From 1080043adad0039520b8482434e5a70e4dc65381 Mon Sep 17 00:00:00 2001
From: SamSu <sam.su@huawei.com>
Date: Tue, 29 Apr 2014 11:48:18 -0700
Subject: [PATCH] fix a protential network loop bug

Change-Id: Ic4f9d2688da38794b2b7bcf26b5cd586a5d218d6
---
 .../openstack-network/recipes/openvswitch.rb  |  29 ++---
 .../plugins/openvswitch/openvswitch.erb       | 104 ++++++++++++++++++
 2 files changed, 113 insertions(+), 20 deletions(-)
 create mode 100644 chef/cookbooks/openstack-network/templates/default/plugins/openvswitch/openvswitch.erb

diff --git a/chef/cookbooks/openstack-network/recipes/openvswitch.rb b/chef/cookbooks/openstack-network/recipes/openvswitch.rb
index f5fbb7d..f92a8d8 100644
--- a/chef/cookbooks/openstack-network/recipes/openvswitch.rb
+++ b/chef/cookbooks/openstack-network/recipes/openvswitch.rb
@@ -56,26 +56,6 @@ platform_options["quantum_openvswitch_packages"].each do |pkg|
   end
 end
 
-# The current openvswitch package of centos 6.4 cannot create GRE tunnel successfully
-# The centos 6.4 kernel version is 2.6.32-358.18.1.el6.x86_64
-# This code block was deperated because the ovs package was updated.
-#if platform?(%w(fedora redhat centos))
-#  remote_directory "/tmp/openvswitch" do
-#    source "openvswitch"
-#    files_owner "root"
-#    files_group "root"
-#    mode "0644"
-#    recursive true
-#    action :create
-#  end
-  
-#  execute "update openvswitch package" do
-#    ignore_failure true
-#    command "chmod +x /tmp/openvswitch/install.sh; sh /tmp/openvswitch/install.sh"
-#    action :run
-#  end  
-#end
-
 service "quantum-server" do
   service_name node["openstack"]["network"]["platform"]["quantum_server_service"]
   supports :status => true, :restart => true
@@ -88,6 +68,15 @@ service "quantum-openvswitch-switch" do
   action :start
 end
 
+if platform?(%w(fedora redhat centos))
+  template "/etc/init.d/openvswitch" do
+    source "plugins/openvswitch/openvswitch.erb"
+    owner "root"
+    group "root"
+    mode "0755"
+    notifies :restart, "service[quantum-openvswitch-switch]", :immediately
+  end
+end
 
 service "quantum-server" do
   service_name platform_options["quantum_server_service"]
diff --git a/chef/cookbooks/openstack-network/templates/default/plugins/openvswitch/openvswitch.erb b/chef/cookbooks/openstack-network/templates/default/plugins/openvswitch/openvswitch.erb
new file mode 100644
index 0000000..25960a7
--- /dev/null
+++ b/chef/cookbooks/openstack-network/templates/default/plugins/openvswitch/openvswitch.erb
@@ -0,0 +1,104 @@
+#!/bin/sh
+#
+# openvswitch
+#
+# chkconfig: 2345 09 91
+# description: Manage Open vSwitch kernel modules and user-space daemons
+
+# Copyright (C) 2009, 2010, 2011 Nicira Networks, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+### BEGIN INIT INFO
+# Provides:          openvswitch-switch
+# Required-Start:
+# Required-Stop:
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Open vSwitch switch
+### END INIT INFO
+
+. /usr/share/openvswitch/scripts/ovs-lib || exit 1
+test -e /etc/sysconfig/openvswitch && . /etc/sysconfig/openvswitch
+
+start () {
+    service openvswitch status && exit 0
+
+    set $ovs_ctl ${1-start}
+    set "$@" --system-id=random
+    if test X"$FORCE_COREFILES" != X; then
+	set "$@" --force-corefiles="$FORCE_COREFILES"
+    fi
+    if test X"$OVSDB_SERVER_PRIORITY" != X; then
+	set "$@" --ovsdb-server-priority="$OVSDB_SERVER_PRIORITY"
+    fi
+    if test X"$VSWITCHD_PRIORITY" != X; then
+	set "$@" --ovs-vswitchd-priority="$VSWITCHD_PRIORITY"
+    fi
+    if test X"$VSWITCHD_MLOCKALL" != X; then
+	set "$@" --mlockall="$VSWITCHD_MLOCKALL"
+    fi
+    if test X"$BRCOMPAT" = Xyes; then
+	set "$@" --brcompat
+    fi
+    "$@"
+
+# RHEL6 does not support OVS GRE tunneling yet, do not add iptables GRE rule
+#    $ovs_ctl --protocol=gre enable-protocol
+
+    touch /var/lock/subsys/openvswitch
+
+    ovs-ofctl del-flows br-tun "table=0"
+    ovs-ofctl add-flow br-tun "table=0, priority=1, actions=drop"
+    service quantum-l3-agent status && service quantum-l3-agent restart
+    service quantum-dhcp-agent status && service quantum-dhcp-agent restart
+    service quantum-metadata-agent status && service quantum-metadata-agent restart
+    service quantum-openvswitch-agent restart || exit 0
+}
+
+stop () {
+    $ovs_ctl stop
+    rm -f /var/lock/subsys/openvswitch
+}
+
+ovs_ctl=/usr/share/openvswitch/scripts/ovs-ctl
+case $1 in
+    start)
+        start
+        ;;
+    stop)
+        stop
+        ;;
+    restart)
+        stop
+        start
+        ;;
+    reload|force-reload)
+        # Nothing to do.
+        ;;
+    status)
+        $ovs_ctl status
+        ;;
+    version)
+        $ovs_ctl version
+        ;;
+    force-reload-kmod)
+        start force-reload-kmod
+        ;;
+    help)
+        printf "$0 [start|stop|restart|reload|force-reload|status|version|force-reload-kmod]\n"
+        ;;
+    *)
+        printf "Unknown command: $1\n"
+        exit 1
+        ;;
+esac