From patchwork Wed Feb 2 20:39:06 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladislav Odintsov X-Patchwork-Id: 1587791 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=OCD5pxSS; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.138; helo=smtp1.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4JptvF4s6tz9s9c for ; Thu, 3 Feb 2022 07:39:21 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id B250181948; Wed, 2 Feb 2022 20:39:19 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mUV5R57r_J66; Wed, 2 Feb 2022 20:39:18 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp1.osuosl.org (Postfix) with ESMTPS id 9AD498140B; Wed, 2 Feb 2022 20:39:17 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 68F3FC001A; Wed, 2 Feb 2022 20:39:17 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 776FCC000B for ; Wed, 2 Feb 2022 20:39:15 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 515B840201 for ; Wed, 2 Feb 2022 20:39:15 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp4.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gMejxuBjOo74 for ; Wed, 2 Feb 2022 20:39:14 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-lf1-x133.google.com (mail-lf1-x133.google.com [IPv6:2a00:1450:4864:20::133]) by smtp4.osuosl.org (Postfix) with ESMTPS id 5DD82401F6 for ; Wed, 2 Feb 2022 20:39:14 +0000 (UTC) Received: by mail-lf1-x133.google.com with SMTP id o12so1404737lfg.12 for ; Wed, 02 Feb 2022 12:39:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=VFbKpIz2mIqndzCVZmRQ8Pcm5obyED9CerS+8qwqZAk=; b=OCD5pxSSldxmWywuoyDb4uVojVYsyNWrdrcrwHCZt9u76/ei1KpTZuJoafBkiCo3Ou o9JN8dcNogpaQEo7D7TV3SR3IXV/QZ6csjopPQZVuq08DX01BcQBfZgbiV9rxvYV5Y82 +r2CeYw+Rsu1RTVJLZqe2SHpm2LcCArG5jeM3INr1K5Ufv4k7hj4DlxbRkdqhMohEZ5p zqe1mgQYbvHZ+Fi1dZddFbBYUBUKCeI9oGXRMfFVymtHjpLFtIgNyxbTFDWjrZB1Uqr0 sm4whIZllFL+MBPCTyx7e1kIR5Mw7RX5X7wS7Zc8wyaXbwUKm09deuigEmQmKQBL3N46 +zBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=VFbKpIz2mIqndzCVZmRQ8Pcm5obyED9CerS+8qwqZAk=; b=JJ4JSkSkavGPakQoor7wtYpu0AfU/vSum5AoTWbxrp7Iw/c+T50gMERyj5xhGCmFZ6 vi1zHJni56PRY9f2MMJXAb3qO4Qz/vmhaaFqF22HiFmuJ/cmS35khkeG3rWMPOFZLBFH lOlQCz6r44S40sMVS0wrQXWx3fzHvuPUYMvNRzl0BJKsDVS3ThEHTyHXGmJd5fCN+ABr iT1ZME+0+jslikguzMa95/1fSQb0wd/VHEIUhHyZRVKaOo1EYBrXnpRjgelmUm+4MGcK /BIbus4qUEQLfSLjZY3TDV/k5sYWvGhrS38IgIweXG8syv3YVRa0oOJEDIKDpAQ+To6D FM9A== X-Gm-Message-State: AOAM530VBJIyUefXS4ELFw+Wi4UzIcLJiLx58KxuskWDYdhlfeYKQkYz 3NHXH4rEb8c+6ecmZdP46DBuo4yt27GNWA== X-Google-Smtp-Source: ABdhPJzuFgOlGQuXZPYdBM6gqrTxHefzuzbkHGgvI09F0CEB++2mLVx7/xcsN4BUYiCcwSNtN2SD8Q== X-Received: by 2002:a05:6512:3b9a:: with SMTP id g26mr22828989lfv.71.1643834351877; Wed, 02 Feb 2022 12:39:11 -0800 (PST) Received: from localhost.localdomain (109-252-131-59.dynamic.spd-mgts.ru. [109.252.131.59]) by smtp.gmail.com with ESMTPSA id y19sm4687599lfb.191.2022.02.02.12.39.11 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 02 Feb 2022 12:39:11 -0800 (PST) From: Vladislav Odintsov To: dev@openvswitch.org Date: Wed, 2 Feb 2022 23:39:06 +0300 Message-Id: <20220202203906.15788-1-odivlad@gmail.com> X-Mailer: git-send-email 2.30.0 MIME-Version: 1.0 Cc: Vladislav Odintsov Subject: [ovs-dev] [PATCH ovn] vtep: provide option to check ovn-controller-vtep and ovn-northd versions X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Simlar to ovn-controller's behavior with checking internal version of ovn-northd and ovn-controller when option ovn-match-northd-version is defined, this commit adds same functionality for the ovn-controller-vtep daemon. This configuration option is located in the configured hardware_vtep database in the Global table's other_config:ovn-match-northd-version column/key. True value enforces check, while false or not defined values skip the check. The appropriate testcase is added as well. Signed-off-by: Vladislav Odintsov --- controller-vtep/ovn-controller-vtep.8.xml | 23 +++++++++- controller-vtep/ovn-controller-vtep.c | 50 +++++++++++++++++++-- tests/ovn-controller-vtep.at | 55 +++++++++++++++++++++++ 3 files changed, 124 insertions(+), 4 deletions(-) diff --git a/controller-vtep/ovn-controller-vtep.8.xml b/controller-vtep/ovn-controller-vtep.8.xml index 2c706e46e..0b9987bdb 100644 --- a/controller-vtep/ovn-controller-vtep.8.xml +++ b/controller-vtep/ovn-controller-vtep.8.xml @@ -34,7 +34,7 @@ information from both the ovnsb and the vtep database. If the database locations are not given from command line, the default is the db.sock in local OVSDB's 'run' directory. - The datapath location must take one of the following forms: + The database location must take one of the following forms:

  • @@ -77,4 +77,25 @@

+ +

+ ovn-controller-vtep assumes it gets configuration + information from the following keys in the Global + table of the connected hardware_vtep database: +

+ +

+

+
other_config:ovn-match-northd-version
+
+ The boolean flag indicates if ovn-controller-vtep needs to + check ovn-northd version. If this flag is set to true and + the ovn-northd's version (reported in the Southbound + database) doesn't match with the ovn-controller-vtep's + internal version, then it will stop processing the southbound and + connected hardware_vtep database changes. + The default value is considered false if this option is not defined. +
+
+

diff --git a/controller-vtep/ovn-controller-vtep.c b/controller-vtep/ovn-controller-vtep.c index 1d35c7f04..50f412b95 100644 --- a/controller-vtep/ovn-controller-vtep.c +++ b/controller-vtep/ovn-controller-vtep.c @@ -30,6 +30,7 @@ #include "fatal-signal.h" #include "openvswitch/poll-loop.h" #include "simap.h" +#include "ovsdb-idl.h" #include "stream.h" #include "stream-ssl.h" #include "unixctl.h" @@ -45,6 +46,8 @@ #include "vtep.h" #include "ovn-controller-vtep.h" +VLOG_DEFINE_THIS_MODULE(main); + static unixctl_cb_func ovn_controller_vtep_exit; static void parse_options(int argc, char *argv[]); @@ -54,6 +57,37 @@ static char *vtep_remote; static char *ovnsb_remote; static char *default_db_; +/* Returns true if the northd internal version stored in SB_Global + * and ovn-controller-vtep internal version match. + */ +static bool +check_northd_version(struct ovsdb_idl *vtep_idl, struct ovsdb_idl *ovnsb_idl, + const char *version) +{ + const struct vteprec_global *cfg = vteprec_global_first(vtep_idl); + if (!cfg || !smap_get_bool(&cfg->other_config, "ovn-match-northd-version", + false)) { + return true; + } + + const struct sbrec_sb_global *sb = sbrec_sb_global_first(ovnsb_idl); + if (!sb) { + return false; + } + + const char *northd_version = + smap_get_def(&sb->options, "northd_internal_version", ""); + + if (strcmp(northd_version, version)) { + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); + VLOG_WARN_RL(&rl, "controller-vtep version - %s mismatch with northd " + "version - %s", version, northd_version); + return false; + } + + return true; +} + int main(int argc, char *argv[]) { @@ -91,6 +125,9 @@ main(int argc, char *argv[]) ovsdb_idl_create(ovnsb_remote, &sbrec_idl_class, true, true)); ovsdb_idl_get_initial_snapshot(ovnsb_idl_loop.idl); + char *ovn_version = ovn_get_internal_version(); + VLOG_INFO("OVN internal version is : [%s]", ovn_version); + /* Main loop. */ exiting = false; while (!exiting) { @@ -109,9 +146,16 @@ main(int argc, char *argv[]) memory_report(&usage); simap_destroy(&usage); } - gateway_run(&ctx); - binding_run(&ctx); - vtep_run(&ctx); + + if (ovsdb_idl_has_ever_connected(ovnsb_idl_loop.idl) && + ovsdb_idl_has_ever_connected(vtep_idl_loop.idl) && + check_northd_version(vtep_idl_loop.idl, ovnsb_idl_loop.idl, + ovn_version)) { + gateway_run(&ctx); + binding_run(&ctx); + vtep_run(&ctx); + } + unixctl_server_run(unixctl); unixctl_server_wait(unixctl); diff --git a/tests/ovn-controller-vtep.at b/tests/ovn-controller-vtep.at index 08e1d13e7..35afeea74 100644 --- a/tests/ovn-controller-vtep.at +++ b/tests/ovn-controller-vtep.at @@ -627,3 +627,58 @@ priority=110,tun_id=0x<>,in_port=<> actions=move:NXM_NX_TUN_ID[[0..23]]->OXM_OF_ OVN_CLEANUP([hv1]) AT_CLEANUP ]) + +AT_SETUP([ovn -- check ovn-northd and ovn-controller-vtep version pinning]) +ovn_start +OVN_CONTROLLER_VTEP_START(vtep1) +net_add n1 + +# adds vlan_bindings to physical ports. +check as vtep1 vtep-ctl add-ls lswitch0 -- bind-ls vtep1 p0 100 lswitch0 -- bind-ls vtep1 p0 200 lswitch0 -- bind-ls vtep1 p1 300 lswitch0 +OVS_WAIT_UNTIL([test -n "`ovn-sbctl list Chassis | grep -- lswitch0`"]) +AT_CHECK([ovn-sbctl --columns=vtep_logical_switches list Chassis | cut -d ':' -f2 | tr -d ' ' ], [0], [dnl +[[lswitch0]] +]) + +northd_version=$(ovn-sbctl get SB_Global . options:northd_internal_version | sed s/\"//g) +echo "northd version = $northd_version" +AT_CHECK([grep -c $northd_version vtep1/ovn-controller-vtep.log], [0], [1 +]) + +# Stop ovn-northd so that we can modify the northd_version. +as northd +OVS_APP_EXIT_AND_WAIT([ovn-northd]) + +as northd-backup +OVS_APP_EXIT_AND_WAIT([ovn-northd]) + +check ovn-sbctl set SB_Global . options:northd_internal_version=foo +check ovn-sbctl set Chassis vtep1 vtep_logical_switches=foo + +# ovn-controller-vtep should reset vtep_logical_switches to previous value +# since ovn-match-northd-version is not true. +AT_CHECK([ovn-sbctl --columns=vtep_logical_switches list Chassis | cut -d ':' -f2 | tr -d ' ' ], [0], [dnl +[[lswitch0]] +]) + +check as vtep1 vtep-ctl set global . other_config:ovn-match-northd-version=true + +OVS_WAIT_UNTIL( + [test 1 = $(grep -c "controller-vtep version - $northd_version mismatch with northd version - foo" vtep1/ovn-controller-vtep.log) +]) + +check ovn-sbctl set Chassis vtep1 vtep_logical_switches=foo + +# ovn-controller-vtep should not set vtep_logical_switches back since there is a version mismatch +AT_CHECK([ovn-sbctl --columns=vtep_logical_switches list Chassis | cut -d ':' -f2 | tr -d ' ' ], [0], [dnl +[[foo]] +]) + +check ovn-sbctl set SB_Global . options:northd_internal_version=$northd_version + +# ovn-controller-vtep should set vtep_logical_switches back since versions match +AT_CHECK([ovn-sbctl --columns=vtep_logical_switches list Chassis | cut -d ':' -f2 | tr -d ' ' ], [0], [dnl +[[lswitch0]] +]) + +AT_CLEANUP