ovn-ctl(8) — Linux manual page
ovn-ctl(8) OVN Manual ovn-ctl(8)
NAME
ovn-ctl - Open Virtual Network northbound daemon lifecycle
utility
SYNOPSIS
ovn-ctl [options] command [-- extra_args]
DESCRIPTION
This program is intended to be invoked internally by Open Virtual
Network startup scripts. System administrators should not
normally invoke it directly.
COMMANDS
start_northd
start_controller
start_controller_vtep
start_ic
stop_northd
stop_controller
stop_controller_vtep
stop_ic
restart_northd
restart_controller
restart_controller_vtep
restart_ic
promote_ovnnb
promote_ovnsb
demote_ovnnb
demote_ovnsb
status_ovnnb
status_ovnsb
start_ovsdb
start_nb_ovsdb
start_sb_ovsdb
stop_ovsdb
stop_nb_ovsdb
stop_sb_ovsdb
restart_ovsdb
run_nb_ovsdb
run_sb_ovsdb
promote_ic_nb
promote_ic_sb
demote_ic_nb
demote_ic_sb
status_ic_nb
status_ic_sb
start_ic_ovsdb
start_ic_nb_ovsdb
start_ic_sb_ovsdb
stop_ic_ovsdb
stop_ic_nb_ovsdb
stop_ic_sb_ovsdb
restart_ic_ovsdb
run_ic_nb_ovsdb
run_ic_sb_ovsdb
OPTIONS
--ovn-northd-priority=NICE
--ovn-northd-wrapper=WRAPPER
--ovn-controller-priority=NICE
--ovn-controller-wrapper=WRAPPER
--ovn-ic-priority=NICE
--ovn-ic-wrapper=WRAPPER
--ovsdb-nb-wrapper=WRAPPER
--ovsdb-sb-wrapper=WRAPPER
--ovn-user=USER:GROUP
-h | --help
FILE LOCATION OPTIONS
--db-sock=SOCKET
--db-nb-file=FILE
--db-sb-file=FILE
--db-nb-schema=FILE
--db-sb-schema=FILE
--db-sb-create-insecure-remote=yes|no
--db-nb-create-insecure-remote=yes|no
--db-ic-nb-file=FILE
--db-ic-sb-file=FILE
--db-ic-nb-schema=FILE
--db-ic-sb-schema=FILE
--db-ic-sb-create-insecure-remote=yes|no
--db-ic-nb-create-insecure-remote=yes|no
--db-nb-config-file=FILE
--db-sb-config-file=FILE
--db-ic-nb-config-file=FILE
--db-ic-sb-config-file=FILE
--db-sb-relay-config-file=FILE
--ovn-controller-ssl-key=KEY
--ovn-controller-ssl-cert=CERT
--ovn-controller-ssl-ca-cert=CERT
--ovn-controller-ssl-bootstrap-ca-cert=CERT
PROTOCOL AND CIPHER OPTIONS
--ovn-controller-ssl-protocols=PROTOCOLS
--ovn-ic-ssl-protocols=PROTOCOLS
--ovn-northd-ssl-protocols=PROTOCOLS
--ovn-nb-db-ssl-protocols=PROTOCOLS
--ovn-sb-db-ssl-protocols=PROTOCOLS
--ovn-ic-nb-db-ssl-protocols=PROTOCOLS
--ovn-ic-sb-db-ssl-protocols=PROTOCOLS
--ovn-controller-ssl-ciphers=CIPHERS
--ovn-ic-ssl-ciphers=CIPHERS
--ovn-northd-ssl-ciphers=CIPHERS
--ovn-nb-db-ssl-ciphers=CIPHERS
--ovn-sb-db-ssl-ciphers=CIPHERS
--ovn-ic-nb-db-ssl-ciphers=CIPHERS
--ovn-ic-sb-db-ssl-ciphers=CIPHERS
ADDRESS AND PORT OPTIONS
--db-nb-sync-from-addr=IP ADDRESS
--db-nb-sync-from-port=PORT NUMBER
--db-nb-sync-from-proto=PROTO
--db-sb-sync-from-addr=IP ADDRESS
--db-sb-sync-from-port=PORT NUMBER
--db-sb-sync-from-proto=PROTO
--db-ic-nb-sync-from-addr=IP ADDRESS
--db-ic-nb-sync-from-port=PORT NUMBER
--db-ic-nb-sync-from-proto=PROTO
--db-ic-sb-sync-from-addr=IP ADDRESS
--db-ic-sb-sync-from-port=PORT NUMBER
--db-ic-sb-sync-from-proto=PROTO
--ovn-northd-nb-db=PROTO:IP ADDRESS: PORT..
--ovn-northd-sb-db=PROTO:IP ADDRESS: PORT..
--ovn-ic-nb-db=PROTO:IP ADDRESS: PORT..
--ovn-ic-sb-db=PROTO:IP ADDRESS: PORT..
CLUSTERING OPTIONS
--db-nb-cluster-local-addr=IP ADDRESS
--db-nb-cluster-local-port=PORT NUMBER
--db-nb-cluster-local-proto=PROTO (tcp/ssl)
--db-nb-cluster-remote-addr=IP ADDRESS
--db-nb-cluster-remote-port=PORT NUMBER
--db-nb-cluster-remote-proto=PROTO (tcp/ssl)
--db-nb-election-timer=Timeout in milliseconds
--db-sb-cluster-local-addr=IP ADDRESS
--db-sb-cluster-local-port=PORT NUMBER
--db-sb-cluster-local-proto=PROTO (tcp/ssl)
--db-sb-cluster-remote-addr=IP ADDRESS
--db-sb-cluster-remote-port=PORT NUMBER
--db-sb-cluster-remote-proto=PROTO (tcp/ssl)
--db-sb-election-timer=Timeout in milliseconds
--db-ic-nb-cluster-local-addr=IP ADDRESS
--db-ic-nb-cluster-local-port=PORT NUMBER
--db-ic-nb-cluster-local-proto=PROTO (tcp/ssl)
--db-ic-nb-cluster-remote-addr=IP ADDRESS
--db-ic-nb-cluster-remote-port=PORT NUMBER
--db-ic-nb-cluster-remote-proto=PROTO (tcp/ssl)
--db-ic-sb-cluster-local-addr=IP ADDRESS
--db-ic-sb-cluster-local-port=PORT NUMBER
--db-ic-sb-cluster-local-proto=PROTO (tcp/ssl)
--db-ic-sb-cluster-remote-addr=IP ADDRESS
--db-ic-sb-cluster-remote-port=PORT NUMBER
--db-ic-sb-cluster-remote-proto=PROTO (tcp/ssl)
--db-cluster-schema-upgrade=yes|no
PROBE INTERVAL OPTIONS
--db-nb-probe-interval-to-active=Time in milliseconds
--db-sb-probe-interval-to-active=Time in milliseconds
EXTRA OPTIONS
Any options after ’-’ will be passed on to the binary run by
command with the exception of start_northd, which can have
options specified in ovn-northd-db-params.conf. Any extra_args
passed to start_northd will be passed to the ovsdb-servers if
--ovn-manage-ovsdb=yes
CONFIGURATION FILES
Following are the optional configuration files. If present, it
should be located in the etc dir
ovnnb-active.conf
If present, this file should hold the url to connect to the
active Northbound DB server
tcp:x.x.x.x:6641
ovnsb-active.conf
If present, this file should hold the url to connect to the
active Southbound DB server
tcp:x.x.x.x:6642
ovn-northd-db-params.conf
If present, start_northd will not start the DB server even if
--ovn-manage-ovsdb=yes. This file should hold the database url
parameters to be passed to ovn-northd.
--ovnnb-db=tcp:x.x.x.x:6641 --ovnsb-db=tcp:x.x.x.x:6642
ic-nb-active.conf
If present, this file should hold the url to connect to the
active Interconnection Northbound DB server
tcp:x.x.x.x:6645
ic-sb-active.conf
If present, this file should hold the url to connect to the
active Interconnection Southbound DB server
tcp:x.x.x.x:6646
ovn-ic-db-params.conf
If present, this file should hold the database url parameters to
be passed to ovn-ic.
--ic-nb-db=tcp:x.x.x.x:6645 --ic-sb-db=tcp:x.x.x.x:6646
RUNNING OVN DB SERVERS WITHOUT DETACHING
# ovn-ctl run_nb_ovsdb
This command runs the OVN nb ovsdb-server without passing the
detach option, making it to block until ovsdb-server exits. This
command will be useful for starting the OVN nb ovsdb-server in a
container.
# ovn-ctl run_sb_ovsdb
This command runs the OVN sb ovsdb-server without passing the
detach option, making it to block until ovsdb-server exits. This
command will be useful for starting the OVN sb ovsdb-server in a
container.
# ovn-ctl run_ic_nb_ovsdb
This command runs the OVN IC-NB ovsdb-server without passing the
detach option, making it to block until ovsdb-server exits. This
command will be useful for starting the OVN IC-NB ovsdb-server in
a container.
# ovn-ctl run_ic_sb_ovsdb
This command runs the OVN IC-SB ovsdb-server without passing the
detach option, making it to block until ovsdb-server exits. This
command will be useful for starting the OVN IC-SB ovsdb-server in
a container.
EXAMPLE USAGE
Run ovn-controller on a host already running OVS
# ovn-ctl start_controller
Run ovn-northd on a host already running OVS
# ovn-ctl start_northd
All-in-one OVS+OVN for testing
# ovs-ctl start --system-id="random"
# ovn-ctl start_northd
# ovn-ctl start_controller
Promote and demote ovsdb servers
# ovn-ctl promote_ovnnb
# ovn-ctl promote_ovnsb
# ovn-ctl --db-nb-sync-from-addr=x.x.x.x
--db-nb-sync-from-port=6641
--db-nb-probe-interval-to-active=60000 demote_ovnnb
# ovn-ctl --db-sb-sync-from-addr=x.x.x.x
--db-sb-sync-from-port=6642
--db-sb-probe-interval-to-active=60000 demote_ovnsb
Creating a clustered db on 3 nodes with IPs x.x.x.x, y.y.y.y and
z.z.z.z
Starting OVN ovsdb servers and ovn-northd on the node with IP
x.x.x.x
# ovn-ctl --db-nb-addr=x.x.x.x
--db-nb-create-insecure-remote=yes --db-sb-addr=x.x.x.x
--db-sb-create-insecure-remote=yes
--db-nb-cluster-local-addr=x.x.x.x
--db-sb-cluster-local-addr=x.x.x.x
--ovn-northd-nb-db=tcp:x.x.x.x:6641,tcp:y.y.y.y:6641,tcp:z.z.z.z:6641
--ovn-northd-sb-db=tcp:x.x.x.x:6642,tcp:y.y.y.y:6642,tcp:z.z.z.z:6642
start_northd
Starting OVN ovsdb-servers and ovn-northd on the node with IP
y.y.y.y and joining the cluster started at x.x.x.x
# ovn-ctl --db-nb-addr=y.y.y.y
--db-nb-create-insecure-remote=yes --db-sb-addr=y.y.y.y
--db-sb-create-insecure-remote=yes
--db-nb-cluster-local-addr=y.y.y.y
--db-sb-cluster-local-addr=y.y.y.y
--db-nb-cluster-remote-addr=x.x.x.x
--db-sb-cluster-remote-addr=x.x.x.x
--ovn-northd-nb-db=tcp:x.x.x.x:6641,tcp:y.y.y.y:6641,tcp:z.z.z.z:6641
--ovn-northd-sb-db=tcp:x.x.x.x:6642,tcp:y.y.y.y:6642,tcp:z.z.z.z:6642
start_northd
Starting OVN ovsdb-servers and ovn-northd on the node with IP
z.z.z.z and joining the cluster started at x.x.x.x
# ovn-ctl --db-nb-addr=z.z.z.z
--db-nb-create-insecure-remote=yes
--db-nb-cluster-local-addr=z.z.z.z --db-sb-addr=z.z.z.z
--db-sb-create-insecure-remote=yes
--db-sb-cluster-local-addr=z.z.z.z
--db-nb-cluster-remote-addr=x.x.x.x
--db-sb-cluster-remote-addr=x.x.x.x
--ovn-northd-nb-db=tcp:x.x.x.x:6641,tcp:y.y.y.y:6641,tcp:z.z.z.z:6641
--ovn-northd-sb-db=tcp:x.x.x.x:6642,tcp:y.y.y.y:6642,tcp:z.z.z.z:6642
start_northd
Passing ssl keys when starting OVN dbs will supersede the default ssl
values in db
Starting standalone ovn db server passing SSL certificates
# ovn-ctl --ovn-nb-db-ssl-key=/etc/ovn/ovnnb-privkey.pem
--ovn-nb-db-ssl-cert=/etc/ovn/ovnnb-cert.pem
--ovn-nb-db-ssl-ca-cert=/etc/ovn/cacert.pem
--ovn-sb-db-ssl-key=/etc/ovn/ovnsb-privkey.pem
--ovn-sb-db-ssl-cert=/etc/ovn/ovnsb-cert.pem
--ovn-sb-db-ssl-ca-cert=/etc/ovn/cacert.pem start_northd
Avoiding automatic clustered OVN database schema upgrade
If you desire more control over clustered DB schema upgrade, you
can opt-out of automatic on-start upgrade attempts with
--no-db-cluster-schema-upgrade.
Start OVN NB and SB clustered databases on host with IP x.x.x.x
without schema upgrade
# ovn-ctl start_nb_ovsdb --db-nb-cluster-local-addr=x.x.x.x
--no-db-cluster-schema-upgrade # ovn-ctl start_sb_ovsdb
--db-sb-cluster-local-addr=x.x.x.x --no-db-cluster-schema-upgrade
Trigger clustered DB schema upgrade manually
# ovsdb-client convert unix:/var/run/ovn/ovnnb_db.sock
/usr/local/share/ovn/ovn-nb.ovsschema # ovsdb-client convert
unix:/var/run/ovn/ovnsb_db.sock
/usr/local/share/ovn/ovn-sb.ovsschema
COLOPHON
This page is part of the Open Virtual Network (Daemons for Open
vSwitch that translate virtual network configurations into
OpenFlow) project. Information about the project can be found at
⟨https://www.ovn.org/⟩. If you have a bug report for this manual
page, send it to bugs@openvswitch.org. This page was obtained
from the project's upstream Git repository
⟨https://github.com/ovn-org/ovn⟩ on 2024-06-14. (At that time,
the date of the most recent commit that was found in the
repository was 2024-06-12.) If you discover any rendering
problems in this HTML version of the page, or you believe there
is a better or more up-to-date source for the page, or you have
corrections or improvements to the information in this COLOPHON
(which is not part of the original manual page), send a mail to
man-pages@man7.org