From bc5962174a0e6f2b3f781430cfb66804452d22f3 Mon Sep 17 00:00:00 2001 From: Ben Pfaff Date: Tue, 20 Jan 2009 13:33:44 -0800 Subject: [PATCH] Debian packaging: Add several new settings to /etc/default/openflow-switch. --- debian/openflow-switch.init | 92 ++++++++++++++++++++++++++------- debian/openflow-switch.postinst | 11 ++-- debian/openflow-switch.template | 36 ++++++++++++- 3 files changed, 117 insertions(+), 22 deletions(-) diff --git a/debian/openflow-switch.init b/debian/openflow-switch.init index f4571b2a0..5e6d595af 100755 --- a/debian/openflow-switch.init +++ b/debian/openflow-switch.init @@ -159,6 +159,29 @@ configure_ssl() { fi } +check_int_var() { + eval value=\$$1 + if test -n "$value"; then + if expr "X$value" : 'X[0-9][0-9]*$'; then + if test $value -lt $2; then + echo "warning: The $1 option may not be set to a value below $2, treating as $2" >&2 + eval $1=$2 + fi + else + echo "warning: The $1 option must be set to a number, ignoring" >&2 + unset $1 + fi + fi +} + +check_new_option() { + case $DAEMON_OPTS in + *$1*) + echo "warning: The $1 option in DAEMON_OPTS may now be set with the $2 variable in $default. The setting in DAEMON_OPTS will override the $2 variable, which will prevent the switch UI from configuring $1." >&2 + ;; + esac +} + case "$1" in start) if test -z "$NETDEVS"; then @@ -199,6 +222,24 @@ case "$1" in echo "Run ofp-switch-setup (in the openflow-switch-config package) or edit /etc/default/openflow-switch to configure" >&2 exit 1 esac + case $DISCONNECTED_MODE in + ''|switch|drop) ;; + *) echo "$default: warning: DISCONNECTED_MODE is not 'switch' or 'drop'" >&2 ;; + esac + + check_int_var RATE_LIMIT 100 + check_int_var INACTIVITY_PROBE 5 + check_int_var MAX_BACKOFF 1 + + check_new_option --fail DISCONNECTED_MODE + check_new_option --stp STP + check_new_option --rate-limit RATE_LIMIT + check_new_option --inactivity INACTIVITY_PROBE + check_new_option --max-backoff MAX_BACKOFF + case $DAEMON_OPTS in + *--rate-limit*) + echo "$default: --rate-limit may now be set with RATE_LIMIT" >&2 + esac echo -n "Loading openflow_mod: " if grep -q '^openflow_mod$' /proc/modules; then @@ -257,34 +298,49 @@ case "$1" in must_succeed "Disabling of0" ifconfig of0 down fi - MGMT_OPTS= + if test -n "$CORE_LIMIT"; then + check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT" + fi + + # Compose secchan options. + set -- + set -- "$@" --verbose=ANY:console:emer --verbose=ANY:syslog:err + set -- "$@" --log-file + set -- "$@" --detach --pidfile=$PIDFILE for vconn in $MGMT_VCONNS; do - MGMT_OPTS="$MGMT_OPTS --listen=$vconn" + set -- "$@" --listen="$vconn" done - - MONITOR_OPT= if test -n "$MONITOR_VCONN"; then - MONITOR_OPT="--monitor=$MONITOR_VCONN" + set -- "$@" --monitor="$MONITOR_VCONN" fi - - COMMAND_OPT= if test -n "$COMMANDS"; then - COMMAND_OPT="--command-acl='$COMMANDS'" + set -- "$@" --command-acl="$COMMANDS" fi - - if test "$MODE" = out-of-band; then - DAEMON_OPTS="$DAEMON_OPTS --out-of-band" + case $STP in + yes) set -- "$@" --stp ;; + no) set -- "$@" --no-stp ;; + esac + case $DISCONNECTED_MODE in + switch) set -- "$@" --fail=open ;; + drop) set -- "$@" --fail=closed ;; + esac + if test -n "$RATE_LIMIT"; then + set -- "$@" --rate-limit=$RATE_LIMIT fi - - if test -n "$CORE_LIMIT"; then - check_op "Setting core limit to $CORE_LIMIT" ulimit -c "$CORE_LIMIT" + if test -n "$INACTIVITY_PROBE"; then + set -- "$@" --inactivity-probe=$INACTIVITY_PROBE fi - + if test -n "$MAX_BACKOFF"; then + set -- "$@" --max-backoff=$MAX_BACKOFF + fi + set -- "$@" $SSL_OPTS $DAEMON_OPTS + if test "$MODE" = out-of-band; then + set -- "$@" --out-of-band + fi + set -- "$@" nl:0 "$CONTROLLER" echo -n "Starting $DESC: " start-stop-daemon --start --quiet --pidfile $PIDFILE \ - --exec $DAEMON -- nl:0 $CONTROLLER --detach --pidfile=$PIDFILE \ - --verbose=ANY:console:emer --verbose=ANY:syslog:err --log-file \ - $DAEMON_OPTS $MGMT_OPTS $MONITOR_OPT $SSL_OPTS $COMMAND_OPT + --exec $DAEMON -- "$@" if running; then echo "$NAME." else diff --git a/debian/openflow-switch.postinst b/debian/openflow-switch.postinst index 6e75786e6..4f96db3aa 100755 --- a/debian/openflow-switch.postinst +++ b/debian/openflow-switch.postinst @@ -24,9 +24,14 @@ case "$1" in TEMPLATE=/usr/share/openflow/switch/default.template if ! test -e $DEFAULT; then cp $TEMPLATE $DEFAULT - elif ! grep DATAPATH_ID $DEFAULT; then - echo >> $DEFAULT - sed -n '/DATAPATH_ID:/,/DATAPATH_ID=/p' $TEMPLATE >> $DEFAULT + else + for var in $(awk -F'[ :]' '/^# [_A-Z0-9]+:/{print $2}' $TEMPLATE) + do + if ! grep $var $DEFAULT >/dev/null 2>&1; then + echo >> $DEFAULT + sed -n "/$var:/,/$var=/p" $TEMPLATE >> $DEFAULT + fi + done fi ;; diff --git a/debian/openflow-switch.template b/debian/openflow-switch.template index 7eedab527..2b78b6ba0 100644 --- a/debian/openflow-switch.template +++ b/debian/openflow-switch.template @@ -49,7 +49,7 @@ MODE=discovery # # * For static configuration, specify the switch's IP address as a # string. In this case you may also set SWITCH_NETMASK and -# SWITCH_GATEWAY appropriately. +# SWITCH_GATEWAY appropriately (see below). # # * For dynamic configuration with DHCP (the most common case), # specify "dhcp". Configuration with DHCP will only work reliably @@ -58,7 +58,13 @@ MODE=discovery # # This setting has no effect unless MODE is set to 'in-band'. SWITCH_IP=dhcp + +# SWITCH_NETMASK: IP netmask to use in 'in-band' mode when the switch +# IP address is not 'dhcp'. #SWITCH_NETMASK=255.255.255.0 + +# SWITCH_GATEWAY: IP gateway to use in 'in-band' mode when the switch +# IP address is not 'dhcp'. #SWITCH_GATEWAY=192.168.1.1 # CONTROLLER: Location of controller. @@ -113,6 +119,34 @@ MONITOR_VCONN="punix:/var/run/secchan.monitor" # pattern and not match any negative patterns. #COMMANDS="reboot,update" +# DISCONNECTED_MODE: Switch behavior when attempts to connect to the +# controller repeatedly fail, either 'switch', to act as an L2 switch +# in this case, or 'drop', to drop all packets (except those necessary +# to connect to the controller). If unset, the default is 'drop'. +#DISCONNECTED_MODE=switch + +# STP: Enable or disabled 802.1D-1998 Spanning Tree Protocol. Set to +# 'yes' to enable STP, 'no' to disable it. If unset, secchan's +# current default is 'no' (but this may change in the future). +#STP=no + +# RATE_LIMIT: Maximum number of received frames, that do not match any +# existing switch flow, to forward up to the controller per second. +# The valid range is 100 and up. If unset, this rate will not be +# limited. +#RATE_LIMIT=1000 + +# INACTIVITY_PROBE: The maximum number of seconds of inactivity on the +# controller connection before secchan sends an inactivity probe +# message to the controller. The valid range is 5 and up. If unset, +# secchan defaults to 15 seconds. +#INACTIVITY_PROBE=5 + +# MAX_BACKOFF: The maximum time that secchan will wait between +# attempts to connect to the controller. The valid range is 1 and up. +# If unset, secchan defaults to 15 seconds. +#MAX_BACKOFF=15 + # DAEMON_OPTS: Additional options to pass to secchan, e.g. "--fail=open" DAEMON_OPTS="" -- 2.43.0