# Copyright (C) 2009, 2010, 2013, 2014 Nicira Networks, Inc.
#
# Copying and distribution of this file, with or without modification,
# are permitted in any medium without royalty provided the copyright
# notice and this notice are preserved. This file is offered as-is,
# without warranty of any kind.
#
# If tests have to be skipped while building, specify the '--without check'
# option. For example:
# rpmbuild -bb --without check rhel/openvswitch-fedora.spec
# This defines the base package name's version.
%define pkgver 2.13
%define pkgname ovn-2021
# If libcap-ng isn't available and there is no need for running OVS
# as regular user, specify the '--without libcapng'
%bcond_without libcapng
# Enable PIE, bz#955181
%global _hardened_build 1
# RHEL-7 doesn't define _rundir macro yet
# Fedora 15 onwards uses /run as _rundir
%if 0%{!?_rundir:1}
%define _rundir /run
%endif
# Build python2 (that provides python) and python3 subpackages on Fedora
# Build only python3 (that provides python) subpackage on RHEL8
# Build only python subpackage on RHEL7
%if 0%{?rhel} > 7 || 0%{?fedora}
# On RHEL8 Sphinx is included in buildroot
%global external_sphinx 1
%else
# Don't use external sphinx (RHV doesn't have optional repositories enabled)
%global external_sphinx 0
%endif
# We would see rpmlinit error - E: hardcoded-library-path in '% {_prefix}/lib'.
# But there is no solution to fix this. Using {_lib} macro will solve the
# rpmlink error, but will install the files in /usr/lib64/.
# OVN pacemaker ocf script file is copied in /usr/lib/ocf/resource.d/ovn/
# and we are not sure if pacemaker looks into this path to find the
# OVN resource agent script.
%global ovnlibdir %{_prefix}/lib
Name: %{pkgname}
Summary: Open Virtual Network support
Group: System Environment/Daemons
URL: http://www.ovn.org/
Version: 21.12.0
Release: 82%{?commit0:.%{date}git%{shortcommit0}}%{?dist}
Provides: openvswitch%{pkgver}-ovn-common = %{?epoch:%{epoch}:}%{version}-%{release}
Obsoletes: openvswitch%{pkgver}-ovn-common < 2.11.0-1
# Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the
# lib/sflow*.[ch] files are SISSL
License: ASL 2.0 and LGPLv2+ and SISSL
# Always pull an upstream release, since this is what we rebase to.
Source: https://github.com/ovn-org/ovn/archive/v%{version}.tar.gz#/ovn-%{version}.tar.gz
%define ovscommit 45ecaa9e574d63496e54a4093128302e2c2e10d0
%define ovsshortcommit 45ecaa9
Source10: https://github.com/openvswitch/ovs/archive/%{ovscommit}.tar.gz#/openvswitch-%{ovsshortcommit}.tar.gz
%define ovsdir ovs-%{ovscommit}
%define docutilsver 0.12
%define pygmentsver 1.4
%define sphinxver 1.1.3
Source100: https://pypi.io/packages/source/d/docutils/docutils-%{docutilsver}.tar.gz
Source101: https://pypi.io/packages/source/P/Pygments/Pygments-%{pygmentsver}.tar.gz
Source102: https://pypi.io/packages/source/S/Sphinx/Sphinx-%{sphinxver}.tar.gz
Source500: configlib.sh
Source501: gen_config_group.sh
Source502: set_config.sh
# Important: source503 is used as the actual copy file
# @TODO: this causes a warning - fix it?
Source504: arm64-armv8a-linuxapp-gcc-config
Source505: ppc_64-power8-linuxapp-gcc-config
Source506: x86_64-native-linuxapp-gcc-config
Patch: %{pkgname}.patch
# FIXME Sphinx is used to generate some manpages, unfortunately, on RHEL, it's
# in the -optional repository and so we can't require it directly since RHV
# doesn't have the -optional repository enabled and so TPS fails
%if %{external_sphinx}
BuildRequires: python3-sphinx
%else
# Sphinx dependencies
BuildRequires: python-devel
BuildRequires: python-setuptools
#BuildRequires: python2-docutils
BuildRequires: python-jinja2
BuildRequires: python-nose
#BuildRequires: python2-pygments
# docutils dependencies
BuildRequires: python-imaging
# pygments dependencies
BuildRequires: python-nose
%endif
BuildRequires: gcc gcc-c++ make
BuildRequires: autoconf automake libtool
BuildRequires: systemd-units openssl openssl-devel
BuildRequires: python3-devel python3-setuptools
BuildRequires: desktop-file-utils
BuildRequires: groff-base graphviz
BuildRequires: unbound-devel
# make check dependencies
BuildRequires: procps-ng
%if 0%{?rhel} == 8 || 0%{?fedora}
BuildRequires: python3-pyOpenSSL
%endif
BuildRequires: tcpdump
%if %{with libcapng}
BuildRequires: libcap-ng libcap-ng-devel
%endif
Requires: hostname openssl iproute module-init-tools
Requires(post): systemd-units
Requires(preun): systemd-units
Requires(postun): systemd-units
# to skip running checks, pass --without check
%bcond_without check
%description
OVN, the Open Virtual Network, is a system to support virtual network
abstraction. OVN complements the existing capabilities of OVS to add
native support for virtual network abstractions, such as virtual L2 and L3
overlays and security groups.
%package central
Summary: Open Virtual Network support
License: ASL 2.0
Requires: %{pkgname}
Requires: firewalld-filesystem
Provides: openvswitch%{pkgver}-ovn-central = %{?epoch:%{epoch}:}%{version}-%{release}
Obsoletes: openvswitch%{pkgver}-ovn-central < 2.11.0-1
%description central
OVN DB servers and ovn-northd running on a central node.
%package host
Summary: Open Virtual Network support
License: ASL 2.0
Requires: %{pkgname}
Requires: firewalld-filesystem
Provides: openvswitch%{pkgver}-ovn-host = %{?epoch:%{epoch}:}%{version}-%{release}
Obsoletes: openvswitch%{pkgver}-ovn-host < 2.11.0-1
%description host
OVN controller running on each host.
%package vtep
Summary: Open Virtual Network support
License: ASL 2.0
Requires: %{pkgname}
Provides: openvswitch%{pkgver}-ovn-vtep = %{?epoch:%{epoch}:}%{version}-%{release}
Obsoletes: openvswitch%{pkgver}-ovn-vtep < 2.11.0-1
%description vtep
OVN vtep controller
%prep
%if 0%{?commit0:1}
%autosetup -n ovn-%{commit0} -a 10 -p 1
%else
%autosetup -n ovn-%{version} -a 10 -p 1
%endif
%build
%if 0%{?commit0:1}
# fix the snapshot unreleased version to be the released one.
sed -i.old -e "s/^AC_INIT(openvswitch,.*,/AC_INIT(openvswitch, %{version},/" configure.ac
%endif
./boot.sh
# OVN source code is now separate.
# Build openvswitch first.
# XXX Current openvswitch2.13 doesn't
# use "2.13.0" for version. It's a commit hash
pushd %{ovsdir}
./boot.sh
%configure \
%if %{with libcapng}
--enable-libcapng \
%else
--disable-libcapng \
%endif
--enable-ssl \
--with-pkidir=%{_sharedstatedir}/openvswitch/pki
make %{?_smp_mflags}
popd
# Build OVN.
# XXX OVS version needs to be updated when ovs2.13 is updated.
%configure \
--with-ovs-source=$PWD/%{ovsdir} \
%if %{with libcapng}
--enable-libcapng \
%else
--disable-libcapng \
%endif
--enable-ssl \
--with-pkidir=%{_sharedstatedir}/openvswitch/pki
make %{?_smp_mflags}
%install
%make_install
install -p -D -m 0644 \
rhel/usr_share_ovn_scripts_systemd_sysconfig.template \
$RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/ovn
for service in ovn-controller ovn-controller-vtep ovn-northd; do
install -p -D -m 0644 \
rhel/usr_lib_systemd_system_${service}.service \
$RPM_BUILD_ROOT%{_unitdir}/${service}.service
done
install -d -m 0755 $RPM_BUILD_ROOT/%{_sharedstatedir}/ovn
install -d $RPM_BUILD_ROOT%{ovnlibdir}/firewalld/services/
install -p -m 0644 rhel/usr_lib_firewalld_services_ovn-central-firewall-service.xml \
$RPM_BUILD_ROOT%{ovnlibdir}/firewalld/services/ovn-central-firewall-service.xml
install -p -m 0644 rhel/usr_lib_firewalld_services_ovn-host-firewall-service.xml \
$RPM_BUILD_ROOT%{ovnlibdir}/firewalld/services/ovn-host-firewall-service.xml
install -d -m 0755 $RPM_BUILD_ROOT%{ovnlibdir}/ocf/resource.d/ovn
ln -s %{_datadir}/ovn/scripts/ovndb-servers.ocf \
$RPM_BUILD_ROOT%{ovnlibdir}/ocf/resource.d/ovn/ovndb-servers
install -p -D -m 0644 rhel/etc_logrotate.d_ovn \
$RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d/ovn
# remove unneeded files.
rm -f $RPM_BUILD_ROOT%{_bindir}/ovs*
rm -f $RPM_BUILD_ROOT%{_bindir}/vtep-ctl
rm -f $RPM_BUILD_ROOT%{_sbindir}/ovs*
rm -f $RPM_BUILD_ROOT%{_mandir}/man1/ovs*
rm -f $RPM_BUILD_ROOT%{_mandir}/man5/ovs*
rm -f $RPM_BUILD_ROOT%{_mandir}/man5/vtep*
rm -f $RPM_BUILD_ROOT%{_mandir}/man7/ovs*
rm -f $RPM_BUILD_ROOT%{_mandir}/man8/ovs*
rm -f $RPM_BUILD_ROOT%{_mandir}/man8/vtep*
rm -rf $RPM_BUILD_ROOT%{_datadir}/ovn/python
rm -f $RPM_BUILD_ROOT%{_datadir}/ovn/scripts/ovs*
rm -rf $RPM_BUILD_ROOT%{_datadir}/ovn/bugtool-plugins
rm -f $RPM_BUILD_ROOT%{_libdir}/*.a
rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/*.pc
rm -f $RPM_BUILD_ROOT%{_includedir}/ovn/*
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/bash_completion.d/ovs-appctl-bashcomp.bash
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/bash_completion.d/ovs-vsctl-bashcomp.bash
rm -rf $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/openvswitch
rm -f $RPM_BUILD_ROOT%{_datadir}/ovn/scripts/ovn-bugtool*
rm -f $RPM_BUILD_ROOT/%{_bindir}/ovn-docker-overlay-driver \
$RPM_BUILD_ROOT/%{_bindir}/ovn-docker-underlay-driver
%check
%if %{with check}
touch resolv.conf
export OVS_RESOLV_CONF=$(pwd)/resolv.conf
if ! make check TESTSUITEFLAGS='%{_smp_mflags}'; then
cat tests/testsuite.log
if ! make check TESTSUITEFLAGS='--recheck'; then
cat tests/testsuite.log
# Presently a test case - "2796: ovn -- ovn-controller incremental processing"
# is failing on aarch64 arch. Let's not exit for this arch
# until we figure out why it is failing.
# Test case 93: ovn.at:12105 ovn -- ACLs on Port Groups is failing
# repeatedly on s390x. This needs to be investigated.
%ifnarch aarch64
%ifnarch ppc64le
%ifnarch s390x
exit 1
%endif
%endif
%endif
fi
fi
%endif
%clean
rm -rf $RPM_BUILD_ROOT
%pre central
if [ $1 -eq 1 ] ; then
# Package install.
/bin/systemctl status ovn-northd.service >/dev/null
ovn_status=$?
rpm -ql openvswitch-ovn-central > /dev/null
if [[ "$?" = "0" && "$ovn_status" = "0" ]]; then
# ovn-northd service is running which means old openvswitch-ovn-central
# is already installed and it will be cleaned up. So start ovn-northd
# service when posttrans central is called.
touch %{_localstatedir}/lib/rpm-state/ovn-northd
fi
fi
%pre host
if [ $1 -eq 1 ] ; then
# Package install.
/bin/systemctl status ovn-controller.service >/dev/null
ovn_status=$?
rpm -ql openvswitch-ovn-host > /dev/null
if [[ "$?" = "0" && "$ovn_status" = "0" ]]; then
# ovn-controller service is running which means old
# openvswitch-ovn-host is installed and it will be cleaned up. So
# start ovn-controller service when posttrans host is called.
touch %{_localstatedir}/lib/rpm-state/ovn-controller
fi
fi
%pre vtep
if [ $1 -eq 1 ] ; then
# Package install.
/bin/systemctl status ovn-controller-vtep.service >/dev/null
ovn_status=$?
rpm -ql openvswitch-ovn-vtep > /dev/null
if [[ "$?" = "0" && "$ovn_status" = "0" ]]; then
# ovn-controller-vtep service is running which means old
# openvswitch-ovn-vtep is installed and it will be cleaned up. So
# start ovn-controller-vtep service when posttrans host is called.
touch %{_localstatedir}/lib/rpm-state/ovn-controller-vtep
fi
fi
%preun central
%if 0%{?systemd_preun:1}
%systemd_preun ovn-northd.service
%else
if [ $1 -eq 0 ] ; then
# Package removal, not upgrade
/bin/systemctl --no-reload disable ovn-northd.service >/dev/null 2>&1 || :
/bin/systemctl stop ovn-northd.service >/dev/null 2>&1 || :
fi
%endif
%preun host
%if 0%{?systemd_preun:1}
%systemd_preun ovn-controller.service
%else
if [ $1 -eq 0 ] ; then
# Package removal, not upgrade
/bin/systemctl --no-reload disable ovn-controller.service >/dev/null 2>&1 || :
/bin/systemctl stop ovn-controller.service >/dev/null 2>&1 || :
fi
%endif
%preun vtep
%if 0%{?systemd_preun:1}
%systemd_preun ovn-controller-vtep.service
%else
if [ $1 -eq 0 ] ; then
# Package removal, not upgrade
/bin/systemctl --no-reload disable ovn-controller-vtep.service >/dev/null 2>&1 || :
/bin/systemctl stop ovn-controller-vtep.service >/dev/null 2>&1 || :
fi
%endif
%post
%if %{with libcapng}
if [ $1 -eq 1 ]; then
sed -i 's:^#OVN_USER_ID=:OVN_USER_ID=:' %{_sysconfdir}/sysconfig/ovn
sed -i 's:\(.*su\).*:\1 openvswitch openvswitch:' %{_sysconfdir}/logrotate.d/ovn
fi
%endif
%post central
%if 0%{?systemd_post:1}
%systemd_post ovn-northd.service
%else
# Package install, not upgrade
if [ $1 -eq 1 ]; then
/bin/systemctl daemon-reload >dev/null || :
fi
%endif
%post host
%if 0%{?systemd_post:1}
%systemd_post ovn-controller.service
%else
# Package install, not upgrade
if [ $1 -eq 1 ]; then
/bin/systemctl daemon-reload >dev/null || :
fi
%endif
%post vtep
%if 0%{?systemd_post:1}
%systemd_post ovn-controller-vtep.service
%else
# Package install, not upgrade
if [ $1 -eq 1 ]; then
/bin/systemctl daemon-reload >dev/null || :
fi
%endif
%postun
%postun central
%if 0%{?systemd_postun_with_restart:1}
%systemd_postun_with_restart ovn-northd.service
%else
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
if [ "$1" -ge "1" ] ; then
# Package upgrade, not uninstall
/bin/systemctl try-restart ovn-northd.service >/dev/null 2>&1 || :
fi
%endif
%postun host
%if 0%{?systemd_postun_with_restart:1}
%systemd_postun_with_restart ovn-controller.service
%else
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
if [ "$1" -ge "1" ] ; then
# Package upgrade, not uninstall
/bin/systemctl try-restart ovn-controller.service >/dev/null 2>&1 || :
fi
%endif
%postun vtep
%if 0%{?systemd_postun_with_restart:1}
%systemd_postun_with_restart ovn-controller-vtep.service
%else
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
if [ "$1" -ge "1" ] ; then
# Package upgrade, not uninstall
/bin/systemctl try-restart ovn-controller-vtep.service >/dev/null 2>&1 || :
fi
%endif
%posttrans central
if [ $1 -eq 1 ]; then
# Package install, not upgrade
if [ -e %{_localstatedir}/lib/rpm-state/ovn-northd ]; then
rm %{_localstatedir}/lib/rpm-state/ovn-northd
/bin/systemctl start ovn-northd.service >/dev/null 2>&1 || :
fi
fi
%posttrans host
if [ $1 -eq 1 ]; then
# Package install, not upgrade
if [ -e %{_localstatedir}/lib/rpm-state/ovn-controller ]; then
rm %{_localstatedir}/lib/rpm-state/ovn-controller
/bin/systemctl start ovn-controller.service >/dev/null 2>&1 || :
fi
fi
%posttrans vtep
if [ $1 -eq 1 ]; then
# Package install, not upgrade
if [ -e %{_localstatedir}/lib/rpm-state/ovn-controller-vtep ]; then
rm %{_localstatedir}/lib/rpm-state/ovn-controller-vtep
/bin/systemctl start ovn-controller-vtep.service >/dev/null 2>&1 || :
fi
fi
%files
%{_bindir}/ovn-nbctl
%{_bindir}/ovn-sbctl
%{_bindir}/ovn-trace
%{_bindir}/ovn-detrace
%{_bindir}/ovn_detrace.py
%{_bindir}/ovn-appctl
%{_bindir}/ovn-ic-nbctl
%{_bindir}/ovn-ic-sbctl
%dir %{_datadir}/ovn/
%dir %{_datadir}/ovn/scripts/
%{_datadir}/ovn/scripts/ovn-ctl
%{_datadir}/ovn/scripts/ovn-lib
%{_datadir}/ovn/scripts/ovndb-servers.ocf
%{_mandir}/man8/ovn-ctl.8*
%{_mandir}/man8/ovn-appctl.8*
%{_mandir}/man8/ovn-nbctl.8*
%{_mandir}/man8/ovn-ic-nbctl.8*
%{_mandir}/man8/ovn-trace.8*
%{_mandir}/man1/ovn-detrace.1*
%{_mandir}/man7/ovn-architecture.7*
%{_mandir}/man8/ovn-sbctl.8*
%{_mandir}/man8/ovn-ic-sbctl.8*
%{_mandir}/man5/ovn-nb.5*
%{_mandir}/man5/ovn-ic-nb.5*
%{_mandir}/man5/ovn-sb.5*
%{_mandir}/man5/ovn-ic-sb.5*
%dir %{ovnlibdir}/ocf/resource.d/ovn/
%{ovnlibdir}/ocf/resource.d/ovn/ovndb-servers
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/logrotate.d/ovn
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/sysconfig/ovn
%files central
%{_bindir}/ovn-northd
%{_bindir}/ovn-ic
%{_mandir}/man8/ovn-northd.8*
%{_mandir}/man8/ovn-ic.8*
%{_datadir}/ovn/ovn-nb.ovsschema
%{_datadir}/ovn/ovn-ic-nb.ovsschema
%{_datadir}/ovn/ovn-sb.ovsschema
%{_datadir}/ovn/ovn-ic-sb.ovsschema
%{_unitdir}/ovn-northd.service
%{ovnlibdir}/firewalld/services/ovn-central-firewall-service.xml
%files host
%{_bindir}/ovn-controller
%{_mandir}/man8/ovn-controller.8*
%{_unitdir}/ovn-controller.service
%{ovnlibdir}/firewalld/services/ovn-host-firewall-service.xml
%files vtep
%{_bindir}/ovn-controller-vtep
%{_mandir}/man8/ovn-controller-vtep.8*
%{_unitdir}/ovn-controller-vtep.service
%changelog
* Fri Jul 01 2022 Adrian Moreno <amorenoz@redhat.com> - 21.12.0-82
- ovs: Bump submodule to newer version (#2102618)
[Gerrit: 2c3ed6dba9ebeaab29072784e5f479bc2dcd6747]
[Upstream: 2c3ed6dba9ebeaab29072784e5f479bc2dcd6747]
* Wed Jun 29 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-81
- northd: add condition for stateless nat drop flow in S_ROUTER_IN_GW_REDIRECT pipeline (#2094980)
[Gerrit: 9b1666fc4c8865ce8520ed8791b858b817883825]
[Upstream: 9b1666fc4c8865ce8520ed8791b858b817883825]
* Mon Jun 27 2022 Xavier Simonart <xsimonar@redhat.com> - 21.12.0-80
- northd: avoid snat on reply packets (#2061593)
[Gerrit: 6c96b2fdb6bcb728fe32a8f7dced5880be1164b9]
[Upstream: 8b3e1afc30f3cf0ef9857fdc68f619b6fbed10dc]
* Mon Jun 27 2022 Ihar Hrachyshka <ihrachys@redhat.com> - 21.12.0-79
- tests: ovn-nbctl dump-flows -> ovn-sbctl dump-flows
[Gerrit: 8dbc5da61ae44f4666396f4fc254b7dcb8ed5d62]
[Upstream: 8dbc5da61ae44f4666396f4fc254b7dcb8ed5d62]
* Mon Jun 27 2022 Ihar Hrachyshka <ihrachys@redhat.com> - 21.12.0-78
- Fix memleak in ovn-nbctl when args can't be parsed
[Gerrit: 27d8c91524468e494a7cf45b19d857665acf1113]
[Upstream: 27d8c91524468e494a7cf45b19d857665acf1113]
* Tue Jun 14 2022 Ihar Hrachyshka <ihrachys@redhat.com> - 21.12.0-77
- Fix pidfile_is_running when $cmd is not passed
[Gerrit: cc3c32534ecb00d3547e41e75d2243bc57c7662b]
[Upstream: 6e57adfe5a35fc36ef290c6e9ae7e616f73cd3d2]
* Thu Jun 09 2022 Ihar Hrachyshka <ihrachys@redhat.com> - 21.12.0-76
- Lock pinctrl_mutex for pinctrl_wait
[Gerrit: a5fc01db2eea699887353a35ea17bf97ae9cc119]
[Upstream: a5fc01db2eea699887353a35ea17bf97ae9cc119]
* Thu Jun 09 2022 Terry Wilson <twilson@redhat.com> - 21.12.0-75
- Ensure pid belongs to ovsdb-server in ovn-ctl
[Gerrit: 4cb3f9d9940e936c72cead63023bb74fc84b2cad]
[Upstream: 4cb3f9d9940e936c72cead63023bb74fc84b2cad]
* Thu Jun 09 2022 Terry Wilson <twilson@redhat.com> - 21.12.0-74
- Handle re-used pids in pidfile_is_running
[Gerrit: ab7d5b978e4f944f6bd9438ab5749d902164e160]
[Upstream: ab7d5b978e4f944f6bd9438ab5749d902164e160]
* Fri Jun 03 2022 Mark Michelson <mmichels@redhat.com> - 21.12.0-73
- Prepare for 21.12.3.
[Gerrit: 1d8dc96261148db2df0daf3a1b32e16c64eb8882]
[Upstream: 1d8dc96261148db2df0daf3a1b32e16c64eb8882]
* Fri Jun 03 2022 Mark Michelson <mmichels@redhat.com> - 21.12.0-72
- Set release date for 21.12.2.
[Gerrit: effc3aa676c7bc2f204dda74410e05ea9c6fa9b4]
[Upstream: effc3aa676c7bc2f204dda74410e05ea9c6fa9b4]
* Fri Jun 03 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-71
- northd: Use ct_mark.blocked and ecmp_reply_port only when all chassis support it. (#2091565)
[Gerrit: ad3b6566bccfb6bc2341fe215be6fb83748434fe]
[Upstream: ad3b6566bccfb6bc2341fe215be6fb83748434fe]
* Fri Jun 03 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-70
- northd: ovn-controller: Use ct_mark.natted only when ct_lb_mark is used.
[Gerrit: 22f4cbb55131a453d3e23c86c3613b948a9f835d]
[Upstream: 22f4cbb55131a453d3e23c86c3613b948a9f835d]
* Wed Jun 01 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-69
- northd: Use ct_lb_mark only when all chassis support it. (#2091565)
[Gerrit: 6069caef46a36e8c12b7fbc01f40841db5a17c4b]
[Upstream: 3fd4db6]
* Fri May 27 2022 Ales Musil <amusil@redhat.com> - 21.12.0-68
- binding.c: Make sure that localport is removed from local datapath (#2076604)
[Gerrit: 31834973214431fd658f9b2eb2102399afee2d3f]
[Upstream: 321f13ea1281ce9d5c13a8f9b7a5efc0ca7b3cab]
* Fri May 27 2022 Ales Musil <amusil@redhat.com> - 21.12.0-67
- physical.c: Move localport remote output flow definition (#2076604)
[Gerrit: 832afe772d2585c14db86a640bb2dd55b9958bde]
[Upstream: 14e19ba2c885c30f0cc95d3b9bd74e87bbbc352a]
* Tue May 24 2022 Ales Musil <amusil@redhat.com> - 21.12.0-66
- physical.c: Avoid NULL ptr deref in populate_remote_chassis_macs (#2082341)
[Gerrit: 885b8c176af5305d035591b0f371220d45820a13]
[Upstream: d2b767fff257af55d2be7e4fe842539b7cb7f058]
* Tue May 24 2022 Han Zhou <hzhou@ovn.org> - 21.12.0-65
- Use ct_mark for masked access to make flows HW-offloading friendly. (#1957786)
[Gerrit: 07f6522a4c98bc393b7495724d133485809143f3]
[Upstream: a075230e4a0fcc166251271db1c8ae01b993c9cf]
* Tue May 24 2022 Han Zhou <hzhou@ovn.org> - 21.12.0-64
- ovn-controller: Handle SB_Global:options:northd_internal_version in I-P engine.
[Gerrit: 00d4e7e70bb07b461e3a1b0eb2c20e12b175e0b1]
[Upstream: c2eeb2c98ea860dbbc7eee5e9bae8a65769b0da3]
* Mon May 23 2022 Han Zhou <hzhou@ovn.org> - 21.12.0-63
- ovn-northd: Improve the doc and tests for ecmp-symmetric-reply.
[Gerrit: 18f016bd7a203419adba4e1ee8753d93978a81be]
[Upstream: bf55f7a655abb7aa0c3e5d537e79595ae13e89f2]
* Mon May 23 2022 Han Zhou <hzhou@ovn.org> - 21.12.0-62
- actions: Add stack push and pop actions.
[Gerrit: f282d8b0a4f1e587755b7214325669f626af8748]
[Upstream: 8ce847737f2db7b82b2e0296ff3b39551393d839]
* Mon May 23 2022 Han Zhou <hzhou@ovn.org> - 21.12.0-61
- actions: Add action ct_lb_mark.
[Gerrit: c3a8af65541b8aefebe6ff0d140f7a49c29316dc]
[Upstream: 3357440a3f1e8426953f96b41f72b88b43b86c42]
* Mon May 23 2022 Han Zhou <hzhou@ovn.org> - 21.12.0-60
- ovn-sb.xml: Fix ct_lb documentation.
[Gerrit: b4556e9f9db30290e4a2a65128e4c51dc2d07482]
[Upstream: 9eb7b4ec75e6773eb8f1770cc03f2fb0d391262a]
* Thu May 19 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-59
- northd: fix stateless nat with allowed_ext_ips (#2066990)
[Gerrit: 93cee76c74bc03a498dabee5d853e572a70c6d41]
[Upstream: 93cee76c74bc03a498dabee5d853e572a70c6d41]
* Wed May 18 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-58
- ovn-controller: Consider zone 0 as a valid zone when restoring. (#2087194)
[Gerrit: 311c19ee758dc3e7778ed233572703262ecd94fb]
[Upstream: 3a8fe34c789f09135c1356ace442793dd6fc2f1c]
* Wed May 18 2022 Mary Manohar <mary.manohar@nutanix.com> - 21.12.0-57
- ovn-controller: Set Port_Binding.up field only if the Southbound DB is aware of this field
[Gerrit: f5d4d59ed3488cc296e0b9b2a860ce28f99f5cb0]
[Upstream: f5d4d59ed3488cc296e0b9b2a860ce28f99f5cb0]
* Wed May 18 2022 Mark Michelson <mmichels@redhat.com> - 21.12.0-56
- northd: Honor ct-snat-zone option for common case. (#2061619)
[Gerrit: 961f9a1afd08641ecdcbb874a5269d0834e067b8]
[Upstream: 961f9a1afd08641ecdcbb874a5269d0834e067b8]
* Mon May 16 2022 Mohammad Heib <mheib@redhat.com> - 21.12.0-55
- northd: handle container lport type update (#2037433)
[Gerrit: 5a72c9d0512bed484e35af5c9f4a2efdf860001c]
[Upstream: cd3b685043fa9758df3665bf3e3fc972048698a6]
* Mon May 16 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-54
- northd: fix lflow grouping in build_lb_rules
[Gerrit: f1c1c60e27639dcbaef9dd27ae32be6bad04106d]
[Upstream: 664f2aa752c48b699499051fa2dbf3a53effd482]
* Wed May 11 2022 Ihar Hrachyshka <ihrachys@redhat.com> - 21.12.0-53
- docs: fix a typo in bandwidth column name
[Gerrit: 716a7e483bb143f1ff4b1bcddf16f79a05207a77]
[Upstream: 716a7e483bb143f1ff4b1bcddf16f79a05207a77]
* Wed May 11 2022 Ales Musil <amusil@redhat.com> - 21.12.0-52
- ci: ovn-kubernetes: Add missing socat package
[Gerrit: 8714282cce4c18ec1476b1d6b204289fd153955a]
[Upstream: 8714282cce4c18ec1476b1d6b204289fd153955a]
* Tue May 10 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-51
- utilities: ovn-trace: fix reject action crash (#2074537)
[Gerrit: 7e9654c03fbb1ac820079afdd6e8d6292435225d]
[Upstream: 7e9654c03fbb1ac820079afdd6e8d6292435225d]
* Tue May 10 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-50
- utilities: nbctl: do not report errors for stateless nat if --may-exist is provided (#2066551)
[Gerrit: 1feca481e0113b2521ee343868b8c9d3af1b4fd0]
[Upstream: 1feca481e0113b2521ee343868b8c9d3af1b4fd0]
* Tue May 10 2022 Ales Musil <amusil@redhat.com> - 21.12.0-49
- lflow: Add MAC bindings when new datapath is added to chassis (#2069783)
[Gerrit: a5f3fb891cd255124581eab858cdd779d686e282]
[Upstream: a5f3fb891cd255124581eab858cdd779d686e282]
* Mon May 09 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-48
- northd: fix nat-v6 with exempted_ext_ips configuration (#2066611)
[Gerrit: 59fa1b99a6d1c42ed49a077f8be60041aae72a84]
[Upstream: 59fa1b99a6d1c42ed49a077f8be60041aae72a84]
* Mon May 09 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-47
- northd: dynamically compute l2 hdr len for check_pkt_larger action (#2075121)
[Gerrit: 5c185cfcf9c8fac03c42f1248f3e5e4caa74c77a]
[Upstream: 5c185cfcf9c8fac03c42f1248f3e5e4caa74c77a]
* Mon Apr 25 2022 Numan Siddique <numans@ovn.org> - 21.12.0-46
- ovn-northd: Add flow to use eth.src if nd.tll is 0 in put_nd() action. (#2078026)
[Gerrit: 30bc0f402ef89b5383c0a0a679df51206e488f64]
[Upstream: 80187a8031b6abe01fb23657a9bed2372ae23af5]
* Wed Apr 13 2022 Han Zhou <hzhou@ovn.org> - 21.12.0-45
- ofctrl.c: Check installed flow when merging tracked flow changes. (#2071272)
[Gerrit: 4db73f09c5a1a2abcc468dff9c65ecb7e716102e]
[Upstream: 9c6d285ef2a65aef032cd60f9a9fe16cad7c4222]
* Mon Apr 11 2022 Xavier Simonart <xsimonar@redhat.com> - 21.12.0-44
- northd: avoid writing to IDL in parallel when using northd parallelization
[Gerrit: e4530457b3935d9fda10fbf2d9352db921396b6c]
[Upstream: 741a135fa1db9e10b725d4b69c6da455f732b89b]
* Thu Apr 07 2022 Mohammad Heib <mheib@redhat.com> - 21.12.0-43
- controller/pinctrl: avoid accessing invalid memory (#2052945)
[Gerrit: bb50b967c1778cc6469761bb10b459bdb989f7e1]
[Upstream: 6bc6002601ea161a287bcf53524e9282ab97c31b]
* Wed Apr 06 2022 Vladislav Odintsov <odivlad@gmail.com> - 21.12.0-42
- vtep: correctly bring vtep lport up in SBDB
[Gerrit: 4204ac1ef4b47540398a51d2db258c2d5533478d]
[Upstream: b35c98c923f4972198f741ff1d2b28671d6ff50d]
* Wed Apr 06 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-41
- controller: properly remove qos policy meters
[Gerrit: 09d2f91c3579a9fa1ea2a57f7cab4a2489563248]
[Upstream: 1e1d75c725a3445a853dd792b28ff02bb3ab1218]
* Fri Apr 01 2022 Mark Michelson <mmichels@redhat.com> - 21.12.0-40
- ovs: Revert submodule after erroneous change.
[Gerrit: 19a0032b60326e0c1be810d7d3a9b4cb55ebe069]
[Upstream: 19a0032b60326e0c1be810d7d3a9b4cb55ebe069]
* Wed Mar 30 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-39
- acl-log: Log the direction (logical pipeline) of the matching ACL. (#1992641)
[Gerrit: 05cd6245db39baf750bd58d9eefd581ccf9c6418]
[Upstream: 05cd6245db39baf750bd58d9eefd581ccf9c6418]
* Tue Mar 29 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-38
- inc-proc-eng: Properly log recompute reason.
[Gerrit: 4d43d4fdb9d5e515a9fe1d37e1620b32685a3c47]
[Upstream: 4d43d4fdb9d5e515a9fe1d37e1620b32685a3c47]
* Thu Mar 24 2022 Vladislav Odintsov <odivlad@gmail.com> - 21.12.0-37
- rhel: fix logrotate user config option
[Gerrit: cbb8e71dca93a9a0d2bcfb531fb234b04d0f2b58]
[Upstream: e8800ddd9e919e2ffc9d8c5c9ab27f0a5a6ec2e5]
* Thu Mar 17 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-36
- northd: Properly warn for NAT on LR with multiple gw ports.
[Gerrit: f49d842fc75f7a833157e70d97991ff7c6fb5307]
[Upstream: b8194738c99ee09ad6d4762a3c999e04d58d1a0f]
* Fri Mar 11 2022 Mark Michelson <mmichels@redhat.com> - 21.12.0-35
- Prepare for 21.12.2.
[Gerrit: f091025ba3a38a0d9046214d046b9f09fdeb28e5]
[Upstream: f091025ba3a38a0d9046214d046b9f09fdeb28e5]
* Fri Mar 11 2022 Mark Michelson <mmichels@redhat.com> - 21.12.0-34
- Set release date for 21.12.1.
[Gerrit: a1001ce71dd24da6c2412e403db4f423ce2ba2bb]
[Upstream: a1001ce71dd24da6c2412e403db4f423ce2ba2bb]
* Thu Mar 10 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-33
- controller: reconfigure ovs meters for ovn meters (#1939524)
[Gerrit: 2169703529f47b50e0871e64fa6921170002cd51]
[Upstream: 2169703529f47b50e0871e64fa6921170002cd51]
* Tue Mar 08 2022 Numan Siddique <numans@ovn.org> - 21.12.0-32
- branch-21.12: Fix the compilation error.
[Gerrit: 091f1b5a31e4cef212d2c7f92b6371a0c97d1cf6]
[Upstream: 091f1b5a31e4cef212d2c7f92b6371a0c97d1cf6]
* Tue Mar 08 2022 Numan Siddique <numans@ovn.org> - 21.12.0-31
- northd: Support the option to apply from-lport ACLs after load balancer.
[Gerrit: 77f7512157f863e481ba9f8f41f3feece63d43f6]
[Upstream: 74d82e296f80f38948bcb39cd610447c1f435613]
* Fri Feb 25 2022 Numan Siddique <numans@ovn.org> - 21.12.0-30
- ovs: Bump submodule to stable branch-2.17.
[Gerrit: c96bf2fa983e7c849e9f094e4e5edcc8b4312700]
[Upstream: 576491f50721748ddfb2541ad1ef793ed9cba69d]
* Fri Feb 25 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-29
- ci: ovn-kubernetes: Bump kubernetes version to v1.23.3.
[Gerrit: 11645b21b4ed8a22220b5a635b2a3217f68904bf]
[Upstream: d811222c1adb852babe2de57af063c17db9b91fe]
* Fri Feb 25 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-28
- ci: ovn-kubernetes: Generate DB model based on current OVN tree.
[Gerrit: 4331e12f0feff7c19036ab32b1680f11d00fc919]
[Upstream: 0c252b858b3a3483b5b671704312cc2acb8e99a3]
* Fri Feb 25 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-27
- northd: introduce exclude-lb-vips-from-garp option for lsp (#2054394 2053013)
[Gerrit: 5c6f3c6c9aae97b87f4d968251e7dfdd5f299e99]
[Upstream: 2a5219321c2fa48f3f4b24ff3b87a27b21bf1b7b]
* Wed Feb 23 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-26
- ovn-northd: Don't log transaction failures on standby instances.
[Gerrit: a136a82fcb5dc90700f2059dac1994232d62d242]
[Upstream: 71f87a61e3dbbf7850055d027c1e5bccffa9de61]
* Mon Feb 21 2022 Han Zhou <hzhou@ovn.org> - 21.12.0-25
- lflow: Fix conjunction ID allocation problem with DP groups.
[Gerrit: 3c727ff4d03618154fef556f40b6e5c239b67250]
[Upstream: 3c727ff4d03618154fef556f40b6e5c239b67250]
* Mon Feb 14 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-24
- introduce rdnss, dnssl and route_info opt in put_nd_ra_opts action (#1851788)
[Gerrit: 9038ab66fcee57bdfff4b39b318ed3f89cd35400]
[Upstream: bb15877964c036848fe0c2e13ab394c88cdf7457]
* Wed Feb 09 2022 Sven Haardiek <sven.haardiek@uni-muenster.de> - 21.12.0-23
- Set additional header in DNS message explicitly
[Gerrit: 3b78224bee7eccd4f9e3dd125d5813821069b189]
[Upstream: f167c0bcdff915d358eb0bc442e447c8944dd05a]
* Tue Feb 08 2022 Han Zhou <hzhou@ovn.org> - 21.12.0-22
- northd.c: Fix nbcfg timestamp - use time_wall_msec instead of time_msec.
[Gerrit: db51c2ad942af91775f5111ba4d57193ed8ddb48]
[Upstream: 06d677bf20ac07c50a785869bb566b39cbc4c7f4]
* Tue Feb 08 2022 Mark Michelson <mmichels@redhat.com> - 21.12.0-21
- ovn-parallel-hmap: Fix NUMA and core detection. (#1975345)
[Gerrit: ae1318c742f707f811779cd84cbe4cdc889f2362]
[Upstream: ae1318c742f707f811779cd84cbe4cdc889f2362]
* Fri Feb 04 2022 Ilya Maximets <i.maximets@ovn.org> - 21.12.0-20
- ci: Install wheel before installing any other python packages.
[Gerrit: 59a42559e0cd83b269c214a43fed858cd87284e2]
[Upstream: d5453008c419512ba5a31dade5d394984b6161a1]
* Tue Feb 01 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-19
- pinctrl: Avoid false positive out of bounds warning.
[Gerrit: 5d05cd2d93689ea8b0e97e8178e318e043ca0257]
[Upstream: 04cfd325971719a08baaa34555908abfed4ca9b2]
* Tue Feb 01 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-18
- pinctrl: Fix potential stack overflow in pinctrl_compose_ipv6().
[Gerrit: 17c22d4a43a493558572ff1fde728b98e0fef1bd]
[Upstream: 6fa3409ddd48979e52b9e3963b75d330eaad2d19]
* Tue Feb 01 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-17
- ovn-northd: Enable change tracking for all SB tables.
[Gerrit: 18f9509e3e2c6c319299578c70cd632faa69c02b]
[Upstream: e4d6d3455baf09c63ed610037c384855e5f64141]
* Tue Feb 01 2022 Vladislav Odintsov <odivlad@gmail.com> - 21.12.0-16
- vtep: set is-vtep to chassis's other_config if absent
[Gerrit: 0bce1553f4231d76b37a48642269e3e8fd3a8207]
[Upstream: 0bce1553f4231d76b37a48642269e3e8fd3a8207]
* Wed Jan 26 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-15
- northd: Remove potential duplicates in SB Load_Balancer table. (#2046274)
[Gerrit: 2bbef142105d93bd6b492d4c80a84fc1e599d66f]
[Upstream: 2bbef142105d93bd6b492d4c80a84fc1e599d66f]
* Mon Jan 17 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-14
- Add isc-dhcp-server to github workload
[Gerrit: 32f997b13a58f5e32fa4a65828a2cb1a113039ae]
[Upstream: 1f85302f18556fc8f2020b38008806a2f0fc501c]
* Mon Jan 17 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-13
- test: replace dibbler with dhcpd
[Gerrit: 59d974be1d11e137e68cbeab07f1d31b1a24d9ca]
[Upstream: 2bbd90bd5c696e4228157aa7790c54c74ae51e71]
* Mon Jan 17 2022 Lorenzo Bianconi <lorenzo.bianconi@redhat.com> - 21.12.0-12
- northd: fix IPv6-PD with northd IP rework
[Gerrit: 1eae43916edde2443578f477560ea03c0c22dec7]
[Upstream: d32a9bc5290e40dd63ef495eb4f0fcde9e446089]
* Thu Jan 06 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-11
- pinctrl: Avoid misaligned access to ovs_ra_msg.
[Gerrit: 290523cdfadc5cb401939cc21c1f8de66a6b79b2]
[Upstream: 290523cdfadc5cb401939cc21c1f8de66a6b79b2]
* Thu Jan 06 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-10
- pinctrl: Avoid misaligned access to controller_event_opt_header.
[Gerrit: 2280d3a3f63e026657564f34793b9143323afaf6]
[Upstream: 2280d3a3f63e026657564f34793b9143323afaf6]
* Thu Jan 06 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-9
- pinctrl: Ensure packet headers are properly aligned for ICMP errors.
[Gerrit: ca764d60c6cfd4e7121b15faf6ca3a026928da4e]
[Upstream: ca764d60c6cfd4e7121b15faf6ca3a026928da4e]
* Thu Jan 06 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-8
- pinctrl: Ensure aligned accesses when processing DNS.
[Gerrit: 67829e142dcc71b1f8e4f01aab9e73333420a76f]
[Upstream: 67829e142dcc71b1f8e4f01aab9e73333420a76f]
* Thu Jan 06 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-7
- pinctrl: Ensure no misaligned accesses for SCTP packets.
[Gerrit: b5083fdb4dce839fe70ce5e1c059f11c917105f4]
[Upstream: b5083fdb4dce839fe70ce5e1c059f11c917105f4]
* Thu Jan 06 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-6
- pinctrl: Ensure proper alignment when using pinctrl_compose_ipv*().
[Gerrit: 31e933469d862915b8c83131f72728fe32ecac51]
[Upstream: 31e933469d862915b8c83131f72728fe32ecac51]
* Thu Jan 06 2022 Dumitru Ceara <dceara@redhat.com> - 21.12.0-5
- physical: Add remote parent ports to OFTABLE_REMOTE_OUTPUT flows. (#2036970)
[Gerrit: 627b25bd14085a78f1f9611f2a218ce639515e26]
[Upstream: e101e45f355a91e277630243e64897f91f13f8bc]
* Wed Dec 22 2021 Mark Michelson <mmichels@redhat.com> - 21.12.0-4
- Prepare for 21.12.1.
[Gerrit: 9c67f93b92d9864ac0e06dd3d96e8172441343c3]
[Upstream: 9c67f93b92d9864ac0e06dd3d96e8172441343c3]