Ubuntu
ovn package

Merge ~fnordahl/ubuntu/+source/ovn:bug/1914988-focal into ~ubuntu-server-dev/ubuntu/+source/ovn:ubuntu/focal

  1. Git
  2. lp:~fnordahl/ubuntu/+source/ovn
  3. bug/1914988-focal
  4. Merge into ubuntu/focal
Proposed by Frode Nordahl
Status: Merged
Merged at revision: 80e2e580aa75eabee94b3fdffdd0db8390b42515
Proposed branch: ~fnordahl/ubuntu/+source/ovn:bug/1914988-focal
Merge into: ~ubuntu-server-dev/ubuntu/+source/ovn:ubuntu/focal
Diff against target: 181 lines (+155/-0)
4 files modified
debian/changelog (+9/-0)
debian/patches/lp-1914988-Add-IGMP_Group-to-ovn-controller-RBAC.patch (+99/-0)
debian/patches/lp-1937075-ovn-ctl-Fix-stucked-while-do-cluster-db-init.patch (+45/-0)
debian/patches/series (+2/-0)
Reviewer Review Type Date Requested Status
James Page Pending
Ubuntu Server Developers Pending
Review via email: mp+409047@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Frode Nordahl (fnordahl) wrote :

Built package available in https://launchpad.net/~fnordahl/+archive/ubuntu/lp1914988

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 39d34f9..3a96e4b 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,12 @@
6+ovn (20.03.2-0ubuntu0.20.04.2) focal; urgency=medium
7+
8+ * d/p/lp-1914988-Add-IGMP_Group-to-ovn-controller-RBAC.patch:
9+ Add RBAC rules for IGMP_Group table (LP: #1914988).
10+ * d/p/lp-1937075-ovn-ctl-Fix-stucked-while-do-cluster-db-init.patch:
11+ Fix issue where clustered database might not be upgraded (LP: #1937075).
12+
13+ -- Frode Nordahl <frode.nordahl@canonical.com> Thu, 23 Sep 2021 12:03:00 +0200
14+
15 ovn (20.03.2-0ubuntu0.20.04.1) focal; urgency=medium
16
17 * New upstream point release (LP: #1924981):
18diff --git a/debian/patches/lp-1914988-Add-IGMP_Group-to-ovn-controller-RBAC.patch b/debian/patches/lp-1914988-Add-IGMP_Group-to-ovn-controller-RBAC.patch
19new file mode 100644
20index 0000000..d01b973
21--- /dev/null
22+++ b/debian/patches/lp-1914988-Add-IGMP_Group-to-ovn-controller-RBAC.patch
23@@ -0,0 +1,99 @@
24+Origin: backport, https://github.com/ovn-org/ovn/commit/e92d8cb838d407aac7d44c9d27f862df42fbb8d2
25+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ovn/+bug/1914988
26+Last-Update: 2021-09-23
27+
28+From 096cdb5d6239bcfebc93ef7ccc037693d76def7b Mon Sep 17 00:00:00 2001
29+From: Pedro Guimaraes <pedro.guimaraes@canonical.com>
30+Date: Sun, 7 Feb 2021 16:07:08 +0100
31+Subject: [PATCH] Add IGMP_Group to ovn-controller RBAC
32+
33+If RBAC and IGMP snooping are enabled, ovn-controllers need to
34+be able to register new entries to table IGMP_Group as requests
35+are detected.
36+
37+For that, ovn-controllers need to have read/write access to
38+IGMP_Group table.
39+
40+Signed-off-by: Pedro Guimaraes <pedro.guimaraes@canonical.com>
41+Reported-at: https://github.com/ovn-org/ovn/issues/77
42+Acked-by: Frode Nordahl <frode.nordahl@canonical.com>
43+Signed-off-by: Numan Siddique <numans@ovn.org>
44+(cherry picked from commit e92d8cb838d407aac7d44c9d27f862df42fbb8d2)
45+---
46+ AUTHORS.rst | 1 +
47+ northd/ovn-northd.c | 12 ++++++++++++
48+ ovn-architecture.7.xml | 16 ++++++++++++++++
49+ 3 files changed, 29 insertions(+)
50+
51+diff --git a/AUTHORS.rst b/AUTHORS.rst
52+index 79ee520a1..d7a4f89a1 100644
53+--- a/AUTHORS.rst
54++++ b/AUTHORS.rst
55+@@ -287,6 +287,7 @@ Paul Fazzone pfazzone@vmware.com
56+ Paul Ingram
57+ Paul-Emmanuel Raoul skyper@skyplabs.net
58+ Pavithra Ramesh paramesh@vmware.com
59++Pedro Guimaraes pedro.guimaraes@canonical.com
60+ Peter Downs padowns@gmail.com
61+ Philippe Jung phil.jung@free.fr
62+ Pim van den Berg pim@nethuis.nl
63+diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
64+index 9cc2c04bb..d091c3972 100644
65+--- a/northd/ovn-northd.c
66++++ b/northd/ovn-northd.c
67+@@ -11295,6 +11295,10 @@ static const char *rbac_svc_monitor_auth[] =
68+ {""};
69+ static const char *rbac_svc_monitor_auth_update[] =
70+ {"status"};
71++static const char *rbac_igmp_group_auth[] =
72++ {""};
73++static const char *rbac_igmp_group_update[] =
74++ {"address", "chassis", "datapath", "ports"};
75+
76+ static struct rbac_perm_cfg {
77+ const char *table;
78+@@ -11353,6 +11357,14 @@ static struct rbac_perm_cfg {
79+ .update = rbac_svc_monitor_auth_update,
80+ .n_update = ARRAY_SIZE(rbac_svc_monitor_auth_update),
81+ .row = NULL
82++ },{
83++ .table = "IGMP_Group",
84++ .auth = rbac_igmp_group_auth,
85++ .n_auth = ARRAY_SIZE(rbac_igmp_group_auth),
86++ .insdel = true,
87++ .update = rbac_igmp_group_update,
88++ .n_update = ARRAY_SIZE(rbac_igmp_group_update),
89++ .row = NULL
90+ },{
91+ .table = NULL,
92+ .auth = NULL,
93+diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml
94+index 46508e64a..9df3e978b 100644
95+--- a/ovn-architecture.7.xml
96++++ b/ovn-architecture.7.xml
97+@@ -2172,6 +2172,22 @@
98+ modified by ovn-controller.
99+ </p>
100+ </dd>
101++
102++ <dt><code>IGMP_Group</code></dt>
103++ <dd>
104++ <p>
105++ <code>Authorization</code>: disabled (all clients are considered
106++ to be authorized).
107++ </p>
108++ <p>
109++ <code>Insert/Delete</code>: row insertion/deletion are permitted.
110++ </p>
111++ <p>
112++ <code>Update</code>: The columns <code>address</code>,
113++ <code>chassis</code>, <code>datapath</code>, and
114++ <code>ports</code> may be modified by ovn-controller.
115++ </p>
116++ </dd>
117+ </dl>
118+
119+ <p>
120+--
121+2.32.0
122+
123diff --git a/debian/patches/lp-1937075-ovn-ctl-Fix-stucked-while-do-cluster-db-init.patch b/debian/patches/lp-1937075-ovn-ctl-Fix-stucked-while-do-cluster-db-init.patch
124new file mode 100644
125index 0000000..d66d17c
126--- /dev/null
127+++ b/debian/patches/lp-1937075-ovn-ctl-Fix-stucked-while-do-cluster-db-init.patch
128@@ -0,0 +1,45 @@
129+Origin: backport, https://github.com/ovn-org/ovn/commit/65cc0e225b5922a72f0d40c2c39da0210669c21a
130+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ovn/+bug/1937075
131+Last-Update: 2021-09-23
132+
133+From 8ab04a8ec2414a949f634fc965088162d238b4c6 Mon Sep 17 00:00:00 2001
134+From: Tao YunXiang <taoyunxiang@cmss.chinamobile.com>
135+Date: Tue, 17 Mar 2020 11:16:10 +0800
136+Subject: [PATCH] ovn-ctl: Fix stucked while do cluster db init
137+
138+For cluster mode, only the first server, which is the leader, in a cluster
139+should do init. But, sometimes, the role of the first server would transfer
140+leadership, so we should add --no-leader-only in case the ovn-northd stucked.
141+
142+Co-authored-by: Liu Chang <liuchang@cmss.chinamobile.com>
143+Co-authored-by: Rong Yin <rongyin@cmss.chinamobile.com>
144+Signed-off-by: Tao YunXiang <taoyunxiang@cmss.chinamobile.com>
145+Signed-off-by: Liu Chang <liuchang@cmss.chinamobile.com>
146+Signed-off-by: Rong Yin <rongyin@cmss.chinamobile.com>
147+Acked-by: Numan Siddique <numans@ovn.org>
148+Signed-off-by: Han Zhou <hzhou@ovn.org>
149+(cherry picked from commit 65cc0e225b5922a72f0d40c2c39da0210669c21a)
150+---
151+ utilities/ovn-ctl | 5 ++---
152+ 1 file changed, 2 insertions(+), 3 deletions(-)
153+
154+diff --git a/utilities/ovn-ctl b/utilities/ovn-ctl
155+index a763f7750..c361b9d62 100755
156+--- a/utilities/ovn-ctl
157++++ b/utilities/ovn-ctl
158+@@ -300,10 +300,9 @@ $cluster_remote_port
159+ "$@" "$file"
160+ fi
161+
162+- # Initialize the database if it's running standalone,
163+- # active-passive, or is the first server in a cluster.
164++ # Initialize the database if it's NOT joining a cluster.
165+ if test -z "$cluster_remote_addr"; then
166+- $(echo ovn-${db}ctl | tr _ -) init
167++ $(echo ovn-${db}ctl | tr _ -) --no-leader-only init
168+ fi
169+
170+ if test $mode = cluster; then
171+--
172+2.32.0
173+
174diff --git a/debian/patches/series b/debian/patches/series
175new file mode 100644
176index 0000000..9afd08f
177--- /dev/null
178+++ b/debian/patches/series
179@@ -0,0 +1,2 @@
180+lp-1914988-Add-IGMP_Group-to-ovn-controller-RBAC.patch
181+lp-1937075-ovn-ctl-Fix-stucked-while-do-cluster-db-init.patch

Subscribers

People subscribed via source and target branches