<%- | String $image_name = '', String $bind_socket = '', Boolean $debug, String $container_cli = '' | -%> #!/bin/bash <%- if $debug { -%>set -x<%- } -%> <%- if $bind_socket { -%> export DOCKER_HOST="<%=$bind_socket%>" <%- } -%> ARGS="$@" # Extract the network namespace UUID from the command line args provided by # neutron. Typically of the form (with dnsmasq as an example): # # dnsmasq --no-hosts --no-resolv --except-interface=lo \ # --pid-file=/var/lib/neutron/dhcp/317716b8-919a-4a6f-8db1-78128ec3b100/pid \ # --dhcp-hostsfile=/var/lib/neutron/dhcp/317716b8-919a-4a6f-8db1-78128ec3b100/host ... NETNS=$(ip netns identify) NAME=neutron-haproxy-${NETNS} HAPROXY_CMD='$(if [ -f /usr/sbin/haproxy-systemd-wrapper ]; then echo "/usr/sbin/haproxy -Ds"; else echo "/usr/sbin/haproxy -Ws"; fi)' <%- if $container_cli == 'docker' { -%> CLI='docker' LOGGING='' CMD="ip netns exec ${NETNS} "'$HAPROXY' <%- } elsif $container_cli == 'podman' { -%> CLI="nsenter --net=/run/netns/${NETNS} --preserve-credentials -m -t 1 podman" LOGGING="--log-driver k8s-file --log-opt path=/var/log/containers/stdouts/${NAME}.log" CMD='$HAPROXY' <%- } else { -%> CLI='echo noop' CMD='echo noop' <%- } -%> LIST=$($CLI ps -a --filter name=neutron-haproxy- --format '{{.ID}}:{{.Names}}:{{.Status}}' | awk '{print $1}') # Find orphaned containers left for dead after its main process terminated by neutron parent process # FIXME(cjeanner): https://github.com/containers/libpod/issues/1703 ORPHANTS=$(printf "%s\n" "${LIST}" | grep -E ":(Exited|Created)") if [ -n "${ORPHANTS}" ]; then for orphant in $(printf "%s\n" "${ORPHANTS}" | awk -F':' '{print $1}'); do echo "Removing orphaned container ${orphant}" $CLI stop ${orphant} || true $CLI rm -f ${orphant} || true done fi # If the NAME is already taken by a container, give it an unique name printf "%s\n" "${LIST}" | grep -q "${NAME}$" && NAME="${NAME}-$(date +%Y-%m-%d-%H%M%S-%N)" echo "Starting a new child container ${NAME}" $CLI run --detach ${LOGGING} \ -v /var/lib/config-data/puppet-generated/neutron/etc/neutron:/etc/neutron:ro \ -v /run/netns:/run/netns:shared \ -v /var/lib/neutron:/var/lib/neutron:shared \ -v /dev/log:/dev/log \ --net host \ --pid host \ --cgroupns host \ --privileged \ -u root \ --name $NAME \ <%=$image_name%> \ /bin/bash -c "HAPROXY=\"$HAPROXY_CMD\"; exec $CMD $ARGS"