Neutron: Move ovs-agent setup to init container
This PS moves the Neutron OVS agent setup to an init container. Change-Id: Ib56e7f35cfc40ba617bd2f895d39efa8ef2849ea
This commit is contained in:
parent
7a87aded1d
commit
548f3f0854
41
neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
Normal file
41
neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
Normal file
@ -0,0 +1,41 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Copyright 2017 The Openstack-Helm Authors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
set -ex
|
||||
|
||||
chown neutron: /run/openvswitch/db.sock
|
||||
|
||||
# ensure we can talk to openvswitch or bail early
|
||||
# this is until we can setup a proper dependency
|
||||
# on deaemonsets - note that a show is not sufficient
|
||||
# here, we need to communicate with both the db and vswitchd
|
||||
# which means we need to do a create action
|
||||
#
|
||||
# see https://github.com/att-comdev/openstack-helm/issues/88
|
||||
timeout 3m neutron-sanity-check --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --ovsdb_native --nokeepalived_ipv6_support
|
||||
|
||||
tunnel_interface="{{- .Values.network.interface.tunnel -}}"
|
||||
if [ -z "${tunnel_interface}" ] ; then
|
||||
# search for interface with default routing
|
||||
tunnel_interface=$(ip r | grep default | grep -oP '(?<=dev ).*')
|
||||
fi
|
||||
|
||||
# determine local-ip dynamically based on interface provided but only if tunnel_types is not null
|
||||
IP=$(ip a s $tunnel_interface | grep 'inet ' | awk '{print $2}' | awk -F "/" '{print $1}')
|
||||
cat <<EOF>/tmp/pod-shared/ml2-local-ip.ini
|
||||
[ovs]
|
||||
local_ip = $IP
|
||||
EOF
|
@ -14,35 +14,10 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
set -x
|
||||
chown neutron: /run/openvswitch/db.sock
|
||||
set -ex
|
||||
|
||||
# ensure we can talk to openvswitch or bail early
|
||||
# this is until we can setup a proper dependency
|
||||
# on deaemonsets - note that a show is not sufficient
|
||||
# here, we need to communicate with both the db and vswitchd
|
||||
# which means we need to do a create action
|
||||
#
|
||||
# see https://github.com/att-comdev/openstack-helm/issues/88
|
||||
timeout 3m neutron-sanity-check --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --ovsdb_native --nokeepalived_ipv6_support
|
||||
|
||||
tunnel_interface="{{- .Values.network.interface.tunnel -}}"
|
||||
if [ -z "${tunnel_interface}" ] ; then
|
||||
# search for interface with default routing
|
||||
tunnel_interface=$(ip r | grep default | grep -oP '(?<=dev ).*')
|
||||
fi
|
||||
|
||||
# determine local-ip dynamically based on interface provided but only if tunnel_types is not null
|
||||
IP=$(ip a s $tunnel_interface | grep 'inet ' | awk '{print $2}' | awk -F "/" '{print $1}')
|
||||
cat <<EOF>/tmp/ml2-local-ip.ini
|
||||
[ovs]
|
||||
local_ip = $IP
|
||||
EOF
|
||||
|
||||
# TODO: make this configurable going forward as today
|
||||
# it forces openvswitch agent
|
||||
exec sudo -E -u neutron neutron-openvswitch-agent \
|
||||
--config-file /etc/neutron/neutron.conf \
|
||||
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
|
||||
--config-file /tmp/ml2-local-ip.ini \
|
||||
--config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
|
||||
exec neutron-openvswitch-agent \
|
||||
--config-file /etc/neutron/neutron.conf \
|
||||
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
|
||||
--config-file /tmp/pod-shared/ml2-local-ip.ini \
|
||||
--config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
|
||||
|
@ -35,6 +35,8 @@ data:
|
||||
{{ tuple "bin/_neutron-metadata-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
neutron-openvswitch-agent.sh: |+
|
||||
{{ tuple "bin/_neutron-openvswitch-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
neutron-openvswitch-agent-init.sh: |+
|
||||
{{ tuple "bin/_neutron-openvswitch-agent-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
neutron-server.sh: |+
|
||||
{{ tuple "bin/_neutron-server.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
openvswitch-db-server.sh: |+
|
||||
|
@ -31,12 +31,55 @@ spec:
|
||||
spec:
|
||||
nodeSelector:
|
||||
{{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }}
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
dnsPolicy: ClusterFirst
|
||||
hostNetwork: true
|
||||
initContainers:
|
||||
{{ tuple $envAll $dependencies $mounts_neutron_ovs_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
- name: ovs-agent-init
|
||||
image: {{ .Values.images.neutron_openvswitch_agent }}
|
||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||
{{- if .Values.resources.enabled }}
|
||||
resources:
|
||||
limits:
|
||||
cpu: {{ .Values.resources.ovs.agent.limits.cpu | quote }}
|
||||
memory: {{ .Values.resources.ovs.agent.limits.memory | quote }}
|
||||
requests:
|
||||
cpu: {{ .Values.resources.ovs.agent.requests.cpu | quote }}
|
||||
memory: {{ .Values.resources.ovs.agent.requests.memory | quote }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
privileged: true
|
||||
runAsUser: 0
|
||||
command:
|
||||
- /tmp/neutron-openvswitch-agent-init.sh
|
||||
volumeMounts:
|
||||
- name: neutron-bin
|
||||
mountPath: /tmp/neutron-openvswitch-agent-init.sh
|
||||
subPath: neutron-openvswitch-agent-init.sh
|
||||
readOnly: true
|
||||
- name: pod-shared
|
||||
mountPath: /tmp/pod-shared
|
||||
- name: neutron-etc
|
||||
mountPath: /etc/neutron/neutron.conf
|
||||
subPath: neutron.conf
|
||||
readOnly: true
|
||||
- name: neutron-etc
|
||||
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
|
||||
subPath: ml2_conf.ini
|
||||
readOnly: true
|
||||
- name: neutron-etc
|
||||
mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
|
||||
subPath: openvswitch_agent.ini
|
||||
readOnly: true
|
||||
- name: libmodules
|
||||
mountPath: /lib/modules
|
||||
readOnly: true
|
||||
- name: run
|
||||
mountPath: /run
|
||||
- name: neutron-etc
|
||||
mountPath: /etc/resolv.conf
|
||||
subPath: resolv.conf
|
||||
{{ if $mounts_neutron_ovs_agent.volumeMounts }}{{ toYaml $mounts_neutron_ovs_agent.volumeMounts | indent 12 }}{{ end }}
|
||||
containers:
|
||||
- name: ovs-agent
|
||||
image: {{ .Values.images.neutron_openvswitch_agent }}
|
||||
@ -67,6 +110,8 @@ spec:
|
||||
mountPath: /tmp/neutron-openvswitch-agent.sh
|
||||
subPath: neutron-openvswitch-agent.sh
|
||||
readOnly: true
|
||||
- name: pod-shared
|
||||
mountPath: /tmp/pod-shared
|
||||
- name: neutron-etc
|
||||
mountPath: /etc/neutron/neutron.conf
|
||||
subPath: neutron.conf
|
||||
@ -91,6 +136,8 @@ spec:
|
||||
volumes:
|
||||
- name: varlibopenvswitch
|
||||
emptyDir: {}
|
||||
- name: pod-shared
|
||||
emptyDir: {}
|
||||
- name: neutron-bin
|
||||
configMap:
|
||||
name: neutron-bin
|
||||
|
Loading…
Reference in New Issue
Block a user