# Spec file for Open Virtual Network (OVN). # Copyright (C) 2018 Red Hat, Inc. # # Copying and distribution of this file, with or without modification, # are permitted in any medium without royalty provided the copyright # notice and this notice are preserved. This file is offered as-is, # without warranty of any kind. # # If tests have to be skipped while building, specify the '--without check' # option. For example: # rpmbuild -bb --without check rhel/ovn-fedora.spec # # This defines the base package name's version. %define pkgver 2.11 %define pkgname ovn%{pkgver} #%%global commit0 f11b99776c46831184ac30065c6cdf911061bb5a #%%global date 20190223 #%%global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # If libcap-ng isn't available and there is no need for running OVS # as regular user, specify the '--without libcapng' %bcond_without libcapng # option to build ovn-docker package %bcond_with ovn_docker # Enable PIE, bz#955181 %global _hardened_build 1 # some distros (e.g: RHEL-7) don't define _rundir macro yet # Fedora 15 onwards uses /run as _rundir %if 0%{!?_rundir:1} %define _rundir /run %endif # Build python2 (that provides python) and python3 subpackages on Fedora # Build only python3 (that provides python) subpackage on RHEL8 # Build only python subpackage on RHEL7 %if 0%{?rhel} > 7 || 0%{?fedora} # Use Python3 %global _py python3 %global _py2 python2 %global with_python3 1 %if 0%{?fedora} %global with_python2 1 %else %global with_python2 0 %endif # On RHEL8 Sphinx is included in buildroot %global external_sphinx 1 %else # Use Python2 %global _py python %global _py2 python %global with_python2 1 %global with_python3 0 # Don't use external sphinx (RHV doesn't have optional repositories enabled) %global external_sphinx 0 %endif Name: %{pkgname} Summary: Open Virtual Network support Group: System Environment/Daemons URL: http://www.openvswitch.org/ Version: %{pkgver}.1 Release: 39%{?commit0:.%{date}git%{shortcommit0}}%{?dist} Provides: openvswitch%{pkgver}-ovn-common = %{?epoch:%{epoch}:}%{version}-%{release} Obsoletes: openvswitch%{pkgver}-ovn-common < 2.11.0-1 # Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the # lib/sflow*.[ch] files are SISSL License: ASL 2.0 and LGPLv2+ and SISSL %if 0%{?commit0:1} Source: https://github.com/openvswitch/ovs/archive/%{commit0}.tar.gz#/openvswitch-%{shortcommit0}.tar.gz %else Source: https://www.openvswitch.org/releases/openvswitch-%{version}.tar.gz %endif %define docutilsver 0.12 %define pygmentsver 1.4 %define sphinxver 1.1.3 Source100: https://pypi.io/packages/source/d/docutils/docutils-%{docutilsver}.tar.gz Source101: https://pypi.io/packages/source/P/Pygments/Pygments-%{pygmentsver}.tar.gz Source102: https://pypi.io/packages/source/S/Sphinx/Sphinx-%{sphinxver}.tar.gz Source500: configlib.sh Source501: gen_config_group.sh Source502: set_config.sh # Important: source503 is used as the actual copy file # @TODO: this causes a warning - fix it? Source504: arm64-armv8a-linuxapp-gcc-config Source505: ppc_64-power8-linuxapp-gcc-config Source506: x86_64-native-linuxapp-gcc-config # ovn-patches # OVN (including OVS if required) backports (0 - 399) # Bug 1741057 Patch2: 0001-Make-pidfile_is_running-more-robust-against-empty-pi.patch # Bug 1749739 Patch10: 0001-Handle-GARP-reply-packets-from-provider-networks-onl.patch # Bug 1751942 Patch20: 0001-ovn-Exclude-inport-and-outport-symbol-tables-from-co.patch # Bug 1743577 Patch30: 0001-northd-introduce-build_empty_lb_event_flow-routine.patch Patch31: 0002-add-meter-support-to-trigger_event-action.patch Patch32: 0003-northd-add-rate-limiting-support-for-SB-controller-e.patch Patch33: 0004-northd-add-empty_lb-controller_event-for-logical-rou.patch # Bug 1756466 Patch40: 0001-Disable-conjunction-by-force-cross-product-for-all-t.patch # Bug 1580542 Patch50: 0001-Add-egress-QoS-mapping-for-non-tunnel-interfaces.patch Patch51: 0002-northd-add-the-possibility-to-define-localnet-as-qos.patch Patch52: 0003-northd-introduce-logical-flow-for-localnet-egress-sh.patch # Bug 1729846, 1757714 & 1757715 Patch60: 0001-ovn-northd-Use-HMAP_FOR_EACH-when-adding-multicast-l.patch Patch61: 0002-ovn-northd-Add-IGMP-Relay-support.patch Patch62: 0003-Learn-the-mac-binding-only-if-required.patch Patch63: 0004-ovn-northd-Add-static-IP-multicast-flood-configurati.patch Patch64: 0001-ovn-northd-Fix-IP-multicast-flooding-to-mrouter.patch # Bug 1699332 Patch70: 0001-Add-RDNSS-support-to-OVN.patch # Bug 1764718 Patch80: 0001-Add-DNSSL-support-to-OVN.patch # Bug 1764032 Patch90: 0001-Revert-conjunctive-match-removal-patches.patch Patch91: 0002-Combine-conjunctions-with-identical-matches-into-one.patch Patch92: 0001-Partially-revert-Exclude-inport-and-outport-symbol-t.patch # Bug 1768347 Patch100: 0001-northd-Fix-table-ID-for-IPv6-router-ingress.patch Patch101: 0002-actions-Add-IPv6-support-to-lflow-NAT-actions.patch Patch102: 0003-ovn-nbctl-Allow-IPv6-NAT-rules-to-be-added.patch Patch103: 0004-northd-Add-lflows-for-IPv6-NAT.patch Patch104: 0005-system-ovn-Add-IPv6-NAT-test-cases.patch Patch105: 0006-controller-Downgrade-a-warning-log-message.patch #Bug 1762341 Patch110: 0001-Fix-virtual-port-binding-when-the-parents-are-schedu.patch #Bug 1769043 Patch120: 0001-Prevent-erroneous-duplicate-IP-address-messages.patch # Bug 1770953 Patch130: 0001-lflow.c-Fix-memory-leak-of-lflow_ref_list_node-ref_n.patch # Bug 1769709 Patch140: 0001-ovn-northd-Validate-dnat_and_snat-external_mac-logic.patch # Bug 1762777 Patch150: 0001-Fix-ha-chassis-failover-issues-for-stale-ha-chassis-.patch # Bug 1773605 Patch160: 0001-northd-Match-IPv4-or-IPv6-for-MAC-resolution.patch Patch161: 0002-Skip-IPv6-NS-packets-in-router-egress-SNAT-pipeline.patch Patch162: 0001-Fix-testsuite-85-ensure-one-gw-controller-restart-in.patch # Bug 1756945 Patch170: 0001-ovn-northd-Fix-get_router_load_balancer_ips-for-mixe.patch Patch171: 0002-ovn-northd-Limit-ARP-ND-broadcast-domain-whenever-po.patch Patch172: 0003-ovn-northd-Avoid-empty-address-list-when-limiting-AR.patch # Bug 1779112 # Bug 1778164 # Bug 1779124 Patch180: 0001-ovn-controller-Consider-non-virtual-ports-first-when.patch Patch181: 0001-ovn-controller-Add-missing-port-group-lflow-referenc.patch Patch182: 0001-ovn-controller-Add-command-to-trigger-an-I-P-full-re.patch # Bug 1779212 Patch190: 0001-Add-support-to-Default-Router-Preference-PRF-RFC-419.patch Patch191: 0002-Add-support-for-Route-Info-Option-in-RA-RFC-4191.patch # Bug 1703162 Patch200: 0001-OVN-Do-not-replace-router-port-mac-on-gateway-chassi.patch Patch201: 0002-OVN-Vlan-backed-DVR-N-S-redirect-type-option.patch Patch202: 0003-OVN-Vlan-backed-DVR-N-S-avoid-get_arp-on-non-redirec.patch Patch203: 0004-OVN-Vlan-backed-DVR-N-S-redirect-packet-via-localnet.patch Patch204: 0005-Replace-chassis-mac-with-router-port-mac-on-destinat.patch Patch205: 0006-OVN-ADD-nbctl-cli-to-mark-a-dnat_and_snat-rule-as-st.patch Patch206: 0007-OVN-Use-ip4.src-and-ip4.dst-actions-for-NAT-rules.patch Patch207: 0008-Fix-the-segfault-seen-in-ovn-controller-when-running.patch Patch208: 0009-ovn-northd-Add-support-for-Load-Balancer-health-chec.patch Patch209: 0010-Add-a-new-action-handle_svc_check.patch Patch210: 0011-Send-service-monitor-health-checks.patch Patch211: 0012-northd-Remove-misleading-warning-log-message.patch # Bug 1787319 Patch215: 0001-ovn-controller-Refactor-I-P-engine_run-tracking.patch Patch216: 0002-ovn-controller-Add-per-node-states-to-I-P-engine.patch Patch217: 0003-ovn-controller-Add-separate-I-P-engine-node-for-proc.patch Patch218: 0004-ovn-controller-Fix-use-of-dangling-pointers-in-I-P-r.patch # Bug 1787361 Patch220: 0001-ovn-controller-Run-I-P-engine-even-when-no-SB-txn-is.patch # Bug 1787000 Patch230: 0001-pinctrl.c-Fix-maybe-uninitialized-warnings-with-old-.patch Patch231: 0002-DNSSL-copy-dnssl-string-in-order-to-avoid-truncated-.patch Patch232: 0003-RA-Route-Info-Option-copy-route-info-string-in-order.patch # Bug 1788456 Patch240: 0001-ovn-controller-Don-t-monitor-connection-table-column.patch Patch241: 0002-Restrict-ARP-IPv6-ND-replies-for-LB-VIP-only-on-chas.patch # Bug 1791388 Patch250: 0001-RHEL-only-Add-compatibility-with-openvswitch2.11-2.1.patch # Bug 1781223 Patch260: 0001-nbctl-Log-the-source-of-duplicate-IP-addresses.patch Patch261: 0002-northd-Log-all-dynamic-address-assignments.patch Patch262: 0003-northd-Load-config-before-processing-nbdb-contents.patch Patch263: 0004-tests-Updated-expected-log-message.patch # Bug 1703162 Patch270: 0001-ovn-northd-Fix-Pre-LB-logical-flows-with-IPv4-and-IP.patch Patch271: 0002-ovn-northd-Consider-load-balancer-active-backends-in.patch # Bug 1795697 Patch280: 0001-ovn-northd-Address-scale-issues-with-DNAT-flows.patch # Bug 1797873 Patch290: 0001-controller-grant-cap_net_admin-to-ovn-controller.patch # Bug 1788193 Patch300: 0001-pinctrl-fix-IP-buffering-with-connection-tracking.patch Patch301: 0002-Manage-ARP-process-locally-in-a-DVR-scenario.patch # Bug 1811119 Patch310: 0001-Broadcast-DHCPREPLY-when-BROADCAST-flag-is-set.patch # Bug 1813050 Patch320: 0001-ovn-northd-Add-lflows-to-by-pass-the-svc-monitor-pac.patch # Bug 1805709 Patch330: 0001-ovn-northd-Don-t-add-arp-responder-flows-for-lports-.patch # Bug 1816620 Patch340: 0001-ovn-northd-Forward-ARP-requests-on-localnet-ports.patch Patch341: 0002-ovn.at-Fix-ARP-test-that-fails-due-to-timing.patch # FIXME Sphinx is used to generate some manpages, unfortunately, on RHEL, it's # in the -optional repository and so we can't require it directly since RHV # doesn't have the -optional repository enabled and so TPS fails %if %{external_sphinx} BuildRequires: %{_py}-sphinx %else # Sphinx dependencies BuildRequires: %{_py}-devel BuildRequires: %{_py}-setuptools #BuildRequires: %{_py}-docutils BuildRequires: %{_py}-jinja2 BuildRequires: %{_py}-nose #BuildRequires: %{_py}-pygments # docutils dependencies BuildRequires: %{_py}-imaging # pygments dependencies BuildRequires: %{_py}-nose %endif BuildRequires: gcc gcc-c++ make BuildRequires: autoconf automake libtool BuildRequires: systemd-units openssl openssl-devel %if %{with_python3} BuildRequires: python3-devel python3-six python3-setuptools %endif %if %{with_python2} BuildRequires: %{_py2}-devel %{_py2}-six %{_py2}-setuptools %endif BuildRequires: desktop-file-utils BuildRequires: groff-base graphviz BuildRequires: unbound-devel # make check dependencies BuildRequires: procps-ng %if %{with_python2} BuildRequires: pyOpenSSL %else BuildRequires: python3-pyOpenSSL %endif %if %{with libcapng} BuildRequires: libcap-ng libcap-ng-devel %endif Requires: hostname openssl iproute module-init-tools Requires(post): systemd-units Requires(preun): systemd-units Requires(postun): systemd-units # to skip running checks, pass --without check %bcond_without check %description OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add native support for virtual network abstractions, such as virtual L2 and L3 overlays and security groups. %package central Summary: Open Virtual Network support License: ASL 2.0 Requires: %{pkgname} Requires: firewalld-filesystem Provides: openvswitch%{pkgver}-ovn-central = %{?epoch:%{epoch}:}%{version}-%{release} Obsoletes: openvswitch%{pkgver}-ovn-central < 2.11.0-1 %description central OVN DB servers and ovn-northd running on a central node. %package host Summary: Open Virtual Network support License: ASL 2.0 Requires: %{pkgname} Requires: firewalld-filesystem Provides: openvswitch%{pkgver}-ovn-host = %{?epoch:%{epoch}:}%{version}-%{release} Obsoletes: openvswitch%{pkgver}-ovn-host < 2.11.0-1 %description host OVN controller running on each host. %package vtep Summary: Open Virtual Network support License: ASL 2.0 Requires: %{pkgname} Provides: openvswitch%{pkgver}-ovn-vtep = %{?epoch:%{epoch}:}%{version}-%{release} Obsoletes: openvswitch%{pkgver}-ovn-vtep < 2.11.0-1 %description vtep OVN vtep controller %if %{with ovn_docker} %package docker Summary: Open Virtual Network support License: ASL 2.0 Requires: %{pkgname} %{_py2}-openvswitch Provides: openvswitch%{pkgver}-ovn-docker = %{?epoch:%{epoch}:}%{version}-%{release} Obsoletes: openvswitch%{pkgver}-ovn-docker < 2.11.0-1 %description docker Docker network plugins for OVN. %endif %prep %autosetup -N -c %if 0%{?commit0:1} find ovs-%{commit0}/ -maxdepth 1 -mindepth 1 -exec mv -t . {} + rmdir ovs-%{commit0}/ %else find openvswitch-%{version}/ -maxdepth 1 -mindepth 1 -exec mv -t . {} + rmdir openvswitch-%{version}/ %endif %autopatch -p 1 %if ! %{external_sphinx} %setup -q -D -T -a 100 -a 101 -a 102 %endif %build # Build Sphinx on RHEL %if ! %{external_sphinx} export PYTHONPATH="${PYTHONPATH:+$PYTHONPATH:}%{_builddir}/pytmp/lib/python" for x in docutils-%{docutilsver} Pygments-%{pygmentsver} Sphinx-%{sphinxver}; do pushd "$x" %{_py} setup.py install --home %{_builddir}/pytmp popd done export PATH="$PATH:%{_builddir}/pytmp/bin" %endif %if 0%{?commit0:1} # fix the snapshot unreleased version to be the released one. sed -i.old -e "s/^AC_INIT(openvswitch,.*,/AC_INIT(openvswitch, %{version},/" configure.ac %endif ./boot.sh %configure \ %if %{with libcapng} --enable-libcapng \ %else --disable-libcapng \ %endif --enable-ssl \ --with-pkidir=%{_sharedstatedir}/openvswitch/pki make %{?_smp_mflags} %install rm -rf $RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT for service in ovn-controller ovn-controller-vtep ovn-northd; do install -p -D -m 0644 \ rhel/usr_lib_systemd_system_${service}.service \ $RPM_BUILD_ROOT%{_unitdir}/${service}.service done rm -rf $RPM_BUILD_ROOT/%{_datadir}/openvswitch/python/ install -d -m 0755 $RPM_BUILD_ROOT/%{_sharedstatedir}/openvswitch install -d $RPM_BUILD_ROOT%{_prefix}/lib/firewalld/services/ install -p -m 0644 rhel/usr_lib_firewalld_services_ovn-central-firewall-service.xml \ $RPM_BUILD_ROOT%{_prefix}/lib/firewalld/services/ovn-central-firewall-service.xml install -p -m 0644 rhel/usr_lib_firewalld_services_ovn-host-firewall-service.xml \ $RPM_BUILD_ROOT%{_prefix}/lib/firewalld/services/ovn-host-firewall-service.xml install -d -m 0755 $RPM_BUILD_ROOT%{_prefix}/lib/ocf/resource.d/ovn ln -s %{_datadir}/openvswitch/scripts/ovndb-servers.ocf \ $RPM_BUILD_ROOT%{_prefix}/lib/ocf/resource.d/ovn/ovndb-servers # remove OVS unpackages files rm -f $RPM_BUILD_ROOT%{_bindir}/ovs* rm -f $RPM_BUILD_ROOT%{_bindir}/vtep-ctl rm -f $RPM_BUILD_ROOT%{_sbindir}/ovs* rm -f $RPM_BUILD_ROOT%{_mandir}/man1/ovs* rm -f $RPM_BUILD_ROOT%{_mandir}/man5/ovs* rm -f $RPM_BUILD_ROOT%{_mandir}/man5/vtep* rm -f $RPM_BUILD_ROOT%{_mandir}/man7/ovs* rm -f $RPM_BUILD_ROOT%{_mandir}/man8/ovs* rm -f $RPM_BUILD_ROOT%{_mandir}/man8/vtep* rm -f $RPM_BUILD_ROOT%{_datadir}/openvswitch/ovs* rm -f $RPM_BUILD_ROOT%{_datadir}/openvswitch/vswitch.ovsschema rm -f $RPM_BUILD_ROOT%{_datadir}/openvswitch/vtep.ovsschema rm -f $RPM_BUILD_ROOT%{_datadir}/openvswitch/scripts/ovs* rm -rf $RPM_BUILD_ROOT%{_datadir}/openvswitch/bugtool-plugins rm -f $RPM_BUILD_ROOT%{_includedir}/openvswitch/* rm -f $RPM_BUILD_ROOT%{_includedir}/openflow/* rm -f $RPM_BUILD_ROOT%{_libdir}/*.a rm -f $RPM_BUILD_ROOT%{_libdir}/*.la rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/*.pc rm -f $RPM_BUILD_ROOT%{_includedir}/openvswitch/* rm -f $RPM_BUILD_ROOT%{_includedir}/openflow/* rm -f $RPM_BUILD_ROOT%{_includedir}/ovn/* rm -f $RPM_BUILD_ROOT%{_sysconfdir}/bash_completion.d/ovs-appctl-bashcomp.bash rm -f $RPM_BUILD_ROOT%{_sysconfdir}/bash_completion.d/ovs-vsctl-bashcomp.bash rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/openvswitch %if %{without ovn_docker} rm -f $RPM_BUILD_ROOT/%{_bindir}/ovn-docker-overlay-driver \ $RPM_BUILD_ROOT/%{_bindir}/ovn-docker-underlay-driver %endif %check %if %{with check} touch resolv.conf export OVS_RESOLV_CONF=$(pwd)/resolv.conf if make check TESTSUITEFLAGS='%{_smp_mflags} -k ovn' || make check TESTSUITEFLAGS='--recheck -k ovn'; then :; else cat tests/testsuite.log # Presently a test case - "2796: ovn -- ovn-controller incremental processing" # is failing on aarch64 arch. Let's not exit for this arch # until we figure out why it is failing. %ifnarch aarch64 exit 1 %endif fi %endif %clean rm -rf $RPM_BUILD_ROOT %pre central if [ $1 -eq 1 ] ; then # Package install. /bin/systemctl status ovn-northd.service &>/dev/null ovn_status=$? rpm -ql openvswitch-ovn-central > /dev/null if [[ "$?" = "0" && "$ovn_status" = "0" ]]; then # ovn-northd service is running which means old openvswitch-ovn-central # is already installed and it will be cleaned up. So start ovn-northd # service when posttrans central is called. touch %{_localstatedir}/lib/rpm-state/ovn-northd fi fi %pre host if [ $1 -eq 1 ] ; then # Package install. /bin/systemctl status ovn-controller.service &>/dev/null ovn_status=$? rpm -ql openvswitch-ovn-host > /dev/null if [[ "$?" = "0" && "$ovn_status" = "0" ]]; then # ovn-controller service is running which means old # openvswitch-ovn-host is installed and it will be cleaned up. So # start ovn-controller service when posttrans host is called. touch %{_localstatedir}/lib/rpm-state/ovn-controller fi fi %pre vtep if [ $1 -eq 1 ] ; then # Package install. /bin/systemctl status ovn-controller-vtep.service >/dev/null ovn_status=$? rpm -ql openvswitch-ovn-vtep > /dev/null if [[ "$?" = "0" && "$ovn_status" = "0" ]]; then # ovn-controller-vtep service is running which means old # openvswitch-ovn-vtep is installed and it will be cleaned up. So # start ovn-controller-vtep service when posttrans host is called. touch %{_localstatedir}/lib/rpm-state/ovn-controller-vtep fi fi %preun central %if 0%{?systemd_preun:1} %systemd_preun ovn-northd.service %else if [ $1 -eq 0 ] ; then # Package removal, not upgrade /bin/systemctl --no-reload disable ovn-northd.service >/dev/null 2>&1 || : /bin/systemctl stop ovn-northd.service >/dev/null 2>&1 || : fi %endif %preun host %if 0%{?systemd_preun:1} %systemd_preun ovn-controller.service %else if [ $1 -eq 0 ] ; then # Package removal, not upgrade /bin/systemctl --no-reload disable ovn-controller.service >/dev/null 2>&1 || : /bin/systemctl stop ovn-controller.service >/dev/null 2>&1 || : fi %endif %preun vtep %if 0%{?systemd_preun:1} %systemd_preun ovn-controller-vtep.service %else if [ $1 -eq 0 ] ; then # Package removal, not upgrade /bin/systemctl --no-reload disable ovn-controller-vtep.service >/dev/null 2>&1 || : /bin/systemctl stop ovn-controller-vtep.service >/dev/null 2>&1 || : fi %endif %post central %if 0%{?systemd_post:1} %systemd_post ovn-northd.service %else # Package install, not upgrade if [ $1 -eq 1 ]; then /bin/systemctl daemon-reload >dev/null || : fi %endif %post host %if 0%{?systemd_post:1} %systemd_post ovn-controller.service %else # Package install, not upgrade if [ $1 -eq 1 ]; then /bin/systemctl daemon-reload >dev/null || : fi %endif %post vtep %if 0%{?systemd_post:1} %systemd_post ovn-controller-vtep.service %else # Package install, not upgrade if [ $1 -eq 1 ]; then /bin/systemctl daemon-reload >dev/null || : fi %endif %postun %postun central %if 0%{?systemd_postun_with_restart:1} %systemd_postun_with_restart ovn-northd.service %else /bin/systemctl daemon-reload >/dev/null 2>&1 || : if [ "$1" -ge "1" ] ; then # Package upgrade, not uninstall /bin/systemctl try-restart ovn-northd.service >/dev/null 2>&1 || : fi %endif %postun host %if 0%{?systemd_postun_with_restart:1} %systemd_postun_with_restart ovn-controller.service %else /bin/systemctl daemon-reload >/dev/null 2>&1 || : if [ "$1" -ge "1" ] ; then # Package upgrade, not uninstall /bin/systemctl try-restart ovn-controller.service >/dev/null 2>&1 || : fi %endif %postun vtep %if 0%{?systemd_postun_with_restart:1} %systemd_postun_with_restart ovn-controller-vtep.service %else /bin/systemctl daemon-reload >/dev/null 2>&1 || : if [ "$1" -ge "1" ] ; then # Package upgrade, not uninstall /bin/systemctl try-restart ovn-controller-vtep.service >/dev/null 2>&1 || : fi %endif %posttrans central if [ $1 -eq 1 ]; then # Package install, not upgrade if [ -e %{_localstatedir}/lib/rpm-state/ovn-northd ]; then rm %{_localstatedir}/lib/rpm-state/ovn-northd /bin/systemctl start ovn-northd.service >/dev/null 2>&1 || : fi fi %posttrans host if [ $1 -eq 1 ]; then # Package install, not upgrade if [ -e %{_localstatedir}/lib/rpm-state/ovn-controller ]; then rm %{_localstatedir}/lib/rpm-state/ovn-controller /bin/systemctl start ovn-controller.service >/dev/null 2>&1 || : fi fi %posttrans vtep if [ $1 -eq 1 ]; then # Package install, not upgrade if [ -e %{_localstatedir}/lib/rpm-state/ovn-controller-vtep ]; then rm %{_localstatedir}/lib/rpm-state/ovn-controller-vtep /bin/systemctl start ovn-controller-vtep.service >/dev/null 2>&1 || : fi fi %files %{_bindir}/ovn-nbctl %{_bindir}/ovn-sbctl %{_bindir}/ovn-trace %{_bindir}/ovn-detrace %{_datadir}/openvswitch/scripts/ovn-ctl %{_datadir}/openvswitch/scripts/ovndb-servers.ocf %{_mandir}/man8/ovn-ctl.8* %{_mandir}/man8/ovn-nbctl.8* %{_mandir}/man8/ovn-trace.8* %{_mandir}/man1/ovn-detrace.1* %{_mandir}/man7/ovn-architecture.7* %{_mandir}/man8/ovn-sbctl.8* %{_mandir}/man5/ovn-nb.5* %{_mandir}/man5/ovn-sb.5* %{_prefix}/lib/ocf/resource.d/ovn/ovndb-servers %if %{with_python2} %{_datadir}/openvswitch/scripts/ovn-bugtool-nbctl-show %{_datadir}/openvswitch/scripts/ovn-bugtool-sbctl-lflow-list %{_datadir}/openvswitch/scripts/ovn-bugtool-sbctl-show %endif %if %{with ovn_docker} %files docker %{_bindir}/ovn-docker-overlay-driver %{_bindir}/ovn-docker-underlay-driver %endif %files central %{_bindir}/ovn-northd %{_mandir}/man8/ovn-northd.8* %config %{_datadir}/openvswitch/ovn-nb.ovsschema %config %{_datadir}/openvswitch/ovn-sb.ovsschema %{_unitdir}/ovn-northd.service %{_prefix}/lib/firewalld/services/ovn-central-firewall-service.xml %files host %{_bindir}/ovn-controller %{_mandir}/man8/ovn-controller.8* %{_unitdir}/ovn-controller.service %{_prefix}/lib/firewalld/services/ovn-host-firewall-service.xml %files vtep %{_bindir}/ovn-controller-vtep %{_mandir}/man8/ovn-controller-vtep.8* %{_unitdir}/ovn-controller-vtep.service %changelog * Tue Mar 24 2020 Dumitru Ceara - 2.11.1-39 - Backport "ovn-northd: Forward ARP requests on localnet ports." (#1816620) - Backport "ovn.at: Fix ARP test that fails due to timing." (#1816620) * Mon Mar 23 2020 Numan Siddique - 2.11.1-38 - Backport "ovn-northd: Don't add arp responder flows for lports with 'unknown' address." (#1805709) * Thu Mar 13 2020 Numan Siddique - 2.11.1-37 - Backport "ovn-northd: Add lflows to by pass the svc monitor packets from conntrack". (#1813050) * Fri Mar 6 2020 Ihar Hrachyshka - 2.11.1-36 - Backport "Broadcast DHCPREPLY when BROADCAST flag is set" (#1811119) * Mon Mar 2 2020 Lorenzo Bianconi - 2.11.1-35 - Backport "pinctrl: fix IP buffering with connection-tracking" (#1788193) - Backport "Manage ARP process locally in a DVR scenario" (#1788193) * Fri Feb 28 2020 Lorenzo Bianconi - 2.11.1-34 - Backport "controller: grant cap_net_admin to ovn-controller" (#1797873) * Tue Feb 4 2020 Numan Siddique - 2.11.1-33 * Backport "ovn-northd: Address scale issues with DNAT flows." (1795697) * Thu Jan 30 2020 Numan Siddique - 2.11.1-32 * Backport "[RFE] LB health check : ovn-northd: Consider load balancer active backends in router pipeline" (#1703162) * Fri Jan 24 2020 Dumitru Ceara - 2.11.1-31 - Backport "tests: Updated expected log message" (#1781223) - Backport "nbctl: Log the source of duplicate IP addresses" (#1781223) - Backport "northd: Log all dynamic address assignments" (#1781223) - Backport "northd: Load config before processing nbdb contents" (#1781223) * Thu Jan 16 2020 Timothy Redaelli - 2.11.1-30 - Add a RHEL-only patch to read the OVS_USER_ID from /etc/openvswitch/default.conf and /etc/sysconfig/openvswitch. This is needed for openvswitch2.11 < 2.11.0-43 compatibility (#1791388) * Fri Jan 10 2020 Numan Siddique - 2.11.1-29 - Backport "ovn-controller: Don't monitor connection table columns" - Backport "Restrict ARP/IPv6 ND replies for LB VIP only on chassis redirect port" (#1788456) * Thu Jan 09 2020 Lorenzo Bianconi - 2.11.1-28 - Backport "pinctrl.c: Fix maybe-uninitialized warnings with old GCC versions" (#1787000) - Backport "DNSSL: copy dnssl string in order to avoid truncated value" (#1787000) - Backport "RA Route Info Option: copy route info string in order to avoid truncated value" (#1787000) * Thu Jan 02 2020 Dumitru Ceara - 2.11.1-27 - Backport "ovn-controller: Run I-P engine even when no SB txn is available." (#1787361) * Thu Jan 02 2020 Dumitru Ceara - 2.11.1-26 - Backport "ovn-controller: Refactor I-P engine_run() tracking." (#1787318) - Backport "ovn-controller: Add per node states to I-P engine." (#1787318) - Backport "ovn-controller: Add separate I-P engine node for processing ct-zones." (#1787318) - Backport "ovn-controller: Fix use of dangling pointers in I-P runtime_data." (#1787318) * Thu Dec 19 2019 Mark Michelson - 2.11.1-25 - Do not force crossproducts on string expressions (#1764032) * Thu Dec 05 2019 Numan Siddique - 2.11.1-24 - Backport "[RFE] Support for load balancing health checks in OVN" (#1703162) - Backport "Stateless NAT support (backported due to conflicts)" - Backport "Ankur's Vlan backed DVR N-S patches (backported due to conflicts)" * Tue Dec 03 2019 Lorenzo Bianconi - 2.11.1-23 - Backport "Add support to Default Router Preference (PRF) - RFC4191" (#1779212) - Backport "Add support for Route Info Option in RA - RFC4191" * Tue Dec 3 2019 Dumitru Ceara - 2.11.1-22 - Backport "ovn-controller: Consider non-virtual ports first when updating bindings." (#1779112) - Backport "ovn-controller: Add missing port group lflow references." (#1778164) - Backport "ovn-controller: Add command to trigger an I-P full recompute." (#1779124) * Tue Nov 26 2019 Dumitru Ceara - 2.11.1-21 - Backport "ovn-northd: Fix get_router_load_balancer_ips() for mixed address families." - Backport "ovn-northd: Limit ARP/ND broadcast domain whenever possible." (#1756945) - Backport "ovn-northd: Avoid empty address list when limiting ARP/ND broadcast." (#1756945) * Tue Nov 19 2019 Numan Siddique - 2.11.1-20 - Backport "Skip IPv6 NS packets in router egress SNAT pipeline" (#1773605) - Backport "northd: Match IPv4 or IPv6 for MAC resolution" - Removed - Requires: openvswitch2.11 * Tue Nov 12 2019 Dumitru Ceara - 2.11.1-19 - Backport "Fix ha chassis failover issues for stale ha chassis entries" (#1762777) * Tue Nov 12 2019 Dumitru Ceara - 2.11.1-18 - Backport "ovn-northd: Validate dnat_and_snat external_mac/logical_ip." (#1769709) * Mon Nov 11 2019 Mark Michelson - 2.11.1-17 - Revert support for openvswitch2.12 * Mon Nov 11 2019 Mark Michelson - 2.11.1-16 - Update "Requires" to allow for openvswitch2.12 * Mon Nov 11 2019 Dumitru Ceara - 2.11.1-15 - Backport "lflow.c: Fix memory leak of lflow_ref_list_node->ref_name." (#1770953) * Tue Nov 05 2019 Mark Michelson - 2.11.1-14 - Backport "Prevent erroneous duplicate IP address messages" (#1769043) * Mon Nov 04 2019 Numan Siddique - 2.11.1-13 - Backport "Fix virtual port binding when the parents are scheduled in same chassis" (#1762341) * Mon Nov 04 2019 Numan Siddique - 2.11.1-12 - Backport "Support IPv6 NAT" (#1768347) * Sun Nov 3 2019 Mark Michelson - 2.11.1-11 - Backport "Revert conjunctive match removal patches" (#1764032) - Backport "Combine conjunctions with identical matches into one" (#1764032) * Wed Oct 30 2019 Lorenzo Bianconi - 2.11.1-10 - Backport "Add DNSSL support to OVN" (#1764718) * Wed Oct 30 2019 Lorenzo Bianconi - 2.11.1-9 - Backport "Add RDNSS support to OVN" (#1699332) * Wed Oct 16 2019 Dumitru Ceara - 2.11.1-8 - Backport "ovn-northd: Fix IP multicast flooding to mrouter." (#1757714) * Thu Oct 10 2019 Numan Siddique - 2.11.1-7 - Fixed the patch apply errors. * Wed Oct 9 2019 Dumitru Ceara - 2.11.1-6 - Backport "ovn-northd: Use HMAP_FOR_EACH when adding multicast lflows" (#1757714) - Backport "ovn-northd: Add IGMP Relay support" (#1757714) - Backport "ovn-northd: Add static IP multicast flood configuration" (#1757715) * Wed Oct 2 2019 Dumitru Ceara - 2.11.1-5 - Backport "Learn the mac binding only if required" (#1729846) * Tue Oct 1 2019 Lorenzo Bianconi - 2.11.1-4 - Backport "Introduce localnet egress QoS support" (#1580542) * Fri Sep 27 2019 Numan Siddique - 2.11.1-3 - Backport " Disable conjunction by force cross product for all the fields." (#1756466) * Mon Sep 16 2019 Lorenzo Bianconi - 2.11.1-2 - Backport "Northd: add empty_lb controller_event for logical router" (#1743577) * Sat Sep 14 2019 Numan Siddique - 2.11.1-1 - Backport "Exclude inport and outport symbol tables from conjunction" (#1751942) * Fri Sep 06 2019 Numan Siddique - 2.11.1-0 - Sync 2.11.1-0 with upstream 2.12.0 so that we have all the I-P series patches (#1748102) * Tue Sep 03 2019 Numan Siddique - 2.11.0-37 - Backport firt 3 patches of I-P series (#1748102) * Fri Aug 23 2019 Lorenzo Bianconi - 2.11.0-36 - Backport "Remove ageing check in run_put_mac_binding" (#1745002) * Fri Aug 23 2019 Dumitru Ceara - 2.11.0-35 - Backport "pinctrl: Fix DNS packet parsing" (#1744991) * Fri Aug 23 2019 Numan Siddique - 2.11.0-34 - Backport "ovn-controller: Provide the option to configure inactivity probe interval for OpenFlow conn" (#1744962) * Tue Aug 20 2019 Numan Siddique - 2.11.0-33 - Backport "Make pidfile_is_running more robust against empty pidfiles" (#1741057) * Tue Aug 06 2019 Numan Siddique - 2.11.0-32 - Backport "Support binding a logical port based on the GARP from the VIF" (#1699350) * Tue Aug 06 2019 Lorenzo Bianconi - 2.11.0-31 - Backport "Fix default L4 default proto reported by ovn-nbctl" (#1734743) * Mon Aug 05 2019 Numan Siddique - 2.11.0-30 - Backport "Don't emit ICMP need to frag on LRP with no IPv4 address" (#1737341) * Mon Aug 05 2019 Numan Siddique - 2.11.0-29 - Revert Backport "Support binding a logical port based on the GARP from the VIF" (#1699350) * Mon Aug 05 2019 Numan Siddique - 2.11.0-28 - Backport " Support binding a logical port based on the GARP from the VIF" (#1699350) * Mon Aug 05 2019 Numan Siddique - 2.11.0-27 - Backport ovn-northd pause/resume support (#1720728) * Wed Jul 17 2019 Lorenzo Bianconi - 2.11.0-26 - Backport ovn uindling support (#1730759) * Wed Jul 17 2019 Numan Siddique - 2.11.0-25 - Backport related to GARP handling for router ips (#1561880) * Tue Jul 9 2019 Lorenzo Bianconi - 2.11.0-24 - Backport related to ip buffering with gw router port issue (#1728318) * Mon Jul 1 2019 Lorenzo Bianconi - 2.11.0-23 - Backport "OVN: add the possibility to specify tunnel dst port" (#1720371) * Mon Jun 24 2019 Dumitru Ceara - 2.11.0-22 - Backport "ovn-controller: Fix parsing of OVN tunnel IDs" (#1708131) * Mon Jun 24 2019 Numan Siddique - 2.11.0-21 - Backport "ovn-nbctl.8.xml: Fix typo." (#1720194) * Mon Jun 17 2019 Numan Siddique - 2.11.0-20 - Backport "ovn: Add support for DHCP option 15 - domain name" (#1721012) * Thu Jun 06 2019 Timothy Redaelli - 2.11.0-19 - Avoid collisions during installation of sources in debuginfo package (#1717933) * Mon May 27 2019 Dumitru Ceara - 2.11.0-18 - Backport "ovn: Properly set the index for chassis lookup" (#1698462) * Tue May 14 2019 Dumitru Ceara - 2.11.0-17 - Backport "stopwatch: Free stopwatch packets after processing" (#1698462) * Fri Apr 26 2019 Numan Siddique - 2.11.0-16 - Fix the ovn-northd sync issue with HA_Chassis group (#1666673) * Wed Apr 24 2019 Numan Siddique - 2.11.0-15 - Backport "RFE: Limit Geneve to within Transport Zones" (#1702550) * Wed Apr 24 2019 Numan Siddique - 2.11.0-14 - Backport "RFE: [OVN] Fragmentation support" (#1702331) * Sat Apr 20 2019 Numan Siddique - 2.11.0-13 - Backport "RFE: OVN - Support Logical ports of type external" (#1666673) * Thu Apr 18 2019 Lorenzo Bianconi - 2.11.0-12 - Backport "OVN: fix DVR Floating IP support" (#1701183) * Wed Apr 17 2019 Timothy Redaelli - 2.11.0-11 - Add 'Obsoletes' to the old OVN openvswitch2.11 sub-packages to allow to upgrade from FDP.A * Wed Apr 17 2019 Lorenzo Bianconi - 2.11.0-10 - Backport "OVN: add the possibility to configure a static IPv4/IPv6 address and dynamic MAC" * Tue Apr 16 2019 Timothy Redaelli - 2.11.0-9 - Remove 'Obsoletes' lines like on openvswitch2.11 package * Tue Apr 16 2019 Numan Siddique - 2.11.0-8 - Fix the 'Provides' to include '%pkgver' * Tue Mar 26 2019 Numan Siddique - 2.11.0-7 - Backport Fixes for #1677616 (pinctrl thread) and fixes related to IPv6 RA." * Tue Mar 19 2019 Numan Siddique - 2.11.0-6 - Removed ovn-common package and moved all the related files to main 'ovn' package. * Tue Mar 19 2019 Timothy Redaelli - 2.11.0-5 - Disable ovn-docker subpackage by default * Thu Mar 07 2019 Mark Michelson - 2.11.0-4 - Backport "OVN: Add port addresses to IPAM after all ports are joined." * Sat Mar 02 2019 Numan Siddique - 2.11.0-3 - Backport "ovn-controller: Provide the option to set the datapath-type of br-int" (#1684796) * Fri Mar 01 2019 Timothy Redaelli - 2.11.0-2 - Backport "rhel: Use PIDFile on forking systemd service files" (#1684477) * Thu Feb 28 2019 Numan Siddique - 2.11.0-1 - Update to official 2.11 release * Wed Jan 23 2019 Numan Siddique - 2.11.0-0.20190117git4e4f80e - Update to OVS 2.11 branch * Thu Jan 17 2019 Numan Siddique - 2.11.0-0.20190117gitab66223 - Update to a snapshot of OVS 2.11 from master * Thu Dec 20 2018 Numan Siddique - OVS/OVN split.