1ovn-sbctl(8) Open vSwitch Manual ovn-sbctl(8)
2
6 ovn-sbctl - utility for querying and configuring OVN_Southbound data‐
7 base
8
10 ovn-sbctl [options] -- [options] command [args] [-- [options] command
11 [args]]...
12
14 The ovn-sbctl program configures the OVN_Southbound database by provid‐
15 ing a high-level interface to its configuration database. See
16 ovn-sb(5) for comprehensive documentation of the database schema.
17 ovn-sbctl connects to an ovsdb-server process that maintains an
19 OVN_Southbound configuration database. Using this connection, it
20 queries and possibly applies changes to the database, depending on the
21 supplied commands.
22 ovn-sbctl can perform any number of commands in a single run, imple‐
24 mented as a single atomic transaction against the database.
25 The ovn-sbctl command line begins with global options (see OPTIONS
27 below for details). The global options are followed by one or more
28 commands. Each command should begin with -- by itself as a command-
29 line argument, to separate it from the following commands. (The --
30 before the first command is optional.) The command itself starts with
31 command-specific options, if any, followed by the command name and any
32 arguments.
33
35 The following options affect the behavior of ovn-sbctl as a whole.
36 Some individual commands also accept their own options, which are given
37 just before the command name. If the first command on the command line
38 has options, then those options must be separated from the global
39 options by --.
40 --db=server
42 The OVSDB database remote to contact. If the OVN_SB_DB environ‐
43 ment variable is set, its value is used as the default. Other‐
44 wise, the default is unix:@RUNDIR@/ovnsb_db.sock, but this
45 default is unlikely to be useful outside of single-machine OVN
46 test environments.
47 server may be an OVSDB active or passive connection method, e.g.
49 ssl:192.168.10.5:6640, as described in ovsdb(7).
50 --leader-only
52 --no-leader-only
53 By default, or with --leader-only, when the database server is a
54 clustered database, ovn-sbctl will avoid servers other than the
55 cluster leader. This ensures that any data that ovn-sbctl reads
56 and reports is up-to-date. With --no-leader-only, ovn-sbctl
57 will use any server in the cluster, which means that for read-
58 only transactions it can report and act on stale data (transac‐
59 tions that modify the database are always serialized even with
60 --no-leader-only). Refer to Understanding Cluster Consistency
61 in ovsdb(7) for more information.
62 --no-syslog
64 By default, ovn-sbctl logs its arguments and the details of any
65 changes that it makes to the system log. This option disables
66 this logging.
67 This option is equivalent to --verbose=sbctl:syslog:warn.
69 --oneline
71 Modifies the output format so that the output for each command
72 is printed on a single line. New-line characters that would
73 otherwise separate lines are printed as \n, and any instances of
74 \ that would otherwise appear in the output are doubled. Prints
75 a blank line for each command that has no output. This option
76 does not affect the formatting of output from the list or find
77 commands; see Table Formatting Options below.
78 --dry-run
80 Prevents ovn-sbctl from actually modifying the database.
81 -t secs
83 --timeout=secs
84 By default, or with a secs of 0, ovn-sbctl waits forever for a
85 response from the database. This option limits runtime to
86 approximately secs seconds. If the timeout expires, ovn-sbctl
87 will exit with a SIGALRM signal. (A timeout would normally hap‐
88 pen only if the database cannot be contacted, or if the system
89 is overloaded.)
90 -v[spec]
92 --verbose=[spec]
93 Sets logging levels. Without any spec, sets the log level for
94 every module and destination to dbg. Otherwise, spec is a list
95 of words separated by spaces or commas or colons, up to one from
96 each category below:
97 · A valid module name, as displayed by the vlog/list com‐
99 mand on ovs-appctl(8), limits the log level change to the
100 specified module.
101 · syslog, console, or file, to limit the log level change
103 to only to the system log, to the console, or to a file,
104 respectively. (If --detach is specified, ovn-sbctl
105 closes its standard file descriptors, so logging to the
106 console will have no effect.)
107 On Windows platform, syslog is accepted as a word and is
109 only useful along with the --syslog-target option (the
110 word has no effect otherwise).
111 · off, emer, err, warn, info, or dbg, to control the log
113 level. Messages of the given severity or higher will be
114 logged, and messages of lower severity will be filtered
115 out. off filters out all messages. See ovs-appctl(8)
116 for a definition of each log level.
117 Case is not significant within spec.
119 Regardless of the log levels set for file, logging to a file
121 will not take place unless --log-file is also specified (see
122 below).
123 For compatibility with older versions of OVS, any is accepted as
125 a word but has no effect.
126 -v
128 --verbose
129 Sets the maximum logging verbosity level, equivalent to --ver‐
130 bose=dbg.
131 -vPATTERN:destination:pattern
133 --verbose=PATTERN:destination:pattern
134 Sets the log pattern for destination to pattern. Refer to
135 ovs-appctl(8) for a description of the valid syntax for pattern.
136 -vFACILITY:facility
138 --verbose=FACILITY:facility
139 Sets the RFC5424 facility of the log message. facility can be
140 one of kern, user, mail, daemon, auth, syslog, lpr, news, uucp,
141 clock, ftp, ntp, audit, alert, clock2, local0, local1, local2,
142 local3, local4, local5, local6 or local7. If this option is not
143 specified, daemon is used as the default for the local system
144 syslog and local0 is used while sending a message to the target
145 provided via the --syslog-target option.
146 --log-file[=file]
148 Enables logging to a file. If file is specified, then it is
149 used as the exact name for the log file. The default log file
150 name used if file is omitted is /var/log/ovn/ovn-sbctl.log.
151 --syslog-target=host:port
153 Send syslog messages to UDP port on host, in addition to the
154 system syslog. The host must be a numerical IP address, not a
155 hostname.
156 --syslog-method=method
158 Specify method how syslog messages should be sent to syslog dae‐
159 mon. Following forms are supported:
160 · libc, use libc syslog() function. Downside of using this
162 options is that libc adds fixed prefix to every message
163 before it is actually sent to the syslog daemon over
164 /dev/log UNIX domain socket.
165 · unix:file, use UNIX domain socket directly. It is possi‐
167 ble to specify arbitrary message format with this option.
168 However, rsyslogd 8.9 and older versions use hard coded
169 parser function anyway that limits UNIX domain socket
170 use. If you want to use arbitrary message format with
171 older rsyslogd versions, then use UDP socket to localhost
172 IP address instead.
173 · udp:ip:port, use UDP socket. With this method it is pos‐
175 sible to use arbitrary message format also with older
176 rsyslogd. When sending syslog messages over UDP socket
177 extra precaution needs to be taken into account, for
178 example, syslog daemon needs to be configured to listen
179 on the specified UDP port, accidental iptables rules
180 could be interfering with local syslog traffic and there
181 are some security considerations that apply to UDP sock‐
182 ets, but do not apply to UNIX domain sockets.
183 · null, discards all messages logged to syslog.
185 The default is taken from the OVS_SYSLOG_METHOD environment
187 variable; if it is unset, the default is libc.
188 -h
190 --help Prints a brief help message to the console.
191 -V
193 --version
194 Prints version information to the console.
195 Table Formatting Options
197 These options control the format of output from the list and find com‐
198 mands.
199 -f format
201 --format=format
202 Sets the type of table formatting. The following types of for‐
203 mat are available:
204 table 2-D text tables with aligned columns.
206 list (default)
208 A list with one column per line and rows separated by a
209 blank line.
210 html HTML tables.
212 csv Comma-separated values as defined in RFC 4180.
214 json JSON format as defined in RFC 4627. The output is a
216 sequence of JSON objects, each of which corresponds to
217 one table. Each JSON object has the following members
218 with the noted values:
219 caption
221 The table's caption. This member is omitted if
222 the table has no caption.
223 headings
225 An array with one element per table column. Each
226 array element is a string giving the corresponding
227 column's heading.
228 data An array with one element per table row. Each
230 element is also an array with one element per ta‐
231 ble column. The elements of this second-level
232 array are the cells that constitute the table.
233 Cells that represent OVSDB data or data types are
234 expressed in the format described in the OVSDB
235 specification; other cells are simply expressed as
236 text strings.
237 -d format
239 --data=format
240 Sets the formatting for cells within output tables unless the
241 table format is set to json, in which case json formatting is
242 always used when formatting cells. The following types of for‐
243 mat are available:
244 string (default)
246 The simple format described in the Database Values sec‐
247 tion of ovs-vsctl(8).
248 bare The simple format with punctuation stripped off: [] and
250 {} are omitted around sets, maps, and empty columns,
251 items within sets and maps are space-separated, and
252 strings are never quoted. This format may be easier for
253 scripts to parse.
254 json The RFC 4627 JSON format as described above.
256 --no-headings
258 This option suppresses the heading row that otherwise appears in
259 the first row of table output.
260 --pretty
262 By default, JSON in output is printed as compactly as possible.
263 This option causes JSON in output to be printed in a more read‐
264 able fashion. Members of objects and elements of arrays are
265 printed one per line, with indentation.
266 This option does not affect JSON in tables, which is always
268 printed compactly.
269 --bare Equivalent to --format=list --data=bare --no-headings.
271 --max-column-width=n
273 For table output only, limits the width of any column in the
274 output to n columns. Longer cell data is truncated to fit, as
275 necessary. Columns are always wide enough to display the column
276 names, if the heading row is printed.
277 Public Key Infrastructure Options
279 --bootstrap-ca-cert=cacert.pem
280 When cacert.pem exists, this option has the same effect as -C or
281 --ca-cert. If it does not exist, then ovn-sbctl will attempt to
282 obtain the CA certificate from the SSL peer on its first SSL
283 connection and save it to the named PEM file. If it is success‐
284 ful, it will immediately drop the connection and reconnect, and
285 from then on all SSL connections must be authenticated by a cer‐
286 tificate signed by the CA certificate thus obtained.
287 This option exposes the SSL connection to a man-in-the-middle
289 attack obtaining the initial CA certificate, but it may be use‐
290 ful for bootstrapping.
291 This option is only useful if the SSL peer sends its CA certifi‐
293 cate as part of the SSL certificate chain. The SSL protocol
294 does not require the server to send the CA certificate.
295 This option is mutually exclusive with -C and --ca-cert.
297 -p privkey.pem
299 --private-key=privkey.pem
300 Specifies a PEM file containing the private key used as
301 ovn-sbctl's identity for outgoing SSL connections.
302 -c cert.pem
304 --certificate=cert.pem
305 Specifies a PEM file containing a certificate that certifies the
306 private key specified on -p or --private-key to be trustworthy.
307 The certificate must be signed by the certificate authority (CA)
308 that the peer in SSL connections will use to verify it.
309 -C cacert.pem
311 --ca-cert=cacert.pem
312 Specifies a PEM file containing the CA certificate that
313 ovn-sbctl should use to verify certificates presented to it by
314 SSL peers. (This may be the same certificate that SSL peers use
315 to verify the certificate specified on -c or --certificate, or
316 it may be a different one, depending on the PKI design in use.)
317 -C none
319 --ca-cert=none
320 Disables verification of certificates presented by SSL peers.
321 This introduces a security risk, because it means that certifi‐
322 cates cannot be verified to be those of known trusted hosts.
323
325 The commands implemented by ovn-sbctl are described in the sections
326 below.
327 OVN_Southbound Commands
329 These commands work with an OVN_Southbound database as a whole.
330 init Initializes the database, if it is empty. If the database has
332 already been initialized, this command has no effect.
333 show Prints a brief overview of the database contents.
335 Chassis Commands
337 These commands manipulate OVN_Southbound chassis.
338 [--may-exist] chassis-add chassis encap-type encap-ip
340 Creates a new chassis named chassis. encap-type is a comma-sep‐
341 arated list of tunnel types. The chassis will have one encap
342 entry for each specified tunnel type with encap-ip as the desti‐
343 nation IP for each.
344 Without --may-exist, attempting to create a chassis that exists
346 is an error. With --may-exist, this command does nothing if
347 chassis already exists.
348 [--if-exists] chassis-del chassis
350 Deletes chassis and its encaps and gateway_ports.
351 Without --if-exists, attempting to delete a chassis that does
353 not exist is an error. With --if-exists, attempting to delete a
354 chassis that does not exist has no effect.
355 Port binding Commands
357 These commands manipulate OVN_Southbound port bindings.
358 [--may-exist] lsp-bind logical-port chassis
360 Binds the logical port named logical-port to chassis.
361 Without --may-exist, attempting to bind a logical port that has
363 already been bound is an error. With --may-exist, this command
364 does nothing if logical-port has already been bound to a chas‐
365 sis.
366 [--if-exists] lsp-unbind logical-port
368 Resets the binding of logical-port to NULL.
369 Without --if-exists, attempting to unbind a logical port that is
371 not bound is an error. With --if-exists, attempting to unbind
372 logical port that is not bound has no effect.
373 Logical Flow Commands
375 [--uuid] [--ovs[=remote]] [--stats] lflow-list [logical-datapath]
376 [lflow...]
377 List logical flows. If logical-datapath is specified, only list
378 flows for that logical datapath. The logical-datapath may be
379 given as a UUID or as a datapath name (reporting an error if
380 multiple datapaths have the same name).
381 If at least one lflow is given, only matching logical flows, if
383 any, are listed. Each lflow may be specified as a UUID or the
384 first few characters of a UUID, optionally prefixed by 0x.
385 (Because ovn-controller sets OpenFlow flow cookies to the first
386 32 bits of the corresponding logical flow's UUID, this makes it
387 easy to look up the logical flow that generated a particular
388 OpenFlow flow.)
389 If --uuid is specified, the output includes the first 32 bits of
391 each logical flow's UUID. This makes it easier to find the
392 OpenFlow flows that correspond to a given logical flow.
393 If --ovs is included, ovn-sbctl attempts to obtain and display
395 the OpenFlow flows that correspond to each OVN logical flow. To
396 do so, ovn-sbctl connects to remote (by default,
397 unix:@RUNDIR@/br-int.mgmt) over OpenFlow and retrieves the
398 flows. If remote is specified, it must be an active OpenFlow
399 connection method described in ovsdb(7). Please see the discus‐
400 sion of the similar --ovs option in ovn-trace(8) for more infor‐
401 mation about the OpenFlow flow output.
402 By default, OpenFlow flow output includes only match and
404 actions. Add --stats to include all OpenFlow information, such
405 as packet and byte counters, duration, and timeouts.
406 [--uuid] dump-flows [logical-datapath]
408 Alias for lflow-list.
409 Remote Connectivity Commands
411 These commands manipulate the connections column in the SB_Global table
412 and rows in the Connection table. When ovsdb-server is configured to
413 use the connections column for OVSDB connections, this allows the
414 administrator to use ovn-sbctl to configure database connections.
415 get-connection
417 Prints the configured connection(s).
418 del-connection
420 Deletes the configured connection(s).
421 set-connection [access-specifier] target...
423 Sets the configured manager target or targets. Each target may
424 may be an OVSDB active or passive connection method, e.g.
425 pssl:6640, as described in ovsdb(7), optionally preceded by an
426 optional access-specifier (read-only or read-write). If pro‐
427 vided, the effect of the access specifier persists for subse‐
428 quent targets until changed by another access specifier.
429 SSL Configuration
431 When ovsdb-server is configured to connect using SSL, the following
432 parameters are required:
433 private-key
435 Specifies a PEM file containing the private key used for SSL
436 connections.
437 certificate
439 Specifies a PEM file containing a certificate, signed by the
440 certificate authority (CA) used by the connection peers, that
441 certifies the private key, identifying a trustworthy peer.
442 ca-cert
444 Specifies a PEM file containing the CA certificate used to ver‐
445 ify that the connection peers are trustworthy.
446 These SSL settings apply to all SSL connections made by the southbound
448 database server.
449 get-ssl
451 Prints the SSL configuration.
452 del-ssl
454 Deletes the current SSL configuration.
455 [--bootstrap] set-ssl private-key certificate ca-cert [ssl-protocol-
457 list [ssl-cipher-list]]
458 Sets the SSL configuration. The --bootstrap option is described
459 below.
460 CA Certificate Bootstrap
462 Ordinarily, all of the files named in the SSL configuration must exist
464 before SSL connectivity can be used. However, if the ca-cert file does
465 not exist and the --bootstrap option is given, then ovsdb-server will
466 attempt to obtain the CA certificate from the target on its first SSL
467 connection and save it to the named PEM file. If it is successful, it
468 will immediately drop the connection and reconnect, and from then on
469 all SSL connections must be authenticated by a certificate signed by
470 the CA certificate thus obtained.
471 This option exposes the SSL connection to a man-in-the-middle attack
473 obtaining the initial CA certificate, but it may be useful for boot‐
474 strapping.
475 This option is only useful if the SSL peer sends its CA certificate as
477 part of the SSL certificate chain. The SSL protocol does not require
478 the controller to send the CA certificate.
479 Database Commands
481 These commands query and modify the contents of ovsdb tables. They are
482 a slight abstraction of the ovsdb interface and as such they operate at
483 a lower level than other ovs-sbctl commands.
484 Identifying Tables, Records, and Columns
486 Each of these commands has a table parameter to identify a table within
488 the database. Many of them also take a record parameter that identi‐
489 fies a particular record within a table. The record parameter may be
490 the UUID for a record, and many tables offer additional ways to iden‐
491 tify records. Some commands also take column parameters that identify
492 a particular field within the records in a table.
493 For a list of tables and their columns, see ovn-sb(5) or see the table
495 listing from the --help option.
496 Record names must be specified in full and with correct capitalization,
498 except that UUIDs may be abbreviated to their first 4 (or more) hex
499 digits, as long as that is unique within the table. Names of tables
500 and columns are not case-sensitive, and - and _ are treated inter‐
501 changeably. Unique abbreviations of table and column names are accept‐
502 able, e.g. addr or a is sufficient to identify the Address_Set table.
503 Database Values
505 Each column in the database accepts a fixed type of data. The cur‐
507 rently defined basic types, and their representations, are:
508 integer
510 A decimal integer in the range -2**63 to 2**63-1, inclusive.
511 real A floating-point number.
513 Boolean
515 True or false, written true or false, respectively.
516 string An arbitrary Unicode string, except that null bytes are not
518 allowed. Quotes are optional for most strings that begin with
519 an English letter or underscore and consist only of letters,
520 underscores, hyphens, and periods. However, true and false and
521 strings that match the syntax of UUIDs (see below) must be
522 enclosed in double quotes to distinguish them from other basic
523 types. When double quotes are used, the syntax is that of
524 strings in JSON, e.g. backslashes may be used to escape special
525 characters. The empty string must be represented as a pair of
526 double quotes ("").
527 UUID Either a universally unique identifier in the style of RFC 4122,
529 e.g. f81d4fae-7dec-11d0-a765-00a0c91e6bf6, or an @name defined
530 by a get or create command within the same ovn-sbctl invocation.
531 Multiple values in a single column may be separated by spaces or a sin‐
533 gle comma. When multiple values are present, duplicates are not
534 allowed, and order is not important. Conversely, some database columns
535 can have an empty set of values, represented as [], and square brackets
536 may optionally enclose other non-empty sets or single values as well.
537 For a column accepting a set of integers, database commands accept a
538 range. A range is represented by two integers separated by -. A range
539 is inclusive. A range has a maximum size of 4096 elements. If more ele‐
540 ments are needed, they can be specified in seperate ranges.
541 A few database columns are ``maps'' of key-value pairs, where the key
543 and the value are each some fixed database type. These are specified
544 in the form key=value, where key and value follow the syntax for the
545 column's key type and value type, respectively. When multiple pairs
546 are present (separated by spaces or a comma), duplicate keys are not
547 allowed, and again the order is not important. Duplicate values are
548 allowed. An empty map is represented as {}. Curly braces may option‐
549 ally enclose non-empty maps as well (but use quotes to prevent the
550 shell from expanding other-config={0=x,1=y} into other-config=0=x
551 other-config=1=y, which may not have the desired effect).
552 Database Command Syntax
554 [--if-exists] [--columns=column[,column]...] list table [record]...
556 Lists the data in each specified record. If no records are
557 specified, lists all the records in table.
558 If --columns is specified, only the requested columns are
560 listed, in the specified order. Otherwise, all columns are
561 listed, in alphabetical order by column name.
562 Without --if-exists, it is an error if any specified record does
564 not exist. With --if-exists, the command ignores any record
565 that does not exist, without producing any output.
566 [--columns=column[,column]...] find table [column[:key]=value]...
568 Lists the data in each record in table whose column equals value
569 or, if key is specified, whose column contains a key with the
570 specified value. The following operators may be used where = is
571 written in the syntax summary:
572 = != < > <= >=
574 Selects records in which column[:key] equals, does not
575 equal, is less than, is greater than, is less than or
576 equal to, or is greater than or equal to value, respec‐
577 tively.
578 Consider column[:key] and value as sets of elements.
580 Identical sets are considered equal. Otherwise, if the
581 sets have different numbers of elements, then the set
582 with more elements is considered to be larger. Other‐
583 wise, consider a element from each set pairwise, in
584 increasing order within each set. The first pair that
585 differs determines the result. (For a column that con‐
586 tains key-value pairs, first all the keys are compared,
587 and values are considered only if the two sets contain
588 identical keys.)
589 {=} {!=}
591 Test for set equality or inequality, respectively.
592 {<=} Selects records in which column[:key] is a subset of
594 value. For example, flood-vlans{<=}1,2 selects records
595 in which the flood-vlans column is the empty set or con‐
596 tains 1 or 2 or both.
597 {<} Selects records in which column[:key] is a proper subset
599 of value. For example, flood-vlans{<}1,2 selects records
600 in which the flood-vlans column is the empty set or con‐
601 tains 1 or 2 but not both.
602 {>=} {>}
604 Same as {<=} and {<}, respectively, except that the rela‐
605 tionship is reversed. For example, flood-vlans{>=}1,2
606 selects records in which the flood-vlans column contains
607 both 1 and 2.
608 For arithmetic operators (= != < > <= >=), when key is specified
610 but a particular record's column does not contain key, the
611 record is always omitted from the results. Thus, the condition
612 other-config:mtu!=1500 matches records that have a mtu key whose
613 value is not 1500, but not those that lack an mtu key.
614 For the set operators, when key is specified but a particular
616 record's column does not contain key, the comparison is done
617 against an empty set. Thus, the condition other-con‐
618 fig:mtu{!=}1500 matches records that have a mtu key whose value
619 is not 1500 and those that lack an mtu key.
620 Don't forget to escape < or > from interpretation by the shell.
622 If --columns is specified, only the requested columns are
624 listed, in the specified order. Otherwise all columns are
625 listed, in alphabetical order by column name.
626 The UUIDs shown for rows created in the same ovn-sbctl invoca‐
628 tion will be wrong.
629 [--if-exists] [--id=@name] get table record [column[:key]]...
631 Prints the value of each specified column in the given record in
632 table. For map columns, a key may optionally be specified, in
633 which case the value associated with key in the column is
634 printed, instead of the entire map.
635 Without --if-exists, it is an error if record does not exist or
637 key is specified, if key does not exist in record. With
638 --if-exists, a missing record yields no output and a missing key
639 prints a blank line.
640 If @name is specified, then the UUID for record may be referred
642 to by that name later in the same ovn-sbctl invocation in con‐
643 texts where a UUID is expected.
644 Both --id and the column arguments are optional, but usually at
646 least one or the other should be specified. If both are omit‐
647 ted, then get has no effect except to verify that record exists
648 in table.
649 --id and --if-exists cannot be used together.
651 [--if-exists] set table record column[:key]=value...
653 Sets the value of each specified column in the given record in
654 table to value. For map columns, a key may optionally be speci‐
655 fied, in which case the value associated with key in that column
656 is changed (or added, if none exists), instead of the entire
657 map.
658 Without --if-exists, it is an error if record does not exist.
660 With --if-exists, this command does nothing if record does not
661 exist.
662 [--if-exists] add table record column [key=]value...
664 Adds the specified value or key-value pair to column in record
665 in table. If column is a map, then key is required, otherwise
666 it is prohibited. If key already exists in a map column, then
667 the current value is not replaced (use the set command to
668 replace an existing value).
669 Without --if-exists, it is an error if record does not exist.
671 With --if-exists, this command does nothing if record does not
672 exist.
673 [--if-exists] remove table record column value...
675 [--if-exists] remove table record column key...
676 [--if-exists] remove table record column key=value...
677 Removes the specified values or key-value pairs from column in
678 record in table. The first form applies to columns that are not
679 maps: each specified value is removed from the column. The sec‐
680 ond and third forms apply to map columns: if only a key is spec‐
681 ified, then any key-value pair with the given key is removed,
682 regardless of its value; if a value is given then a pair is
683 removed only if both key and value match.
684 It is not an error if the column does not contain the specified
686 key or value or pair.
687 Without --if-exists, it is an error if record does not exist.
689 With --if-exists, this command does nothing if record does not
690 exist.
691 [--if-exists] clear table record column...
693 Sets each column in record in table to the empty set or empty
694 map, as appropriate. This command applies only to columns that
695 are allowed to be empty.
696 Without --if-exists, it is an error if record does not exist.
698 With --if-exists, this command does nothing if record does not
699 exist.
700 [--id=@name] create table column[:key]=value...
702 Creates a new record in table and sets the initial values of
703 each column. Columns not explicitly set will receive their
704 default values. Outputs the UUID of the new row.
705 If @name is specified, then the UUID for the new row may be
707 referred to by that name elsewhere in the same ovn-sbctl invoca‐
708 tion in contexts where a UUID is expected. Such references may
709 precede or follow the create command.
710 Caution (ovs-vsctl as example)
712 Records in the Open vSwitch database are significant only
713 when they can be reached directly or indirectly from the
714 Open_vSwitch table. Except for records in the QoS or
715 Queue tables, records that are not reachable from the
716 Open_vSwitch table are automatically deleted from the
717 database. This deletion happens immediately, without
718 waiting for additional ovs-vsctl commands or other data‐
719 base activity. Thus, a create command must generally be
720 accompanied by additional commands within the same
721 ovs-vsctl invocation to add a chain of references to the
722 newly created record from the top-level Open_vSwitch
723 record. The EXAMPLES section gives some examples that
724 show how to do this.
725 [--if-exists] destroy table record...
727 Deletes each specified record from table. Unless --if-exists is
728 specified, each records must exist.
729 --all destroy table
731 Deletes all records from the table.
732 Caution (ovs-vsctl as example)
734 The destroy command is only useful for records in the QoS
735 or Queue tables. Records in other tables are automati‐
736 cally deleted from the database when they become unreach‐
737 able from the Open_vSwitch table. This means that delet‐
738 ing the last reference to a record is sufficient for
739 deleting the record itself. For records in these tables,
740 destroy is silently ignored. See the EXAMPLES section
741 below for more information.
742 wait-until table record [column[:key]=value]...
744 Waits until table contains a record named record whose column
745 equals value or, if key is specified, whose column contains a
746 key with the specified value. Any of the operators !=, <, >,
747 <=, or >= may be substituted for = to test for inequality, less
748 than, greater than, less than or equal to, or greater than or
749 equal to, respectively. (Don't forget to escape < or > from
750 interpretation by the shell.)
751 If no column[:key]=value arguments are given, this command waits
753 only until record exists. If more than one such argument is
754 given, the command waits until all of them are satisfied.
755 Caution (ovs-vsctl as example)
757 Usually wait-until should be placed at the beginning of a
758 set of ovs-vsctl commands. For example, wait-until
759 bridge br0 -- get bridge br0 datapath_id waits until a
760 bridge named br0 is created, then prints its datapath_id
761 column, whereas get bridge br0 datapath_id -- wait-until
762 bridge br0 will abort if no bridge named br0 exists when
763 ovs-vsctl initially connects to the database.
764 Consider specifying --timeout=0 along with --wait-until, to pre‐
766 vent ovn-sbctl from terminating after waiting only at most 5
767 seconds.
768 comment [arg]...
770 This command has no effect on behavior, but any database log
771 record created by the command will include the command and its
772 arguments.
773
775 0 Successful program execution.
776 1 Usage, syntax, or configuration file error.
778
780 ovn-sb(5).
781Open vSwitch 2.12.0 ovn-sbctl(8)