[ovs-discuss] ovs-vsctl set-manager and remote administration

r po r2.d2 at live.fr
Tue Sep 25 07:47:56 UTC 2012


I, 

thank's ben for my typo problems, 

I understand what i missed. On the ovs which must remotely administrate we open a passive tcp connection : set-manager ptcp:port:ip
We can specify which adresses ovs listen. 

Me, i would specify which adresses is able to administrate the ovs. Is there anything to do in OVS or do i set this restriction  in other way ?
i would administrate my remote ovs but only from a specific IP. 

In the same slice, 
I would now if it's possible to restrict access to ovs management on the host by a login/mdp above the root account ?

thank's again for your multiple response, it's really helpfull. 




> Date: Mon, 24 Sep 2012 22:07:31 -0700
> From: blp at nicira.com
> To: r2.d2 at live.fr
> CC: discuss at openvswitch.org
> Subject: Re: [ovs-discuss] ovs-vsctl set-manager and remote administration
> 
> On Mon, Sep 24, 2012 at 02:17:14PM +0200, r po wrote:
> > I have two OpenVswitch and i should configure the second from the first.
> > 
> > so, on OVS-2 I set : 
> > 
> > ovs-vsctl set-manager ptcp:
> > 
> > and on OVS-1 i can administrate the 2nd OVS with this command : 
> > 
> > ovs-vsctl --db=tcp:ip_ovs_2 show  (or any ovs-vsctl command)   (i can send this command in any ovs which is connect with ovs2 .. )
> > 
> > it's work !
> > 
> > Now, i should restrict host who can admin ovs remotely : 
> > 
> > on ovs1 and 2 : ovs-vsctl emer-reset 
> > 
> > on ovs2 : 
> > 
> > ovs-vsctl set-manager tcp:ip_ovs1:6633 
> 
> Missing "p", wrong order?
>         ovs-vsctl set-manager ptcp:6633:ip_ovs1 
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20120925/4657dccc/attachment.html>


More information about the discuss mailing list