X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=debian%2Fopenvswitch-switch.init;h=13dea1c378a73d26530c03ee86b8c2b85d12f118;hb=refs%2Fheads%2Flts-1.0a;hp=c579a0887c289d8411a63aecc368956fc7694134;hpb=2b35e1475ef0c274495aa04d60b054288971d503;p=sliver-openvswitch.git diff --git a/debian/openvswitch-switch.init b/debian/openvswitch-switch.init index c579a0887..13dea1c37 100755 --- a/debian/openvswitch-switch.init +++ b/debian/openvswitch-switch.init @@ -12,55 +12,43 @@ ### BEGIN INIT INFO # Provides: openvswitch-switch # Required-Start: $network $named $remote_fs $syslog -# Required-Stop: +# Required-Stop: $remote_fs # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Open vSwitch switch ### END INIT INFO PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/sbin/secchan -NAME=secchan -DESC=secchan +ovs_vswitchd=/usr/sbin/ovs-vswitchd +ovsdb_server=/usr/bin/ovsdb-server -test -x $DAEMON || exit 0 +(test -x $ovsdb_server && test -x $ovs_vswitchd) || exit 0 -NICIRA_OUI="002320" - -LOGDIR=/var/log/openvswitch -PIDFILE=/var/run/$NAME.pid -DHCLIENT_PIDFILE=/var/run/dhclient.of0.pid DODTIME=1 # Time to wait for the server to die, in seconds # If this value is set too low you might not # let some servers to die gracefully and # 'restart' will not work -# Include secchan defaults if available -unset NETDEVS -unset MODE -unset SWITCH_IP -unset CONTROLLER -unset PRIVKEY -unset CERT -unset CACERT -unset CACERT_MODE -unset MGMT_VCONNS -unset COMMANDS -unset DAEMON_OPTS +# Include ovs-openflowd defaults if available +unset OVSDB_SERVER_OPTS +unset OVS_VSWITCHD_OPTS unset CORE_LIMIT -unset DATAPATH_ID +unset ENABLE_MONITOR default=/etc/default/openvswitch-switch if [ -f $default ] ; then - . $default + . $default fi +: ${ENABLE_MONITOR:=y} + set -e +# running_pid pid name +# +# Check if 'pid' is a process named 'name' running_pid() { - # Check if a given process pid's cmdline matches a given name - pid=$1 - name=$2 + local pid=$1 name=$2 [ -z "$pid" ] && return 1 [ ! -d /proc/$pid ] && return 1 cmd=`cat /proc/$pid/cmdline | tr "\000" "\n"|head -n 1 |cut -d : -f 1` @@ -75,36 +63,47 @@ running_pid() esac } +# running name +# +# Checks for a running process named 'name' by looking for a pidfile +# named /var/run/openvswitch/${name}.pid running() { -# Check if the process is running looking at /proc -# (works for all users) + local name=$1 + local pidfile=/var/run/openvswitch/${name}.pid # No pidfile, probably no daemon present - [ ! -f "$PIDFILE" ] && return 1 + [ ! -f "$pidfile" ] && return 1 + # Obtain the pid and check it against the binary name - pid=`cat $PIDFILE` - running_pid $pid $NAME || return 1 + pid=`cat $pidfile` + running_pid $pid $name || return 1 return 0 } +# force_stop name +# +# Checks for a running process named 'name', by looking for a pidfile +# named /var/run/openvswitch/${name}.pid, and then kills it and waits +# for it to die. force_stop() { -# Forcefully kill the process - [ ! -f "$PIDFILE" ] && return - if running ; then - kill -15 $pid - # Is it really dead? + local name=$1 + local pidfile=/var/run/openvswitch/${name}.pid + + [ ! -f "$pidfile" ] && return + if running $name; then + kill $pid [ -n "$DODTIME" ] && sleep "$DODTIME"s - if running ; then - kill -9 $pid + if running $name; then + kill -KILL $pid [ -n "$DODTIME" ] && sleep "$DODTIME"s - if running ; then - echo "Cannot kill $NAME (pid=$pid)!" + if running $name; then + echo "Cannot kill $name (pid=$pid)!" exit 1 fi fi fi - rm -f $PIDFILE + rm -f $pidfile return 0 } @@ -129,300 +128,209 @@ check_op() { fi } -configure_ssl() { - if (test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap) \ - || test ! -e "$PRIVKEY" || test ! -e "$CERT" \ - || (test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap); then - if test "$CACERT_MODE" != secure && test "$CACERT_MODE" != bootstrap - then - echo "CACERT_MODE is not set to 'secure' or 'bootstrap'" - fi - if test ! -e "$PRIVKEY"; then - echo "$PRIVKEY: private key missing" >&2 - fi - if test ! -e "$CERT"; then - echo "$CERT: certificate for private key missing" >&2 - fi - if test ! -e "$CACERT" && test "$CACERT_MODE" != bootstrap; then - echo "$CACERT: CA certificate missing (and CA certificate bootstrapping not enabled)" >&2 - fi - echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 - if test "$MODE" = discovery; then - echo "You may also delete or rename $PRIVKEY to disable SSL requirement" >&2 - fi - exit 1 - fi +# is_module_loaded module +# +# Returns 0 if 'module' is loaded, 1 otherwise. + +is_module_loaded() { + local module=$1 + grep -q "^$module " /proc/modules +} - SSL_OPTS="--private-key=$PRIVKEY --certificate=$CERT" - if test ! -e "$CACERT" && test "$CACERT_MODE" = bootstrap; then - SSL_OPTS="$SSL_OPTS --bootstrap-ca-cert=$CACERT" +# load_module module +# +# Loads 'module' into the running kernel, if it is not already loaded. +load_module() { + local module=$1 + echo -n "Loading $module: " + if is_module_loaded $module; then + echo "already loaded, nothing to do." + elif modprobe $module; then + echo "success." else - SSL_OPTS="$SSL_OPTS --ca-cert=$CACERT" + echo "ERROR." + echo "$module has probably not been built for this kernel." + if ! test -d /usr/share/doc/openvswitch-datapath-source; then + echo "Install the openvswitch-datapath-source package, then read" + echo "/usr/share/doc/openvswitch-datapath-source/README.Debian" + else + echo "For instructions, read" + echo "/usr/share/doc/openvswitch-datapath-source/README.Debian" + fi + exit 1 fi } -check_int_var() { - eval value=\$$1 - if test -n "$value"; then - if expr "X$value" : 'X[0-9][0-9]*$' > /dev/null 2>&1; then - if test $value -lt $2; then - echo "warning: The $1 option may not be set to a value below $2, treating as $2" >&2 - eval $1=$2 - fi +# unload_module module +# +# Unloads 'module' from the running kernel, if it is loaded. +unload_module() { + local module=$1 + echo -n "Unloading $module: " + if is_module_loaded $module; then + if rmmod $module; then + echo "success." else - echo "warning: The $1 option must be set to a number, ignoring" >&2 - unset $1 + echo "ERROR." + exit 1 fi + else + echo "not loaded, nothing to do." fi } -check_new_option() { - case $DAEMON_OPTS in - *$1*) - echo "warning: The $1 option in DAEMON_OPTS may now be set with the $2 variable in $default. The setting in DAEMON_OPTS will override the $2 variable, which will prevent the switch UI from configuring $1." >&2 - ;; - esac +unload_modules() { + if is_module_loaded openvswitch_mod; then + for dp in $(ovs-dpctl dump-dps); do + echo -n "Deleting datapath $dp: " + if ovs-dpctl del-dp $dp; then + echo "success." + else + echo "ERROR." + fi + done + fi + unload_module openvswitch_mod } case "$1" in start) - if test -z "$NETDEVS"; then - echo "$default: No network devices configured, switch disabled" >&2 - echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 - exit 0 + load_module openvswitch_mod + + if test -n "$CORE_LIMIT"; then + check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT" fi - if test "$MODE" = discovery; then - unset CONTROLLER - elif test "$MODE" = in-band || test "$MODE" = out-of-band; then - if test -z "$CONTROLLER"; then - echo "$default: No controller configured and not configured for discovery, switch disabled" >&2 - echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 - exit 0 - fi + + # Create an empty configuration database if it doesn't exist. + if test ! -e /etc/openvswitch/conf.db; then + install -d -m 755 -o root -g root /etc/openvswitch + + # Create configuration database. + ovsdb-tool -vANY:console:emer \ + create /etc/openvswitch/conf.db \ + /usr/share/openvswitch/vswitch.ovsschema else - echo "$default: MODE must set to 'discovery', 'in-band', or 'out-of-band'" >&2 - echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 - exit 1 + # Upgrade or downgrade schema and compact database. + ovsdb-tool -vANY:console:emer \ + convert /etc/openvswitch/conf.db \ + /usr/share/openvswitch/vswitch.ovsschema fi - : ${PRIVKEY:=/etc/openvswitch-switch/of0-privkey.pem} - : ${CERT:=/etc/openvswitch-switch/of0-cert.pem} - : ${CACERT:=/etc/openvswitch-switch/cacert.pem} - case $CONTROLLER in - '') - # Discovery mode. - if test -e "$PRIVKEY"; then - configure_ssl - fi - ;; - tcp:*) - ;; - ssl:*) - configure_ssl - ;; - *) - echo "$default: CONTROLLER must be in the form 'ssl:IP[:PORT]' or 'tcp:IP[:PORT]' when not in discovery mode" >&2 - echo "Run ovs-switch-setup (in the openvswitch-switch-config package) or edit /etc/default/openvswitch-switch to configure" >&2 - exit 1 - esac - case $DISCONNECTED_MODE in - ''|switch|drop) ;; - *) echo "$default: warning: DISCONNECTED_MODE is not 'switch' or 'drop'" >&2 ;; - esac - - check_int_var RATE_LIMIT 100 - check_int_var INACTIVITY_PROBE 5 - check_int_var MAX_BACKOFF 1 - - check_new_option --fail DISCONNECTED_MODE - check_new_option --stp STP - check_new_option --rate-limit RATE_LIMIT - check_new_option --inactivity INACTIVITY_PROBE - check_new_option --max-backoff MAX_BACKOFF - case $DAEMON_OPTS in - *--rate-limit*) - echo "$default: --rate-limit may now be set with RATE_LIMIT" >&2 - esac - - echo -n "Loading openvswitch_mod: " - if grep -q '^openvswitch_mod$' /proc/modules; then - echo "already loaded, nothing to do." - elif modprobe openvswitch_mod; then - echo "success." + + if test "$ENABLE_MONITOR" = y; then + monitor_opt=--monitor else - echo "ERROR." - echo "openvswitch_mod has probably not been built for this kernel." - if ! test -d /usr/share/doc/openvswitch-datapath-source; then - echo "Install the openvswitch-datapath-source package, then read" - echo "/usr/share/doc/openvswitch-datapath-source/README.Debian" - else - echo "For instructions, read" - echo "/usr/share/doc/openvswitch-datapath-source/README.Debian" - fi - exit 1 + monitor_opt= fi - for netdev in $NETDEVS; do - check_op "Removing IP address from $netdev" ifconfig $netdev 0.0.0.0 - done - - must_succeed "Creating datapath" ovs-dpctl add-dp of0 $NETDEVS - - xx='[0-9abcdefABCDEF][0-9abcdefABCDEF]' - case $DATAPATH_ID in - '') - # Check if the DMI System UUID contains a Nicira mac address - # that should be used for this datapath. The UUID is assumed - # to be RFC 4122 compliant. - DMIDECODE=`which dmidecode` - if [ -n $DMIDECODE ]; then - UUID_MAC=`$DMIDECODE -s system-uuid | cut -d'-' -f 5` - case $UUID_MAC in - $NICIRA_OUI*) - ifconfig of0 down - must_succeed "Setting of0 MAC address to $UUID_MAC" ifconfig of0 hw ether $UUID_MAC - ifconfig of0 up - ;; - esac - fi - ;; - $xx:$xx:$xx:$xx:$xx:$xx) - ifconfig of0 down - must_succeed "Setting of0 MAC address to $DATAPATH_ID" ifconfig of0 hw ether $DATAPATH_ID - ifconfig of0 up - ;; - *) - echo "DATAPATH_ID is not a valid MAC address in the form XX:XX:XX:XX:XX:XX, ignoring" >&2 - ;; - esac - - if test "$MODE" = in-band; then - if test "$SWITCH_IP" = dhcp; then - must_succeed "Temporarily disabling of0" ifconfig of0 down - else - COMMAND="ifconfig of0 $SWITCH_IP" - if test -n "$SWITCH_NETMASK"; then - COMMAND="$COMMAND netmask $SWITCH_NETMASK" - fi - must_succeed "Configuring of0: $COMMAND" $COMMAND - if test -n "$SWITCH_GATEWAY"; then - # This can fail because the route already exists, - # so we don't insist that it succeed. - COMMAND="route add default gw $SWITCH_GATEWAY" - check_op "Adding default route: $COMMAND" $COMMAND - fi - fi - else - must_succeed "Disabling of0" ifconfig of0 down + if [ ! -d /var/run/openvswitch ]; then + install -d -m 755 -o root -g root /var/run/openvswitch fi - if test -n "$CORE_LIMIT"; then - check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT" + if [ ! -d /var/log/openvswitch ]; then + install -d -m 755 -o root -g root /var/log/openvswitch fi - # Compose secchan options. + # Start ovsdb-server. set -- + set -- "$@" /etc/openvswitch/conf.db set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err - set -- "$@" --log-file - set -- "$@" --detach --pidfile=$PIDFILE - for vconn in $MGMT_VCONNS; do - set -- "$@" --listen="$vconn" - done - if test -n "$COMMANDS"; then - set -- "$@" --command-acl="$COMMANDS" - fi - case $STP in - yes) set -- "$@" --stp ;; - no) set -- "$@" --no-stp ;; - esac - case $DISCONNECTED_MODE in - switch) set -- "$@" --fail=open ;; - drop) set -- "$@" --fail=closed ;; - esac - if test -n "$RATE_LIMIT"; then - set -- "$@" --rate-limit=$RATE_LIMIT - fi - if test -n "$INACTIVITY_PROBE"; then - set -- "$@" --inactivity-probe=$INACTIVITY_PROBE - fi - if test -n "$MAX_BACKOFF"; then - set -- "$@" --max-backoff=$MAX_BACKOFF - fi - set -- "$@" $SSL_OPTS $DAEMON_OPTS - if test "$MODE" = out-of-band; then - set -- "$@" --out-of-band - fi - set -- "$@" of0 "$CONTROLLER" - echo -n "Starting $DESC: " - start-stop-daemon --start --quiet --pidfile $PIDFILE \ - --exec $DAEMON -- "$@" - if running; then - echo "$NAME." + set -- "$@" --log-file=/var/log/openvswitch/ovsdb-server.log + set -- "$@" --detach --pidfile $monitor_opt + set -- "$@" --remote punix:/var/run/openvswitch/db.sock + set -- "$@" --remote db:Open_vSwitch,managers + set -- "$@" --private-key=db:SSL,private_key + set -- "$@" --certificate=db:SSL,certificate + set -- "$@" --bootstrap-ca-cert=db:SSL,ca_cert + set -- "$@" $OVSDB_SERVER_OPTS + echo -n "Starting ovsdb-server: " + start-stop-daemon --start --quiet \ + --pidfile /var/run/openvswitch/ovsdb-server.pid \ + --exec $ovsdb_server -- "$@" + if running ovsdb-server; then + echo "ovsdb-server." else echo " ERROR." fi - if test "$MODE" = in-band && test "$SWITCH_IP" = dhcp; then - echo -n "Starting dhclient on of0: " - start-stop-daemon --start --quiet --pidfile $DHCLIENT_PIDFILE \ - --exec /sbin/dhclient -- -q -pf $DHCLIENT_PIDFILE of0 - if running; then - echo "dhclient." - else - echo " ERROR." - fi + ovs-vsctl --no-wait --timeout=5 init + + # Start ovs-vswitchd. + set -- + set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err + set -- "$@" --log-file=/var/log/openvswitch/ovs-vswitchd.log + set -- "$@" --detach --pidfile $monitor_opt + set -- "$@" unix:/var/run/openvswitch/db.sock + set -- "$@" $OVS_VSWITCHD_OPTS + echo -n "Starting ovs-vswitchd: " + start-stop-daemon --start --quiet \ + --pidfile /var/run/openvswitch/ovs-vswitchd.pid \ + --exec $ovs_vswitchd -- "$@" + if running ovs-vswitchd; then + echo "ovs-vswitchd." + else + echo " ERROR." fi - ;; + ;; stop) - if test -e /var/run/dhclient.of0.pid; then - echo -n "Stopping dhclient on of0: " - start-stop-daemon --stop --quiet --oknodo \ - --pidfile $DHCLIENT_PIDFILE --exec /sbin/dhclient - echo "dhclient." - fi - - echo -n "Stopping $DESC: " - start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE \ - --exec $DAEMON - echo "$NAME." - - check_op "Deleting datapath" ovs-dpctl del-dp of0 - check_op "Unloading kernel module" modprobe -r openvswitch_mod - ;; + echo -n "Stopping ovs-vswitchd: " + start-stop-daemon --stop --quiet --oknodo --retry 5 \ + --pidfile /var/run/openvswitch/ovs-vswitchd.pid \ + --exec $ovs_vswitchd + echo "ovs-vswitchd." + + echo -n "Stopping ovsdb-server: " + start-stop-daemon --stop --quiet --oknodo --retry 5 \ + --pidfile /var/run/openvswitch/ovsdb-server.pid \ + --exec $ovsdb_server + echo "ovsdb-server." + ;; force-stop) - echo -n "Forcefully stopping $DESC: " - force_stop - if ! running; then - echo "$NAME." + echo -n "Forcefully stopping ovs-vswitchd: " + force_stop ovs-vswitchd + if ! running ovs-vswitchd; then + echo "ovs-vswitchd." else echo " ERROR." fi - ;; + + echo -n "Forcefully stopping ovsdb-server: " + force_stop ovsdb-server + if ! running ovsdb-server; then + echo "ovsdb-server." + else + echo " ERROR." + fi + ;; + unload) + unload_modules + ;; reload) ;; force-reload) - start-stop-daemon --stop --test --quiet --pidfile \ - $PIDFILE --exec $DAEMON \ - && $0 restart \ - || exit 0 - ;; + # Nothing to do, since ovs-vswitchd automatically reloads + # whenever its configuration changes, and ovsdb-server doesn't + # have anything to reload. + ;; restart) $0 stop || true $0 start - ;; + ;; status) - echo -n "$NAME is " - if running ; then - echo "running" - else - echo " not running." - exit 1 - fi + for daemon in ovs-vswitchd ovsdb-server; do + echo -n "$daemon is " + if running $daemon; then + echo "running" + else + echo " not running." + exit 1 + fi + done ;; *) - N=/etc/init.d/$NAME - echo "Usage: $N {start|stop|restart|force-reload|status|force-stop}" >&2 - exit 1 - ;; + N=/etc/init.d/openvswitch-switch + echo "Usage: $N {start|stop|restart|force-reload|status|force-stop|unload}" >&2 + exit 1 + ;; esac exit 0