1 <?xml version="1.0" encoding="utf-8"?>
2 <manpage program="ovn-controller" section="8" title="ovn-controller">
4 <p>ovn-controller -- Open Virtual Network local controller</p>
7 <p><code>ovn-controller</code> [<var>options</var>] [<var>ovs-database</var>]</p>
11 <code>ovn-controller</code> is the local controller daemon for
12 OVN, the Open Virtual Network. It connects up to the OVN
13 Southbound database (see <code>ovn-sb</code>(5)) over the OVSDB
14 protocol, and down to the Open vSwitch database (see
15 <code>ovs-vswitchd.conf.db</code>(5)) over the OVSDB protocol and
16 to <code>ovs-vswitchd</code>(8) via OpenFlow. Each hypervisor and
17 software gateway in an OVN deployment runs its own independent
18 copy of <code>ovn-controller</code>; thus,
19 <code>ovn-controller</code>'s downward connections are
20 machine-local and do not run over a physical network.
23 <h1>Configuration</h1>
25 <code>ovn-controller</code> retrieves most of its configuration
26 information from the local Open vSwitch's ovsdb-server instance.
27 The default location is <code>db.sock</code> in the local Open
28 vSwitch's "run" directory. It may be overridden by specifying the
29 <var>ovs-database</var> argument in one of the following forms:
34 <code>ssl:<var>ip</var>:<var>port</var></code>
37 The specified SSL <var>port</var> on the host at the given
38 <var>ip</var>, which must be expressed as an IP address (not a DNS
39 name) in IPv4 or IPv6 address format. If <var>ip</var> is an IPv6
40 address, then wrap <var>ip</var> with square brackets, e.g.:
41 <code>ssl:[::1]:6640</code>. The <code>--private-key</code>,
42 <code>--certificate</code> and either of <code>--ca-cert</code>
43 or <code>--bootstrap-ca-cert</code> options are mandatory when this
49 <code>tcp:<var>ip</var>:<var>port</var></code>
52 Connect to the given TCP <var>port</var> on <var>ip</var>, where
53 <var>ip</var> can be IPv4 or IPv6 address. If <var>ip</var> is an
54 IPv6 address, then wrap <var>ip</var> with square brackets, e.g.:
55 <code>tcp:[::1]:6640</code>.
60 <code>unix:<var>file</var></code>
63 On POSIX, connect to the Unix domain server socket named
67 On Windows, connect to a localhost TCP port whose value is written
73 <code>ovn-controller</code> assumes it gets configuration
74 information from the following keys in the <code>Open_vSwitch</code>
75 table of the local OVS instance:
78 <dt><code>external_ids:system-id</code></dt>
79 <dd>The chassis name to use in the Chassis table.</dd>
81 <dt><code>external_ids:ovn-bridge</code></dt>
83 The integration bridge to which logical ports are attached. The
84 default is <code>br-int</code>. If this bridge does not exist when
85 ovn-controller starts, it will be created automatically with the
86 default configuration suggested in <code>ovn-architecture</code>(7).
89 <dt><code>external_ids:ovn-remote</code></dt>
92 The OVN database that this system should connect to for its
97 Currently, <code>ovn-controller</code> does not support changing this
98 setting mid-run. If the value needs to change, the daemon must be
99 restarted. (This behavior should be improved.)
103 <dt><code>external_ids:ovn-encap-type</code></dt>
105 The encapsulation type that a chassis should use to connect to this
106 node. Supported tunnel types for connecting hypervisors are
107 <code>geneve</code> and <code>stt</code>. Gateways may use
108 <code>geneve</code>, <code>vxlan</code>, or <code>stt</code>.
111 <dt><code>external_ids:ovn-encap-ip</code></dt>
113 The IP address that a chassis should use to connect to this node using
114 encapsulation type specified by <code>external_ids:ovn-encap-ip</code>.
117 <dt><code>external_ids:ovn-bridge-mappings</code></dt>
119 A list of key-value pairs that map a physical network name to a local
120 ovs bridge that provides connectivity to that network. An example
121 value mapping two physical network names to two ovs bridges would be:
122 <code>physnet1:br-eth0,physnet2:br-eth1</code>.
126 <h1>RUNTIME MANAGEMENT COMMANDS</h1>
128 <code>ovs-appctl</code> can send commands to a running
129 <code>ovn-controller</code> process. The currently supported
130 commands are described below.
132 <dt><code>exit</code></dt>
134 Causes <code>ovn-controller</code> to gracefully terminate.