[ovs-dev] OVS: Containerize components
diff mbox series

Message ID 20190801002016.64803-1-aginwala@ebay.com
State New
Headers show
Series
  • [ovs-dev] OVS: Containerize components
Related show

Commit Message

Aliasgar Ginwala Aug. 1, 2019, 12:20 a.m. UTC
1. Start OVS components in containers so that building and shipping
    of OVS components is easy.
 2. Load OVS kernel modules on host from container to avoid installing ovs
    on host.
 3. Update documentation about how to build/run ovs in docker.

Signed-off-by: aginwala <aginwala@ebay.com>
---
 Documentation/intro/install/general.rst       | 65 +++++++++++++++++++
 utilities/automake.mk                         |  8 ++-
 utilities/docker/Makefile                     | 22 +++++++
 utilities/docker/create_ovs_db.sh             | 15 +++++
 utilities/docker/debian/Dockerfile            | 19 ++++++
 .../docker/debian/build-kernel-modules.sh     | 43 ++++++++++++
 utilities/docker/ovs-override.conf            |  4 ++
 utilities/docker/start-ovs                    | 42 ++++++++++++
 8 files changed, 217 insertions(+), 1 deletion(-)
 create mode 100644 utilities/docker/Makefile
 create mode 100755 utilities/docker/create_ovs_db.sh
 create mode 100644 utilities/docker/debian/Dockerfile
 create mode 100755 utilities/docker/debian/build-kernel-modules.sh
 create mode 100644 utilities/docker/ovs-override.conf
 create mode 100755 utilities/docker/start-ovs

Comments

0-day Robot Aug. 1, 2019, 4:42 p.m. UTC | #1
Bleep bloop.  Greetings Aliasgar Ginwala, I am a robot and I have tried out your patch.
Thanks for your contribution.

I encountered some error that I wasn't expecting.  See the details below.


checkpatch:
ERROR: Author Aliasgar Ginwala <amginwal@gmail.com> needs to sign off.
WARNING: Unexpected sign-offs from developers who are not authors or co-authors or committers: aginwala <aginwala@ebay.com>
WARNING: Line has trailing whitespace
#41 FILE: Documentation/intro/install/general.rst:509:
For ovs vswitchd, we need to load ovs kernel modules on host. 

WARNING: Line has trailing whitespace
#83 FILE: Documentation/intro/install/general.rst:551:
    User can use any other base image for debian, e.g. u14.04, etc. 

WARNING: Line has trailing whitespace
#94 FILE: Documentation/intro/install/general.rst:569:
When using ovs in container, exec to container to run above commands:: 

WARNING: Line has non-spaces leading whitespace
WARNING: Line has trailing whitespace
#115 FILE: Documentation/intro/install/general.rst:652:
   

WARNING: Line is 83 characters long (recommended limit is 79)
#187 FILE: utilities/docker/create_ovs_db.sh:15:
ovsdb-tool create /etc/openvswitch/conf.db /usr/share/openvswitch/vswitch.ovsschema

WARNING: Line is 99 characters long (recommended limit is 79)
#212 FILE: utilities/docker/debian/Dockerfile:18:
VOLUME ["/var/log/openvswitch", "/var/lib/openvswitch", "/var/run/openvswitch", "/etc/openvswitch"]

WARNING: Line is 88 characters long (recommended limit is 79)
#240 FILE: utilities/docker/debian/build-kernel-modules.sh:21:
build_deps="apt-utils libelf-dev build-essential libssl-dev python python-six wget vim \

WARNING: Line has trailing whitespace
#241 FILE: utilities/docker/debian/build-kernel-modules.sh:22:
gdb autoconf libtool git automake bzip2 debhelper dh-autoreconf openssl" 

Lines checked: 324, Warnings: 10, Errors: 1


Please check this out.  If you feel there has been an error, please email aconole@bytheb.org

Thanks,
0-day Robot

Patch
diff mbox series

diff --git a/Documentation/intro/install/general.rst b/Documentation/intro/install/general.rst
index fa99491f6..13b5f2d67 100644
--- a/Documentation/intro/install/general.rst
+++ b/Documentation/intro/install/general.rst
@@ -503,6 +503,55 @@  domain socket::
 
     $ ovs-vswitchd --pidfile --detach --log-file
 
+Starting OVS in container
+-------------------------
+
+For ovs vswitchd, we need to load ovs kernel modules on host. 
+
+Hence, OVS containers kernel version needs to be same as that of host kernel.
+
+Export following variables in .env  and place it under
+project root::
+
+    $ OVS_BRANCH=<BRANCH>
+    $ OVS_VERSION=<VERSION>
+    $ DISTRO=<LINUX_DISTRO>
+    $ KERNEL_VERSION=<LINUX_KERNEL_VERSION>
+    $ GITHUB_SRC=<GITHUB_URL>
+    $ DOCKER_REPO=<REPO_TO_PUSH_IMAGE>
+
+To build ovs modules::
+
+    $ cd utilities/docker
+    $ make build
+
+Compiled Modules will be tagged with docker image
+
+To Push ovn modules::
+
+    $ make push
+
+OVS docker image will be pushed to specified docker repo.
+
+Start ovsdb-server using below command::
+
+    $ docker run -itd --net=host --name=ovsdb-server \
+      <docker_repo>:<tag> ovsdb-server
+
+Start ovs-vswitchd with priviledged mode as it needs to load kernel module in
+host using below command::
+
+    $ docker run -itd --net=host --name=ovs-vswitchd \
+      --volumes-from=ovsdb-server --privileged \
+      <docker_repo>:<tag> ovs-vswitchd -v /lib:/lib
+
+.. note::
+    The debian docker file uses ubuntu 16.04 as a base image for reference.
+
+    User can use any other base image for debian, e.g. u14.04, etc. 
+
+    RHEL based docker build support needs to be added.
+
 Validating
 ----------
 
@@ -517,6 +566,10 @@  and ``vif1.0`` to it::
 Refer to ovs-vsctl(8) for more details. You may also wish to refer to
 :doc:`/topics/testing` for information on more generic testing of OVS.
 
+When using ovs in container, exec to container to run above commands:: 
+
+    $ docker exec -it <ovsdb-server/ovs-vswitchd> /bin/bash
+
 Upgrading
 ---------
 
@@ -586,6 +639,18 @@  needs some considerations:
    the userspace daemons are restarted immediately and the userspace flows are
    restored as soon as possible.
 
+5. When upgrading ovs running in container on host that is managed by ovn,
+   simply stop the docker container, remove and re-run with new docker image
+   that has newer ovs version.
+
+6. When running ovs in container, if ovs is used in bridged mode where
+   management interface is managed by ovs, docker restart will result in loss
+   of network connectivity. Hence, make sure to delete the bridge mapping of
+   physical interface from ovs, upgrade ovs via docker and then add back the
+   interface to ovs bridge. This mapping need not be deleted in case of multi
+   nics if management interface is not managed by ovs.
+   
+
 The ovs-ctl utility's ``restart`` function only restarts the userspace daemons,
 makes sure that the 'ofport' values remain consistent across restarts, restores
 userspace flows using the ovs-ofctl utility and also uses the
diff --git a/utilities/automake.mk b/utilities/automake.mk
index a5bb27e2b..c379596fd 100644
--- a/utilities/automake.mk
+++ b/utilities/automake.mk
@@ -58,7 +58,13 @@  EXTRA_DIST += \
 	utilities/ovs-test.in \
 	utilities/ovs-vlan-test.in \
 	utilities/ovs-vsctl-bashcomp.bash \
-	utilities/checkpatch.py
+	utilities/checkpatch.py \
+        utilities/docker/Makefile \
+        utilities/docker/ovs-override.conf \
+        utilities/docker/start-ovs \
+        utilities/docker/create_ovs_db.sh \
+        utilities/docker/debian/Dockerfile \
+        utilities/docker/debian/build-kernel-modules.sh
 MAN_ROOTS += \
 	utilities/ovs-appctl.8.in \
 	utilities/ovs-testcontroller.8.in \
diff --git a/utilities/docker/Makefile b/utilities/docker/Makefile
new file mode 100644
index 000000000..8c2f7810e
--- /dev/null
+++ b/utilities/docker/Makefile
@@ -0,0 +1,22 @@ 
+#export OVS_BRANCH=branch-2.11
+#export OVS_VERSION=2.11
+#export KERNEL_VERSION=4.15.0-54-generic
+#export DISTRO=debian
+#export GITHUB_SRC=https://github.com/openvswitch/ovs.git
+#export DOCKER_REPO=openvswitch/ovs
+
+# Example:
+#   make build
+#   make push
+
+REPO = ${DOCKER_REPO}
+tag = ${OVS_VERSION}_${KERNEL_VERSION}
+
+build: ;docker build -t ${REPO}:${tag} --build-arg DISTRO=${DISTRO} \
+--build-arg OVS_BRANCH=${OVS_BRANCH} \
+--build-arg KERNEL_VERSION=${KERNEL_VERSION} \
+--build-arg GITHUB_SRC=${GITHUB_SRC} -f ${DISTRO}/Dockerfile .
+
+.PHONY: build
+
+push: ;docker push ${REPO}:${tag}
diff --git a/utilities/docker/create_ovs_db.sh b/utilities/docker/create_ovs_db.sh
new file mode 100755
index 000000000..cb100dbf8
--- /dev/null
+++ b/utilities/docker/create_ovs_db.sh
@@ -0,0 +1,15 @@ 
+#!/bin/sh
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ovsdb-tool create /etc/openvswitch/conf.db /usr/share/openvswitch/vswitch.ovsschema
\ No newline at end of file
diff --git a/utilities/docker/debian/Dockerfile b/utilities/docker/debian/Dockerfile
new file mode 100644
index 000000000..630a7ecd4
--- /dev/null
+++ b/utilities/docker/debian/Dockerfile
@@ -0,0 +1,19 @@ 
+FROM ubuntu:16.04
+MAINTAINER "Aliasgar Ginwala" <aginwala@ebay.com>
+
+ARG OVS_BRANCH
+ARG KERNEL_VERSION
+ARG GITHUB_SRC
+ARG DISTRO
+
+copy $DISTRO/build-kernel-modules.sh /build-kernel-modules.sh
+RUN /build-kernel-modules.sh $KERNEL_VERSION $OVS_BRANCH $GITHUB_SRC
+
+COPY create_ovs_db.sh /etc/openvswitch/create_ovs_db.sh
+RUN /etc/openvswitch/create_ovs_db.sh
+
+COPY ovs-override.conf /etc/depmod.d/openvswitch.conf
+
+COPY start-ovs /bin/start-ovs
+VOLUME ["/var/log/openvswitch", "/var/lib/openvswitch", "/var/run/openvswitch", "/etc/openvswitch"]
+ENTRYPOINT ["start-ovs"]
diff --git a/utilities/docker/debian/build-kernel-modules.sh b/utilities/docker/debian/build-kernel-modules.sh
new file mode 100755
index 000000000..a07736872
--- /dev/null
+++ b/utilities/docker/debian/build-kernel-modules.sh
@@ -0,0 +1,43 @@ 
+#!/bin/sh
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+KERNEL_VERSION=$1
+OVS_BRANCH=$2
+GITHUB_SRC=$3
+
+# Install deps
+linux="linux-image-$KERNEL_VERSION linux-headers-$KERNEL_VERSION"
+build_deps="apt-utils libelf-dev build-essential libssl-dev python python-six wget vim \
+gdb autoconf libtool git automake bzip2 debhelper dh-autoreconf openssl" 
+
+apt-get update
+apt-get install -y ${linux} ${build_deps}
+
+# get the source
+mkdir /build; cd /build
+git clone --depth 1 -b $OVS_BRANCH $GITHUB_SRC
+cd ovs
+
+# build and install
+./boot.sh
+./configure --localstatedir="/var" --sysconfdir="/etc" --prefix="/usr" \
+--with-linux=/lib/modules/$KERNEL_VERSION/build --enable-ssl
+make -j8; make install; make modules_install
+
+# remove deps to make the container light weight.
+apt-get remove --purge -y ${build_deps}
+apt-get autoremove -y --purge
+cd ..; rm -rf ovs
+basic_utils="vim kmod net-tools uuid-runtime iproute2"
+apt-get install -y ${basic_utils}
\ No newline at end of file
diff --git a/utilities/docker/ovs-override.conf b/utilities/docker/ovs-override.conf
new file mode 100644
index 000000000..8f792e4b4
--- /dev/null
+++ b/utilities/docker/ovs-override.conf
@@ -0,0 +1,4 @@ 
+override openvswitch * extra
+override vport-geneve * extra
+override vport-stt * extra
+override vport-* * extra
diff --git a/utilities/docker/start-ovs b/utilities/docker/start-ovs
new file mode 100755
index 000000000..4a1a16cd1
--- /dev/null
+++ b/utilities/docker/start-ovs
@@ -0,0 +1,42 @@ 
+#!/bin/bash
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+case $1 in
+        "ovsdb-server") /usr/share/openvswitch/scripts/ovs-ctl start \
+                        --system-id=random --no-ovs-vswitchd
+                        /usr/share/openvswitch/scripts/ovs-ctl stop
+                        ovsdb-server --pidfile /etc/openvswitch/conf.db \
+                        -vconsole:emer -vsyslog:err -vfile:info \
+                        --remote=punix:/var/run/openvswitch/db.sock \
+                        --private-key=db:Open_vSwitch,SSL,private_key \
+                        --certificate=db:Open_vSwitch,SSL,certificate \
+                        --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert \
+                        --log-file=/var/log/openvswitch/ovsdb-server.log \
+                        --no-chdir
+        ;;
+        "ovs-vswitchd") depmod -a
+                        modprobe openvswitch
+                        modprobe vport_stt
+                        modprobe vport_geneve
+                        /usr/share/openvswitch/scripts/ovs-ctl \
+                        --no-ovsdb-server start
+                        /usr/share/openvswitch/scripts/ovs-ctl \
+                        --no-ovsdb-server force-reload-kmod
+                        /usr/share/openvswitch/scripts/ovs-ctl stop
+                        ovs-vswitchd --pidfile -vconsole:emer -vsyslog:err \
+                        -vfile:info --mlockall --no-chdir \
+                        --log-file=/var/log/openvswitch/ovs-vswitchd.log
+        ;;
+        *) echo "$0 [ovsdb-server|ovs-vswitchd]"
+esac