[ovs-dev] [PATCH RFC v1] OVS/OVN: Containerize components
Aliasgar Ginwala
amginwal at gmail.com
Sat Jul 27 02:42:15 UTC 2019
1.Start OVS/OVN components in containers so that building and shipping
of OVS/OVN components is easy.
2.Load OVS kernel modules on host from container to avoid installing ovs
on host.
Signed-off-by: aginwala <aginwala at ebay.com>
---
utilities/automake.mk | 12 +-
utilities/docker/Makefile | 22 ++++
utilities/docker/README.md | 107 ++++++++++++++++++
utilities/docker/create_ovs_ovn_dbs.sh | 17 +++
utilities/docker/ovn_default_nb_port | 1 +
utilities/docker/ovn_default_northd_host | 1 +
utilities/docker/ovn_default_sb_port | 1 +
utilities/docker/ovs-override.conf | 4 +
utilities/docker/start-ovs-ovn | 65 +++++++++++
utilities/docker/u1604/Dockerfile | 23 ++++
.../docker/u1604/build-kernel-modules.sh | 43 +++++++
11 files changed, 295 insertions(+), 1 deletion(-)
create mode 100644 utilities/docker/Makefile
create mode 100644 utilities/docker/README.md
create mode 100755 utilities/docker/create_ovs_ovn_dbs.sh
create mode 100644 utilities/docker/ovn_default_nb_port
create mode 100644 utilities/docker/ovn_default_northd_host
create mode 100644 utilities/docker/ovn_default_sb_port
create mode 100644 utilities/docker/ovs-override.conf
create mode 100755 utilities/docker/start-ovs-ovn
create mode 100644 utilities/docker/u1604/Dockerfile
create mode 100755 utilities/docker/u1604/build-kernel-modules.sh
diff --git a/utilities/automake.mk b/utilities/automake.mk
index a5bb27e2b..876dc1bc1 100644
--- a/utilities/automake.mk
+++ b/utilities/automake.mk
@@ -58,7 +58,17 @@ EXTRA_DIST += \
utilities/ovs-test.in \
utilities/ovs-vlan-test.in \
utilities/ovs-vsctl-bashcomp.bash \
- utilities/checkpatch.py
+ utilities/checkpatch.py \
+ utilities/docker/Makefile \
+ utilities/docker/README.md \
+ utilities/docker/ovs-override.conf \
+ utilities/docker/start-ovs-ovn \
+ utilities/docker/create_ovs_ovn_dbs.sh \
+ utilities/docker/ovn_default_nb_port \
+ utilities/docker/ovn_default_sb_port \
+ utilities/docker/ovn_default_northd_host \
+ utilities/docker/u1604/Dockerfile \
+ utilities/docker/u1604/build-kernel-modules.sh
MAN_ROOTS += \
utilities/ovs-appctl.8.in \
utilities/ovs-testcontroller.8.in \
diff --git a/utilities/docker/Makefile b/utilities/docker/Makefile
new file mode 100644
index 000000000..9fb9ba3fe
--- /dev/null
+++ b/utilities/docker/Makefile
@@ -0,0 +1,22 @@
+#export OVS_BRANCH=branch-2.11
+#export OVS_VERSION=2.11
+#export KERNEL_VERSION=4.15.0-54-generic
+#export DISTRO=u1604
+#export GITHUB_SRC=https://github.com/openvswitch/ovs.git
+#export DOCKER_REPO=openvswitch/ovs
+
+# Example:
+# make build
+# make push
+
+REPO = ${DOCKER_REPO}
+tag = ${OVS_VERSION}_${KERNEL_VERSION}
+
+build: ;docker build -t ${REPO}:${tag} --build-arg DISTRO=${DISTRO} \
+--build-arg OVS_BRANCH=${OVS_BRANCH} \
+--build-arg KERNEL_VERSION=${KERNEL_VERSION} \
+--build-arg GITHUB_SRC=${GITHUB_SRC} -f ${DISTRO}/Dockerfile .
+
+.PHONY: build
+
+push: ;docker push ${REPO}:${tag}
diff --git a/utilities/docker/README.md b/utilities/docker/README.md
new file mode 100644
index 000000000..9ce4bf9d1
--- /dev/null
+++ b/utilities/docker/README.md
@@ -0,0 +1,107 @@
+# Containerize OVS/OVN components
+
+ - Start OVS/OVN components in containers so that building and shipping
+ of OVS/OVN components is easy.
+
+ - Load OVS kernel modules on host from container to avoid installing ovs
+ on host.
+
+## How to build?
+
+To build, ensure Docker engine installed and `docker ps` command works for
+current user.
+
+Export following variables in .env and place it under
+project root:
+ -`OVS_BRANCH=<BRANCH>`
+ -`OVS_VERSION=<VERSION>`
+ -`KERNEL_VERSION=<LINUX_VERSION>`
+ -`DISTRO=<LINUX_DISTRO>`
+ -`GITHUB_SRC=<GITHUB_URL>`
+ -`DOCKER_REPO=<REPO_TO_PUSH_IMAGE>`
+
+To build ovs/ovn modules for each of the supported Distros:
+
+ ```sh
+ make build
+ ```
+
+Compiled Modules will be tagged with docker image
+
+To Push ovs/ovn modules for each of the supported Distros:
+
+ ```sh
+ make push
+ ```
+
+OVS/OVN docker image will be pushed to specified docker repo
+
+## How to start OVS containers?
+
+Start ovsdb-server that runs on HVs, GWs and OVN central nodes
+
+ - docker run -itd --net=host --name=ovsdb-server \
+ <docker_repo>:<tag>c ovsdb-server
+
+ - docker run -itd --net=host --name=ovs-vswitchd \
+ --volumes-from=ovsdb-server --privileged \
+ <docker_repo>:<tag> ovs-vswitchd -v /lib:/lib
+
+## How to start OVN Central nodes Components?
+
+ - docker run -itd --net=host --name=ovn-nb \
+ <docker_repo>:<tag> ovn-nb-tcp
+
+ - docker run -itd --net=host --name=ovn-sb \
+ <docker_repo>:<tag> ovn-sb-tcp
+
+ - docker run -itd --net=host --name=ovn-northd \
+ <docker_repo>:<tag> ovn-northd-tcp
+
+### How to start OVN HV/GW nodes components?
+
+Start ovsdb-server and ovs-vswitchd components as listed above and then
+
+start local ovn-controller.
+
+ - docker run -itd --net=host --name=ovn-controller \
+ --volumes-from=ovsdb-server \
+ <docker_repo>:<tag> ovn-controller
+
+## What is supported?
+
+Docker based build for following distros
+
+ - Ubuntu 16 with LTS (tested with 4.4+).
+
+OpenvSwitch components
+
+ - ovsdb server
+
+ - ovs vswitchd
+
+Open Virtual Network components
+
+ - Northbound db, Southbound db and Northd in standalone mode with
+ protocol tcp.
+
+ - OVN controller for HV and GW.
+
+## Troubleshooting
+
+ If modprobe openvswitch is complaining about unknown symbol, please
+ check the build steps.
+
+## TODO
+
+ - Support more OS distros.
+
+ - Support starting docker containers with SSL.
+
+ - Support cluster and active/standby mode.
+
+## References
+
+ - http://www.openvswitch.org/
+
+ - https://hub.docker.com/r/keldaio/ovs/
diff --git a/utilities/docker/create_ovs_ovn_dbs.sh b/utilities/docker/create_ovs_ovn_dbs.sh
new file mode 100755
index 000000000..0a8c9c582
--- /dev/null
+++ b/utilities/docker/create_ovs_ovn_dbs.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ovsdb-tool create /etc/openvswitch/conf.db /usr/share/openvswitch/vswitch.ovsschema
+ovsdb-tool create /etc/openvswitch/ovnnb_db.db /usr/share/openvswitch/ovn-nb.ovsschema
+ovsdb-tool create /etc/openvswitch/ovnsb_db.db /usr/share/openvswitch/ovn-sb.ovsschema
diff --git a/utilities/docker/ovn_default_nb_port b/utilities/docker/ovn_default_nb_port
new file mode 100644
index 000000000..d83211678
--- /dev/null
+++ b/utilities/docker/ovn_default_nb_port
@@ -0,0 +1 @@
+nb_db_port=6641
diff --git a/utilities/docker/ovn_default_northd_host b/utilities/docker/ovn_default_northd_host
new file mode 100644
index 000000000..55d4ab7aa
--- /dev/null
+++ b/utilities/docker/ovn_default_northd_host
@@ -0,0 +1 @@
+northd_host=127.0.0.1
diff --git a/utilities/docker/ovn_default_sb_port b/utilities/docker/ovn_default_sb_port
new file mode 100644
index 000000000..4c9e3f585
--- /dev/null
+++ b/utilities/docker/ovn_default_sb_port
@@ -0,0 +1 @@
+sb_db_port=6642
diff --git a/utilities/docker/ovs-override.conf b/utilities/docker/ovs-override.conf
new file mode 100644
index 000000000..8f792e4b4
--- /dev/null
+++ b/utilities/docker/ovs-override.conf
@@ -0,0 +1,4 @@
+override openvswitch * extra
+override vport-geneve * extra
+override vport-stt * extra
+override vport-* * extra
diff --git a/utilities/docker/start-ovs-ovn b/utilities/docker/start-ovs-ovn
new file mode 100755
index 000000000..83a6f0d2b
--- /dev/null
+++ b/utilities/docker/start-ovs-ovn
@@ -0,0 +1,65 @@
+#!/bin/bash
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+case $1 in
+ "ovsdb-server") /usr/share/openvswitch/scripts/ovs-ctl start \
+ --system-id=random --no-ovs-vswitchd
+ /usr/share/openvswitch/scripts/ovs-ctl stop
+ ovsdb-server --pidfile /etc/openvswitch/conf.db \
+ -vconsole:emer -vsyslog:err -vfile:info \
+ --remote=punix:/var/run/openvswitch/db.sock \
+ --private-key=db:Open_vSwitch,SSL,private_key \
+ --certificate=db:Open_vSwitch,SSL,certificate \
+ --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert \
+ --log-file=/var/log/openvswitch/ovsdb-server.log \
+ --no-chdir
+ ;;
+ "ovs-vswitchd") depmod -a
+ modprobe openvswitch
+ modprobe vport_stt
+ /usr/share/openvswitch/scripts/ovs-ctl \
+ --no-ovsdb-server start
+ /usr/share/openvswitch/scripts/ovs-ctl \
+ --no-ovsdb-server force-reload-kmod
+ /usr/share/openvswitch/scripts/ovs-ctl stop
+ ovs-vswitchd --pidfile -vconsole:emer -vsyslog:err \
+ -vfile:info --mlockall --no-chdir \
+ --log-file=/var/log/openvswitch/ovs-vswitchd.log
+ ;;
+ "ovn-nb-tcp") source /etc/openvswitch/ovn_default_nb_port
+ /usr/share/openvswitch/scripts/ovn-ctl start_ovsdb
+ ovn-nbctl set-connection ptcp:$nb_db_port
+ /usr/share/openvswitch/scripts/ovn-ctl stop_ovsdb
+ /usr/share/openvswitch/scripts/ovn-ctl run_nb_ovsdb
+ ;;
+ "ovn-sb-tcp") source /etc/openvswitch/ovn_default_sb_port
+ /usr/share/openvswitch/scripts/ovn-ctl start_ovsdb
+ ovn-sbctl set-connection ptcp:$sb_db_port
+ /usr/share/openvswitch/scripts/ovn-ctl stop_ovsdb
+ /usr/share/openvswitch/scripts/ovn-ctl run_sb_ovsdb
+ sleep infinity
+ ;;
+ "ovn-northd-tcp") source /etc/openvswitch/ovn_default_northd_host
+ source /etc/openvswitch/ovn_default_nb_port
+ source /etc/openvswitch/ovn_default_sb_port
+ ovn-northd --pidfile \
+ --ovnnb-db="tcp:$northd_host:$nb_db_port" \
+ --ovnsb-db="tcp:$northd_host:$sb_db_port" \
+ --log-file=/var/log/openvswitch/ovn-northd.log
+ ;;
+ "ovn-controller") ovn-controller --pidfile \
+ --log-file=/var/log/openvswitch/ovn-controller.log
+ ;;
+ *) echo "$0 [ovs-vswitchd|ovsdb-server|ovn-controller|ovn-northd|ovn-nb|ovn-sb]"
+esac
diff --git a/utilities/docker/u1604/Dockerfile b/utilities/docker/u1604/Dockerfile
new file mode 100644
index 000000000..f1ed4dede
--- /dev/null
+++ b/utilities/docker/u1604/Dockerfile
@@ -0,0 +1,23 @@
+FROM ubuntu:16.04
+MAINTAINER "Aliasgar Ginwala" <aginwala at ebay.com>
+
+ARG OVS_BRANCH
+ARG KERNEL_VERSION
+ARG GITHUB_SRC
+ARG DISTRO
+
+copy $DISTRO/build-kernel-modules.sh /build-kernel-modules.sh
+RUN /build-kernel-modules.sh $KERNEL_VERSION $OVS_BRANCH $GITHUB_SRC
+
+COPY create_ovs_ovn_dbs.sh /etc/openvswitch/create_ovs_ovn_dbs.sh
+RUN /etc/openvswitch/create_ovs_ovn_dbs.sh
+
+COPY ovs-override.conf /etc/depmod.d/openvswitch.conf
+
+COPY ovn_default_nb_port /etc/openvswitch/ovn_default_nb_port
+COPY ovn_default_sb_port /etc/openvswitch/ovn_default_sb_port
+COPY ovn_default_northd_host /etc/openvswitch/ovn_default_northd_host
+
+COPY start-ovs-ovn /bin/start-ovs-ovn
+VOLUME ["/var/log/openvswitch", "/var/lib/openvswitch", "/var/run/openvswitch", "/etc/openvswitch"]
+ENTRYPOINT ["start-ovs-ovn"]
diff --git a/utilities/docker/u1604/build-kernel-modules.sh b/utilities/docker/u1604/build-kernel-modules.sh
new file mode 100755
index 000000000..e25b85888
--- /dev/null
+++ b/utilities/docker/u1604/build-kernel-modules.sh
@@ -0,0 +1,43 @@
+#!/bin/sh
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+KERNEL_VERSION=$1
+OVS_BRANCH=$2
+GITHUB_SRC=$3
+
+# Install deps
+linux="linux-image-$KERNEL_VERSION linux-headers-$KERNEL_VERSION"
+build_deps="apt-utils libelf-dev build-essential libssl-dev python python-six wget vim \
+gdb autoconf libtool git automake bzip2 debhelper dh-autoreconf openssl"
+
+apt-get update
+apt-get install -y ${linux} ${build_deps}
+
+# get the source
+mkdir /build; cd /build
+git clone --depth 1 -b $OVS_BRANCH $GITHUB_SRC
+cd ovs
+
+# build and install
+./boot.sh
+./configure --localstatedir="/var" --sysconfdir="/etc" --prefix="/usr" \
+--with-linux=/lib/modules/$KERNEL_VERSION/build --enable-ssl
+make -j8; make install; make modules_install
+
+# remove deps to make the container light weight.
+apt-get remove --purge -y ${build_deps}
+apt-get autoremove -y --purge
+cd ..; rm -rf ovs
+basic_utils="vim kmod net-tools uuid-runtime iproute2"
+apt-get install -y ${basic_utils}
--
2.20.1 (Apple Git-117)
More information about the dev
mailing list