1ovsdb-server(1) Open vSwitch Manual ovsdb-server(1)
2
6 ovsdb-server - Open vSwitch database server
7
9 ovsdb-server [database]... [--remote=remote]... [--run=command]
10 Daemon options:
12 [--pidfile[=pidfile]] [--overwrite-pidfile] [--detach]
13 [--no-chdir] [--no-self-confinement]
14 Service options:
16 [--service] [--service-monitor]
17 Logging options:
19 [-v[module[:destination[:level]]]]...
20 [--verbose[=module[:destination[:level]]]]...
21 [--log-file[=file]]
22 Active-backup options:
24 [--sync-from=server] [--sync-exclude-tables=db:table[,db:ta‐
25 ble]...] [--active]
26 Public key infrastructure options:
28 [--private-key=privkey.pem]
29 [--certificate=cert.pem]
30 [--ca-cert=cacert.pem]
31 [--bootstrap-ca-cert=cacert.pem]
32 [--peer-ca-cert=peer-cacert.pem]
33 SSL connection options:
35 [--ssl-protocols=protocols]
36 [--ssl-ciphers=ciphers]
37 Runtime management options:
39 --unixctl=socket
40 Common options:
42 [-h | --help] [-V | --version]
43
46 The ovsdb-server program provides RPC interfaces to one or more Open
47 vSwitch databases (OVSDBs). It supports JSON-RPC client connections
48 over active or passive TCP/IP or Unix domain sockets. For an introduc‐
49 tion to OVSDB and its implementation in Open vSwitch, see ovsdb(7).
50 Each OVSDB file may be specified on the command line as database. If
52 none is specified, the default is /etc/openvswitch/conf.db. The data‐
53 base files must already have been created and initialized using, for
54 example, ovsdb-tool's create, create-cluster, or join-cluster command.
55 This OVSDB implementation supports standalone, active-backup, and clus‐
57 tered database service models, as well as database replication. See
58 the Service Models section of ovsdb(7) for more information.
59 For clustered databases, when the --detach option is used, ovsdb-server
61 detaches without waiting for the server to successfully join a cluster
62 (if the database file is freshly created with ovsdb-tool join-cluster)
63 or connect to a cluster that it has already joined. Use ovsdb-client
64 wait (see ovsdb-client(1)) to wait until the server has successfully
65 joined and connected to a cluster.
66 In addition to user-specified databases, ovsdb-server version 2.9 and
68 later also always hosts a built-in database named _Server. Please see
69 ovsdb-server(5) for documentation on this database's schema.
70
72 --remote=remote
73 Adds remote as a connection method used by ovsdb-server. The
74 remote may be an OVSDB active or passive connection method, e.g.
75 pssl:6640, as described in ovsdb(7). The following additional
76 form is also supported:
77 db:db,table,column
79 Reads additional connection methods from column in all of
80 the rows in table within db. As the contents of column
81 changes, ovsdb-server also adds and drops connection
82 methods accordingly.
83 If column's type is string or set of strings, then the
85 connection methods are taken directly from the column.
86 The connection methods in the column must have one of the
87 forms described above.
88 If column's type is UUID or set of UUIDs and references a
90 table, then each UUID is looked up in the referenced ta‐
91 ble to obtain a row. The following columns in the row,
92 if present and of the correct type, configure a connec‐
93 tion method. Any additional columns are ignored.
94 target (string)
96 Connection method, in one of the forms described
97 above. This column is mandatory: if it is missing
98 or empty then no connection method can be config‐
99 ured.
100 max_backoff (integer)
102 Maximum number of milliseconds to wait between
103 connection attempts.
104 inactivity_probe (integer)
106 Maximum number of milliseconds of idle time on
107 connection to client before sending an inactivity
108 probe message.
109 read_only (boolean)
111 If true, only read-only transactions are allowed
112 on this connection.
113 It is an error for column to have another type.
115 To connect or listen on multiple connection methods, use multi‐
117 ple --remote options.
118 --run=command]
120 Ordinarily ovsdb-server runs forever, or until it is told to
121 exit (see RUNTIME MANAGEMENT COMMANDS below). With this option,
122 ovsdb-server instead starts a shell subprocess running command.
123 When the subprocess terminates, ovsdb-server also exits grace‐
124 fully. If the subprocess exits normally with exit code 0, then
125 ovsdb-server exits with exit code 0 also; otherwise, it exits
126 with exit code 1.
127 This option can be useful where a database server is needed only
129 to run a single command, e.g.: ovsdb-server
130 --remote=punix:socket --run='ovsdb-client dump unix:socket
131 Open_vSwitch'
132 This option is not supported on Windows platform.
134 Daemon Options
136 The following options are valid on POSIX based platforms.
137 --pidfile[=pidfile]
139 Causes a file (by default, ovsdb-server.pid) to be created indi‐
140 cating the PID of the running process. If the pidfile argument
141 is not specified, or if it does not begin with /, then it is
142 created in /var/run/openvswitch.
143 If --pidfile is not specified, no pidfile is created.
145 --overwrite-pidfile
147 By default, when --pidfile is specified and the specified pid‐
148 file already exists and is locked by a running process,
149 ovsdb-server refuses to start. Specify --overwrite-pidfile to
150 cause it to instead overwrite the pidfile.
151 When --pidfile is not specified, this option has no effect.
153 --detach
155 Runs ovsdb-server as a background process. The process forks,
156 and in the child it starts a new session, closes the standard
157 file descriptors (which has the side effect of disabling logging
158 to the console), and changes its current directory to the root
159 (unless --no-chdir is specified). After the child completes its
160 initialization, the parent exits. ovsdb-server detaches only
161 after it starts listening on all configured remotes. At this
162 point, all standalone and active-backup databases are ready for
163 use. Clustered databases only become ready for use after they
164 finish joining their clusters (which could have already happened
165 in previous runs of ovsdb-server).
166 --monitor
168 Creates an additional process to monitor the ovsdb-server dae‐
169 mon. If the daemon dies due to a signal that indicates a pro‐
170 gramming error (SIGABRT, SIGALRM, SIGBUS, SIGFPE, SIGILL, SIG‐
171 PIPE, SIGSEGV, SIGXCPU, or SIGXFSZ) then the monitor process
172 starts a new copy of it. If the daemon dies or exits for
173 another reason, the monitor process exits.
174 This option is normally used with --detach, but it also func‐
176 tions without it.
177 --no-chdir
179 By default, when --detach is specified, ovsdb-server changes its
180 current working directory to the root directory after it
181 detaches. Otherwise, invoking ovsdb-server from a carelessly
182 chosen directory would prevent the administrator from unmounting
183 the file system that holds that directory.
184 Specifying --no-chdir suppresses this behavior, preventing
186 ovsdb-server from changing its current working directory. This
187 may be useful for collecting core files, since it is common
188 behavior to write core dumps into the current working directory
189 and the root directory is not a good directory to use.
190 This option has no effect when --detach is not specified.
192 --no-self-confinement
194 By default daemon will try to self-confine itself to work with
195 files under well-know, at build-time whitelisted directories.
196 It is better to stick with this default behavior and not to use
197 this flag unless some other Access Control is used to confine
198 daemon. Note that in contrast to other access control implemen‐
199 tations that are typically enforced from kernel-space (e.g. DAC
200 or MAC), self-confinement is imposed from the user-space daemon
201 itself and hence should not be considered as a full confinement
202 strategy, but instead should be viewed as an additional layer of
203 security.
204 --user Causes ovsdb-server to run as a different user specified in
206 "user:group", thus dropping most of the root privileges. Short
207 forms "user" and ":group" are also allowed, with current user or
208 group are assumed respectively. Only daemons started by the root
209 user accepts this argument.
210 On Linux, daemons will be granted CAP_IPC_LOCK and
212 CAP_NET_BIND_SERVICES before dropping root privileges. Daemons
213 that interact with a datapath, such as ovs-vswitchd, will be
214 granted three additional capabilities, namely CAP_NET_ADMIN,
215 CAP_NET_BROADCAST and CAP_NET_RAW. The capability change will
216 apply even if the new user is root.
217 On Windows, this option is not currently supported. For security
219 reasons, specifying this option will cause the daemon process
220 not to start.
221 Service Options
223 The following options are valid only on Windows platform.
224 --service
226 Causes ovsdb-server to run as a service in the background. The
227 service should already have been created through external tools
228 like SC.exe.
229 --service-monitor
231 Causes the ovsdb-server service to be automatically restarted by
232 the Windows services manager if the service dies or exits for
233 unexpected reasons.
234 When --service is not specified, this option has no effect.
236 Logging Options
238 -v[spec]
239 --verbose=[spec]
240 Sets logging levels. Without any spec, sets the log level for
241 every module and destination to dbg. Otherwise, spec is a list
242 of words separated by spaces or commas or colons, up to one from
243 each category below:
244 · A valid module name, as displayed by the vlog/list com‐
246 mand on ovs-appctl(8), limits the log level change to the
247 specified module.
248 · syslog, console, or file, to limit the log level change
250 to only to the system log, to the console, or to a file,
251 respectively. (If --detach is specified, ovsdb-server
252 closes its standard file descriptors, so logging to the
253 console will have no effect.)
254 On Windows platform, syslog is accepted as a word and is
256 only useful along with the --syslog-target option (the
257 word has no effect otherwise).
258 · off, emer, err, warn, info, or dbg, to control the log
260 level. Messages of the given severity or higher will be
261 logged, and messages of lower severity will be filtered
262 out. off filters out all messages. See ovs-appctl(8)
263 for a definition of each log level.
264 Case is not significant within spec.
266 Regardless of the log levels set for file, logging to a file
268 will not take place unless --log-file is also specified (see
269 below).
270 For compatibility with older versions of OVS, any is accepted as
272 a word but has no effect.
273 -v
275 --verbose
276 Sets the maximum logging verbosity level, equivalent to --ver‐
277 bose=dbg.
278 -vPATTERN:destination:pattern
280 --verbose=PATTERN:destination:pattern
281 Sets the log pattern for destination to pattern. Refer to
282 ovs-appctl(8) for a description of the valid syntax for pattern.
283 -vFACILITY:facility
285 --verbose=FACILITY:facility
286 Sets the RFC5424 facility of the log message. facility can be
287 one of kern, user, mail, daemon, auth, syslog, lpr, news, uucp,
288 clock, ftp, ntp, audit, alert, clock2, local0, local1, local2,
289 local3, local4, local5, local6 or local7. If this option is not
290 specified, daemon is used as the default for the local system
291 syslog and local0 is used while sending a message to the target
292 provided via the --syslog-target option.
293 --log-file[=file]
295 Enables logging to a file. If file is specified, then it is
296 used as the exact name for the log file. The default log file
297 name used if file is omitted is /var/log/open‐
298 vswitch/ovsdb-server.log.
299 --syslog-target=host:port
301 Send syslog messages to UDP port on host, in addition to the
302 system syslog. The host must be a numerical IP address, not a
303 hostname.
304 --syslog-method=method
306 Specify method how syslog messages should be sent to syslog dae‐
307 mon. Following forms are supported:
308 · libc, use libc syslog() function. Downside of using this
310 options is that libc adds fixed prefix to every message
311 before it is actually sent to the syslog daemon over
312 /dev/log UNIX domain socket.
313 · unix:file, use UNIX domain socket directly. It is possi‐
315 ble to specify arbitrary message format with this option.
316 However, rsyslogd 8.9 and older versions use hard coded
317 parser function anyway that limits UNIX domain socket
318 use. If you want to use arbitrary message format with
319 older rsyslogd versions, then use UDP socket to localhost
320 IP address instead.
321 · udp:ip:port, use UDP socket. With this method it is pos‐
323 sible to use arbitrary message format also with older
324 rsyslogd. When sending syslog messages over UDP socket
325 extra precaution needs to be taken into account, for
326 example, syslog daemon needs to be configured to listen
327 on the specified UDP port, accidental iptables rules
328 could be interfering with local syslog traffic and there
329 are some security considerations that apply to UDP sock‐
330 ets, but do not apply to UNIX domain sockets.
331 · null, discards all messages logged to syslog.
333 The default is taken from the OVS_SYSLOG_METHOD environment
335 variable; if it is unset, the default is libc.
336 Active-Backup Options
338 These options support the ovsdb-server active-backup service model and
339 database replication. These options apply only to databases in the
340 format used for standalone and active-backup databases, which is the
341 database format created by ovsdb-tool create. By default, when it
342 serves a database in this format, ovsdb-server runs as a standalone
343 server. These options can configure it for active-backup use:
344 · Use --sync-from=server to start the server in the backup role,
346 replicating data from server. When ovsdb-server is running as a
347 backup server, it rejects all transactions that can modify the
348 database content, including lock commands. The same form can be
349 used to configure the local database as a replica of server.
350 · Use --sync-from=server --active to start the server in the
352 active role, but prepared to switch to the backup role in which
353 it would replicate data from server. When ovsdb-server runs in
354 active mode, it allows all transactions, including those that
355 modify the database.
356 At runtime, management commands can change a server's role and other‐
358 wise manage active-backup features. See Active-Backup Commands, below,
359 for more information.
360 --sync-from=server
362 Sets up ovsdb-server to synchronize its databases with the data‐
363 bases in server, which must be an active connection method in
364 one of the forms documented in ovsdb-client(1). Every transac‐
365 tion committed by server will be replicated to ovsdb-server.
366 This option makes ovsdb-server start as a backup server; add
367 --active to make it start as an active server.
368 --sync-exclude-tables=db:table[,db:table]...
370 Causes the specified tables to be excluded from replication.
371 --active
373 By default, --sync-from makes ovsdb-server start up as a backup
374 for server. With --active, however, ovsdb-server starts as an
375 active server. Use this option to allow the syncing options to
376 be specified using command line options, yet start the server,
377 as the default, active server. To switch the running server to
378 backup mode, use ovs-appctl(1) to execute the ovsdb-server/con‐
379 nect-active-ovsdb-server command.
380 Public Key Infrastructure Options
382 The options described below for configuring the SSL public key infra‐
383 structure accept a special syntax for obtaining their configuration
384 from the database. If any of these options is given db:db,table,column
385 as its argument, then the actual file name is read from the specified
386 column in table within the db database. The column must have type
387 string or set of strings. The first nonempty string in the table is
388 taken as the file name. (This means that ordinarily there should be at
389 most one row in table.)
390 -p privkey.pem
392 --private-key=privkey.pem
393 Specifies a PEM file containing the private key used as
394 ovsdb-server's identity for outgoing SSL connections.
395 -c cert.pem
397 --certificate=cert.pem
398 Specifies a PEM file containing a certificate that certifies the
399 private key specified on -p or --private-key to be trustworthy.
400 The certificate must be signed by the certificate authority (CA)
401 that the peer in SSL connections will use to verify it.
402 -C cacert.pem
404 --ca-cert=cacert.pem
405 Specifies a PEM file containing the CA certificate that
406 ovsdb-server should use to verify certificates presented to it
407 by SSL peers. (This may be the same certificate that SSL peers
408 use to verify the certificate specified on -c or --certificate,
409 or it may be a different one, depending on the PKI design in
410 use.)
411 -C none
413 --ca-cert=none
414 Disables verification of certificates presented by SSL peers.
415 This introduces a security risk, because it means that certifi‐
416 cates cannot be verified to be those of known trusted hosts.
417 --bootstrap-ca-cert=cacert.pem
419 When cacert.pem exists, this option has the same effect as -C or
420 --ca-cert. If it does not exist, then ovsdb-server will attempt
421 to obtain the CA certificate from the SSL peer on its first SSL
422 connection and save it to the named PEM file. If it is success‐
423 ful, it will immediately drop the connection and reconnect, and
424 from then on all SSL connections must be authenticated by a cer‐
425 tificate signed by the CA certificate thus obtained.
426 This option exposes the SSL connection to a man-in-the-middle
428 attack obtaining the initial CA certificate, but it may be use‐
429 ful for bootstrapping.
430 This option is only useful if the SSL peer sends its CA certifi‐
432 cate as part of the SSL certificate chain. The SSL protocol
433 does not require the server to send the CA certificate.
434 This option is mutually exclusive with -C and --ca-cert.
436 --peer-ca-cert=peer-cacert.pem
438 Specifies a PEM file that contains one or more additional cer‐
439 tificates to send to SSL peers. peer-cacert.pem should be the
440 CA certificate used to sign ovsdb-server's own certificate, that
441 is, the certificate specified on -c or --certificate. If
442 ovsdb-server's certificate is self-signed, then --certificate
443 and --peer-ca-cert should specify the same file.
444 This option is not useful in normal operation, because the SSL
446 peer must already have the CA certificate for the peer to have
447 any confidence in ovsdb-server's identity. However, this offers
448 a way for a new installation to bootstrap the CA certificate on
449 its first SSL connection.
450 SSL Connection Options
452 --ssl-protocols=protocols
453 Specifies, in a comma- or space-delimited list, the SSL proto‐
454 cols ovsdb-server will enable for SSL connections. Supported
455 protocols include TLSv1, TLSv1.1, and TLSv1.2. Regardless of
456 order, the highest protocol supported by both sides will be cho‐
457 sen when making the connection. The default when this option is
458 omitted is TLSv1,TLSv1.1,TLSv1.2.
459 --ssl-ciphers=ciphers
461 Specifies, in OpenSSL cipher string format, the ciphers
462 ovsdb-server will support for SSL connections. The default when
463 this option is omitted is HIGH:!aNULL:!MD5.
464 Other Options
466 --unixctl=socket
467 Sets the name of the control socket on which ovsdb-server lis‐
468 tens for runtime management commands (see RUNTIME MANAGEMENT
469 COMMANDS, below). If socket does not begin with /, it is inter‐
470 preted as relative to /var/run/openvswitch. If --unixctl is not
471 used at all, the default socket is /var/run/open‐
472 vswitch/ovsdb-server.pid.ctl, where pid is ovsdb-server's
473 process ID.
474 On Windows a local named pipe is used to listen for runtime man‐
476 agement commands. A file is created in the absolute path as
477 pointed by socket or if --unixctl is not used at all, a file is
478 created as ovsdb-server.ctl in the configured OVS_RUNDIR direc‐
479 tory. The file exists just to mimic the behavior of a Unix
480 domain socket.
481 Specifying none for socket disables the control socket feature.
483 -h
485 --help Prints a brief help message to the console.
486 -V
488 --version
489 Prints version information to the console.
490
492 ovs-appctl(8) can send commands to a running ovsdb-server process. The
493 currently supported commands are described below.
494 ovsdb-server Commands
496 These commands are specific to ovsdb-server.
497 exit Causes ovsdb-server to gracefully terminate.
499 ovsdb-server/compact [db]
501 Compacts database db in-place. If db is not specified, compacts
502 every database in-place. A database is also compacted automati‐
503 cally when a transaction is logged if it is over 2 times as
504 large as its previous compacted size (and at least 10 MB), but
505 not before 100 commits have been added or 10 minutes have
506 elapsed since the last compaction. It will also be compacted
507 automatically after 24 hours since the last compaction if 100
508 commits were added regardless of its size.
509 ovsdb-server/reconnect
511 Makes ovsdb-server drop all of the JSON-RPC connections to data‐
512 base clients and reconnect.
513 This command might be useful for debugging issues with database
515 clients.
516 ovsdb-server/add-remote remote
518 Adds a remote, as if --remote=remote had been specified on the
519 ovsdb-server command line. (If remote is already a remote, this
520 command succeeds without changing the configuration.)
521 ovsdb-server/remove-remote remote
523 Removes the specified remote from the configuration, failing
524 with an error if remote is not configured as a remote. This
525 command only works with remotes that were named on --remote or
526 ovsdb-server/add-remote, that is, it will not remove remotes
527 added indirectly because they were read from the database by
528 configuring a db:db,table,column remote. (You can remove a
529 database source with ovsdb-server/remove-remote db:db,table,col‐
530 umn, but not individual remotes found indirectly through the
531 database.)
532 ovsdb-server/list-remotes
534 Outputs a list of the currently configured remotes named on
535 --remote or ovsdb-server/add-remote, that is, it does not list
536 remotes added indirectly because they were read from the data‐
537 base by configuring a db:db,table,column remote.
538 ovsdb-server/add-db database
540 Adds the database to the running ovsdb-server. The database
541 file must already have been created and initialized using, for
542 example, ovsdb-tool create.
543 ovsdb-server/remove-db database
545 Removes database from the running ovsdb-server. database must
546 be a database name as listed by ovsdb-server/list-dbs.
547 If a remote has been configured that points to the specified
549 database (e.g. --remote=db:database,... on the command line),
550 then it will be disabled until another database with the same
551 name is added again (with ovsdb-server/add-db).
552 Any public key infrastructure options specified through this
554 database (e.g. --private-key=db:database,... on the command
555 line) will be disabled until another database with the same name
556 is added again (with ovsdb-server/add-db).
557 ovsdb-server/list-dbs
559 Outputs a list of the currently configured databases added
560 either through the command line or through the
561 ovsdb-server/add-db command.
562 Active-Backup Commands
564 These commands query and update the role of ovsdb-server within an
565 active-backup pair of servers. See Active-Backup Options, above, and
566 Active-Backup Database Service Model in ovsdb(7) for more information.
567 ovsdb-server/set-active-ovsdb-server server
569 Sets the active server from which ovsdb-server connects through
570 ovsdb-server/connect-active-ovsdb-server. This overrides the
571 --sync-from command-line option.
572 ovsdb-server/get-active-ovsdb-server
574 Gets the active server from which ovsdb-server is currently syn‐
575 chronizing its databases.
576 ovsdb-server/connect-active-ovsdb-server
578 Switches the server to a backup role. The server starts syn‐
579 chronizing its databases with the active server specified by
580 ovsdb-server/set-active-ovsdb-server (or the --sync-from com‐
581 mand-line option) and closes all existing client connections,
582 which requires clients to reconnect.
583 ovsdb-server/disconnect-active-ovsdb-server
585 Switches the server to an active role. The server stops syn‐
586 chronizing its databases with an active server and closes all
587 existing client connections, which requires clients to recon‐
588 nect.
589 ovsdb-server/set-sync-exclude-tables db:table[,db:table]...
591 Sets the table within db that will be excluded from synchroniza‐
592 tion. This overrides the --sync-exclude-tables command-line
593 option.
594 ovsdb-server/get-sync-exclude-tables
596 Gets the tables that are currently excluded from synchroniza‐
597 tion.
598 ovsdb-server/sync-status
600 Prints a summary of replication run time information. The state
601 information is always provided, indicating whether the server is
602 running in the active or the backup mode. When running in
603 backup mode, replication connection status, which can be either
604 connecting, replicating or error, are shown. When the connec‐
605 tion is in replicating state, further output shows the list of
606 databases currently replicating, and the tables that are
607 excluded.
608 Cluster Commands
610 These commands support the ovsdb-server clustered service model. They
611 apply only to databases in the format used for clustered databases,
612 which is the database format created by ovsdb-tool create-cluster and
613 ovsdb-tool join-cluster.
614 cluster/cid db
616 Prints the cluster ID for db, which is a UUID that identifies
617 the cluster. If db is a database newly created by ovsdb-tool
618 cluster-join that has not yet successfully joined its cluster,
619 and --cid was not specified on the cluster-join command line,
620 then this command will report an error because the cluster ID is
621 not yet known.
622 cluster/sid db
624 Prints the server ID for db, which is a UUID that identifies
625 this server within the cluster.
626 cluster/status db
628 Prints this server's status within the cluster and the status of
629 its connections to other servers in the cluster.
630 cluster/leave db
632 This command starts the server gracefully removing itself from
633 its cluster. At least one server must remain, and the cluster
634 must be healthy, that is, over half of the cluster's servers
635 must be up.
636 When the server successfully leaves the cluster, it stops serv‐
638 ing db, as if ovsdb-server/remove-db db had been executed.
639 Use ovsdb-client wait (see ovsdb-client(1)) to wait until the
641 server has left the cluster.
642 Once a server leaves a cluster, it may never rejoin it.
644 Instead, create a new server and join it to the cluster.
645 cluster/kick db server
647 Start graceful removal of server from db's cluster, like clus‐
648 ter/leave (without --force) except that it can remove any
649 server, not just this one.
650 server may be a server ID, as printed by cluster/sid, or the
652 server's local network address as passed to ovsdb-tool's cre‐
653 ate-cluster or join-cluster command. Use cluster/status to see
654 a list of cluster members.
655 cluster/change-election-timer db time
657 Change the leader election timeout base value of the cluster, in
658 milliseconds.
659 Leader election will be initiated by a follower if there is no
661 heartbeat received from the leader within this time plus a ran‐
662 dom time within 1 second.
663 The default value is 1000, if not changed with this command.
665 This command can be used to adjust the value when necessary,
666 according to the expected load and response time of the servers.
667 This command must be executed on the leader. It initiates the
669 change to the cluster. To see if the change takes effect (com‐
670 mitted), use cluster/status to show the current setting. Once a
671 change is committed, it persists at server restarts.
672 VLOG COMMANDS
674 These commands manage ovsdb-server's logging settings.
675 vlog/set [spec]
677 Sets logging levels. Without any spec, sets the log level for
678 every module and destination to dbg. Otherwise, spec is a list
679 of words separated by spaces or commas or colons, up to one from
680 each category below:
681 · A valid module name, as displayed by the vlog/list com‐
683 mand on ovs-appctl(8), limits the log level change to the
684 specified module.
685 · syslog, console, or file, to limit the log level change
687 to only to the system log, to the console, or to a file,
688 respectively.
689 On Windows platform, syslog is accepted as a word and is
691 only useful along with the --syslog-target option (the
692 word has no effect otherwise).
693 · off, emer, err, warn, info, or dbg, to control the log
695 level. Messages of the given severity or higher will be
696 logged, and messages of lower severity will be filtered
697 out. off filters out all messages. See ovs-appctl(8)
698 for a definition of each log level.
699 Case is not significant within spec.
701 Regardless of the log levels set for file, logging to a file
703 will not take place unless ovsdb-server was invoked with the
704 --log-file option.
705 For compatibility with older versions of OVS, any is accepted as
707 a word but has no effect.
708 vlog/set PATTERN:destination:pattern
710 Sets the log pattern for destination to pattern. Refer to
711 ovs-appctl(8) for a description of the valid syntax for pattern.
712 vlog/list
714 Lists the supported logging modules and their current levels.
715 vlog/list-pattern
717 Lists logging patterns used for each destination.
718 vlog/close
720 Causes ovsdb-server to close its log file, if it is open. (Use
721 vlog/reopen to reopen it later.)
722 vlog/reopen
724 Causes ovsdb-server to close its log file, if it is open, and
725 then reopen it. (This is useful after rotating log files, to
726 cause a new log file to be used.)
727 This has no effect unless ovsdb-server was invoked with the
729 --log-file option.
730 vlog/disable-rate-limit [module]...
732 vlog/enable-rate-limit [module]...
733 By default, ovsdb-server limits the rate at which certain mes‐
734 sages can be logged. When a message would appear more fre‐
735 quently than the limit, it is suppressed. This saves disk
736 space, makes logs easier to read, and speeds up execution, but
737 occasionally troubleshooting requires more detail. Therefore,
738 vlog/disable-rate-limit allows rate limits to be disabled at the
739 level of an individual log module. Specify one or more module
740 names, as displayed by the vlog/list command. Specifying either
741 no module names at all or the keyword any disables rate limits
742 for every log module.
743 The vlog/enable-rate-limit command, whose syntax is the same as
745 vlog/disable-rate-limit, can be used to re-enable a rate limit
746 that was previously disabled.
747 MEMORY COMMANDS
749 These commands report memory usage.
750 memory/show
752 Displays some basic statistics about ovsdb-server's memory
753 usage. ovsdb-server also logs this information soon after
754 startup and periodically as its memory consumption grows.
755 COVERAGE COMMANDS
757 These commands manage ovsdb-server's ``coverage counters,'' which count
758 the number of times particular events occur during a daemon's runtime.
759 In addition to these commands, ovsdb-server automatically logs coverage
760 counter values, at INFO level, when it detects that the daemon's main
761 loop takes unusually long to run.
762 Coverage counters are useful mainly for performance analysis and debug‐
764 ging.
765 coverage/show
767 Displays the averaged per-second rates for the last few seconds,
768 the last minute and the last hour, and the total counts of all
769 of the coverage counters.
770 coverage/read-counter counter
772 Displays the total count for the given coverage counter.
773
775 In Open vSwitch before version 2.4, when ovsdb-server sent JSON-RPC
776 error responses to some requests, it incorrectly formulated them with
777 the result and error swapped, so that the response appeared to indicate
778 success (with a nonsensical result) rather than an error. The requests
779 that suffered from this problem were:
780 transact
782 get_schema
783 Only if the request names a nonexistent database.
784 monitor
786 lock
787 unlock In all error cases.
788 Of these cases, the only error that a well-written application is
790 likely to encounter in practice is monitor of tables or columns that do
791 not exist, in an situation where the application has been upgraded but
792 the old database schema is still temporarily in use. To handle this
793 situation gracefully, we recommend that clients should treat a monitor
794 response with a result that contains an error key-value pair as an
795 error (assuming that the database being monitored does not contain a
796 table named error).
797
799 ovsdb(7), ovsdb-tool(1), ovsdb-server(5), ovsdb-server(7).
800Open vSwitch 2.12.0 ovsdb-server(1)