Commit 89f3c258fe (ovs-vsctl: Improve error message for "ovs-vsctl del-port
<bridge>".) changed the behavior of
ovs-vsctl --if-exists del-port <bridge>
from a silent no-op to a hard failure. This commit fixes this regression.
This caused problems on XenServer, for which the Open vSwitch integration
runs commands like:
/usr/bin/ovs-vsctl --timeout=20 \
-- --with-iface --if-exists del-port xapi103 \
-- --if-exists del-br xapi103
Bug #18276.
Reported-by: Michael Hu <mhu@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Previously, commands like this:
ovs-vsctl add-br br0
ovs-vsctl del-port br0
yielded an error message like:
no port named br0
which is confusing. This commit improves the error message to:
cannot delete port br0 because it is the local port for bridge br0
(deleting this port requires deleting the entire bridge)
Bug #17994.
Reported-by: Reid Price <reid@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Define a new NXAST_SAMPLE OpenFlow vendor action and the corresponding
OFPACT_SAMPLE OVS action, to do per-flow packet sampling, translated
into a new SAMPLE "flow_sample" dp action.
Make the userspace action's userdata size vary depending on the union
member used. Add a new "flow_sample" upcall to do per-flow packet
sampling. Add a new "ipfix" upcall to do per-bridge packet sampling
to IPFIX collectors.
Extend the OVSDB schema to support configuring IPFIX collector sets.
Add support for configuring multiple IPFIX collectors for per-flow
packet sampling. Add support for configuring per-bridge IPFIX
sampling.
Automatically generate standard IPFIX entity definitions from the IANA
specs. Send one IPFIX data record message for every packet sampled by
an OpenFlow sample action or received by a bridge configured with
IPFIX sampling, and periodically send IPFIX template set messages.
Signed-off-by: Romain Lenglet <rlenglet@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
The following two commands results in a ovs-vsctl segfault.
ovs-vsctl -vfatal_signal:off --timeout=0 wait-until \
Open_vswitch . external_ids:blah="1"
/etc/init.d/openvswitch-switch restart
This patch fixes the segfault by properly setting the global
varibale, the_idl_txn to NULL when the underlying memory is
freed.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Until now, ovs-vsctl has kept trying to the database server until it
succeeded or the timeout expired (if one was specified with --timeout).
This meant that if ovsdb-server wasn't running, then ovs-vsctl would hang.
The result was that almost every ovs-vsctl invocation in scripts specified
a timeout on the off-chance that the database server might not be running.
But it's difficult to choose a good timeout. A timeout that is too short
can cause spurious failures. A timeout that is too long causes long delays
if the server really isn't running.
This commit should alleviate this problem. It changes ovs-vsctl's behavior
so that, if it fails to connect to the server, it exits unsuccessfully.
This makes --timeout obsolete for the purpose of avoiding a hang if the
database server isn't running. (--timeout is still useful to avoid a hang
if ovsdb-server is running but ovs-vswitchd is not, for ovs-vsctl commands
that modify the database. --no-wait also avoids that issue.)
Bug #2393.
Bug #15594.
Reported-by: Jeff Merrick <jmerrick@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This is a straight search-and-replace, except that I also removed #include
<assert.h> from each file where there were no assert calls left.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
A few ovs-vsctl commands have accepted --if-exists options for some time,
to make it possible to execute them in cases where it doesn't really
matter if the records they touch exist. This commit adds this option to
other commands.
This is intended for initial use with "ovs-vsctl set interface <iface>
ofport_request=<number>" commands in ovs-ctl for upgrades from OVS 1.9
to later versions.
This makes a very small incompatible change to the ovs-vsctl "get"
command: previously with --if-exists, only keys in map columns were
allowed to be missing; now with --if-eixsts, also records are allowed
to be missing.
CC: Gurucharan Shetty <gshetty@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Until now, a command like "ovs-vsctl --may-exist add-br br0" yielded a
confusing error message. Users had to realize that the correct form was
"ovs-vsctl -- --may-exist add-br br0", but instead they often reported a
bug or gave up in frustration. Even though the behavior was documented, it
was counterintuitive.
This commit allows command-specific options to be mixed with global
options, making both forms of the command listed above equally acceptable.
CC: 691508@bugs.debian.org
Reported-by: Adam Heath <doogie@brainfood.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
By default, "ovs-vsctl list-br" returns all bridges, real or fake. This
commit adds "--real" and "--fake" options that limit the output to only
bridges of that type. This will be useful in a future commit that needs
to perform actions only on bridges of a particular type.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
It doesn't use them and never has.
Found when I accidentally typed this command with some arguments and it
worked, surprising me.
Signed-off-by: Ben Pfaff <blp@nicira.com>
OVSDB has always had the ability to mark a column as "immutable", so that
its value cannot be changed in a given row after that row is initially
inserted. However, we discovered recently that ovsdb-server has never
enforced this constraint. This commit implements enforcement.
Reported-by: Paul Ingram <paul@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
String to string maps are used all over the Open vSwitch database.
Before this patch, they were implemented in the idl as parallel
string arrays. This strategy has proven a bit cumbersome. With
this patch, string to string maps are implemented using the smap
library.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
A smap is a string to string hash map. It has a cleaner interface
than shash's which were traditionally used for the same purpose.
This patch implements the data structure, and changes netdev and
its providers to use it.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Adds the ability to delete all records from table. This will help
users to destroy all records from Qos or Queue table using single
command rather then current method.
Feature #11306
Suggested-by: Kevin Mancuso <kevin.mancuso@rackspace.com>
Signed-off-by: Arun Sharma <arun.sharma@calsoftinc.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Replaced all instances of Nicira Networks(, Inc) to Nicira, Inc.
Feature #10593
Signed-off-by: Raju Subramanian <rsubramanian@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This makes a sequence of 10,000 "add-port" operations on a single ovs-vsctl
command line about 4X faster. It makes a sequence of 10,000 "del-port"
operations on a single command line over 2X faster.
It works by not repopulating the cache of relationships between bridges,
ports, and interfaces after most operations, instead updating them
incrementally in-place.
Signed-off-by: Ben Pfaff <blp@nicira.com>
It's only used in cmd_get_fail_mode(), which can easily look it up for
itself, so there's no benefit to storing it in every vsctl_bridge record.
Signed-off-by: Ben Pfaff <blp@nicira.com>
To speed up management operations with many ports, we need to preserve the
cache of bridges, ports, and interfaces from one operation to the next.
One necessary step is to push the "struct vsctl_info" that did the caching
up from the individual functions that need it into a more global structure.
This commit does that, merging it into struct vsctl_context.
This commit also modifies do_vsctl(), the top-level control code in
ovs-vsctl, to keep this part of the vsctl_context unchanged from running
one command to the next.
Signed-off-by: Ben Pfaff <blp@nicira.com>
A VLAN bridge uses its parent's controllers, so checking the controller
should verify the parent's set of controllers.
The change to verify_controllers() isn't necessary; it just deletes
the check for a null 'bridge' because verify_controllers() can no
longer be called with a null 'bridge'.
This fixes a bug, but it is unlikely to ever have caused a real problem for
users.
Found by inspection.
Signed-off-by: Ben Pfaff <blp@nicira.com>
A VLAN bridge uses its parent's fail-mode, so checking the fail-mode should
verify the parent's bridge record.
This fixes a bug, but it is unlikely to ever have caused a real problem for
users.
Found by inspection.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Originally the IDL transaction state machine had a return value
TXN_TRY_AGAIN to signal the client to wait for a change in the database and
then retry its transaction. However, this logic was incomplete, because
it was possible for the database to change before the reply to the
transaction RPC was received, in which case the client would wait for a
further change. Commit 4fdfe5ccf8 (ovsdb-idl: Prevent occasional hang
when multiple database clients race.) fixed the problem by breaking
TXN_TRY_AGAIN into two status codes, TXN_AGAIN_WAIT that meant to wait for
a further change and TXN_AGAIN_NOW that meant that a change had already
occurred so try again immediately.
This is correct enough, but it is more complicated than necessary. It is
simpler and just as correct to use a single "try again" status that
requires the client to wait for a change relative to the database contents
*before* the transaction was committed. This commit makes that change.
It also changes ovsdb_idl_run()'s return type from bool to void because
its return type is hardly useful anymore.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Codes that uses #include "vswitch-idl.h" can get an older version of this
header, because this header file moved from vswitchd/ to lib/ and the
older generated file might still be present.
This helps out two ways:
* "make clean" will delete the generated files from their old
locations.
* Use #include "lib/vswitch-idl.h" to explicitly avoid including the
files from their old locations.
Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
A fake bridge for VLAN 0 is useful, because it provides a way to create
access ports for VLAN 0. There is no good reason to prevent it.
NIC-464.
Reported-by: Rob Hoes <Rob.Hoes@citrix.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
When a client of the IDL tries to commit a read-modify-write transaction
but the database has changed in the meantime, the IDL tells its client to
wait for the IDL to change and then try the transaction again by returning
TXN_TRY_AGAIN. The "wait for the IDL to change" part is important because
there's no point in retrying the transaction before the IDL has received
the database updates (the transaction would fail in the same way all over
again).
However, the logic was incomplete: the database update can be received
*before* the reply to the transaction RPC (I think that in the current
ovsdb-server implementation this will always happen, in fact). When this
happens, the right thing to do is to retry the transaction immediately;
if we wait, then we're waiting for an additional change to the database
that may never come, causing an indefinite hang.
This commit therefore breaks the "try again" IDL commit status code
into two, one that means "try again immediately" and another that means
"wait for a change then try again". When an update is processed after a
transaction is committed but before the reply is received, the "try again
now" tells the IDL client not to wait for another database change before
retrying its transaction.
Bug #5980.
Reported-by: Ram Jothikumar <rjothikumar@nicira.com>
Reproduced-by: Alex Yip <alex@nicira.com>
Until now, "emer" has effectively been "off" because no messages were ever
logged at "emer" level. Justin points out that it is useful to use "emer"
for messages that indicate a fatal error. This commit makes that change
and adds a new "off" level to really turn off all logging to a facility.
Once in a while someone reports a problem caused by running multiple
ovs-vswitchd processes at the same time. This fixes the problem by
requiring ovs-vswitchd to obtain a database lock before taking any actions.
The database prevents multiple ports or interfaces with a single name, but
duplicates can still occur if, for example, two bridges' "ports" columns
both point to a single Port record. The existing warning just says in this
case that the database contains a duplicate port name. This prompts users
to dump the Port table to look for the duplicate. Of course there isn't
one, so then they ask me to point out the problem.
This commit improves the log message to point out the actual problem.
The state machine didn't have a proper state for "not yet committed or
aborted", which meant that destroying an ovsdb_idl_txn without committing
or aborting it caused a segfault. This fixes the problem by adding a new
state TXN_UNCOMMITTED to the state machine.
This is related to commit 79554078d "ovsdb-idl: Fix bad logic in
ovsdb_idl_txn_commit() state transitions", which fixed a related bug.
Bug #2438.
In an effort to make CFM easier to understand and configure, this
patch removes the Maintenance_Point and Monitor tables from the
database. As a consequence, users will only be able to configure
one remote maintenance point. Furthermore, before this patch each
remote maintenance point maintained its own separate fault flag in
the database. This flag is no longer reported, users will need to
infer the fault status from the global CFM fault flag.
Previously, if --private-key or another option that requires SSL support
was used, but OVS was built without OpenSSL support, then OVS would fail
with an error message that the specified option was not supported. This
confused users because it made them think that the option had been removed:
http://openvswitch.org/pipermail/discuss/2011-April/005034.html
This commit improves the error message: OVS will now report that it was
built without SSL support. This should be make the problem clear to users.
Reported-by: Aaron Rosen <arosen@clemson.edu>
Feature #5325.
In each of the cases converted here, an shash was used simply to maintain
a set of strings, with the shash_nodes' 'data' values set to NULL. This
commit converts them to use sset instead.
Garbage collection introduced in
c5f341ab19 changed ovs-vsctl so that
it would allow the garbage collector to reclaim unused tables
instead of manually deleting them itself. Since garbage collection
runs at transaction completion, undeleted tables would hang around
and could conflict with future actions in a given transaction.
This commit backs out this change.
The following command is an example of something that would have
failed before this commit.
ovs-vsctl -- add-br b \
-- del-br b \
-- add-br b \
-- set Interface b other_config:test=test
