-# Copyright (c) 2008,2009 Citrix Systems, Inc.
-# Copyright (c) 2009,2010 Nicira Networks.
+# Copyright (c) 2008,2009,2011 Citrix Systems, Inc.
+# Copyright (c) 2009,2010,2011,2012,2013 Nicira, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published
# GNU Lesser General Public License for more details.
#
from InterfaceReconfigure import *
+import os
import re
+import subprocess
#
# Bare Network Devices -- network devices without IP configuration
run_command(["/sbin/ifconfig", netdev, 'up'] + mtu)
+# This is a list of drivers that do support VLAN tx or rx acceleration, but
+# to which the VLAN bug workaround should not be applied. This could be
+# because these are known-good drivers (that is, they do not have any of
+# the bugs that the workaround avoids) or because the VLAN bug workaround
+# will not work for them and may cause other problems.
+#
+# This is a very short list because few drivers have been tested.
+NO_VLAN_WORKAROUND_DRIVERS = (
+ "bonding",
+)
+def netdev_get_driver_name(netdev):
+ """Returns the name of the driver for network device 'netdev'"""
+ symlink = '%s/sys/class/net/%s/device/driver' % (root_prefix(), netdev)
+ try:
+ target = os.readlink(symlink)
+ except OSError, e:
+ log("%s: could not read netdev's driver name (%s)" % (netdev, e))
+ return None
+
+ slash = target.rfind('/')
+ if slash < 0:
+ log("target %s of symbolic link %s does not contain slash"
+ % (target, symlink))
+ return None
+
+ return target[slash + 1:]
+
+def netdev_get_features(netdev):
+ """Returns the features bitmap for the driver for 'netdev'.
+ The features bitmap is a set of NETIF_F_ flags supported by its driver."""
+ try:
+ features = open("%s/sys/class/net/%s/features" % (root_prefix(), netdev)).read().strip()
+ return int(features, 0)
+ except:
+ return 0 # interface prolly doesn't exist
+
+def netdev_has_vlan_accel(netdev):
+ """Returns True if 'netdev' supports VLAN acceleration, False otherwise."""
+ NETIF_F_HW_VLAN_TX = 128
+ NETIF_F_HW_VLAN_RX = 256
+ NETIF_F_VLAN = NETIF_F_HW_VLAN_TX | NETIF_F_HW_VLAN_RX
+ return (netdev_get_features(netdev) & NETIF_F_VLAN) != 0
+
#
# PIF miscellanea
#
"downdelay": "200",
"updelay": "31000",
"use_carrier": "1",
+ "hashing-algorithm": "src_mac",
}
# override defaults with values from other-config whose keys
# being with "bond-"
key.startswith("bond-"), oc.items())
overrides = map(lambda (key,val): (key[5:], val), overrides)
bond_options.update(overrides)
+ mode = None
+ halgo = None
argv += ['--', 'set', 'Port', interface]
if pifrec['MAC'] != "":
argv += ['bond_%s=%d' % (name, value)]
except ValueError:
log("bridge %s has invalid %s '%s'" % (bridge, name, value))
+ elif name in ['miimon', 'use_carrier']:
+ try:
+ value = int(val)
+ if value < 0:
+ raise ValueError
+
+ if name == 'use_carrier':
+ if value:
+ value = "carrier"
+ else:
+ value = "miimon"
+ argv += ["other-config:bond-detect-mode=%s" % value]
+ else:
+ argv += ["other-config:bond-miimon-interval=%d" % value]
+ except ValueError:
+ log("bridge %s has invalid %s '%s'" % (bridge, name, value))
+ elif name == "mode":
+ mode = val
+ elif name == "hashing-algorithm":
+ halgo = val
else:
# Pass other bond options into other_config.
argv += ["other-config:%s=%s" % (vsctl_escape("bond-%s" % name),
vsctl_escape(val))]
+
+ if mode == 'lacp':
+ argv += ['lacp=active']
+
+ if halgo == 'src_mac':
+ argv += ['bond_mode=balance-slb']
+ elif halgo == "tcpudp_ports":
+ argv += ['bond_mode=balance-tcp']
+ else:
+ log("bridge %s has invalid bond-hashing-algorithm '%s'" % (bridge, halgo))
+ argv += ['bond_mode=balance-slb']
+ elif mode in ['balance-slb', 'active-backup']:
+ argv += ['lacp=off', 'bond_mode=%s' % mode]
+ else:
+ log("bridge %s has invalid bond-mode '%s'" % (bridge, mode))
+ argv += ['lacp=off', 'bond_mode=balance-slb']
+
return argv
def datapath_deconfigure_bond(netdev):
- A list containing the necessary vsctl command line arguments
- A list of additional devices which should be brought up after
the configuration is applied.
+ - A list containing flows to apply to the pif bridge, note that
+ port numbers may need to be substituted once ofport is known
"""
vsctl_argv = []
extra_up_ports = []
+ bridge_flows = []
assert not pif_is_vlan(pif)
bridge = pif_bridge_name(pif)
vsctl_argv += ['--', 'set', 'Bridge', bridge,
'other-config:hwaddr=%s' % vsctl_escape(db().get_pif_record(pif)['MAC'])]
+ pool = db().get_pool_record()
+ network = db().get_network_by_bridge(bridge)
+ network_rec = None
+ fail_mode = None
+ valid_fail_modes = ['standalone', 'secure']
+
+ if network:
+ network_rec = db().get_network_record(network)
+ fail_mode = network_rec['other_config'].get('vswitch-controller-fail-mode')
+
+ if (fail_mode not in valid_fail_modes) and pool:
+ fail_mode = pool['other_config'].get('vswitch-controller-fail-mode')
+ # Add default flows to allow management traffic if fail-mode
+ # transitions to secure based on pool fail-mode setting
+ if fail_mode == 'secure' and db().get_pif_record(pif).get('management', False):
+ prev_fail_mode = vswitchCfgQuery(['get-fail-mode', bridge])
+ if prev_fail_mode != 'secure':
+ tp = 'idle_timeout=0,priority=0'
+ host_mgmt_mac = db().get_pif_record(pif)['MAC']
+ # account for bond as management interface
+ if len(physical_devices) > 1:
+ bridge_flows += ['%s,in_port=local,arp,dl_src=%s,actions=NORMAL' % (tp, host_mgmt_mac)]
+ bridge_flows += ['%s,in_port=local,dl_src=%s,actions=NORMAL' % (tp, host_mgmt_mac)]
+ # we don't know slave ofports yet, substitute later
+ bridge_flows += ['%s,in_port=%%s,arp,nw_proto=1,actions=local' % (tp)]
+ bridge_flows += ['%s,in_port=%%s,dl_dst=%s,actions=local' % (tp, host_mgmt_mac)]
+ else:
+ bridge_flows += ['%s,in_port=%%s,arp,nw_proto=1,actions=local' % (tp)]
+ bridge_flows += ['%s,in_port=local,arp,dl_src=%s,actions=%%s' % (tp, host_mgmt_mac)]
+ bridge_flows += ['%s,in_port=%%s,dl_dst=%s,actions=local' % (tp, host_mgmt_mac)]
+ bridge_flows += ['%s,in_port=local,dl_src=%s,actions=%%s' % (tp, host_mgmt_mac)]
+
+ if fail_mode not in valid_fail_modes:
+ fail_mode = 'standalone'
+
+ vsctl_argv += ['--', 'set', 'Bridge', bridge, 'fail_mode=%s' % fail_mode]
+
+ if network_rec:
+ dib = network_rec['other_config'].get('vswitch-disable-in-band')
+ if not dib:
+ vsctl_argv += ['--', 'remove', 'Bridge', bridge, 'other_config', 'disable-in-band']
+ elif dib in ['true', 'false']:
+ vsctl_argv += ['--', 'set', 'Bridge', bridge, 'other_config:disable-in-band=' + dib]
+ else:
+ log('"' + dib + '"' "isn't a valid setting for other_config:disable-in-band on " + bridge)
+
vsctl_argv += set_br_external_ids(pif)
vsctl_argv += ['## done configuring datapath %s' % bridge]
- return vsctl_argv,extra_up_ports
+ return vsctl_argv,extra_up_ports,bridge_flows
def deconfigure_bridge(pif):
vsctl_argv = []
# log("Network PIF %s not currently attached (%s)" % (rec['uuid'],pifrec['uuid']))
# continue
nwrec = db().get_network_record(rec['network'])
- xs_network_uuids += [nwrec['uuid']]
+
+ uuid = nwrec['uuid']
+ if pif_is_vlan(nwpif):
+ xs_network_uuids.append(uuid)
+ else:
+ xs_network_uuids.insert(0, uuid)
vsctl_argv = []
- vsctl_argv += ['# configure network-uuids']
+ vsctl_argv += ['# configure xs-network-uuids']
vsctl_argv += ['--', 'br-set-external-id', pif_bridge_name(pif),
- 'network-uuids', ';'.join(xs_network_uuids)]
+ 'xs-network-uuids', ';'.join(xs_network_uuids)]
return vsctl_argv
Datapath.__init__(self, pif)
self._dp = pif_datapath(pif)
self._ipdev = pif_ipdev_name(pif)
+ self._bridge_flows = []
if pif_is_vlan(pif) and not self._dp:
raise Error("Unbridged VLAN devices not implemented yet")
@classmethod
def rewrite(cls):
+ if not os.path.exists("/var/run/openvswitch/db.sock"):
+ # ovsdb-server is not running, so we can't update the database.
+ # Probably we are being called as part of system shutdown. Just
+ # skip the update, since the external-ids will be updated on the
+ # next boot anyhow.
+ return
+
vsctl_argv = []
for pif in db().get_all_pifs():
pifrec = db().get_pif_record(pif)
def preconfigure(self, parent):
vsctl_argv = []
extra_ports = []
+ bridge_flows = []
pifrec = db().get_pif_record(self._pif)
dprec = db().get_pif_record(self._dp)
ipdev = self._ipdev
- c,e = configure_datapath(self._dp)
+ c,e,f = configure_datapath(self._dp)
bridge = pif_bridge_name(self._pif)
vsctl_argv += c
extra_ports += e
+ bridge_flows += f
dpname = pif_bridge_name(self._dp)
if pif_is_vlan(self._pif):
- # XXX this is only needed on XS5.5, because XAPI misguidedly
- # creates the fake bridge (via bridge ioctl) before it calls us.
+ # In some cases XAPI may misguidedly leave an instance of
+ # 'bridge' which should be deleted.
vsctl_argv += ['--', '--if-exists', 'del-br', bridge]
# configure_datapath() set up the underlying datapath bridge.
self._vsctl_argv = vsctl_argv
self._extra_ports = extra_ports
+ self._bridge_flows = bridge_flows
def bring_down_existing(self):
- pass
+ # interface-reconfigure is never explicitly called to down a
+ # bond master. However, when we are called to up a slave it
+ # is implicit that we are destroying the master. Conversely,
+ # when we are called to up a bond is is implicit that we are
+ # taking down the slaves.
+ #
+ # This is (only) important in the case where the device being
+ # implicitly taken down uses DHCP. We need to kill the
+ # dhclient process, otherwise performing the inverse operation
+ # later later will fail because ifup will refuse to start a
+ # duplicate dhclient.
+ bond_masters = pif_get_bond_masters(self._pif)
+ for master in bond_masters:
+ log("action_up: bring down bond master %s" % (pif_netdev_name(master)))
+ run_command(["/sbin/ifdown", pif_bridge_name(master)])
+
+ bond_slaves = pif_get_bond_slaves(self._pif)
+ for slave in bond_slaves:
+ log("action_up: bring down bond slave %s" % (pif_netdev_name(slave)))
+ run_command(["/sbin/ifdown", pif_bridge_name(slave)])
def configure(self):
# Bring up physical devices. ovs-vswitchd initially enables or
# when they are added, and a network device that is down
# always reports "no carrier".
physical_devices = datapath_get_physical_pifs(self._dp)
+
+ if pif_is_bond(self._dp):
+ brec = db().get_pif_record(self._dp)
+ bond_mtu = mtu_setting(brec['network'], "PIF", brec['other_config'])
+ else:
+ bond_mtu = None
for p in physical_devices:
prec = db().get_pif_record(p)
dev = pif_netdev_name(p)
- mtu = mtu_setting(prec['network'], "PIF", oc)
+ if bond_mtu:
+ mtu = bond_mtu
+ else:
+ mtu = mtu_setting(prec['network'], "PIF", oc)
netdev_up(dev, mtu)
- settings, offload = ethtool_settings(oc)
+ settings, offload = ethtool_settings(oc, PIF_OTHERCONFIG_DEFAULTS)
if len(settings):
run_command(['/sbin/ethtool', '-s', dev] + settings)
if len(offload):
run_command(['/sbin/ethtool', '-K', dev] + offload)
+ driver = netdev_get_driver_name(dev)
+ if 'vlan-bug-workaround' in oc:
+ vlan_bug_workaround = oc['vlan-bug-workaround'] == 'true'
+ elif driver in NO_VLAN_WORKAROUND_DRIVERS:
+ vlan_bug_workaround = False
+ else:
+ vlan_bug_workaround = netdev_has_vlan_accel(dev)
+
+ if vlan_bug_workaround:
+ setting = 'on'
+ else:
+ setting = 'off'
+ run_command(['/usr/sbin/ovs-vlan-bug-workaround', dev, setting])
+
datapath_modify_config(self._vsctl_argv)
+ if self._bridge_flows:
+ ofports = []
+ physical_devices = datapath_get_physical_pifs(self._dp)
+ if len(physical_devices) > 1:
+ for slave in physical_devices:
+ name = pif_netdev_name(slave)
+ ofport = vswitchCfgQuery(['get', 'interface', name, 'ofport'])
+ ofports.append(ofport)
+ else:
+ name = pif_netdev_name(self._dp)
+ ofport = vswitchCfgQuery(['get', 'interface', name, 'ofport'])
+ ofports.append(ofport)
+ dpname = pif_bridge_name(self._dp)
+ for flow in self._bridge_flows:
+ if flow.find('in_port=%s') != -1 or flow.find('actions=%s') != -1:
+ for port in ofports:
+ f = flow % (port)
+ run_command(['/usr/bin/ovs-ofctl', 'add-flow', dpname, f])
+ else:
+ run_command(['/usr/bin/ovs-ofctl', 'add-flow', dpname, flow])
def post(self):
for p in self._extra_ports:
bridge = pif_bridge_name(dp)
- #nw = db().get_pif_record(self._pif)['network']
- #nwrec = db().get_network_record(nw)
- #vsctl_argv += ['# deconfigure network-uuids']
- #vsctl_argv += ['--del-entry=bridge.%s.network-uuids=%s' % (bridge,nwrec['uuid'])]
-
log("deconfigure ipdev %s on %s" % (ipdev,bridge))
vsctl_argv += ["# deconfigure ipdev %s" % ipdev]
vsctl_argv += datapath_deconfigure_ipdev(ipdev)
netdev_down(p)
datapath_modify_config(vsctl_argv)
+
+#
+# utility methods
+#
+
+def vswitchCfgQuery(action_args):
+ cmd = ['%s/usr/bin/ovs-vsctl' % root_prefix(),
+ '-vconsole:off'] + action_args
+ output = subprocess.Popen(cmd, stdout=subprocess.PIPE).communicate()
+ if len(output) == 0 or output[0] == None:
+ output = ""
+ else:
+ output = output[0].strip()
+ return output