Poster of Linux kernelThe best gift for a Linux geek
ovsdb-client

ovsdb-client

Section: Open vSwitch Manual (1) Updated: November 2009 Local index Up
 

NAME

ovsdb-client - command-line interface to ovsdb-server(1)  

SYNOPSIS

ovsdb-client [options] list-dbs server
ovsdb-client [options] get-schema server database
ovsdb-client [options] get-schema-version server database
ovsdb-client [options] list-tables server database
ovsdb-client [options] list-columns server database [table]
ovsdb-client [options] transact server transaction
ovsdb-client [options] dump server database
ovsdb-client [options] monitor server database table [column[,column]...]...
ovsdb-client help
Output formatting options:
[--format=format] [--no-heading]
Daemon options:
[--pidfile[=pidfile]] [--overwrite-pidfile] [--detach] [--no-chdir]
Logging options:
[-v[module[:facility[:level]]]]...
[--verbose[=module[:facility[:level]]]]...
[--log-file[=file]]
Public key infrastructure options:
[--private-key=privkey.pem]
[--certificate=cert.pem]
[--ca-cert=cacert.pem]
[--bootstrap-ca-cert=cacert.pem]
Common options:
[-h | --help] [-V | --version]

 

DESCRIPTION

The ovsdb-client program is a command-line client for interacting with a running ovsdb-server process. For each command, the server to connect to must be specified in one of the following forms:
ssl:ip:port
The specified SSL port on the host at the given ip, which must be expressed as an IP address (not a DNS name). The --private-key, --certificate, and --ca-cert options are mandatory when this form is used.
tcp:ip:port
Connect to the given TCP port on ip.
unix:file
Connect to the Unix domain server socket named file.
pssl:port[:ip]
Listen on the given SSL port for a connection. By default, ovsdb-client listens for connections to any local IP address, but specifying ip limits connections to those from the given ip. The --private-key, --certificate, and --ca-cert options are mandatory when this form is used.
ptcp:port[:ip]
Listen on the given TCP port for a connection. By default, ovsdb-client listens for connections to any local IP address, but ip may be specified to listen only for connections to the given ip.
punix:file
Listen on the Unix domain server socket named file for a connection.
 

Commands

The following commands are implemented:
list-dbs server
Connects to server, retrieves the list of known databases, and prints them one per line. These database names are the ones that may be used for database in the following commands.
get-schema server database
Connects to server, retrieves the schema for database, and prints it in JSON format.
get-schema-version server database
Connects to server, retrieves the schema for database, and prints its version number on stdout. A schema version number has the form x.y.z. See ovs-vswitchd.conf.db(5) for details.
Schema version numbers and Open vSwitch version numbers are independent.
If database was created before schema versioning was introduced, then it will not have a version number and this command will print a blank line.
list-tables server database
Connects to server, retrieves the schema for database, and prints a table listing the name of each table within the database.
list-columns server database [table]
Connects to server, retrieves the schema for database, and prints a table listing the name and type of each column. If table is specified, only columns in that table are listed; otherwise, the tables include columns in all tables.
transact server transaction
Connects to server, sends it the specified transaction, which must be a JSON array containing one or more valid OVSDB operations, and prints the received reply on stdout.
dump server database
Connects to server, retrieves all of the data in database, and prints it on stdout as a series of tables.
monitor server database table [column[,column]...]...
Connects to server and monitors the contents of table in database. By default, the initial contents of table are printed, followed by each change as it occurs. If at least one column is specified, only those columns are monitored. The following column names have special meanings:
!initial
Do not print the initial contents of the specified columns.
!insert
Do not print newly inserted rows.
!delete
Do not print deleted rows.
!modify
Do not print modifications to existing rows.
Multiple [column[,column]...] groups may be specified as separate arguments, e.g. to apply different reporting parameters to each group. Whether multiple groups or only a single group is specified, any given column may only be mentioned once on the command line.
If --detach is used with monitor, then ovsdb-client detaches after it has successfully received and printed the initial contents of table.
 

OPTIONS

 

Output Formatting Options

Much of the output from ovsdb-client is in the form of tables. The following options controlling output formatting:
-f format

--format=format
Sets the type of table formatting. The following types of format are available:
table (default)
Text-based tables with aligned columns.
html
HTML tables.
cvs
Comma-separated values as defined in RFC 4180.
json
JSON format as defined in RFC 4627. The output is a sequence of JSON objects, each of which corresponds to one table. Each JSON object has the following members with the noted values:
caption
The table's caption. This member is omitted if the table has no caption.
headings
An array with one element per table column. Each array element is a string giving the corresponding column's heading.
data
An array with one element per table row. Each element is also an array with one element per table column. The elements of this second-level array are the cells that constitute the table. Cells that represent OVSDB data or data types are expressed in the format described in the OVSDB specification; other cells are simply expressed as text strings.
-d format
--data=format
Sets the formatting for cells within output tables. The following types of format are available:
string (default)
The simple format described in ovs-vsctl(8).
json
JSON.
The json output format always outputs cells in JSON format, ignoring this option.
--no-heading
This option suppresses the heading row that otherwise appears in the first row of table output.
--pretty
By default, JSON in output is printed as compactly as possible. This option causes JSON in output to be printed in a more readable fashion. Members of objects and elements of arrays are printed one per line, with indentation.
This option does not affect JSON in tables, which is always printed compactly.
 

Daemon Options

The daemon options apply only to the monitor command. With any other command, they have no effect.
--pidfile[=pidfile]
Causes a file (by default, ovsdb-client.pid) to be created indicating the PID of the running process. If the pidfile argument is not specified, or if it does not begin with /, then it is created in /var/run/openvswitch.
If --pidfile is not specified, no pidfile is created.
--overwrite-pidfile
By default, when --pidfile is specified and the specified pidfile already exists and is locked by a running process, ovsdb-client refuses to start. Specify --overwrite-pidfile to cause it to instead overwrite the pidfile.
When --pidfile is not specified, this option has no effect.
--detach
Causes ovsdb-client to detach itself from the foreground session and run as a background process.
--monitor
Creates an additional process to monitor the ovsdb-client daemon. If the daemon dies due to a signal that indicates a programming error (e.g. SIGSEGV, SIGABRT), then the monitor process starts a new copy of it. If the daemon die or exits for another reason, the monitor process exits.
This option is normally used with --detach, but it also functions without it.
--no-chdir
By default, when --detach is specified, ovsdb-client changes its current working directory to the root directory after it detaches. Otherwise, invoking ovsdb-client from a carelessly chosen directory would prevent the administrator from unmounting the file system that holds that directory.
Specifying --no-chdir suppresses this behavior, preventing ovsdb-client from changing its current working directory. This may be useful for collecting core files, since it is common behavior to write core dumps into the current working directory and the root directory is not a good directory to use.
This option has no effect when --detach is not specified.
 

Logging Options

-vmodule[:facility[:level]], --verbose=module[:facility[:level]]
Sets the logging level for module in facility to level:
module may be any valid module name (as displayed by the --list action on ovs-appctl(8)), or the special name ANY to set the logging levels for all modules.
facility may be syslog, console, or file to set the levels for logging to the system log, the console, or a file respectively, or ANY to set the logging levels for both facilities. If it is omitted, facility defaults to ANY.
Regardless of the log levels set for file, logging to a file will not take place unless --log-file is also specified (see below).
level must be one of emer, err, warn, info, or dbg, designating the minimum severity of a message for it to be logged. If it is omitted, level defaults to dbg.
-v, --verbose
Sets the maximum logging verbosity level, equivalent to --verbose=ANY:ANY:dbg.
-vPATTERN:facility:pattern, --verbose=PATTERN:facility:pattern
Sets the log pattern for facility to pattern. Refer to ovs-appctl(8) for a description of the valid syntax for pattern.
--log-file[=file]
Enables logging to a file. If file is specified, then it is used as the exact name for the log file. The default log file name used if file is omitted is /var/log/openvswitch/ovsdb-client.log.
 

Public Key Infrastructure Options

-p privkey.pem

--private-key=privkey.pem
Specifies a PEM file containing the private key used as ovsdb-client's identity for outgoing SSL connections.
-c cert.pem

--certificate=cert.pem
Specifies a PEM file containing a certificate that certifies the private key specified on -p or --private-key to be trustworthy. The certificate must be signed by the certificate authority (CA) that the peer in SSL connections will use to verify it.
-C cacert.pem

--ca-cert=cacert.pem
Specifies a PEM file containing the CA certificate that ovsdb-client should use to verify certificates presented to it by SSL peers. (This may be the same certificate that SSL peers use to verify the certificate specified on -c or --certificate, or it may be a different one, depending on the PKI design in use.)
-C none

--ca-cert=none
Disables verification of certificates presented by SSL peers. This introduces a security risk, because it means that certificates cannot be verified to be those of known trusted hosts.
--bootstrap-ca-cert=cacert.pem
When cacert.pem exists, this option has the same effect as -C or --ca-cert. If it does not exist, then ovsdb-client will attempt to obtain the CA certificate from the SSL peer on its first SSL connection and save it to the named PEM file. If it is successful, it will immediately drop the connection and reconnect, and from then on all SSL connections must be authenticated by a certificate signed by the CA certificate thus obtained.
This option exposes the SSL connection to a man-in-the-middle attack obtaining the initial CA certificate, but it may be useful for bootstrapping.
This option is only useful if the SSL peer sends its CA certificate as part of the SSL certificate chain. The SSL protocol does not require the server to send the CA certificate, but ovsdb-server(8) can be configured to do so with the --peer-ca-cert option.
This option is mutually exclusive with -C and --ca-cert.
 

Other Options

-h, --help
Prints a brief help message to the console.
-V, --version
Prints version information to the console.
 

SEE ALSO

ovsdb-server(1), ovsdb-client(1), and the OVSDB specification.

 

Index

NAME
SYNOPSIS
DESCRIPTION
Commands
OPTIONS
Output Formatting Options
Daemon Options
Logging Options
Public Key Infrastructure Options
Other Options
SEE ALSO
This document was created by man2html, using the manual pages.
Time: 21:24:31 GMT, April 16, 2011