1 /* Copyright (c) 2015 Nicira, Inc.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
18 #include "ovn-controller.h"
26 #include "command-line.h"
30 #include "openvswitch/vconn.h"
31 #include "openvswitch/vlog.h"
32 #include "ovn/lib/ovn-sb-idl.h"
33 #include "poll-loop.h"
34 #include "fatal-signal.h"
35 #include "lib/vswitch-idl.h"
38 #include "stream-ssl.h"
49 VLOG_DEFINE_THIS_MODULE(main);
51 static unixctl_cb_func ovn_controller_exit;
53 #define DEFAULT_BRIDGE_NAME "br-int"
55 static void parse_options(int argc, char *argv[]);
56 OVS_NO_RETURN static void usage(void);
58 static char *ovs_remote;
60 static const struct ovsrec_bridge *
61 get_bridge(struct ovsdb_idl *ovs_idl, const char *br_name)
63 const struct ovsrec_bridge *br;
64 OVSREC_BRIDGE_FOR_EACH (br, ovs_idl) {
65 if (!strcmp(br->name, br_name)) {
72 static const struct ovsrec_bridge *
73 create_br_int(struct controller_ctx *ctx,
74 const struct ovsrec_open_vswitch *cfg,
75 const char *bridge_name)
77 if (!ctx->ovs_idl_txn) {
81 ovsdb_idl_txn_add_comment(ctx->ovs_idl_txn,
82 "ovn-controller: creating integration bridge '%s'", bridge_name);
84 struct ovsrec_interface *iface;
85 iface = ovsrec_interface_insert(ctx->ovs_idl_txn);
86 ovsrec_interface_set_name(iface, bridge_name);
87 ovsrec_interface_set_type(iface, "internal");
89 struct ovsrec_port *port;
90 port = ovsrec_port_insert(ctx->ovs_idl_txn);
91 ovsrec_port_set_name(port, bridge_name);
92 ovsrec_port_set_interfaces(port, &iface, 1);
94 struct ovsrec_bridge *bridge;
95 bridge = ovsrec_bridge_insert(ctx->ovs_idl_txn);
96 ovsrec_bridge_set_name(bridge, bridge_name);
97 ovsrec_bridge_set_fail_mode(bridge, "secure");
98 struct smap other_config = SMAP_INITIALIZER(&other_config);
99 smap_add(&other_config, "disable-in-band", "true");
100 ovsrec_bridge_set_other_config(bridge, &other_config);
101 smap_destroy(&other_config);
102 ovsrec_bridge_set_ports(bridge, &port, 1);
104 struct ovsrec_bridge **bridges;
105 size_t bytes = sizeof *bridges * cfg->n_bridges;
106 bridges = xmalloc(bytes + sizeof *bridges);
107 memcpy(bridges, cfg->bridges, bytes);
108 bridges[cfg->n_bridges] = bridge;
109 ovsrec_open_vswitch_verify_bridges(cfg);
110 ovsrec_open_vswitch_set_bridges(cfg, bridges, cfg->n_bridges + 1);
115 static const struct ovsrec_bridge *
116 get_br_int(struct controller_ctx *ctx)
118 const struct ovsrec_open_vswitch *cfg;
119 cfg = ovsrec_open_vswitch_first(ctx->ovs_idl);
124 const char *br_int_name = smap_get(&cfg->external_ids, "ovn-bridge");
126 br_int_name = DEFAULT_BRIDGE_NAME;
129 const struct ovsrec_bridge *br;
130 br = get_bridge(ctx->ovs_idl, br_int_name);
132 return create_br_int(ctx, cfg, br_int_name);
138 get_chassis_id(const struct ovsdb_idl *ovs_idl)
140 const struct ovsrec_open_vswitch *cfg = ovsrec_open_vswitch_first(ovs_idl);
141 return cfg ? smap_get(&cfg->external_ids, "system-id") : NULL;
145 patch_port_name(const struct ovsrec_bridge *b1, const struct ovsrec_bridge *b2)
147 return xasprintf("patch-%s-to-%s", b1->name, b2->name);
151 * Return true if the port is a patch port from b1 to b2
154 match_patch_port(const struct ovsrec_port *port,
155 const struct ovsrec_bridge *b1,
156 const struct ovsrec_bridge *b2)
158 struct ovsrec_interface *iface;
160 char *peer_port_name;
163 peer_port_name = patch_port_name(b2, b1);
165 for (i = 0; i < port->n_interfaces; i++) {
166 iface = port->interfaces[i];
167 if (strcmp(iface->type, "patch")) {
171 peer = smap_get(&iface->options, "peer");
172 if (peer && !strcmp(peer, peer_port_name)) {
178 free(peer_port_name);
184 create_patch_port(struct controller_ctx *ctx,
186 const struct ovsrec_bridge *b1,
187 const struct ovsrec_bridge *b2)
189 if (!ctx->ovs_idl_txn) {
193 char *port_name = patch_port_name(b1, b2);
194 char *peer_port_name = patch_port_name(b2, b1);
196 ovsdb_idl_txn_add_comment(ctx->ovs_idl_txn,
197 "ovn-controller: creating patch port '%s' from '%s' to '%s'",
198 port_name, b1->name, b2->name);
200 struct ovsrec_interface *iface;
201 iface = ovsrec_interface_insert(ctx->ovs_idl_txn);
202 ovsrec_interface_set_name(iface, port_name);
203 ovsrec_interface_set_type(iface, "patch");
204 struct smap options = SMAP_INITIALIZER(&options);
205 smap_add(&options, "peer", peer_port_name);
206 ovsrec_interface_set_options(iface, &options);
207 smap_destroy(&options);
209 struct ovsrec_port *port;
210 port = ovsrec_port_insert(ctx->ovs_idl_txn);
211 ovsrec_port_set_name(port, port_name);
212 ovsrec_port_set_interfaces(port, &iface, 1);
213 struct smap ext_ids = SMAP_INITIALIZER(&ext_ids);
214 smap_add(&ext_ids, "ovn-patch-port", network);
215 ovsrec_port_set_external_ids(port, &ext_ids);
216 smap_destroy(&ext_ids);
218 struct ovsrec_port **ports;
219 ports = xmalloc(sizeof *ports * (b1->n_ports + 1));
220 memcpy(ports, b1->ports, sizeof *ports * b1->n_ports);
221 ports[b1->n_ports] = port;
222 ovsrec_bridge_verify_ports(b1);
223 ovsrec_bridge_set_ports(b1, ports, b1->n_ports + 1);
227 free(peer_port_name);
231 create_patch_ports(struct controller_ctx *ctx,
233 struct shash *existing_ports,
234 const struct ovsrec_bridge *b1,
235 const struct ovsrec_bridge *b2)
239 for (i = 0; i < b1->n_ports; i++) {
240 if (match_patch_port(b1->ports[i], b1, b2)) {
241 /* Patch port already exists on b1 */
242 shash_find_and_delete(existing_ports, b1->ports[i]->name);
246 if (i == b1->n_ports) {
247 create_patch_port(ctx, network, b1, b2);
252 init_existing_ports(struct controller_ctx *ctx,
253 struct shash *existing_ports)
255 const struct ovsrec_port *port;
257 OVSREC_PORT_FOR_EACH (port, ctx->ovs_idl) {
258 if (smap_get(&port->external_ids, "ovn-patch-port")) {
259 shash_add(existing_ports, port->name, port);
265 remove_port(struct controller_ctx *ctx,
266 const struct ovsrec_port *port)
268 const struct ovsrec_bridge *bridge;
270 /* We know the port we want to delete, but we have to find the bridge its on
271 * to do so. Note this only runs on a config change that should be pretty
273 OVSREC_BRIDGE_FOR_EACH (bridge, ctx->ovs_idl) {
275 for (i = 0; i < bridge->n_ports; i++) {
276 if (bridge->ports[i] != port) {
279 struct ovsrec_port **new_ports;
280 new_ports = xmemdup(bridge->ports,
281 sizeof *new_ports * (bridge->n_ports - 1));
282 if (i != bridge->n_ports - 1) {
283 /* Removed port was not last */
284 new_ports[i] = bridge->ports[bridge->n_ports - 1];
286 ovsrec_bridge_verify_ports(bridge);
287 ovsrec_bridge_set_ports(bridge, new_ports, bridge->n_ports - 1);
289 ovsrec_port_delete(port);
296 parse_bridge_mappings(struct controller_ctx *ctx,
297 const struct ovsrec_bridge *br_int,
298 const char *mappings_cfg)
300 struct shash existing_ports = SHASH_INITIALIZER(&existing_ports);
301 init_existing_ports(ctx, &existing_ports);
303 char *cur, *next, *start;
304 next = start = xstrdup(mappings_cfg);
305 while ((cur = strsep(&next, ",")) && *cur) {
306 char *network, *bridge = cur;
307 const struct ovsrec_bridge *ovs_bridge;
309 network = strsep(&bridge, ":");
310 if (!bridge || !*network || !*bridge) {
311 VLOG_ERR("Invalid ovn-bridge-mappings configuration: '%s'",
316 ovs_bridge = get_bridge(ctx->ovs_idl, bridge);
318 VLOG_WARN("Bridge '%s' not found for network '%s'",
323 create_patch_ports(ctx, network, &existing_ports, br_int, ovs_bridge);
324 create_patch_ports(ctx, network, &existing_ports, ovs_bridge, br_int);
328 /* Any ports left in existing_ports are related to configuration that has
329 * been removed, so we should delete the ports now. */
330 struct shash_node *port_node, *port_next_node;
331 SHASH_FOR_EACH_SAFE (port_node, port_next_node, &existing_ports) {
332 struct ovsrec_port *port = port_node->data;
333 shash_delete(&existing_ports, port_node);
334 remove_port(ctx, port);
336 shash_destroy(&existing_ports);
340 init_bridge_mappings(struct controller_ctx *ctx,
341 const struct ovsrec_bridge *br_int)
343 const char *mappings_cfg = "";
344 const struct ovsrec_open_vswitch *cfg;
346 cfg = ovsrec_open_vswitch_first(ctx->ovs_idl);
348 mappings_cfg = smap_get(&cfg->external_ids, "ovn-bridge-mappings");
353 parse_bridge_mappings(ctx, br_int, mappings_cfg);
356 /* Retrieves the OVN Southbound remote location from the
357 * "external-ids:ovn-remote" key in 'ovs_idl' and returns a copy of it.
359 * XXX ovn-controller does not support this changing mid-run, but that should
360 * be addressed later. */
362 get_ovnsb_remote(struct ovsdb_idl *ovs_idl)
365 ovsdb_idl_run(ovs_idl);
367 const struct ovsrec_open_vswitch *cfg
368 = ovsrec_open_vswitch_first(ovs_idl);
370 const char *remote = smap_get(&cfg->external_ids, "ovn-remote");
372 return xstrdup(remote);
376 VLOG_INFO("OVN OVSDB remote not specified. Waiting...");
377 ovsdb_idl_wait(ovs_idl);
383 main(int argc, char *argv[])
385 struct unixctl_server *unixctl;
389 ovs_cmdl_proctitle_init(argc, argv);
390 set_program_name(argv[0]);
391 service_start(&argc, &argv);
392 parse_options(argc, argv);
393 fatal_ignore_sigpipe();
397 retval = unixctl_server_create(NULL, &unixctl);
401 unixctl_command_register("exit", "", 0, 0, ovn_controller_exit, &exiting);
403 daemonize_complete();
411 /* Connect to OVS OVSDB instance. We do not monitor all tables by
412 * default, so modules must register their interest explicitly. */
413 struct ovsdb_idl_loop ovs_idl_loop = OVSDB_IDL_LOOP_INITIALIZER(
414 ovsdb_idl_create(ovs_remote, &ovsrec_idl_class, false, true));
415 ovsdb_idl_add_table(ovs_idl_loop.idl, &ovsrec_table_open_vswitch);
416 ovsdb_idl_add_column(ovs_idl_loop.idl,
417 &ovsrec_open_vswitch_col_external_ids);
418 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_open_vswitch_col_bridges);
419 ovsdb_idl_add_table(ovs_idl_loop.idl, &ovsrec_table_interface);
420 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_interface_col_name);
421 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_interface_col_type);
422 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_interface_col_options);
423 ovsdb_idl_add_table(ovs_idl_loop.idl, &ovsrec_table_port);
424 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_port_col_name);
425 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_port_col_interfaces);
426 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_port_col_external_ids);
427 ovsdb_idl_add_table(ovs_idl_loop.idl, &ovsrec_table_bridge);
428 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_bridge_col_ports);
429 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_bridge_col_name);
430 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_bridge_col_fail_mode);
431 ovsdb_idl_add_column(ovs_idl_loop.idl, &ovsrec_bridge_col_other_config);
432 chassis_register_ovs_idl(ovs_idl_loop.idl);
433 encaps_register_ovs_idl(ovs_idl_loop.idl);
434 binding_register_ovs_idl(ovs_idl_loop.idl);
435 physical_register_ovs_idl(ovs_idl_loop.idl);
436 ovsdb_idl_get_initial_snapshot(ovs_idl_loop.idl);
438 /* Connect to OVN SB database. */
439 char *ovnsb_remote = get_ovnsb_remote(ovs_idl_loop.idl);
440 struct ovsdb_idl_loop ovnsb_idl_loop = OVSDB_IDL_LOOP_INITIALIZER(
441 ovsdb_idl_create(ovnsb_remote, &sbrec_idl_class, true, true));
442 ovsdb_idl_get_initial_snapshot(ovnsb_idl_loop.idl);
447 struct controller_ctx ctx = {
448 .ovs_idl = ovs_idl_loop.idl,
449 .ovs_idl_txn = ovsdb_idl_loop_run(&ovs_idl_loop),
450 .ovnsb_idl = ovnsb_idl_loop.idl,
451 .ovnsb_idl_txn = ovsdb_idl_loop_run(&ovnsb_idl_loop),
454 const struct ovsrec_bridge *br_int = get_br_int(&ctx);
455 const char *chassis_id = get_chassis_id(ctx.ovs_idl);
457 /* Map bridges to local nets from ovn-bridge-mappings */
459 init_bridge_mappings(&ctx, br_int);
463 chassis_run(&ctx, chassis_id);
464 encaps_run(&ctx, br_int, chassis_id);
465 binding_run(&ctx, br_int, chassis_id);
469 enum mf_field_id mff_ovn_geneve = ofctrl_run(br_int);
471 struct hmap flow_table = HMAP_INITIALIZER(&flow_table);
472 lflow_run(&ctx, &flow_table);
474 physical_run(&ctx, mff_ovn_geneve,
475 br_int, chassis_id, &flow_table);
477 ofctrl_put(&flow_table);
478 hmap_destroy(&flow_table);
481 unixctl_server_run(unixctl);
483 unixctl_server_wait(unixctl);
485 poll_immediate_wake();
488 ovsdb_idl_loop_commit_and_wait(&ovnsb_idl_loop);
489 ovsdb_idl_loop_commit_and_wait(&ovs_idl_loop);
495 if (should_service_stop()) {
500 /* It's time to exit. Clean up the databases. */
503 struct controller_ctx ctx = {
504 .ovs_idl = ovs_idl_loop.idl,
505 .ovs_idl_txn = ovsdb_idl_loop_run(&ovs_idl_loop),
506 .ovnsb_idl = ovnsb_idl_loop.idl,
507 .ovnsb_idl_txn = ovsdb_idl_loop_run(&ovnsb_idl_loop),
510 const struct ovsrec_bridge *br_int = get_br_int(&ctx);
511 const char *chassis_id = get_chassis_id(ctx.ovs_idl);
513 /* Run all of the cleanup functions, even if one of them returns false.
514 * We're done if all of them return true. */
515 done = binding_cleanup(&ctx, chassis_id);
516 done = chassis_cleanup(&ctx, chassis_id) && done;
517 done = encaps_cleanup(&ctx, br_int) && done;
519 poll_immediate_wake();
522 ovsdb_idl_loop_commit_and_wait(&ovnsb_idl_loop);
523 ovsdb_idl_loop_commit_and_wait(&ovs_idl_loop);
527 unixctl_server_destroy(unixctl);
531 ovsdb_idl_loop_destroy(&ovs_idl_loop);
532 ovsdb_idl_loop_destroy(&ovnsb_idl_loop);
542 parse_options(int argc, char *argv[])
545 OPT_PEER_CA_CERT = UCHAR_MAX + 1,
546 OPT_BOOTSTRAP_CA_CERT,
551 static struct option long_options[] = {
552 {"help", no_argument, NULL, 'h'},
553 {"version", no_argument, NULL, 'V'},
556 STREAM_SSL_LONG_OPTIONS,
557 {"peer-ca-cert", required_argument, NULL, OPT_PEER_CA_CERT},
558 {"bootstrap-ca-cert", required_argument, NULL, OPT_BOOTSTRAP_CA_CERT},
561 char *short_options = ovs_cmdl_long_options_to_short_options(long_options);
566 c = getopt_long(argc, argv, short_options, long_options, NULL);
576 ovs_print_version(OFP13_VERSION, OFP13_VERSION);
580 DAEMON_OPTION_HANDLERS
581 STREAM_SSL_OPTION_HANDLERS
583 case OPT_PEER_CA_CERT:
584 stream_ssl_set_peer_ca_cert_file(optarg);
587 case OPT_BOOTSTRAP_CA_CERT:
588 stream_ssl_set_ca_cert_file(optarg, true);
604 ovs_remote = xasprintf("unix:%s/db.sock", ovs_rundir());
605 } else if (argc == 1) {
606 ovs_remote = xstrdup(argv[0]);
608 VLOG_FATAL("exactly zero or one non-option argument required; "
609 "use --help for usage");
616 printf("%s: OVN controller\n"
617 "usage %s [OPTIONS] [OVS-DATABASE]\n"
618 "where OVS-DATABASE is a socket on which the OVS OVSDB server is listening.\n",
619 program_name, program_name);
620 stream_usage("OVS-DATABASE", true, false, false);
623 printf("\nOther options:\n"
624 " -h, --help display this help message\n"
625 " -V, --version display version information\n");
630 ovn_controller_exit(struct unixctl_conn *conn, int argc OVS_UNUSED,
631 const char *argv[] OVS_UNUSED, void *exiting_)
633 bool *exiting = exiting_;
636 unixctl_command_reply(conn, NULL);