Merge "Update Neutron TaaS Rootwrap Filter"
This commit is contained in:
commit
e97655a80f
@ -16,7 +16,12 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
|
#NOTE: Please limit "besteffort" to dev env with mixed hardware computes only
|
||||||
|
# For prod env, the target nic should be there, if not, script should error out.
|
||||||
set -ex
|
set -ex
|
||||||
|
{{- if ( has "besteffort" .Values.conf.sriov_init ) }}
|
||||||
|
set +e
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
{{- range $k, $sriov := .Values.network.interface.sriov }}
|
{{- range $k, $sriov := .Values.network.interface.sriov }}
|
||||||
if [ "x{{ $sriov.num_vfs }}" != "x" ]; then
|
if [ "x{{ $sriov.num_vfs }}" != "x" ]; then
|
||||||
@ -37,18 +42,28 @@ else
|
|||||||
fi
|
fi
|
||||||
echo "${NUM_VFS}" > /sys/class/net/{{ $sriov.device }}/device/sriov_numvfs
|
echo "${NUM_VFS}" > /sys/class/net/{{ $sriov.device }}/device/sriov_numvfs
|
||||||
fi
|
fi
|
||||||
|
|
||||||
{{- if $sriov.mtu }}
|
{{- if $sriov.mtu }}
|
||||||
ip link set dev {{ $sriov.device }} mtu {{ $sriov.mtu }}
|
ip link set dev {{ $sriov.device }} mtu {{ $sriov.mtu }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
ip link set {{ $sriov.device }} up
|
ip link set {{ $sriov.device }} up
|
||||||
ip link show {{ $sriov.device }}
|
ip link show {{ $sriov.device }}
|
||||||
|
|
||||||
{{- if $sriov.promisc }}
|
{{- if $sriov.promisc }}
|
||||||
ip link set {{ $sriov.device }} promisc on
|
promisc_mode="on"
|
||||||
|
{{- else }}
|
||||||
|
promisc_mode="off"
|
||||||
|
{{- end }}
|
||||||
|
ip link set {{ $sriov.device }} promisc ${promisc_mode}
|
||||||
#NOTE(portdirect): get the bus that the port is on
|
#NOTE(portdirect): get the bus that the port is on
|
||||||
NIC_BUS=$(lshw -c network -businfo | awk '/{{ $sriov.device }}/ {print $1}')
|
NIC_BUS=$(lshw -c network -businfo | awk '/{{ $sriov.device }}/ {print $1}')
|
||||||
#NOTE(portdirect): get first port on the nic
|
#NOTE(portdirect): get first port on the nic
|
||||||
NIC_FIRST_PORT=$(lshw -c network -businfo | awk "/${NIC_BUS%%.*}/ { print \$2; exit }"
|
NIC_FIRST_PORT=$(lshw -c network -businfo | awk "/${NIC_BUS%%.*}/ { print \$2; exit }"
|
||||||
#NOTE(portdirect): Enable promisc mode on the nic, by setting it for the 1st port
|
#NOTE(portdirect): Enable promisc mode on the nic, by setting it for the 1st port
|
||||||
ethtool --set-priv-flags ${NIC_FIRST_PORT} vf-true-promisc-support on
|
ethtool --set-priv-flags ${NIC_FIRST_PORT} vf-true-promisc-support ${promisc_mode}
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{- if ( has "besteffort" .Values.conf.sriov_init ) }}
|
||||||
|
exit 0
|
||||||
|
{{ end }}
|
||||||
|
@ -1451,7 +1451,7 @@ conf:
|
|||||||
|
|
||||||
# This is needed to allow taas to insert/remove vlan id to the
|
# This is needed to allow taas to insert/remove vlan id to the
|
||||||
# target vf under /sys/class/net/[device-name]/device/sriov/[vf-index]/[mirror]
|
# target vf under /sys/class/net/[device-name]/device/sriov/[vf-index]/[mirror]
|
||||||
i40e_sysfs_command: RegExpFilter, /opt/i40e_sysfs_command, root, /opt/i40e_sysfs_command, \w+, .+, .+
|
i40e_sysfs_command: RegExpFilter, i40e_sysfs_command, root, i40e_sysfs_command, \w+, .+, .+
|
||||||
neutron:
|
neutron:
|
||||||
DEFAULT:
|
DEFAULT:
|
||||||
log_config_append: /etc/neutron/logging.conf
|
log_config_append: /etc/neutron/logging.conf
|
||||||
@ -1649,6 +1649,13 @@ conf:
|
|||||||
priority: 0
|
priority: 0
|
||||||
apply-to: all
|
apply-to: all
|
||||||
pattern: '(notifications)\.'
|
pattern: '(notifications)\.'
|
||||||
|
sriov_init:
|
||||||
|
-
|
||||||
|
## NOTE: "besteffort" is meant for dev env with mixed compute type only.
|
||||||
|
## This helps prevent sriov init script from failing due to mis-matched NIC
|
||||||
|
## For prod env, target NIC should match and init script should fail otherwise.
|
||||||
|
## sriov_init:
|
||||||
|
## - besteffort
|
||||||
|
|
||||||
# Names of secrets used by bootstrap and environmental checks
|
# Names of secrets used by bootstrap and environmental checks
|
||||||
secrets:
|
secrets:
|
||||||
|
Loading…
Reference in New Issue
Block a user