From 6f24c2bc769afde0a390ce344de1a7d9c592e5a6 Mon Sep 17 00:00:00 2001 From: Terry Wilson Date: Tue, 28 Jun 2022 09:54:45 -0500 Subject: [PATCH] ovsdb: Add Local_Config schema. The only way to configure settings on a remote (e.g. inactivity_probe) is via --remote=db:DB,table,row. There is no way to do this via the existing CLI options. For a clustered DB with multiple servers listening on unique addresses there is no way to store these entries in the DB as the DB is shared. For example, three servers listening on 1.1.1.1, 1.1.1.2, and 1.1.1.3 respectively would require a Manager/Connection row each, but then all three servers would try to listen on all three addresses. It is possible for ovsdb-server to serve multiple databases. This means that we can have a local "config" database in addition to the main database we are serving (Open_vSwitch, OVN_Southbound, etc.) and this patch adds a Local_Config schema that currently just mirrors the Connection table and a Config table with a 'connections' row that stores each Connection. Signed-off-by: Terry Wilson Acked-by: Dumitru Ceara Signed-off-by: Ilya Maximets --- NEWS | 4 + debian/openvswitch-switch.install | 1 + debian/openvswitch-switch.manpages | 1 + ovsdb/.gitignore | 2 + ovsdb/automake.mk | 21 ++ ovsdb/local-config.ovsschema | 43 +++++ ovsdb/local-config.xml | 296 +++++++++++++++++++++++++++++ rhel/openvswitch-fedora.spec.in | 2 + rhel/openvswitch.spec.in | 2 + tests/ovsdb-cluster.at | 42 +++- xenserver/openvswitch-xen.spec.in | 2 + 11 files changed, 409 insertions(+), 7 deletions(-) create mode 100644 ovsdb/local-config.ovsschema create mode 100644 ovsdb/local-config.xml diff --git a/NEWS b/NEWS index 944c31088..994fdf6a9 100644 --- a/NEWS +++ b/NEWS @@ -17,6 +17,10 @@ Post-v2.17.0 * New unixctl command 'ovsdb-server/tlog-set DB:TABLE on|off". If turned on, ovsdb-server will log (at level INFO and rate limited) all operations that are committed to table TABLE in the DB database. + * New Local_Config schema added to support Connections (--remote) + configuration in a clustered databse independently for each server. + E.g. for listening on unique addresses. See the ovsdb.local-config.5 + manpage for schema details. - OVSDB-IDL: * New monitor mode flag, OVSDB_IDL_WRITE_CHANGED_ONLY, allowing applications to relax atomicity requirements when dealing with diff --git a/debian/openvswitch-switch.install b/debian/openvswitch-switch.install index 6a6e9a543..5ac3df77b 100644 --- a/debian/openvswitch-switch.install +++ b/debian/openvswitch-switch.install @@ -14,4 +14,5 @@ usr/share/openvswitch/scripts/ovs-check-dead-ifs usr/share/openvswitch/scripts/ovs-ctl usr/share/openvswitch/scripts/ovs-kmod-ctl usr/share/openvswitch/scripts/ovs-save +usr/share/openvswitch/local-config.ovsschema usr/share/openvswitch/vswitch.ovsschema diff --git a/debian/openvswitch-switch.manpages b/debian/openvswitch-switch.manpages index 7fd7bc55d..088734b0d 100644 --- a/debian/openvswitch-switch.manpages +++ b/debian/openvswitch-switch.manpages @@ -1,5 +1,6 @@ ovsdb/ovsdb-server.1 ovsdb/ovsdb-server.5 +ovsdb/ovsdb.local-config.5 debian/tmp/usr/share/man/man8/ovs-ctl.8 utilities/ovs-dpctl-top.8 utilities/ovs-dpctl.8 diff --git a/ovsdb/.gitignore b/ovsdb/.gitignore index fbcefafc6..a4f9d38f1 100644 --- a/ovsdb/.gitignore +++ b/ovsdb/.gitignore @@ -1,5 +1,7 @@ /_server.ovsschema.inc /_server.ovsschema.stamp +/local-config.ovsschema.stamp +/ovsdb.local-config.5 /ovsdb-client /ovsdb-client.1 /ovsdb-doc diff --git a/ovsdb/automake.mk b/ovsdb/automake.mk index 62cc02686..3b3140102 100644 --- a/ovsdb/automake.mk +++ b/ovsdb/automake.mk @@ -148,4 +148,25 @@ ovsdb/ovsdb-server.5: \ $(srcdir)/ovsdb/_server.xml > $@.tmp && \ mv $@.tmp $@ +EXTRA_DIST += ovsdb/local-config.ovsschema +pkgdata_DATA += ovsdb/local-config.ovsschema + +# Version checking for local-config.ovsschema. +ALL_LOCAL += ovsdb/local-config.ovsschema.stamp +ovsdb/local-config.ovsschema.stamp: ovsdb/local-config.ovsschema + $(srcdir)/build-aux/cksum-schema-check $? $@ +CLEANFILES += ovsdb/local-config.ovsschema.stamp + +# Local_Config schema documentation +EXTRA_DIST += ovsdb/local-config.xml +CLEANFILES += ovsdb/ovsdb.local-config.5 +man_MANS += ovsdb/ovsdb.local-config.5 +ovsdb/ovsdb.local-config.5: \ + ovsdb/ovsdb-doc ovsdb/ ovsdb/local-config.xml ovsdb/local-config.ovsschema + $(AM_V_GEN)$(OVSDB_DOC) \ + --version=$(VERSION) \ + $(srcdir)/ovsdb/local-config.ovsschema \ + $(srcdir)/ovsdb/local-config.xml > $@.tmp && \ + mv $@.tmp $@ + EXTRA_DIST += ovsdb/TODO.rst diff --git a/ovsdb/local-config.ovsschema b/ovsdb/local-config.ovsschema new file mode 100644 index 000000000..bd86d0f4f --- /dev/null +++ b/ovsdb/local-config.ovsschema @@ -0,0 +1,43 @@ +{ + "name": "Local_Config", + "version": "1.0.0", + "cksum": "2048726482 1858", + "tables": { + "Config": { + "columns": { + "connections": { + "type": {"key": {"type": "uuid", + "refTable": "Connection"}, + "min": 0, + "max": "unlimited"}}}, + "maxRows": 1, + "isRoot": true}, + "Connection": { + "columns": { + "target": {"type": "string"}, + "max_backoff": {"type": {"key": {"type": "integer", + "minInteger": 1000}, + "min": 0, + "max": 1}}, + "inactivity_probe": {"type": {"key": "integer", + "min": 0, + "max": 1}}, + "read_only": {"type": "boolean"}, + "role": {"type": "string"}, + "other_config": {"type": {"key": "string", + "value": "string", + "min": 0, + "max": "unlimited"}}, + "external_ids": {"type": {"key": "string", + "value": "string", + "min": 0, + "max": "unlimited"}}, + "is_connected": {"type": "boolean", "ephemeral": true}, + "status": {"type": {"key": "string", + "value": "string", + "min": 0, + "max": "unlimited"}, + "ephemeral": true}}, + "indexes": [["target"]]} + } +} diff --git a/ovsdb/local-config.xml b/ovsdb/local-config.xml new file mode 100644 index 000000000..b502aea4c --- /dev/null +++ b/ovsdb/local-config.xml @@ -0,0 +1,296 @@ + + +

+ This database is for local configuration of an ovsdb-server. The + database is meant to be unique, even among multiple clustered db + servers, so that configuration that is local to that server can + be configured separately (e.g. Connection information). +

+ + +

+ The root local configuration table for an ovsdb-server. This table + must have exactly one row. +

+ + + Database clients to which the Open vSwitch database server should + connect or on which it should listen, along with options for how these + connections should be configured. See the + table for more information. + + +
+ + +

+ Configuration for a database connection to an Open vSwitch database + (OVSDB) client. +

+ +

+ This table primarily configures the Open vSwitch database server + (ovsdb-server). +

+ +

+ The Open vSwitch database server can initiate and maintain active + connections to remote clients. It can also listen for database + connections. +

+ + + +

Connection methods for clients.

+

+ The following connection methods are currently supported: +

+
+
+ ssl:host[:port] +
+
+

+ The specified SSL port on the host at the given + host, which can either be a DNS name (if built with + unbound library) or an IP address. A valid SSL configuration must + be provided when this form is used, this configuration can be + specified via command-line options or the + table. +

+

+ If port is not specified, it defaults to 6640. +

+

+ SSL support is an optional feature that is not always + built as part of Open vSwitch. +

+
+ +
+ tcp:host[:port] +
+
+

+ The specified TCP port on the host at the given + host, which can either be a DNS name (if built with + unbound library) or an IP address. If host is an IPv6 + address, wrap it in square brackets, e.g. + tcp:[::1]:6640. +

+

+ If port is not specified, it defaults to 6640. +

+
+
+ pssl:[port][:host] +
+
+

+ Listens for SSL connections on the specified TCP port. + Specify 0 for port to have the kernel automatically + choose an available port. If host, which can either + be a DNS name (if built with unbound library) or an IP address, + is specified, then connections are restricted to the resolved or + specified local IPaddress (either IPv4 or IPv6 address). If + host is an IPv6 address, wrap in square brackets, + e.g. pssl:6640:[::1]. If host is not + specified then it listens only on IPv4 (but not IPv6) addresses. + A valid SSL configuration must be provided when this form is + used, this can be specified either via command-line options or + the table. +

+

+ If port is not specified, it defaults to 6640. +

+

+ SSL support is an optional feature that is not always built as + part of Open vSwitch. +

+
+
+ ptcp:[port][:host] +
+
+

+ Listens for connections on the specified TCP port. + Specify 0 for port to have the kernel automatically + choose an available port. If host, which can either + be a DNS name (if built with unbound library) or an IP address, + is specified, then connections are restricted to the resolved or + specified local IP address (either IPv4 or IPv6 address). If + host is an IPv6 address, wrap it in square brackets, + e.g. ptcp:6640:[::1]. If host is not + specified then it listens only on IPv4 addresses. +

+

+ If port is not specified, it defaults to 6640. +

+
+
+

When multiple clients are configured, the + values must be unique. Duplicate values yield + unspecified results.

+ + + + true to restrict these connections to read-only + transactions, false to allow them to modify the database. + + + + String containing role name for this connection entry. + + + + + + Maximum number of milliseconds to wait between connection attempts. + Default is implementation-specific. + + + + Maximum number of milliseconds of idle time on connection to the client + before sending an inactivity probe message. If Open vSwitch does not + communicate with the client for the specified number of seconds, it + will send a probe. If a response is not received for the same + additional amount of time, Open vSwitch assumes the connection has been + broken and attempts to reconnect. Default is implementation-specific. + A value of 0 disables inactivity probes. + + + + +

+ Key-value pair of is always updated. + Other key-value pairs in the status columns may be updated depends + on the type. +

+ +

+ When specifies a connection method that + listens for inbound connections (e.g. ptcp: or + punix:), both and + may also be updated while the + remaining key-value pairs are omitted. +

+ +

+ On the other hand, when specifies an + outbound connection, all key-value pairs may be updated, except + the above-mentioned two key-value pairs associated with inbound + connection targets. They are omitted. +

+ + + true if currently connected to this client, + false otherwise. + + + + A human-readable description of the last error on the connection + to the manager; i.e. strerror(errno). This key + will exist only if an error has occurred. + + + +

+ The state of the connection to the manager: +

+
+
VOID
+
Connection is disabled.
+ +
BACKOFF
+
Attempting to reconnect at an increasing period.
+ +
CONNECTING
+
Attempting to connect.
+ +
ACTIVE
+
Connected, remote host responsive.
+ +
IDLE
+
Connection is idle. Waiting for response to keep-alive.
+
+

+ These values may change in the future. They are provided only for + human consumption. +

+ + + + The amount of time since this client last successfully connected + to the database (in seconds). Value is empty if client has never + successfully been connected. + + + + The amount of time since this client last disconnected from the + database (in seconds). Value is empty if client has never + disconnected. + + + + Space-separated list of the names of OVSDB locks that the connection + holds. Omitted if the connection does not hold any locks. + + + + Space-separated list of the names of OVSDB locks that the connection is + currently waiting to acquire. Omitted if the connection is not waiting + for any locks. + + + + Space-separated list of the names of OVSDB locks that the connection + has had stolen by another OVSDB client. Omitted if no locks have been + stolen from this connection. + + + + When specifies a connection method that + listens for inbound connections (e.g. ptcp: or + pssl:) and more than one connection is actually active, + the value is the number of active connections. Otherwise, this + key-value pair is omitted. + + + + When is ptcp: or + pssl:, this is the TCP port on which the OVSDB server is + listening. (This is particularly useful when specifies a port of 0, allowing the kernel to + choose any available port.) + + + + + + The Differentiated Service Code Point (DSCP) is specified using 6 bits + in the Type of Service (TOS) field in the IP header. DSCP provides a + mechanism to classify the network traffic and provide Quality of + Service (QoS) on IP networks. + + The DSCP value specified here is used when establishing the connection + between the manager and the Open vSwitch. If no value is specified, a + default value of 48 is chosen. Valid DSCP values must be in the range + 0 to 63. + + + + + External configuration options + + + External client-defined key-value pairs + + +
+ diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in index 16ef1ac3a..d0ae78e4e 100644 --- a/rhel/openvswitch-fedora.spec.in +++ b/rhel/openvswitch-fedora.spec.in @@ -455,6 +455,7 @@ fi %{_datadir}/openvswitch/scripts/ovs-ctl %{_datadir}/openvswitch/scripts/ovs-kmod-ctl %{_datadir}/openvswitch/scripts/ovs-systemd-reload +%config %{_datadir}/openvswitch/local-config.ovsschema %config %{_datadir}/openvswitch/vswitch.ovsschema %config %{_datadir}/openvswitch/vtep.ovsschema %{_bindir}/ovs-appctl @@ -476,6 +477,7 @@ fi %{_mandir}/man1/ovsdb-server.1* %{_mandir}/man1/ovsdb-tool.1* %{_mandir}/man5/ovsdb-server.5* +%{_mandir}/man5/ovsdb.local-config.5* %{_mandir}/man5/ovs-vswitchd.conf.db.5* %{_mandir}/man5/ovsdb.5* %{_mandir}/man5/vtep.5* diff --git a/rhel/openvswitch.spec.in b/rhel/openvswitch.spec.in index 220e5c747..2d8ff18bb 100644 --- a/rhel/openvswitch.spec.in +++ b/rhel/openvswitch.spec.in @@ -229,6 +229,7 @@ exit 0 /usr/share/man/man1/ovsdb-client.1.gz /usr/share/man/man1/ovsdb-server.1.gz /usr/share/man/man1/ovsdb-tool.1.gz +/usr/share/man/man5/ovsdb.local-config.5.gz /usr/share/man/man5/ovsdb-server.5.gz /usr/share/man/man5/ovs-vswitchd.conf.db.5.gz %{_mandir}/man5/ovsdb.5* @@ -262,6 +263,7 @@ exit 0 /usr/share/openvswitch/scripts/ovs-vtep /usr/share/openvswitch/scripts/sysconfig.template /usr/share/openvswitch/scripts/ovs-monitor-ipsec +/usr/share/openvswitch/local-config.ovsschema /usr/share/openvswitch/vswitch.ovsschema /usr/share/openvswitch/vtep.ovsschema %doc NOTICE README.rst NEWS rhel/README.RHEL.rst diff --git a/tests/ovsdb-cluster.at b/tests/ovsdb-cluster.at index 0f7076a05..920b833b7 100644 --- a/tests/ovsdb-cluster.at +++ b/tests/ovsdb-cluster.at @@ -1,12 +1,25 @@ OVS_START_SHELL_HELPERS -# ovsdb_check_cluster N_SERVERS SCHEMA_FUNC OUTPUT TRANSACTION... +# ovsdb_check_cluster N_SERVERS SCHEMA_FUNC OUTPUT USE_LOCAL_CONFIG TRANSACTION... ovsdb_check_cluster () { - local n=$1 schema_func=$2 output=$3 - shift; shift; shift + set -x + local n=$1 schema_func=$2 output=$3 local_config=$4 + shift; shift; shift; shift $schema_func > schema schema=`ovsdb-tool schema-name schema` AT_CHECK([ovsdb-tool '-vPATTERN:console:%c|%p|%m' create-cluster s1.db schema unix:s1.raft], [0], [], [stderr]) + if test X$local_config == X"yes"; then + for i in `seq $n`; do + AT_CHECK([ovsdb-tool create c$i.db $top_srcdir/ovsdb/local-config.ovsschema], [0], [], [stderr]) + local ctxn="[[\"Local_Config\", + {\"op\": \"insert\", \"table\": \"Config\", + \"row\": {\"connections\": [\"named-uuid\",\"conn$n\"]}}, + {\"op\": \"insert\", \"table\": \"Connection\", \"uuid-name\": \"conn$n\", + \"row\": {\"target\": \"punix:s$i.ovsdb\"}}]]" + + AT_CHECK([ovsdb-tool transact c$i.db "$ctxn"], [0], [ignore], [stderr]) + done + fi AT_CHECK([grep -v 'from ephemeral to persistent' stderr], [1]) cid=`ovsdb-tool db-cid s1.db` for i in `seq 2 $n`; do @@ -15,7 +28,13 @@ ovsdb_check_cluster () { on_exit 'kill `cat *.pid`' for i in `seq $n`; do - AT_CHECK([ovsdb-server -vraft -vconsole:off -vsyslog:off --detach --no-chdir --log-file=s$i.log --pidfile=s$i.pid --unixctl=s$i --remote=punix:s$i.ovsdb s$i.db]) + local remote=punix:s$i.ovsdb + local config_db= + if test X$local_config == X"yes"; then + remote=db:Local_Config,Config,connections + config_db=c$i.db + fi + AT_CHECK([ovsdb-server -vraft -vconsole:off -vsyslog:off --detach --no-chdir --log-file=s$i.log --pidfile=s$i.pid --unixctl=s$i --remote=$remote s$i.db $config_db]) done for i in `seq $n`; do AT_CHECK([ovsdb_client_wait unix:s$i.ovsdb $schema connected]) @@ -40,7 +59,7 @@ AT_BANNER([OVSDB - clustered transactions (1 server)]) m4_define([OVSDB_CHECK_EXECUTION], [AT_SETUP([$1 - cluster of 1]) AT_KEYWORDS([ovsdb server positive unix cluster cluster1 $5]) - ovsdb_check_cluster 1 "$2" '$4' m4_foreach([txn], [$3], ['txn' ]) + ovsdb_check_cluster 1 "$2" '$4' no m4_foreach([txn], [$3], ['txn' ]) AT_CLEANUP]) EXECUTION_EXAMPLES @@ -49,7 +68,7 @@ AT_BANNER([OVSDB - clustered transactions (3 servers)]) m4_define([OVSDB_CHECK_EXECUTION], [AT_SETUP([$1 - cluster of 3]) AT_KEYWORDS([ovsdb server positive unix cluster cluster3 $5]) - ovsdb_check_cluster 3 "$2" '$4' m4_foreach([txn], [$3], ['txn' ]) + ovsdb_check_cluster 3 "$2" '$4' no m4_foreach([txn], [$3], ['txn' ]) AT_CLEANUP]) EXECUTION_EXAMPLES @@ -58,7 +77,16 @@ AT_BANNER([OVSDB - clustered transactions (5 servers)]) m4_define([OVSDB_CHECK_EXECUTION], [AT_SETUP([$1 - cluster of 5]) AT_KEYWORDS([ovsdb server positive unix cluster cluster5 $5]) - ovsdb_check_cluster 5 "$2" '$4' m4_foreach([txn], [$3], ['txn' ]) + ovsdb_check_cluster 5 "$2" '$4' no m4_foreach([txn], [$3], ['txn' ]) + AT_CLEANUP]) +EXECUTION_EXAMPLES + +# Test a 3-server cluster using a Local_Config db. +AT_BANNER([OVSDB - clustered transactions Local_Config (3 servers)]) +m4_define([OVSDB_CHECK_EXECUTION], + [AT_SETUP([$1 - cluster of 3]) + AT_KEYWORDS([ovsdb server positive unix cluster cluster3 Local_Config $5]) + ovsdb_check_cluster 3 "$2" '$4' yes m4_foreach([txn], [$3], ['txn' ]) AT_CLEANUP]) EXECUTION_EXAMPLES diff --git a/xenserver/openvswitch-xen.spec.in b/xenserver/openvswitch-xen.spec.in index 4d21c6364..ae22f2f5c 100644 --- a/xenserver/openvswitch-xen.spec.in +++ b/xenserver/openvswitch-xen.spec.in @@ -457,6 +457,7 @@ exit 0 /usr/share/openvswitch/scripts/ovs-lib /usr/share/openvswitch/scripts/ovs-vtep /usr/share/openvswitch/vswitch.ovsschema +/usr/share/openvswitch/local-config.ovsschema /usr/share/openvswitch/vtep.ovsschema /usr/sbin/ovs-bugtool /usr/sbin/ovs-vswitchd @@ -479,6 +480,7 @@ exit 0 /usr/share/man/man1/ovsdb-client.1.gz /usr/share/man/man1/ovsdb-server.1.gz /usr/share/man/man1/ovsdb-tool.1.gz +/usr/share/man/man5/ovsdb.local-config.5.gz /usr/share/man/man5/ovsdb-server.5.gz /usr/share/man/man5/ovs-vswitchd.conf.db.5.gz /usr/share/man/man5/vtep.5.gz