Create an openrc for nb/sb clients

In order to connect to NB/SB leader it requires quite some parameters to be passed to the CLI. To simplify that we define an environment variables that are used as defaults once /root/ovnctl.rc is sourced. Change-Id: Ia44829a48b4b73a81c82b79bc8898c1a95989aef
2024-03-18 17:07:08 +01:00 · 2024-03-18 17:07:08 +01:00 · 392f1a90ad
parent 66cdc8fa7c
commit 392f1a90ad
3 changed files with 28 additions and 1 deletions
--- a/doc/source/app-ovn.rst
+++ b/doc/source/app-ovn.rst
@ -237,7 +237,8 @@ The following commands can be used to provide useful information about the
 state of Open vSwitch networking and configurations.

 The ``ovs-vsctl list open_vswitch`` command provides information about the
-``open_vswitch`` table in the local Open vSwitch database:
+``open_vswitch`` table in the local Open vSwitch database and can be run from
+any network or compute host:

 .. code-block:: console

@ -261,6 +262,15 @@ The ``ovs-vsctl list open_vswitch`` command provides information about the
  system_type         : ubuntu
  system_version      : "20.04"

+.. note::
+
+  Commands towards OVN Southbound and Northbound databases are expected to be run
+  from ``neutron_ovn_northd`` hosts. OpenStack-Ansible places an openrc file
+  named `/root/ovnctl.rc` on these hosts. Once you ``source`` that file,
+  required environment variables will be set to connect to the database.
+  Alternatively, you can use ``--no-leader-only`` flag to connect to the
+  local database only instead of the leader one (which is default).
+
 The ``ovn-sbctl show`` command provides information related to southbound
 connections. If used outside the ovn_northd container, specify the
 connection details:
--- a/tasks/providers/ovn_config.yml
+++ b/tasks/providers/ovn_config.yml
@ -56,3 +56,13 @@

 - name: Including setup_ovs_ovn tasks
  ansible.builtin.include_tasks: setup_ovs_ovn.yml
+
+- name: Set CLI options to connect to leader
+  template:
+    src: ovn-cli-options.j2
+    dest: "/root/ovnctl.rc"
+    owner: root
+    group: root
+    mode: "0640"
+  when:
+    - neutron_services['neutron-ovn-northd']['group'] in group_names
--- a/templates/ovn-cli-options.j2
+++ b/templates/ovn-cli-options.j2
@ -0,0 +1,7 @@
+export OVN_NB_DB="{{ neutron_ovn_nb_connection }}"
+export OVN_SB_DB="{{ neutron_ovn_sb_connection }}"
+
+{% if neutron_ovn_ssl | bool %}
+export OVN_NBCTL_OPTIONS="--certificate {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_cert }} --private-key {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_key }} --ca-cert {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_ca_cert }}"
+export OVN_SBCTL_OPTIONS="--certificate {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_cert }} --private-key {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_key }} --ca-cert {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_ca_cert }}"
+{% endif %}