Add shared volume for side-car wrapper locks

The lock used in the wrapper is under /var/lock in the container which is not shared with the host so the sync script never waits for the wrapper to be done. Moving the lock file to a path on a shared mount in the container seems to solve that particular race. Partial-bug: #1874470 Change-Id: Iaa3a19bc47241e6eb686d65c1a198ec69505398e Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
2020-04-27 15:11:21 +02:00 · 2020-04-27 15:11:21 +02:00 · 1517df0fc3
parent 5d1108d850
commit 1517df0fc3
3 changed files with 21 additions and 0 deletions
--- a/deployment/neutron/neutron-dhcp-container-puppet.yaml
+++ b/deployment/neutron/neutron-dhcp-container-puppet.yaml
@ -363,6 +363,7 @@ outputs:
                  - /var/lib/neutron:/var/lib/neutron:shared,z
                  - /run/netns:/run/netns:shared
                  - /var/lib/neutron/kill_scripts:/etc/neutron/kill_scripts:shared,z
+                  - /var/lock/containers:/var/lock:shared,z
                -
                  if:
                    - docker_enabled
@ -410,6 +411,12 @@ outputs:
                path: /var/lib/neutron
                state: directory
                setype: container_file_t
+          - - name: create /var/lock/containers
+              file:
+                path: /var/lock/containers
+                state: directory
+                mode: '0750'
+                setype: container_file_t
          - - name: enable virt_sandbox_use_netlink for healtcheck
              seboolean:
                name: virt_sandbox_use_netlink
--- a/deployment/neutron/neutron-l3-container-puppet.yaml
+++ b/deployment/neutron/neutron-l3-container-puppet.yaml
@ -306,6 +306,7 @@ outputs:
                  - /var/lib/neutron:/var/lib/neutron:shared,z
                  - /run/netns:/run/netns:shared
                  - /var/lib/neutron/kill_scripts:/etc/neutron/kill_scripts:shared,z
+                  - /var/lock/containers:/var/lock:shared,z
                -
                  if:
                    - docker_enabled
@ -351,6 +352,12 @@ outputs:
                path: /var/lib/neutron
                state: directory
                setype: container_file_t
+          - - name: create /var/lock/containers
+              file:
+                path: /var/lock/containers
+                state: directory
+                mode: '0750'
+                setype: container_file_t
          - - name: enable virt_sandbox_use_netlink for healtcheck
              seboolean:
                name: virt_sandbox_use_netlink
--- a/deployment/ovn/ovn-metadata-container-puppet.yaml
+++ b/deployment/ovn/ovn-metadata-container-puppet.yaml
@ -319,6 +319,7 @@ outputs:
                  - /var/lib/neutron:/var/lib/neutron:shared,z
                  - /run/netns:/run/netns:shared
                  - /var/lib/neutron/kill_scripts:/etc/neutron/kill_scripts:shared,z
+                  - /var/lock/containers:/var/lock:shared,z
                -
                  if:
                    - docker_enabled
@ -362,4 +363,10 @@ outputs:
                path: /var/lib/neutron
                state: directory
                setype: container_file_t
+          - - name: create /var/lock/containers
+              file:
+                path: /var/lock/containers
+                state: directory
+                mode: '0750'
+                setype: container_file_t
      upgrade_tasks: []