From 58964d6825492636405497567e0de968ea81f222 Mon Sep 17 00:00:00 2001
From: Jeffrey Zhang <zhang.lei.fly@gmail.com>
Date: Sat, 8 Jul 2017 13:58:46 +0800
Subject: [PATCH] Clear all l3 related namespace before starting
 neutron-l3-agent

Remove all l3 related namespaces in case of multiple active routers in
l3 high available mode. The root cause is that keepalived does not
remove the vip address from nic during starting.

neutron-vpnaas-agent is subclass of l3 agent, so should remove all l3
related namespace before starting vpnaas agent.

Closes-Bug: #1703078
Depends-On: Ic9417d2eb03e0dd93f7c668b189b4ad9c72eae0f
Change-Id: I05c1faf2551bb5e70c299e884adf58cd2af52739
---
 ansible/roles/neutron/handlers/main.yml       |  2 ++
 ansible/roles/neutron/tasks/config.yml        | 28 +++++++++++++++++++
 .../templates/neutron-l3-agent-wrapper.sh.j2  | 15 ++++++++++
 .../templates/neutron-l3-agent.json.j2        |  8 +++++-
 .../neutron-vpnaas-agent-wrapper.sh.j2        | 16 +++++++++++
 .../templates/neutron-vpnaas-agent.json.j2    |  8 +++++-
 6 files changed, 75 insertions(+), 2 deletions(-)
 create mode 100644 ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2
 create mode 100644 ansible/roles/neutron/templates/neutron-vpnaas-agent-wrapper.sh.j2

diff --git a/ansible/roles/neutron/handlers/main.yml b/ansible/roles/neutron/handlers/main.yml
index 58d77b0961..1cf0c7554c 100644
--- a/ansible/roles/neutron/handlers/main.yml
+++ b/ansible/roles/neutron/handlers/main.yml
@@ -210,6 +210,7 @@
       or neutron_l3_agent_ini | changed
       or neutron_fwaas_driver_ini | changed
       or policy_json | changed
+      or neutron_l3_agent_wrapper | changed
       or neutron_l3_agent_container | changed
 
 - name: Restart neutron-lbaas-agent container
@@ -290,6 +291,7 @@
       or neutron_fwaas_driver_ini | changed
       or neutron_vpnaas_agent_ini | changed
       or policy_json | changed
+      or neutron_vpnaas_agent_wrapper | changed
       or neutron_vpnaas_agent_container | changed
 
 - name: Restart neutron-bgp-dragent container
diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml
index bbb70b39f8..1e884dcbc5 100644
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@@ -310,6 +310,34 @@
   notify:
     - "Restart {{ item.key }} container"
 
+- name: Copy neutron-l3-agent-wrapper script
+  vars:
+    service_name: "neutron-l3-agent"
+    service: "{{ neutron_services[service_name] }}"
+  template:
+    src: neutron-l3-agent-wrapper.sh.j2
+    dest: "{{ node_config_directory }}/{{ service_name }}/neutron-l3-agent-wrapper.sh"
+  register: neutron_l3_agent_wrapper
+  when:
+    - service.enabled | bool
+    - service.host_in_groups | bool
+  notify:
+    - "Restart {{ service_name }} container"
+
+- name: Copy neutron-vpnaas-agent-wrapper script
+  vars:
+    service_name: "neutron-vpnaas-agent"
+    service: "{{ neutron_services[service_name] }}"
+  template:
+    src: neutron-vpnaas-agent-wrapper.sh.j2
+    dest: "{{ node_config_directory }}/{{ service_name }}/neutron-vpnaas-agent-wrapper.sh"
+  register: neutron_vpnaas_agent_wrapper
+  when:
+    - service.enabled | bool
+    - service.host_in_groups | bool
+  notify:
+    - "Restart {{ service_name }} container"
+
 # TODO check the environment change
 - name: Check neutron containers
   kolla_docker:
diff --git a/ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2 b/ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2
new file mode 100644
index 0000000000..2198ce0a99
--- /dev/null
+++ b/ansible/roles/neutron/templates/neutron-l3-agent-wrapper.sh.j2
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+set -o errexit
+
+# NOTE(jeffrey4l): Remove all l3 related netns in case of multiple active routers in l3 high available mode.
+neutron-netns-cleanup \
+        --config-file /etc/neutron/neutron.conf \
+        --config-file /etc/neutron/l3_agent.ini \
+        --config-file /etc/neutron/fwaas_driver.ini \
+        --force --agent-type l3
+
+neutron-l3-agent \
+        --config-file /etc/neutron/neutron.conf \
+        --config-file /etc/neutron/l3_agent.ini \
+        --config-file /etc/neutron/fwaas_driver.ini
diff --git a/ansible/roles/neutron/templates/neutron-l3-agent.json.j2 b/ansible/roles/neutron/templates/neutron-l3-agent.json.j2
index dc2ce84ece..271426b012 100644
--- a/ansible/roles/neutron/templates/neutron-l3-agent.json.j2
+++ b/ansible/roles/neutron/templates/neutron-l3-agent.json.j2
@@ -1,6 +1,12 @@
 {
-    "command": "neutron-l3-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --config-file /etc/neutron/fwaas_driver.ini",
+    "command": "/usr/local/bin/neutron-l3-agent-wrapper.sh",
     "config_files": [
+        {
+            "source": "{{ container_config_directory }}/neutron-l3-agent-wrapper.sh",
+            "dest": "/usr/local/bin/neutron-l3-agent-wrapper.sh",
+            "owner": "root",
+            "perm": "0755"
+        },
         {
             "source": "{{ container_config_directory }}/neutron.conf",
             "dest": "/etc/neutron/neutron.conf",
diff --git a/ansible/roles/neutron/templates/neutron-vpnaas-agent-wrapper.sh.j2 b/ansible/roles/neutron/templates/neutron-vpnaas-agent-wrapper.sh.j2
new file mode 100644
index 0000000000..23fe3dc67f
--- /dev/null
+++ b/ansible/roles/neutron/templates/neutron-vpnaas-agent-wrapper.sh.j2
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -o errexit
+
+# NOTE(jeffrey4l): Remove all l3 related netns in case of multiple active routers in l3 high available mode.
+neutron-netns-cleanup \
+        --config-file /etc/neutron/neutron.conf \
+        --config-file /etc/neutron/fwaas_driver.ini \
+        --config-file /etc/neutron/l3_agent.ini \
+        --force --agent-type l3
+
+neutron-vpn-agent \
+        --config-file /etc/neutron/neutron.conf \
+        --config-file /etc/neutron/fwaas_driver.ini \
+        --config-file /etc/neutron/l3_agent.ini \
+        --config-file /etc/neutron/vpnaas_agent.ini
diff --git a/ansible/roles/neutron/templates/neutron-vpnaas-agent.json.j2 b/ansible/roles/neutron/templates/neutron-vpnaas-agent.json.j2
index 95e776f353..fce4ecd8ae 100644
--- a/ansible/roles/neutron/templates/neutron-vpnaas-agent.json.j2
+++ b/ansible/roles/neutron/templates/neutron-vpnaas-agent.json.j2
@@ -1,6 +1,12 @@
 {
-    "command": "neutron-vpn-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/fwaas_driver.ini --config-file /etc/neutron/l3_agent.ini --config-file /etc/neutron/vpnaas_agent.ini",
+    "command": "/usr/local/bin/neutron-vpnaas-agent-wrapper.sh",
     "config_files": [
+        {
+            "source": "{{ container_config_directory }}/neutron-vpnaas-agent-wrapper.sh",
+            "dest": "/usr/local/bin/neutron-vpnaas-agent-wrapper.sh",
+            "owner": "root",
+            "perm": "0755"
+        },
         {
             "source": "{{ container_config_directory }}/neutron.conf",
             "dest": "/etc/neutron/neutron.conf",