- "$@" --log-file
if running; then set -- "$@" --detach --pidfile
echo "dhclient." set -- "$@" unix:/var/run/ovsdb-server
else set -- "$@" $OVS_VSWITCHD_OPTS
echo " ERROR." echo -n "Starting ovs-vswitchd: "
fi start-stop-daemon --start --quiet --pidfile /var/run/ovs-vswitchd.pid \
--exec $ovs_vswitchd -- "$@"
if running ovs-vswitchd; then
echo "ovs-vswitchd."
else
echo " ERROR."
fi fi
;; ;;
stop) stop)
if test -e /var/run/dhclient.of0.pid; then echo -n "Stopping ovs-vswitchd: "
echo -n "Stopping dhclient on of0: " start-stop-daemon --stop --quiet --oknodo \
start-stop-daemon --stop --quiet --oknodo \ --pidfile /var/run/ovs-vswitchd.pid \
--pidfile $DHCLIENT_PIDFILE --exec /sbin/dhclient --exec $ovs_vswitchd
echo "dhclient." echo "ovs-vswitchd."
fi
echo -n "Stopping $DESC: " echo -n "Stopping ovsdb-server: "
start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE \ start-stop-daemon --stop --quiet --oknodo \
--exec $DAEMON --pidfile /var/run/ovsdb-server.pid \
echo "$NAME." --exec $ovsdb_server
echo "ovsdb-server."
check_op "Deleting datapath" ovs-dpctl del-dp of0 unload_modules
echo -n "Unloading ip_gre module: "
if modprobe -r ip_gre_mod; then
echo "success."
fi
check_op "Unloading kernel module" modprobe -r openvswitch_mod
;; ;;
force-stop) force-stop)
echo -n "Forcefully stopping $DESC: " echo -n "Forcefully stopping ovs-vswitchd: "
force_stop force_stop ovs-vswitchd
if ! running; then if ! running ovs-vswitchd; then
echo "$NAME." echo "ovs-vswitchd."
else else
echo " ERROR." echo " ERROR."
fi fi
echo -n "Forcefully stopping ovsdb-server: "
force_stop ovsdb-server
if ! running ovsdb-server; then
echo "ovsdb-server."
else
echo " ERROR."
fi
unload_modules
;; ;;
reload) reload)
;; ;;
force-reload) force-reload)
start-stop-daemon --stop --test --quiet --pidfile \ # Nothing to do, since ovs-vswitchd automatically reloads
$PIDFILE --exec $DAEMON \ # whenever its configuration changes, and ovsdb-server doesn't
&& $0 restart \ # have anything to reload.
|| exit 0
;; ;;
restart) restart)
$0 stop || true $0 stop || true
$0 start $0 start
;; ;;
status) status)
echo -n "$NAME is " for daemon in ovs-vswitchd ovsdb-server; do
if running ; then echo -n "$daemon is "
echo "running" if running $daemon; then
else echo "running"
echo " not running." else
exit 1 echo " not running."
fi exit 1
fi
done
;; ;;
*) *)
N=/etc/init.d/$NAME N=/etc/init.d/$NAME

9
debian/openvswitch-switch.install vendored
View File

@@ -1,7 +1,8 @@
_debian/utilities/ovs-openflowd usr/sbin _debian/ovsdb/ovsdb-server usr/bin
_debian/utilities/ovs-dpctl usr/sbin
_debian/utilities/ovs-discover usr/sbin _debian/utilities/ovs-discover usr/sbin
_debian/utilities/ovs-dpctl usr/sbin
_debian/utilities/ovs-kill usr/sbin _debian/utilities/ovs-kill usr/sbin
_debian/utilities/ovs-ofctl usr/sbin _debian/utilities/ovs-vsctl usr/sbin
debian/openvswitch/usr/share/openvswitch/commands/* usr/share/openvswitch/commands _debian/vswitchd/ovs-vswitchd usr/sbin
debian/commands/* usr/share/openvswitch/commands debian/commands/* usr/share/openvswitch/commands
debian/openvswitch/usr/share/openvswitch/commands/* usr/share/openvswitch/commands

5
debian/openvswitch-switch.manpages vendored
View File

@@ -1,5 +1,6 @@
_debian/utilities/ovs-openflowd.8 _debian/ovsdb/ovsdb-server.1
_debian/utilities/ovs-discover.8 _debian/utilities/ovs-discover.8
_debian/utilities/ovs-dpctl.8 _debian/utilities/ovs-dpctl.8
_debian/utilities/ovs-kill.8 _debian/utilities/ovs-kill.8
_debian/utilities/ovs-ofctl.8 _debian/utilities/ovs-vsctl.8
_debian/vswitchd/ovs-vswitchd.8

24
debian/openvswitch-switch.postinst vendored
View File

@@ -33,6 +33,30 @@ case "$1" in
fi fi
done done
fi fi
if /etc/init.d/openvswitch-switch status >/dev/null 2>&1; then
running=true
/etc/init.d/openvswitch-switch stop
else
running=false
fi
if test ! -e /etc/openvswitch-switch/conf; then
# Create configuration database.
ovsdb-tool -vANY:console:emer \
create /etc/openvswitch-switch/conf \
/usr/share/openvswitch/vswitch-idl.ovsschema
# Initialize configuration database.
ovsdb-tool -vANY:console:emer \
transact /etc/openvswitch-switch/conf \
'[{"op": "insert", "table": "Open_vSwitch", "row": {}}]' \
> /dev/null
fi
if $running; then
/etc/init.d/openvswitch-switch start
fi
;; ;;
abort-upgrade|abort-remove|abort-deconfigure) abort-upgrade|abort-remove|abort-deconfigure)

3
debian/openvswitch-switch.postrm vendored
View File

@@ -21,7 +21,10 @@ set -e
case "$1" in case "$1" in
purge) purge)
rm -f /etc/openvswitch-switch/conf
rm -f /etc/openvswitch-switch/.conf.~lock~
rm -f /etc/default/openvswitch-switch rm -f /etc/default/openvswitch-switch
rm -f /var/log/openvswitch/*
;; ;;
remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)

156
debian/openvswitch-switch.template vendored
View File

@@ -4,147 +4,14 @@
# uncomment them. Afterward, the switch will come up # uncomment them. Afterward, the switch will come up
# automatically at boot time. It can be started immediately with # automatically at boot time. It can be started immediately with
# /etc/init.d/openvswitch-switch start # /etc/init.d/openvswitch-switch start
# Alternatively, use the ovs-switch-setup program (from the
# openvswitch-switch-config package) to do everything automatically.
# NETDEVS: Which network devices should the OpenFlow switch include? # OVSDB_SERVER_OPTS: Additional options to pass to ovsdb-server,
# # e.g. "--fail=open"
# List the network devices that should become part of the OpenFlow OVSDB_SERVER_OPTS=
# switch, separated by spaces. At least two devices must be selected
# for this machine to be a useful switch. Unselecting all network
# devices will disable the OpenFlow switch entirely.
#
# The network devices that you select should not be configured with IP
# or IPv6 addresses, even if the switch contacts the controller over
# one of the selected network devices. This is because a running
# Open vSwitch switch takes over network devices at a low level: they
# become part of the switch and cannot be used for other purposes.
#NETDEVS=""
# MODE: The OpenFlow switch has three modes that determine how it # OVS_VSWITCHD_OPTS: Additional options to pass to ovs-openflowd,
# reaches the controller: # e.g. "--fail=open"
# OVS_VSWITCHD_OPTS=
# * in-band with discovery: A single network is used for OpenFlow
# traffic and other data traffic; that is, the switch contacts the
# controller over one of the network devices selected as OpenFlow
# switch ports. The switch automatically determines the location of
# the controller using a DHCP request with an OpenFlow-specific
# vendor option. This is the most common case.
#
# * in-band: As above, but the location of the controller is manually
# configured.
#
# * out-of-band: OpenFlow traffic uses a network separate from the
# data traffic that it controls. If this is the case, the control
# network must already be configured on a network device other than
# one of those selected as an Open vSwitch switch port in the previous
# question.
#
# Set MODE to 'discovery', 'in-band', or 'out-of-band' for these
# respective cases.
MODE=discovery
# SWITCH_IP: In 'in-band' mode, the switch's IP address may be
# configured statically or dynamically:
#
# * For static configuration, specify the switch's IP address as a
# string. In this case you may also set SWITCH_NETMASK and
# SWITCH_GATEWAY appropriately (see below).
#
# * For dynamic configuration with DHCP (the most common case),
# specify "dhcp". Configuration with DHCP will only work reliably
# if the network topology allows the switch to contact the DHCP
# server before it connects to the OpenFlow controller.
#
# This setting has no effect unless MODE is set to 'in-band'.
SWITCH_IP=dhcp
# SWITCH_NETMASK: IP netmask to use in 'in-band' mode when the switch
# IP address is not 'dhcp'.
#SWITCH_NETMASK=255.255.255.0
# SWITCH_GATEWAY: IP gateway to use in 'in-band' mode when the switch
# IP address is not 'dhcp'.
#SWITCH_GATEWAY=192.168.1.1
# CONTROLLER: Location of controller.
# One of the following formats:
# tcp:IP[:PORT] via TCP to PORT (default: 6633) at IP
# ssl:IP[:PORT] via SSL to PORT (default: 6633) at IP
# The default below assumes that the controller is running locally.
# This setting has no effect when MODE is set to 'discovery'.
#CONTROLLER="tcp:127.0.0.1"
# PRIVKEY: Name of file containing switch's private key.
# Required if SSL enabled.
#PRIVKEY=/etc/openvswitch-switch/of0-privkey.pem
# CERT: Name of file containing certificate for private key.
# Required if SSL enabled.
#CERT=/etc/openvswitch-switch/of0-cert.pem
# CACERT: Name of file containing controller CA certificate.
# Required if SSL enabled.
#CACERT=/etc/openvswitch-switch/cacert.pem
# CACERT_MODE: Two modes are available:
#
# * secure: The controller CA certificate named in CACERT above must exist.
# (You must copy it manually from the PKI server or another trusted source.)
#
# * bootstrap: If the controller CA certificate named in CACERT above does
# not exist, the switch will obtain it from the controller the first time
# it connects and save a copy to the file named in CACERT. This is insecure,
# in the same way that initial connections with ssh are insecure, but
# it is convenient.
#
# Set CACERT_MODE to 'secure' or 'bootstrap' for these respective cases.
#CACERT_MODE=secure
# MGMT_VCONNS: List of vconns (space-separated) on which ovs-openflowd
# should listen for management connections from ovs-ofctl, etc.
# openvswitch-switchui by default connects to
# unix:/var/run/ovs-openflowd.mgmt, so do not disable this if you want to
# use openvswitch-switchui.
MGMT_VCONNS="punix:/var/run/ovs-openflowd.mgmt"
# COMMANDS: Access control list for the commands that can be executed
# remotely over the OpenFlow protocol, as a comma-separated list of
# shell glob patterns. Negative patterns (beginning with !) act as a
# blacklist. To be executable, a command name must match one positive
# pattern and not match any negative patterns.
#COMMANDS="reboot,update"
# DISCONNECTED_MODE: Switch behavior when attempts to connect to the
# controller repeatedly fail, either 'switch', to act as an L2 switch
# in this case, or 'drop', to drop all packets (except those necessary
# to connect to the controller). If unset, the default is 'drop'.
#DISCONNECTED_MODE=switch
# STP: Enable or disabled 802.1D-1998 Spanning Tree Protocol. Set to
# 'yes' to enable STP, 'no' to disable it. If unset, ovs-openflowd's
# current default is 'no' (but this may change in the future).
#STP=no
# RATE_LIMIT: Maximum number of received frames, that do not match any
# existing switch flow, to forward up to the controller per second.
# The valid range is 100 and up. If unset, this rate will not be
# limited.
#RATE_LIMIT=1000
# INACTIVITY_PROBE: The maximum number of seconds of inactivity on the
# controller connection before ovs-openflowd sends an inactivity probe
# message to the controller. The valid range is 5 and up. If unset,
# ovs-openflowd defaults to 5 seconds.
#INACTIVITY_PROBE=5
# MAX_BACKOFF: The maximum time that ovs-openflowd will wait between
# attempts to connect to the controller. The valid range is 1 and up.
# If unset, ovs-openflowd defaults to 8 seconds.
#MAX_BACKOFF=8
# DAEMON_OPTS: Additional options to pass to ovs-openflowd, e.g. "--fail=open"
DAEMON_OPTS=""
# CORE_LIMIT: Maximum size for core dumps. # CORE_LIMIT: Maximum size for core dumps.
# #
@@ -152,14 +19,3 @@ DAEMON_OPTS=""
# will disable core dumps. Setting it to "unlimited" will dump all # will disable core dumps. Setting it to "unlimited" will dump all
# core files regardless of size. # core files regardless of size.
#CORE_LIMIT=unlimited #CORE_LIMIT=unlimited
# DATAPATH_ID: Identifier for this switch.
#
# By default, the switch checks if the DMI System UUID contains a Nicira
# mac address to use as a datapath ID. If not, then the switch generates
# a new, random datapath ID every time it starts up. By setting this
# value, the supplied datapath ID will always be used.
#
# Set DATAPATH_ID to a MAC address in the form XX:XX:XX:XX:XX:XX where each
# X is a hexadecimal digit (0-9 or a-f).
#DATAPATH_ID=XX:XX:XX:XX:XX:XX