Resolve feedback from PR#60

This commit addresses:

* Separating out stacked ovs daemonset into separate daemonsets.

* Fixes line ending issues.

* Enhances agents ovs pre-flight checks by using neutron-sanity-check.
This commit is contained in:
Alan Meadows 2017-01-05 13:27:39 -08:00
parent 584e820eca
commit 76086e2f2f
12 changed files with 239 additions and 184 deletions

View File

@ -2,6 +2,16 @@
set -x
chown neutron: /run/openvswitch/db.sock
# ensure we can talk to openvswitch or bail early
# this is until we can setup a proper dependency
# on deaemonsets - note that a show is not sufficient
# here, we need to communicate with both the db and vswitchd
# which means we need to do a create action
#
# see https://github.com/att-comdev/openstack-helm/issues/88
timeout 3m neutron-sanity-check --config-file /etc/neutron/neutron.conf --ovsdb_native --nokeepalived_ipv6_support
# determine local-ip dynamically based on interface provided but only if tunnel_types is not null
{{- if .Values.ml2.agent.tunnel_types }}
IP=$(ip a s {{ .Values.network.interface.tunnel | default .Values.network.interface.default}} | grep 'inet ' | awk '{print $2}' | awk -F "/" '{print $1}')

View File

@ -80,4 +80,4 @@ spec:
name: neutron-etc
- name: socket
hostPath:
path: /var/lib/neutron/openstack-helm
path: /var/lib/neutron/openstack-helm

View File

@ -1,166 +0,0 @@
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: neutron-openvswitch
spec:
template:
metadata:
labels:
app: neutron-openvswitch
spec:
nodeSelector:
{{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }}
securityContext:
runAsUser: 0
dnsPolicy: ClusterFirst
hostNetwork: true
containers:
- name: neutron-openvswitch-agent
image: {{ .Values.images.neutron_openvswitch_agent }}
imagePullPolicy: {{ .Values.images.pull_policy }}
securityContext:
privileged: true
# ensures this container can can see a br-int
# bridge before its marked as ready
readinessProbe:
exec:
command:
- bash
- -c
- 'ovs-vsctl list-br | grep -q br-int'
env:
- name: INTERFACE_NAME
value: {{ .Values.network.interface.openvswitch | default .Values.network.interface.default }}
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: COMMAND
value: "bash /tmp/neutron-openvswitch-agent.sh"
- name: DEPENDENCY_JOBS
value: "{{ include "joinListWithColon" .Values.dependencies.openvswitchagent.jobs }}"
- name: DEPENDENCY_SERVICE
value: "{{ include "joinListWithColon" .Values.dependencies.openvswitchagent.service }}"
- name: DEPENDENCY_CONTAINER
value: "{{ include "joinListWithColon" .Values.dependencies.openvswitchagent.container }}"
volumeMounts:
- name: neutronopenvswitchagentsh
mountPath: /tmp/neutron-openvswitch-agent.sh
subPath: neutron-openvswitch-agent.sh
- name: neutronconf
mountPath: /etc/neutron/neutron.conf
subPath: neutron.conf
- name: ml2confini
mountPath: /etc/neutron/plugins/ml2/ml2-conf.ini
subPath: ml2-conf.ini
- name: libmodules
mountPath: /lib/modules
readOnly: true
- name: run
mountPath: /run
- mountPath: /etc/resolv.conf
name: resolvconf
subPath: resolv.conf
- name: openvswitch-db-server
image: {{ .Values.images.openvswitch_db_server }}
imagePullPolicy: {{ .Values.images.pull_policy }}
securityContext:
privileged: true
env:
- name: INTERFACE_NAME
value: {{ .Values.network.interface.openvswitch | default .Values.network.interface.default }}
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: COMMAND
value: "bash /tmp/openvswitch-db-server.sh"
volumeMounts:
- name: openvswitchdbserversh
mountPath: /tmp/openvswitch-db-server.sh
subPath: openvswitch-db-server.sh
- mountPath: /etc/resolv.conf
name: resolvconf
subPath: resolv.conf
- name: varlibopenvswitch
mountPath: /var/lib/openvswitch/
- name: run
mountPath: /run
- name: openvswitch-vswitchd
image: {{ .Values.images.openvswitch_vswitchd }}
imagePullPolicy: {{ .Values.images.pull_policy }}
securityContext:
privileged: true
# ensures this container can speak to the ovs database
# successfully before its marked as ready
readinessProbe:
exec:
command:
- /usr/bin/ovs-vsctl
- show
env:
- name: INTERFACE_NAME
value: {{ .Values.network.interface.openvswitch | default .Values.network.interface.default }}
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: COMMAND
value: "bash /tmp/openvswitch-vswitchd.sh"
- name: DEPENDENCY_CONTAINER
value: "openvswitch-db-server"
volumeMounts:
- name: openvswitchvswitchdsh
mountPath: /tmp/openvswitch-vswitchd.sh
subPath: openvswitch-vswitchd.sh
- name: openvswitchensureconfiguredsh
mountPath: /tmp/openvswitch-ensure-configured.sh
subPath: openvswitch-ensure-configured.sh
- name: libmodules
mountPath: /lib/modules
readOnly: true
- name: run
mountPath: /run
volumes:
- name: openvswitchdbserversh
configMap:
name: neutron-bin
- name: openvswitchvswitchdsh
configMap:
name: neutron-bin
- name: openvswitchensureconfiguredsh
configMap:
name: neutron-bin
- name: varlibopenvswitch
emptyDir: {}
- name: neutronopenvswitchagentsh
configMap:
name: neutron-bin
- name: neutronconf
configMap:
name: neutron-etc
- name: ml2confini
configMap:
name: neutron-etc
- name: resolvconf
configMap:
name: neutron-etc
- name: libmodules
hostPath:
path: /lib/modules
- name: run
hostPath:
path: /run

View File

@ -0,0 +1,86 @@
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: ovs-agent
spec:
template:
metadata:
labels:
app: ovs-agent
spec:
nodeSelector:
{{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }}
securityContext:
runAsUser: 0
dnsPolicy: ClusterFirst
hostNetwork: true
containers:
- name: ovs-agent
image: {{ .Values.images.neutron_openvswitch_agent }}
imagePullPolicy: {{ .Values.images.pull_policy }}
securityContext:
privileged: true
# ensures this container can can see a br-int
# bridge before its marked as ready
readinessProbe:
exec:
command:
- bash
- -c
- 'ovs-vsctl list-br | grep -q br-int'
env:
- name: INTERFACE_NAME
value: {{ .Values.network.interface.openvswitch | default .Values.network.interface.default }}
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: COMMAND
value: "bash /tmp/neutron-openvswitch-agent.sh"
- name: DEPENDENCY_JOBS
value: "{{ include "joinListWithColon" .Values.dependencies.ovs_agent.jobs }}"
- name: DEPENDENCY_SERVICE
value: "{{ include "joinListWithColon" .Values.dependencies.ovs_agent.service }}"
volumeMounts:
- name: neutronopenvswitchagentsh
mountPath: /tmp/neutron-openvswitch-agent.sh
subPath: neutron-openvswitch-agent.sh
- name: neutronconf
mountPath: /etc/neutron/neutron.conf
subPath: neutron.conf
- name: ml2confini
mountPath: /etc/neutron/plugins/ml2/ml2-conf.ini
subPath: ml2-conf.ini
- name: libmodules
mountPath: /lib/modules
readOnly: true
- name: run
mountPath: /run
- mountPath: /etc/resolv.conf
name: resolvconf
subPath: resolv.conf
volumes:
- name: varlibopenvswitch
emptyDir: {}
- name: neutronopenvswitchagentsh
configMap:
name: neutron-bin
- name: neutronconf
configMap:
name: neutron-etc
- name: ml2confini
configMap:
name: neutron-etc
- name: resolvconf
configMap:
name: neutron-etc
- name: libmodules
hostPath:
path: /lib/modules
- name: run
hostPath:
path: /run

View File

@ -0,0 +1,61 @@
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: ovs-db
spec:
template:
metadata:
labels:
app: ovs-db
spec:
nodeSelector:
{{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }}
securityContext:
runAsUser: 0
dnsPolicy: ClusterFirst
hostNetwork: true
containers:
- name: ovs-db
image: {{ .Values.images.openvswitch_db_server }}
imagePullPolicy: {{ .Values.images.pull_policy }}
securityContext:
privileged: true
env:
- name: INTERFACE_NAME
value: {{ .Values.network.interface.openvswitch | default .Values.network.interface.default }}
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: COMMAND
value: "bash /tmp/openvswitch-db-server.sh"
volumeMounts:
- name: openvswitchdbserversh
mountPath: /tmp/openvswitch-db-server.sh
subPath: openvswitch-db-server.sh
- mountPath: /etc/resolv.conf
name: resolvconf
subPath: resolv.conf
- name: varlibopenvswitch
mountPath: /var/lib/openvswitch/
- name: run
mountPath: /run
volumes:
- name: openvswitchdbserversh
configMap:
name: neutron-bin
- name: varlibopenvswitch
emptyDir: {}
- name: resolvconf
configMap:
name: neutron-etc
- name: libmodules
hostPath:
path: /lib/modules
- name: run
hostPath:
path: /run

View File

@ -0,0 +1,67 @@
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: ovs-vswitchd
spec:
template:
metadata:
labels:
app: ovs-vswitchd
spec:
nodeSelector:
{{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }}
securityContext:
runAsUser: 0
dnsPolicy: ClusterFirst
hostNetwork: true
containers:
- name: ovs-vswitchd
image: {{ .Values.images.openvswitch_vswitchd }}
imagePullPolicy: {{ .Values.images.pull_policy }}
securityContext:
privileged: true
# ensures this container can speak to the ovs database
# successfully before its marked as ready
readinessProbe:
exec:
command:
- /usr/bin/ovs-vsctl
- show
env:
- name: INTERFACE_NAME
value: {{ .Values.network.interface.openvswitch | default .Values.network.interface.default }}
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: COMMAND
value: "bash /tmp/openvswitch-vswitchd.sh"
volumeMounts:
- name: openvswitchvswitchdsh
mountPath: /tmp/openvswitch-vswitchd.sh
subPath: openvswitch-vswitchd.sh
- name: openvswitchensureconfiguredsh
mountPath: /tmp/openvswitch-ensure-configured.sh
subPath: openvswitch-ensure-configured.sh
- name: libmodules
mountPath: /lib/modules
readOnly: true
- name: run
mountPath: /run
volumes:
- name: openvswitchvswitchdsh
configMap:
name: neutron-bin
- name: openvswitchensureconfiguredsh
configMap:
name: neutron-bin
- name: libmodules
hostPath:
path: /lib/modules
- name: run
hostPath:
path: /run

View File

@ -50,4 +50,4 @@ spec:
name: neutron-etc
- name: ml2confini
configMap:
name: neutron-etc
name: neutron-etc

View File

@ -1,4 +1,4 @@
[DEFAULT]
agent_mode = legacy
enable_metadata_proxy = True
enable_isolated_metadata = True
enable_isolated_metadata = True

View File

@ -28,4 +28,4 @@ metadata_port = {{ .Values.network.port.metadata }}
metadata_workers = {{ .Values.metadata.workers }}
# Caching
cache_url = memory://?default_ttl=5
cache_url = memory://?default_ttl=5

View File

@ -68,4 +68,4 @@ username = {{ .Values.keystone.neutron_user }}
password = {{ .Values.keystone.neutron_password }}
[oslo_messaging_notifications]
driver = noop
driver = noop

View File

@ -2,4 +2,4 @@ search {{ .Release.Namespace }}.svc.{{ .Values.network.dns.kubernetes_domain }}
{{- range .Values.network.dns.servers }}
nameserver {{ . | title }}
{{- end }}
options ndots:5
options ndots:5

View File

@ -7,16 +7,16 @@ replicas:
server: 1
images:
init: quay.io/stackanetes/stackanetes-kolla-toolbox:barcelona
db_sync: quay.io/stackanetes/stackanetes-neutron-server:barcelona
server: quay.io/stackanetes/stackanetes-neutron-server:barcelona
dhcp: quay.io/stackanetes/stackanetes-neutron-dhcp-agent:barcelona
metadata: quay.io/stackanetes/stackanetes-neutron-metadata-agent:barcelona
l3: quay.io/stackanetes/stackanetes-neutron-l3-agent:barcelona
neutron_openvswitch_agent: quay.io/stackanetes/stackanetes-neutron-openvswitch-agent:barcelona
init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
db_sync: quay.io/stackanetes/stackanetes-neutron-server:newton
server: quay.io/stackanetes/stackanetes-neutron-server:newton
dhcp: quay.io/stackanetes/stackanetes-neutron-dhcp-agent:newton
metadata: quay.io/stackanetes/stackanetes-neutron-metadata-agent:newton
l3: quay.io/stackanetes/stackanetes-neutron-l3-agent:newton
neutron_openvswitch_agent: quay.io/stackanetes/stackanetes-neutron-openvswitch-agent:newton
openvswitch_db_server: quay.io/attcomdev/openvswitch-vswitchd:latest
openvswitch_vswitchd: quay.io/attcomdev/openvswitch-vswitchd:latest
post: quay.io/stackanetes/stackanetes-kolla-toolbox:barcelona
post: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0
pull_policy: "IfNotPresent"
@ -159,7 +159,7 @@ dependencies:
- nova-api
daemonset:
- neutron-openvswitch
openvswitchagent:
ovs_agent:
jobs:
- neutron-post
- nova-post
@ -167,9 +167,6 @@ dependencies:
- keystone-api
- rabbitmq
- neutron-server
container:
- openvswitch-db-server
- openvswitch-vswitchd
l3:
jobs:
- nova-init