From patchwork Wed Sep 1 16:41:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Gray X-Patchwork-Id: 1523312 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=h6fUNIyj; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.137; helo=smtp4.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4H08wg00f8z9sCD for ; Thu, 2 Sep 2021 02:42:10 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 333774252F; Wed, 1 Sep 2021 16:42:08 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CX6hXvIXPso7; Wed, 1 Sep 2021 16:42:02 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp4.osuosl.org (Postfix) with ESMTPS id D413240799; Wed, 1 Sep 2021 16:41:59 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 2770FC0021; Wed, 1 Sep 2021 16:41:58 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) by lists.linuxfoundation.org (Postfix) with ESMTP id A7964C001C for ; Wed, 1 Sep 2021 16:41:56 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 85E1F8283D for ; Wed, 1 Sep 2021 16:41:56 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp1.osuosl.org (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rJLWHBxIcwBe for ; Wed, 1 Sep 2021 16:41:51 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by smtp1.osuosl.org (Postfix) with ESMTPS id E173581DBF for ; Wed, 1 Sep 2021 16:41:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1630514509; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=hvzZ/HFwraureAfbA7Oq2TvQnyNoSVczT3uPMfaSVsg=; b=h6fUNIyjuuoL2ALCwfgLFNd/OSB7yrd0lQqzbXhhzx3myBtd6ZcB445gg5d26CG/Js4zDv xOvmi7LNwrkImvGzx5K6qU+QUPRpyNX9L7EdwKNkeF1pyLPaIjpKc5OjlVZ3fR5J9j9bup MLNn9uLYBg/pVSzQl2ayWfNCQOEm0I4= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-43-FZnF0qGGOV2XDemxeGr0Sw-1; Wed, 01 Sep 2021 12:41:46 -0400 X-MC-Unique: FZnF0qGGOV2XDemxeGr0Sw-1 Received: by mail-wm1-f71.google.com with SMTP id v2-20020a7bcb420000b02902e6b108fcf1so46247wmj.8 for ; Wed, 01 Sep 2021 09:41:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hvzZ/HFwraureAfbA7Oq2TvQnyNoSVczT3uPMfaSVsg=; b=cHxQXwSEyFaXnIkB8a85MoVDR/y6o+ldEHGNTUbSXQlO5ew5iBoHA5Hno7uN6Nro/z STLCnHI3vL0tL/xq5pp/EVm9H8MmFJvepdWCg5d9pU3abNCV/dXgSrV+YlxlciH9j5VG 77ErfGMPEjEOcgUNZIikUVnP5wkSfx4ZBW7Q0OTw5b/830OA5uNUmXz6fEhmYgKjs4Q4 GYvcwj/fG/CZ8JjQ89iG3QxiC5WsbkVY/eDQWSMuIX7eFbX1PttllahPxBTO4Ga6A+SJ gaWXMSf3Yy9Irq+UR3IlIxBddZXAoBMQYgaAnKbUCH0Nr3pyiGa72dU7aDn618v0ACa/ w+Ow== X-Gm-Message-State: AOAM5303NOkzDx4PYuvS3h8mcbx1DOlLMIW3BRXWgdVo2NwsnkJ5Qvz2 s/BRiJU7U9uG/sDQ6kBgHXGIacXfS0ZK8VTJPZ+bsU7yI1Mst/vEhaNO9UTkuUt5hfVmYlam/0N jLjDEDQxIkj+lv/NhWR75dbLWi0hUz0IFT7CZxS8kT1+ptajgIV4RwYglS4wSxgsOyLuj X-Received: by 2002:adf:edcf:: with SMTP id v15mr343426wro.61.1630514504728; Wed, 01 Sep 2021 09:41:44 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxeNUgq4rVf3s8qvAlQsXcZV/oXbbTMXI9hBzOv3rB2DnPD4W9HWbpPTbpvIxjXxLhveXyrHg== X-Received: by 2002:adf:edcf:: with SMTP id v15mr343326wro.61.1630514503575; Wed, 01 Sep 2021 09:41:43 -0700 (PDT) Received: from wsfd-netdev91.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id d28sm4093wrc.4.2021.09.01.09.41.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Sep 2021 09:41:43 -0700 (PDT) From: Mark Gray To: dev@openvswitch.org Date: Wed, 1 Sep 2021 12:41:38 -0400 Message-Id: <20210901164139.2554647-2-mark.d.gray@redhat.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210901164139.2554647-1-mark.d.gray@redhat.com> References: <20210901164139.2554647-1-mark.d.gray@redhat.com> MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=mark.d.gray@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Cc: numans@redhat.com Subject: [ovs-dev] [PATCH ovn v2 1/2] ovn-northd: Rename ovn-northd.c to northd.c X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" In order to seperate the northd processing logic from the ovn-northd application logic, rename ovn-northd. In this way, we can recreate ovn-northd.c with only the application logic. Signed-off-by: Mark Gray --- Documentation/tutorials/ovn-openstack.rst | 154 +++++++++++----------- northd/automake.mk | 2 +- northd/lrouter.dl | 2 +- northd/{ovn-northd.c => northd.c} | 4 +- northd/ovn.rs | 2 +- northd/ovn_northd.dl | 2 +- tests/ovn-northd.at | 2 +- 7 files changed, 84 insertions(+), 84 deletions(-) rename northd/{ovn-northd.c => northd.c} (99%) diff --git a/Documentation/tutorials/ovn-openstack.rst b/Documentation/tutorials/ovn-openstack.rst index 3ab4a240c0f3..557d6284f710 100644 --- a/Documentation/tutorials/ovn-openstack.rst +++ b/Documentation/tutorials/ovn-openstack.rst @@ -777,7 +777,7 @@ address for ``a``. Let's see what happens if we do:: ... ingress(dp="n1", inport="ap") ----------------------------- - 0. ls_in_port_sec_l2 (ovn-northd.c:3234): inport == "ap" && eth.src == {fa:16:3e:a9:4c:c7}, priority 50, uuid 6dcc418a + 0. ls_in_port_sec_l2 (northd.c:3234): inport == "ap" && eth.src == {fa:16:3e:a9:4c:c7}, priority 50, uuid 6dcc418a next; 13. ls_in_l2_lkup: no match (implicit drop) @@ -790,15 +790,15 @@ destination for ``b``:: ... ingress(dp="n1", inport="ap") ----------------------------- - 0. ls_in_port_sec_l2 (ovn-northd.c:3234): inport == "ap" && eth.src == {fa:16:3e:a9:4c:c7}, priority 50, uuid 6dcc418a + 0. ls_in_port_sec_l2 (northd.c:3234): inport == "ap" && eth.src == {fa:16:3e:a9:4c:c7}, priority 50, uuid 6dcc418a next; - 13. ls_in_l2_lkup (ovn-northd.c:3529): eth.dst == fa:16:3e:99:7a:17, priority 50, uuid 57a4c46f + 13. ls_in_l2_lkup (northd.c:3529): eth.dst == fa:16:3e:99:7a:17, priority 50, uuid 57a4c46f outport = "bp"; output; egress(dp="n1", inport="ap", outport="bp") ------------------------------------------ - 8. ls_out_port_sec_l2 (ovn-northd.c:3654): outport == "bp" && eth.dst == {fa:16:3e:99:7a:17}, priority 50, uuid 8aa6426d + 8. ls_out_port_sec_l2 (northd.c:3654): outport == "bp" && eth.dst == {fa:16:3e:99:7a:17}, priority 50, uuid 8aa6426d output; /* output to "bp", type "" */ @@ -1214,29 +1214,29 @@ as the output port:: ... ingress(dp="n1", inport="ap") ----------------------------- - 0. ls_in_port_sec_l2 (ovn-northd.c:3234): inport == "ap" && eth.src == {fa:16:3e:a9:4c:c7}, priority 50, uuid 6dcc418a + 0. ls_in_port_sec_l2 (northd.c:3234): inport == "ap" && eth.src == {fa:16:3e:a9:4c:c7}, priority 50, uuid 6dcc418a next; - 1. ls_in_port_sec_ip (ovn-northd.c:2364): inport == "ap" && eth.src == fa:16:3e:a9:4c:c7 && ip4.src == {10.1.1.5}, priority 90, uuid 343af48c + 1. ls_in_port_sec_ip (northd.c:2364): inport == "ap" && eth.src == fa:16:3e:a9:4c:c7 && ip4.src == {10.1.1.5}, priority 90, uuid 343af48c next; - 3. ls_in_pre_acl (ovn-northd.c:2646): ip, priority 100, uuid 46c089e6 + 3. ls_in_pre_acl (northd.c:2646): ip, priority 100, uuid 46c089e6 reg0[0] = 1; next; - 5. ls_in_pre_stateful (ovn-northd.c:2764): reg0[0] == 1, priority 100, uuid d1941634 + 5. ls_in_pre_stateful (northd.c:2764): reg0[0] == 1, priority 100, uuid d1941634 ct_next; ct_next(ct_state=est|trk /* default (use --ct to customize) */) --------------------------------------------------------------- - 6. ls_in_acl (ovn-northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (inport == "ap" && ip4), priority 2002, uuid a12b39f0 + 6. ls_in_acl (northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (inport == "ap" && ip4), priority 2002, uuid a12b39f0 next; - 13. ls_in_l2_lkup (ovn-northd.c:3529): eth.dst == fa:16:3e:f6:e2:8f, priority 50, uuid c43ead31 + 13. ls_in_l2_lkup (northd.c:3529): eth.dst == fa:16:3e:f6:e2:8f, priority 50, uuid c43ead31 outport = "17d870"; output; egress(dp="n1", inport="ap", outport="17d870") ---------------------------------------------- - 1. ls_out_pre_acl (ovn-northd.c:2626): ip && outport == "17d870", priority 110, uuid 60395450 + 1. ls_out_pre_acl (northd.c:2626): ip && outport == "17d870", priority 110, uuid 60395450 next; - 8. ls_out_port_sec_l2 (ovn-northd.c:3654): outport == "17d870", priority 50, uuid 91b5cab0 + 8. ls_out_port_sec_l2 (northd.c:3654): outport == "17d870", priority 50, uuid 91b5cab0 output; /* output to "17d870", type "patch" */ @@ -1250,9 +1250,9 @@ OVN "logical patch port":: ingress(dp="r", inport="lrp-17d870") ------------------------------------ - 0. lr_in_admission (ovn-northd.c:4071): eth.dst == fa:16:3e:f6:e2:8f && inport == "lrp-17d870", priority 50, uuid fa5270b0 + 0. lr_in_admission (northd.c:4071): eth.dst == fa:16:3e:f6:e2:8f && inport == "lrp-17d870", priority 50, uuid fa5270b0 next; - 5. lr_in_ip_routing (ovn-northd.c:3782): ip4.dst == 10.1.2.0/24, priority 49, uuid 5f9d469f + 5. lr_in_ip_routing (northd.c:3782): ip4.dst == 10.1.2.0/24, priority 49, uuid 5f9d469f ip.ttl--; reg0 = ip4.dst; reg1 = 10.1.2.1; @@ -1260,15 +1260,15 @@ OVN "logical patch port":: outport = "lrp-82b983"; flags.loopback = 1; next; - 6. lr_in_arp_resolve (ovn-northd.c:5088): outport == "lrp-82b983" && reg0 == 10.1.2.7, priority 100, uuid 03d506d3 + 6. lr_in_arp_resolve (northd.c:5088): outport == "lrp-82b983" && reg0 == 10.1.2.7, priority 100, uuid 03d506d3 eth.dst = fa:16:3e:89:f2:36; next; - 8. lr_in_arp_request (ovn-northd.c:5260): 1, priority 0, uuid 6dacdd82 + 8. lr_in_arp_request (northd.c:5260): 1, priority 0, uuid 6dacdd82 output; egress(dp="r", inport="lrp-17d870", outport="lrp-82b983") --------------------------------------------------------- - 3. lr_out_delivery (ovn-northd.c:5288): outport == "lrp-82b983", priority 100, uuid 00bea4f2 + 3. lr_out_delivery (northd.c:5288): outport == "lrp-82b983", priority 100, uuid 00bea4f2 output; /* output to "lrp-82b983", type "patch" */ @@ -1277,29 +1277,29 @@ Finally the logical switch for ``n2`` runs through the same logic as ingress(dp="n2", inport="82b983") --------------------------------- - 0. ls_in_port_sec_l2 (ovn-northd.c:3234): inport == "82b983", priority 50, uuid 9a789e06 + 0. ls_in_port_sec_l2 (northd.c:3234): inport == "82b983", priority 50, uuid 9a789e06 next; - 3. ls_in_pre_acl (ovn-northd.c:2624): ip && inport == "82b983", priority 110, uuid ab52f21a + 3. ls_in_pre_acl (northd.c:2624): ip && inport == "82b983", priority 110, uuid ab52f21a next; - 13. ls_in_l2_lkup (ovn-northd.c:3529): eth.dst == fa:16:3e:89:f2:36, priority 50, uuid dcafb3e9 + 13. ls_in_l2_lkup (northd.c:3529): eth.dst == fa:16:3e:89:f2:36, priority 50, uuid dcafb3e9 outport = "cp"; output; egress(dp="n2", inport="82b983", outport="cp") ---------------------------------------------- - 1. ls_out_pre_acl (ovn-northd.c:2648): ip, priority 100, uuid cd9cfa74 + 1. ls_out_pre_acl (northd.c:2648): ip, priority 100, uuid cd9cfa74 reg0[0] = 1; next; - 2. ls_out_pre_stateful (ovn-northd.c:2766): reg0[0] == 1, priority 100, uuid 9e8e22c5 + 2. ls_out_pre_stateful (northd.c:2766): reg0[0] == 1, priority 100, uuid 9e8e22c5 ct_next; ct_next(ct_state=est|trk /* default (use --ct to customize) */) --------------------------------------------------------------- - 4. ls_out_acl (ovn-northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (outport == "cp" && ip4 && ip4.src == $as_ip4_0fc1b6cf_f925_49e6_8f00_6dd13beca9dc), priority 2002, uuid a746fa0d + 4. ls_out_acl (northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (outport == "cp" && ip4 && ip4.src == $as_ip4_0fc1b6cf_f925_49e6_8f00_6dd13beca9dc), priority 2002, uuid a746fa0d next; - 7. ls_out_port_sec_ip (ovn-northd.c:2364): outport == "cp" && eth.dst == fa:16:3e:89:f2:36 && ip4.dst == {255.255.255.255, 224.0.0.0/4, 10.1.2.7}, priority 90, uuid 4d9862b5 + 7. ls_out_port_sec_ip (northd.c:2364): outport == "cp" && eth.dst == fa:16:3e:89:f2:36 && ip4.dst == {255.255.255.255, 224.0.0.0/4, 10.1.2.7}, priority 90, uuid 4d9862b5 next; - 8. ls_out_port_sec_l2 (ovn-northd.c:3654): outport == "cp" && eth.dst == {fa:16:3e:89:f2:36}, priority 50, uuid 0242cdc3 + 8. ls_out_port_sec_l2 (northd.c:3654): outport == "cp" && eth.dst == {fa:16:3e:89:f2:36}, priority 50, uuid 0242cdc3 output; /* output to "cp", type "" */ @@ -1442,17 +1442,17 @@ The first two stanzas just show the packet traveling through the ... ingress(dp="public", inport="provnet-d1ac28") --------------------------------------------- - 0. ls_in_port_sec_l2 (ovn-northd.c:3234): inport == "provnet-d1ac28", priority 50, uuid 8d86fb06 + 0. ls_in_port_sec_l2 (northd.c:3234): inport == "provnet-d1ac28", priority 50, uuid 8d86fb06 next; - 10. ls_in_arp_rsp (ovn-northd.c:3266): inport == "provnet-d1ac28", priority 100, uuid 21313eff + 10. ls_in_arp_rsp (northd.c:3266): inport == "provnet-d1ac28", priority 100, uuid 21313eff next; - 13. ls_in_l2_lkup (ovn-northd.c:3571): eth.dst == fa:16:3e:b2:d2:67 && is_chassis_resident("cr-lrp-ae9b52"), priority 50, uuid 7f28f51f + 13. ls_in_l2_lkup (northd.c:3571): eth.dst == fa:16:3e:b2:d2:67 && is_chassis_resident("cr-lrp-ae9b52"), priority 50, uuid 7f28f51f outport = "ae9b52"; output; egress(dp="public", inport="provnet-d1ac28", outport="ae9b52") -------------------------------------------------------------- - 8. ls_out_port_sec_l2 (ovn-northd.c:3654): outport == "ae9b52", priority 50, uuid 72fea396 + 8. ls_out_port_sec_l2 (northd.c:3654): outport == "ae9b52", priority 50, uuid 72fea396 output; /* output to "ae9b52", type "patch" */ @@ -1464,14 +1464,14 @@ IP:: ingress(dp="router1", inport="lrp-ae9b52") ------------------------------------------ - 0. lr_in_admission (ovn-northd.c:4071): eth.dst == fa:16:3e:b2:d2:67 && inport == "lrp-ae9b52" && is_chassis_resident("cr-lrp-ae9b52"), priority 50, uuid 8c6945c2 + 0. lr_in_admission (northd.c:4071): eth.dst == fa:16:3e:b2:d2:67 && inport == "lrp-ae9b52" && is_chassis_resident("cr-lrp-ae9b52"), priority 50, uuid 8c6945c2 next; - 3. lr_in_unsnat (ovn-northd.c:4591): ip && ip4.dst == 172.24.4.8 && inport == "lrp-ae9b52" && is_chassis_resident("cr-lrp-ae9b52"), priority 100, uuid e922f541 + 3. lr_in_unsnat (northd.c:4591): ip && ip4.dst == 172.24.4.8 && inport == "lrp-ae9b52" && is_chassis_resident("cr-lrp-ae9b52"), priority 100, uuid e922f541 ct_snat; ct_snat /* assuming no un-snat entry, so no change */ ----------------------------------------------------- - 4. lr_in_dnat (ovn-northd.c:4649): ip && ip4.dst == 172.24.4.8 && inport == "lrp-ae9b52" && is_chassis_resident("cr-lrp-ae9b52"), priority 100, uuid 02f41b79 + 4. lr_in_dnat (northd.c:4649): ip && ip4.dst == 172.24.4.8 && inport == "lrp-ae9b52" && is_chassis_resident("cr-lrp-ae9b52"), priority 100, uuid 02f41b79 ct_dnat(10.0.0.6); Still in "router1", the routing and output steps transmit the packet @@ -1479,7 +1479,7 @@ to the "private" network:: ct_dnat(ip4.dst=10.0.0.6) ------------------------- - 5. lr_in_ip_routing (ovn-northd.c:3782): ip4.dst == 10.0.0.0/26, priority 53, uuid 86e005b0 + 5. lr_in_ip_routing (northd.c:3782): ip4.dst == 10.0.0.0/26, priority 53, uuid 86e005b0 ip.ttl--; reg0 = ip4.dst; reg1 = 10.0.0.1; @@ -1487,15 +1487,15 @@ to the "private" network:: outport = "lrp-f264e7"; flags.loopback = 1; next; - 6. lr_in_arp_resolve (ovn-northd.c:5088): outport == "lrp-f264e7" && reg0 == 10.0.0.6, priority 100, uuid 2963d67c + 6. lr_in_arp_resolve (northd.c:5088): outport == "lrp-f264e7" && reg0 == 10.0.0.6, priority 100, uuid 2963d67c eth.dst = fa:16:3e:c1:f5:a2; next; - 8. lr_in_arp_request (ovn-northd.c:5260): 1, priority 0, uuid eea419b7 + 8. lr_in_arp_request (northd.c:5260): 1, priority 0, uuid eea419b7 output; egress(dp="router1", inport="lrp-ae9b52", outport="lrp-f264e7") --------------------------------------------------------------- - 3. lr_out_delivery (ovn-northd.c:5288): outport == "lrp-f264e7", priority 100, uuid 42dadc23 + 3. lr_out_delivery (northd.c:5288): outport == "lrp-f264e7", priority 100, uuid 42dadc23 output; /* output to "lrp-f264e7", type "patch" */ @@ -1504,29 +1504,29 @@ firewall and is output to ``d``:: ingress(dp="private", inport="f264e7") -------------------------------------- - 0. ls_in_port_sec_l2 (ovn-northd.c:3234): inport == "f264e7", priority 50, uuid 5b721214 + 0. ls_in_port_sec_l2 (northd.c:3234): inport == "f264e7", priority 50, uuid 5b721214 next; - 3. ls_in_pre_acl (ovn-northd.c:2624): ip && inport == "f264e7", priority 110, uuid 5bdc3209 + 3. ls_in_pre_acl (northd.c:2624): ip && inport == "f264e7", priority 110, uuid 5bdc3209 next; - 13. ls_in_l2_lkup (ovn-northd.c:3529): eth.dst == fa:16:3e:c1:f5:a2, priority 50, uuid 7957f80f + 13. ls_in_l2_lkup (northd.c:3529): eth.dst == fa:16:3e:c1:f5:a2, priority 50, uuid 7957f80f outport = "dp"; output; egress(dp="private", inport="f264e7", outport="dp") --------------------------------------------------- - 1. ls_out_pre_acl (ovn-northd.c:2648): ip, priority 100, uuid 4981c79d + 1. ls_out_pre_acl (northd.c:2648): ip, priority 100, uuid 4981c79d reg0[0] = 1; next; - 2. ls_out_pre_stateful (ovn-northd.c:2766): reg0[0] == 1, priority 100, uuid 247e02eb + 2. ls_out_pre_stateful (northd.c:2766): reg0[0] == 1, priority 100, uuid 247e02eb ct_next; ct_next(ct_state=est|trk /* default (use --ct to customize) */) --------------------------------------------------------------- - 4. ls_out_acl (ovn-northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (outport == "dp" && ip4 && ip4.src == 0.0.0.0/0 && icmp4), priority 2002, uuid b860fc9f + 4. ls_out_acl (northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (outport == "dp" && ip4 && ip4.src == 0.0.0.0/0 && icmp4), priority 2002, uuid b860fc9f next; - 7. ls_out_port_sec_ip (ovn-northd.c:2364): outport == "dp" && eth.dst == fa:16:3e:c1:f5:a2 && ip4.dst == {255.255.255.255, 224.0.0.0/4, 10.0.0.6}, priority 90, uuid 15655a98 + 7. ls_out_port_sec_ip (northd.c:2364): outport == "dp" && eth.dst == fa:16:3e:c1:f5:a2 && ip4.dst == {255.255.255.255, 224.0.0.0/4, 10.0.0.6}, priority 90, uuid 15655a98 next; - 8. ls_out_port_sec_l2 (ovn-northd.c:3654): outport == "dp" && eth.dst == {fa:16:3e:c1:f5:a2}, priority 50, uuid 5916f94b + 8. ls_out_port_sec_l2 (northd.c:3654): outport == "dp" && eth.dst == {fa:16:3e:c1:f5:a2}, priority 50, uuid 5916f94b output; /* output to "dp", type "" */ @@ -1622,37 +1622,37 @@ closely to those for IPv4 which we already discussed back under ... ingress(dp="n1", inport="ap") ----------------------------- - 0. ls_in_port_sec_l2 (ovn-northd.c:3234): inport == "ap" && eth.src == {fa:16:3e:a9:4c:c7}, priority 50, uuid 6dcc418a + 0. ls_in_port_sec_l2 (northd.c:3234): inport == "ap" && eth.src == {fa:16:3e:a9:4c:c7}, priority 50, uuid 6dcc418a next; - 1. ls_in_port_sec_ip (ovn-northd.c:2390): inport == "ap" && eth.src == fa:16:3e:a9:4c:c7 && ip6.src == {fe80::f816:3eff:fea9:4cc7, fc11::5}, priority 90, uuid 604810ea + 1. ls_in_port_sec_ip (northd.c:2390): inport == "ap" && eth.src == fa:16:3e:a9:4c:c7 && ip6.src == {fe80::f816:3eff:fea9:4cc7, fc11::5}, priority 90, uuid 604810ea next; - 3. ls_in_pre_acl (ovn-northd.c:2646): ip, priority 100, uuid 46c089e6 + 3. ls_in_pre_acl (northd.c:2646): ip, priority 100, uuid 46c089e6 reg0[0] = 1; next; - 5. ls_in_pre_stateful (ovn-northd.c:2764): reg0[0] == 1, priority 100, uuid d1941634 + 5. ls_in_pre_stateful (northd.c:2764): reg0[0] == 1, priority 100, uuid d1941634 ct_next; ct_next(ct_state=est|trk /* default (use --ct to customize) */) --------------------------------------------------------------- - 6. ls_in_acl (ovn-northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (inport == "ap" && ip6), priority 2002, uuid 7fdd607e + 6. ls_in_acl (northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (inport == "ap" && ip6), priority 2002, uuid 7fdd607e next; - 13. ls_in_l2_lkup (ovn-northd.c:3529): eth.dst == fa:16:3e:ef:2f:8b, priority 50, uuid e1d87fc5 + 13. ls_in_l2_lkup (northd.c:3529): eth.dst == fa:16:3e:ef:2f:8b, priority 50, uuid e1d87fc5 outport = "ad952e"; output; egress(dp="n1", inport="ap", outport="ad952e") ---------------------------------------------- - 1. ls_out_pre_acl (ovn-northd.c:2626): ip && outport == "ad952e", priority 110, uuid 88f68988 + 1. ls_out_pre_acl (northd.c:2626): ip && outport == "ad952e", priority 110, uuid 88f68988 next; - 8. ls_out_port_sec_l2 (ovn-northd.c:3654): outport == "ad952e", priority 50, uuid 5935755e + 8. ls_out_port_sec_l2 (northd.c:3654): outport == "ad952e", priority 50, uuid 5935755e output; /* output to "ad952e", type "patch" */ ingress(dp="r", inport="lrp-ad952e") ------------------------------------ - 0. lr_in_admission (ovn-northd.c:4071): eth.dst == fa:16:3e:ef:2f:8b && inport == "lrp-ad952e", priority 50, uuid ddfeb712 + 0. lr_in_admission (northd.c:4071): eth.dst == fa:16:3e:ef:2f:8b && inport == "lrp-ad952e", priority 50, uuid ddfeb712 next; - 5. lr_in_ip_routing (ovn-northd.c:3782): ip6.dst == fc22::/64, priority 129, uuid cc2130ec + 5. lr_in_ip_routing (northd.c:3782): ip6.dst == fc22::/64, priority 129, uuid cc2130ec ip.ttl--; xxreg0 = ip6.dst; xxreg1 = fc22::1; @@ -1660,43 +1660,43 @@ closely to those for IPv4 which we already discussed back under outport = "lrp-1a8162"; flags.loopback = 1; next; - 6. lr_in_arp_resolve (ovn-northd.c:5122): outport == "lrp-1a8162" && xxreg0 == fc22::7, priority 100, uuid bcf75288 + 6. lr_in_arp_resolve (northd.c:5122): outport == "lrp-1a8162" && xxreg0 == fc22::7, priority 100, uuid bcf75288 eth.dst = fa:16:3e:89:f2:36; next; - 8. lr_in_arp_request (ovn-northd.c:5260): 1, priority 0, uuid 6dacdd82 + 8. lr_in_arp_request (northd.c:5260): 1, priority 0, uuid 6dacdd82 output; egress(dp="r", inport="lrp-ad952e", outport="lrp-1a8162") --------------------------------------------------------- - 3. lr_out_delivery (ovn-northd.c:5288): outport == "lrp-1a8162", priority 100, uuid 5260dfc5 + 3. lr_out_delivery (northd.c:5288): outport == "lrp-1a8162", priority 100, uuid 5260dfc5 output; /* output to "lrp-1a8162", type "patch" */ ingress(dp="n2", inport="1a8162") --------------------------------- - 0. ls_in_port_sec_l2 (ovn-northd.c:3234): inport == "1a8162", priority 50, uuid 10957d1b + 0. ls_in_port_sec_l2 (northd.c:3234): inport == "1a8162", priority 50, uuid 10957d1b next; - 3. ls_in_pre_acl (ovn-northd.c:2624): ip && inport == "1a8162", priority 110, uuid a27ebd00 + 3. ls_in_pre_acl (northd.c:2624): ip && inport == "1a8162", priority 110, uuid a27ebd00 next; - 13. ls_in_l2_lkup (ovn-northd.c:3529): eth.dst == fa:16:3e:89:f2:36, priority 50, uuid dcafb3e9 + 13. ls_in_l2_lkup (northd.c:3529): eth.dst == fa:16:3e:89:f2:36, priority 50, uuid dcafb3e9 outport = "cp"; output; egress(dp="n2", inport="1a8162", outport="cp") ---------------------------------------------- - 1. ls_out_pre_acl (ovn-northd.c:2648): ip, priority 100, uuid cd9cfa74 + 1. ls_out_pre_acl (northd.c:2648): ip, priority 100, uuid cd9cfa74 reg0[0] = 1; next; - 2. ls_out_pre_stateful (ovn-northd.c:2766): reg0[0] == 1, priority 100, uuid 9e8e22c5 + 2. ls_out_pre_stateful (northd.c:2766): reg0[0] == 1, priority 100, uuid 9e8e22c5 ct_next; ct_next(ct_state=est|trk /* default (use --ct to customize) */) --------------------------------------------------------------- - 4. ls_out_acl (ovn-northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (outport == "cp" && ip6 && ip6.src == $as_ip6_0fc1b6cf_f925_49e6_8f00_6dd13beca9dc), priority 2002, uuid 12fc96f9 + 4. ls_out_acl (northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (outport == "cp" && ip6 && ip6.src == $as_ip6_0fc1b6cf_f925_49e6_8f00_6dd13beca9dc), priority 2002, uuid 12fc96f9 next; - 7. ls_out_port_sec_ip (ovn-northd.c:2390): outport == "cp" && eth.dst == fa:16:3e:89:f2:36 && ip6.dst == {fe80::f816:3eff:fe89:f236, ff00::/8, fc22::7}, priority 90, uuid c622596a + 7. ls_out_port_sec_ip (northd.c:2390): outport == "cp" && eth.dst == fa:16:3e:89:f2:36 && ip6.dst == {fe80::f816:3eff:fe89:f236, ff00::/8, fc22::7}, priority 90, uuid c622596a next; - 8. ls_out_port_sec_l2 (ovn-northd.c:3654): outport == "cp" && eth.dst == {fa:16:3e:89:f2:36}, priority 50, uuid 0242cdc3 + 8. ls_out_port_sec_l2 (northd.c:3654): outport == "cp" && eth.dst == {fa:16:3e:89:f2:36}, priority 50, uuid 0242cdc3 output; /* output to "cp", type "" */ @@ -1882,14 +1882,14 @@ just the usual travel through the firewall:: ... ingress(dp="n1", inport="ap") ----------------------------- - 0. ls_in_port_sec_l2 (ovn-northd.c:3234): inport == "ap" && eth.src == {fa:16:3e:a9:4c:c7}, priority 50, uuid 6dcc418a + 0. ls_in_port_sec_l2 (northd.c:3234): inport == "ap" && eth.src == {fa:16:3e:a9:4c:c7}, priority 50, uuid 6dcc418a next; - 1. ls_in_port_sec_ip (ovn-northd.c:2325): inport == "ap" && eth.src == fa:16:3e:a9:4c:c7 && ip4.src == 0.0.0.0 && ip4.dst == 255.255.255.255 && udp.src == 68 && udp.dst == 67, priority 90, uuid e46bed6f + 1. ls_in_port_sec_ip (northd.c:2325): inport == "ap" && eth.src == fa:16:3e:a9:4c:c7 && ip4.src == 0.0.0.0 && ip4.dst == 255.255.255.255 && udp.src == 68 && udp.dst == 67, priority 90, uuid e46bed6f next; - 3. ls_in_pre_acl (ovn-northd.c:2646): ip, priority 100, uuid 46c089e6 + 3. ls_in_pre_acl (northd.c:2646): ip, priority 100, uuid 46c089e6 reg0[0] = 1; next; - 5. ls_in_pre_stateful (ovn-northd.c:2764): reg0[0] == 1, priority 100, uuid d1941634 + 5. ls_in_pre_stateful (northd.c:2764): reg0[0] == 1, priority 100, uuid d1941634 ct_next; The next part is the new part. First, an ACL in table 6 allows a DHCP @@ -1898,13 +1898,13 @@ action replaces a DHCPDISCOVER or DHCPREQUEST packet by a reply. Table 12 flips the packet's source and destination and sends it back the way it came in:: - 6. ls_in_acl (ovn-northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (inport == "ap" && ip4 && ip4.dst == {255.255.255.255, 10.1.1.0/24} && udp && udp.src == 68 && udp.dst == 67), priority 2002, uuid 9c90245d + 6. ls_in_acl (northd.c:2925): !ct.new && ct.est && !ct.rpl && ct_label.blocked == 0 && (inport == "ap" && ip4 && ip4.dst == {255.255.255.255, 10.1.1.0/24} && udp && udp.src == 68 && udp.dst == 67), priority 2002, uuid 9c90245d next; - 11. ls_in_dhcp_options (ovn-northd.c:3409): inport == "ap" && eth.src == fa:16:3e:a9:4c:c7 && ip4.src == 0.0.0.0 && ip4.dst == 255.255.255.255 && udp.src == 68 && udp.dst == 67, priority 100, uuid 8d63f29c + 11. ls_in_dhcp_options (northd.c:3409): inport == "ap" && eth.src == fa:16:3e:a9:4c:c7 && ip4.src == 0.0.0.0 && ip4.dst == 255.255.255.255 && udp.src == 68 && udp.dst == 67, priority 100, uuid 8d63f29c reg0[3] = put_dhcp_opts(offerip = 10.1.1.5, lease_time = 43200, mtu = 1442, netmask = 255.255.255.0, router = 10.1.1.1, server_id = 10.1.1.1); /* We assume that this packet is DHCPDISCOVER or DHCPREQUEST. */ next; - 12. ls_in_dhcp_response (ovn-northd.c:3438): inport == "ap" && eth.src == fa:16:3e:a9:4c:c7 && ip4 && udp.src == 68 && udp.dst == 67 && reg0[3], priority 100, uuid 995eeaa9 + 12. ls_in_dhcp_response (northd.c:3438): inport == "ap" && eth.src == fa:16:3e:a9:4c:c7 && ip4 && udp.src == 68 && udp.dst == 67 && reg0[3], priority 100, uuid 995eeaa9 eth.dst = eth.src; eth.src = fa:16:3e:bb:94:72; ip4.dst = 10.1.1.5; @@ -1920,20 +1920,20 @@ Then the last part is just traveling back through the firewall to VM egress(dp="n1", inport="ap", outport="ap") ------------------------------------------ - 1. ls_out_pre_acl (ovn-northd.c:2648): ip, priority 100, uuid 3752b746 + 1. ls_out_pre_acl (northd.c:2648): ip, priority 100, uuid 3752b746 reg0[0] = 1; next; - 2. ls_out_pre_stateful (ovn-northd.c:2766): reg0[0] == 1, priority 100, uuid 0c066ea1 + 2. ls_out_pre_stateful (northd.c:2766): reg0[0] == 1, priority 100, uuid 0c066ea1 ct_next; ct_next(ct_state=est|trk /* default (use --ct to customize) */) --------------------------------------------------------------- - 4. ls_out_acl (ovn-northd.c:3008): outport == "ap" && eth.src == fa:16:3e:bb:94:72 && ip4.src == 10.1.1.1 && udp && udp.src == 67 && udp.dst == 68, priority 34000, uuid 0b383e77 + 4. ls_out_acl (northd.c:3008): outport == "ap" && eth.src == fa:16:3e:bb:94:72 && ip4.src == 10.1.1.1 && udp && udp.src == 67 && udp.dst == 68, priority 34000, uuid 0b383e77 ct_commit; next; - 7. ls_out_port_sec_ip (ovn-northd.c:2364): outport == "ap" && eth.dst == fa:16:3e:a9:4c:c7 && ip4.dst == {255.255.255.255, 224.0.0.0/4, 10.1.1.5}, priority 90, uuid 7b8cbcd5 + 7. ls_out_port_sec_ip (northd.c:2364): outport == "ap" && eth.dst == fa:16:3e:a9:4c:c7 && ip4.dst == {255.255.255.255, 224.0.0.0/4, 10.1.1.5}, priority 90, uuid 7b8cbcd5 next; - 8. ls_out_port_sec_l2 (ovn-northd.c:3654): outport == "ap" && eth.dst == {fa:16:3e:a9:4c:c7}, priority 50, uuid b874ece8 + 8. ls_out_port_sec_l2 (northd.c:3654): outport == "ap" && eth.dst == {fa:16:3e:a9:4c:c7}, priority 50, uuid b874ece8 output; /* output to "ap", type "" */ diff --git a/northd/automake.mk b/northd/automake.mk index 6da54deb8ef4..306b533a486b 100644 --- a/northd/automake.mk +++ b/northd/automake.mk @@ -1,7 +1,7 @@ # ovn-northd bin_PROGRAMS += northd/ovn-northd northd_ovn_northd_SOURCES = \ - northd/ovn-northd.c \ + northd/northd.c \ northd/ipam.c \ northd/ipam.h northd_ovn_northd_LDADD = \ diff --git a/northd/lrouter.dl b/northd/lrouter.dl index 1835d4c78d3f..ad7ee73fffd5 100644 --- a/northd/lrouter.dl +++ b/northd/lrouter.dl @@ -368,7 +368,7 @@ function snat_for_lb(lr_options: Map, lb: Intern) LogicalRouterSnatIP(lr._uuid, force_snat_ip, None) :- lr in nb::Logical_Router(), diff --git a/northd/ovn-northd.c b/northd/northd.c similarity index 99% rename from northd/ovn-northd.c rename to northd/northd.c index ee761cef0fa6..e9a8492880e4 100644 --- a/northd/ovn-northd.c +++ b/northd/northd.c @@ -13386,8 +13386,8 @@ build_lflows(struct northd_context *ctx, struct hmap *datapaths, sbrec_logical_flow_set_controller_meter(sbflow, lflow->ctrl_meter); /* Trim the source locator lflow->where, which looks something like - * "ovn/northd/ovn-northd.c:1234", down to just the part following the - * last slash, e.g. "ovn-northd.c:1234". */ + * "ovn/northd/northd.c:1234", down to just the part following the + * last slash, e.g. "northd.c:1234". */ const char *slash = strrchr(lflow->where, '/'); #if _WIN32 const char *backslash = strrchr(lflow->where, '\\'); diff --git a/northd/ovn.rs b/northd/ovn.rs index 5f0939409c96..746884071e70 100644 --- a/northd/ovn.rs +++ b/northd/ovn.rs @@ -614,7 +614,7 @@ impl lport_addresses_c { } } -/* functions imported from ovn-northd.c */ +/* functions imported from northd.c */ extern "C" { fn ddlog_warn(msg: *const raw::c_char); fn ddlog_err(msg: *const raw::c_char); diff --git a/northd/ovn_northd.dl b/northd/ovn_northd.dl index ff92c989c69f..d47d4d0ee072 100644 --- a/northd/ovn_northd.dl +++ b/northd/ovn_northd.dl @@ -3974,7 +3974,7 @@ function json_string_escape_vec(names: Vec): string * to external ports because only one chassis should send such a reply. * * Returns a prefix and a suffix string. There is no reason for this except - * that it makes it possible to exactly mimic the format used by ovn-northd.c + * that it makes it possible to exactly mimic the format used by northd.c * so that text-based comparisons do not show differences. (This fails if * there's more than one localnet port since the C version uses multiple flows * in that case.) diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index 11886b94e0ed..424d03991759 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -4057,7 +4057,7 @@ AT_CHECK([grep -w "ls_in_dhcp_options" sw0flows | sort], [0], [dnl AT_CLEANUP ]) -# XXX This test currently only runs for ovn-northd.c. The test fails +# XXX This test currently only runs for northd.c. The test fails # with ovn-northd-ddlog because of the section where 2 HA_Chassis_Groups # are used by 2 routers. For some reason, this causes ovn-northd-ddlog # to stop processing new changes to the northbound database and to From patchwork Wed Sep 1 16:41:39 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Gray X-Patchwork-Id: 1523310 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=Ks0IdLha; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.138; helo=smtp1.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4H08wX6lNCz9sXN for ; Thu, 2 Sep 2021 02:42:04 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id B2DEB8295A; Wed, 1 Sep 2021 16:42:02 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id idyktg9Bp1rV; Wed, 1 Sep 2021 16:41:58 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp1.osuosl.org (Postfix) with ESMTPS id B5BAD81DBF; Wed, 1 Sep 2021 16:41:57 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 8BDECC0010; Wed, 1 Sep 2021 16:41:57 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id A019BC0010 for ; Wed, 1 Sep 2021 16:41:56 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 6E56740289 for ; Wed, 1 Sep 2021 16:41:56 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp2.osuosl.org (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=redhat.com Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xhdg6eZ8lU7k for ; Wed, 1 Sep 2021 16:41:51 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id 8D966401CE for ; Wed, 1 Sep 2021 16:41:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1630514510; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/eoQGazqgycmY398VH2IxmYWyZY1T3HKpfd/e/JmBn4=; b=Ks0IdLham4gqEsrk0sjVRbWsu992ovFshP+M0NCC57JpzJvDYMF5khdsfErpzD7ohQgOsa PVPf7OBYBX2yErNCXAP4g7TomcH9u/YbNLH8G11ttoqQXe1YH+1SE8A3N+IItbYXdndPfQ O7azq82lto1+Ayx8TPLOkPJ+WYD4Yo0= Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com [209.85.221.72]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-337-t-keNrtGM6aDDtygvbw78w-1; Wed, 01 Sep 2021 12:41:49 -0400 X-MC-Unique: t-keNrtGM6aDDtygvbw78w-1 Received: by mail-wr1-f72.google.com with SMTP id d10-20020adffbca000000b00157bc86d94eso84651wrs.20 for ; Wed, 01 Sep 2021 09:41:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=IJmJTqa5cqWfqPqAYW/7ilQOHwnGgcRzkKcnPxuSCIY=; b=TxziTc8guUtCVMThJbuwt7OKC3z3/vpF+M6umuhuur3MZubyCrGbYR85oRKZoonczm swZYEWEhZG8mrUcjmOUpucrM+rAN15kPBXyG3/UWdgpx5LH354jY59OiHgNs/yv+QsnM bxv1GFULgvoXTp4ND9UhFGz2V/C4Wh9wRhKNyosyUsAY8an4cbdEJ81N7OHkEfkLS9p+ wu1lKE7oe31RHAW4tbGU0OSG+StOs1CexTBJPthrZ0sD+Ovz+3JDmoBcVZI/Byu/UoRS JY83sigRjPKzCIzIYYIc9IrjA57UUG5L2U0/IwccV2YuxXsTWq/tAL77uDSJMeVd7jnY W+9g== X-Gm-Message-State: AOAM533j2Lh3GT3hC7FjiZfbPsibXOKXppd/z20AojtjIy2dgXDX4u64 zm7ojX7dzROqfOIO6l/twqQuSKad3C5fmez5iC4+VPaPhHowN5iKRvFy8+RKz7cCRiScFArvqB2 lt4HY7WS+APREC1Er+/SZEOR01vq9cFNo7BMP6RO1K7zmVXk2JLTT8EtGLHNqUN0XnSUN X-Received: by 2002:a05:600c:294:: with SMTP id 20mr454703wmk.180.1630514506420; Wed, 01 Sep 2021 09:41:46 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxYTuwd7icDDXZy3P8w9FHibDIH5wrpTkIXRLh901wsWKUAX2Uv/q82J/XGwlUf9Y81B2DnUA== X-Received: by 2002:a05:600c:294:: with SMTP id 20mr454564wmk.180.1630514505233; Wed, 01 Sep 2021 09:41:45 -0700 (PDT) Received: from wsfd-netdev91.ntdv.lab.eng.bos.redhat.com (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id d28sm4093wrc.4.2021.09.01.09.41.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Sep 2021 09:41:44 -0700 (PDT) From: Mark Gray To: dev@openvswitch.org Date: Wed, 1 Sep 2021 12:41:39 -0400 Message-Id: <20210901164139.2554647-3-mark.d.gray@redhat.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210901164139.2554647-1-mark.d.gray@redhat.com> References: <20210901164139.2554647-1-mark.d.gray@redhat.com> MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=mark.d.gray@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Cc: numans@redhat.com Subject: [ovs-dev] [PATCH ovn v2 2/2] northd: Split northd.c X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" This commit splits northd into two parts. One part, ovn-northd.c, is responsible for the `ovn-northd` application, and the other is responsible for northd processing. This takes one step towards a more modular northd code base. Signed-off-by: Mark Gray --- northd/automake.mk | 2 + northd/northd.c | 1108 +------------------------------------------ northd/northd.h | 42 ++ northd/ovn-northd.c | 1100 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 1161 insertions(+), 1091 deletions(-) create mode 100644 northd/northd.h create mode 100644 northd/ovn-northd.c diff --git a/northd/automake.mk b/northd/automake.mk index 306b533a486b..35ad8c09d9ba 100644 --- a/northd/automake.mk +++ b/northd/automake.mk @@ -2,6 +2,8 @@ bin_PROGRAMS += northd/ovn-northd northd_ovn_northd_SOURCES = \ northd/northd.c \ + northd/northd.h \ + northd/ovn-northd.c \ northd/ipam.c \ northd/ipam.h northd_ovn_northd_LDADD = \ diff --git a/northd/northd.c b/northd/northd.c index e9a8492880e4..262c7755e718 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -14,17 +14,13 @@ #include -#include #include #include #include "bitmap.h" -#include "command-line.h" -#include "daemon.h" #include "dirs.h" #include "ipam.h" #include "openvswitch/dynamic-string.h" -#include "fatal-signal.h" #include "hash.h" #include "hmapx.h" #include "openvswitch/hmap.h" @@ -40,13 +36,12 @@ #include "lib/ovn-util.h" #include "lib/lb.h" #include "memory.h" -#include "ovs-numa.h" +#include "northd.h" #include "lib/ovn-parallel-hmap.h" #include "ovn/actions.h" #include "ovn/features.h" #include "ovn/logical-fields.h" #include "packets.h" -#include "openvswitch/poll-loop.h" #include "simap.h" #include "smap.h" #include "sset.h" @@ -54,41 +49,12 @@ #include "stopwatch.h" #include "lib/stopwatch-names.h" #include "stream.h" -#include "stream-ssl.h" #include "timeval.h" -#include "unixctl.h" #include "util.h" #include "uuid.h" #include "openvswitch/vlog.h" -VLOG_DEFINE_THIS_MODULE(ovn_northd); - -static unixctl_cb_func ovn_northd_exit; -static unixctl_cb_func ovn_northd_pause; -static unixctl_cb_func ovn_northd_resume; -static unixctl_cb_func ovn_northd_is_paused; -static unixctl_cb_func ovn_northd_status; -static unixctl_cb_func cluster_state_reset_cmd; - -struct northd_context { - struct ovsdb_idl *ovnnb_idl; - struct ovsdb_idl *ovnsb_idl; - struct ovsdb_idl_txn *ovnnb_txn; - struct ovsdb_idl_txn *ovnsb_txn; - struct ovsdb_idl_index *sbrec_chassis_by_name; - struct ovsdb_idl_index *sbrec_ha_chassis_grp_by_name; - struct ovsdb_idl_index *sbrec_mcast_group_by_name_dp; - struct ovsdb_idl_index *sbrec_ip_mcast_by_dp; -}; - -struct northd_state { - bool had_lock; - bool paused; -}; - -static const char *ovnnb_db; -static const char *ovnsb_db; -static const char *unixctl_path; +VLOG_DEFINE_THIS_MODULE(northd); static bool controller_event_en; @@ -110,12 +76,6 @@ static bool use_ct_inv_match = true; #define DEFAULT_PROBE_INTERVAL_MSEC 5000 static int northd_probe_interval_nb = 0; static int northd_probe_interval_sb = 0; - -/* SSL options */ -static const char *ssl_private_key_file; -static const char *ssl_certificate_file; -static const char *ssl_ca_cert_file; - #define MAX_OVN_TAGS 4096 /* Pipeline stages. */ @@ -403,29 +363,6 @@ ovn_stage_to_datapath_type(enum ovn_stage stage) } } -static void -usage(void) -{ - printf("\ -%s: OVN northbound management daemon\n\ -usage: %s [OPTIONS]\n\ -\n\ -Options:\n\ - --ovnnb-db=DATABASE connect to ovn-nb database at DATABASE\n\ - (default: %s)\n\ - --ovnsb-db=DATABASE connect to ovn-sb database at DATABASE\n\ - (default: %s)\n\ - --dry-run start in paused state (do not commit db changes)\n\ - --unixctl=SOCKET override default control socket name\n\ - -h, --help display this help message\n\ - -o, --options list available options\n\ - -V, --version display version information\n\ -", program_name, program_name, default_nb_db(), default_sb_db()); - daemon_usage(); - vlog_usage(); - stream_usage("database", true, true, false); -} - struct ovn_chassis_qdisc_queues { struct hmap_node key_node; uint32_t queue_id; @@ -4358,9 +4295,9 @@ ovn_lflow_init(struct ovn_lflow *lflow, struct ovn_datapath *od, /* If this option is 'true' northd will combine logical flows that differ by * logical datapath only by creating a datapath group. */ static bool use_logical_dp_groups = false; -static bool use_parallel_build = true; +static bool use_parallel_build = false; -static struct hashrow_locks lflow_locks; +static struct hashrow_locks *lflow_locks; /* Adds a row with the specified contents to the Logical_Flow table. * Version to use when locking is required. @@ -4454,10 +4391,10 @@ ovn_dp_group_add_with_reference(struct ovn_lflow *lflow_ref, return false; } - if (use_parallel_build) { - lock_hash_row(&lflow_locks, hash); + if (use_logical_dp_groups && use_parallel_build) { + lock_hash_row(lflow_locks, hash); hmapx_add(&lflow_ref->od_group, od); - unlock_hash_row(&lflow_locks, hash); + unlock_hash_row(lflow_locks, hash); } else { hmapx_add(&lflow_ref->od_group, od); } @@ -13171,7 +13108,7 @@ build_lflows(struct northd_context *ctx, struct hmap *datapaths, fast_hmap_size_for(&lflows, max_seen_lflow_size); if (use_parallel_build) { - update_hashrow_locks(&lflows, &lflow_locks); + update_hashrow_locks(&lflows, lflow_locks); } build_lswitch_and_lrouter_flows(datapaths, ports, port_groups, &lflows, mcgroups, @@ -14239,8 +14176,11 @@ ovnnb_db_run(struct northd_context *ctx, smap_destroy(&options); /* Update the probe interval. */ - northd_probe_interval_nb = get_probe_interval(ovnnb_db, nb); - northd_probe_interval_sb = get_probe_interval(ovnsb_db, nb); + northd_probe_interval_nb = get_probe_interval(ctx->ovnnb_db, nb); + northd_probe_interval_sb = get_probe_interval(ctx->ovnsb_db, nb); + + ovsdb_idl_set_probe_interval(ctx->ovnnb_idl, northd_probe_interval_nb); + ovsdb_idl_set_probe_interval(ctx->ovnsb_idl, northd_probe_interval_sb); use_parallel_build = (smap_get_bool(&nb->options, "use_parallel_build", false) && @@ -14532,373 +14472,6 @@ handle_port_binding_changes(struct northd_context *ctx, struct hmap *ports, } } -static struct gen_opts_map supported_dhcp_opts[] = { - OFFERIP, - DHCP_OPT_NETMASK, - DHCP_OPT_ROUTER, - DHCP_OPT_DNS_SERVER, - DHCP_OPT_LOG_SERVER, - DHCP_OPT_LPR_SERVER, - DHCP_OPT_SWAP_SERVER, - DHCP_OPT_POLICY_FILTER, - DHCP_OPT_ROUTER_SOLICITATION, - DHCP_OPT_NIS_SERVER, - DHCP_OPT_NTP_SERVER, - DHCP_OPT_SERVER_ID, - DHCP_OPT_TFTP_SERVER, - DHCP_OPT_CLASSLESS_STATIC_ROUTE, - DHCP_OPT_MS_CLASSLESS_STATIC_ROUTE, - DHCP_OPT_IP_FORWARD_ENABLE, - DHCP_OPT_ROUTER_DISCOVERY, - DHCP_OPT_ETHERNET_ENCAP, - DHCP_OPT_DEFAULT_TTL, - DHCP_OPT_TCP_TTL, - DHCP_OPT_MTU, - DHCP_OPT_LEASE_TIME, - DHCP_OPT_T1, - DHCP_OPT_T2, - DHCP_OPT_WPAD, - DHCP_OPT_BOOTFILE, - DHCP_OPT_PATH_PREFIX, - DHCP_OPT_TFTP_SERVER_ADDRESS, - DHCP_OPT_HOSTNAME, - DHCP_OPT_DOMAIN_NAME, - DHCP_OPT_ARP_CACHE_TIMEOUT, - DHCP_OPT_TCP_KEEPALIVE_INTERVAL, - DHCP_OPT_DOMAIN_SEARCH_LIST, - DHCP_OPT_BOOTFILE_ALT, - DHCP_OPT_BROADCAST_ADDRESS, - DHCP_OPT_NETBIOS_NAME_SERVER, - DHCP_OPT_NETBIOS_NODE_TYPE, -}; - -static struct gen_opts_map supported_dhcpv6_opts[] = { - DHCPV6_OPT_IA_ADDR, - DHCPV6_OPT_SERVER_ID, - DHCPV6_OPT_DOMAIN_SEARCH, - DHCPV6_OPT_DNS_SERVER -}; - -static void -check_and_add_supported_dhcp_opts_to_sb_db(struct northd_context *ctx) -{ - struct hmap dhcp_opts_to_add = HMAP_INITIALIZER(&dhcp_opts_to_add); - for (size_t i = 0; (i < sizeof(supported_dhcp_opts) / - sizeof(supported_dhcp_opts[0])); i++) { - hmap_insert(&dhcp_opts_to_add, &supported_dhcp_opts[i].hmap_node, - dhcp_opt_hash(supported_dhcp_opts[i].name)); - } - - const struct sbrec_dhcp_options *opt_row, *opt_row_next; - SBREC_DHCP_OPTIONS_FOR_EACH_SAFE(opt_row, opt_row_next, ctx->ovnsb_idl) { - struct gen_opts_map *dhcp_opt = - dhcp_opts_find(&dhcp_opts_to_add, opt_row->name); - if (dhcp_opt) { - if (!strcmp(dhcp_opt->type, opt_row->type) && - dhcp_opt->code == opt_row->code) { - hmap_remove(&dhcp_opts_to_add, &dhcp_opt->hmap_node); - } else { - sbrec_dhcp_options_delete(opt_row); - } - } else { - sbrec_dhcp_options_delete(opt_row); - } - } - - struct gen_opts_map *opt; - HMAP_FOR_EACH (opt, hmap_node, &dhcp_opts_to_add) { - struct sbrec_dhcp_options *sbrec_dhcp_option = - sbrec_dhcp_options_insert(ctx->ovnsb_txn); - sbrec_dhcp_options_set_name(sbrec_dhcp_option, opt->name); - sbrec_dhcp_options_set_code(sbrec_dhcp_option, opt->code); - sbrec_dhcp_options_set_type(sbrec_dhcp_option, opt->type); - } - - hmap_destroy(&dhcp_opts_to_add); -} - -static void -check_and_add_supported_dhcpv6_opts_to_sb_db(struct northd_context *ctx) -{ - struct hmap dhcpv6_opts_to_add = HMAP_INITIALIZER(&dhcpv6_opts_to_add); - for (size_t i = 0; (i < sizeof(supported_dhcpv6_opts) / - sizeof(supported_dhcpv6_opts[0])); i++) { - hmap_insert(&dhcpv6_opts_to_add, &supported_dhcpv6_opts[i].hmap_node, - dhcp_opt_hash(supported_dhcpv6_opts[i].name)); - } - - const struct sbrec_dhcpv6_options *opt_row, *opt_row_next; - SBREC_DHCPV6_OPTIONS_FOR_EACH_SAFE(opt_row, opt_row_next, ctx->ovnsb_idl) { - struct gen_opts_map *dhcp_opt = - dhcp_opts_find(&dhcpv6_opts_to_add, opt_row->name); - if (dhcp_opt) { - hmap_remove(&dhcpv6_opts_to_add, &dhcp_opt->hmap_node); - } else { - sbrec_dhcpv6_options_delete(opt_row); - } - } - - struct gen_opts_map *opt; - HMAP_FOR_EACH(opt, hmap_node, &dhcpv6_opts_to_add) { - struct sbrec_dhcpv6_options *sbrec_dhcpv6_option = - sbrec_dhcpv6_options_insert(ctx->ovnsb_txn); - sbrec_dhcpv6_options_set_name(sbrec_dhcpv6_option, opt->name); - sbrec_dhcpv6_options_set_code(sbrec_dhcpv6_option, opt->code); - sbrec_dhcpv6_options_set_type(sbrec_dhcpv6_option, opt->type); - } - - hmap_destroy(&dhcpv6_opts_to_add); -} - -static const char *rbac_chassis_auth[] = - {"name"}; -static const char *rbac_chassis_update[] = - {"nb_cfg", "external_ids", "encaps", "vtep_logical_switches", - "other_config", "transport_zones"}; - -static const char *rbac_chassis_private_auth[] = - {"name"}; -static const char *rbac_chassis_private_update[] = - {"nb_cfg", "nb_cfg_timestamp", "chassis", "external_ids"}; - -static const char *rbac_encap_auth[] = - {"chassis_name"}; -static const char *rbac_encap_update[] = - {"type", "options", "ip"}; - -static const char *rbac_controller_event_auth[] = - {""}; -static const char *rbac_controller_event_update[] = - {"chassis", "event_info", "event_type", "seq_num"}; - - -static const char *rbac_fdb_auth[] = - {""}; -static const char *rbac_fdb_update[] = - {"dp_key", "mac", "port_key"}; - -static const char *rbac_port_binding_auth[] = - {""}; -static const char *rbac_port_binding_update[] = - {"chassis", "encap", "up", "virtual_parent"}; - -static const char *rbac_mac_binding_auth[] = - {""}; -static const char *rbac_mac_binding_update[] = - {"logical_port", "ip", "mac", "datapath"}; - -static const char *rbac_svc_monitor_auth[] = - {""}; -static const char *rbac_svc_monitor_auth_update[] = - {"status"}; -static const char *rbac_igmp_group_auth[] = - {""}; -static const char *rbac_igmp_group_update[] = - {"address", "chassis", "datapath", "ports"}; - -static struct rbac_perm_cfg { - const char *table; - const char **auth; - int n_auth; - bool insdel; - const char **update; - int n_update; - const struct sbrec_rbac_permission *row; -} rbac_perm_cfg[] = { - { - .table = "Chassis", - .auth = rbac_chassis_auth, - .n_auth = ARRAY_SIZE(rbac_chassis_auth), - .insdel = true, - .update = rbac_chassis_update, - .n_update = ARRAY_SIZE(rbac_chassis_update), - .row = NULL - },{ - .table = "Chassis_Private", - .auth = rbac_chassis_private_auth, - .n_auth = ARRAY_SIZE(rbac_chassis_private_auth), - .insdel = true, - .update = rbac_chassis_private_update, - .n_update = ARRAY_SIZE(rbac_chassis_private_update), - .row = NULL - },{ - .table = "Controller_Event", - .auth = rbac_controller_event_auth, - .n_auth = ARRAY_SIZE(rbac_controller_event_auth), - .insdel = true, - .update = rbac_controller_event_update, - .n_update = ARRAY_SIZE(rbac_controller_event_update), - .row = NULL - },{ - .table = "Encap", - .auth = rbac_encap_auth, - .n_auth = ARRAY_SIZE(rbac_encap_auth), - .insdel = true, - .update = rbac_encap_update, - .n_update = ARRAY_SIZE(rbac_encap_update), - .row = NULL - },{ - .table = "FDB", - .auth = rbac_fdb_auth, - .n_auth = ARRAY_SIZE(rbac_fdb_auth), - .insdel = true, - .update = rbac_fdb_update, - .n_update = ARRAY_SIZE(rbac_fdb_update), - .row = NULL - },{ - .table = "Port_Binding", - .auth = rbac_port_binding_auth, - .n_auth = ARRAY_SIZE(rbac_port_binding_auth), - .insdel = false, - .update = rbac_port_binding_update, - .n_update = ARRAY_SIZE(rbac_port_binding_update), - .row = NULL - },{ - .table = "MAC_Binding", - .auth = rbac_mac_binding_auth, - .n_auth = ARRAY_SIZE(rbac_mac_binding_auth), - .insdel = true, - .update = rbac_mac_binding_update, - .n_update = ARRAY_SIZE(rbac_mac_binding_update), - .row = NULL - },{ - .table = "Service_Monitor", - .auth = rbac_svc_monitor_auth, - .n_auth = ARRAY_SIZE(rbac_svc_monitor_auth), - .insdel = false, - .update = rbac_svc_monitor_auth_update, - .n_update = ARRAY_SIZE(rbac_svc_monitor_auth_update), - .row = NULL - },{ - .table = "IGMP_Group", - .auth = rbac_igmp_group_auth, - .n_auth = ARRAY_SIZE(rbac_igmp_group_auth), - .insdel = true, - .update = rbac_igmp_group_update, - .n_update = ARRAY_SIZE(rbac_igmp_group_update), - .row = NULL - },{ - .table = NULL, - .auth = NULL, - .n_auth = 0, - .insdel = false, - .update = NULL, - .n_update = 0, - .row = NULL - } -}; - -static bool -ovn_rbac_validate_perm(const struct sbrec_rbac_permission *perm) -{ - struct rbac_perm_cfg *pcfg; - int i, j, n_found; - - for (pcfg = rbac_perm_cfg; pcfg->table; pcfg++) { - if (!strcmp(perm->table, pcfg->table)) { - break; - } - } - if (!pcfg->table) { - return false; - } - if (perm->n_authorization != pcfg->n_auth || - perm->n_update != pcfg->n_update) { - return false; - } - if (perm->insert_delete != pcfg->insdel) { - return false; - } - /* verify perm->authorization vs. pcfg->auth */ - n_found = 0; - for (i = 0; i < pcfg->n_auth; i++) { - for (j = 0; j < perm->n_authorization; j++) { - if (!strcmp(pcfg->auth[i], perm->authorization[j])) { - n_found++; - break; - } - } - } - if (n_found != pcfg->n_auth) { - return false; - } - - /* verify perm->update vs. pcfg->update */ - n_found = 0; - for (i = 0; i < pcfg->n_update; i++) { - for (j = 0; j < perm->n_update; j++) { - if (!strcmp(pcfg->update[i], perm->update[j])) { - n_found++; - break; - } - } - } - if (n_found != pcfg->n_update) { - return false; - } - - /* Success, db state matches expected state */ - pcfg->row = perm; - return true; -} - -static void -ovn_rbac_create_perm(struct rbac_perm_cfg *pcfg, - struct northd_context *ctx, - const struct sbrec_rbac_role *rbac_role) -{ - struct sbrec_rbac_permission *rbac_perm; - - rbac_perm = sbrec_rbac_permission_insert(ctx->ovnsb_txn); - sbrec_rbac_permission_set_table(rbac_perm, pcfg->table); - sbrec_rbac_permission_set_authorization(rbac_perm, - pcfg->auth, - pcfg->n_auth); - sbrec_rbac_permission_set_insert_delete(rbac_perm, pcfg->insdel); - sbrec_rbac_permission_set_update(rbac_perm, - pcfg->update, - pcfg->n_update); - sbrec_rbac_role_update_permissions_setkey(rbac_role, pcfg->table, - rbac_perm); -} - -static void -check_and_update_rbac(struct northd_context *ctx) -{ - const struct sbrec_rbac_role *rbac_role = NULL; - const struct sbrec_rbac_permission *perm_row, *perm_next; - const struct sbrec_rbac_role *role_row, *role_row_next; - struct rbac_perm_cfg *pcfg; - - for (pcfg = rbac_perm_cfg; pcfg->table; pcfg++) { - pcfg->row = NULL; - } - - SBREC_RBAC_PERMISSION_FOR_EACH_SAFE (perm_row, perm_next, ctx->ovnsb_idl) { - if (!ovn_rbac_validate_perm(perm_row)) { - sbrec_rbac_permission_delete(perm_row); - } - } - SBREC_RBAC_ROLE_FOR_EACH_SAFE (role_row, role_row_next, ctx->ovnsb_idl) { - if (strcmp(role_row->name, "ovn-controller")) { - sbrec_rbac_role_delete(role_row); - } else { - rbac_role = role_row; - } - } - - if (!rbac_role) { - rbac_role = sbrec_rbac_role_insert(ctx->ovnsb_txn); - sbrec_rbac_role_set_name(rbac_role, "ovn-controller"); - } - - for (pcfg = rbac_perm_cfg; pcfg->table; pcfg++) { - if (!pcfg->row) { - ovn_rbac_create_perm(pcfg, ctx, rbac_role); - } - } -} - /* Updates the sb_cfg and hv_cfg columns in the northbound NB_Global table. */ static void update_northbound_cfg(struct northd_context *ctx, @@ -14971,7 +14544,7 @@ ovnsb_db_run(struct northd_context *ctx, shash_destroy(&ha_ref_chassis_map); } -static void +void ovn_db_run(struct northd_context *ctx, struct ovsdb_idl_index *sbrec_chassis_by_name, struct ovsdb_idl_loop *ovnsb_idl_loop, @@ -14982,6 +14555,8 @@ ovn_db_run(struct northd_context *ctx, ovs_list_init(&lr_list); hmap_init(&datapaths); hmap_init(&ports); + use_parallel_build = ctx->use_parallel_build; + lflow_locks = ctx->lflow_locks; int64_t start_time = time_wall_msec(); stopwatch_start(OVNNB_DB_RUN_STOPWATCH_NAME, time_msec()); @@ -14994,653 +14569,4 @@ ovn_db_run(struct northd_context *ctx, stopwatch_stop(OVNSB_DB_RUN_STOPWATCH_NAME, time_msec()); destroy_datapaths_and_ports(&datapaths, &ports, &lr_list); } - -static void -parse_options(int argc OVS_UNUSED, char *argv[] OVS_UNUSED, - bool *paused) -{ - enum { - OVN_DAEMON_OPTION_ENUMS, - VLOG_OPTION_ENUMS, - SSL_OPTION_ENUMS, - OPT_DRY_RUN, - OPT_DUMMY_NUMA, - }; - static const struct option long_options[] = { - {"ovnsb-db", required_argument, NULL, 'd'}, - {"ovnnb-db", required_argument, NULL, 'D'}, - {"unixctl", required_argument, NULL, 'u'}, - {"help", no_argument, NULL, 'h'}, - {"options", no_argument, NULL, 'o'}, - {"version", no_argument, NULL, 'V'}, - {"dry-run", no_argument, NULL, OPT_DRY_RUN}, - {"dummy-numa", required_argument, NULL, OPT_DUMMY_NUMA}, - OVN_DAEMON_LONG_OPTIONS, - VLOG_LONG_OPTIONS, - STREAM_SSL_LONG_OPTIONS, - {NULL, 0, NULL, 0}, - }; - char *short_options = ovs_cmdl_long_options_to_short_options(long_options); - - for (;;) { - int c; - - c = getopt_long(argc, argv, short_options, long_options, NULL); - if (c == -1) { - break; - } - - switch (c) { - OVN_DAEMON_OPTION_HANDLERS; - VLOG_OPTION_HANDLERS; - - case 'p': - ssl_private_key_file = optarg; - break; - - case 'c': - ssl_certificate_file = optarg; - break; - - case 'C': - ssl_ca_cert_file = optarg; - break; - - case 'd': - ovnsb_db = optarg; - break; - - case 'D': - ovnnb_db = optarg; - break; - - case 'u': - unixctl_path = optarg; - break; - - case 'h': - usage(); - exit(EXIT_SUCCESS); - - case 'o': - ovs_cmdl_print_options(long_options); - exit(EXIT_SUCCESS); - - case 'V': - ovn_print_version(0, 0); - exit(EXIT_SUCCESS); - - case OPT_DUMMY_NUMA: - ovs_numa_set_dummy(optarg); - break; - - case OPT_DRY_RUN: - *paused = true; - break; - - default: - break; - } - } - - if (!ovnsb_db || !ovnsb_db[0]) { - ovnsb_db = default_sb_db(); - } - - if (!ovnnb_db || !ovnnb_db[0]) { - ovnnb_db = default_nb_db(); - } - - free(short_options); -} - -static void -add_column_noalert(struct ovsdb_idl *idl, - const struct ovsdb_idl_column *column) -{ - ovsdb_idl_add_column(idl, column); - ovsdb_idl_omit_alert(idl, column); -} - -static void -update_ssl_config(void) -{ - if (ssl_private_key_file && ssl_certificate_file) { - stream_ssl_set_key_and_cert(ssl_private_key_file, - ssl_certificate_file); - } - if (ssl_ca_cert_file) { - stream_ssl_set_ca_cert_file(ssl_ca_cert_file, false); - } -} - -int -main(int argc, char *argv[]) -{ - int res = EXIT_SUCCESS; - struct unixctl_server *unixctl; - int retval; - bool exiting; - struct northd_state state = { - .had_lock = false, - .paused = false - }; - - fatal_ignore_sigpipe(); - ovs_cmdl_proctitle_init(argc, argv); - ovn_set_program_name(argv[0]); - service_start(&argc, &argv); - parse_options(argc, argv, &state.paused); - - daemonize_start(false); - - char *abs_unixctl_path = get_abs_unix_ctl_path(unixctl_path); - retval = unixctl_server_create(abs_unixctl_path, &unixctl); - free(abs_unixctl_path); - - if (retval) { - exit(EXIT_FAILURE); - } - unixctl_command_register("exit", "", 0, 0, ovn_northd_exit, &exiting); - unixctl_command_register("pause", "", 0, 0, ovn_northd_pause, &state); - unixctl_command_register("resume", "", 0, 0, ovn_northd_resume, &state); - unixctl_command_register("is-paused", "", 0, 0, ovn_northd_is_paused, - &state); - unixctl_command_register("status", "", 0, 0, ovn_northd_status, &state); - - bool reset_ovnsb_idl_min_index = false; - unixctl_command_register("sb-cluster-state-reset", "", 0, 0, - cluster_state_reset_cmd, - &reset_ovnsb_idl_min_index); - - bool reset_ovnnb_idl_min_index = false; - unixctl_command_register("nb-cluster-state-reset", "", 0, 0, - cluster_state_reset_cmd, - &reset_ovnnb_idl_min_index); - - daemonize_complete(); - - init_hash_row_locks(&lflow_locks); - use_parallel_build = can_parallelize_hashes(false); - - /* We want to detect (almost) all changes to the ovn-nb db. */ - struct ovsdb_idl_loop ovnnb_idl_loop = OVSDB_IDL_LOOP_INITIALIZER( - ovsdb_idl_create(ovnnb_db, &nbrec_idl_class, true, true)); - ovsdb_idl_omit_alert(ovnnb_idl_loop.idl, - &nbrec_nb_global_col_nb_cfg_timestamp); - ovsdb_idl_omit_alert(ovnnb_idl_loop.idl, &nbrec_nb_global_col_sb_cfg); - ovsdb_idl_omit_alert(ovnnb_idl_loop.idl, - &nbrec_nb_global_col_sb_cfg_timestamp); - ovsdb_idl_omit_alert(ovnnb_idl_loop.idl, &nbrec_nb_global_col_hv_cfg); - ovsdb_idl_omit_alert(ovnnb_idl_loop.idl, - &nbrec_nb_global_col_hv_cfg_timestamp); - - unixctl_command_register("nb-connection-status", "", 0, 0, - ovn_conn_show, ovnnb_idl_loop.idl); - - /* We want to detect only selected changes to the ovn-sb db. */ - struct ovsdb_idl_loop ovnsb_idl_loop = OVSDB_IDL_LOOP_INITIALIZER( - ovsdb_idl_create(ovnsb_db, &sbrec_idl_class, false, true)); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_sb_global); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_sb_global_col_nb_cfg); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_sb_global_col_options); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_sb_global_col_ipsec); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_logical_flow); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_logical_flow_col_logical_datapath); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_logical_flow_col_logical_dp_group); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_logical_flow_col_pipeline); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_logical_flow_col_table_id); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_logical_flow_col_priority); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_logical_flow_col_match); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_logical_flow_col_actions); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_logical_flow_col_controller_meter); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_logical_flow_col_external_ids); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, - &sbrec_table_logical_dp_group); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_logical_dp_group_col_datapaths); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_multicast_group); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_multicast_group_col_datapath); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_multicast_group_col_tunnel_key); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_multicast_group_col_name); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_multicast_group_col_ports); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_datapath_binding); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_datapath_binding_col_tunnel_key); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_datapath_binding_col_load_balancers); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_datapath_binding_col_external_ids); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_port_binding); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_binding_col_datapath); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_port_binding_col_logical_port); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_port_binding_col_tunnel_key); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_port_binding_col_parent_port); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_binding_col_tag); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_binding_col_type); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_binding_col_options); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_binding_col_mac); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_port_binding_col_nat_addresses); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_port_binding_col_chassis); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_port_binding_col_gateway_chassis); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_port_binding_col_ha_chassis_group); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_port_binding_col_virtual_parent); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_port_binding_col_up); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_gateway_chassis_col_chassis); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_gateway_chassis_col_name); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_gateway_chassis_col_priority); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_gateway_chassis_col_external_ids); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_gateway_chassis_col_options); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_port_binding_col_external_ids); - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_mac_binding); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_mac_binding_col_datapath); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_mac_binding_col_ip); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_mac_binding_col_mac); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_mac_binding_col_logical_port); - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_dhcp_options); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcp_options_col_code); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcp_options_col_type); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcp_options_col_name); - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_dhcpv6_options); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcpv6_options_col_code); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcpv6_options_col_type); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcpv6_options_col_name); - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_address_set); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_address_set_col_name); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_address_set_col_addresses); - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_port_group); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_group_col_name); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_group_col_ports); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_dns); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dns_col_datapaths); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dns_col_records); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dns_col_external_ids); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_rbac_role); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_rbac_role_col_name); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_rbac_role_col_permissions); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_rbac_permission); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_rbac_permission_col_table); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_rbac_permission_col_authorization); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_rbac_permission_col_insert_delete); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_rbac_permission_col_update); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_meter); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_col_name); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_col_unit); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_col_bands); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_meter_band); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_band_col_action); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_band_col_rate); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_band_col_burst_size); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_chassis); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_chassis_col_name); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_chassis_col_other_config); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_chassis_col_encaps); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_encap); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_encap_col_type); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_chassis_private); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_chassis_private_col_name); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_chassis_private_col_chassis); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_chassis_private_col_nb_cfg); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_chassis_private_col_nb_cfg_timestamp); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_ha_chassis); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ha_chassis_col_chassis); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ha_chassis_col_priority); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ha_chassis_col_external_ids); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_ha_chassis_group); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ha_chassis_group_col_name); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ha_chassis_group_col_ha_chassis); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ha_chassis_group_col_external_ids); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ha_chassis_group_col_ref_chassis); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_igmp_group); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_igmp_group_col_address); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_igmp_group_col_datapath); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_igmp_group_col_chassis); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_igmp_group_col_ports); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_ip_multicast); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ip_multicast_col_datapath); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ip_multicast_col_enabled); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ip_multicast_col_querier); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ip_multicast_col_eth_src); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ip_multicast_col_ip4_src); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ip_multicast_col_ip6_src); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ip_multicast_col_table_size); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ip_multicast_col_idle_timeout); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ip_multicast_col_query_interval); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_ip_multicast_col_query_max_resp); - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_service_monitor); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_service_monitor_col_ip); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_service_monitor_col_logical_port); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_service_monitor_col_port); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_service_monitor_col_options); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, - &sbrec_service_monitor_col_status); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_service_monitor_col_protocol); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_service_monitor_col_src_mac); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_service_monitor_col_src_ip); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_service_monitor_col_external_ids); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_load_balancer); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_load_balancer_col_datapaths); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_load_balancer_col_name); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_load_balancer_col_vips); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_load_balancer_col_protocol); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_load_balancer_col_options); - add_column_noalert(ovnsb_idl_loop.idl, - &sbrec_load_balancer_col_external_ids); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_bfd); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_logical_port); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_dst_ip); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_status); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_min_tx); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_min_rx); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_detect_mult); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_disc); - ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_src_port); - - ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_fdb); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_fdb_col_mac); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_fdb_col_dp_key); - add_column_noalert(ovnsb_idl_loop.idl, &sbrec_fdb_col_port_key); - - struct ovsdb_idl_index *sbrec_chassis_by_name - = chassis_index_create(ovnsb_idl_loop.idl); - - struct ovsdb_idl_index *sbrec_ha_chassis_grp_by_name - = ha_chassis_group_index_create(ovnsb_idl_loop.idl); - - struct ovsdb_idl_index *sbrec_mcast_group_by_name_dp - = mcast_group_index_create(ovnsb_idl_loop.idl); - - struct ovsdb_idl_index *sbrec_ip_mcast_by_dp - = ip_mcast_index_create(ovnsb_idl_loop.idl); - - unixctl_command_register("sb-connection-status", "", 0, 0, - ovn_conn_show, ovnsb_idl_loop.idl); - - char *ovn_internal_version = ovn_get_internal_version(); - VLOG_INFO("OVN internal version is : [%s]", ovn_internal_version); - - stopwatch_create(NORTHD_LOOP_STOPWATCH_NAME, SW_MS); - stopwatch_create(OVNNB_DB_RUN_STOPWATCH_NAME, SW_MS); - stopwatch_create(OVNSB_DB_RUN_STOPWATCH_NAME, SW_MS); - stopwatch_create(BUILD_LFLOWS_CTX_STOPWATCH_NAME, SW_MS); - stopwatch_create(CLEAR_LFLOWS_CTX_STOPWATCH_NAME, SW_MS); - stopwatch_create(BUILD_LFLOWS_STOPWATCH_NAME, SW_MS); - stopwatch_create(LFLOWS_DATAPATHS_STOPWATCH_NAME, SW_MS); - stopwatch_create(LFLOWS_PORTS_STOPWATCH_NAME, SW_MS); - stopwatch_create(LFLOWS_LBS_STOPWATCH_NAME, SW_MS); - stopwatch_create(LFLOWS_IGMP_STOPWATCH_NAME, SW_MS); - stopwatch_create(LFLOWS_DP_GROUPS_STOPWATCH_NAME, SW_MS); - - /* Main loop. */ - exiting = false; - - while (!exiting) { - update_ssl_config(); - memory_run(); - if (memory_should_report()) { - struct simap usage = SIMAP_INITIALIZER(&usage); - - /* Nothing special to report yet. */ - memory_report(&usage); - simap_destroy(&usage); - } - - if (!state.paused) { - if (!ovsdb_idl_has_lock(ovnsb_idl_loop.idl) && - !ovsdb_idl_is_lock_contended(ovnsb_idl_loop.idl)) - { - /* Ensure that only a single ovn-northd is active in the - * deployment by acquiring a lock called "ovn_northd" on the - * southbound database and then only performing DB transactions - * if the lock is held. - */ - ovsdb_idl_set_lock(ovnsb_idl_loop.idl, "ovn_northd"); - } - - struct northd_context ctx = { - .ovnnb_idl = ovnnb_idl_loop.idl, - .ovnnb_txn = ovsdb_idl_loop_run(&ovnnb_idl_loop), - .ovnsb_idl = ovnsb_idl_loop.idl, - .ovnsb_txn = ovsdb_idl_loop_run(&ovnsb_idl_loop), - .sbrec_chassis_by_name = sbrec_chassis_by_name, - .sbrec_ha_chassis_grp_by_name = sbrec_ha_chassis_grp_by_name, - .sbrec_mcast_group_by_name_dp = sbrec_mcast_group_by_name_dp, - .sbrec_ip_mcast_by_dp = sbrec_ip_mcast_by_dp, - }; - - if (!state.had_lock && ovsdb_idl_has_lock(ovnsb_idl_loop.idl)) { - VLOG_INFO("ovn-northd lock acquired. " - "This ovn-northd instance is now active."); - state.had_lock = true; - } else if (state.had_lock && - !ovsdb_idl_has_lock(ovnsb_idl_loop.idl)) - { - VLOG_INFO("ovn-northd lock lost. " - "This ovn-northd instance is now on standby."); - state.had_lock = false; - } - - if (ovsdb_idl_has_lock(ovnsb_idl_loop.idl)) { - ovn_db_run(&ctx, sbrec_chassis_by_name, &ovnsb_idl_loop, - ovn_internal_version); - if (ctx.ovnsb_txn) { - check_and_add_supported_dhcp_opts_to_sb_db(&ctx); - check_and_add_supported_dhcpv6_opts_to_sb_db(&ctx); - check_and_update_rbac(&ctx); - } - } - - ovsdb_idl_loop_commit_and_wait(&ovnnb_idl_loop); - ovsdb_idl_loop_commit_and_wait(&ovnsb_idl_loop); - } else { - /* ovn-northd is paused - * - we still want to handle any db updates and update the - * local IDL. Otherwise, when it is resumed, the local IDL - * copy will be out of sync. - * - but we don't want to create any txns. - * */ - if (ovsdb_idl_has_lock(ovnsb_idl_loop.idl) || - ovsdb_idl_is_lock_contended(ovnsb_idl_loop.idl)) - { - /* make sure we don't hold the lock while paused */ - VLOG_INFO("This ovn-northd instance is now paused."); - ovsdb_idl_set_lock(ovnsb_idl_loop.idl, NULL); - state.had_lock = false; - } - - ovsdb_idl_run(ovnnb_idl_loop.idl); - ovsdb_idl_run(ovnsb_idl_loop.idl); - ovsdb_idl_wait(ovnnb_idl_loop.idl); - ovsdb_idl_wait(ovnsb_idl_loop.idl); - } - - unixctl_server_run(unixctl); - unixctl_server_wait(unixctl); - memory_wait(); - if (exiting) { - poll_immediate_wake(); - } - - - ovsdb_idl_set_probe_interval(ovnnb_idl_loop.idl, - northd_probe_interval_nb); - ovsdb_idl_set_probe_interval(ovnsb_idl_loop.idl, - northd_probe_interval_sb); - - if (reset_ovnsb_idl_min_index) { - VLOG_INFO("Resetting southbound database cluster state"); - ovsdb_idl_reset_min_index(ovnsb_idl_loop.idl); - reset_ovnsb_idl_min_index = false; - } - - if (reset_ovnnb_idl_min_index) { - VLOG_INFO("Resetting northbound database cluster state"); - ovsdb_idl_reset_min_index(ovnnb_idl_loop.idl); - reset_ovnnb_idl_min_index = false; - } - - stopwatch_stop(NORTHD_LOOP_STOPWATCH_NAME, time_msec()); - poll_block(); - if (should_service_stop()) { - exiting = true; - } - stopwatch_start(NORTHD_LOOP_STOPWATCH_NAME, time_msec()); - } - - - free(ovn_internal_version); - unixctl_server_destroy(unixctl); - ovsdb_idl_loop_destroy(&ovnnb_idl_loop); - ovsdb_idl_loop_destroy(&ovnsb_idl_loop); - service_stop(); - - exit(res); -} - -static void -ovn_northd_exit(struct unixctl_conn *conn, int argc OVS_UNUSED, - const char *argv[] OVS_UNUSED, void *exiting_) -{ - bool *exiting = exiting_; - *exiting = true; - - unixctl_command_reply(conn, NULL); -} - -static void -ovn_northd_pause(struct unixctl_conn *conn, int argc OVS_UNUSED, - const char *argv[] OVS_UNUSED, void *state_) -{ - struct northd_state *state = state_; - state->paused = true; - - unixctl_command_reply(conn, NULL); -} - -static void -ovn_northd_resume(struct unixctl_conn *conn, int argc OVS_UNUSED, - const char *argv[] OVS_UNUSED, void *state_) -{ - struct northd_state *state = state_; - state->paused = false; - - unixctl_command_reply(conn, NULL); -} - -static void -ovn_northd_is_paused(struct unixctl_conn *conn, int argc OVS_UNUSED, - const char *argv[] OVS_UNUSED, void *state_) -{ - struct northd_state *state = state_; - if (state->paused) { - unixctl_command_reply(conn, "true"); - } else { - unixctl_command_reply(conn, "false"); - } -} - -static void -ovn_northd_status(struct unixctl_conn *conn, int argc OVS_UNUSED, - const char *argv[] OVS_UNUSED, void *state_) -{ - struct northd_state *state = state_; - char *status; - - if (state->paused) { - status = "paused"; - } else { - status = state->had_lock ? "active" : "standby"; - } - - /* - * Use a labelled formatted output so we can add more to the status command - * later without breaking any consuming scripts - */ - struct ds s = DS_EMPTY_INITIALIZER; - ds_put_format(&s, "Status: %s\n", status); - unixctl_command_reply(conn, ds_cstr(&s)); - ds_destroy(&s); -} - -static void -cluster_state_reset_cmd(struct unixctl_conn *conn, int argc OVS_UNUSED, - const char *argv[] OVS_UNUSED, void *idl_reset_) -{ - bool *idl_reset = idl_reset_; - - *idl_reset = true; - poll_immediate_wake(); - unixctl_command_reply(conn, NULL); -} + diff --git a/northd/northd.h b/northd/northd.h new file mode 100644 index 000000000000..3209d4224803 --- /dev/null +++ b/northd/northd.h @@ -0,0 +1,42 @@ +/* + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef NORTHD_H +#define NORTHD_H 1 + +#include "ovsdb-idl.h" +#include "lib/ovn-parallel-hmap.h" + +struct northd_context { + const char *ovnnb_db; + const char *ovnsb_db; + struct ovsdb_idl *ovnnb_idl; + struct ovsdb_idl *ovnsb_idl; + struct ovsdb_idl_txn *ovnnb_txn; + struct ovsdb_idl_txn *ovnsb_txn; + struct ovsdb_idl_index *sbrec_chassis_by_name; + struct ovsdb_idl_index *sbrec_ha_chassis_grp_by_name; + struct ovsdb_idl_index *sbrec_mcast_group_by_name_dp; + struct ovsdb_idl_index *sbrec_ip_mcast_by_dp; + + bool use_parallel_build; + struct hashrow_locks *lflow_locks; +}; + +void +ovn_db_run(struct northd_context *ctx, + struct ovsdb_idl_index *sbrec_chassis_by_name, + struct ovsdb_idl_loop *ovnsb_idl_loop, + const char *ovn_internal_version); + +#endif /* NORTHD_H */ diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c new file mode 100644 index 000000000000..ecee14e644af --- /dev/null +++ b/northd/ovn-northd.c @@ -0,0 +1,1100 @@ +/* + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include +#include +#include + +#include "lib/chassis-index.h" +#include "command-line.h" +#include "daemon.h" +#include "fatal-signal.h" +#include "lib/ip-mcast-index.h" +#include "lib/mcast-group-index.h" +#include "memory.h" +#include "northd.h" +#include "ovs-numa.h" +#include "ovsdb-idl.h" +#include "lib/ovn-l7.h" +#include "lib/ovn-nb-idl.h" +#include "lib/ovn-parallel-hmap.h" +#include "lib/ovn-sb-idl.h" +#include "openvswitch/poll-loop.h" +#include "simap.h" +#include "stopwatch.h" +#include "lib/stopwatch-names.h" +#include "stream.h" +#include "stream-ssl.h" +#include "unixctl.h" +#include "util.h" +#include "openvswitch/vlog.h" + +VLOG_DEFINE_THIS_MODULE(ovn_northd); + +static unixctl_cb_func ovn_northd_exit; +static unixctl_cb_func ovn_northd_pause; +static unixctl_cb_func ovn_northd_resume; +static unixctl_cb_func ovn_northd_is_paused; +static unixctl_cb_func ovn_northd_status; +static unixctl_cb_func cluster_state_reset_cmd; + +struct northd_state { + bool had_lock; + bool paused; +}; + +static const char *ovnnb_db; +static const char *ovnsb_db; +static const char *unixctl_path; + +/* SSL options */ +static const char *ssl_private_key_file; +static const char *ssl_certificate_file; +static const char *ssl_ca_cert_file; + +static bool use_parallel_build = true; +static struct hashrow_locks lflow_locks; + +static const char *rbac_chassis_auth[] = + {"name"}; +static const char *rbac_chassis_update[] = + {"nb_cfg", "external_ids", "encaps", "vtep_logical_switches", + "other_config", "transport_zones"}; + +static const char *rbac_chassis_private_auth[] = + {"name"}; +static const char *rbac_chassis_private_update[] = + {"nb_cfg", "nb_cfg_timestamp", "chassis", "external_ids"}; + +static const char *rbac_encap_auth[] = + {"chassis_name"}; +static const char *rbac_encap_update[] = + {"type", "options", "ip"}; + +static const char *rbac_controller_event_auth[] = + {""}; +static const char *rbac_controller_event_update[] = + {"chassis", "event_info", "event_type", "seq_num"}; + + +static const char *rbac_fdb_auth[] = + {""}; +static const char *rbac_fdb_update[] = + {"dp_key", "mac", "port_key"}; + +static const char *rbac_port_binding_auth[] = + {""}; +static const char *rbac_port_binding_update[] = + {"chassis", "encap", "up", "virtual_parent"}; + +static const char *rbac_mac_binding_auth[] = + {""}; +static const char *rbac_mac_binding_update[] = + {"logical_port", "ip", "mac", "datapath"}; + +static const char *rbac_svc_monitor_auth[] = + {""}; +static const char *rbac_svc_monitor_auth_update[] = + {"status"}; +static const char *rbac_igmp_group_auth[] = + {""}; +static const char *rbac_igmp_group_update[] = + {"address", "chassis", "datapath", "ports"}; + +static struct rbac_perm_cfg { + const char *table; + const char **auth; + int n_auth; + bool insdel; + const char **update; + int n_update; + const struct sbrec_rbac_permission *row; +} rbac_perm_cfg[] = { + { + .table = "Chassis", + .auth = rbac_chassis_auth, + .n_auth = ARRAY_SIZE(rbac_chassis_auth), + .insdel = true, + .update = rbac_chassis_update, + .n_update = ARRAY_SIZE(rbac_chassis_update), + .row = NULL + },{ + .table = "Chassis_Private", + .auth = rbac_chassis_private_auth, + .n_auth = ARRAY_SIZE(rbac_chassis_private_auth), + .insdel = true, + .update = rbac_chassis_private_update, + .n_update = ARRAY_SIZE(rbac_chassis_private_update), + .row = NULL + },{ + .table = "Controller_Event", + .auth = rbac_controller_event_auth, + .n_auth = ARRAY_SIZE(rbac_controller_event_auth), + .insdel = true, + .update = rbac_controller_event_update, + .n_update = ARRAY_SIZE(rbac_controller_event_update), + .row = NULL + },{ + .table = "Encap", + .auth = rbac_encap_auth, + .n_auth = ARRAY_SIZE(rbac_encap_auth), + .insdel = true, + .update = rbac_encap_update, + .n_update = ARRAY_SIZE(rbac_encap_update), + .row = NULL + },{ + .table = "FDB", + .auth = rbac_fdb_auth, + .n_auth = ARRAY_SIZE(rbac_fdb_auth), + .insdel = true, + .update = rbac_fdb_update, + .n_update = ARRAY_SIZE(rbac_fdb_update), + .row = NULL + },{ + .table = "Port_Binding", + .auth = rbac_port_binding_auth, + .n_auth = ARRAY_SIZE(rbac_port_binding_auth), + .insdel = false, + .update = rbac_port_binding_update, + .n_update = ARRAY_SIZE(rbac_port_binding_update), + .row = NULL + },{ + .table = "MAC_Binding", + .auth = rbac_mac_binding_auth, + .n_auth = ARRAY_SIZE(rbac_mac_binding_auth), + .insdel = true, + .update = rbac_mac_binding_update, + .n_update = ARRAY_SIZE(rbac_mac_binding_update), + .row = NULL + },{ + .table = "Service_Monitor", + .auth = rbac_svc_monitor_auth, + .n_auth = ARRAY_SIZE(rbac_svc_monitor_auth), + .insdel = false, + .update = rbac_svc_monitor_auth_update, + .n_update = ARRAY_SIZE(rbac_svc_monitor_auth_update), + .row = NULL + },{ + .table = "IGMP_Group", + .auth = rbac_igmp_group_auth, + .n_auth = ARRAY_SIZE(rbac_igmp_group_auth), + .insdel = true, + .update = rbac_igmp_group_update, + .n_update = ARRAY_SIZE(rbac_igmp_group_update), + .row = NULL + },{ + .table = NULL, + .auth = NULL, + .n_auth = 0, + .insdel = false, + .update = NULL, + .n_update = 0, + .row = NULL + } +}; + +static struct gen_opts_map supported_dhcp_opts[] = { + OFFERIP, + DHCP_OPT_NETMASK, + DHCP_OPT_ROUTER, + DHCP_OPT_DNS_SERVER, + DHCP_OPT_LOG_SERVER, + DHCP_OPT_LPR_SERVER, + DHCP_OPT_SWAP_SERVER, + DHCP_OPT_POLICY_FILTER, + DHCP_OPT_ROUTER_SOLICITATION, + DHCP_OPT_NIS_SERVER, + DHCP_OPT_NTP_SERVER, + DHCP_OPT_SERVER_ID, + DHCP_OPT_TFTP_SERVER, + DHCP_OPT_CLASSLESS_STATIC_ROUTE, + DHCP_OPT_MS_CLASSLESS_STATIC_ROUTE, + DHCP_OPT_IP_FORWARD_ENABLE, + DHCP_OPT_ROUTER_DISCOVERY, + DHCP_OPT_ETHERNET_ENCAP, + DHCP_OPT_DEFAULT_TTL, + DHCP_OPT_TCP_TTL, + DHCP_OPT_MTU, + DHCP_OPT_LEASE_TIME, + DHCP_OPT_T1, + DHCP_OPT_T2, + DHCP_OPT_WPAD, + DHCP_OPT_BOOTFILE, + DHCP_OPT_PATH_PREFIX, + DHCP_OPT_TFTP_SERVER_ADDRESS, + DHCP_OPT_HOSTNAME, + DHCP_OPT_DOMAIN_NAME, + DHCP_OPT_ARP_CACHE_TIMEOUT, + DHCP_OPT_TCP_KEEPALIVE_INTERVAL, + DHCP_OPT_DOMAIN_SEARCH_LIST, + DHCP_OPT_BOOTFILE_ALT, + DHCP_OPT_BROADCAST_ADDRESS, + DHCP_OPT_NETBIOS_NAME_SERVER, + DHCP_OPT_NETBIOS_NODE_TYPE, +}; + +static struct gen_opts_map supported_dhcpv6_opts[] = { + DHCPV6_OPT_IA_ADDR, + DHCPV6_OPT_SERVER_ID, + DHCPV6_OPT_DOMAIN_SEARCH, + DHCPV6_OPT_DNS_SERVER +}; + +static bool +ovn_rbac_validate_perm(const struct sbrec_rbac_permission *perm) +{ + struct rbac_perm_cfg *pcfg; + int i, j, n_found; + + for (pcfg = rbac_perm_cfg; pcfg->table; pcfg++) { + if (!strcmp(perm->table, pcfg->table)) { + break; + } + } + if (!pcfg->table) { + return false; + } + if (perm->n_authorization != pcfg->n_auth || + perm->n_update != pcfg->n_update) { + return false; + } + if (perm->insert_delete != pcfg->insdel) { + return false; + } + /* verify perm->authorization vs. pcfg->auth */ + n_found = 0; + for (i = 0; i < pcfg->n_auth; i++) { + for (j = 0; j < perm->n_authorization; j++) { + if (!strcmp(pcfg->auth[i], perm->authorization[j])) { + n_found++; + break; + } + } + } + if (n_found != pcfg->n_auth) { + return false; + } + + /* verify perm->update vs. pcfg->update */ + n_found = 0; + for (i = 0; i < pcfg->n_update; i++) { + for (j = 0; j < perm->n_update; j++) { + if (!strcmp(pcfg->update[i], perm->update[j])) { + n_found++; + break; + } + } + } + if (n_found != pcfg->n_update) { + return false; + } + + /* Success, db state matches expected state */ + pcfg->row = perm; + return true; +} + +static void +ovn_rbac_create_perm(struct rbac_perm_cfg *pcfg, + struct northd_context *ctx, + const struct sbrec_rbac_role *rbac_role) +{ + struct sbrec_rbac_permission *rbac_perm; + + rbac_perm = sbrec_rbac_permission_insert(ctx->ovnsb_txn); + sbrec_rbac_permission_set_table(rbac_perm, pcfg->table); + sbrec_rbac_permission_set_authorization(rbac_perm, + pcfg->auth, + pcfg->n_auth); + sbrec_rbac_permission_set_insert_delete(rbac_perm, pcfg->insdel); + sbrec_rbac_permission_set_update(rbac_perm, + pcfg->update, + pcfg->n_update); + sbrec_rbac_role_update_permissions_setkey(rbac_role, pcfg->table, + rbac_perm); +} + +static void +check_and_update_rbac(struct northd_context *ctx) +{ + const struct sbrec_rbac_role *rbac_role = NULL; + const struct sbrec_rbac_permission *perm_row, *perm_next; + const struct sbrec_rbac_role *role_row, *role_row_next; + struct rbac_perm_cfg *pcfg; + + for (pcfg = rbac_perm_cfg; pcfg->table; pcfg++) { + pcfg->row = NULL; + } + + SBREC_RBAC_PERMISSION_FOR_EACH_SAFE (perm_row, perm_next, ctx->ovnsb_idl) { + if (!ovn_rbac_validate_perm(perm_row)) { + sbrec_rbac_permission_delete(perm_row); + } + } + SBREC_RBAC_ROLE_FOR_EACH_SAFE (role_row, role_row_next, ctx->ovnsb_idl) { + if (strcmp(role_row->name, "ovn-controller")) { + sbrec_rbac_role_delete(role_row); + } else { + rbac_role = role_row; + } + } + + if (!rbac_role) { + rbac_role = sbrec_rbac_role_insert(ctx->ovnsb_txn); + sbrec_rbac_role_set_name(rbac_role, "ovn-controller"); + } + + for (pcfg = rbac_perm_cfg; pcfg->table; pcfg++) { + if (!pcfg->row) { + ovn_rbac_create_perm(pcfg, ctx, rbac_role); + } + } +} + +static void +check_and_add_supported_dhcp_opts_to_sb_db(struct northd_context *ctx) +{ + struct hmap dhcp_opts_to_add = HMAP_INITIALIZER(&dhcp_opts_to_add); + for (size_t i = 0; (i < sizeof(supported_dhcp_opts) / + sizeof(supported_dhcp_opts[0])); i++) { + hmap_insert(&dhcp_opts_to_add, &supported_dhcp_opts[i].hmap_node, + dhcp_opt_hash(supported_dhcp_opts[i].name)); + } + + const struct sbrec_dhcp_options *opt_row, *opt_row_next; + SBREC_DHCP_OPTIONS_FOR_EACH_SAFE(opt_row, opt_row_next, ctx->ovnsb_idl) { + struct gen_opts_map *dhcp_opt = + dhcp_opts_find(&dhcp_opts_to_add, opt_row->name); + if (dhcp_opt) { + if (!strcmp(dhcp_opt->type, opt_row->type) && + dhcp_opt->code == opt_row->code) { + hmap_remove(&dhcp_opts_to_add, &dhcp_opt->hmap_node); + } else { + sbrec_dhcp_options_delete(opt_row); + } + } else { + sbrec_dhcp_options_delete(opt_row); + } + } + + struct gen_opts_map *opt; + HMAP_FOR_EACH (opt, hmap_node, &dhcp_opts_to_add) { + struct sbrec_dhcp_options *sbrec_dhcp_option = + sbrec_dhcp_options_insert(ctx->ovnsb_txn); + sbrec_dhcp_options_set_name(sbrec_dhcp_option, opt->name); + sbrec_dhcp_options_set_code(sbrec_dhcp_option, opt->code); + sbrec_dhcp_options_set_type(sbrec_dhcp_option, opt->type); + } + + hmap_destroy(&dhcp_opts_to_add); +} + +static void +check_and_add_supported_dhcpv6_opts_to_sb_db(struct northd_context *ctx) +{ + struct hmap dhcpv6_opts_to_add = HMAP_INITIALIZER(&dhcpv6_opts_to_add); + for (size_t i = 0; (i < sizeof(supported_dhcpv6_opts) / + sizeof(supported_dhcpv6_opts[0])); i++) { + hmap_insert(&dhcpv6_opts_to_add, &supported_dhcpv6_opts[i].hmap_node, + dhcp_opt_hash(supported_dhcpv6_opts[i].name)); + } + + const struct sbrec_dhcpv6_options *opt_row, *opt_row_next; + SBREC_DHCPV6_OPTIONS_FOR_EACH_SAFE(opt_row, opt_row_next, ctx->ovnsb_idl) { + struct gen_opts_map *dhcp_opt = + dhcp_opts_find(&dhcpv6_opts_to_add, opt_row->name); + if (dhcp_opt) { + hmap_remove(&dhcpv6_opts_to_add, &dhcp_opt->hmap_node); + } else { + sbrec_dhcpv6_options_delete(opt_row); + } + } + + struct gen_opts_map *opt; + HMAP_FOR_EACH(opt, hmap_node, &dhcpv6_opts_to_add) { + struct sbrec_dhcpv6_options *sbrec_dhcpv6_option = + sbrec_dhcpv6_options_insert(ctx->ovnsb_txn); + sbrec_dhcpv6_options_set_name(sbrec_dhcpv6_option, opt->name); + sbrec_dhcpv6_options_set_code(sbrec_dhcpv6_option, opt->code); + sbrec_dhcpv6_options_set_type(sbrec_dhcpv6_option, opt->type); + } + + hmap_destroy(&dhcpv6_opts_to_add); +} + +static void +usage(void) +{ + printf("\ +%s: OVN northbound management daemon\n\ +usage: %s [OPTIONS]\n\ +\n\ +Options:\n\ + --ovnnb-db=DATABASE connect to ovn-nb database at DATABASE\n\ + (default: %s)\n\ + --ovnsb-db=DATABASE connect to ovn-sb database at DATABASE\n\ + (default: %s)\n\ + --dry-run start in paused state (do not commit db changes)\n\ + --unixctl=SOCKET override default control socket name\n\ + -h, --help display this help message\n\ + -o, --options list available options\n\ + -V, --version display version information\n\ +", program_name, program_name, default_nb_db(), default_sb_db()); + daemon_usage(); + vlog_usage(); + stream_usage("database", true, true, false); +} + +static void +parse_options(int argc OVS_UNUSED, char *argv[] OVS_UNUSED, + bool *paused) +{ + enum { + OVN_DAEMON_OPTION_ENUMS, + VLOG_OPTION_ENUMS, + SSL_OPTION_ENUMS, + OPT_DRY_RUN, + OPT_DUMMY_NUMA, + }; + static const struct option long_options[] = { + {"ovnsb-db", required_argument, NULL, 'd'}, + {"ovnnb-db", required_argument, NULL, 'D'}, + {"unixctl", required_argument, NULL, 'u'}, + {"help", no_argument, NULL, 'h'}, + {"options", no_argument, NULL, 'o'}, + {"version", no_argument, NULL, 'V'}, + {"dry-run", no_argument, NULL, OPT_DRY_RUN}, + {"dummy-numa", required_argument, NULL, OPT_DUMMY_NUMA}, + OVN_DAEMON_LONG_OPTIONS, + VLOG_LONG_OPTIONS, + STREAM_SSL_LONG_OPTIONS, + {NULL, 0, NULL, 0}, + }; + char *short_options = ovs_cmdl_long_options_to_short_options(long_options); + + for (;;) { + int c; + + c = getopt_long(argc, argv, short_options, long_options, NULL); + if (c == -1) { + break; + } + + switch (c) { + OVN_DAEMON_OPTION_HANDLERS; + VLOG_OPTION_HANDLERS; + + case 'p': + ssl_private_key_file = optarg; + break; + + case 'c': + ssl_certificate_file = optarg; + break; + + case 'C': + ssl_ca_cert_file = optarg; + break; + + case 'd': + ovnsb_db = optarg; + break; + + case 'D': + ovnnb_db = optarg; + break; + + case 'u': + unixctl_path = optarg; + break; + + case 'h': + usage(); + exit(EXIT_SUCCESS); + + case 'o': + ovs_cmdl_print_options(long_options); + exit(EXIT_SUCCESS); + + case 'V': + ovn_print_version(0, 0); + exit(EXIT_SUCCESS); + + case OPT_DUMMY_NUMA: + ovs_numa_set_dummy(optarg); + break; + + case OPT_DRY_RUN: + *paused = true; + break; + + default: + break; + } + } + + if (!ovnsb_db || !ovnsb_db[0]) { + ovnsb_db = default_sb_db(); + } + + if (!ovnnb_db || !ovnnb_db[0]) { + ovnnb_db = default_nb_db(); + } + + free(short_options); +} + +static void +add_column_noalert(struct ovsdb_idl *idl, + const struct ovsdb_idl_column *column) +{ + ovsdb_idl_add_column(idl, column); + ovsdb_idl_omit_alert(idl, column); +} + +static void +update_ssl_config(void) +{ + if (ssl_private_key_file && ssl_certificate_file) { + stream_ssl_set_key_and_cert(ssl_private_key_file, + ssl_certificate_file); + } + if (ssl_ca_cert_file) { + stream_ssl_set_ca_cert_file(ssl_ca_cert_file, false); + } +} + +int +main(int argc, char *argv[]) +{ + int res = EXIT_SUCCESS; + struct unixctl_server *unixctl; + int retval; + bool exiting; + struct northd_state state = { + .had_lock = false, + .paused = false + }; + + fatal_ignore_sigpipe(); + ovs_cmdl_proctitle_init(argc, argv); + ovn_set_program_name(argv[0]); + service_start(&argc, &argv); + parse_options(argc, argv, &state.paused); + + daemonize_start(false); + + char *abs_unixctl_path = get_abs_unix_ctl_path(unixctl_path); + retval = unixctl_server_create(abs_unixctl_path, &unixctl); + free(abs_unixctl_path); + + if (retval) { + exit(EXIT_FAILURE); + } + unixctl_command_register("exit", "", 0, 0, ovn_northd_exit, &exiting); + unixctl_command_register("pause", "", 0, 0, ovn_northd_pause, &state); + unixctl_command_register("resume", "", 0, 0, ovn_northd_resume, &state); + unixctl_command_register("is-paused", "", 0, 0, ovn_northd_is_paused, + &state); + unixctl_command_register("status", "", 0, 0, ovn_northd_status, &state); + + bool reset_ovnsb_idl_min_index = false; + unixctl_command_register("sb-cluster-state-reset", "", 0, 0, + cluster_state_reset_cmd, + &reset_ovnsb_idl_min_index); + + bool reset_ovnnb_idl_min_index = false; + unixctl_command_register("nb-cluster-state-reset", "", 0, 0, + cluster_state_reset_cmd, + &reset_ovnnb_idl_min_index); + + daemonize_complete(); + + init_hash_row_locks(&lflow_locks); + use_parallel_build = can_parallelize_hashes(false); + + /* We want to detect (almost) all changes to the ovn-nb db. */ + struct ovsdb_idl_loop ovnnb_idl_loop = OVSDB_IDL_LOOP_INITIALIZER( + ovsdb_idl_create(ovnnb_db, &nbrec_idl_class, true, true)); + ovsdb_idl_omit_alert(ovnnb_idl_loop.idl, + &nbrec_nb_global_col_nb_cfg_timestamp); + ovsdb_idl_omit_alert(ovnnb_idl_loop.idl, &nbrec_nb_global_col_sb_cfg); + ovsdb_idl_omit_alert(ovnnb_idl_loop.idl, + &nbrec_nb_global_col_sb_cfg_timestamp); + ovsdb_idl_omit_alert(ovnnb_idl_loop.idl, &nbrec_nb_global_col_hv_cfg); + ovsdb_idl_omit_alert(ovnnb_idl_loop.idl, + &nbrec_nb_global_col_hv_cfg_timestamp); + + unixctl_command_register("nb-connection-status", "", 0, 0, + ovn_conn_show, ovnnb_idl_loop.idl); + + /* We want to detect only selected changes to the ovn-sb db. */ + struct ovsdb_idl_loop ovnsb_idl_loop = OVSDB_IDL_LOOP_INITIALIZER( + ovsdb_idl_create(ovnsb_db, &sbrec_idl_class, false, true)); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_sb_global); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_sb_global_col_nb_cfg); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_sb_global_col_options); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_sb_global_col_ipsec); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_logical_flow); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_logical_flow_col_logical_datapath); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_logical_flow_col_logical_dp_group); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_logical_flow_col_pipeline); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_logical_flow_col_table_id); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_logical_flow_col_priority); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_logical_flow_col_match); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_logical_flow_col_actions); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_logical_flow_col_controller_meter); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_logical_flow_col_external_ids); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, + &sbrec_table_logical_dp_group); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_logical_dp_group_col_datapaths); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_multicast_group); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_multicast_group_col_datapath); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_multicast_group_col_tunnel_key); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_multicast_group_col_name); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_multicast_group_col_ports); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_datapath_binding); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_datapath_binding_col_tunnel_key); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_datapath_binding_col_load_balancers); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_datapath_binding_col_external_ids); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_port_binding); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_binding_col_datapath); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_port_binding_col_logical_port); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_port_binding_col_tunnel_key); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_port_binding_col_parent_port); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_binding_col_tag); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_binding_col_type); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_binding_col_options); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_binding_col_mac); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_port_binding_col_nat_addresses); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_port_binding_col_chassis); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_port_binding_col_gateway_chassis); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_port_binding_col_ha_chassis_group); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_port_binding_col_virtual_parent); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_port_binding_col_up); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_gateway_chassis_col_chassis); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_gateway_chassis_col_name); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_gateway_chassis_col_priority); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_gateway_chassis_col_external_ids); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_gateway_chassis_col_options); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_port_binding_col_external_ids); + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_mac_binding); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_mac_binding_col_datapath); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_mac_binding_col_ip); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_mac_binding_col_mac); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_mac_binding_col_logical_port); + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_dhcp_options); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcp_options_col_code); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcp_options_col_type); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcp_options_col_name); + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_dhcpv6_options); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcpv6_options_col_code); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcpv6_options_col_type); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dhcpv6_options_col_name); + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_address_set); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_address_set_col_name); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_address_set_col_addresses); + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_port_group); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_group_col_name); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_port_group_col_ports); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_dns); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dns_col_datapaths); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dns_col_records); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_dns_col_external_ids); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_rbac_role); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_rbac_role_col_name); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_rbac_role_col_permissions); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_rbac_permission); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_rbac_permission_col_table); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_rbac_permission_col_authorization); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_rbac_permission_col_insert_delete); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_rbac_permission_col_update); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_meter); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_col_name); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_col_unit); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_col_bands); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_meter_band); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_band_col_action); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_band_col_rate); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_meter_band_col_burst_size); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_chassis); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_chassis_col_name); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_chassis_col_other_config); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_chassis_col_encaps); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_encap); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_encap_col_type); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_chassis_private); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_chassis_private_col_name); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_chassis_private_col_chassis); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_chassis_private_col_nb_cfg); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_chassis_private_col_nb_cfg_timestamp); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_ha_chassis); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ha_chassis_col_chassis); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ha_chassis_col_priority); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ha_chassis_col_external_ids); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_ha_chassis_group); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ha_chassis_group_col_name); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ha_chassis_group_col_ha_chassis); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ha_chassis_group_col_external_ids); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ha_chassis_group_col_ref_chassis); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_igmp_group); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_igmp_group_col_address); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_igmp_group_col_datapath); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_igmp_group_col_chassis); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_igmp_group_col_ports); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_ip_multicast); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ip_multicast_col_datapath); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ip_multicast_col_enabled); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ip_multicast_col_querier); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ip_multicast_col_eth_src); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ip_multicast_col_ip4_src); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ip_multicast_col_ip6_src); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ip_multicast_col_table_size); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ip_multicast_col_idle_timeout); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ip_multicast_col_query_interval); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_ip_multicast_col_query_max_resp); + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_service_monitor); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_service_monitor_col_ip); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_service_monitor_col_logical_port); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_service_monitor_col_port); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_service_monitor_col_options); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, + &sbrec_service_monitor_col_status); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_service_monitor_col_protocol); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_service_monitor_col_src_mac); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_service_monitor_col_src_ip); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_service_monitor_col_external_ids); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_load_balancer); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_load_balancer_col_datapaths); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_load_balancer_col_name); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_load_balancer_col_vips); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_load_balancer_col_protocol); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_load_balancer_col_options); + add_column_noalert(ovnsb_idl_loop.idl, + &sbrec_load_balancer_col_external_ids); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_bfd); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_logical_port); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_dst_ip); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_status); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_min_tx); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_min_rx); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_detect_mult); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_disc); + ovsdb_idl_add_column(ovnsb_idl_loop.idl, &sbrec_bfd_col_src_port); + + ovsdb_idl_add_table(ovnsb_idl_loop.idl, &sbrec_table_fdb); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_fdb_col_mac); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_fdb_col_dp_key); + add_column_noalert(ovnsb_idl_loop.idl, &sbrec_fdb_col_port_key); + + struct ovsdb_idl_index *sbrec_chassis_by_name + = chassis_index_create(ovnsb_idl_loop.idl); + + struct ovsdb_idl_index *sbrec_ha_chassis_grp_by_name + = ha_chassis_group_index_create(ovnsb_idl_loop.idl); + + struct ovsdb_idl_index *sbrec_mcast_group_by_name_dp + = mcast_group_index_create(ovnsb_idl_loop.idl); + + struct ovsdb_idl_index *sbrec_ip_mcast_by_dp + = ip_mcast_index_create(ovnsb_idl_loop.idl); + + unixctl_command_register("sb-connection-status", "", 0, 0, + ovn_conn_show, ovnsb_idl_loop.idl); + + char *ovn_internal_version = ovn_get_internal_version(); + VLOG_INFO("OVN internal version is : [%s]", ovn_internal_version); + + stopwatch_create(NORTHD_LOOP_STOPWATCH_NAME, SW_MS); + stopwatch_create(OVNNB_DB_RUN_STOPWATCH_NAME, SW_MS); + stopwatch_create(OVNSB_DB_RUN_STOPWATCH_NAME, SW_MS); + + /* Main loop. */ + exiting = false; + + while (!exiting) { + update_ssl_config(); + memory_run(); + if (memory_should_report()) { + struct simap usage = SIMAP_INITIALIZER(&usage); + + /* Nothing special to report yet. */ + memory_report(&usage); + simap_destroy(&usage); + } + + if (!state.paused) { + if (!ovsdb_idl_has_lock(ovnsb_idl_loop.idl) && + !ovsdb_idl_is_lock_contended(ovnsb_idl_loop.idl)) + { + /* Ensure that only a single ovn-northd is active in the + * deployment by acquiring a lock called "ovn_northd" on the + * southbound database and then only performing DB transactions + * if the lock is held. + */ + ovsdb_idl_set_lock(ovnsb_idl_loop.idl, "ovn_northd"); + } + + struct northd_context ctx = { + .ovnnb_db = ovnnb_db, + .ovnsb_db = ovnsb_db, + .ovnnb_idl = ovnnb_idl_loop.idl, + .ovnnb_txn = ovsdb_idl_loop_run(&ovnnb_idl_loop), + .ovnsb_idl = ovnsb_idl_loop.idl, + .ovnsb_txn = ovsdb_idl_loop_run(&ovnsb_idl_loop), + .sbrec_chassis_by_name = sbrec_chassis_by_name, + .sbrec_ha_chassis_grp_by_name = sbrec_ha_chassis_grp_by_name, + .sbrec_mcast_group_by_name_dp = sbrec_mcast_group_by_name_dp, + .sbrec_ip_mcast_by_dp = sbrec_ip_mcast_by_dp, + .lflow_locks = &lflow_locks, + .use_parallel_build = use_parallel_build, + }; + + if (!state.had_lock && ovsdb_idl_has_lock(ovnsb_idl_loop.idl)) { + VLOG_INFO("ovn-northd lock acquired. " + "This ovn-northd instance is now active."); + state.had_lock = true; + } else if (state.had_lock && + !ovsdb_idl_has_lock(ovnsb_idl_loop.idl)) + { + VLOG_INFO("ovn-northd lock lost. " + "This ovn-northd instance is now on standby."); + state.had_lock = false; + } + + if (ovsdb_idl_has_lock(ovnsb_idl_loop.idl)) { + + ovn_db_run(&ctx, sbrec_chassis_by_name, &ovnsb_idl_loop, + ovn_internal_version); + if (ctx.ovnsb_txn) { + check_and_add_supported_dhcp_opts_to_sb_db(&ctx); + check_and_add_supported_dhcpv6_opts_to_sb_db(&ctx); + check_and_update_rbac(&ctx); + } + } + + ovsdb_idl_loop_commit_and_wait(&ovnnb_idl_loop); + ovsdb_idl_loop_commit_and_wait(&ovnsb_idl_loop); + } else { + /* ovn-northd is paused + * - we still want to handle any db updates and update the + * local IDL. Otherwise, when it is resumed, the local IDL + * copy will be out of sync. + * - but we don't want to create any txns. + * */ + if (ovsdb_idl_has_lock(ovnsb_idl_loop.idl) || + ovsdb_idl_is_lock_contended(ovnsb_idl_loop.idl)) + { + /* make sure we don't hold the lock while paused */ + VLOG_INFO("This ovn-northd instance is now paused."); + ovsdb_idl_set_lock(ovnsb_idl_loop.idl, NULL); + state.had_lock = false; + } + + ovsdb_idl_run(ovnnb_idl_loop.idl); + ovsdb_idl_run(ovnsb_idl_loop.idl); + ovsdb_idl_wait(ovnnb_idl_loop.idl); + ovsdb_idl_wait(ovnsb_idl_loop.idl); + } + + stopwatch_stop(NORTHD_LOOP_STOPWATCH_NAME, time_msec()); + stopwatch_start(NORTHD_LOOP_STOPWATCH_NAME, time_msec()); + unixctl_server_run(unixctl); + unixctl_server_wait(unixctl); + memory_wait(); + if (exiting) { + poll_immediate_wake(); + } + + if (reset_ovnsb_idl_min_index) { + VLOG_INFO("Resetting southbound database cluster state"); + ovsdb_idl_reset_min_index(ovnsb_idl_loop.idl); + reset_ovnsb_idl_min_index = false; + } + + if (reset_ovnnb_idl_min_index) { + VLOG_INFO("Resetting northbound database cluster state"); + ovsdb_idl_reset_min_index(ovnnb_idl_loop.idl); + reset_ovnnb_idl_min_index = false; + } + + poll_block(); + if (should_service_stop()) { + exiting = true; + } + } + + + free(ovn_internal_version); + unixctl_server_destroy(unixctl); + ovsdb_idl_loop_destroy(&ovnnb_idl_loop); + ovsdb_idl_loop_destroy(&ovnsb_idl_loop); + service_stop(); + + exit(res); +} + +static void +ovn_northd_exit(struct unixctl_conn *conn, int argc OVS_UNUSED, + const char *argv[] OVS_UNUSED, void *exiting_) +{ + bool *exiting = exiting_; + *exiting = true; + + unixctl_command_reply(conn, NULL); +} + +static void +ovn_northd_pause(struct unixctl_conn *conn, int argc OVS_UNUSED, + const char *argv[] OVS_UNUSED, void *state_) +{ + struct northd_state *state = state_; + state->paused = true; + + unixctl_command_reply(conn, NULL); +} + +static void +ovn_northd_resume(struct unixctl_conn *conn, int argc OVS_UNUSED, + const char *argv[] OVS_UNUSED, void *state_) +{ + struct northd_state *state = state_; + state->paused = false; + + unixctl_command_reply(conn, NULL); +} + +static void +ovn_northd_is_paused(struct unixctl_conn *conn, int argc OVS_UNUSED, + const char *argv[] OVS_UNUSED, void *state_) +{ + struct northd_state *state = state_; + if (state->paused) { + unixctl_command_reply(conn, "true"); + } else { + unixctl_command_reply(conn, "false"); + } +} + +static void +ovn_northd_status(struct unixctl_conn *conn, int argc OVS_UNUSED, + const char *argv[] OVS_UNUSED, void *state_) +{ + struct northd_state *state = state_; + char *status; + + if (state->paused) { + status = "paused"; + } else { + status = state->had_lock ? "active" : "standby"; + } + + /* + * Use a labelled formatted output so we can add more to the status command + * later without breaking any consuming scripts + */ + struct ds s = DS_EMPTY_INITIALIZER; + ds_put_format(&s, "Status: %s\n", status); + unixctl_command_reply(conn, ds_cstr(&s)); + ds_destroy(&s); +} + +static void +cluster_state_reset_cmd(struct unixctl_conn *conn, int argc OVS_UNUSED, + const char *argv[] OVS_UNUSED, void *idl_reset_) +{ + bool *idl_reset = idl_reset_; + + *idl_reset = true; + poll_immediate_wake(); + unixctl_command_reply(conn, NULL); +}