ebtables/libvirt workaround

Idealy nova is run with libvirt 1.2.11 or later to guarantee that
libvirt is calling ebtables with --concurrent. Since we can't
always guarantee this we have created this workaround.

The workaround is extremely hacky and not recommend but for those
who simply have no other way to address this bug the following
should be done.

 * Copy /sbin/ebtables to /sbin/ebtables.real
 * Copy the ebtables.workaround script to /sbin/ebtables

Caution: Future OS level updates and packages way overwrite the
above changes. Its recommend users upgrade to libvirt 1.2.11.

The work around script was copied from devstack and originally
written by sdague.

Change-Id: Icdffc59d68b73a6df22ce138558d6e23e1c96336
Closes-Bug: #1501366
This commit is contained in:
Chet Burgess 2015-11-17 11:55:55 -08:00 committed by Sean Dague
parent d574aaf7be
commit 17264ee6a6

35
tools/ebtables.workaround Normal file
View File

@ -0,0 +1,35 @@
#!/bin/bash
#
# Copyright 2015 Hewlett-Packard Development Company, L.P.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
#
# This is a terrible, terrible, truly terrible work around for
# environments that have libvirt < 1.2.11. ebtables requires that you
# specifically tell it you would like to not race and get punched in
# the face when 2 run at the same time with a --concurrent flag.
#
# INSTALL instructions
#
# * Copy /sbin/ebtables to /sbin/ebtables.real
# * Copy the ebtables.workaround script to /sbin/ebtables
#
# Note: upgrades to ebtables will overwrite this work around. If you
# are packaging this file consider putting a trigger in place so that
# the workaround is replaced after ebtables upgrade.
#
# Additional Note: this file can be removed from nova once our libvirt
# minimum is >= 1.2.11.
flock -w 300 /var/lock/ebtables.nova /sbin/ebtables.real $@