1 <?xml version="1.0" encoding="utf-8"?>
2 <manpage program="ovn-controller" section="8" title="ovn-controller">
4 <p>ovn-controller -- Open Virtual Network local controller</p>
7 <p><code>ovn-controller</code> [<var>options</var>] [<var>ovs-database</var>]</p>
11 <code>ovn-controller</code> is the local controller daemon for
12 OVN, the Open Virtual Network. It connects up to the OVN
13 Southbound database (see <code>ovn-sb</code>(5)) over the OVSDB
14 protocol, and down to the Open vSwitch database (see
15 <code>ovs-vswitchd.conf.db</code>(5)) over the OVSDB protocol and
16 to <code>ovs-vswitchd</code>(8) via OpenFlow. Each hypervisor and
17 software gateway in an OVN deployment runs its own independent
18 copy of <code>ovn-controller</code>; thus,
19 <code>ovn-controller</code>'s downward connections are
20 machine-local and do not run over a physical network.
23 <h1>Configuration</h1>
25 <code>ovn-controller</code> retrieves most of its configuration
26 information from the local Open vSwitch's ovsdb-server instance.
27 The default location is <code>db.sock</code> in the local Open
28 vSwitch's "run" directory. It may be overridden by specifying the
29 <var>ovs-database</var> argument in one of the following forms:
34 <code>ssl:<var>ip</var>:<var>port</var></code>
37 The specified SSL <var>port</var> on the host at the given
38 <var>ip</var>, which must be expressed as an IP address (not a DNS
39 name) in IPv4 or IPv6 address format. If <var>ip</var> is an IPv6
40 address, then wrap <var>ip</var> with square brackets, e.g.:
41 <code>ssl:[::1]:6640</code>. The <code>--private-key</code>,
42 <code>--certificate</code> and either of <code>--ca-cert</code>
43 or <code>--bootstrap-ca-cert</code> options are mandatory when this
49 <code>tcp:<var>ip</var>:<var>port</var></code>
52 Connect to the given TCP <var>port</var> on <var>ip</var>, where
53 <var>ip</var> can be IPv4 or IPv6 address. If <var>ip</var> is an
54 IPv6 address, then wrap <var>ip</var> with square brackets, e.g.:
55 <code>tcp:[::1]:6640</code>.
60 <code>unix:<var>file</var></code>
63 On POSIX, connect to the Unix domain server socket named
67 On Windows, connect to a localhost TCP port whose value is written
73 <code>ovn-controller</code> assumes it gets configuration
74 information from the following keys in the <code>Open_vSwitch</code>
75 table of the local OVS instance:
78 <dt><code>external_ids:system-id</code></dt>
79 <dd>The chassis name to use in the Chassis table.</dd>
81 <dt><code>external_ids:ovn-bridge</code></dt>
83 The integration bridge to which logical ports are attached. The
84 default is <code>br-int</code>. If this bridge does not exist when
85 ovn-controller starts, it will be created automatically with the
86 default configuration suggested in <code>ovn-architecture</code>(7).
89 <dt><code>external_ids:ovn-remote</code></dt>
92 The OVN database that this system should connect to for its
97 Currently, <code>ovn-controller</code> does not support changing this
98 setting mid-run. If the value needs to change, the daemon must be
99 restarted. (This behavior should be improved.)
103 <dt><code>external_ids:ovn-encap-type</code></dt>
106 The encapsulation type that a chassis should use to connect to
107 this node. Multiple encapsulation types may be specified with
108 a comma-separated list. Each listed encapsulation type will
109 be paired with <code>ovn-encap-ip</code>.
113 Supported tunnel types for connecting hypervisors
114 are <code>geneve</code> and <code>stt</code>. Gateways may
115 use <code>geneve</code>, <code>vxlan</code>, or
120 Due to the limited amount of metadata in <code>vxlan</code>,
121 the capabilities and performance of connected gateways will be
122 reduced versus other tunnel formats.
126 <dt><code>external_ids:ovn-encap-ip</code></dt>
128 The IP address that a chassis should use to connect to this node
129 using encapsulation types specified by
130 <code>external_ids:ovn-encap-type</code>.
133 <dt><code>external_ids:ovn-bridge-mappings</code></dt>
135 A list of key-value pairs that map a physical network name to a local
136 ovs bridge that provides connectivity to that network. An example
137 value mapping two physical network names to two ovs bridges would be:
138 <code>physnet1:br-eth0,physnet2:br-eth1</code>.
142 <h1>Open vSwitch Database Usage</h1>
145 <code>ovn-controller</code> uses a number of <code>external-ids</code>
146 keys in the Open vSwitch database to keep track of ports and interfaces.
147 For proper operation, users should not change or clear these keys:
152 <code>external_ids:ovn-chassis-id</code> in the <code>Port</code> table
155 The presence of this key identifies a tunnel port within the
156 integration bridge as one created by <code>ovn-controller</code> to
157 reach a remote chassis. Its value is the chassis ID of the remote
162 <code>external-ids:ovn-localnet-port</code> in the <code>Port</code>
167 The presence of this key identifies a patch port as one created by
168 <code>ovn-controller</code> to connect the integration bridge and
169 another bridge to implement a <code>localnet</code> logical port.
170 Its value is the name of the physical network that the port
171 implements. See <code>external_ids:ovn-bridge-mappings</code>,
172 above, for more information.
176 Each <code>localnet</code> logical port is implemented as a pair of
177 patch ports, one in the integration bridge, one in a different
178 bridge, with the same <code>external-ids:ovn-localnet-port</code>
184 <h1>Runtime Management Commands</h1>
186 <code>ovs-appctl</code> can send commands to a running
187 <code>ovn-controller</code> process. The currently supported
188 commands are described below.
190 <dt><code>exit</code></dt>
192 Causes <code>ovn-controller</code> to gracefully terminate.
195 <dt><code>ct-zone-list</code></dt>
197 Lists each local logical port and its connection tracking zone.
projects / cascardo / ovs.git / blob