* Update upstream OVS debian packaging to be on par with package
source in Debian/Ubuntu:
- Provide a openvswitch-switch-dpdk package that integrates with
the dpdk package in the distributions so that end users can opt
into a DPDK-enabled Open vSwitch binary.
- Provide systemd service files.
- Provide openvswitch-source package for reproducible integrated
build of for example OVN.
- Stop building shared library and subsequently remove
libopenvswitch and libopenvswitch-dev binary packages.
Co-authored-by: Luca Boccassi <bluca@debian.org>
Signed-off-by: Luca Boccassi <bluca@debian.org>
Co-authored-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Co-authored-by: James Page <james.page@ubuntu.com>
Signed-off-by: James Page <james.page@ubuntu.com>
Co-authored-by: Corey Bryant <corey.bryant@canonical.com>
Signed-off-by: Corey Bryant <corey.bryant@canonical.com>
Signed-off-by: Frode Nordahl <frode.nordahl@canonical.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
The packaging source in the OVS repository has drifted away from
what is currently in Debian and Ubuntu. This state is problematic
because from time to time someone tries to build packages from the
upstream OVS debian package source and then expect that package to
work with up-/down-grades from-/to/ distro versions.
To support the on-going work to remove the out of tree OVS kernel
driver from the repository [0], an update to the debian packaging
is also required. On the back of the discussion in [0] we agreed
that replacing the current version with what Debian and Ubuntu
is currently converging on would be preferable.
This commit is a first in a series to update the upstream OVS
debian packaging source to be up to date with what is currently
in Debian and Ubuntu.
0: https://mail.openvswitch.org/pipermail/ovs-dev/2022-June/394634.html
Signed-off-by: Frode Nordahl <frode.nordahl@canonical.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
The only way to configure settings on a remote (e.g. inactivity_probe)
is via --remote=db:DB,table,row. There is no way to do this via the
existing CLI options.
For a clustered DB with multiple servers listening on unique addresses
there is no way to store these entries in the DB as the DB is shared.
For example, three servers listening on 1.1.1.1, 1.1.1.2, and 1.1.1.3
respectively would require a Manager/Connection row each, but then
all three servers would try to listen on all three addresses.
It is possible for ovsdb-server to serve multiple databases. This
means that we can have a local "config" database in addition to
the main database we are serving (Open_vSwitch, OVN_Southbound, etc.)
and this patch adds a Local_Config schema that currently just mirrors
the Connection table and a Config table with a 'connections' row that
stores each Connection.
Signed-off-by: Terry Wilson <twilson@redhat.com>
Acked-by: Dumitru Ceara <dceara@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Currently, Open vSwitch on linux embeds the logic of loading and unloading
kernel modules into the ovs-ctl and ovs-lib script files. This works, but
it means that there is no way to leverage extended filesystem attributes
to grant fine grain permissions relating to module loading.
The split out utility 'ovs-kmod-ctl' will be used in an upcoming commit
for RHEL-based distributions to have a separate transition domain that
will allow module loading to be given to a separate selinux domain from
the openvswitch_t domain.
Acked-by: Ansis Atteka <aatteka@ovn.org>
Acked-by: Timothy Redaelli <tredaelli@redhat.com>
Signed-off-by: Aaron Conole <aconole@redhat.com>
Add ovs-tcpdump to the debian build.
Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
ovs-lib is used by both ovs-ctl and ovn-ctl. So it
is useful to move it to openvswitch-common
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Wrap long lines and sort items in the Debian packaging files.
Signed-off-by: James Page <james.page@ubuntu.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This commit makes the bash completion scripts be installed to
$(sysconfdir)/bash_completion.d/ through 'make install' and to
/etc/bash_completion.d/ through package installation. This will
make the scripts available for each bash session.
An alternative is to put scripts to /usr/share/bash_completion/
directory. However, this is not supported by earlier version of
bash completion.
Signed-off-by: Alex Wang <alexw@nicira.com>
This python script summarizes ovs-dpctl dump-flows content by aggregating
the number of packets, total bytes and occurrence of the following fields:
- Datapath in_port
- Ethernet type
- Source and destination MAC addresses
- IP protocol
- Source and destination IPv4 addresses
- Source and destination IPv6 addresses
- UDP and TCP destination port
- Tunnel source and destination addresses
Testing included confirming both mega-flows and non-megaflows are
properly parsed. Bit masks are applied in the case of mega-flows
prior to aggregation. Test --script parameter which runs in
non-interactive mode. Tested syntax against python 2.4.3, 2.6 and 2.7.
Confirmed script passes pep8 and pylint run as:
pylint --disable=I0011 --include-id=y --reports=n
This tool has been added to these distribution:
- add ovs-dpctl-top to debian distribution
- add ovs-dpctl-top to rpm distribution.
- add ovs-dpctl-top to XenServer RPM.
Signed-off-by: Mark Hamilton <mhamilton@nicira.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Add scripts that will allow Open vSwitch bridges and ports to be
configured through /etc/network/interfaces. This patch follows a
very similar style as OVS network integration for rhel.
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
This should make it more obvious when the admin needs to restart a DHCP
client (or other daemon). Without this, unless the admin carefully reads
the documentation, the first notice he gets about a need to restart the
DHCP client can easily be when the lease expires and the machine drops off
the network.
Bug #5391.
Tested-by: Gurucharan Shetty <gshetty@nicira.com>
Suggested-by: Duffie Cooley <dcooley@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Rename this helper script to simply ovs-lib, since it's primarily
a library of helper functions.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
ovs-vswitchd in the openvswitch-switch package is tightly coupled to its
database schema. During development, it's possible to change the schema
without changing the Open vSwitch version number, which makes it possible
for the openvswitch-switch and openvswitch-common packages to get out of
sync: openvswitch-switch requires the same version of openvswitch-common,
but if the version number doesn't get updated that has no effect.
Actually putting the schema and ovs-vswitchd (its primary user) in the
same package prevents them from getting out-of-sync. This commit also
moves ovsdb-tool because that program often works directly with OVSDB
schemas and so there's not much point having it around without a schema to
work with.
Originally I intended this as just a cleanup, but as a side effect it also
installs some files from the install tree in debian/tmp instead of from
_debian. This should avoid a reported problem in which ovs-bugtool was
being created in the source directory instead of the build directory (I
still don't see why this happened).
Reported-by: Sébastien RICCIO <sr@swisscenter.com>
Tested-by: Sébastien RICCIO <sr@swisscenter.com>
Acked-by: Simon Horman <horms@verge.net.au>
CC: Simon Horman <horms@verge.net.au>
I've never heard of anyone actually using controller discovery.
It adds a great deal of code to the source tree, and a little
bit of complication to ofproto, so this commit removes it.
At one point Nicira had deployment plans for which adding a remote command
execution feature to the OpenFlow stack made a lot of sense. We no longer
have those plans, as far as I know, and leaving the feature in seems like
a huge potential security hole. So this commit blows away the entire
feature.
This appears to work in that it creates the database on installation,
starts and stops the programs and loads and unloads the kernel modules at
the right times, but it has not been tested beyond that.
