1ovsdb-server(1) Open vSwitch Manual ovsdb-server(1)
2
6 ovsdb-server - Open vSwitch database server
7
9 ovsdb-server [database]... [--remote=remote]... [--run=command]
10 Daemon options:
12 [--pidfile[=pidfile]] [--overwrite-pidfile] [--detach]
13 [--no-chdir] [--no-self-confinement]
14 Service options:
16 [--service] [--service-monitor]
17 Logging options:
19 [-v[module[:destination[:level]]]]...
20 [--verbose[=module[:destination[:level]]]]...
21 [--log-file[=file]]
22 Active-backup options:
24 [--sync-from=server] [--sync-exclude-tables=db:table[,db:ta‐
25 ble]...] [--active]
26 Public key infrastructure options:
28 [--private-key=privkey.pem]
29 [--certificate=cert.pem]
30 [--ca-cert=cacert.pem]
31 [--bootstrap-ca-cert=cacert.pem]
32 [--peer-ca-cert=peer-cacert.pem]
33 SSL connection options:
35 [--ssl-protocols=protocols]
36 [--ssl-ciphers=ciphers]
37 Runtime management options:
39 --unixctl=socket
40 Common options:
42 [-h | --help] [-V | --version]
43
46 The ovsdb-server program provides RPC interfaces to one or more Open
47 vSwitch databases (OVSDBs). It supports JSON-RPC client connections
48 over active or passive TCP/IP or Unix domain sockets. For an introduc‐
49 tion to OVSDB and its implementation in Open vSwitch, see ovsdb(7).
50 Each OVSDB file may be specified on the command line as database. If
52 none is specified, the default is /etc/openvswitch/conf.db. The data‐
53 base files must already have been created and initialized using, for
54 example, ovsdb-tool's create, create-cluster, or join-cluster command.
55 This OVSDB implementation supports standalone, active-backup, and clus‐
57 tered database service models, as well as database replication. See
58 the Service Models section of ovsdb(7) for more information.
59 For clustered databases, when the --detach option is used, ovsdb-server
61 detaches without waiting for the server to successfully join a cluster
62 (if the database file is freshly created with ovsdb-tool join-cluster)
63 or connect to a cluster that it has already joined. Use ovsdb-client
64 wait (see ovsdb-client(1)) to wait until the server has successfully
65 joined and connected to a cluster.
66 In addition to user-specified databases, ovsdb-server version 2.9 and
68 later also always hosts a built-in database named _Server. Please see
69 ovsdb-server(5) for documentation on this database's schema.
70
72 --remote=remote
73 Adds remote as a connection method used by ovsdb-server. The
74 remote may be an OVSDB active or passive connection method, e.g.
75 pssl:6640, as described in ovsdb(7). The following additional
76 form is also supported:
77 db:db,table,column
79 Reads additional connection methods from column in all of
80 the rows in table within db. As the contents of column
81 changes, ovsdb-server also adds and drops connection
82 methods accordingly.
83 If column's type is string or set of strings, then the
85 connection methods are taken directly from the column.
86 The connection methods in the column must have one of the
87 forms described above.
88 If column's type is UUID or set of UUIDs and references a
90 table, then each UUID is looked up in the referenced ta‐
91 ble to obtain a row. The following columns in the row,
92 if present and of the correct type, configure a connec‐
93 tion method. Any additional columns are ignored.
94 target (string)
96 Connection method, in one of the forms described
97 above. This column is mandatory: if it is missing
98 or empty then no connection method can be config‐
99 ured.
100 max_backoff (integer)
102 Maximum number of milliseconds to wait between
103 connection attempts.
104 inactivity_probe (integer)
106 Maximum number of milliseconds of idle time on
107 connection to client before sending an inactivity
108 probe message.
109 read_only (boolean)
111 If true, only read-only transactions are allowed
112 on this connection.
113 It is an error for column to have another type.
115 To connect or listen on multiple connection methods, use multi‐
117 ple --remote options.
118 --run=command]
120 Ordinarily ovsdb-server runs forever, or until it is told to
121 exit (see RUNTIME MANAGEMENT COMMANDS below). With this option,
122 ovsdb-server instead starts a shell subprocess running command.
123 When the subprocess terminates, ovsdb-server also exits grace‐
124 fully. If the subprocess exits normally with exit code 0, then
125 ovsdb-server exits with exit code 0 also; otherwise, it exits
126 with exit code 1.
127 This option can be useful where a database server is needed only
129 to run a single command, e.g.: ovsdb-server
130 --remote=punix:socket --run='ovsdb-client dump unix:socket
131 Open_vSwitch'
132 This option is not supported on Windows platform.
134 Daemon Options
136 The following options are valid on POSIX based platforms.
137 --pidfile[=pidfile]
139 Causes a file (by default, ovsdb-server.pid) to be created indi‐
140 cating the PID of the running process. If the pidfile argument
141 is not specified, or if it does not begin with /, then it is
142 created in /var/run/openvswitch.
143 If --pidfile is not specified, no pidfile is created.
145 --overwrite-pidfile
147 By default, when --pidfile is specified and the specified pid‐
148 file already exists and is locked by a running process,
149 ovsdb-server refuses to start. Specify --overwrite-pidfile to
150 cause it to instead overwrite the pidfile.
151 When --pidfile is not specified, this option has no effect.
153 --detach
155 Runs ovsdb-server as a background process. The process forks,
156 and in the child it starts a new session, closes the standard
157 file descriptors (which has the side effect of disabling logging
158 to the console), and changes its current directory to the root
159 (unless --no-chdir is specified). After the child completes its
160 initialization, the parent exits. ovsdb-server detaches only
161 after it starts listening on all configured remotes. At this
162 point, all standalone and active-backup databases are ready for
163 use. Clustered databases only become ready for use after they
164 finish joining their clusters (which could have already happened
165 in previous runs of ovsdb-server).
166 --monitor
168 Creates an additional process to monitor the ovsdb-server dae‐
169 mon. If the daemon dies due to a signal that indicates a pro‐
170 gramming error (SIGABRT, SIGALRM, SIGBUS, SIGFPE, SIGILL, SIG‐
171 PIPE, SIGSEGV, SIGXCPU, or SIGXFSZ) then the monitor process
172 starts a new copy of it. If the daemon dies or exits for
173 another reason, the monitor process exits.
174 This option is normally used with --detach, but it also func‐
176 tions without it.
177 --no-chdir
179 By default, when --detach is specified, ovsdb-server changes its
180 current working directory to the root directory after it
181 detaches. Otherwise, invoking ovsdb-server from a carelessly
182 chosen directory would prevent the administrator from unmounting
183 the file system that holds that directory.
184 Specifying --no-chdir suppresses this behavior, preventing
186 ovsdb-server from changing its current working directory. This
187 may be useful for collecting core files, since it is common
188 behavior to write core dumps into the current working directory
189 and the root directory is not a good directory to use.
190 This option has no effect when --detach is not specified.
192 --no-self-confinement
194 By default daemon will try to self-confine itself to work with
195 files under well-known directories determined during build. It
196 is better to stick with this default behavior and not to use
197 this flag unless some other Access Control is used to confine
198 daemon. Note that in contrast to other access control implemen‐
199 tations that are typically enforced from kernel-space (e.g. DAC
200 or MAC), self-confinement is imposed from the user-space daemon
201 itself and hence should not be considered as a full confinement
202 strategy, but instead should be viewed as an additional layer of
203 security.
204 --user Causes ovsdb-server to run as a different user specified in
206 "user:group", thus dropping most of the root privileges. Short
207 forms "user" and ":group" are also allowed, with current user or
208 group are assumed respectively. Only daemons started by the root
209 user accepts this argument.
210 On Linux, daemons will be granted CAP_IPC_LOCK and
212 CAP_NET_BIND_SERVICES before dropping root privileges. Daemons
213 that interact with a datapath, such as ovs-vswitchd, will be
214 granted three additional capabilities, namely CAP_NET_ADMIN,
215 CAP_NET_BROADCAST and CAP_NET_RAW. The capability change will
216 apply even if the new user is root.
217 On Windows, this option is not currently supported. For security
219 reasons, specifying this option will cause the daemon process
220 not to start.
221 Service Options
223 The following options are valid only on Windows platform.
224 --service
226 Causes ovsdb-server to run as a service in the background. The
227 service should already have been created through external tools
228 like SC.exe.
229 --service-monitor
231 Causes the ovsdb-server service to be automatically restarted by
232 the Windows services manager if the service dies or exits for
233 unexpected reasons.
234 When --service is not specified, this option has no effect.
236 Logging Options
238 -v[spec]
239 --verbose=[spec]
240 Sets logging levels. Without any spec, sets the log level for
241 every module and destination to dbg. Otherwise, spec is a list
242 of words separated by spaces or commas or colons, up to one from
243 each category below:
244 · A valid module name, as displayed by the vlog/list com‐
246 mand on ovs-appctl(8), limits the log level change to the
247 specified module.
248 · syslog, console, or file, to limit the log level change
250 to only to the system log, to the console, or to a file,
251 respectively. (If --detach is specified, ovsdb-server
252 closes its standard file descriptors, so logging to the
253 console will have no effect.)
254 On Windows platform, syslog is accepted as a word and is
256 only useful along with the --syslog-target option (the
257 word has no effect otherwise).
258 · off, emer, err, warn, info, or dbg, to control the log
260 level. Messages of the given severity or higher will be
261 logged, and messages of lower severity will be filtered
262 out. off filters out all messages. See ovs-appctl(8)
263 for a definition of each log level.
264 Case is not significant within spec.
266 Regardless of the log levels set for file, logging to a file
268 will not take place unless --log-file is also specified (see
269 below).
270 For compatibility with older versions of OVS, any is accepted as
272 a word but has no effect.
273 -v
275 --verbose
276 Sets the maximum logging verbosity level, equivalent to --ver‐
277 bose=dbg.
278 -vPATTERN:destination:pattern
280 --verbose=PATTERN:destination:pattern
281 Sets the log pattern for destination to pattern. Refer to
282 ovs-appctl(8) for a description of the valid syntax for pattern.
283 -vFACILITY:facility
285 --verbose=FACILITY:facility
286 Sets the RFC5424 facility of the log message. facility can be
287 one of kern, user, mail, daemon, auth, syslog, lpr, news, uucp,
288 clock, ftp, ntp, audit, alert, clock2, local0, local1, local2,
289 local3, local4, local5, local6 or local7. If this option is not
290 specified, daemon is used as the default for the local system
291 syslog and local0 is used while sending a message to the target
292 provided via the --syslog-target option.
293 --log-file[=file]
295 Enables logging to a file. If file is specified, then it is
296 used as the exact name for the log file. The default log file
297 name used if file is omitted is /var/log/open‐
298 vswitch/ovsdb-server.log.
299 --syslog-target=host:port
301 Send syslog messages to UDP port on host, in addition to the
302 system syslog. The host must be a numerical IP address, not a
303 hostname.
304 --syslog-method=method
306 Specify method how syslog messages should be sent to syslog dae‐
307 mon. Following forms are supported:
308 · libc, use libc syslog() function. Downside of using this
310 options is that libc adds fixed prefix to every message
311 before it is actually sent to the syslog daemon over
312 /dev/log UNIX domain socket.
313 · unix:file, use UNIX domain socket directly. It is possi‐
315 ble to specify arbitrary message format with this option.
316 However, rsyslogd 8.9 and older versions use hard coded
317 parser function anyway that limits UNIX domain socket
318 use. If you want to use arbitrary message format with
319 older rsyslogd versions, then use UDP socket to localhost
320 IP address instead.
321 · udp:ip:port, use UDP socket. With this method it is pos‐
323 sible to use arbitrary message format also with older
324 rsyslogd. When sending syslog messages over UDP socket
325 extra precaution needs to be taken into account, for
326 example, syslog daemon needs to be configured to listen
327 on the specified UDP port, accidental iptables rules
328 could be interfering with local syslog traffic and there
329 are some security considerations that apply to UDP sock‐
330 ets, but do not apply to UNIX domain sockets.
331 · null, discards all messages logged to syslog.
333 The default is taken from the OVS_SYSLOG_METHOD environment
335 variable; if it is unset, the default is libc.
336 Active-Backup Options
338 These options support the ovsdb-server active-backup service model and
339 database replication. These options apply only to databases in the
340 format used for standalone and active-backup databases, which is the
341 database format created by ovsdb-tool create. By default, when it
342 serves a database in this format, ovsdb-server runs as a standalone
343 server. These options can configure it for active-backup use:
344 · Use --sync-from=server to start the server in the backup role,
346 replicating data from server. When ovsdb-server is running as a
347 backup server, it rejects all transactions that can modify the
348 database content, including lock commands. The same form can be
349 used to configure the local database as a replica of server.
350 · Use --sync-from=server --active to start the server in the
352 active role, but prepared to switch to the backup role in which
353 it would replicate data from server. When ovsdb-server runs in
354 active mode, it allows all transactions, including those that
355 modify the database.
356 At runtime, management commands can change a server's role and other‐
358 wise manage active-backup features. See Active-Backup Commands, below,
359 for more information.
360 --sync-from=server
362 Sets up ovsdb-server to synchronize its databases with the data‐
363 bases in server, which must be an active connection method in
364 one of the forms documented in ovsdb-client(1). Every transac‐
365 tion committed by server will be replicated to ovsdb-server.
366 This option makes ovsdb-server start as a backup server; add
367 --active to make it start as an active server.
368 --sync-exclude-tables=db:table[,db:table]...
370 Causes the specified tables to be excluded from replication.
371 --active
373 By default, --sync-from makes ovsdb-server start up as a backup
374 for server. With --active, however, ovsdb-server starts as an
375 active server. Use this option to allow the syncing options to
376 be specified using command line options, yet start the server,
377 as the default, active server. To switch the running server to
378 backup mode, use ovs-appctl(1) to execute the ovsdb-server/con‐
379 nect-active-ovsdb-server command.
380 Public Key Infrastructure Options
382 The options described below for configuring the SSL public key infra‐
383 structure accept a special syntax for obtaining their configuration
384 from the database. If any of these options is given db:db,table,column
385 as its argument, then the actual file name is read from the specified
386 column in table within the db database. The column must have type
387 string or set of strings. The first nonempty string in the table is
388 taken as the file name. (This means that ordinarily there should be at
389 most one row in table.)
390 -p privkey.pem
392 --private-key=privkey.pem
393 Specifies a PEM file containing the private key used as
394 ovsdb-server's identity for outgoing SSL connections.
395 -c cert.pem
397 --certificate=cert.pem
398 Specifies a PEM file containing a certificate that certifies the
399 private key specified on -p or --private-key to be trustworthy.
400 The certificate must be signed by the certificate authority (CA)
401 that the peer in SSL connections will use to verify it.
402 -C cacert.pem
404 --ca-cert=cacert.pem
405 Specifies a PEM file containing the CA certificate that
406 ovsdb-server should use to verify certificates presented to it
407 by SSL peers. (This may be the same certificate that SSL peers
408 use to verify the certificate specified on -c or --certificate,
409 or it may be a different one, depending on the PKI design in
410 use.)
411 -C none
413 --ca-cert=none
414 Disables verification of certificates presented by SSL peers.
415 This introduces a security risk, because it means that certifi‐
416 cates cannot be verified to be those of known trusted hosts.
417 --bootstrap-ca-cert=cacert.pem
419 When cacert.pem exists, this option has the same effect as -C or
420 --ca-cert. If it does not exist, then ovsdb-server will attempt
421 to obtain the CA certificate from the SSL peer on its first SSL
422 connection and save it to the named PEM file. If it is success‐
423 ful, it will immediately drop the connection and reconnect, and
424 from then on all SSL connections must be authenticated by a cer‐
425 tificate signed by the CA certificate thus obtained.
426 This option exposes the SSL connection to a man-in-the-middle
428 attack obtaining the initial CA certificate, but it may be use‐
429 ful for bootstrapping.
430 This option is only useful if the SSL peer sends its CA certifi‐
432 cate as part of the SSL certificate chain. The SSL protocol
433 does not require the server to send the CA certificate.
434 This option is mutually exclusive with -C and --ca-cert.
436 --peer-ca-cert=peer-cacert.pem
438 Specifies a PEM file that contains one or more additional cer‐
439 tificates to send to SSL peers. peer-cacert.pem should be the
440 CA certificate used to sign ovsdb-server's own certificate, that
441 is, the certificate specified on -c or --certificate. If
442 ovsdb-server's certificate is self-signed, then --certificate
443 and --peer-ca-cert should specify the same file.
444 This option is not useful in normal operation, because the SSL
446 peer must already have the CA certificate for the peer to have
447 any confidence in ovsdb-server's identity. However, this offers
448 a way for a new installation to bootstrap the CA certificate on
449 its first SSL connection.
450 SSL Connection Options
452 --ssl-protocols=protocols
453 Specifies, in a comma- or space-delimited list, the SSL proto‐
454 cols ovsdb-server will enable for SSL connections. Supported
455 protocols include TLSv1, TLSv1.1, and TLSv1.2. Regardless of
456 order, the highest protocol supported by both sides will be cho‐
457 sen when making the connection. The default when this option is
458 omitted is TLSv1,TLSv1.1,TLSv1.2.
459 --ssl-ciphers=ciphers
461 Specifies, in OpenSSL cipher string format, the ciphers
462 ovsdb-server will support for SSL connections. The default when
463 this option is omitted is HIGH:!aNULL:!MD5.
464 Other Options
466 --unixctl=socket
467 Sets the name of the control socket on which ovsdb-server lis‐
468 tens for runtime management commands (see RUNTIME MANAGEMENT
469 COMMANDS, below). If socket does not begin with /, it is inter‐
470 preted as relative to /var/run/openvswitch. If --unixctl is not
471 used at all, the default socket is /var/run/open‐
472 vswitch/ovsdb-server.pid.ctl, where pid is ovsdb-server's
473 process ID.
474 On Windows a local named pipe is used to listen for runtime man‐
476 agement commands. A file is created in the absolute path as
477 pointed by socket or if --unixctl is not used at all, a file is
478 created as ovsdb-server.ctl in the configured OVS_RUNDIR direc‐
479 tory. The file exists just to mimic the behavior of a Unix
480 domain socket.
481 Specifying none for socket disables the control socket feature.
483 -h
485 --help Prints a brief help message to the console.
486 -V
488 --version
489 Prints version information to the console.
490
492 ovs-appctl(8) can send commands to a running ovsdb-server process. The
493 currently supported commands are described below.
494 ovsdb-server Commands
496 These commands are specific to ovsdb-server.
497 exit Causes ovsdb-server to gracefully terminate.
499 ovsdb-server/compact [db]
501 Compacts database db in-place. If db is not specified, compacts
502 every database in-place. A database is also compacted automati‐
503 cally when a transaction is logged if it is over 2 times as
504 large as its previous compacted size (and at least 10 MB), but
505 not before 100 commits have been added or 10 minutes have
506 elapsed since the last compaction. It will also be compacted
507 automatically after 24 hours since the last compaction if 100
508 commits were added regardless of its size.
509 ovsdb-server/memory-trim-on-compaction on|off
511 If this option is on, ovsdb-server will try to reclaim all
512 unused heap memory back to the system after each successful
513 database compaction to reduce the memory consumption of the
514 process. off by default.
515 ovsdb-server/reconnect
517 Makes ovsdb-server drop all of the JSON-RPC connections to data‐
518 base clients and reconnect.
519 This command might be useful for debugging issues with database
521 clients.
522 ovsdb-server/add-remote remote
524 Adds a remote, as if --remote=remote had been specified on the
525 ovsdb-server command line. (If remote is already a remote, this
526 command succeeds without changing the configuration.)
527 ovsdb-server/remove-remote remote
529 Removes the specified remote from the configuration, failing
530 with an error if remote is not configured as a remote. This
531 command only works with remotes that were named on --remote or
532 ovsdb-server/add-remote, that is, it will not remove remotes
533 added indirectly because they were read from the database by
534 configuring a db:db,table,column remote. (You can remove a
535 database source with ovsdb-server/remove-remote db:db,table,col‐
536 umn, but not individual remotes found indirectly through the
537 database.)
538 ovsdb-server/list-remotes
540 Outputs a list of the currently configured remotes named on
541 --remote or ovsdb-server/add-remote, that is, it does not list
542 remotes added indirectly because they were read from the data‐
543 base by configuring a db:db,table,column remote.
544 ovsdb-server/add-db database
546 Adds the database to the running ovsdb-server. The database
547 file must already have been created and initialized using, for
548 example, ovsdb-tool create.
549 ovsdb-server/remove-db database
551 Removes database from the running ovsdb-server. database must
552 be a database name as listed by ovsdb-server/list-dbs.
553 If a remote has been configured that points to the specified
555 database (e.g. --remote=db:database,... on the command line),
556 then it will be disabled until another database with the same
557 name is added again (with ovsdb-server/add-db).
558 Any public key infrastructure options specified through this
560 database (e.g. --private-key=db:database,... on the command
561 line) will be disabled until another database with the same name
562 is added again (with ovsdb-server/add-db).
563 ovsdb-server/list-dbs
565 Outputs a list of the currently configured databases added
566 either through the command line or through the
567 ovsdb-server/add-db command.
568 Active-Backup Commands
570 These commands query and update the role of ovsdb-server within an
571 active-backup pair of servers. See Active-Backup Options, above, and
572 Active-Backup Database Service Model in ovsdb(7) for more information.
573 ovsdb-server/set-active-ovsdb-server server
575 Sets the active server from which ovsdb-server connects through
576 ovsdb-server/connect-active-ovsdb-server. This overrides the
577 --sync-from command-line option.
578 ovsdb-server/get-active-ovsdb-server
580 Gets the active server from which ovsdb-server is currently syn‐
581 chronizing its databases.
582 ovsdb-server/connect-active-ovsdb-server
584 Switches the server to a backup role. The server starts syn‐
585 chronizing its databases with the active server specified by
586 ovsdb-server/set-active-ovsdb-server (or the --sync-from com‐
587 mand-line option) and closes all existing client connections,
588 which requires clients to reconnect.
589 ovsdb-server/disconnect-active-ovsdb-server
591 Switches the server to an active role. The server stops syn‐
592 chronizing its databases with an active server and closes all
593 existing client connections, which requires clients to recon‐
594 nect.
595 ovsdb-server/set-active-ovsdb-server-probe-interval probe interval
597 Sets the probe interval (in milli seconds) for the connection
598 to active server.
599 ovsdb-server/set-sync-exclude-tables db:table[,db:table]...
601 Sets the table within db that will be excluded from synchroniza‐
602 tion. This overrides the --sync-exclude-tables command-line
603 option.
604 ovsdb-server/get-sync-exclude-tables
606 Gets the tables that are currently excluded from synchroniza‐
607 tion.
608 ovsdb-server/sync-status
610 Prints a summary of replication run time information. The state
611 information is always provided, indicating whether the server is
612 running in the active or the backup mode. When running in
613 backup mode, replication connection status, which can be either
614 connecting, replicating or error, are shown. When the connec‐
615 tion is in replicating state, further output shows the list of
616 databases currently replicating, and the tables that are
617 excluded.
618 Cluster Commands
620 These commands support the ovsdb-server clustered service model. They
621 apply only to databases in the format used for clustered databases,
622 which is the database format created by ovsdb-tool create-cluster and
623 ovsdb-tool join-cluster.
624 cluster/cid db
626 Prints the cluster ID for db, which is a UUID that identifies
627 the cluster. If db is a database newly created by ovsdb-tool
628 cluster-join that has not yet successfully joined its cluster,
629 and --cid was not specified on the cluster-join command line,
630 then this command will report an error because the cluster ID is
631 not yet known.
632 cluster/sid db
634 Prints the server ID for db, which is a UUID that identifies
635 this server within the cluster.
636 cluster/status db
638 Prints this server's status within the cluster and the status of
639 its connections to other servers in the cluster.
640 cluster/leave db
642 This command starts the server gracefully removing itself from
643 its cluster. At least one server must remain, and the cluster
644 must be healthy, that is, over half of the cluster's servers
645 must be up.
646 When the server successfully leaves the cluster, it stops serv‐
648 ing db, as if ovsdb-server/remove-db db had been executed.
649 Use ovsdb-client wait (see ovsdb-client(1)) to wait until the
651 server has left the cluster.
652 Once a server leaves a cluster, it may never rejoin it.
654 Instead, create a new server and join it to the cluster.
655 Note that removing the server from the cluster alters the total
657 size of the cluster. For example, if you remove two servers from
658 a three server cluster, then the "cluster" becomes a single
659 functioning server. This does not result in a three server
660 cluster that lacks quorum.
661 cluster/kick db server
663 Start graceful removal of server from db's cluster, like clus‐
664 ter/leave (without --force) except that it can remove any
665 server, not just this one.
666 server may be a server ID, as printed by cluster/sid, or the
668 server's local network address as passed to ovsdb-tool's cre‐
669 ate-cluster or join-cluster command. Use cluster/status to see
670 a list of cluster members.
671 cluster/change-election-timer db time
673 Change the leader election timeout base value of the cluster, in
674 milliseconds.
675 Leader election will be initiated by a follower if there is no
677 heartbeat received from the leader within this time plus a ran‐
678 dom time within 1 second.
679 The default value is 1000, if not changed with this command.
681 This command can be used to adjust the value when necessary,
682 according to the expected load and response time of the servers.
683 This command must be executed on the leader. It initiates the
685 change to the cluster. To see if the change takes effect (com‐
686 mitted), use cluster/status to show the current setting. Once a
687 change is committed, it persists at server restarts.
688 cluster/set-backlog-threshold db n_msgs n_bytes
690 Sets the backlog limits for db's RAFT connections to a maximum
691 of n_msgs messages or n_bytes bytes. If the backlog on one of
692 the connections reaches the limit, it will be disconnected (and
693 re-established). Values are checked only if the backlog con‐
694 tains more than 50 messages.
695 VLOG COMMANDS
697 These commands manage ovsdb-server's logging settings.
698 vlog/set [spec]
700 Sets logging levels. Without any spec, sets the log level for
701 every module and destination to dbg. Otherwise, spec is a list
702 of words separated by spaces or commas or colons, up to one from
703 each category below:
704 · A valid module name, as displayed by the vlog/list com‐
706 mand on ovs-appctl(8), limits the log level change to the
707 specified module.
708 · syslog, console, or file, to limit the log level change
710 to only to the system log, to the console, or to a file,
711 respectively.
712 On Windows platform, syslog is accepted as a word and is
714 only useful along with the --syslog-target option (the
715 word has no effect otherwise).
716 · off, emer, err, warn, info, or dbg, to control the log
718 level. Messages of the given severity or higher will be
719 logged, and messages of lower severity will be filtered
720 out. off filters out all messages. See ovs-appctl(8)
721 for a definition of each log level.
722 Case is not significant within spec.
724 Regardless of the log levels set for file, logging to a file
726 will not take place unless ovsdb-server was invoked with the
727 --log-file option.
728 For compatibility with older versions of OVS, any is accepted as
730 a word but has no effect.
731 vlog/set PATTERN:destination:pattern
733 Sets the log pattern for destination to pattern. Refer to
734 ovs-appctl(8) for a description of the valid syntax for pattern.
735 vlog/list
737 Lists the supported logging modules and their current levels.
738 vlog/list-pattern
740 Lists logging patterns used for each destination.
741 vlog/close
743 Causes ovsdb-server to close its log file, if it is open. (Use
744 vlog/reopen to reopen it later.)
745 vlog/reopen
747 Causes ovsdb-server to close its log file, if it is open, and
748 then reopen it. (This is useful after rotating log files, to
749 cause a new log file to be used.)
750 This has no effect unless ovsdb-server was invoked with the
752 --log-file option.
753 vlog/disable-rate-limit [module]...
755 vlog/enable-rate-limit [module]...
756 By default, ovsdb-server limits the rate at which certain mes‐
757 sages can be logged. When a message would appear more fre‐
758 quently than the limit, it is suppressed. This saves disk
759 space, makes logs easier to read, and speeds up execution, but
760 occasionally troubleshooting requires more detail. Therefore,
761 vlog/disable-rate-limit allows rate limits to be disabled at the
762 level of an individual log module. Specify one or more module
763 names, as displayed by the vlog/list command. Specifying either
764 no module names at all or the keyword any disables rate limits
765 for every log module.
766 The vlog/enable-rate-limit command, whose syntax is the same as
768 vlog/disable-rate-limit, can be used to re-enable a rate limit
769 that was previously disabled.
770 MEMORY COMMANDS
772 These commands report memory usage.
773 memory/show
775 Displays some basic statistics about ovsdb-server's memory
776 usage. ovsdb-server also logs this information soon after
777 startup and periodically as its memory consumption grows.
778 COVERAGE COMMANDS
780 These commands manage ovsdb-server's ``coverage counters,'' which count
781 the number of times particular events occur during a daemon's runtime.
782 In addition to these commands, ovsdb-server automatically logs coverage
783 counter values, at INFO level, when it detects that the daemon's main
784 loop takes unusually long to run.
785 Coverage counters are useful mainly for performance analysis and debug‐
787 ging.
788 coverage/show
790 Displays the averaged per-second rates for the last few seconds,
791 the last minute and the last hour, and the total counts of all
792 of the coverage counters.
793 coverage/read-counter counter
795 Displays the total count for the given coverage counter.
796
798 In Open vSwitch before version 2.4, when ovsdb-server sent JSON-RPC
799 error responses to some requests, it incorrectly formulated them with
800 the result and error swapped, so that the response appeared to indicate
801 success (with a nonsensical result) rather than an error. The requests
802 that suffered from this problem were:
803 transact
805 get_schema
806 Only if the request names a nonexistent database.
807 monitor
809 lock
810 unlock In all error cases.
811 Of these cases, the only error that a well-written application is
813 likely to encounter in practice is monitor of tables or columns that do
814 not exist, in an situation where the application has been upgraded but
815 the old database schema is still temporarily in use. To handle this
816 situation gracefully, we recommend that clients should treat a monitor
817 response with a result that contains an error key-value pair as an
818 error (assuming that the database being monitored does not contain a
819 table named error).
820
822 ovsdb(7), ovsdb-tool(1), ovsdb-server(5), ovsdb-server(7).
823Open vSwitch 2.15.0 ovsdb-server(1)