Skip to content

Commit

Permalink
incusd: Add OVN loader
Browse files Browse the repository at this point in the history 
Signed-off-by: Stéphane Graber <stgraber@stgraber.org>
Sponsored-by: Luizalabs (https://luizalabs.com)
  • Loading branch information
@stgraber
stgraber committed Mar 5, 2024
1 parent 6b307d9 commit aafcd37
Show file tree
Hide file tree
Showing 2 changed files with 86 additions and 0 deletions.
11 changes: 11 additions & 0 deletions cmd/incusd/api_1.0.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -833,6 +833,7 @@ func doApi10UpdateTriggers(d *Daemon, nodeChanged, clusterChanged map[string]str
lokiChanged := false
oidcChanged := false
openFGAChanged := false
ovnChanged := false
syslogChanged := false

for key := range clusterChanged {
Expand Down Expand Up @@ -867,6 +868,9 @@ func doApi10UpdateTriggers(d *Daemon, nodeChanged, clusterChanged map[string]str
case "loki.api.url", "loki.auth.username", "loki.auth.password", "loki.api.ca_cert", "loki.instance", "loki.labels", "loki.loglevel", "loki.types":
lokiChanged = true

case "network.ovn.northbound_connection", "network.ovn.ca_cert", "network.ovn.client_cert", "network.ovn.client_key":
ovnChanged = true

case "oidc.issuer", "oidc.client.id", "oidc.audience":
oidcChanged = true

Expand Down Expand Up @@ -1015,6 +1019,13 @@ func doApi10UpdateTriggers(d *Daemon, nodeChanged, clusterChanged map[string]str
}
}

if ovnChanged {
err := d.setupOVN()
if err != nil {
return err
}
}

if syslogChanged {
err := d.setupSyslogSocket(nodeConfig.SyslogSocket())
if err != nil {
Expand Down
75 changes: 75 additions & 0 deletions cmd/incusd/daemon.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,8 @@ import (
instanceDrivers "github.com/lxc/incus/internal/server/instance/drivers"
"github.com/lxc/incus/internal/server/instance/instancetype"
"github.com/lxc/incus/internal/server/loki"
"github.com/lxc/incus/internal/server/network/ovn"
"github.com/lxc/incus/internal/server/network/ovs"
networkZone "github.com/lxc/incus/internal/server/network/zone"
"github.com/lxc/incus/internal/server/node"
"github.com/lxc/incus/internal/server/project"
Expand Down Expand Up @@ -161,6 +163,10 @@ type Daemon struct {

// Syslog listener cancel function.
syslogSocketCancel context.CancelFunc

// OVN clients.
ovnnb *ovn.NB
ovnsb *ovn.SB
}

// DaemonConfig holds configuration values for Daemon.
Expand Down Expand Up @@ -501,6 +507,8 @@ func (d *Daemon) State() *state.State {
ServerClustered: d.serverClustered,
StartTime: d.startTime,
Authorizer: d.authorizer,
OVNNB: d.ovnnb,
OVNSB: d.ovnsb,
}
}

Expand Down Expand Up @@ -1413,6 +1421,9 @@ func (d *Daemon) init() error {
logger.Info("Started BGP server")
}

// Attempt to setup OVN clients.
_ = d.setupOVN()

// Setup DNS listener.
d.dns = dns.NewServer(d.db.Cluster, func(name string, full bool) (*dns.Zone, error) {
// Fetch the zone.
Expand Down Expand Up @@ -2425,3 +2436,67 @@ func (d *Daemon) nodeRefreshTask(heartbeatData *cluster.APIHeartbeat, isLeader b

wg.Wait()
}

func (d *Daemon) setupOVN() error {
// Clear any existing clients.
d.ovnnb = nil
d.ovnsb = nil

// Connect to OpenVswitch.
vswitch, err := ovs.NewVSwitch()
if err != nil {
return fmt.Errorf("Failed to connect to OVS: %w", err)
}

// Get the OVN southbound address.
ovnSBAddr, err := vswitch.OVNSouthboundDBRemoteAddress()
if err != nil {
return fmt.Errorf("Failed to get OVN southbound connection string: %w", err)
}

// Get the OVN northbound address.
ovnNBAddr := d.globalConfig.NetworkOVNNorthboundConnection()

// Get the SSL certificates if needed.
sslCACert, sslClientCert, sslClientKey := d.globalConfig.NetworkOVNSSL()

// Fallback to filesystem keys.
if sslCACert == "" {
content, err := os.ReadFile("/etc/ovn/ovn-central.crt")
if err == nil {
sslCACert = string(content)
}
}

if sslClientCert == "" {
content, err := os.ReadFile("/etc/ovn/cert_host")
if err == nil {
sslClientCert = string(content)
}
}

if sslClientKey == "" {
content, err := os.ReadFile("/etc/ovn/key_host")
if err == nil {
sslClientKey = string(content)
}
}

// Get OVN northbound client.
ovnnb, err := ovn.NewNB(ovnNBAddr, sslCACert, sslClientCert, sslClientKey)
if err != nil {
return err
}

// Get OVN southbound client.
ovnsb, err := ovn.NewSB(ovnSBAddr, sslCACert, sslClientCert, sslClientKey)
if err != nil {
return err
}

// Set the clients.
d.ovnnb = ovnnb
d.ovnsb = ovnsb

return nil
}

0 comments on commit aafcd37

Please sign in to comment.