diff --git a/Dockerfile b/Dockerfile index 95b6006..ce63d0b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,24 @@ +# Copyright 2018 Cisco Systems Inc. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # OVS Docker image FROM alpine:3.7 LABEL maintainer "Cisco Contiv (https://contiv.github.io)" -RUN mkdir -p /etc/openvswitch /var/log/contiv \ +RUN mkdir -p /etc/openvswitch \ && echo 'http://dl-cdn.alpinelinux.org/alpine/v3.4/main' >> /etc/apk/repositories \ && apk --no-cache add \ - openvswitch=2.5.0-r0 iptables ca-certificates openssl curl bash - -COPY ovsInit.sh /scripts/ + openvswitch=2.5.0-r0 ca-certificates bash -ENTRYPOINT ["/scripts/ovsInit.sh"] +COPY runtime-scripts/ /scripts/ diff --git a/ovsInit.sh b/ovsInit.sh deleted file mode 100755 index 7cef808..0000000 --- a/ovsInit.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash -#Start OVS in the Contiv container - -set -euo pipefail - -if ! lsmod | cut -d" " -f1 | grep -q openvswitch; then - echo "INFO: Loading kernel module: openvswitch" - modprobe openvswitch - sleep 2 -fi - -mkdir -p /var/run/openvswitch /var/log/contiv - -if [ -d "/etc/openvswitch" ]; then - if [ -f "/etc/openvswitch/conf.db" ]; then - echo "INFO: The Open vSwitch database exists" - else - echo "INFO: The Open VSwitch database doesn't exist" - echo "INFO: Creating the Open VSwitch database..." - ovsdb-tool create /etc/openvswitch/conf.db /usr/share/openvswitch/vswitch.ovsschema - fi -else - echo "CRITICAL: Open vSwitch is not mounted from host" - exit 1 -fi - -echo "INFO: Starting ovsdb-server..." -ovsdb-server --remote=punix:/var/run/openvswitch/db.sock \ - --remote=db:Open_vSwitch,Open_vSwitch,manager_options \ - --private-key=db:Open_vSwitch,SSL,private_key \ - --certificate=db:Open_vSwitch,SSL,certificate \ - --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert \ - --log-file=/var/log/contiv/ovs-db.log -vsyslog:info -vfile:info \ - --pidfile /etc/openvswitch/conf.db & -OVSDB_PID=$! - -echo "INFO: Starting ovs-vswitchd" -ovs-vswitchd -v --pidfile --detach --log-file=/var/log/contiv/ovs-vswitchd.log \ - -vconsole:err -vsyslog:info -vfile:info & -VSWITCHD_PID=$! - -retry=0 -while ! ovsdb-client list-dbs | grep -q Open_vSwitch; do - if [[ ${retry} -eq 5 ]]; then - echo "CRITICAL: Failed to start ovsdb in 5 seconds." - exit 1 - else - echo "INFO: Waiting for ovsdb to start..." - sleep 1 - ((retry += 1)) - fi -done - -echo "INFO: Setting OVS manager (tcp)..." -ovs-vsctl set-manager tcp:127.0.0.1:6640 - -echo "INFO: Setting OVS manager (ptcp)..." -ovs-vsctl set-manager ptcp:6640 - -STATUS=0 - -for pid in $OVSDB_PID $VSWITCHD_PID; do - echo "INFO: waiting for pid $pid" - wait $pid || let STATUS=1 -done - -exit $STATUS diff --git a/runtime-scripts/start-ovs-vswitchd.sh b/runtime-scripts/start-ovs-vswitchd.sh new file mode 100755 index 0000000..f69411e --- /dev/null +++ b/runtime-scripts/start-ovs-vswitchd.sh @@ -0,0 +1,52 @@ +#!/bin/bash +# +# Copyright 2018 Cisco Systems Inc. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -euo pipefail + +mkdir -p /var/run/openvswitch + +if ! lsmod | cut -d" " -f1 | grep -q openvswitch; then + echo "INFO: Loading kernel module: openvswitch" + modprobe openvswitch + sleep 2 +fi + +echo "INFO: waiting for ovsdb" +retry=0 +while ! ovsdb-client list-dbs | grep -q Open_vSwitch; do + if [[ ${retry} -eq 15 ]]; then + echo "CRITICAL: Failed to reach ovsdb server in 15 seconds" + exit 1 + else + echo "INFO: Waiting for ovsdb to start..." + sleep 1 + ((retry += 1)) + fi +done + +echo "INFO: Starting ovs-vswitchd" +ovs-vswitchd -v --pidfile & +VSWITCHD_PID=$! + +sleep 2 + +echo "INFO: Setting OVS manager (tcp)..." +ovs-vsctl set-manager tcp:127.0.0.1:6640 + +echo "INFO: Setting OVS manager (ptcp)..." +ovs-vsctl set-manager ptcp:6640 + +wait $VSWITCHD_PID +exit 1 diff --git a/runtime-scripts/start-ovsdb-server.sh b/runtime-scripts/start-ovsdb-server.sh new file mode 100755 index 0000000..c919a4a --- /dev/null +++ b/runtime-scripts/start-ovsdb-server.sh @@ -0,0 +1,41 @@ +#!/bin/bash +# +# Copyright 2018 Cisco Systems Inc. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -euo pipefail + +mkdir -p /var/run/openvswitch + +if [ -d "/etc/openvswitch" ]; then + if [ -f "/etc/openvswitch/conf.db" ]; then + echo "INFO: The Open vSwitch database exists" + else + echo "INFO: The Open vSwitch database doesn't exist" + echo "INFO: Creating the Open vSwitch database..." + ovsdb-tool create /etc/openvswitch/conf.db /usr/share/openvswitch/vswitch.ovsschema + fi +else + echo "CRITICAL: Open vSwitch is not mounted from host" + exit 1 +fi + +echo "INFO: updating OVS database schema if needed" +ovsdb-tool convert /etc/openvswitch/conf.db /usr/share/openvswitch/vswitch.ovsschema + +echo "INFO: Starting ovsdb-server..." +exec ovsdb-server --remote=punix:/var/run/openvswitch/db.sock \ + --remote=db:Open_vSwitch,Open_vSwitch,manager_options \ + --private-key=db:Open_vSwitch,SSL,private_key \ + --certificate=db:Open_vSwitch,SSL,certificate \ + --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert