NAME

ovn-detrace - convert ``ovs-appctl ofproto/trace'' output to combine OVN logical flow information.

SYNOPSIS

ovn-detrace < file

Common options:

[-h | --help] [-V | --version]

DESCRIPTION

The ovn-detrace program reads ovs-appctl ofproto/trace output on stdin, looking for flow cookies, and expand each cookie with corresponding OVN logical flows. It expands logical flow further with the north-bound information e.g. the ACL that generated the logical flow, when relevant.

OPTIONS

-h

--help

Prints a brief help message to the console.

-V

--version

Prints version information to the console.

--ovnsb=server

The OVN Southbound DB remote to contact. If the OVN_SB_DB environment variable is set, its value is used as the default. Otherwise, the default is unix:@RUNDIR@/ovnsb_db.sock, but this default is unlikely to be useful outside of single-machine OVN test environments.

--ovnnb=server

The OVN Northbound DB remote to contact. If the OVN_NB_DB environment variable is set, its value is used as the default. Otherwise, the default is unix:@RUNDIR@/ovnnb_db.sock, but this default is unlikely to be useful outside of single-machine OVN test environments.

--ovs=

Also decode flow information (like OVS ofport) from the flows by connecting to the OVS DB.

--no-leader-only

Connect to any cluster member, not just the leader. The option works for OVN Southbound DB and OVN Northbound DB.

--ovsdb=server

The OVS DB remote to contact if --ovs is present. If the OVS_RUNDIR environment variable is set, its value is used as the default. Otherwise, the default is unix:@RUNDIR@/db.sock, but this default is unlikely to be useful outside of single-machine OVN test environments.

-p privkey.pem

--private-key=privkey.pem

Specifies a PEM file containing the private key used as ovn-detrace's identity for outgoing SSL connections.

-c cert.pem

--certificate=cert.pem

Specifies a PEM file containing a certificate that certifies the private key specified on -p or --private-key to be trustworthy. The certificate must be signed by the certificate authority (CA) that the peer in SSL connections will use to verify it.

-C cacert.pem

--ca-cert=cacert.pem

Specifies a PEM file containing the CA certificate that ovn-detrace should use to verify certificates presented to it by SSL peers. (This may be the same certificate that SSL peers use to verify the certificate specified on -c or --certificate, or it may be a different one, depending on the PKI design in use.)

SEE ALSO

ovs-appctl(8),ovn-sbctl(8),ovn-nbctl(8),ovn-trace(8)