Azure · paulyufan2 · Jul 24, 2023 · Jun 22, 2023 · Jul 20, 2023 · Jul 20, 2023
@@ -0,0 +1,20 @@
+# ovs_scripts
+
+`remove_ovs_bridges.py` script is for removing ovs switch(azure0) and the and openflow rules configured with it 
+ssh connection will not be lost when running script
+It will get all existing ovs bridges and delete them and then delete CNI state file 
+and all interfaces starting with `az` that are used for supporting apipa connectivity. After that,
+it will bring back VM to original state with eth0 as primary interface and 
+check if Linux VM internet connectivity is still working.
+
+`remove_ovs_leaked_rules.py` script is for removeing all leaked ovs rules
+It will check ovs flow dumps and filter which ports are being used. Then delete these ovs rules that
+are not associated with used ports.
+
+To run these script, clone scripts to Linux VM with ovs and have Python3 environment ready:
+paulyu@paul-microsoft:~$ which python3
+/usr/bin/python3
+
+Run script:
+python3 remove_ovs_bridges.py
+python3 remove_ovs_leaked_rules.py
@@ -0,0 +1,85 @@
+import subprocess
+import os
+import re
+import requests
+
+# step 1: get all ovs bridges:
+try:
+    ovsBridgeShow = subprocess.Popen(['ovs-vsctl', 'list-br'],
+                                     stdout=subprocess.PIPE,
+                                     stderr=subprocess.STDOUT)
+except subprocess.CalledProcessError:
+    print("failed to execute ovs-vsctl show command")
+    os.Exit(1)
+
+stdout = ovsBridgeShow.communicate()
+ovsBridgeList = stdout[0].decode("utf-8".strip()).split('\n')
+
+# step 2: remove all ovs bridges
+for bridge in ovsBridgeList:
+    if bridge != "":
+        deleteCommand = "ovs-vsctl del-br %s"%bridge
+        try:
+            print("deleting ovs bridge by: ", deleteCommand)
+            os.system(deleteCommand)
+        except:
+            print("failed to delete all ovs bridges")
+
+# step 3: reset vSwitch configuration to clean state and delete manager
+try:
+    os.system("ovs-vsctl del-manager")
+    os.system("ovs-vsctl emer-reset")
+except:
+    print("failed to reset vSwitch configuration and delete manager")
+
+# step 4: check if ovs flows exist anymore
+try:
+    ovsDPCtlShow = subprocess.Popen(['ovs-dpctl', 'show'],
+                            stdout=subprocess.PIPE,
+                                stderr=subprocess.STDOUT)
+except subprocess.CalledProcessError:
+    print("failed to execute ovs-dpctl show command")
+    os.Exit(1)
+
+stdout = ovsDPCtlShow.communicate()
+if stdout[0].decode("utf-8") != "":
+    print("ovs flows still exist, please check if all ovs bridges are removed from system")
+    os.Exit(1)
+
+# step 5: delete cni state file:
+cniStatePath = "/var/run/azure-vnet.json"
+if os.path.exists(cniStatePath):
+    try:
+        os.system("rm /var/run/azure-vnet.json")
+    except:
+        print("failed to delete cni state file")
+        os.Exit(1)
+
+# step 6: delete az* interfaces as supporting for apipa connectivity
+try:
+    ovsBridgeShow = subprocess.Popen(['ls', '/sys/class/net'],
+                                     stdout=subprocess.PIPE,
+                                     stderr=subprocess.STDOUT)
+except subprocess.CalledProcessError:
+    print("failed to execute get all interfaces command")
+    os.Exit(1)
+
+stdout = ovsBridgeShow.communicate()
+for interface in stdout[0].decode("utf-8").split('\n'):
+    if interface.startswith("az"):
+        try:
+            ovsBridgeShow = subprocess.Popen(['ip', 'link', 'delete', interface],
+                                     stdout=subprocess.PIPE,
+                                     stderr=subprocess.STDOUT)
+        except subprocess.CalledProcessError:
+            print("failed to delete interface: ", interface)
+            os.Exit(1)
+
+# step 7: check internet connectivity after ovs bridges are removed
+url = "http://www.bing.com"
+timeout = 5
+try:
+	request = requests.get(url, timeout=timeout)
+	print("Connected to the Internet")
+except (requests.ConnectionError, requests.Timeout) as exception:
+	print("No internet connection.")
@@ -0,0 +1,43 @@
+import subprocess
+import re
+import os
+
+# step 1: get ovs-dpctl show out to make sure which ports are being used
+try:
+    ovsDPCtlShow = subprocess.Popen(['ovs-dpctl', 'show'],
+                            stdout=subprocess.PIPE,
+                                stderr=subprocess.STDOUT)
+except subprocess.CalledProcessError:
+    print("failed to execute ovs-dpctl show command")
+    os.Exit(1)
+
+stdout = ovsDPCtlShow.communicate()
+
+usedPortList = re.findall("port (\d+)", str(stdout))
+
+# Step 2: Check ovs flows dumps
+try:
+    ovsDumpFlows = subprocess.Popen(['ovs-ofctl', 'dump-flows', 'azure0'],
+                            stdout=subprocess.PIPE,
+                            stderr=subprocess.STDOUT)
+except subprocess.CalledProcessError:
+    print("failed to execute ovs-ofctl dump-flows command")
+    os.Exit(1)
+
+stdout = ovsDumpFlows.communicate()
+allPortList = re.findall("in_port=(\d+)", str(stdout))
+
+unUsedPortList = []
+for port in allPortList:
+    if port not in usedPortList:
+        unUsedPortList.append(port)
+
+# Step 3: delete leaked rules
+# only use unused ports
+for port in unUsedPortList:
+    deleteCommand = "ovs-ofctl del-flows azure0 ip,in_port=%s"%port
+    try:
+        os.system(deleteCommand)
+    except:
+        print("delete command %s does not work"%deleteCommand)
+        os.Exit(1)