From patchwork Wed Feb 2 20:39:06 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Vladislav Odintsov
X-Patchwork-Id: 1587791
Return-Path:
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: bilbo.ozlabs.org;
dkim=fail reason="signature verification failed" (2048-bit key;
unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
header.s=20210112 header.b=OCD5pxSS;
dkim-atps=neutral
Authentication-Results: ozlabs.org;
spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org
(client-ip=140.211.166.138; helo=smtp1.osuosl.org;
envelope-from=ovs-dev-bounces@openvswitch.org; receiver=)
Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
SHA256)
(No client certificate requested)
by bilbo.ozlabs.org (Postfix) with ESMTPS id 4JptvF4s6tz9s9c
for ; Thu, 3 Feb 2022 07:39:21 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
by smtp1.osuosl.org (Postfix) with ESMTP id B250181948;
Wed, 2 Feb 2022 20:39:19 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp1.osuosl.org ([127.0.0.1])
by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id mUV5R57r_J66; Wed, 2 Feb 2022 20:39:18 +0000 (UTC)
Received: from lists.linuxfoundation.org (lf-lists.osuosl.org
[IPv6:2605:bc80:3010:104::8cd3:938])
by smtp1.osuosl.org (Postfix) with ESMTPS id 9AD498140B;
Wed, 2 Feb 2022 20:39:17 +0000 (UTC)
Received: from lf-lists.osuosl.org (localhost [127.0.0.1])
by lists.linuxfoundation.org (Postfix) with ESMTP id 68F3FC001A;
Wed, 2 Feb 2022 20:39:17 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@lists.linuxfoundation.org
Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])
by lists.linuxfoundation.org (Postfix) with ESMTP id 776FCC000B
for ; Wed, 2 Feb 2022 20:39:15 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp4.osuosl.org (Postfix) with ESMTP id 515B840201
for ; Wed, 2 Feb 2022 20:39:15 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Authentication-Results: smtp4.osuosl.org (amavisd-new);
dkim=pass (2048-bit key) header.d=gmail.com
Received: from smtp4.osuosl.org ([127.0.0.1])
by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id gMejxuBjOo74 for ;
Wed, 2 Feb 2022 20:39:14 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.8.0
Received: from mail-lf1-x133.google.com (mail-lf1-x133.google.com
[IPv6:2a00:1450:4864:20::133])
by smtp4.osuosl.org (Postfix) with ESMTPS id 5DD82401F6
for ; Wed, 2 Feb 2022 20:39:14 +0000 (UTC)
Received: by mail-lf1-x133.google.com with SMTP id o12so1404737lfg.12
for ; Wed, 02 Feb 2022 12:39:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
h=from:to:cc:subject:date:message-id:mime-version
:content-transfer-encoding;
bh=VFbKpIz2mIqndzCVZmRQ8Pcm5obyED9CerS+8qwqZAk=;
b=OCD5pxSSldxmWywuoyDb4uVojVYsyNWrdrcrwHCZt9u76/ei1KpTZuJoafBkiCo3Ou
o9JN8dcNogpaQEo7D7TV3SR3IXV/QZ6csjopPQZVuq08DX01BcQBfZgbiV9rxvYV5Y82
+r2CeYw+Rsu1RTVJLZqe2SHpm2LcCArG5jeM3INr1K5Ufv4k7hj4DlxbRkdqhMohEZ5p
zqe1mgQYbvHZ+Fi1dZddFbBYUBUKCeI9oGXRMfFVymtHjpLFtIgNyxbTFDWjrZB1Uqr0
sm4whIZllFL+MBPCTyx7e1kIR5Mw7RX5X7wS7Zc8wyaXbwUKm09deuigEmQmKQBL3N46
+zBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
:content-transfer-encoding;
bh=VFbKpIz2mIqndzCVZmRQ8Pcm5obyED9CerS+8qwqZAk=;
b=JJ4JSkSkavGPakQoor7wtYpu0AfU/vSum5AoTWbxrp7Iw/c+T50gMERyj5xhGCmFZ6
vi1zHJni56PRY9f2MMJXAb3qO4Qz/vmhaaFqF22HiFmuJ/cmS35khkeG3rWMPOFZLBFH
lOlQCz6r44S40sMVS0wrQXWx3fzHvuPUYMvNRzl0BJKsDVS3ThEHTyHXGmJd5fCN+ABr
iT1ZME+0+jslikguzMa95/1fSQb0wd/VHEIUhHyZRVKaOo1EYBrXnpRjgelmUm+4MGcK
/BIbus4qUEQLfSLjZY3TDV/k5sYWvGhrS38IgIweXG8syv3YVRa0oOJEDIKDpAQ+To6D
FM9A==
X-Gm-Message-State: AOAM530VBJIyUefXS4ELFw+Wi4UzIcLJiLx58KxuskWDYdhlfeYKQkYz
3NHXH4rEb8c+6ecmZdP46DBuo4yt27GNWA==
X-Google-Smtp-Source:
ABdhPJzuFgOlGQuXZPYdBM6gqrTxHefzuzbkHGgvI09F0CEB++2mLVx7/xcsN4BUYiCcwSNtN2SD8Q==
X-Received: by 2002:a05:6512:3b9a:: with SMTP id
g26mr22828989lfv.71.1643834351877;
Wed, 02 Feb 2022 12:39:11 -0800 (PST)
Received: from localhost.localdomain (109-252-131-59.dynamic.spd-mgts.ru.
[109.252.131.59])
by smtp.gmail.com with ESMTPSA id y19sm4687599lfb.191.2022.02.02.12.39.11
(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
Wed, 02 Feb 2022 12:39:11 -0800 (PST)
From: Vladislav Odintsov
To: dev@openvswitch.org
Date: Wed, 2 Feb 2022 23:39:06 +0300
Message-Id: <20220202203906.15788-1-odivlad@gmail.com>
X-Mailer: git-send-email 2.30.0
MIME-Version: 1.0
Cc: Vladislav Odintsov
Subject: [ovs-dev] [PATCH ovn] vtep: provide option to check
ovn-controller-vtep and ovn-northd versions
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id:
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Errors-To: ovs-dev-bounces@openvswitch.org
Sender: "dev"
Simlar to ovn-controller's behavior with checking internal
version of ovn-northd and ovn-controller when option
ovn-match-northd-version is defined, this commit adds same
functionality for the ovn-controller-vtep daemon.
This configuration option is located in the configured
hardware_vtep database in the Global table's
other_config:ovn-match-northd-version column/key.
True value enforces check, while false or not defined values
skip the check.
The appropriate testcase is added as well.
Signed-off-by: Vladislav Odintsov
---
controller-vtep/ovn-controller-vtep.8.xml | 23 +++++++++-
controller-vtep/ovn-controller-vtep.c | 50 +++++++++++++++++++--
tests/ovn-controller-vtep.at | 55 +++++++++++++++++++++++
3 files changed, 124 insertions(+), 4 deletions(-)
diff --git a/controller-vtep/ovn-controller-vtep.8.xml b/controller-vtep/ovn-controller-vtep.8.xml
index 2c706e46e..0b9987bdb 100644
--- a/controller-vtep/ovn-controller-vtep.8.xml
+++ b/controller-vtep/ovn-controller-vtep.8.xml
@@ -34,7 +34,7 @@
information from both the ovnsb and the vtep database. If the
database locations are not given from command line, the default
is the db.sock
in local OVSDB's 'run' directory.
- The datapath location must take one of the following forms:
+ The database location must take one of the following forms:
+
+
+ ovn-controller-vtep
assumes it gets configuration
+ information from the following keys in the Global
+ table of the connected hardware_vtep
database:
+
+
+
+
+ other_config:ovn-match-northd-version
+ -
+ The boolean flag indicates if
ovn-controller-vtep
needs to
+ check ovn-northd
version. If this flag is set to true and
+ the ovn-northd's
version (reported in the Southbound
+ database) doesn't match with the ovn-controller-vtep's
+ internal version, then it will stop processing the southbound and
+ connected hardware_vtep
database changes.
+ The default value is considered false if this option is not defined.
+
+
+
diff --git a/controller-vtep/ovn-controller-vtep.c b/controller-vtep/ovn-controller-vtep.c
index 1d35c7f04..50f412b95 100644
--- a/controller-vtep/ovn-controller-vtep.c
+++ b/controller-vtep/ovn-controller-vtep.c
@@ -30,6 +30,7 @@
#include "fatal-signal.h"
#include "openvswitch/poll-loop.h"
#include "simap.h"
+#include "ovsdb-idl.h"
#include "stream.h"
#include "stream-ssl.h"
#include "unixctl.h"
@@ -45,6 +46,8 @@
#include "vtep.h"
#include "ovn-controller-vtep.h"
+VLOG_DEFINE_THIS_MODULE(main);
+
static unixctl_cb_func ovn_controller_vtep_exit;
static void parse_options(int argc, char *argv[]);
@@ -54,6 +57,37 @@ static char *vtep_remote;
static char *ovnsb_remote;
static char *default_db_;
+/* Returns true if the northd internal version stored in SB_Global
+ * and ovn-controller-vtep internal version match.
+ */
+static bool
+check_northd_version(struct ovsdb_idl *vtep_idl, struct ovsdb_idl *ovnsb_idl,
+ const char *version)
+{
+ const struct vteprec_global *cfg = vteprec_global_first(vtep_idl);
+ if (!cfg || !smap_get_bool(&cfg->other_config, "ovn-match-northd-version",
+ false)) {
+ return true;
+ }
+
+ const struct sbrec_sb_global *sb = sbrec_sb_global_first(ovnsb_idl);
+ if (!sb) {
+ return false;
+ }
+
+ const char *northd_version =
+ smap_get_def(&sb->options, "northd_internal_version", "");
+
+ if (strcmp(northd_version, version)) {
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1);
+ VLOG_WARN_RL(&rl, "controller-vtep version - %s mismatch with northd "
+ "version - %s", version, northd_version);
+ return false;
+ }
+
+ return true;
+}
+
int
main(int argc, char *argv[])
{
@@ -91,6 +125,9 @@ main(int argc, char *argv[])
ovsdb_idl_create(ovnsb_remote, &sbrec_idl_class, true, true));
ovsdb_idl_get_initial_snapshot(ovnsb_idl_loop.idl);
+ char *ovn_version = ovn_get_internal_version();
+ VLOG_INFO("OVN internal version is : [%s]", ovn_version);
+
/* Main loop. */
exiting = false;
while (!exiting) {
@@ -109,9 +146,16 @@ main(int argc, char *argv[])
memory_report(&usage);
simap_destroy(&usage);
}
- gateway_run(&ctx);
- binding_run(&ctx);
- vtep_run(&ctx);
+
+ if (ovsdb_idl_has_ever_connected(ovnsb_idl_loop.idl) &&
+ ovsdb_idl_has_ever_connected(vtep_idl_loop.idl) &&
+ check_northd_version(vtep_idl_loop.idl, ovnsb_idl_loop.idl,
+ ovn_version)) {
+ gateway_run(&ctx);
+ binding_run(&ctx);
+ vtep_run(&ctx);
+ }
+
unixctl_server_run(unixctl);
unixctl_server_wait(unixctl);
diff --git a/tests/ovn-controller-vtep.at b/tests/ovn-controller-vtep.at
index 08e1d13e7..35afeea74 100644
--- a/tests/ovn-controller-vtep.at
+++ b/tests/ovn-controller-vtep.at
@@ -627,3 +627,58 @@ priority=110,tun_id=0x<>,in_port=<> actions=move:NXM_NX_TUN_ID[[0..23]]->OXM_OF_
OVN_CLEANUP([hv1])
AT_CLEANUP
])
+
+AT_SETUP([ovn -- check ovn-northd and ovn-controller-vtep version pinning])
+ovn_start
+OVN_CONTROLLER_VTEP_START(vtep1)
+net_add n1
+
+# adds vlan_bindings to physical ports.
+check as vtep1 vtep-ctl add-ls lswitch0 -- bind-ls vtep1 p0 100 lswitch0 -- bind-ls vtep1 p0 200 lswitch0 -- bind-ls vtep1 p1 300 lswitch0
+OVS_WAIT_UNTIL([test -n "`ovn-sbctl list Chassis | grep -- lswitch0`"])
+AT_CHECK([ovn-sbctl --columns=vtep_logical_switches list Chassis | cut -d ':' -f2 | tr -d ' ' ], [0], [dnl
+[[lswitch0]]
+])
+
+northd_version=$(ovn-sbctl get SB_Global . options:northd_internal_version | sed s/\"//g)
+echo "northd version = $northd_version"
+AT_CHECK([grep -c $northd_version vtep1/ovn-controller-vtep.log], [0], [1
+])
+
+# Stop ovn-northd so that we can modify the northd_version.
+as northd
+OVS_APP_EXIT_AND_WAIT([ovn-northd])
+
+as northd-backup
+OVS_APP_EXIT_AND_WAIT([ovn-northd])
+
+check ovn-sbctl set SB_Global . options:northd_internal_version=foo
+check ovn-sbctl set Chassis vtep1 vtep_logical_switches=foo
+
+# ovn-controller-vtep should reset vtep_logical_switches to previous value
+# since ovn-match-northd-version is not true.
+AT_CHECK([ovn-sbctl --columns=vtep_logical_switches list Chassis | cut -d ':' -f2 | tr -d ' ' ], [0], [dnl
+[[lswitch0]]
+])
+
+check as vtep1 vtep-ctl set global . other_config:ovn-match-northd-version=true
+
+OVS_WAIT_UNTIL(
+ [test 1 = $(grep -c "controller-vtep version - $northd_version mismatch with northd version - foo" vtep1/ovn-controller-vtep.log)
+])
+
+check ovn-sbctl set Chassis vtep1 vtep_logical_switches=foo
+
+# ovn-controller-vtep should not set vtep_logical_switches back since there is a version mismatch
+AT_CHECK([ovn-sbctl --columns=vtep_logical_switches list Chassis | cut -d ':' -f2 | tr -d ' ' ], [0], [dnl
+[[foo]]
+])
+
+check ovn-sbctl set SB_Global . options:northd_internal_version=$northd_version
+
+# ovn-controller-vtep should set vtep_logical_switches back since versions match
+AT_CHECK([ovn-sbctl --columns=vtep_logical_switches list Chassis | cut -d ':' -f2 | tr -d ' ' ], [0], [dnl
+[[lswitch0]]
+])
+
+AT_CLEANUP