We can easily imagine an user frustrated by his pod not getting deleted
and opting to remove the finalizer from the Pod. If the cause of the
deletion delay was the kuryr-controller being down, we end up with an
orphaned KuryrPort. At the moment this causes crashes, which obviously
it shouldn't. Moreover we should figure out how to clean up the Neutron
port if that happens. This commit does so as explained below.
1. KuryrPort on_present() will trigger its deletion when it detects that
Pod does not longer exist.
2. Turns out security_groups parameter passed to release_vif() was never
used. I removed it from drivers and got rid of get_security_groups()
call from on_finalize() as it's no longer necessary.
3. When we cannot get the Pod in KuryrPort on_finalize() we attempt to
gather info required to cleanup the KuryrPort and "mock" a Pod
object. A precaution is added that any error from release_vif() is
ignored in that case to make sure failed cleanup is not causing the
system to go down.
Change-Id: Iaf48296ff28394823f68d58362bcc87d38a2cd42
Neutron should make a subport that is already attached to a trunk ACTIVE
immediately. Unfortunately there seems to be an OVN bug causing an event
triggering this to be lost, leaving the port in DOWN state forever. This
is a disaster for Kuryr, because we can't proceed to wire the pods in
such case.
This commit attempts to workaround this by making Kuryr reattach the
ports that are in DOWN state for more than 90 seconds after they're
plugged.
Change-Id: If9a3968d68dced588614cd5521d4a111e78d435f
PodVIFDriver base class defines activate_vif method, which currently
accepts two arguments - pod and vif. While vif argument is utilized for
most of the time, pod is not.
It was discovered during development, where there is a need for calling
activate_vif method from within a CRD resource rather than pod.
Change-Id: I6367bd93d5c0abe9a2ee6d018d997209f23f5318
This commit converts nested_dpdk_vif and nested_macvlan_vif drivers to
use openstacksdk. The latter required a bit of a hack visible in the
clients.py - the openstacksdk's Port resource is injected with
additional header parameter to be able to use If-Match header when
updating allowed_address_pairs on the parent VIFs.
What's missing here is removal of some hacks still present in
os_vif_util.py.
Change-Id: I90b0ae7650aa36fb321d66b9d95fc8fd36249896
Add DPDK support for nested K8s pods. Patch includes a new VIF driver on
the controller and a new CNI binding driver.
This patch introduces dependency from os-vif v.1.12.0, since there
a new vif type.
Change-Id: I6be9110192f524325e24fb97d905faff86d0cfef
Implements: blueprint nested-dpdk-support
Co-Authored-By: Kural Ramakrishnan <kuralamudhan.ramakrishnan@intel.com>
Co-Authored-By: Marco Chiappero <marco.chiappero@intel.com>
Signed-off-by: Alexey Perevalov <a.perevalov@samsung.com>
Signed-off-by: Danil Golov <d.golov@samsung.com>
