Dirk Mueller
604489e1db
- Update openvswitch to 2.13.0.
* For a list of changes, check
https://github.com/openvswitch/ovs/blob/v2.13.0/NEWS
* This version drops python2 binding support. Only python3 bindings
provided going forward.
* Tool ovs-vlan-bug-workaround is no longer provided.
- OVN was split to its own repo but is still built together with OVS and as
such from this same source package. OVN initial version is 20.03.
* For a list of changes, check
https://github.com/ovn-org/ovn/blob/v20.03.0/NEWS
* Packages openvswitch-ovn* are renamed to ovn*.
* OVN now has its own sysconfig and log paths.
- Add OVS patch to be proposed upstream:
* 0001-rhel-Fix-reload-of-OVS_USER_ID-on-startup.patch
- Patch instead of post-processing configuration files to set running
credentials (bsc#1157338):
* 0001-Run-openvswitch-as-openvswitch-openvswitch.patch
* 0001-Run-ovn-as-openvswitch-openvswitch.patch
- Will no longer change group ownership of /dev/hugepages to 'hugetlbfs'
(bsc#1140835). System admin should mount hugepages on a path and permissions of
his choosing for OVS. Add patch:
* 0001-dont-change-permissions-of-dev-hugepages.patch
- Will no longer install udev rule to change group ownership of vfio devices to
'hugetlbfs'. Group name does not make much sense in this case and ownership of
vfio devices should be coordinated system wide or per device.
- Will no longer run under group 'hugetlbfs' on new installs with DPDK enabled.
OVS will now run under group 'openvswitch' whether compiled with DPDK support
or not.
- OVS persistent state is now saved on /var/lib/openvswitch instead of
/etc/openvswitch for new installs.
OBS-URL: https://build.opensuse.org/request/show/802898
OBS-URL: https://build.opensuse.org/package/show/network/openvswitch?expand=0&rev=196
68 lines
2.6 KiB
Diff
68 lines
2.6 KiB
Diff
From aa1869378cf512fd7aeee16c0a030264c2623270 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= <jcaamano@suse.com>
|
|
Date: Fri, 8 May 2020 11:23:04 +0200
|
|
Subject: [PATCH] Run ovn as openvswitch:openvswitch
|
|
|
|
Change default run configuration to unprivilieged user openvswitch and
|
|
group openvswitch. Expect any further customization from user in
|
|
sysconfig/ovn.
|
|
---
|
|
rhel/etc_logrotate.d_ovn | 2 +-
|
|
rhel/usr_lib_systemd_system_ovn-controller-vtep.service | 1 +
|
|
rhel/usr_lib_systemd_system_ovn-controller.service | 1 +
|
|
rhel/usr_lib_systemd_system_ovn-northd.service | 1 +
|
|
4 files changed, 4 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/rhel/etc_logrotate.d_ovn b/rhel/etc_logrotate.d_ovn
|
|
index a351ec303..4b26333fc 100644
|
|
--- a/rhel/etc_logrotate.d_ovn
|
|
+++ b/rhel/etc_logrotate.d_ovn
|
|
@@ -6,7 +6,7 @@
|
|
# without warranty of any kind.
|
|
|
|
/var/log/ovn/*.log {
|
|
- su root root
|
|
+ su openvswitch openvswitch
|
|
daily
|
|
compress
|
|
sharedscripts
|
|
diff --git a/rhel/usr_lib_systemd_system_ovn-controller-vtep.service b/rhel/usr_lib_systemd_system_ovn-controller-vtep.service
|
|
index 09ad0612c..dd6ff6675 100644
|
|
--- a/rhel/usr_lib_systemd_system_ovn-controller-vtep.service
|
|
+++ b/rhel/usr_lib_systemd_system_ovn-controller-vtep.service
|
|
@@ -35,6 +35,7 @@ After=openvswitch.service
|
|
[Service]
|
|
Type=simple
|
|
Restart=on-failure
|
|
+Environment=OVN_USER_ID=openvswitch:openvswitch
|
|
Environment=OVS_RUNDIR=%t/openvswitch
|
|
Environment=OVN_RUNDIR=%t/ovn
|
|
Environment=OVN_DB=unix:%t/ovn/ovnsb_db.sock
|
|
diff --git a/rhel/usr_lib_systemd_system_ovn-controller.service b/rhel/usr_lib_systemd_system_ovn-controller.service
|
|
index 15d0ac853..c602760f1 100644
|
|
--- a/rhel/usr_lib_systemd_system_ovn-controller.service
|
|
+++ b/rhel/usr_lib_systemd_system_ovn-controller.service
|
|
@@ -23,6 +23,7 @@ After=openvswitch.service
|
|
Type=forking
|
|
PIDFile=/var/run/ovn/ovn-controller.pid
|
|
Restart=on-failure
|
|
+Environment=OVN_USER_ID=openvswitch:openvswitch
|
|
Environment=OVN_RUNDIR=%t/ovn OVS_RUNDIR=%t/openvswitch
|
|
EnvironmentFile=-/etc/sysconfig/ovn
|
|
EnvironmentFile=-/etc/sysconfig/ovn-controller
|
|
diff --git a/rhel/usr_lib_systemd_system_ovn-northd.service b/rhel/usr_lib_systemd_system_ovn-northd.service
|
|
index d281f861c..d5c7dfa5f 100644
|
|
--- a/rhel/usr_lib_systemd_system_ovn-northd.service
|
|
+++ b/rhel/usr_lib_systemd_system_ovn-northd.service
|
|
@@ -20,6 +20,7 @@ After=syslog.target
|
|
[Service]
|
|
Type=oneshot
|
|
RemainAfterExit=yes
|
|
+Environment=OVN_USER_ID=openvswitch:openvswitch
|
|
Environment=OVN_RUNDIR=%t/ovn OVN_DBDIR=/var/lib/ovn
|
|
EnvironmentFile=-/etc/sysconfig/ovn
|
|
EnvironmentFile=-/etc/sysconfig/ovn-northd
|
|
--
|
|
2.16.4
|
|
|