<%- | String $bind_socket = '', Boolean $debug, String $container_cli = '' | -%> #!/bin/bash <%- if $debug { -%>set -x<%- } -%> <%- if $bind_socket { -%> export DOCKER_HOST="<%=$bind_socket%>" <%- } -%> ARGS="$@" # Extract the network namespace UUID from the command line args provided by # neutron. Typically of the form (with dnsmasq as an example): # # dnsmasq --no-hosts --no-resolv --except-interface=lo \ # --pid-file=/var/lib/neutron/dhcp/317716b8-919a-4a6f-8db1-78128ec3b100/pid \ # --dhcp-hostsfile=/var/lib/neutron/dhcp/317716b8-919a-4a6f-8db1-78128ec3b100/host ... NETNS=$(ip netns identify) NAME=neutron-keepalived-${NETNS} <%- if $container_cli == 'docker' { -%> CLI='docker exec --detach' CMD="ip netns exec ${NETNS} /usr/bin/neutron-keepalived-state-change exec" <%- } elsif $container_cli == 'podman' { -%> CLI="nsenter --net=/run/netns/${NETNS} --preserve-credentials -m -t 1 podman exec" CMD='/usr/bin/neutron-keepalived-state-change' <%- } else { -%> CLI='echo noop' CMD='echo noop' <%- } -%> # The state change daemon only runs as a daemon for the moment so we need to # run it within an existing container with a sensibly matching lifetime. The # related keepalived container seems an obvious choice. container_id=$($CLI ps --filter name=$NAME --format "{{.ID}}") if [[ -z $container_id ]]; then echo "WARNING: keepalived container is not running." exit 0 fi $CLI -u root \ --privileged \ $NAME \ $CMD $ARGS