OVS + EdgeVPN - HackMD

# OVS + EdgeVPN I'm running Ubuntu 20.04: ``` keichi@keichi-ws:~$ cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=20.04 DISTRIB_CODENAME=focal DISTRIB_DESCRIPTION="Ubuntu 20.04.1 LTS" keichi@keichi-ws:~$ uname -a Linux keichi-ws 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux ``` Let's install Open vSwitch. ``` keichi@keichi-ws:~$ sudo apt install -y openvswitch-switch Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: libunbound8 openvswitch-common python3-openvswitch python3-sortedcontainers Suggested packages: ethtool openvswitch-doc python-sortedcontainers-doc The following NEW packages will be installed: libunbound8 openvswitch-common openvswitch-switch python3-openvswitch python3-sortedcontainers 0 upgraded, 5 newly installed, 0 to remove and 0 not upgraded. Need to get 1,601 kB/3,124 kB of archives. After this operation, 14.1 MB of additional disk space will be used. Get:1 http://jp.archive.ubuntu.com/ubuntu focal-updates/main amd64 libunbound8 amd64 1.9.4-2ubuntu1.1 [349 kB] Get:2 http://jp.archive.ubuntu.com/ubuntu focal/main amd64 python3-sortedcontainers all 2.1.0-2 [27.3 kB] Get:3 http://jp.archive.ubuntu.com/ubuntu focal-updates/main amd64 openvswitch-common amd64 2.13.1-0ubuntu0.20.04.1 [1,141 kB] Get:4 http://jp.archive.ubuntu.com/ubuntu focal-updates/main amd64 python3-openvswitch all 2.13.1-0ubuntu0.20.04.1 [84.3 kB] Fetched 1,601 kB in 0s (9,818 kB/s) Selecting previously unselected package libunbound8:amd64. (Reading database ... 197402 files and directories currently installed.) Preparing to unpack .../libunbound8_1.9.4-2ubuntu1.1_amd64.deb ... Unpacking libunbound8:amd64 (1.9.4-2ubuntu1.1) ... Selecting previously unselected package python3-sortedcontainers. Preparing to unpack .../python3-sortedcontainers_2.1.0-2_all.deb ... Unpacking python3-sortedcontainers (2.1.0-2) ... Selecting previously unselected package openvswitch-common. Preparing to unpack .../openvswitch-common_2.13.1-0ubuntu0.20.04.1_amd64.deb ... Unpacking openvswitch-common (2.13.1-0ubuntu0.20.04.1) ... Selecting previously unselected package python3-openvswitch. Preparing to unpack .../python3-openvswitch_2.13.1-0ubuntu0.20.04.1_all.deb ... Unpacking python3-openvswitch (2.13.1-0ubuntu0.20.04.1) ... Selecting previously unselected package openvswitch-switch. Preparing to unpack .../openvswitch-switch_2.13.1-0ubuntu0.20.04.1_amd64.deb ... Unpacking openvswitch-switch (2.13.1-0ubuntu0.20.04.1) ... Setting up python3-sortedcontainers (2.1.0-2) ... Setting up python3-openvswitch (2.13.1-0ubuntu0.20.04.1) ... Setting up libunbound8:amd64 (1.9.4-2ubuntu1.1) ... Setting up openvswitch-common (2.13.1-0ubuntu0.20.04.1) ... Setting up openvswitch-switch (2.13.1-0ubuntu0.20.04.1) ... update-alternatives: using /usr/lib/openvswitch-switch/ovs-vswitchd to provide /usr/sbin/ovs-vswitchd (ovs-vswitchd) in auto mode Processing triggers for systemd (245.4-4ubuntu3.2) ... Processing triggers for man-db (2.9.1-1) ... Processing triggers for libc-bin (2.31-0ubuntu9.1) ... ``` Installation has finished without any errors. Let's check if the services have started. ``` keichi@keichi-ws:~$ systemctl status ovs-vswitchd.service ● ovs-vswitchd.service - Open vSwitch Forwarding Unit Loaded: loaded (/lib/systemd/system/ovs-vswitchd.service; static; vendor preset: enabled) Active: inactive (dead) keichi@keichi-ws:~$ systemctl status ovsdb-server.service ● ovsdb-server.service - Open vSwitch Database Unit Loaded: loaded (/lib/systemd/system/ovsdb-server.service; static; vendor preset: enabled) Active: inactive (dead) keichi@keichi-ws:~$ lsmod | grep openvswitch ``` None of the OVS services are running and the OVS kernel module is not loaded. If I start an evio conainer at this point, it hangs. ``` keichi@keichi-ws:~$ sudo docker run -d -v $HOME/evio/config/config-001.json:/etc/opt/edge-vpnio/config.json -v $HOME/evio/logs/001:/var/log/edge-vpnio/ --rm --privileged --name evio001 --network dkrnet edgevpnio/evio-node:20.7 /sbin/init ``` ``` keichi@keichi-ws:~$ sudo docker exec -it evio001 /bin/bash root@6e22e7f496d1:~# ps auxf USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 235 0.0 0.0 18500 3356 pts/0 Ss 01:31 0:00 /bin/bash root 244 0.0 0.0 34396 2904 pts/0 R+ 01:31 0:00 \_ ps auxf root 1 0.1 0.0 77104 8248 ? Ss 01:30 0:00 /sbin/init root 20 0.0 0.0 78440 10040 ? S<s 01:30 0:00 /lib/systemd/systemd-journald systemd+ 26 0.0 0.0 70608 4980 ? Ss 01:30 0:00 /lib/systemd/systemd-resolved root 29 0.0 0.0 62000 5512 ? Ss 01:30 0:00 /lib/systemd/systemd-logind message+ 30 0.0 0.0 49924 4128 ? Ss 01:30 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activati root 33 0.0 0.0 167420 16608 ? Ssl 01:30 0:00 /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers root 39 0.0 0.0 92484 2204 ? Sl 01:30 0:00 ./tincan root 42 0.3 0.0 460096 29232 ? Sl 01:30 0:00 python Controller.py -c /etc/opt/edge-vpnio/config.json root 234 0.0 0.0 24116 4404 ? S 01:30 0:00 \_ /usr/bin/ovs-vsctl --may-exist add-br edgbr101000F root 67 0.0 0.0 21392 4144 ? S<s 01:30 0:00 ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=p ``` Now let's start ovs-vswitchd. ``` keichi@keichi-ws:~$ sudo systemctl start ovs-vswitchd.service ``` ``` keichi@keichi-ws:~$ systemctl status ovs-vswitchd.service ● ovs-vswitchd.service - Open vSwitch Forwarding Unit Loaded: loaded (/lib/systemd/system/ovs-vswitchd.service; static; vendor preset: enabled) Active: active (running) since Wed 2020-10-28 10:45:20 JST; 16s ago Process: 2992 ExecStart=/usr/share/openvswitch/scripts/ovs-ctl --no-ovsdb-server --no-monitor --system-id=random start $OPTIONS (code=exited, status=0> Tasks: 1 (limit: 77005) Memory: 5.1M CGroup: /system.slice/ovs-vswitchd.service └─3028 ovs-vswitchd unix:/var/run/openvswitch/db.sock -vconsole:emer -vsyslog:err -vfile:info --mlockall --no-chdir --log-file=/var/log/openv> Oct 28 10:45:20 keichi-ws systemd[1]: Starting Open vSwitch Forwarding Unit... Oct 28 10:45:20 keichi-ws ovs-ctl[3017]: * Inserting openvswitch module Oct 28 10:45:20 keichi-ws ovs-ctl[2992]: * Starting ovs-vswitchd Oct 28 10:45:20 keichi-ws ovs-vsctl[3035]: ovs|00001|vsctl|INFO|Called as ovs-vsctl --no-wait set Open_vSwitch . external-ids:hostname=keichi-ws Oct 28 10:45:20 keichi-ws ovs-ctl[2992]: * Enabling remote OVSDB managers Oct 28 10:45:20 keichi-ws systemd[1]: Started Open vSwitch Forwarding Unit. ``` The startup script (`ovs-ctl`) seems to have loaded the openvswitch kernel module. ``` keichi@keichi-ws:~$ lsmod | grep openvswitch openvswitch 135168 0 nsh 16384 1 openvswitch nf_conncount 24576 1 openvswitch nf_nat 40960 3 openvswitch,iptable_nat,xt_MASQUERADE nf_conntrack 139264 6 xt_conntrack,nf_nat,openvswitch,nf_conntrack_netlink,nf_conncount,xt_MASQUERADE nf_defrag_ipv6 24576 2 nf_conntrack,openvswitch libcrc32c 16384 3 nf_conntrack,nf_nat,openvswitch ``` Now that the kernel module has been loaded, I can stop ovs-vswitchd. ``` keichi@keichi-ws:~$ sudo systemctl stop ovs-vswitchd.service ``` Evio works without hanging. Both ovsdb-server and ovs-vswitchd are launched within the container. ``` keichi@keichi-ws:~$ sudo docker run -d -v $HOME/evio/config/config-001.json:/etc/opt/edge-vpnio/config.json -v $HOME/evio/logs/001:/var/log/edge-vpnio/ --rm --privileged --name evio001 --network dkrnet edgevpnio/evio-node:20.7 /sbin/init keichi@keichi-ws:~$ sudo docker exec -it evio001 /bin/bash root@d910f5ae486a:~# ps auxf USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 200 0.0 0.0 18500 3348 pts/0 Ss 01:47 0:00 /bin/bash root 209 0.0 0.0 34396 2932 pts/0 R+ 01:47 0:00 \_ ps auxf root 1 0.2 0.0 77104 8208 ? Ss 01:46 0:00 /sbin/init root 18 0.1 0.0 78440 9932 ? S<s 01:46 0:00 /lib/systemd/systemd-journald systemd+ 27 0.0 0.0 70608 5296 ? Ss 01:46 0:00 /lib/systemd/systemd-resolved message+ 28 0.0 0.0 49924 4176 ? Ss 01:46 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activati root 31 0.0 0.0 62000 5428 ? Ss 01:46 0:00 /lib/systemd/systemd-logind root 33 0.2 0.0 167420 16520 ? Ssl 01:46 0:00 /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers root 37 0.6 0.0 108876 2232 ? Sl 01:46 0:00 ./tincan root 42 1.6 0.0 1420752 29632 ? Sl 01:46 0:00 python Controller.py -c /etc/opt/edge-vpnio/config.json root 179 4.4 0.0 119000 53692 ? S 01:46 0:00 \_ /opt/edge-vpnio/venv/bin/python3 /opt/edge-vpnio/venv/bin/ryu-manager --user-flags m root 67 0.0 0.0 21392 4152 ? S<s 01:46 0:00 ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=p root 106 0.8 0.1 838488 102444 ? S<Lsl 01:46 0:00 ovs-vswitchd unix:/var/run/openvswitch/db.sock -vconsole:emer -vsyslog:err -vfile:info ``` I've also confirmed `modprobe openvswitch` can be used instead of starting and stopping ovs-vswitchd.