From 392f1a90adb4ac631224a89afa9fb5aaedc92b47 Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Mon, 18 Mar 2024 17:07:08 +0100 Subject: [PATCH] Create an openrc for nb/sb clients In order to connect to NB/SB leader it requires quite some parameters to be passed to the CLI. To simplify that we define an environment variables that are used as defaults once /root/ovnctl.rc is sourced. Change-Id: Ia44829a48b4b73a81c82b79bc8898c1a95989aef --- doc/source/app-ovn.rst | 12 +++++++++++- tasks/providers/ovn_config.yml | 10 ++++++++++ templates/ovn-cli-options.j2 | 7 +++++++ 3 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 templates/ovn-cli-options.j2 diff --git a/doc/source/app-ovn.rst b/doc/source/app-ovn.rst index 8c1c87a3..0b284c75 100644 --- a/doc/source/app-ovn.rst +++ b/doc/source/app-ovn.rst @@ -237,7 +237,8 @@ The following commands can be used to provide useful information about the state of Open vSwitch networking and configurations. The ``ovs-vsctl list open_vswitch`` command provides information about the -``open_vswitch`` table in the local Open vSwitch database: +``open_vswitch`` table in the local Open vSwitch database and can be run from +any network or compute host: .. code-block:: console @@ -261,6 +262,15 @@ The ``ovs-vsctl list open_vswitch`` command provides information about the system_type : ubuntu system_version : "20.04" +.. note:: + + Commands towards OVN Southbound and Northbound databases are expected to be run + from ``neutron_ovn_northd`` hosts. OpenStack-Ansible places an openrc file + named `/root/ovnctl.rc` on these hosts. Once you ``source`` that file, + required environment variables will be set to connect to the database. + Alternatively, you can use ``--no-leader-only`` flag to connect to the + local database only instead of the leader one (which is default). + The ``ovn-sbctl show`` command provides information related to southbound connections. If used outside the ovn_northd container, specify the connection details: diff --git a/tasks/providers/ovn_config.yml b/tasks/providers/ovn_config.yml index 5802c305..7e5bb133 100644 --- a/tasks/providers/ovn_config.yml +++ b/tasks/providers/ovn_config.yml @@ -56,3 +56,13 @@ - name: Including setup_ovs_ovn tasks ansible.builtin.include_tasks: setup_ovs_ovn.yml + +- name: Set CLI options to connect to leader + template: + src: ovn-cli-options.j2 + dest: "/root/ovnctl.rc" + owner: root + group: root + mode: "0640" + when: + - neutron_services['neutron-ovn-northd']['group'] in group_names diff --git a/templates/ovn-cli-options.j2 b/templates/ovn-cli-options.j2 new file mode 100644 index 00000000..7e019052 --- /dev/null +++ b/templates/ovn-cli-options.j2 @@ -0,0 +1,7 @@ +export OVN_NB_DB="{{ neutron_ovn_nb_connection }}" +export OVN_SB_DB="{{ neutron_ovn_sb_connection }}" + +{% if neutron_ovn_ssl | bool %} +export OVN_NBCTL_OPTIONS="--certificate {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_cert }} --private-key {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_key }} --ca-cert {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_ca_cert }}" +export OVN_SBCTL_OPTIONS="--certificate {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_cert }} --private-key {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_key }} --ca-cert {{ neutron_ovn_conf_dir ~ '/' ~ neutron_ovn_ssl_ca_cert }}" +{% endif %}