openstack/openstack-helm
Code Issues Proposed changes

Neutron: Enable sharing of network namespaces with host

Browse Source 
This PS enables sharing of network namespaces with the host,
allowing for hitless upgrades of agents, and much simpler debugging.

It does however require mount propogation to be enabled in kubernetes
which is a alpha gated feature introduced in 1.8, and enabled by default
as a beta feature in 1.10.

Depends-On: I7a37f45ff6061b144c6f04233712cd84fccb3e83
Change-Id: I2a191a343fe637cbfd9e4af5277f9784af736dd1
This commit is contained in:
Pete Birley 2018-04-19 22:34:20 -05:00
parent 5b9f231788
commit 5bb772cf50
4 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
neutron/templates/daemonset-dhcp-agent.yaml
View File

@ -113,6 +113,11 @@ spec:
{{- end }}
- name: socket
mountPath: /var/lib/neutron/openstack-helm
{{- if .Values.network.share_namespaces }}
- name: host-run-netns
mountPath: /run/netns
mountPropagation: Bidirectional
{{- end }}
{{ if $mounts_neutron_dhcp_agent.volumeMounts }}{{ toYaml $mounts_neutron_dhcp_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: neutron-bin
@ -131,6 +136,11 @@ spec:
- name: socket
hostPath:
path: /var/lib/neutron/openstack-helm
{{- if .Values.network.share_namespaces }}
- name: host-run-netns
hostPath:
path: /run/netns
{{- end }}
{{ if $mounts_neutron_dhcp_agent.volumes }}{{ toYaml $mounts_neutron_dhcp_agent.volumes | indent 8 }}{{ end }}
{{- end }}
{{- end }}

10
neutron/templates/daemonset-l3-agent.yaml
View File

@ -112,6 +112,11 @@ spec:
readOnly: true
- name: socket
mountPath: /var/lib/neutron/openstack-helm
{{- if .Values.network.share_namespaces }}
- name: host-run-netns
mountPath: /run/netns
mountPropagation: Bidirectional
{{- end }}
{{ if $mounts_neutron_l3_agent.volumeMounts }}{{ toYaml $mounts_neutron_l3_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: neutron-bin
@ -133,6 +138,11 @@ spec:
- name: socket
hostPath:
path: /var/lib/neutron/openstack-helm
{{- if .Values.network.share_namespaces }}
- name: host-run-netns
hostPath:
path: /run/netns
{{- end }}
{{ if $mounts_neutron_l3_agent.volumes }}{{ toYaml $mounts_neutron_l3_agent.volumes | indent 8 }}{{ end }}
{{- end }}
{{- end }}

10
neutron/templates/daemonset-metadata-agent.yaml
View File

@ -127,6 +127,11 @@ spec:
{{- end }}
- name: socket
mountPath: /var/lib/neutron/openstack-helm
{{- if .Values.network.share_namespaces }}
- name: host-run-netns
mountPath: /run/netns
mountPropagation: Bidirectional
{{- end }}
{{ if $mounts_neutron_metadata_agent.volumeMounts }}{{ toYaml $mounts_neutron_metadata_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: neutron-bin
@ -145,6 +150,11 @@ spec:
- name: socket
hostPath:
path: /var/lib/neutron/openstack-helm
{{- if .Values.network.share_namespaces }}
- name: host-run-netns
hostPath:
path: /run/netns
{{- end }}
{{ if $mounts_neutron_metadata_agent.volumes }}{{ toYaml $mounts_neutron_metadata_agent.volumes | indent 8 }}{{ end }}
{{- end }}
{{- end }}

4
neutron/values.yaml
View File

@ -80,6 +80,10 @@ network:
# possible options: openvswitch, linuxbridge, sriov
backend:
- openvswitch
# NOTE(Portdirect): Share network namespaces with the host,
# allowing agents to be restarted without packet loss and simpler
# debugging. This feature requires mount propagation support.
share_namespaces: true
external_bridge: br-ex
ip_address: 0.0.0.0
interface: