Merge "Support per-host overrides of auto_bridge_add"

doc/source/devref/networking.rst

@@ -272,7 +272,7 @@ init container and main container with :code:`neutron-ovs-agent` via file
 Configuration of OVS bridges can be done via
 `neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl`. The
 script is configuring the external network bridge and sets up any
-bridge mappings defined in :code:`network.auto_bridge_add`.  These
+bridge mappings defined in :code:`conf.auto_bridge_add`.  These
 values should align with
 :code:`conf.plugins.openvswitch_agent.ovs.bridge_mappings`.
 

neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl

@@ -19,19 +19,21 @@ limitations under the License.
 set -ex
 
 # configure all bridge mappings defined in config
-{{- range $br, $phys := .Values.network.auto_bridge_add }}
-if [ -n "{{- $br -}}" ] ; then
-    # adding existing bridge would break out the script when -e is set
-    set +e
-    ip link add name {{ $br }} type bridge
-    set -e
-    ip link set dev {{ $br }} up
-    if [ -n "{{- $phys -}}" ] ; then
-        ip link set dev {{ $phys }}  master {{ $br }}
-    fi
-fi
-{{- end }}
-
+# /tmp/auto_bridge_add is one line json file: {"br-ex1":"eth1","br-ex2":"eth2"}
+for bmap in `sed 's/[{}"]//g' /tmp/auto_bridge_add | tr "," "\n"`
+do
+  bridge=${bmap%:*}
+  iface=${bmap#*:}
+  # adding existing bridge would break out the script when -e is set
+  set +e
+  ip link add name $bridge type bridge
+  set -e
+  ip link set dev $bridge up
+  if [ -n "$iface" ] && [ "$iface" != "null" ]
+  then
+    ip link set dev $iface  master $bridge
+  fi
+done
 
 tunnel_interface="{{- .Values.network.interface.tunnel -}}"
 if [ -z "${tunnel_interface}" ] ; then

neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl

@@ -36,13 +36,17 @@ if neutron-sanity-check --version >/dev/null 2>/dev/null; then
 fi
 
 # handle any bridge mappings
-{{- range $bridge, $port := .Values.network.auto_bridge_add }}
-ovs-vsctl --no-wait --may-exist add-br {{ $bridge }}
-{{ if $port }}
-ovs-vsctl --no-wait --may-exist add-port {{ $bridge }} {{ $port }}
-ip link set dev {{ $port }} up
-{{ end }}
-{{- end }}
+# /tmp/auto_bridge_add is one line json file: {"br-ex1":"eth1","br-ex2":"eth2"}
+for bmap in `sed 's/[{}"]//g' /tmp/auto_bridge_add | tr "," "\n"`
+do
+  bridge=${bmap%:*}
+  iface=${bmap#*:}
+  ovs-vsctl --no-wait --may-exist add-br $bridge
+  if [ -n "$iface" ] && [ "$iface" != "null" ]
+  then
+    ovs-vsctl --no-wait --may-exist add-port $bridge $iface
+  fi
+done
 
 tunnel_interface="{{- .Values.network.interface.tunnel -}}"
 if [ -z "${tunnel_interface}" ] ; then

neutron/templates/configmap-etc.yaml

@@ -196,6 +196,7 @@ data:
   dnsmasq.conf: ""
   neutron_sudoers: {{ $envAll.Values.conf.neutron_sudoers | b64enc }}
   rootwrap.conf: {{ $envAll.Values.conf.rootwrap | b64enc }}
+  auto_bridge_add: {{ toJson $envAll.Values.conf.auto_bridge_add | b64enc }}
 {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
 {{- $filePrefix := replace "_" "-"  $key }}
   {{ printf "%s.filters" $filePrefix }}: {{ $value.content | b64enc }}

neutron/templates/daemonset-lb-agent.yaml

@@ -111,6 +111,10 @@ spec:
               mountPath: /etc/sudoers.d/kolla_neutron_sudoers
               subPath: neutron_sudoers
               readOnly: true
+            - name: neutron-etc
+              mountPath: /tmp/auto_bridge_add
+              subPath: auto_bridge_add
+              readOnly: true
             - name: neutron-etc
               mountPath: /etc/neutron/rootwrap.conf
               subPath: rootwrap.conf

neutron/templates/daemonset-ovs-agent.yaml

@@ -121,6 +121,10 @@ spec:
               mountPath: /etc/sudoers.d/kolla_neutron_sudoers
               subPath: neutron_sudoers
               readOnly: true
+            - name: neutron-etc
+              mountPath: /tmp/auto_bridge_add
+              subPath: auto_bridge_add
+              readOnly: true
             - name: neutron-etc
               mountPath: /etc/neutron/rootwrap.conf
               subPath: rootwrap.conf

neutron/values.yaml

@@ -90,18 +90,6 @@ network:
   # allowing agents to be restarted without packet loss and simpler
   # debugging. This feature requires mount propagation support.
   share_namespaces: true
-  # auto_bridge_add is a table of "bridge: interface" pairs
-  # To automatically add a physical interfaces to a specific bridges,
-  # for example eth3 to bridge br-physnet1, if0 to br0 and iface_two
-  # to br1 do something like:
-  #
-  # auto_bridge_add:
-  #   br-physnet1: eth3
-  #   br0: if0
-  #   br1: iface_two
-  # br-ex will be added by default
-  auto_bridge_add:
-    br-ex: null
   interface:
   # Tunnel interface will be used for VXLAN tunneling. If null
   # (default) there is a fallback mechanism to search for interface
@@ -1635,13 +1623,25 @@ conf:
         priority: 0
         apply-to: all
         pattern: '(notifications)\.'
+  ## NOTE: "besteffort" is meant for dev env with mixed compute type only.
+  ##       This helps prevent sriov init script from failing due to mis-matched NIC
+  ##       For prod env, target NIC should match and init script should fail otherwise.
+  ## sriov_init:
+  ##   - besteffort
   sriov_init:
     -
-    ## NOTE: "besteffort" is meant for dev env with mixed compute type only.
-    ##       This helps prevent sriov init script from failing due to mis-matched NIC
-    ##       For prod env, target NIC should match and init script should fail otherwise.
-    ## sriov_init:
-    ##   - besteffort
+  # auto_bridge_add is a table of "bridge: interface" pairs
+  # To automatically add a physical interfaces to a specific bridges,
+  # for example eth3 to bridge br-physnet1, if0 to br0 and iface_two
+  # to br1 do something like:
+  #
+  # auto_bridge_add:
+  #   br-physnet1: eth3
+  #   br0: if0
+  #   br1: iface_two
+  # br-ex will be added by default
+  auto_bridge_add:
+    br-ex: null
 
 # Names of secrets used by bootstrap and environmental checks
 secrets: