From 88e174bd905066760fdef3dfc145a7965367259c Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Thu, 27 Apr 2017 18:44:02 -0500 Subject: [PATCH] Neutron: Move container start commands to scripts. This PS moves the container start commands to scripts, which makes debugging and overriding of container launch params easier. Change-Id: If75087456e42a5214e428107ee5bd53778a1b822 --- .../templates/bin/_neutron-dhcp-agent.sh.tpl | 22 +++++++++ .../templates/bin/_neutron-l3-agent.sh.tpl | 22 +++++++++ .../bin/_neutron-metadata-agent.sh.tpl | 22 +++++++++ neutron/templates/bin/_neutron-server.sh.tpl | 20 ++++++++ neutron/templates/configmap-bin.yaml | 8 +++ neutron/templates/daemonset-dhcp-agent.yaml | 49 ++++++++++--------- neutron/templates/daemonset-l3-agent.yaml | 41 ++++++++-------- .../templates/daemonset-metadata-agent.yaml | 43 ++++++++-------- neutron/templates/daemonset-ovs-agent.yaml | 8 ++- neutron/templates/daemonset-ovs-db.yaml | 2 + neutron/templates/daemonset-ovs-vswitchd.yaml | 11 ++--- neutron/templates/deployment-server.yaml | 22 ++++++--- 12 files changed, 191 insertions(+), 79 deletions(-) create mode 100644 neutron/templates/bin/_neutron-dhcp-agent.sh.tpl create mode 100644 neutron/templates/bin/_neutron-l3-agent.sh.tpl create mode 100644 neutron/templates/bin/_neutron-metadata-agent.sh.tpl create mode 100644 neutron/templates/bin/_neutron-server.sh.tpl diff --git a/neutron/templates/bin/_neutron-dhcp-agent.sh.tpl b/neutron/templates/bin/_neutron-dhcp-agent.sh.tpl new file mode 100644 index 0000000000..6917d77545 --- /dev/null +++ b/neutron/templates/bin/_neutron-dhcp-agent.sh.tpl @@ -0,0 +1,22 @@ +#!/bin/bash + +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -x +exec neutron-dhcp-agent \ + --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/dhcp_agent.ini \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ + --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini diff --git a/neutron/templates/bin/_neutron-l3-agent.sh.tpl b/neutron/templates/bin/_neutron-l3-agent.sh.tpl new file mode 100644 index 0000000000..2a303c0a40 --- /dev/null +++ b/neutron/templates/bin/_neutron-l3-agent.sh.tpl @@ -0,0 +1,22 @@ +#!/bin/bash + +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -x +exec neutron-l3-agent \ + --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/l3_agent.ini \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ + --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini diff --git a/neutron/templates/bin/_neutron-metadata-agent.sh.tpl b/neutron/templates/bin/_neutron-metadata-agent.sh.tpl new file mode 100644 index 0000000000..62f27a4e72 --- /dev/null +++ b/neutron/templates/bin/_neutron-metadata-agent.sh.tpl @@ -0,0 +1,22 @@ +#!/bin/bash + +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -x +exec neutron-metadata-agent \ + --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/metadata_agent.ini \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ + --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini diff --git a/neutron/templates/bin/_neutron-server.sh.tpl b/neutron/templates/bin/_neutron-server.sh.tpl new file mode 100644 index 0000000000..0ab1ef5de3 --- /dev/null +++ b/neutron/templates/bin/_neutron-server.sh.tpl @@ -0,0 +1,20 @@ +#!/bin/bash + +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -x +exec neutron-server \ + --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini diff --git a/neutron/templates/configmap-bin.yaml b/neutron/templates/configmap-bin.yaml index 1794ba0aaa..4e151dfc16 100644 --- a/neutron/templates/configmap-bin.yaml +++ b/neutron/templates/configmap-bin.yaml @@ -27,8 +27,16 @@ data: {{- include "helm-toolkit.keystone_endpoints" . | indent 4 }} ks-user.sh: |+ {{- include "helm-toolkit.keystone_user" . | indent 4 }} + neutron-dhcp-agent.sh: |+ +{{ tuple "bin/_neutron-dhcp-agent.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} + neutron-l3-agent.sh: |+ +{{ tuple "bin/_neutron-l3-agent.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} + neutron-metadata-agent.sh: |+ +{{ tuple "bin/_neutron-metadata-agent.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} neutron-openvswitch-agent.sh: |+ {{ tuple "bin/_neutron-openvswitch-agent.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} + neutron-server.sh: |+ +{{ tuple "bin/_neutron-server.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} openvswitch-db-server.sh: |+ {{ tuple "bin/_openvswitch-db-server.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} openvswitch-ensure-configured.sh: |+ diff --git a/neutron/templates/daemonset-dhcp-agent.yaml b/neutron/templates/daemonset-dhcp-agent.yaml index b5ae10c53b..998a7f9023 100644 --- a/neutron/templates/daemonset-dhcp-agent.yaml +++ b/neutron/templates/daemonset-dhcp-agent.yaml @@ -52,50 +52,51 @@ spec: securityContext: privileged: true command: - - neutron-dhcp-agent - - --config-file - - /etc/neutron/neutron.conf - - --config-file - - /etc/neutron/dhcp_agent.ini + - bash + - /tmp/neutron-dhcp-agent.sh volumeMounts: - - name: neutronconf + - name: neutron-bin + mountPath: /tmp/neutron-dhcp-agent.sh + subPath: neutron-dhcp-agent.sh + readOnly: true + - name: neutron-etc mountPath: /etc/neutron/neutron.conf subPath: neutron.conf - - name: ml2confini + readOnly: true + - name: neutron-etc mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini subPath: ml2_conf.ini - - name: dhcpagentini + readOnly: true + - name: neutron-etc + mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini + subPath: openvswitch_agent.ini + readOnly: true + - name: neutron-etc mountPath: /etc/neutron/dhcp_agent.ini subPath: dhcp_agent.ini - - name: dnsmasqconf + readOnly: true + - name: neutron-etc mountPath: /etc/neutron/dnsmasq.conf subPath: dnsmasq.conf + readOnly: true + - name: neutron-etc + mountPath: /etc/resolv.conf + subPath: resolv.conf + readOnly: true - name: runopenvswitch mountPath: /run/openvswitch - name: socket mountPath: /var/lib/neutron/openstack-helm - - name: resolvconf - mountPath: /etc/resolv.conf - subPath: resolv.conf volumes: - - name: neutronconf + - name: neutron-bin configMap: - name: neutron-etc - - name: ml2confini - configMap: - name: neutron-etc - - name: dhcpagentini - configMap: - name: neutron-etc - - name: dnsmasqconf + name: neutron-bin + - name: neutron-etc configMap: name: neutron-etc - name: runopenvswitch hostPath: path: /run/openvswitch - - name: resolvconf - configMap: - name: neutron-etc - name: socket hostPath: path: /var/lib/neutron/openstack-helm diff --git a/neutron/templates/daemonset-l3-agent.yaml b/neutron/templates/daemonset-l3-agent.yaml index eb28994341..3f348894c6 100644 --- a/neutron/templates/daemonset-l3-agent.yaml +++ b/neutron/templates/daemonset-l3-agent.yaml @@ -52,41 +52,42 @@ spec: securityContext: privileged: true command: - - neutron-l3-agent - - --config-file - - /etc/neutron/neutron.conf - - --config-file - - /etc/neutron/l3_agent.ini - - --config-file - - /etc/neutron/plugins/ml2/ml2_conf.ini + - bash + - /tmp/neutron-l3-agent.sh volumeMounts: - - name: neutronconf + - name: neutron-bin + mountPath: /tmp/neutron-l3-agent.sh + subPath: neutron-l3-agent.sh + readOnly: true + - name: neutron-etc mountPath: /etc/neutron/neutron.conf subPath: neutron.conf - - name: ml2confini + readOnly: true + - name: neutron-etc mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini subPath: ml2_conf.ini - - name: l3agentini + readOnly: true + - name: neutron-etc + mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini + subPath: openvswitch_agent.ini + readOnly: true + - name: neutron-etc mountPath: /etc/neutron/l3_agent.ini subPath: l3_agent.ini - - name: resolvconf + readOnly: true + - name: neutron-etc mountPath: /etc/resolv.conf subPath: resolv.conf + readOnly: true - name: runopenvswitch mountPath: /run/openvswitch - name: socket mountPath: /var/lib/neutron/stackanetes volumes: - - name: neutronconf + - name: neutron-bin configMap: - name: neutron-etc - - name: ml2confini - configMap: - name: neutron-etc - - name: resolvconf - configMap: - name: neutron-etc - - name: l3agentini + name: neutron-bin + - name: neutron-etc configMap: name: neutron-etc - name: runopenvswitch diff --git a/neutron/templates/daemonset-metadata-agent.yaml b/neutron/templates/daemonset-metadata-agent.yaml index 07307d3b52..ffac6a7478 100644 --- a/neutron/templates/daemonset-metadata-agent.yaml +++ b/neutron/templates/daemonset-metadata-agent.yaml @@ -51,42 +51,45 @@ spec: {{- end }} securityContext: privileged: true - command: - - neutron-metadata-agent - - --config-file - - /etc/neutron/neutron.conf - - --config-file - - /etc/neutron/metadata_agent.ini ports: - - containerPort: {{ .Values.network.metadata.port }} + - containerPort: {{ .Values.network.metadata.port }} + command: + - bash + - /tmp/neutron-metadata-agent.sh volumeMounts: - - name: neutronconf + - name: neutron-bin + mountPath: /tmp/neutron-metadata-agent.sh + subPath: neutron-metadata-agent.sh + readOnly: true + - name: neutron-etc mountPath: /etc/neutron/neutron.conf subPath: neutron.conf - - name: ml2confini + readOnly: true + - name: neutron-etc mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini subPath: ml2_conf.ini - - name: metadataagentini + readOnly: true + - name: neutron-etc + mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini + subPath: openvswitch_agent.ini + readOnly: true + - name: neutron-etc mountPath: /etc/neutron/metadata_agent.ini subPath: metadata_agent.ini - - name: resolvconf + readOnly: true + - name: neutron-etc mountPath: /etc/resolv.conf subPath: resolv.conf + readOnly: true - name: runopenvswitch mountPath: /run/openvswitch - name: socket mountPath: /var/lib/neutron/stackanetes volumes: - - name: neutronconf + - name: neutron-bin configMap: - name: neutron-etc - - name: ml2confini - configMap: - name: neutron-etc - - name: metadataagentini - configMap: - name: neutron-etc - - name: resolvconf + name: neutron-bin + - name: neutron-etc configMap: name: neutron-etc - name: runopenvswitch diff --git a/neutron/templates/daemonset-ovs-agent.yaml b/neutron/templates/daemonset-ovs-agent.yaml index 13409bf373..8b8e007f86 100644 --- a/neutron/templates/daemonset-ovs-agent.yaml +++ b/neutron/templates/daemonset-ovs-agent.yaml @@ -63,18 +63,22 @@ spec: - -c - 'ovs-vsctl list-br | grep -q br-int' volumeMounts: - - name: neutronopenvswitchagentsh + - name: neutron-bin mountPath: /tmp/neutron-openvswitch-agent.sh subPath: neutron-openvswitch-agent.sh + readOnly: true - name: neutron-etc mountPath: /etc/neutron/neutron.conf subPath: neutron.conf + readOnly: true - name: neutron-etc mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini subPath: ml2_conf.ini + readOnly: true - name: neutron-etc mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini subPath: openvswitch_agent.ini + readOnly: true - name: libmodules mountPath: /lib/modules readOnly: true @@ -86,7 +90,7 @@ spec: volumes: - name: varlibopenvswitch emptyDir: {} - - name: neutronopenvswitchagentsh + - name: neutron-bin configMap: name: neutron-bin - name: neutron-etc diff --git a/neutron/templates/daemonset-ovs-db.yaml b/neutron/templates/daemonset-ovs-db.yaml index 635d783f91..4dbb261468 100644 --- a/neutron/templates/daemonset-ovs-db.yaml +++ b/neutron/templates/daemonset-ovs-db.yaml @@ -53,9 +53,11 @@ spec: - name: openvswitchdbserversh mountPath: /tmp/openvswitch-db-server.sh subPath: openvswitch-db-server.sh + readOnly: true - mountPath: /etc/resolv.conf name: resolvconf subPath: resolv.conf + readOnly: true - name: varlibopenvswitch mountPath: /var/lib/openvswitch/ - name: run diff --git a/neutron/templates/daemonset-ovs-vswitchd.yaml b/neutron/templates/daemonset-ovs-vswitchd.yaml index 153e64d046..07730573e3 100644 --- a/neutron/templates/daemonset-ovs-vswitchd.yaml +++ b/neutron/templates/daemonset-ovs-vswitchd.yaml @@ -57,22 +57,21 @@ spec: - bash - /tmp/openvswitch-vswitchd.sh volumeMounts: - - name: openvswitchvswitchdsh + - name: neutron-bin mountPath: /tmp/openvswitch-vswitchd.sh subPath: openvswitch-vswitchd.sh - - name: openvswitchensureconfiguredsh + readOnly: true + - name: neutron-bin mountPath: /tmp/openvswitch-ensure-configured.sh subPath: openvswitch-ensure-configured.sh + readOnly: true - name: libmodules mountPath: /lib/modules readOnly: true - name: run mountPath: /run volumes: - - name: openvswitchvswitchdsh - configMap: - name: neutron-bin - - name: openvswitchensureconfiguredsh + - name: neutron-bin configMap: name: neutron-bin - name: libmodules diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml index fd81cb9e19..ab973814b7 100644 --- a/neutron/templates/deployment-server.yaml +++ b/neutron/templates/deployment-server.yaml @@ -45,12 +45,6 @@ spec: - name: neutron-server image: {{ .Values.images.server }} imagePullPolicy: {{ .Values.images.pull_policy }} - command: - - neutron-server - - --config-file - - /etc/neutron/neutron.conf - - --config-file - - /etc/neutron/plugins/ml2/ml2_conf.ini {{- if .Values.resources.enabled }} resources: limits: @@ -61,24 +55,38 @@ spec: memory: {{ .Values.resources.server.requests.memory | quote }} {{- end }} ports: - - containerPort: {{ .Values.network.server.port }} + - containerPort: {{ .Values.network.server.port }} readinessProbe: tcpSocket: port: {{ .Values.network.server.port }} + command: + - bash + - /tmp/neutron-server.sh volumeMounts: + - name: neutron-bin + mountPath: /tmp/neutron-server.sh + subPath: neutron-server.sh + readOnly: true - name: neutron-etc mountPath: /etc/neutron/neutron.conf subPath: neutron.conf + readOnly: true - name: neutron-etc mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini subPath: ml2_conf.ini + readOnly: true - name: neutron-etc mountPath: /etc/neutron/api-paste.ini subPath: api-paste.ini + readOnly: true - name: neutron-etc mountPath: /etc/neutron/policy.json subPath: policy.json + readOnly: true volumes: + - name: neutron-bin + configMap: + name: neutron-bin - name: neutron-etc configMap: name: neutron-etc