rpms/kexec-tools
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Support setting up Open vSwitch (Ovs) Bridge network

Browse Source 
Resolves: https://issues.redhat.com/browse/RHEL-33465
Conflict: C9S misses the following two commits,
          - 1397006 ("dracut-module-setup: Remove remove_cpu_online_rule() since PowerPC uses nr_cpus")
          - 73c9eb7 ("dracut-module-setup: remove old s390 network device config (#1937048)")

Upstream Status: git@github.com:rhkdump/kdump-utils.git

commit 224d3102c54749eae98bfa1af8932aade8e4d2da
Author: Coiby Xu <coxu@redhat.com>
Date:   Mon Apr 22 15:02:42 2024 +0800

    Support setting up Open vSwitch (Ovs) Bridge network

    Resolves: https://issues.redhat.com/browse/RHEL-33465

    This patch supports setting up an Ovs bridge in kdump initrd. An Ovs
    bridge is similar to a classic Linux bridge but we use ovs-vsctl to find
    out the Ethernet device (having the MAC address as the bridge) added to
    an Ovs bridge. Once we copy all the needed NetworkManager (NM) connection
    profiles to kdump initrd and all the necessary files, NM will create an Ovs bridge
    automatically in kdump initrd.

    In the case of OpenShift Container Platform (OCP),
    ovs-configuration.service [1] is responsible for setting up an Ovs bridge.
    In theory, we can also try to bring up the original physical network
    interface before ovs-configuration.service. But this approach is
    cumbersome because it breaks our assumption that we should bring up the
    same network in kdump intrd as in 1st kernel (establishing the same network
    in kdump initrd only needs to copy the needed NM connection profiles
    thus we don't need to learn how different network setup work under the
    hood).

    How to test this patch with the help of configure-ovs.sh?
    =========================================================

    1. Extract configure-ovs.sh from [2]

    2. Install necessary packages for configure-ovs.sh
        dnf install openvswitch -yq
        dnf install NetworkManager-ovs nmap-ncat -yq

        systemctl enable --now openvswitch

        # restart NM so the ovs plugin can be activated
        systemctl restart NetworkManager

    3. Assume the network interface used for creating an Ovs bridge is
       "ens2", use configure-ovs.sh to create an Ovs bridge,

        interface=ens2
        mkdir -p /etc/ovnk
        echo $interface > /etc/ovnk/iface_default_hint
        bash configure-ovs.sh OVNKubernetes

    4. (Optional) If you want to make the created Ovs bridge survive a
       reboot, simply make the created NM connections created by
       configure-ovs.sh persist,

        cp /run/NetworkManager/system-connections/ovs-* /etc/NetworkManager/system-connections/

    If you need to create an Ovs bridge on top of a bonding network, use the
    following commands for step 3,

        nmcli con add type bond ifname bond0
        nmcli con add type ethernet ifname eth0 master bond0
        nmcli con add type ethernet ifname eth1 master bond0

        echo bond0 > /etc/ovnk/iface_default_hint
        bash configure-ovs.sh OVNKubernetes

    Note
    1. For RHEL, openvswitch3.3 may be installed so we need to get the
       package name by "rpm -qf /usr/lib/systemd/system/openvswitch.service"

    2. For RHEL9, openvswitch package needs to installed from another repo,
        cat << 'EOF' > /etc/yum.repos.d/ovs.repo
        [rhosp-rhel-9-fdp-cdn]
        name=Red Hat Enterprise Linux Fast Datapath $releasever - $basearch cdn
        baseurl=http://rhsm-pulp.corp.redhat.com/content/dist/layered/rhel9/$basearch/fast-datapath/os/
        enabled=1
        gpgcheck=0
        EOF

        dnf install openvswitch3.3 -yq

    3.  We instruct ovsdb-server to ignore NM connection files changes by
        "--ovsdb-server-options='--disable-file-column-diff'". In the
        future, this may not be needed if we simply copy all active NM
        connection profiles to kdump initrd without changing them after
        coming up with different solutions for the following cases,
        1. Some environments like some Azure machine doesn't use persistent
           NIC name. Current solution is to modify a NM connection
           profile to match a device by MAC address, for details check
           commit 568623e)

        2. If a NIC has an IPv4 or IPv6 address, set the corresponding
           may-fail property to no. Otherwise, dumping vmcore over IPv6
           could fail because only IPv4 network is ready or vice versa. Current
           solution is to disable IPv6 if only IPv4 is used and vice versa,
           for details check commit 9dfcacf,

        3. Some NICs need longer connection.wait-device-timeout otherwise
           the connection will fail to be established (commit 6b586a9).

    [1] https://github.com/openshift/machine-config-operator/blob/master/templates/common/_base/units/ovs-configuration.service.yaml
    [2] https://github.com/openshift/machine-config-operator/blob/master/templates/common/_base/files/configure-ovs-network.yaml

    Signed-off-by: Coiby Xu <coxu@redhat.com>

Signed-off-by: Coiby Xu <coxu@redhat.com>
This commit is contained in:
Coiby Xu 2024-07-29 17:21:41 +08:00
parent 0dc8953db3
commit bf947239de
1 changed files with 68 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
dracut-module-setup.sh
View File

@ -494,6 +494,24 @@ _find_znet_nmconnection() {
"$1"/*.nmconnection | LC_ALL=C sed -e "$2" "$1"/*.nmconnection | LC_ALL=C sed -e "$2"
} }
kdump_setup_ovs() {
local _netdev="$1"
local _dev _phy_if
_phy_if=$(ovs_find_phy_if "$_netdev")
if kdump_is_bridge "$_phy_if"; then
kdump_setup_vlan "$_phy_if"
elif kdump_is_bond "$_phy_if"; then
kdump_setup_bond "$_phy_if" || return 1
elif kdump_is_team "$_phy_if"; then
derror "Ovs bridge over team is not supported!"
exit 1
fi
_save_kdump_netifs "$_phy_if"
}
# setup s390 znet # setup s390 znet
# #
# Note part of code is extracted from ccw_init provided by s390utils # Note part of code is extracted from ccw_init provided by s390utils
@ -545,6 +563,28 @@ kdump_get_remote_ip() {
echo "$_remote" echo "$_remote"
} }
# Find the physical interface of Open vSwitch (Ovs) bridge
#
# The physical network interface has the same MAC address as the Ovs bridge
ovs_find_phy_if() {
local _mac _dev
_mac=$(kdump_get_mac_addr $1)
for _dev in $(ovs-vsctl list-ifaces $1); do
if [[ $_mac == $(</sys/class/net/$_dev/address) ]]; then
echo -n "$_dev"
return
fi
done
return 1
}
# Tell if a network interface is an Open vSwitch (Ovs) bridge
kdump_is_ovs_bridge() {
[[ $(_get_nic_driver $1) == openvswitch ]]
}
# Collect netifs needed by kdump # Collect netifs needed by kdump
# $1: destination host # $1: destination host
kdump_collect_netif_usage() { kdump_collect_netif_usage() {
@ -568,6 +608,9 @@ kdump_collect_netif_usage() {
kdump_setup_team "$_netdev" kdump_setup_team "$_netdev"
elif kdump_is_vlan "$_netdev"; then elif kdump_is_vlan "$_netdev"; then
kdump_setup_vlan "$_netdev" kdump_setup_vlan "$_netdev"
elif kdump_is_ovs_bridge "$_netdev"; then
has_ovs_bridge=yes
kdump_setup_ovs "$_netdev"
fi fi
_save_kdump_netifs "$_netdev" _save_kdump_netifs "$_netdev"
@ -614,6 +657,29 @@ kdump_install_resolv_conf() {
fi fi
} }
kdump_install_ovs_deps() {
[[ $has_ovs_bridge == yes ]] || return 0
inst_multiple -o $(rpm -ql NetworkManager-ovs) $(rpm -ql $(rpm -qf /usr/lib/systemd/system/openvswitch.service)) /sbin/sysctl /usr/bin/uuidgen /usr/bin/hostname /usr/bin/touch /usr/bin/expr /usr/bin/id /usr/bin/install /usr/bin/setpriv /usr/bin/nice /usr/bin/df
# 1. Overwrite the copied /etc/sysconfig/openvswitch so
# ovsdb-server.service can run as the default user root.
# /etc/sysconfig/openvswitch by default intructs ovsdb-server.service to
# run as USER=openvswitch, However openvswitch doesn't have the permission
# to write to /tmp in kdump initrd and ovsdb-server.servie will fail
# with the error "ovs-ctl[1190]: ovsdb-server: failed to create temporary
# file (Permission denied)". So run ovsdb-server.service as root instead
#
# 2. Bypass the error "referential integrity violation: Table Port column
# interfaces row" caused by we changing the connection profiles
echo "OPTIONS=\"--ovsdb-server-options='--disable-file-column-diff'\"" >"${initdir}/etc/sysconfig/openvswitch"
KDUMP_DROP_IN_DIR="${initdir}/etc/systemd/system/nm-initrd.service.d"
mkdir -p "$KDUMP_DROP_IN_DIR"
printf "[Unit]\nAfter=openvswitch.service\n" >$KDUMP_DROP_IN_DIR/01-after-ovs.conf
$SYSTEMCTL -q --root "$initdir" enable openvswitch.service
$SYSTEMCTL -q --root "$initdir" add-wants basic.target openvswitch.service
}
# Setup dracut to bring up network interface that enable # Setup dracut to bring up network interface that enable
# initramfs accessing giving destination # initramfs accessing giving destination
kdump_install_net() { kdump_install_net() {
@ -627,6 +693,7 @@ kdump_install_net() {
kdump_install_nm_netif_allowlist "$_netifs" kdump_install_nm_netif_allowlist "$_netifs"
kdump_install_nic_driver "$_netifs" kdump_install_nic_driver "$_netifs"
kdump_install_resolv_conf kdump_install_resolv_conf
kdump_install_ovs_deps
fi fi
} }
@ -1041,7 +1108,7 @@ remove_cpu_online_rule() {
install() { install() {
declare -A unique_netifs ipv4_usage ipv6_usage declare -A unique_netifs ipv4_usage ipv6_usage
local arch local arch has_ovs_bridge
kdump_module_init kdump_module_init
kdump_install_conf kdump_install_conf