Blob Blame History Raw
# Spec file for Open Virtual Network (OVN).

# Copyright (C) 2020 Red Hat, Inc.
#
# Copying and distribution of this file, with or without modification,
# are permitted in any medium without royalty provided the copyright
# notice and this notice are preserved.  This file is offered as-is,
# without warranty of any kind.
#
# If tests have to be skipped while building, specify the '--without check'
# option. For example:
#     rpmbuild -bb --without check rhel/ovn-fedora.spec
#

# This defines the base package name's version.
%define pkgver 2.13
%define pkgname ovn%{pkgver}

#%%global commit0 7886ac9ed807d6ff942edde624a3f9331da7332a
#%%global date 20200217
#%%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})

# openvswitch commit
#%%global commit1 8ae6a5f98c3ad57d10220596054f6a0c4d6ea358
#%%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})

# If libcap-ng isn't available and there is no need for running OVS
# as regular user, specify the '--without libcapng'
%bcond_without libcapng

# Enable PIE, bz#955181
%global _hardened_build 1

# some distros (e.g: RHEL-7) don't define _rundir macro yet
# Fedora 15 onwards uses /run as _rundir
%if 0%{!?_rundir:1}
%define _rundir /run
%endif

%if 0%{?rhel} > 7 || 0%{?fedora}
# On RHEL8 Sphinx is included in buildroot
%global external_sphinx 1
%else
# Don't use external sphinx (RHV doesn't have optional repositories enabled)
%global external_sphinx 0
%endif

# We would see rpmlinit error - E: hardcoded-library-path in '% {_prefix}/lib'.
# But there is no solution to fix this. Using {_lib} macro will solve the
# rpmlink error, but will install the files in /usr/lib64/.
# OVN pacemaker ocf script file is copied in /usr/lib/ocf/resource.d/ovn/
# and we are not sure if pacemaker looks into this path to find the
# OVN resource agent script.
%global ovnlibdir %{_prefix}/lib

Name: %{pkgname}
Summary: Open Virtual Network support
Group: System Environment/Daemons
URL: http://www.openvswitch.org/
Version: %{pkgver}.0
Release: 39%{?commit0:.%{date}git%{shortcommit0}}%{?dist}
Provides: openvswitch%{pkgver}-ovn-common = %{?epoch:%{epoch}:}%{version}-%{release}
Obsoletes: openvswitch%{pkgver}-ovn-common < 2.11.0-1

# Nearly all of openvswitch is ASL 2.0.  The bugtool is LGPLv2+, and the
# lib/sflow*.[ch] files are SISSL
License: ASL 2.0 and LGPLv2+ and SISSL

%if 0%{?commit0:1}
Source: https://github.com/ovn-org/ovn/archive/%{commit0}.tar.gz#/ovn-%{shortcommit0}.tar.gz
%else
# Upstream version is called 20.03, not 2.13. Once we switch to using the
# same versioning scheme for RH, we can reference %{version} here.
# XXX Are OVN releases listed on openvswitch.org?
Source: https://www.openvswitch.org/releases/ovn-%{version}.tar.gz
%endif


%define ovsver %{version}

%if 0%{?commit1:1}
Source10: https://github.com/openvswitch/ovs/archive/%{commit1}.tar.gz#/openvswitch-%{shortcommit1}.tar.gz
%define ovsdir ovs-%{commit1}
%else
Source10: https://openvswitch.org/releases/openvswitch-%{ovsver}.tar.gz
%define ovsdir openvswitch-%{ovsver}
%endif

%define docutilsver 0.12
%define pygmentsver 1.4
%define sphinxver   1.1.3
Source100: https://pypi.io/packages/source/d/docutils/docutils-%{docutilsver}.tar.gz
Source101: https://pypi.io/packages/source/P/Pygments/Pygments-%{pygmentsver}.tar.gz
Source102: https://pypi.io/packages/source/S/Sphinx/Sphinx-%{sphinxver}.tar.gz

Source500: configlib.sh
Source501: gen_config_group.sh
Source502: set_config.sh

# Important: source503 is used as the actual copy file
# @TODO: this causes a warning - fix it?
Source504: arm64-armv8a-linuxapp-gcc-config
Source505: ppc_64-power8-linuxapp-gcc-config
Source506: x86_64-native-linuxapp-gcc-config

# ovn-patches

# OVN (including OVS if required) backports (0 - 399)
# Bug 1812038
Patch0: 0001-system-tests-Fix-occasional-failure-of-the-test-Load.patch
Patch1: 0002-Broadcast-DHCPREPLY-when-BROADCAST-flag-is-set.patch
Patch2: 0003-logical-fields-fix-memory-leak-caused-by-initialize-.patch

# Bug 1813046
Patch10: 0001-ovn-northd-Add-lflows-to-by-pass-the-svc-monitor-pac.patch

# Bug 1816087
Patch20: 0001-ovn-northd-Don-t-add-arp-responder-flows-for-lports-.patch

# Bug 1816616
Patch30: 0001-ovn-northd-Forward-ARP-requests-on-localnet-ports.patch
Patch31: 0001-ovn.at-Fix-ARP-test-that-fails-due-to-timing.patch

# Bug 1815217
Patch040: 0001-northd-do-not-insert-identical-lflows-in-S_ROUTER_IN.patch
Patch041: 0002-ovn-northd-Skip-unsnat-flows-for-load-balancer-vips-.patch

# Bug 1819604
Patch050: 0001-ovn-controller-Fix-potential-segfault-with-virtual-p.patch
Patch051: 0001-ovn-controller-Skip-vport-bindings-done-through-OVS-.patch

# Bug 1718372
Patch060: 0001-Add-external_ids-column-for-tables-in-nb-schema.patch
Patch061: 0001-Add-SCTP-support-to-load-balancers.patch

# Bug 1815009
Patch070: 0001-controller-use-LLA-IPv6-address-as-NS-source-address.patch

# Bug 1822859
Patch080: 0001-ovn-ctl-Provide-the-option-to-configure-inactive-pro.patch

# Bug 1823226
Patch090: 0001-tests-Wait-up-to-OVS_CTL_TIMEOUT-seconds.patch
Patch091: 0002-controller-Add-ipv6-prefix-delegation-state-machine.patch
Patch092: 0003-northd-Add-logical-flows-for-dhcpv6-pfd-parsing.patch

# Bug 1778016
Patch100: 0001-ovn-nbctl-Create-daemon-control-socket-in-ovn-run-di.patch

# Bug 1801058
Patch110: 0001-pinctrl-Handle-service-monitors-even-if-the-lport-do.patch

# Bug 1825334
Patch120: 0001-ovn-northd-Limit-IPv6-ND-NS-RA-RS-to-the-local-netwo.patch

# Bug 1819069
# Bug 1778016
Patch130: 0001-DNS-Make-DNS-lookups-case-insensitive.patch
Patch131: 0002-Create-daemon-pidfiles-in-ovn-run-dir.patch

# Bug 1819785
Patch140: 0001-Fix-conntrack-entry-leaks-because-of-TCP-RST-packets.patch

# Bug 1827403
Patch150: 0001-ovn-northd-Optimize-flows-for-LB-Hairpin-traffic.patch

# Bug 1817606
Patch160: 0001-Rely-on-unique-name-for-ovn-qos-meters.patch

# Bug 1826623
Patch170: 0001-IPv6-PD-assume-status-to-be-Success-if-not-present.patch

# Bug 1827090
Patch180: 0001-IPv6-PD-time-parameter-checks.patch

# Bug 1828637
Patch190: 0001-ovn-northd-Clear-SB-records-depending-on-stale-datap.patch
Patch191: 0002-ovn-northd-Fix-tunnel_key-allocation-for-SB-Port_Bin.patch

# Bug 1826683 and 1827084
Patch200: 0001-Disable-IPv6-prefix-reporting-if-IPv6-PD-is-disabled.patch
Patch201: 0002-controller-Add-garbage-collector-for-ipv6_prefixd.patch
Patch202: 0003-IPv6-PD-Disable-pd-processing-if-the-router-port-is-.patch

# Bug 1823755
Patch210: 0001-Fix-ACL-reject-action-for-UDP-packets.patch

# Bug 1707513
# Bug 1825073
Patch220: 0001-controller-Use-OpenFlow-version-1.5.patch
Patch221: 0002-ovn-northd-Fix-memory-leak-and-incorrect-limiting-of.patch
Patch222: 0003-Support-selection-fields-in-load-balancer.patch
Patch223: 0004-tests-Fix-occasional-failures-for-test-85.patch

# Bug 1834655
Patch230: 0001-pinctrl-Fix-icmp6-packet-corruption-issue.patch

# Bug 1827769
Patch240: 0001-ovn-northd-Fix-leak-of-lport-addresses-during-DHCPv6.patch
Patch241: 0002-ovn-northd-Fix-memory-leak-in-case-of-duplicate-logi.patch

# Bug 1779854
Patch250: 0001-ofctrl-Split-large-group_mod-messages-up.patch

# Bug 1836976
Patch260: 0001-ovn-northd-Remove-useless-flow-for-GW_REDIRECT.patch
Patch261: 0002-Revert-Manage-ARP-process-locally-in-a-DVR-scenario.patch
Patch262: 0003-controller-fix-ip-buffering-with-static-routes.patch
Patch263: 0004-northd-manage-ARP-request-locally-for-FIP-traffic.patch

# Bug 1843512
Patch270: 0001-Make-the-notify-calls-work-with-IPv6-in-the-OCF-reso.patch

# Bug 1832176
# Bug 1804576
Patch280: 0001-Fix-ovn-controller-generated-packets-from-getting-dr.patch
Patch281: 0002-Honour-router_preference-for-solicited-RA.patch

# Bug 1848398
Patch290: 0001-northd-By-pass-IPv6-Router-Adv-and-Router-Solicitati.patch

# Bug 1818128
Patch300: 0001-Split-SB-Port_Group-per-datapath.patch

# Bug 1849162
Patch310: 0001-ovn-northd-Fix-the-missing-lflow-issue-in-LS_OUT_PRE.patch

# OpenvSwitch backports (800-) if required.
Patch800: 0001-Revert-ovsdb-idl-Avoid-sending-redundant-conditional.patch

Patch810: 0003-ovsdb-idl-Try-committing-the-pending-txn-in-ovsdb_id.patch

# Bug 1808580
Patch820: 0001-ovsdb-idl-Avoid-inconsistent-IDL-state-with-OVSDB_MO.patch

# FIXME Sphinx is used to generate some manpages, unfortunately, on RHEL, it's
# in the -optional repository and so we can't require it directly since RHV
# doesn't have the -optional repository enabled and so TPS fails
%if %{external_sphinx}
BuildRequires: python3-sphinx
%else
# Sphinx dependencies
BuildRequires: python-devel
BuildRequires: python-setuptools
#BuildRequires: python2-docutils
BuildRequires: python-jinja2
BuildRequires: python-nose
#BuildRequires: python2-pygments
# docutils dependencies
BuildRequires: python-imaging
# pygments dependencies
BuildRequires: python-nose
%endif

BuildRequires: gcc gcc-c++ make
BuildRequires: autoconf automake libtool
BuildRequires: systemd-units openssl openssl-devel
BuildRequires: python3-devel python3-setuptools
BuildRequires: desktop-file-utils
BuildRequires: groff-base graphviz
BuildRequires: unbound-devel

# make check dependencies
BuildRequires: procps-ng
%if 0%{?rhel} > 7 || 0%{?fedora}
BuildRequires: python3-pyOpenSSL
%endif

%if %{with libcapng}
BuildRequires: libcap-ng libcap-ng-devel
%endif

Requires: hostname openssl iproute module-init-tools

Requires(post): systemd-units
Requires(preun): systemd-units
Requires(postun): systemd-units

# to skip running checks, pass --without check
# Disable Tests due to https://bugs.centos.org/view.php?id=16969, tests failing
# as build is running on CentOS7 builder, once builders are CentOS8 based tests can
# be re enabled.
%bcond_with check

%description
OVN, the Open Virtual Network, is a system to support virtual network
abstraction.  OVN complements the existing capabilities of OVS to add
native support for virtual network abstractions, such as virtual L2 and L3
overlays and security groups.

%package central
Summary: Open Virtual Network support
License: ASL 2.0
Requires: %{pkgname}
Requires: firewalld-filesystem
Provides: openvswitch%{pkgver}-ovn-central = %{?epoch:%{epoch}:}%{version}-%{release}
Obsoletes: openvswitch%{pkgver}-ovn-central < 2.11.0-1

%description central
OVN DB servers and ovn-northd running on a central node.

%package host
Summary: Open Virtual Network support
License: ASL 2.0
Requires: %{pkgname}
Requires: firewalld-filesystem
Provides: openvswitch%{pkgver}-ovn-host = %{?epoch:%{epoch}:}%{version}-%{release}
Obsoletes: openvswitch%{pkgver}-ovn-host < 2.11.0-1

%description host
OVN controller running on each host.

%package vtep
Summary: Open Virtual Network support
License: ASL 2.0
Requires: %{pkgname}
Provides: openvswitch%{pkgver}-ovn-vtep = %{?epoch:%{epoch}:}%{version}-%{release}
Obsoletes: openvswitch%{pkgver}-ovn-vtep < 2.11.0-1

%description vtep
OVN vtep controller

%prep
%if 0%{?commit0:1}
%autosetup -n ovn-%{commit0} -a 10 -p 1
%else
%autosetup -n ovn-%{version} -a 10 -p 1
%endif

%build
%if 0%{?commit0:1}
# fix the snapshot unreleased version to be the released one.
sed -i.old -e "s/^AC_INIT(openvswitch,.*,/AC_INIT(openvswitch, %{version},/" configure.ac
%endif
./boot.sh

# OVN source code is now separate.
# Build openvswitch first.
# XXX Current openvswitch2.13 doesn't
# use "2.13.0" for version. It's a commit hash
pushd %{ovsdir}
./boot.sh
%configure \
%if %{with libcapng}
        --enable-libcapng \
%else
        --disable-libcapng \
%endif
        --enable-ssl \
        --with-pkidir=%{_sharedstatedir}/openvswitch/pki

make %{?_smp_mflags}
popd

# Build OVN.
# XXX OVS version needs to be updated when ovs2.13 is updated.
%configure \
        --with-ovs-source=$PWD/%{ovsdir} \
%if %{with libcapng}
        --enable-libcapng \
%else
        --disable-libcapng \
%endif
        --enable-ssl \
        --with-pkidir=%{_sharedstatedir}/openvswitch/pki

make %{?_smp_mflags}

%install
%make_install
install -p -D -m 0644 \
        rhel/usr_share_ovn_scripts_systemd_sysconfig.template \
        $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/ovn

for service in ovn-controller ovn-controller-vtep ovn-northd; do
        install -p -D -m 0644 \
                        rhel/usr_lib_systemd_system_${service}.service \
                        $RPM_BUILD_ROOT%{_unitdir}/${service}.service
done

install -d -m 0755 $RPM_BUILD_ROOT/%{_sharedstatedir}/ovn

install -d $RPM_BUILD_ROOT%{ovnlibdir}/firewalld/services/
install -p -m 0644 rhel/usr_lib_firewalld_services_ovn-central-firewall-service.xml \
        $RPM_BUILD_ROOT%{ovnlibdir}/firewalld/services/ovn-central-firewall-service.xml
install -p -m 0644 rhel/usr_lib_firewalld_services_ovn-host-firewall-service.xml \
        $RPM_BUILD_ROOT%{ovnlibdir}/firewalld/services/ovn-host-firewall-service.xml

install -d -m 0755 $RPM_BUILD_ROOT%{ovnlibdir}/ocf/resource.d/ovn
ln -s %{_datadir}/ovn/scripts/ovndb-servers.ocf \
      $RPM_BUILD_ROOT%{ovnlibdir}/ocf/resource.d/ovn/ovndb-servers

install -p -D -m 0644 rhel/etc_logrotate.d_ovn \
        $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d/ovn

# remove unneeded files.
rm -f $RPM_BUILD_ROOT%{_bindir}/ovs*
rm -f $RPM_BUILD_ROOT%{_bindir}/vtep-ctl
rm -f $RPM_BUILD_ROOT%{_sbindir}/ovs*
rm -f $RPM_BUILD_ROOT%{_mandir}/man1/ovs*
rm -f $RPM_BUILD_ROOT%{_mandir}/man5/ovs*
rm -f $RPM_BUILD_ROOT%{_mandir}/man5/vtep*
rm -f $RPM_BUILD_ROOT%{_mandir}/man7/ovs*
rm -f $RPM_BUILD_ROOT%{_mandir}/man8/ovs*
rm -f $RPM_BUILD_ROOT%{_mandir}/man8/vtep*
rm -rf $RPM_BUILD_ROOT%{_datadir}/ovn/python
rm -f $RPM_BUILD_ROOT%{_datadir}/ovn/scripts/ovs*
rm -rf $RPM_BUILD_ROOT%{_datadir}/ovn/bugtool-plugins
rm -f $RPM_BUILD_ROOT%{_libdir}/*.a
rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/*.pc
rm -f $RPM_BUILD_ROOT%{_includedir}/ovn/*
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/bash_completion.d/ovs-appctl-bashcomp.bash
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/bash_completion.d/ovs-vsctl-bashcomp.bash
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/openvswitch
rm -f $RPM_BUILD_ROOT%{_datadir}/ovn/scripts/ovn-bugtool*
rm -f $RPM_BUILD_ROOT/%{_bindir}/ovn-docker-overlay-driver \
        $RPM_BUILD_ROOT/%{_bindir}/ovn-docker-underlay-driver

%check
%if %{with check}
    touch resolv.conf
    export OVS_RESOLV_CONF=$(pwd)/resolv.conf
    if ! make check TESTSUITEFLAGS='%{_smp_mflags} -k ovn'; then
        cat tests/testsuite.log
        if ! make check TESTSUITEFLAGS='--recheck'; then
            cat tests/testsuite.log
            # Presently a test case - "2796: ovn -- ovn-controller incremental processing"
            # is failing on aarch64 arch. Let's not exit for this arch
            # until we figure out why it is failing.
            # Test case 93: ovn.at:12105       ovn -- ACLs on Port Groups is failing
            # repeatedly on s390x. This needs to be investigated.
            %ifnarch aarch64
            %ifnarch ppc64le
            %ifnarch s390x
                exit 1
            %endif
            %endif
            %endif
        fi
    fi
%endif

%clean
rm -rf $RPM_BUILD_ROOT

%pre central
if [ $1 -eq 1 ] ; then
    # Package install.
    /bin/systemctl status ovn-northd.service >/dev/null
    ovn_status=$?
    rpm -ql openvswitch-ovn-central > /dev/null
    if [[ "$?" = "0" && "$ovn_status" = "0" ]]; then
        # ovn-northd service is running which means old openvswitch-ovn-central
        # is already installed and it will be cleaned up. So start ovn-northd
        # service when posttrans central is called.
        touch %{_localstatedir}/lib/rpm-state/ovn-northd
    fi
fi

%pre host
if [ $1 -eq 1 ] ; then
    # Package install.
    /bin/systemctl status ovn-controller.service >/dev/null
    ovn_status=$?
    rpm -ql openvswitch-ovn-host > /dev/null
    if [[ "$?" = "0" && "$ovn_status" = "0" ]]; then
        # ovn-controller service is running which means old
        # openvswitch-ovn-host is installed and it will be cleaned up. So
        # start ovn-controller service when posttrans host is called.
        touch %{_localstatedir}/lib/rpm-state/ovn-controller
    fi
fi

%pre vtep
if [ $1 -eq 1 ] ; then
    # Package install.
    /bin/systemctl status ovn-controller-vtep.service >/dev/null
    ovn_status=$?
    rpm -ql openvswitch-ovn-vtep > /dev/null
    if [[ "$?" = "0" && "$ovn_status" = "0" ]]; then
        # ovn-controller-vtep service is running which means old
        # openvswitch-ovn-vtep is installed and it will be cleaned up. So
        # start ovn-controller-vtep service when posttrans host is called.
        touch %{_localstatedir}/lib/rpm-state/ovn-controller-vtep
    fi
fi

%preun central
%if 0%{?systemd_preun:1}
    %systemd_preun ovn-northd.service
%else
    if [ $1 -eq 0 ] ; then
        # Package removal, not upgrade
        /bin/systemctl --no-reload disable ovn-northd.service >/dev/null 2>&1 || :
        /bin/systemctl stop ovn-northd.service >/dev/null 2>&1 || :
    fi
%endif

%preun host
%if 0%{?systemd_preun:1}
    %systemd_preun ovn-controller.service
%else
    if [ $1 -eq 0 ] ; then
        # Package removal, not upgrade
        /bin/systemctl --no-reload disable ovn-controller.service >/dev/null 2>&1 || :
        /bin/systemctl stop ovn-controller.service >/dev/null 2>&1 || :
    fi
%endif

%preun vtep
%if 0%{?systemd_preun:1}
    %systemd_preun ovn-controller-vtep.service
%else
    if [ $1 -eq 0 ] ; then
        # Package removal, not upgrade
        /bin/systemctl --no-reload disable ovn-controller-vtep.service >/dev/null 2>&1 || :
        /bin/systemctl stop ovn-controller-vtep.service >/dev/null 2>&1 || :
    fi
%endif

%post
%if %{with libcapng}
if [ $1 -eq 1 ]; then
    sed -i 's:^#OVN_USER_ID=:OVN_USER_ID=:' %{_sysconfdir}/sysconfig/ovn
    sed -i 's:\(.*su\).*:\1 openvswitch openvswitch:' %{_sysconfdir}/logrotate.d/ovn
fi
%endif

%post central
%if 0%{?systemd_post:1}
    %systemd_post ovn-northd.service
%else
    # Package install, not upgrade
    if [ $1 -eq 1 ]; then
        /bin/systemctl daemon-reload >dev/null || :
    fi
%endif

%post host
%if 0%{?systemd_post:1}
    %systemd_post ovn-controller.service
%else
    # Package install, not upgrade
    if [ $1 -eq 1 ]; then
        /bin/systemctl daemon-reload >dev/null || :
    fi
%endif

%post vtep
%if 0%{?systemd_post:1}
    %systemd_post ovn-controller-vtep.service
%else
    # Package install, not upgrade
    if [ $1 -eq 1 ]; then
        /bin/systemctl daemon-reload >dev/null || :
    fi
%endif

%postun

%postun central
%if 0%{?systemd_postun_with_restart:1}
    %systemd_postun_with_restart ovn-northd.service
%else
    /bin/systemctl daemon-reload >/dev/null 2>&1 || :
    if [ "$1" -ge "1" ] ; then
    # Package upgrade, not uninstall
        /bin/systemctl try-restart ovn-northd.service >/dev/null 2>&1 || :
    fi
%endif

%postun host
%if 0%{?systemd_postun_with_restart:1}
    %systemd_postun_with_restart ovn-controller.service
%else
    /bin/systemctl daemon-reload >/dev/null 2>&1 || :
    if [ "$1" -ge "1" ] ; then
        # Package upgrade, not uninstall
        /bin/systemctl try-restart ovn-controller.service >/dev/null 2>&1 || :
    fi
%endif

%postun vtep
%if 0%{?systemd_postun_with_restart:1}
    %systemd_postun_with_restart ovn-controller-vtep.service
%else
    /bin/systemctl daemon-reload >/dev/null 2>&1 || :
    if [ "$1" -ge "1" ] ; then
        # Package upgrade, not uninstall
        /bin/systemctl try-restart ovn-controller-vtep.service >/dev/null 2>&1 || :
    fi
%endif

%posttrans central
if [ $1 -eq 1 ]; then
    # Package install, not upgrade
    if [ -e %{_localstatedir}/lib/rpm-state/ovn-northd ]; then
        rm %{_localstatedir}/lib/rpm-state/ovn-northd
        /bin/systemctl start ovn-northd.service >/dev/null 2>&1 || :
    fi
fi


%posttrans host
if [ $1 -eq 1 ]; then
    # Package install, not upgrade
    if [ -e %{_localstatedir}/lib/rpm-state/ovn-controller ]; then
        rm %{_localstatedir}/lib/rpm-state/ovn-controller
        /bin/systemctl start ovn-controller.service >/dev/null 2>&1 || :
    fi
fi

%posttrans vtep
if [ $1 -eq 1 ]; then
    # Package install, not upgrade
    if [ -e %{_localstatedir}/lib/rpm-state/ovn-controller-vtep ]; then
        rm %{_localstatedir}/lib/rpm-state/ovn-controller-vtep
        /bin/systemctl start ovn-controller-vtep.service >/dev/null 2>&1 || :
    fi
fi

%files
%{_bindir}/ovn-nbctl
%{_bindir}/ovn-sbctl
%{_bindir}/ovn-trace
%{_bindir}/ovn-detrace
%{_bindir}/ovn-appctl
%{_bindir}/ovn-ic-nbctl
%{_bindir}/ovn-ic-sbctl
%dir %{_datadir}/ovn/
%dir %{_datadir}/ovn/scripts/
%{_datadir}/ovn/scripts/ovn-ctl
%{_datadir}/ovn/scripts/ovn-lib
%{_datadir}/ovn/scripts/ovndb-servers.ocf
%{_mandir}/man8/ovn-ctl.8*
%{_mandir}/man8/ovn-appctl.8*
%{_mandir}/man8/ovn-nbctl.8*
%{_mandir}/man8/ovn-ic-nbctl.8*
%{_mandir}/man8/ovn-trace.8*
%{_mandir}/man1/ovn-detrace.1*
%{_mandir}/man7/ovn-architecture.7*
%{_mandir}/man8/ovn-sbctl.8*
%{_mandir}/man8/ovn-ic-sbctl.8*
%{_mandir}/man5/ovn-nb.5*
%{_mandir}/man5/ovn-ic-nb.5*
%{_mandir}/man5/ovn-sb.5*
%{_mandir}/man5/ovn-ic-sb.5*
%dir %{ovnlibdir}/ocf/resource.d/ovn/
%{ovnlibdir}/ocf/resource.d/ovn/ovndb-servers
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/logrotate.d/ovn
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/sysconfig/ovn

%files central
%{_bindir}/ovn-northd
%{_bindir}/ovn-ic
%{_mandir}/man8/ovn-northd.8*
%{_mandir}/man8/ovn-ic.8*
%{_datadir}/ovn/ovn-nb.ovsschema
%{_datadir}/ovn/ovn-ic-nb.ovsschema
%{_datadir}/ovn/ovn-sb.ovsschema
%{_datadir}/ovn/ovn-ic-sb.ovsschema
%{_unitdir}/ovn-northd.service
%{ovnlibdir}/firewalld/services/ovn-central-firewall-service.xml

%files host
%{_bindir}/ovn-controller
%{_mandir}/man8/ovn-controller.8*
%{_unitdir}/ovn-controller.service
%{ovnlibdir}/firewalld/services/ovn-host-firewall-service.xml

%files vtep
%{_bindir}/ovn-controller-vtep
%{_mandir}/man8/ovn-controller-vtep.8*
%{_unitdir}/ovn-controller-vtep.service

%changelog
* Wed Jul 08 2020 Numan Siddique <dceara@redhat.com> - 2.13.0-39
- Backport "ovn-northd: Fix the missing lflow issue in LS_OUT_PRE_LB." (#1849162)

* Wed Jul 08 2020 Numan Siddique <dceara@redhat.com> - 2.13.0-38
- Backport "Split SB Port_Group per datapath." (#1818128)

* Fri Jun 19 2020 Dumitru Ceara <dceara@redhat.com> - 2.13.0-37
- Backport "ovsdb-idl: Avoid inconsistent IDL state with OVSDB_MONITOR_V3." (#1808580)

* Thu Jun 18 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-36
- Backport "northd: By pass IPv6 Router Adv and Router Solicitation packets from ACL stages." (#1848398)

* Thu Jun 18 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-35
- Backport "Fix ovn-controller generated packets from getting dropped for reject ACL action." (#1832176)
- Backport "Honour router_preference for solicited RA" (#1804576)
- Backport "ovsdb idl: Try committing the pending txn in ovsdb_idl_loop_run."

* Mon Jun 08 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-34
- Backport "Make the notify() calls work with IPv6 in the OCF resource-agent" (#1843512)

* Fri Jun 5 2020 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.13.0-33
- Backport "ovn-northd: Remove useless flow for GW_REDIRECT" (#1836976)
- Backport "Revert "Manage ARP process locally in a DVR scenario" (#1836976)
- Backport "controller: fix ip buffering with static routes" (#1836976)
- Backport "northd: manage ARP request locally for FIP traffic" (#1836976)

* Tue Jun 02 2020 Mark Michelson <mmichels@redhat.com> - 2.13.0-32
- No change. Just bumping revision to appease errata system.

* Fri May 15 2020 Mark Michelson <mmichels@redhat.com> - 2.13.0-31
- Backport "ofctrl: Split large group_mod messages up." (#1779854)

* Tue May 12 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-30
- Backport "ovn-northd: Fix leak of lport addresses during DHCPv6 reply handling." (#1827769)
- Backport "ovn-northd: Fix memory leak in case of duplicate logical router port." (#1827769)

* Tue May 12 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-29
- Backport "pinctrl: Fix icmp6 packet corruption issue" (#1834655)

* Sun May 10 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-28
- Backport "controller: Use OpenFlow version 1.5" (#1825073, #1707513)
- Backport "ovn-northd: Fix memory leak and incorrect limiting of ECMP routes."
- Backport "Support selection fields in load balancer." (#1825073, #1707513)
- Backport "tests: Fix occasional failures for test 85."

* Wed May 06 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-27
- Backport "Fix ACL reject action for UDP packets." (#1823755)

* Mon May 04 2020 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.13.0-26
- Backport "0001-Disable-IPv6-prefix-reporting-if-IPv6-PD-is-disabled.patch" (#1826683)
- Backport "0002-controller-Add-garbage-collector-for-ipv6_prefixd.patch" (#1827084)
- Backport "0003-IPv6-PD-Disable-pd-processing-if-the-router-port-is-.patch" (#1827084)

* Mon May 04 2020 Dumitru Ceara <dceara@redhat.com> - 2.13.0-25
- Backport "ovn-northd: Clear SB records depending on stale datapaths." (#1828637)
- Backport "ovn-northd: Fix tunnel_key allocation for SB Port_Bindings." (#1828637)

* Mon May 04 2020 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.13.0-24
- Backport "IPv6 PD: time parameter checks" (#1827090)

* Mon May 04 2020 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.13.0-23
- Backport "IPv6 PD: assume status to be Success if not present" (#1826623)

* Wed Apr 29 2020 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.13.0-22
- Backport "Rely on unique name for ovn qos meters" (#1817606)

* Tue Apr 28 2020 Dumitru Ceara <dceara@redhat.com> - 2.13.0-21
- Backport "ovn-northd: Optimize flows for LB Hairpin traffic." (#1827403)

* Mon Apr 27 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-20
- Backport "Fix conntrack entry leaks because of TCP RST packets not sent to conntrack." (#1819785)

* Mon Apr 27 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-19
- Backport "DNS: Make DNS lookups case insensitive." (#1819069)
- Backport "Create daemon pidfiles in ovn run dir." (#1778016)

* Mon Apr 20 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-18
- Backport "ovn-northd: Limit IPv6 ND NS/RA/RS to the local network." (#1825334)

* Sat Apr 18 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-17
- Backport "pinctrl: Handle service monitors even if the lport doesn't have IPv4 addresses set." (#1801058)

* Fri Apr 17 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-16
- Backport "ovn-nbctl: Create daemon control socket in ovn run dir". (#1778016)

* Sun Apr 12 2020 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.13.0-15
- Backport "OVN - Support IPv6 Prefix Delegation" (#1823226)

* Fri Apr 10 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-14
- Backport "ovn-ctl: Provide the option to configure inactive probe from standby to active". (#1822859)

* Thu Apr 09 2020 Dumitru Ceara <dceara@redhat.com> - 2.13.0-13
- Backport "ovn-controller: Skip vport bindings done through OVS external_ids:iface-id." (#1819604)

* Thu Apr 02 2020 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.13.0-12
- Backport "controller: use LLA IPv6 address as NS source address" (#1815009)

* Wed Apr 01 2020 Dumitru Ceara <dceara@redhat.com> - 2.13.0-11
- Backport "Add SCTP support to Load Balancers" (#1718372)
- Also backport "Add external_ids column for tables in nb schema" to avoid
  conflicts.

* Wed Apr 01 2020 Dumitru Ceara <dceara@redhat.com> - 2.13.0-10
- Backport "ovn-controller: Fix potential segfault with "virtual" port bindings." (#1819604)

* Mon Mar 30 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-9
- Backport "ovn-northd: Skip unsnat flows for load balancer vips in router ingress pipeline" (#1815217)
- Backport "northd: do not insert identical lflows in S_ROUTER_IN_ARP_RESOLVE" (required for #1815217)

* Mon Mar 30 2020 Dumitru Ceara <dceara@redhat.com> - 2.13.0-8
- Backport "Revert "ovsdb-idl: Avoid sending redundant conditional monitoring updates"" (#1818754)

* Tue Mar 24 2020 Dumitru Ceara <dceara@redhat.com> - 2.13.0-7
- Backport "ovn.at: Fix ARP test that fails due to timing." (#1816616)

* Tue Mar 24 2020 Dumitru Ceara <dceara@redhat.com> - 2.13.0-6
- Backport "ovn-northd: Forward ARP requests on localnet ports." (#1816616)

* Mon Mar 23 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-5
- Backport "ovn-northd: Don't add arp responder flows for lports with 'unknown' address." (#1816087)

* Fri Mar 13 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-4
- Backport "ovn-northd: Add lflows to by pass the svc monitor packets from conntrack". (#1813046)

* Tue Mar 10 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-3
- Backport "Broadcast DHCPREPLY when BROADCAST flag is set" (#1812038)
- Also backported 2 other patches to sync with 20.03 (to fix the sparse compilation issue)

* Wed Mar 04 2020 Numan Siddique <nusiddiq@redhat.com> - 2.13.0-2
- Update to use openvswitch-2.13.0.tar.gz from v2.13.0 tag.

* Tue Mar 03 2020 Mark Michelson <mmichels@redhat.com> - 2.13.0-1
- Update to upstream release of OVN 20.03.0

* Tue Feb 18 2020 Open vSwitch Bot <null@redhat.com> - 2.13.0-0.20200217git7886ac9
- Snapshot of branch-20.03 7886ac9ed807

* Mon Feb 10 2020 Mark Michelson <mmichels@redhat.com> - 2.13.0-0
* Initial repository setup using snapshot build of OVN 20.03 branch

* Tue Feb 4 2020 Numan Siddique <nusiddiq@redhat.com> - 2.12.0-27
* Backport "ovn-northd: Address scale issues with DNAT flows." (#1798173)

* Thu Jan 30 2020 Numan Siddique <nusiddiq@redhat.com> - 2.12.0-26
* Backport "[RFE] LB health check : ovn-northd: Consider load balancer active backends in router pipeline" (#1703162)

* Fri Jan 24 2020 Dumitru Ceara <dceara@redhat.com> - 2.12.0-25
* Backport "tests: Updated expected log message" (#1794671)

* Thu Jan 16 2020 Mark Michelson <mmichels@redhat.com> - 2.12.0-24
- Backport "nbctl: Log the source of duplicate IP addresses" (#1794671)
- Backport "northd: Log all dynamic address assignments" (#1794671)
- Backport "northd: Load config before processing nbdb contents" (#1794671)

* Fri Jan 10 2020 Numan Siddique <nusiddiq@redhat.com> - 2.12.0-23
- Backport "ovn-controller: Don't monitor connection table columns"
- Backport "Restrict ARP/IPv6 ND replies for LB VIP only on chassis redirect port" (#1788456)

* Thu Jan 09 2020 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.12.0-22
- Backport "pinctrl.c: Fix maybe-uninitialized warnings with old GCC versions" (#1789476)
- Backport "DNSSL: copy dnssl string in order to avoid truncated value" (#1789476)
- Backport "RA Route Info Option: copy route info string in order to avoid truncated value" (#1789476)

* Thu Jan 02 2020 Dumitru Ceara <dceara@redhat.com> - 2.12.0-21
- Backport "ovn-controller: Run I-P engine even when no SB txn is available." (#1787360)

* Thu Jan 02 2020 Dumitru Ceara <dceara@redhat.com> - 2.12.0-20
- Backport "ovn-controller: Refactor I-P engine_run() tracking." (#1787318)
- Backport "ovn-controller: Add per node states to I-P engine." (#1787318)
- Backport "ovn-controller: Add separate I-P engine node for processing ct-zones." (#1787318)
- Backport "ovn-controller.c: Fix memory leak of local_datapath->ports."
- Backport "ovn-controller: Fix use of dangling pointers in I-P runtime_data." (#1787318)

* Thu Dec 05 2019 Numan Siddique <nusiddiq@redhat.com> - 2.12.0-19
- Backport "[RFE] Support for load balancing health checks in OVN" (#1703162)
- Backport "Stateless NAT support (backported due to conflicts)"

* Tue Dec 03 2019 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.12.0-18
- Backport "Add support to Default Router Preference (PRF) - RFC4191" (#1769849)
- Backport "Add support for Route Info Option in RA - RFC4191"

* Tue Dec 3 2019 Dumitru Ceara <dceara@redhat.com> - 2.12.0-17
- Backport "ovn-controller: Consider non-virtual ports first when updating bindings." (#1779110)
- Backport "ovn-controller: Add missing port group lflow references." (#1779115)
- Backport "ovn-controller: Add command to trigger an I-P full recompute." (#1779121)

* Tue Nov 26 2019 Dumitru Ceara <dceara@redhat.com> - 2.12.0-16
- Backport "ovn-northd: Fix get_router_load_balancer_ips() for mixed address families."
- Backport "ovn-northd: Limit ARP/ND broadcast domain whenever possible." (#1776712)
- Backport "ovn-northd: Avoid empty address list when limiting ARP/ND broadcast." (#1776712)

* Wed Nov 20 2019 Numan Siddique <nusiddiq@redhat.com> - 2.12.0-15
- Backport "Skip IPv6 NS packets in router egress SNAT pipeline" (#1773605)
- Backport "northd: Match IPv4 or IPv6 for MAC resolution"

* Tue Nov 19 2019 Dumitru Ceara <dceara@redhat.com> - 2.12.0-14
- Backport "Fix virtual port binding when the parents are scheduled in the same chassis" (#1762341)

* Mon Nov 18 2019 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.12.0-13
- Backport "Add DNSSL support to OVN" (#1764718)

* Mon Nov 18 2019 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.12.0-12
- Backport "Add RDNSS support to OVN" (#1699332)

* Fri Nov 15 2019 Mark Michelson <mmichels@redhat.com> - 2.12.0-11
- Update user of logrotate file to be "openvswitch"

* Fri Nov 15 2019 Mark Michelson <mmichels@redhat.com> - 2.12.0-10
- Update verification of sysconfig and logrotate files

* Wed Nov 13 2019 Numan Siddique <nusiddiq@redhat.com> - 2.12.0-9
- Backport "Support IPv6 NAT" (#1768347)
- Backport "Add IPv6 load balancer tests in OVN" (#1768477)

* Mon Nov 11 2019 Dumitru Ceara <dceara@redhat.com> - 2.12.0-8
- Backport "lflow.c: Fix memory leak of lflow_ref_list_node->ref_name." (#1770953)

* Fri Nov 8 2019  Numan Siddique <nusiddiq@redhat.com> - 2.12.0-7
- Backport: "ovn-ctl related changes" (#1770127)

* Fri Nov 8 2019  Numan Siddique <nusiddiq@redhat.com> - 2.12.0-6
- Backport: "Fix ha chassis failover issues for stale ha chassis entries" (#1762777)
- Backport: "ovn-northd: Validate dnat_and_snat external_mac/logical_ip. (#1769709)

* Fri Nov 8 2019  Numan Siddique <nusiddiq@redhat.com> - 2.12.0-5
- Backport: "ovndb-servers.ocf: Change from 'openvswitch' to 'ovn' in OVN_CTL_DEFAULT var" (#1770127)

* Sun Nov 3 2019 Mark Michelson <mmichels@redhat.com> - 2.12.0-4
- Backport "Revert conjunctive match removal patches" (#1764032)
- Backport "Combine conjunctions with identical matches into one" (#1764032)

* Wed Oct 16 2019  Dumitru Ceara <dceara@redhat.com> - 2.12.0-3
- Backport: "ovn-northd: Fix IP multicast flooding to mrouter." (#1757714)

* Sun Oct 13 2019  Numan Siddique <nusiddiq@redhat.com> - 2.12.0-2
- Backport: "ovn-ctl: Create etcdir when starting ovsdb servers" (#1761182)

* Thu Oct 10 2019  Numan Siddique <nusiddiq@redhat.com> - 2.12.0-1
- Update to OVN master from new repo with the commit 79308138891ae04a02a07068501696ef78157912
- This will be the base for OVN 2.12.

* Mon Aug 05 2019  Numan Siddique <nusiddiq@redhat.com> - 2.12.0-0.20190804git38a85a0
- Snapshot build of ovn2.12 38a85a041dd8

* Mon Aug 05 2019  Numan Siddique <nusiddiq@redhat.com> - 2.11.0-27
- Backport ovn-northd pause/resume support (#1720728)

* Wed Jul 17 2019  Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.11.0-26
- Backport ovn uindling support (#1730759)

* Wed Jul 17 2019  Numan Siddique <nusiddiq@redhat.com> - 2.11.0-25
- Backport related to GARP handling for router ips (#1561880)

* Tue Jul 9 2019 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.11.0-24
- Backport related to ip buffering with gw router port issue (#1728318)

* Mon Jul 1 2019 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.11.0-23
- Backport "OVN: add the possibility to specify tunnel dst port" (#1720371)

* Mon Jun 24 2019 Dumitru Ceara <dceara@redhat.com> - 2.11.0-22
- Backport "ovn-controller: Fix parsing of OVN tunnel IDs" (#1708131)

* Mon Jun 24 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-21
- Backport "ovn-nbctl.8.xml: Fix typo." (#1720194)

* Mon Jun 17 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-20
- Backport "ovn: Add support for DHCP option 15 - domain name" (#1721012)

* Thu Jun 06 2019 Timothy Redaelli <tredaelli@redhat.com> - 2.11.0-19
- Avoid collisions during installation of sources in debuginfo package (#1717933)

* Mon May 27 2019 Dumitru Ceara <dceara@redhat.com> - 2.11.0-18
- Backport "ovn: Properly set the index for chassis lookup" (#1698462)

* Tue May 14 2019 Dumitru Ceara <dceara@redhat.com> - 2.11.0-17
- Backport "stopwatch: Free stopwatch packets after processing" (#1698462)

* Fri Apr 26 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-16
- Fix the ovn-northd sync issue with HA_Chassis group (#1666673)

* Wed Apr 24 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-15
- Backport "RFE: Limit Geneve to within Transport Zones" (#1702550)

* Wed Apr 24 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-14
- Backport "RFE: [OVN] Fragmentation support" (#1702331)

* Sat Apr 20 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-13
- Backport "RFE: OVN - Support Logical ports of type external" (#1666673)

* Thu Apr 18 2019 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.11.0-12
- Backport "OVN: fix DVR Floating IP support" (#1701183)

* Wed Apr 17 2019 Timothy Redaelli <tredaelli@redhat.com> - 2.11.0-11
- Add 'Obsoletes' to the old OVN openvswitch2.11 sub-packages to allow to upgrade from FDP.A

* Wed Apr 17 2019 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 2.11.0-10
- Backport "OVN: add the possibility to configure a static IPv4/IPv6 address and dynamic MAC"

* Tue Apr 16 2019 Timothy Redaelli <tredaelli@redhat.com> - 2.11.0-9
- Remove 'Obsoletes' lines like on openvswitch2.11 package

* Tue Apr 16 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-8
- Fix the 'Provides' to include '%pkgver'

* Tue Mar 26 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-7
- Backport Fixes for #1677616 (pinctrl thread) and fixes related to IPv6 RA."

* Tue Mar 19 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-6
- Removed ovn-common package and moved all the related files to main 'ovn' package.

* Tue Mar 19 2019 Timothy Redaelli <tredaelli@redhat.com> - 2.11.0-5
- Disable ovn-docker subpackage by default

* Thu Mar 07 2019 Mark Michelson <mmichels@redhat.com> - 2.11.0-4
- Backport "OVN: Add port addresses to IPAM after all ports are joined."

* Sat Mar 02 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-3
- Backport "ovn-controller: Provide the option to set the datapath-type of br-int" (#1684796)

* Fri Mar 01 2019 Timothy Redaelli <tredaelli@redhat.com> - 2.11.0-2
- Backport "rhel: Use PIDFile on forking systemd service files" (#1684477)

* Thu Feb 28 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-1
- Update to official 2.11 release

* Wed Jan 23 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-0.20190117git4e4f80e
- Update to OVS 2.11 branch

* Thu Jan 17 2019 Numan Siddique <nusiddiq@redhat.com> - 2.11.0-0.20190117gitab66223
- Update to a snapshot of OVS 2.11 from master

* Thu Dec 20 2018 Numan Siddique <nusiddiq@redhat.com>
- OVS/OVN split.