Installing Open vSwitch on CentOS 7

This post describes how to install the most recent version of Open vSwitch (ovs) on CentOS 7 and might be the base for future posts about using KVM as virtualization platform.

openvswitch-diagramOpen vSwitch is a production quality open source software switch designed to be used as a vswitch in virtualized server environments. A vswitch forwards traffic between different VMs on the same physical host and also forwards traffic between VMs and the physical network.

Install the needed packages (as root user)

# yum -y install wget openssl-devel kernel-devel

Install development tools

# yum groupinstall "Development Tools"

Add a ovswitch user

# adduser ovswitch

Download and unpack the openvswitch source code (as ovswitch user)

$ su - ovswitch
$ mkdir -p ~/rpmbuild/SOURCES
$ cd ~/rpmbuild/SOURCES
$ wget http://openvswitch.org/releases/openvswitch-2.3.1.tar.gz
$ tar xfz openvswitch-2.3.1.tar.gz

We will modify the openvswitch spec-file and use the kernel module CentOS provides instead of creating a new one.

$ sed 's/openvswitch-kmod, //g' openvswitch-2.3.1/rhel/openvswitch.spec > openvswitch-2.3.1/rhel/openvswitch_no_kmod.spec

Create a RPM-file to ease future package operations like upgrade

$ rpmbuild -bb --nocheck ~/openvswitch-2.3.1/rhel/openvswitch_no_kmod.spec
$ exit

Now is the time to install the RPM-package (as root)

# yum localinstall /home/ovswitch/rpmbuild/RPMS/x86_64/openvswitch-2.3.1-1.x86_64.rpm

If you have not disabled SElinux then you will see the following SELinux issues when you try to start the openvswitch service

install: cannot change owner and permissions of ‘/etc/openvswitch': No such file or directory and Creating empty database /etc/openvswitch/conf.db ovsdb-tool: I/O error: /etc/openvswitch/conf.db: failed to lock lockfile (No such file or directory)

This is one way to fix this issue

# mkdir /etc/openvswitch
# semanage fcontext -a -t openvswitch_rw_t "/etc/openvswitch(/.*)?"
# restorecon -Rv /etc/openvswitch

We are now ready to start the openvswitch service

# service openvswitch start
# chkconfig openvswitch on

Verify that we have installed openvswitch and that it is available

# virsh version
Compiled against library: libvirt 1.2.8
Using library: libvirt 1.2.8
Using API: QEMU 1.2.8
Running hypervisor: QEMU 1.5.3
# lsmod |grep openvswitch
openvswitch            70611  0 
gre                    13796  1 openvswitch
vxlan                  37409  1 openvswitch
libcrc32c              12644  2 xfs,openvswitch
# ovs-vsctl show
...
    Bridge "ovsbr1"
        Port "ovsbr1"
            Interface "ovsbr1"
                type: internal
    Bridge "ovsbr0"
        Port "enp0s25"
            Interface "enp0s25"
        Port "ovsbr0"
            Interface "ovsbr0"
                type: internal
    ovs_version: "2.3.1"

We are now ready to create a network bridge, but that will (maybe) be described in a future post of mine.