1 /* Copyright (c) 2015 Nicira, Inc.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
18 #include "ovn-controller.h"
26 #include "command-line.h"
30 #include "dynamic-string.h"
31 #include "openvswitch/vconn.h"
32 #include "openvswitch/vlog.h"
33 #include "ovn/lib/ovn-sb-idl.h"
34 #include "poll-loop.h"
35 #include "fatal-signal.h"
36 #include "lib/vswitch-idl.h"
39 #include "stream-ssl.h"
50 VLOG_DEFINE_THIS_MODULE(main);
52 static unixctl_cb_func ovn_controller_exit;
53 static unixctl_cb_func ct_zone_list;
55 #define DEFAULT_BRIDGE_NAME "br-int"
57 static void parse_options(int argc, char *argv[]);
58 OVS_NO_RETURN static void usage(void);
60 static char *ovs_remote;
62 const struct sbrec_chassis *
63 get_chassis(struct ovsdb_idl *ovnsb_idl, const char *chassis_id)
65 const struct sbrec_chassis *chassis_rec;
67 SBREC_CHASSIS_FOR_EACH(chassis_rec, ovnsb_idl) {
68 if (!strcmp(chassis_rec->name, chassis_id)) {
77 get_tunnel_type(const char *name)
79 if (!strcmp(name, "geneve")) {
81 } else if (!strcmp(name, "stt")) {
83 } else if (!strcmp(name, "vxlan")) {
90 static const struct ovsrec_bridge *
91 get_bridge(struct ovsdb_idl *ovs_idl, const char *br_name)
93 const struct ovsrec_bridge *br;
94 OVSREC_BRIDGE_FOR_EACH (br, ovs_idl) {
95 if (!strcmp(br->name, br_name)) {
102 static const struct ovsrec_bridge *
103 create_br_int(struct controller_ctx *ctx,
104 const struct ovsrec_open_vswitch *cfg,
105 const char *bridge_name)
107 if (!ctx->ovs_idl_txn) {
111 ovsdb_idl_txn_add_comment(ctx->ovs_idl_txn,
112 "ovn-controller: creating integration bridge '%s'", bridge_name);
114 struct ovsrec_interface *iface;
115 iface = ovsrec_interface_insert(ctx->ovs_idl_txn);
116 ovsrec_interface_set_name(iface, bridge_name);
117 ovsrec_interface_set_type(iface, "internal");
119 struct ovsrec_port *port;
120 port = ovsrec_port_insert(ctx->ovs_idl_txn);
121 ovsrec_port_set_name(port, bridge_name);
122 ovsrec_port_set_interfaces(port, &iface, 1);
124 struct ovsrec_bridge *bridge;
125 bridge = ovsrec_bridge_insert(ctx->ovs_idl_txn);
126 ovsrec_bridge_set_name(bridge, bridge_name);
127 ovsrec_bridge_set_fail_mode(bridge, "secure");
128 const struct smap oc = SMAP_CONST1(&oc, "disable-in-band", "true");
129 ovsrec_bridge_set_other_config(bridge, &oc);
130 ovsrec_bridge_set_ports(bridge, &port, 1);
132 struct ovsrec_bridge **bridges;
133 size_t bytes = sizeof *bridges * cfg->n_bridges;
134 bridges = xmalloc(bytes + sizeof *bridges);
135 memcpy(bridges, cfg->bridges, bytes);
136 bridges[cfg->n_bridges] = bridge;
137 ovsrec_open_vswitch_verify_bridges(cfg);
138 ovsrec_open_vswitch_set_bridges(cfg, bridges, cfg->n_bridges + 1);
143 static const struct ovsrec_bridge *
144 get_br_int(struct controller_ctx *ctx)
146 const struct ovsrec_open_vswitch *cfg;
147 cfg = ovsrec_open_vswitch_first(ctx->ovs_idl);
152 const char *br_int_name = smap_get(&cfg->external_ids, "ovn-bridge");
154 br_int_name = DEFAULT_BRIDGE_NAME;
157 const struct ovsrec_bridge *br;
158 br = get_bridge(ctx->ovs_idl, br_int_name);
160 return create_br_int(ctx, cfg, br_int_name);
166 get_chassis_id(const struct ovsdb_idl *ovs_idl)
168 const struct ovsrec_open_vswitch *cfg = ovsrec_open_vswitch_first(ovs_idl);
169 return cfg ? smap_get(&cfg->external_ids, "system-id") : NULL;
173 patch_port_name(const struct ovsrec_bridge *b1, const struct ovsrec_bridge *b2)
175 return xasprintf("patch-%s-to-%s", b1->name, b2->name);
179 * Return true if the port is a patch port from b1 to b2
182 match_patch_port(const struct ovsrec_port *port,
183 const struct ovsrec_bridge *b1,
184 const struct ovsrec_bridge *b2)
186 struct ovsrec_interface *iface;
188 char *peer_port_name;
191 peer_port_name = patch_port_name(b2, b1);
193 for (i = 0; i < port->n_interfaces; i++) {
194 iface = port->interfaces[i];
195 if (strcmp(iface->type, "patch")) {
199 peer = smap_get(&iface->options, "peer");
200 if (peer && !strcmp(peer, peer_port_name)) {
206 free(peer_port_name);
212 create_patch_port(struct controller_ctx *ctx,
214 const struct ovsrec_bridge *b1,
215 const struct ovsrec_bridge *b2)
217 if (!ctx->ovs_idl_txn) {
221 char *port_name = patch_port_name(b1, b2);
222 char *peer_port_name = patch_port_name(b2, b1);
224 ovsdb_idl_txn_add_comment(ctx->ovs_idl_txn,
225 "ovn-controller: creating patch port '%s' from '%s' to '%s'",
226 port_name, b1->name, b2->name);
228 struct ovsrec_interface *iface;
229 iface = ovsrec_interface_insert(ctx->ovs_idl_txn);
230 ovsrec_interface_set_name(iface, port_name);
231 ovsrec_interface_set_type(iface, "patch");
232 const struct smap options = SMAP_CONST1(&options, "peer", peer_port_name);
233 ovsrec_interface_set_options(iface, &options);
235 struct ovsrec_port *port;
236 port = ovsrec_port_insert(ctx->ovs_idl_txn);
237 ovsrec_port_set_name(port, port_name);
238 ovsrec_port_set_interfaces(port, &iface, 1);
239 const struct smap ids = SMAP_CONST1(&ids, "ovn-patch-port", network);
240 ovsrec_port_set_external_ids(port, &ids);
242 struct ovsrec_port **ports;
243 ports = xmalloc(sizeof *ports * (b1->n_ports + 1));
244 memcpy(ports, b1->ports, sizeof *ports * b1->n_ports);
245 ports[b1->n_ports] = port;
246 ovsrec_bridge_verify_ports(b1);
247 ovsrec_bridge_set_ports(b1, ports, b1->n_ports + 1);
251 free(peer_port_name);
255 create_patch_ports(struct controller_ctx *ctx,
257 struct shash *existing_ports,
258 const struct ovsrec_bridge *b1,
259 const struct ovsrec_bridge *b2)
263 for (i = 0; i < b1->n_ports; i++) {
264 if (match_patch_port(b1->ports[i], b1, b2)) {
265 /* Patch port already exists on b1 */
266 shash_find_and_delete(existing_ports, b1->ports[i]->name);
270 if (i == b1->n_ports) {
271 create_patch_port(ctx, network, b1, b2);
276 init_existing_ports(struct controller_ctx *ctx,
277 struct shash *existing_ports)
279 const struct ovsrec_port *port;
281 OVSREC_PORT_FOR_EACH (port, ctx->ovs_idl) {
282 if (smap_get(&port->external_ids, "ovn-patch-port")) {
283 shash_add(existing_ports, port->name, port);
289 remove_port(struct controller_ctx *ctx,
290 const struct ovsrec_port *port)
292 const struct ovsrec_bridge *bridge;
294 /* We know the port we want to delete, but we have to find the bridge its on
295 * to do so. Note this only runs on a config change that should be pretty
297 OVSREC_BRIDGE_FOR_EACH (bridge, ctx->ovs_idl) {
299 for (i = 0; i < bridge->n_ports; i++) {
300 if (bridge->ports[i] != port) {
303 struct ovsrec_port **new_ports;
304 new_ports = xmemdup(bridge->ports,
305 sizeof *new_ports * (bridge->n_ports - 1));
306 if (i != bridge->n_ports - 1) {
307 /* Removed port was not last */
308 new_ports[i] = bridge->ports[bridge->n_ports - 1];
310 ovsrec_bridge_verify_ports(bridge);
311 ovsrec_bridge_set_ports(bridge, new_ports, bridge->n_ports - 1);
313 ovsrec_port_delete(port);
320 parse_bridge_mappings(struct controller_ctx *ctx,
321 const struct ovsrec_bridge *br_int,
322 const char *mappings_cfg)
324 struct shash existing_ports = SHASH_INITIALIZER(&existing_ports);
325 init_existing_ports(ctx, &existing_ports);
327 char *cur, *next, *start;
328 next = start = xstrdup(mappings_cfg);
329 while ((cur = strsep(&next, ",")) && *cur) {
330 char *network, *bridge = cur;
331 const struct ovsrec_bridge *ovs_bridge;
333 network = strsep(&bridge, ":");
334 if (!bridge || !*network || !*bridge) {
335 VLOG_ERR("Invalid ovn-bridge-mappings configuration: '%s'",
340 ovs_bridge = get_bridge(ctx->ovs_idl, bridge);
342 VLOG_WARN("Bridge '%s' not found for network '%s'",
347 create_patch_ports(ctx, network, &existing_ports, br_int, ovs_bridge);
348 create_patch_ports(ctx, network, &existing_ports, ovs_bridge, br_int);
352 /* Any ports left in existing_ports are related to configuration that has
353 * been removed, so we should delete the ports now. */
354 struct shash_node *port_node, *port_next_node;
355 SHASH_FOR_EACH_SAFE (port_node, port_next_node, &existing_ports) {
356 struct ovsrec_port *port = port_node->data;
357 shash_delete(&existing_ports, port_node);
358 remove_port(ctx, port);
360 shash_destroy(&existing_ports);
364 init_bridge_mappings(struct controller_ctx *ctx,
365 const struct ovsrec_bridge *br_int)
367 const char *mappings_cfg = "";
368 const struct ovsrec_open_vswitch *cfg;
370 cfg = ovsrec_open_vswitch_first(ctx->ovs_idl);
372 mappings_cfg = smap_get(&cfg->external_ids, "ovn-bridge-mappings");
377 parse_bridge_mappings(ctx, br_int, mappings_cfg);
380 /* Retrieves the OVN Southbound remote location from the
381 * "external-ids:ovn-remote" key in 'ovs_idl' and returns a copy of it.
383 * XXX ovn-controller does not support this changing mid-run, but that should
384 * be addressed later. */
386 get_ovnsb_remote(struct ovsdb_idl *ovs_idl)
389 ovsdb_idl_run(ovs_idl);
391 const struct ovsrec_open_vswitch *cfg
392 = ovsrec_open_vswitch_first(ovs_idl);
394 const char *remote = smap_get(&cfg->external_ids, "ovn-remote");
396 return xstrdup(remote);
400 VLOG_INFO("OVN OVSDB remote not specified. Waiting...");
401 ovsdb_idl_wait(ovs_idl);
407 main(int argc, char *argv[])
409 struct unixctl_server *unixctl;
413 ovs_cmdl_proctitle_init(argc, argv);
414 set_program_name(argv[0]);
415 service_start(&argc, &argv);
416 parse_options(argc, argv);
417 fatal_ignore_sigpipe();
419 daemonize_start(false);
421 retval = unixctl_server_create(NULL, &unixctl);
425 unixctl_command_register("exit", "", 0, 0, ovn_controller_exit, &exiting);
427 daemonize_complete();
435 /* Connect to OVS OVSDB instance. We do not monitor all tables by
436 * default, so modules must register their interest explicitly. */
437 struct ovsdb_idl_loop ovs_idl_loop = OVSDB_IDL_LOOP_INITIALIZER(
438 ovsdb_idl_create(ovs_remote, &ovsrec_idl_class, false, true));
439 ovsdb_idl_add_table(ovs_idl_loop.idl, &ovsrec_table_open_vswitch);
440 ovsdb_idl_add_column(ovs_idl_loop.idl,
441 &ovsrec_open_vswitch_col_external_ids);
442 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_open_vswitch_col_bridges);
443 ovsdb_idl_add_table(ovs_idl_loop.idl, &ovsrec_table_interface);
444 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_interface_col_name);
445 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_interface_col_type);
446 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_interface_col_options);
447 ovsdb_idl_add_table(ovs_idl_loop.idl, &ovsrec_table_port);
448 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_port_col_name);
449 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_port_col_interfaces);
450 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_port_col_external_ids);
451 ovsdb_idl_add_table(ovs_idl_loop.idl, &ovsrec_table_bridge);
452 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_bridge_col_ports);
453 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_bridge_col_name);
454 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_bridge_col_fail_mode);
455 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_bridge_col_other_config);
456 chassis_register_ovs_idl(ovs_idl_loop.idl);
457 encaps_register_ovs_idl(ovs_idl_loop.idl);
458 binding_register_ovs_idl(ovs_idl_loop.idl);
459 physical_register_ovs_idl(ovs_idl_loop.idl);
460 ovsdb_idl_get_initial_snapshot(ovs_idl_loop.idl);
462 /* Connect to OVN SB database. */
463 char *ovnsb_remote = get_ovnsb_remote(ovs_idl_loop.idl);
464 struct ovsdb_idl_loop ovnsb_idl_loop = OVSDB_IDL_LOOP_INITIALIZER(
465 ovsdb_idl_create(ovnsb_remote, &sbrec_idl_class, true, true));
466 ovsdb_idl_get_initial_snapshot(ovnsb_idl_loop.idl);
468 /* Initialize connection tracking zones. */
469 struct simap ct_zones = SIMAP_INITIALIZER(&ct_zones);
470 unsigned long ct_zone_bitmap[BITMAP_N_LONGS(MAX_CT_ZONES)];
471 bitmap_set1(ct_zone_bitmap, 0); /* Zone 0 is reserved. */
472 unixctl_command_register("ct-zone-list", "", 0, 0,
473 ct_zone_list, &ct_zones);
478 struct controller_ctx ctx = {
479 .ovs_idl = ovs_idl_loop.idl,
480 .ovs_idl_txn = ovsdb_idl_loop_run(&ovs_idl_loop),
481 .ovnsb_idl = ovnsb_idl_loop.idl,
482 .ovnsb_idl_txn = ovsdb_idl_loop_run(&ovnsb_idl_loop),
485 const struct ovsrec_bridge *br_int = get_br_int(&ctx);
486 const char *chassis_id = get_chassis_id(ctx.ovs_idl);
488 /* Map bridges to local nets from ovn-bridge-mappings */
490 init_bridge_mappings(&ctx, br_int);
494 chassis_run(&ctx, chassis_id);
495 encaps_run(&ctx, br_int, chassis_id);
496 binding_run(&ctx, br_int, chassis_id, &ct_zones, ct_zone_bitmap);
500 enum mf_field_id mff_ovn_geneve = ofctrl_run(br_int);
502 struct hmap flow_table = HMAP_INITIALIZER(&flow_table);
503 lflow_run(&ctx, &flow_table, &ct_zones);
505 physical_run(&ctx, mff_ovn_geneve,
506 br_int, chassis_id, &ct_zones, &flow_table);
508 ofctrl_put(&flow_table);
509 hmap_destroy(&flow_table);
512 unixctl_server_run(unixctl);
514 unixctl_server_wait(unixctl);
516 poll_immediate_wake();
519 ovsdb_idl_loop_commit_and_wait(&ovnsb_idl_loop);
520 ovsdb_idl_loop_commit_and_wait(&ovs_idl_loop);
526 if (should_service_stop()) {
531 /* It's time to exit. Clean up the databases. */
534 struct controller_ctx ctx = {
535 .ovs_idl = ovs_idl_loop.idl,
536 .ovs_idl_txn = ovsdb_idl_loop_run(&ovs_idl_loop),
537 .ovnsb_idl = ovnsb_idl_loop.idl,
538 .ovnsb_idl_txn = ovsdb_idl_loop_run(&ovnsb_idl_loop),
541 const struct ovsrec_bridge *br_int = get_br_int(&ctx);
542 const char *chassis_id = get_chassis_id(ctx.ovs_idl);
544 /* Run all of the cleanup functions, even if one of them returns false.
545 * We're done if all of them return true. */
546 done = binding_cleanup(&ctx, chassis_id);
547 done = chassis_cleanup(&ctx, chassis_id) && done;
548 done = encaps_cleanup(&ctx, br_int) && done;
550 poll_immediate_wake();
553 ovsdb_idl_loop_commit_and_wait(&ovnsb_idl_loop);
554 ovsdb_idl_loop_commit_and_wait(&ovs_idl_loop);
558 unixctl_server_destroy(unixctl);
562 simap_destroy(&ct_zones);
564 ovsdb_idl_loop_destroy(&ovs_idl_loop);
565 ovsdb_idl_loop_destroy(&ovnsb_idl_loop);
575 parse_options(int argc, char *argv[])
578 OPT_PEER_CA_CERT = UCHAR_MAX + 1,
579 OPT_BOOTSTRAP_CA_CERT,
584 static struct option long_options[] = {
585 {"help", no_argument, NULL, 'h'},
586 {"version", no_argument, NULL, 'V'},
589 STREAM_SSL_LONG_OPTIONS,
590 {"peer-ca-cert", required_argument, NULL, OPT_PEER_CA_CERT},
591 {"bootstrap-ca-cert", required_argument, NULL, OPT_BOOTSTRAP_CA_CERT},
594 char *short_options = ovs_cmdl_long_options_to_short_options(long_options);
599 c = getopt_long(argc, argv, short_options, long_options, NULL);
609 ovs_print_version(OFP13_VERSION, OFP13_VERSION);
613 DAEMON_OPTION_HANDLERS
614 STREAM_SSL_OPTION_HANDLERS
616 case OPT_PEER_CA_CERT:
617 stream_ssl_set_peer_ca_cert_file(optarg);
620 case OPT_BOOTSTRAP_CA_CERT:
621 stream_ssl_set_ca_cert_file(optarg, true);
637 ovs_remote = xasprintf("unix:%s/db.sock", ovs_rundir());
638 } else if (argc == 1) {
639 ovs_remote = xstrdup(argv[0]);
641 VLOG_FATAL("exactly zero or one non-option argument required; "
642 "use --help for usage");
649 printf("%s: OVN controller\n"
650 "usage %s [OPTIONS] [OVS-DATABASE]\n"
651 "where OVS-DATABASE is a socket on which the OVS OVSDB server is listening.\n",
652 program_name, program_name);
653 stream_usage("OVS-DATABASE", true, false, false);
656 printf("\nOther options:\n"
657 " -h, --help display this help message\n"
658 " -V, --version display version information\n");
663 ovn_controller_exit(struct unixctl_conn *conn, int argc OVS_UNUSED,
664 const char *argv[] OVS_UNUSED, void *exiting_)
666 bool *exiting = exiting_;
669 unixctl_command_reply(conn, NULL);
673 ct_zone_list(struct unixctl_conn *conn, int argc OVS_UNUSED,
674 const char *argv[] OVS_UNUSED, void *ct_zones_)
676 struct simap *ct_zones = ct_zones_;
677 struct ds ds = DS_EMPTY_INITIALIZER;
678 struct simap_node *zone;
680 SIMAP_FOR_EACH(zone, ct_zones) {
681 ds_put_format(&ds, "%s %d\n", zone->name, zone->data);
684 unixctl_command_reply(conn, ds_cstr(&ds));