From b1182ebfd862237f0caa60ca6719d0bbd5d91a3f Mon Sep 17 00:00:00 2001 From: Samuel Liu Date: Wed, 18 May 2022 10:59:09 +0800 Subject: [PATCH] Fix /run/xtables.lock may be a directory By default, hostPath does not specify type. Instead, it creates a directory. If the Neutron container starts earlier than CNI(Calico), Calico may fail. Change-Id: I56498a91461214bf591c7dfe6f9445ffe2e6d7d0 --- neutron/Chart.yaml | 2 +- neutron/templates/daemonset-dhcp-agent.yaml | 6 ++++++ neutron/templates/daemonset-l3-agent.yaml | 1 + neutron/templates/daemonset-netns-cleanup-cron.yaml | 1 + releasenotes/notes/neutron.yaml | 1 + 5 files changed, 10 insertions(+), 1 deletion(-) diff --git a/neutron/Chart.yaml b/neutron/Chart.yaml index 158110be2a..c1cd461481 100644 --- a/neutron/Chart.yaml +++ b/neutron/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Neutron name: neutron -version: 0.2.21 +version: 0.2.22 home: https://docs.openstack.org/neutron/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Neutron/OpenStack_Project_Neutron_vertical.png sources: diff --git a/neutron/templates/daemonset-dhcp-agent.yaml b/neutron/templates/daemonset-dhcp-agent.yaml index bc924e7e99..f2a5a8569f 100644 --- a/neutron/templates/daemonset-dhcp-agent.yaml +++ b/neutron/templates/daemonset-dhcp-agent.yaml @@ -235,6 +235,8 @@ spec: readOnly: true {{- end }} {{- end }} + - name: iptables-lockfile + mountPath: /run/xtables.lock - name: socket mountPath: /var/lib/neutron/openstack-helm {{- if .Values.network.share_namespaces }} @@ -257,6 +259,10 @@ spec: secret: secretName: {{ $configMapName }} defaultMode: 0444 + - name: iptables-lockfile + hostPath: + path: /run/xtables.lock + type: FileOrCreate - name: socket hostPath: path: /var/lib/neutron/openstack-helm diff --git a/neutron/templates/daemonset-l3-agent.yaml b/neutron/templates/daemonset-l3-agent.yaml index d70a6351e4..65cfe09332 100644 --- a/neutron/templates/daemonset-l3-agent.yaml +++ b/neutron/templates/daemonset-l3-agent.yaml @@ -265,6 +265,7 @@ spec: - name: iptables-lockfile hostPath: path: /run/xtables.lock + type: FileOrCreate - name: pod-shared emptyDir: {} - name: socket diff --git a/neutron/templates/daemonset-netns-cleanup-cron.yaml b/neutron/templates/daemonset-netns-cleanup-cron.yaml index 022e8f33f2..c512d17a80 100644 --- a/neutron/templates/daemonset-netns-cleanup-cron.yaml +++ b/neutron/templates/daemonset-netns-cleanup-cron.yaml @@ -158,6 +158,7 @@ spec: - name: iptables-lockfile hostPath: path: /run/xtables.lock + type: FileOrCreate - name: socket hostPath: path: /var/lib/neutron/openstack-helm diff --git a/releasenotes/notes/neutron.yaml b/releasenotes/notes/neutron.yaml index 452dd4f829..2a908eff7d 100644 --- a/releasenotes/notes/neutron.yaml +++ b/releasenotes/notes/neutron.yaml @@ -35,4 +35,5 @@ neutron: - 0.2.19 Added qdhcp NS host validation for deleting wrong namespaces. - 0.2.20 Add Xena and Yoga values overrides - 0.2.21 Fix for qdhcp NS host validation for deleting wrong namespaces. + - 0.2.22 Fix /run/xtables.lock may be a directory ...