[ovs-dev] [PATCH 3/5] rhel: Add ovsdb-server.socket unit for systemd socket activation.

Timothy Redaelli via dev Wed, 11 Mar 2026 09:37:43 -0700

Add an ovsdb-server.socket unit that has systemd create and manage the
/run/openvswitch/db.sock listening socket.  This eliminates the window
during ovsdb-server restarts when clients cannot connect to the database.


The socket unit reads OVS_USER_ID from the same configuration files as
the service unit (/etc/openvswitch/default.conf, /etc/sysconfig/openvswitch)
and adjusts socket group ownership via ExecStartPost so that non-root
OVS deployments can connect.

Update service dependencies:
  - ovsdb-server.service: Requires=ovsdb-server.socket
  - ovs-vswitchd.service: After/Requires=ovsdb-server.socket instead of
    ovsdb-server.service, remove AssertPathIsReadWrite (socket exists
    before the service starts)
  - ovs-delete-transient-ports.service: After=ovsdb-server.socket,
    remove AssertPathExists (same reason)

Co-authored-by: Lubomir Rintel <[email protected]>
Signed-off-by: Lubomir Rintel <[email protected]>
Signed-off-by: Timothy Redaelli <[email protected]>
---
 rhel/automake.mk                                |  1 +
 rhel/openvswitch-fedora.spec.in                 |  4 ++++
 ...md_system_ovs-delete-transient-ports.service |  3 +--
 ...r_lib_systemd_system_ovs-vswitchd.service.in |  5 ++---
 .../usr_lib_systemd_system_ovsdb-server.service |  1 +
 rhel/usr_lib_systemd_system_ovsdb-server.socket | 17 +++++++++++++++++
 6 files changed, 26 insertions(+), 5 deletions(-)
 create mode 100644 rhel/usr_lib_systemd_system_ovsdb-server.socket

diff --git a/rhel/automake.mk b/rhel/automake.mk
index 246bfb51e..9a08bf556 100644
--- a/rhel/automake.mk
+++ b/rhel/automake.mk
@@ -23,6 +23,7 @@ EXTRA_DIST += \
        rhel/usr_lib_udev_rules.d_91-vfio.rules \
        rhel/usr_lib_systemd_system_openvswitch.service \
        rhel/usr_lib_systemd_system_ovsdb-server.service \
+       rhel/usr_lib_systemd_system_ovsdb-server.socket \
        rhel/usr_lib_systemd_system_ovs-vswitchd.service.in \
        rhel/usr_lib_systemd_system_ovs-delete-transient-ports.service \
        rhel/usr_lib_systemd_system_openvswitch-ipsec.service
diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in
index 320b1ad86..88bb734ad 100644
--- a/rhel/openvswitch-fedora.spec.in
+++ b/rhel/openvswitch-fedora.spec.in
@@ -229,6 +229,9 @@ for service in openvswitch ovsdb-server ovs-vswitchd 
ovs-delete-transient-ports
                         rhel/usr_lib_systemd_system_${service}.service \
                         $RPM_BUILD_ROOT%{_unitdir}/${service}.service
 done
+install -p -D -m 0644 \
+        rhel/usr_lib_systemd_system_ovsdb-server.socket \
+        $RPM_BUILD_ROOT%{_unitdir}/ovsdb-server.socket
 install -m 0755 rhel/etc_init.d_openvswitch \
         $RPM_BUILD_ROOT%{_datadir}/openvswitch/scripts/openvswitch.init
 
@@ -460,6 +463,7 @@ fi
 %config(noreplace) %{_sysconfdir}/logrotate.d/openvswitch
 %{_unitdir}/openvswitch.service
 %{_unitdir}/ovsdb-server.service
+%{_unitdir}/ovsdb-server.socket
 %{_unitdir}/ovs-vswitchd.service
 %{_unitdir}/ovs-delete-transient-ports.service
 %{_datadir}/openvswitch/scripts/openvswitch.init
diff --git a/rhel/usr_lib_systemd_system_ovs-delete-transient-ports.service 
b/rhel/usr_lib_systemd_system_ovs-delete-transient-ports.service
index d4d7b204b..5f993e304 100644
--- a/rhel/usr_lib_systemd_system_ovs-delete-transient-ports.service
+++ b/rhel/usr_lib_systemd_system_ovs-delete-transient-ports.service
@@ -1,8 +1,7 @@
 [Unit]
 Description=Open vSwitch Delete Transient Ports
-After=ovsdb-server.service
+After=ovsdb-server.socket
 Before=ovs-vswitchd.service
-AssertPathExists=/run/openvswitch/db.sock
 
 [Service]
 Type=oneshot
diff --git a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in 
b/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in
index 6d021618b..28f6dfc54 100644
--- a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in
+++ b/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in
@@ -1,10 +1,9 @@
 [Unit]
 Description=Open vSwitch Forwarding Unit
-After=ovsdb-server.service network-pre.target systemd-udev-settle.service
+After=ovsdb-server.socket network-pre.target systemd-udev-settle.service
 Before=network.target network.service
-Requires=ovsdb-server.service
+Requires=ovsdb-server.socket
 ReloadPropagatedFrom=ovsdb-server.service
-AssertPathIsReadWrite=/run/openvswitch/db.sock
 PartOf=openvswitch.service
 
 [Service]
diff --git a/rhel/usr_lib_systemd_system_ovsdb-server.service 
b/rhel/usr_lib_systemd_system_ovsdb-server.service
index 43ea3a570..c6d5d4b52 100644
--- a/rhel/usr_lib_systemd_system_ovsdb-server.service
+++ b/rhel/usr_lib_systemd_system_ovsdb-server.service
@@ -2,6 +2,7 @@
 Description=Open vSwitch Database Unit
 After=syslog.target network-pre.target
 Before=network.target network.service
+Requires=ovsdb-server.socket
 Wants=ovs-delete-transient-ports.service
 PartOf=openvswitch.service
 
diff --git a/rhel/usr_lib_systemd_system_ovsdb-server.socket 
b/rhel/usr_lib_systemd_system_ovsdb-server.socket
new file mode 100644
index 000000000..543813e8c
--- /dev/null
+++ b/rhel/usr_lib_systemd_system_ovsdb-server.socket
@@ -0,0 +1,17 @@
+[Unit]
+Description=Open vSwitch Database Socket
+Before=ovsdb-server.service
+
+[Socket]
+# Read OVS_USER_ID to set socket group ownership below.
+# Note: /run/openvswitch.useropts is not available here because
+# it is generated by ovsdb-server.service, which starts after us.
+EnvironmentFile=/etc/openvswitch/default.conf
+EnvironmentFile=-/etc/sysconfig/openvswitch
+ListenStream=/run/openvswitch/db.sock
+Service=ovsdb-server.service
+SocketMode=0770
+ExecStartPost=-/bin/sh -c 'GRP="${OVS_USER_ID##*:}"; [ -n "$GRP" ] && [ "$GRP" 
!= "root" ] && chgrp "$GRP" /run/openvswitch/db.sock || true'
+
+[Install]
+WantedBy=sockets.target
-- 
2.53.0

_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH 3/5] rhel: Add ovsdb-server.socket unit for systemd socket activation.

Reply via email to