From: Aliasgar Ginwala
Setting up OVN on new kernel bumps openssl version.
Since OVS PKI infrastructure that generated older ssl certs based on
old openssl version, raft fails with error
2024-02-27T19:28:39.673Z|00022|stream_ssl|WARN|SSL_connect: error:1416F086:SSL
routines:tls_process_server_c
From: Aliasgar Ginwala
Setting up OVN on new kernel bumps openssl version.
Since OVS PKI infrastructure that generated older ssl certs based on
old openssl version, raft fails with error
2024-02-27T19:28:39.673Z|00022|stream_ssl|WARN|SSL_connect: error:1416F086:SSL
routines:tls_process_server_c
From: Aliasgar Ginwala
Signed-off-by: Aliasgar Ginwala
---
ovs | 2 +-
utilities/ovn-ctl | 25 +++--
2 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/ovs b/ovs
index fe55ce37a..ec1d73016 16
--- a/ovs
+++ b/ovs
@@ -1 +1 @@
-Subproject commit
From: Aliasgar Ginwala
Setting up OVN on new kernel bumps openssl version.
Since OVS PKI infrastructure that generated older ssl certs based on
old openssl version, raft fails with error
2024-02-27T19:28:39.673Z|00022|stream_ssl|WARN|SSL_connect: error:1416F086:SSL
routines:tls_process_server_c
From: Aliasgar Ginwala
To avoid invalidating existing certs setup by old version of ovs pki.
openssl supports setting ciphers but it fails with ovn as below
ovn-controller --ssl-ciphers='HIGH:!aNULL:!MD5:@SECLEVEL=1'
Aborted (core dumped)
Avoid invalidating existing certs when bumping to new ovn
From: Aliasgar Ginwala
Signed-off-by: Aliasgar Ginwala
---
tests/ovn-controller.at | 26 ++
tests/ovn.at| 182
2 files changed, 208 insertions(+)
diff --git a/tests/ovn-controller.at b/tests/ovn-controller.at
index 9d2a37c72..df5662527
From: Aliasgar Ginwala
To avoid invalidating existing certs setup by old version of ovs pki.
openssl supports setting ciphers but it fails with ovn as below
ovn-controller --ssl-ciphers='HIGH:!aNULL:!MD5:@SECLEVEL=1'
Aborted (core dumped)
Avoid invalidating existing certs when bumping to new ovn
From: Aliasgar Ginwala
Fixes:
ovn-controller --ssl-ciphers='xxx'
Aborted (core dumped)
Avoid invalidating existing certs when bumping to new ovn version
SSL_connect: error:1416F086:SSL
routines:tls_process_server_certificate:certificate verify failed while
connecting to control plane.
Signed-
From: Aliasgar Ginwala
When using --enable-shared for configure, make fails with error
lib/.libs/libovn.so: undefined reference to `set_pidfile'
collect2: error: ld returned 1 exit status
Makefile:1616: recipe for target 'tests/ovstest' failed
make[1]: *** [tests/ovstest] Error 1
make[1]: Leaving
From: Aliasgar Ginwala
When using --enable-shared for configure, make fails with error
lib/.libs/libovn.so: undefined reference to `set_pidfile'
collect2: error: ld returned 1 exit status
Makefile:1616: recipe for target 'tests/ovstest' failed
make[1]: *** [tests/ovstest] Error 1
make[1]: Leaving
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool cluster-to-standalone ovnnb_db.db ovnnb_db_cluster.db
Acked-by: Han Zhou
Signed-off-by: Aliasgar Ginwala
Signed-off-by: Ben Pfaf
From: Damijan Skvarc
memory leak is reported by valgrind while executing functional test
"ovsdb-tool convert-to-standalone"
==13842== 2,850 (280 direct, 2,570 indirect) bytes in 7 blocks are definitely
lost in loss record 20 of 20
==13842==at 0x4C2DB8F: malloc (in
/usr/lib/valgrind/vgprelo
From: Aliasgar Ginwala
1. Container scripts for starting ovn central node
containers in HA using cluster mode
2. Update documentation about the same.
Signed-off-by: Aliasgar Ginwala
---
Documentation/intro/install/general.rst | 34 +-
utilities/docker/start-ovn
From: Aliasgar Ginwala
--with-linux can be made configurable while building containers
for leveraging kernel modules installed on host.
KERNEL_VERSION=host should be used in env variable for the same.
Signed-off-by: Aliasgar Ginwala
---
utilities/docker/Makefile | 2 +-
..
From: Aliasgar Ginwala
--with-linux can be made configurable while building containers
for leveraging kernel modules installed on host.
KERNEL_VERSION=host should be used in env variable for the same.
Signed-off-by: Aliasgar Ginwala
---
utilities/docker/Makefile | 2 +-
From: Aliasgar Ginwala
Signed-off-by: Aliasgar Ginwala
---
utilities/automake.mk | 3 ++-
utilities/docker/Makefile | 2 +-
utilities/docker/debian/Dockerfile | 1 +
utilities/docker/debian/build.sh | 24 +-
utilities/docker/install_ovn.sh| 40
From: Aliasgar Ginwala
Current code only had support for starting ovn in ubuntu containers.
This patch adds supprt for rhel using centos7 as a base image
Signed-off-by: Aliasgar Ginwala
---
Documentation/intro/install/general.rst | 2 +-
utilities/automake.mk | 2 ++
utilit
From: Aliasgar Ginwala
Signed-off-by: Aliasgar Ginwala
---
utilities/docker/Makefile | 2 --
utilities/docker/debian/Dockerfile | 3 +--
utilities/docker/debian/build.sh | 13 +
3 files changed, 6 insertions(+), 12 deletions(-)
diff --git a/utilities/docker/Makefile b/
From: Aliasgar Ginwala
Add new env variables OVN_NBCTL_OPTIONS and OVN_SBCTL_OPTIONS for
ovn-nbctl and ovn-sbctl respectively where user can set
supported ovn-nb/sbctl options using environment variable.
e.g. OVN_SBCTL_OPTIONS="--db=unix:sb1.ovsdb --no-leader-only"
Signed-off-by: Aliasgar Ginwal
From: Aliasgar Ginwala
Signed-off-by: Aliasgar Ginwala
---
lib/command-line.c | 29 +
lib/command-line.h | 3 +++
2 files changed, 32 insertions(+)
diff --git a/lib/command-line.c b/lib/command-line.c
index 9e000bd28..2fc8b6e48 100644
--- a/lib/command-line.c
+++ b
From: Aliasgar Ginwala
Signed-off-by: Aliasgar Ginwala
---
lib/command-line.c | 55 ++
lib/command-line.h | 3 +++
2 files changed, 58 insertions(+)
diff --git a/lib/command-line.c b/lib/command-line.c
index 9e000bd28..d13cca294 100644
--- a/lib/com
From: Aliasgar Ginwala
Add new env variables OVN_NBCTL_OPTIONS and OVN_SBCTL_OPTIONS for
ovn-nbctl and ovn-sbctl respectively where user can set
supported ovn-nb/sbctl options using environment variable.
e.g. OVN_SBCTL_OPTIONS="--db=unix:sb1.ovsdb --no-leader-only"
Signed-off-by: Aliasgar Ginwal
From: Aliasgar Ginwala
Signed-off-by: Aliasgar Ginwala
---
lib/command-line.c | 50 ++
lib/command-line.h | 3 +++
2 files changed, 53 insertions(+)
diff --git a/lib/command-line.c b/lib/command-line.c
index 9e000bd28..64a84efa8 100644
--- a/lib/com
From: Aliasgar Ginwala
building ovn/ovs container breaks while configure:
checking for Python 3 (version 3.4 or later)... no
configure: error: Python 3.4 or later is required but not found in
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin,
please install it or set to point to it
A
From: Aliasgar Ginwala
building ovn/ovs container breaks while configure:
checking for Python 3 (version 3.4 or later)... no
configure: error: Python 3.4 or later is required but not found in
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin,
please install it or set to point to it
A
From: Aliasgar Ginwala
Add new env variables OVN_NBCTL_OPTIONS and OVN_SBCTL_OPTIONS for
ovn-nbctl and ovn-sbctl respectively where user can set any single
supported option. e.g export OVN_NBCTL_OPTIONS=--no-leader-only.
Above env var OVN_NBCTL_OPTIONS have no effect if user runs
command as ovn-n
From: Aliasgar Ginwala
When using ovn-nb/sbctl running in cluster, one can use local
socket to run different commands. It is very inconvenient to pass
no-leader-only in different tools using ovn-nb/sbctl instead of
allowing one to to connect to any nodes in the cluster including
itself.
e.g commo
From: Aliasgar Ginwala
When using ssl mode for ovn nb/sb active-standby/cluster db service models,
northd can use ssl mode too.
e.g. one can pass --ovn-northd-ssl-key, --ovn-northd-ssl-ca-cert and
--ovn-northd-ssl-cert to start northd with ssl
Signed-off-by: Aliasgar Ginwala
Acked-by: Han Zhou
From: Aliasgar Ginwala
Signed-off-by: Aliasgar Ginwala
---
Documentation/intro/install/general.rst | 14 ++
utilities/docker/start-ovn | 9 +
2 files changed, 23 insertions(+)
diff --git a/Documentation/intro/install/general.rst
b/Documentation/intro/install/
From: Aliasgar Ginwala
Current code changes in ovs/ovn split replaced openvswitch with ovn and
caused container patches to break.
Also, as per ff4439d, one should build ovn specifying ovs source.
This patch fixes the same.
Signed-off-by: Aliasgar Ginwala
---
utilities/automake.mk
From: Aliasgar Ginwala
When using ssl mode for ovn nb/sb active-standby/cluster db service models,
northd can use ssl mode too.
e.g. one can pass --ovn-northd-ssl-key, --ovn-northd-ssl-ca-cert and
--ovn-northd-ssl-cert to start northd with ssl
Signed-off-by: Aliasgar Ginwala
---
utilities/ovn
From: Aliasgar Ginwala
Current code changes in ovs/ovn split replaced openvswitch with ovn and
caused container patches to break.
Also, as per ff4439d, one should build ovn specifying ovs source.
This patch fixes the same.
---
utilities/docker/create_ovn_dbs.sh | 18 --
utilities
From: Aliasgar Ginwala
---
Documentation/intro/install/general.rst | 14 ++
utilities/docker/start-ovn | 9 +
2 files changed, 23 insertions(+)
diff --git a/Documentation/intro/install/general.rst
b/Documentation/intro/install/general.rst
index 4936540fb..bbf0
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool cluster-to-standalone ovnnb_db.db ovnnb_db_cluster.db
Signed-off-by: Aliasgar Ginwala
Acked-by: Han Zhou
---
Documentation/ref/
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool cluster-to-standalone ovnnb_db.db ovnnb_db_cluster.db
Signed-off-by: Aliasgar Ginwala
---
Documentation/ref/ovsdb.7.rst | 3 +
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool cluster-to-standalone ovnnb_db.db ovnnb_db_cluster.db
Signed-off-by: Aliasgar Ginwala
---
Documentation/ref/ovsdb.7.rst | 3 +
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool cluster-to-standalone ovnnb_db.db ovnnb_db_cluster.db
Signed-off-by: Aliasgar Ginwala
---
Documentation/ref/ovsdb.7.rst | 3 +
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool cluster-to-standalone ovnnb_db.db ovnnb_db_cluster.db
Signed-off-by: Aliasgar Ginwala
---
Documentation/ref/ovsdb.7.rst | 3 +
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool cluster-to-standalone ovnnb_db.db ovnnb_db_cluster.db
Signed-off-by: Aliasgar Ginwala
---
Documentation/ref/ovsdb.7.rst | 3 +
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool cluster-to-standalone ovnnb_db.db ovnnb_db_cluster.db
Signed-off-by: Aliasgar Ginwala
---
Documentation/ref/ovsdb.7.rst | 3 +
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool cluster-to-standalone ovnnb_db.db ovnnb_db_cluster.db
Signed-off-by: Aliasgar Ginwala
---
Documentation/ref/ovsdb.7.rst | 3 +
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool cluster-to-standalone ovnnb_db.db ovnnb_db_cluster.db
Signed-off-by: Aliasgar Ginwala
---
Documentation/ref/ovsdb.7.rst | 3 +
From: Aliasgar Ginwala
1. Correct typo where it should be ovsdb-client backup vs ovsdb-tool backup.
2. Update for which case will ovsdb-client not work.
Signed-off-by: Aliasgar Ginwala
---
Documentation/ref/ovsdb.7.rst | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/D
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool migrate-cluster-db ovnnb_db.db ovnnb_db_cluster.db
Signed-off-by: Aliasgar Ginwala
---
ovsdb/ovsdb-tool.c | 154
From: Aliasgar Ginwala
Add support in ovsdb-tool for migrating clustered dbs to standalone dbs.
E.g. usage to migrate nb/sb db to standalone db from raft:
ovsdb-tool migrate-cluster-db ovnnb_db.db ovnnb_db_cluster.db
Signed-off-by: Aliasgar Ginwala
---
ovsdb/ovsdb-tool.c | 154
From: Aliasgar Ginwala
1. Containerize ovn central components
2. Containerize ovn host
3. Update documentation about building/running ovn in containers.
Signed-off-by: Aliasgar Ginwala
---
Documentation/intro/install/general.rst | 83
utilities/automake.mk
From: Aliasgar Ginwala
1. Containerize ovn central components
2. Containerize ovn host
3. Update documentation about building/running ovn in containers.
Signed-off-by: Aliasgar Ginwala
---
Documentation/intro/install/general.rst | 83
utilities/automake.mk
When starting OVN DBs in HA using pacemaker with ssl, we need to pass ssl
certs for starting standby DBs. Hence, we need this change.
Signed-off-by: aginwala
Acked-by: Han Zhou
---
ovn/utilities/ovndb-servers.ocf | 72 -
1 file changed, 71 insertions(+),
For OVN DBs to work with SSL in HA, we need to have capability to pass ssl
certs when starting OVN DBs. Say when starting OVN DBs in active passive mode,
in order for the standby DBs to sync from master node, it cannot sync
because the required ssl certs are not passed when standby DBs are initiali
When starting OVN DBs in HA using pacemaker with ssl, we need to pass ssl
certs for starting standby DBs. Hence, we need this change.
Signed-off-by: aginwala
---
ovn/utilities/ovndb-servers.ocf | 74 -
1 file changed, 73 insertions(+), 1 deletion(-)
dif
For OVN DBs to work with SSL in HA, we need to have capability to
pass ssl certs when starting OVN DBs. Say when starting OVN DBs in active
passive mode, in order for the standby DBs to sync from master node, it
cannot sync because the required ssl certs are not passed when standby DBs
are ini
From: aginwala
As per new clustering change, ovn-northd sandbox should use nb1.ovsdb and
sb1.ovsdb. It was updated in ovn-northd --help section but missed for sandbox.
This commit fixes the same
Reported-by: Mark Michelson
Reported-at:
https://mail.openvswitch.org/pipermail/ovs-dev/2018-March/
From: aginwala
e.g. when running ovn-nbctl show ls, it's good to have total ports that are
attached to the switch.
Signed-off-by: Aliasgar Ginwala
---
ovn/utilities/ovn-nbctl.c | 1 +
tests/ovn-nbctl.at| 10 ++
2 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/ovn
53 matches
Mail list logo