Merge "Add functionality to specify FQDN"

2020-01-10 00:27:02 +00:00 · 2020-01-10 00:27:02 +00:00 · ff094ff354
commit ff094ff354
parent acb88399fc def68865a2
23 changed files with 307 additions and 21 deletions
--- a/neutron/templates/bin/_health-probe.py.tpl
+++ b/neutron/templates/bin/_health-probe.py.tpl
@ -54,11 +54,18 @@ tcp_established = "ESTABLISHED"
 log.logging.basicConfig(level=log.ERROR)


+def _get_hostname(use_fqdn):
+    if use_fqdn:
+        return socket.getfqdn()
+    return socket.gethostname()
+
 def check_agent_status(transport):
    """Verify agent status. Return success if agent consumes message"""
    try:
-        target = oslo_messaging.Target(topic=cfg.CONF.agent_queue_name,
-                                       server=socket.gethostname())
+        use_fqdn = cfg.CONF.use_fqdn
+        target = oslo_messaging.Target(
+            topic=cfg.CONF.agent_queue_name,
+            server=_get_hostname(use_fqdn))
        client = oslo_messaging.RPCClient(transport, target,
                                          timeout=60,
                                          retry=2)
@ -199,6 +206,8 @@ def test_socket_liveness():
    """Test if agent can respond to message over the socket"""
    cfg.CONF.register_cli_opt(cfg.BoolOpt('liveness-probe', default=False,
                                          required=False))
+    cfg.CONF.register_cli_opt(cfg.BoolOpt('use-fqdn', default=False,
+                                          required=False))
    cfg.CONF(sys.argv[1:])

    agentq = "metadata_agent"
@ -253,6 +262,8 @@ def test_rpc_liveness():
    cfg.CONF.register_cli_opt(cfg.StrOpt('agent-queue-name'))
    cfg.CONF.register_cli_opt(cfg.BoolOpt('liveness-probe', default=False,
                                          required=False))
+    cfg.CONF.register_cli_opt(cfg.BoolOpt('use-fqdn', default=False,
+                                          required=False))

    cfg.CONF(sys.argv[1:])

--- a/neutron/templates/bin/_neutron-dhcp-agent-init.sh.tpl
+++ b/neutron/templates/bin/_neutron-dhcp-agent-init.sh.tpl
@ -0,0 +1,27 @@
+#!/bin/bash
+
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+set -ex
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
--- a/neutron/templates/bin/_neutron-dhcp-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-dhcp-agent.sh.tpl
@ -21,7 +21,10 @@ exec neutron-dhcp-agent \
      --config-file /etc/neutron/neutron.conf \
      --config-file /etc/neutron/dhcp_agent.ini \
      --config-file /etc/neutron/metadata_agent.ini \
-      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
-{{- if ( has "openvswitch" .Values.network.backend ) }} \
-      --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+  --config-file /tmp/pod-shared/neutron-agent.ini \
 {{- end }}
+{{- if ( has "openvswitch" .Values.network.backend ) }}
+      --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini \
+{{- end }}
+      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
--- a/neutron/templates/bin/_neutron-ironic-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-ironic-agent.sh.tpl
@ -22,6 +22,9 @@ COMMAND="${@:-start}"
 function start () {
  exec ironic-neutron-agent \
        --config-file /etc/neutron/neutron.conf \
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+  --config-file /tmp/pod-shared/neutron-agent.ini \
+{{- end }}
        --config-file /etc/neutron/plugins/ml2/ml2_conf.ini

 function stop () {
--- a/neutron/templates/bin/_neutron-l2gw-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-l2gw-agent.sh.tpl
@ -19,4 +19,7 @@ limitations under the License.
 set -x
 exec neutron-l2gateway-agent \
      --config-file=/etc/neutron/neutron.conf \
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+  --config-file /tmp/pod-shared/neutron-agent.ini \
+{{- end }}
      --config-file=/etc/neutron/l2gw_agent.ini
--- a/neutron/templates/bin/_neutron-l3-agent-init.sh.tpl
+++ b/neutron/templates/bin/_neutron-l3-agent-init.sh.tpl
@ -0,0 +1,27 @@
+#!/bin/bash
+
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+set -ex
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
--- a/neutron/templates/bin/_neutron-l3-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-l3-agent.sh.tpl
@ -17,11 +17,15 @@ limitations under the License.
 */}}

 set -x
+
 exec neutron-l3-agent \
      --config-file /etc/neutron/neutron.conf \
      --config-file /etc/neutron/l3_agent.ini \
      --config-file /etc/neutron/metadata_agent.ini \
-      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
-{{- if ( has "openvswitch" .Values.network.backend ) }} \
-      --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+  --config-file /tmp/pod-shared/neutron-agent.ini \
 {{- end }}
+{{- if ( has "openvswitch" .Values.network.backend ) }}
+      --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini \
+{{- end }}
+      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
--- a/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl
+++ b/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl
@ -58,3 +58,11 @@ tee > /tmp/pod-shared/ml2-local-ip.ini << EOF
 [vxlan]
 local_ip = "${LOCAL_IP}"
 EOF
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
--- a/neutron/templates/bin/_neutron-linuxbridge-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-linuxbridge-agent.sh.tpl
@ -22,4 +22,7 @@ exec neutron-linuxbridge-agent \
  --config-file /etc/neutron/neutron.conf \
  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
  --config-file /tmp/pod-shared/ml2-local-ip.ini \
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+  --config-file /tmp/pod-shared/neutron-agent.ini \
+{{- end }}
  --config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini
--- a/neutron/templates/bin/_neutron-metadata-agent-init.sh.tpl
+++ b/neutron/templates/bin/_neutron-metadata-agent-init.sh.tpl
@ -19,3 +19,11 @@ limitations under the License.
 set -ex

 chown ${NEUTRON_USER_UID} /var/lib/neutron/openstack-helm
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
--- a/neutron/templates/bin/_neutron-metadata-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-metadata-agent.sh.tpl
@ -20,7 +20,10 @@ set -x
 exec neutron-metadata-agent \
      --config-file /etc/neutron/neutron.conf \
      --config-file /etc/neutron/metadata_agent.ini \
-      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
-{{- if ( has "openvswitch" .Values.network.backend ) }} \
-      --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+  --config-file /tmp/pod-shared/neutron-agent.ini \
 {{- end }}
+{{- if ( has "openvswitch" .Values.network.backend ) }}
+      --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini \
+{{- end }}
+      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
--- a/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
+++ b/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
@ -402,3 +402,11 @@ tee > /tmp/pod-shared/ml2-local-ip.ini << EOF
 local_ip = "${LOCAL_IP}"
 EOF
 fi
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
--- a/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl
@ -20,11 +20,14 @@ set -ex

 exec neutron-openvswitch-agent \
  --config-file /etc/neutron/neutron.conf \
-  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
-{{- if .Values.conf.plugins.openvswitch_agent.agent.tunnel_types }} \
-  --config-file /tmp/pod-shared/ml2-local-ip.ini
-{{- end }} \
-  --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
-{{- if .Values.conf.plugins.taas.taas.enabled }} \
-  --config-file /etc/neutron/plugins/ml2/taas.ini
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+  --config-file /tmp/pod-shared/neutron-agent.ini \
 {{- end }}
+{{- if .Values.conf.plugins.openvswitch_agent.agent.tunnel_types }}
+  --config-file /tmp/pod-shared/ml2-local-ip.ini \
+{{- end }}
+{{- if .Values.conf.plugins.taas.taas.enabled }}
+  --config-file /etc/neutron/plugins/ml2/taas.ini \
+{{- end }}
+  --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini \
+  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
--- a/neutron/templates/bin/_neutron-sriov-agent-init.sh.tpl
+++ b/neutron/templates/bin/_neutron-sriov-agent-init.sh.tpl
@ -67,3 +67,11 @@ ethtool --set-priv-flags ${NIC_FIRST_PORT} vf-true-promisc-support ${promisc_mod
 {{- if ( has "besteffort" .Values.conf.sriov_init ) }}
 exit 0
 {{ end }}
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
--- a/neutron/templates/bin/_neutron-sriov-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-sriov-agent.sh.tpl
@ -21,7 +21,10 @@ set -ex
 exec neutron-sriov-nic-agent \
  --config-file /etc/neutron/neutron.conf \
  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
-  --config-file /etc/neutron/plugins/ml2/sriov_agent.ini
-{{- if .Values.conf.plugins.taas.taas.enabled }} \
-  --config-file /etc/neutron/plugins/ml2/taas.ini
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+  --config-file /tmp/pod-shared/neutron-agent.ini \
 {{- end }}
+{{- if .Values.conf.plugins.taas.taas.enabled }}
+  --config-file /etc/neutron/plugins/ml2/taas.ini \
+{{- end }}
+  --config-file /etc/neutron/plugins/ml2/sriov_agent.ini
--- a/neutron/templates/configmap-bin.yaml
+++ b/neutron/templates/configmap-bin.yaml
@ -49,8 +49,12 @@ data:
 {{ tuple "bin/_health-probe.py.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
  neutron-dhcp-agent.sh: |
 {{ tuple "bin/_neutron-dhcp-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+  neutron-dhcp-agent-init.sh: |
+{{ tuple "bin/_neutron-dhcp-agent-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
  neutron-l3-agent.sh: |
 {{ tuple "bin/_neutron-l3-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+  neutron-l3-agent-init.sh: |
+{{ tuple "bin/_neutron-l3-agent-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
  neutron-linuxbridge-agent.sh: |
 {{ tuple "bin/_neutron-linuxbridge-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
  neutron-linuxbridge-agent-init.sh: |
--- a/neutron/templates/daemonset-dhcp-agent.yaml
+++ b/neutron/templates/daemonset-dhcp-agent.yaml
@ -25,6 +25,9 @@ exec:
    - /etc/neutron/dhcp_agent.ini
    - --agent-queue-name
    - dhcp_agent
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+    - --use-fqdn
+{{- end }}
 {{- end }}
 {{- define "dhcpAgentLivenessProbeTemplate" }}
 exec:
@ -37,6 +40,9 @@ exec:
    - /etc/neutron/dhcp_agent.ini
    - --agent-queue-name
    - dhcp_agent
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+    - --use-fqdn
+{{- end }}
 {{- end }}

 {{- define "neutron.dhcp_agent.daemonset" }}
@ -85,6 +91,66 @@ spec:
      {{- end }}
      initContainers:
 {{ tuple $envAll "pod_dependency" $mounts_neutron_dhcp_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+        - name: neutron-dhcp-agent-init
+{{ tuple $envAll "neutron_dhcp" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.agent.dhcp | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" $envAll "application" "neutron_dhcp_agent" "container" "neutron_dhcp_agent_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+          command:
+            - /tmp/neutron-dhcp-agent-init.sh
+          volumeMounts:
+            - name: pod-tmp
+              mountPath: /tmp
+            - name: pod-shared
+              mountPath: /tmp/pod-shared
+            - name: neutron-bin
+              mountPath: /tmp/neutron-dhcp-agent-init.sh
+              subPath: neutron-dhcp-agent-init.sh
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /etc/neutron/neutron.conf
+              subPath: neutron.conf
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /etc/neutron/dhcp_agent.ini
+              subPath: dhcp_agent.ini
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /etc/neutron/metadata_agent.ini
+              subPath: metadata_agent.ini
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
+              subPath: ml2_conf.ini
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
+              subPath: openvswitch_agent.ini
+              readOnly: true
+            - name: neutron-etc
+              # NOTE (Portdirect): We mount here to override Kollas
+              # custom sudoers file when using Kolla images, this
+              # location will also work fine for other images.
+              mountPath: /etc/sudoers.d/kolla_neutron_sudoers
+              subPath: neutron_sudoers
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /tmp/auto_bridge_add
+              subPath: auto_bridge_add
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /etc/neutron/rootwrap.conf
+              subPath: rootwrap.conf
+              readOnly: true
+            {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
+            {{- if ( has "dhcp_agent" $value.pods ) }}
+            {{- $filePrefix := replace "_" "-"  $key }}
+            {{- $rootwrapFile := printf "/etc/neutron/rootwrap.d/%s.filters" $filePrefix }}
+            - name: neutron-etc
+              mountPath: {{ $rootwrapFile }}
+              subPath: {{ base $rootwrapFile }}
+              readOnly: true
+            {{- end }}
+            {{- end }}
      containers:
        - name: neutron-dhcp-agent
 {{ tuple $envAll "neutron_dhcp" | include "helm-toolkit.snippets.image" | indent 10 }}
@ -97,6 +163,8 @@ spec:
          volumeMounts:
            - name: pod-tmp
              mountPath: /tmp
+            - name: pod-shared
+              mountPath: /tmp/pod-shared
            - name: pod-var-neutron
              mountPath: {{ .Values.conf.neutron.DEFAULT.state_path }}
            - name: neutron-bin
@ -184,6 +252,8 @@ spec:
        - name: socket
          hostPath:
            path: /var/lib/neutron/openstack-helm
+        - name: pod-shared
+          emptyDir: {}
        {{- if .Values.network.share_namespaces }}
        - name: host-run-netns
          hostPath:
--- a/neutron/templates/daemonset-l2gw-agent.yaml
+++ b/neutron/templates/daemonset-l2gw-agent.yaml
@ -77,6 +77,9 @@ spec:
                - /etc/neutron/l2gw_agent.ini
                - --agent-queue-name
                - l2gateway_agent
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+                - --use-fqdn
+{{- end }}
            initialDelaySeconds: 30
            periodSeconds: 15
            timeoutSeconds: 65
@ -92,6 +95,9 @@ spec:
                - --agent-queue-name
                - l2gateway_agent
                - --liveness-probe
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+                - --use-fqdn
+{{- end }}
            initialDelaySeconds: 120
            periodSeconds: 90
            timeoutSeconds: 70
--- a/neutron/templates/daemonset-l3-agent.yaml
+++ b/neutron/templates/daemonset-l3-agent.yaml
@ -25,6 +25,9 @@ exec:
    - /etc/neutron/l3_agent.ini
    - --agent-queue-name
    - l3_agent
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+    - --use-fqdn
+{{- end }}
 {{- end }}
 {{- define "l3AgentLivenessProbeTemplate" }}
 exec:
@ -38,6 +41,9 @@ exec:
    - --agent-queue-name
    - l3_agent
    - --liveness-probe
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+    - --use-fqdn
+{{- end }}
 {{- end }}

 {{- define "neutron.l3_agent.daemonset" }}
@ -86,6 +92,66 @@ spec:
      {{- end }}
      initContainers:
 {{ tuple $envAll "pod_dependency" $mounts_neutron_l3_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+        - name: neutron-l3-agent-init
+{{ tuple $envAll "neutron_l3" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.agent.l3 | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" $envAll "application" "neutron_l3_agent" "container" "neutron_l3_agent_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+          command:
+            - /tmp/neutron-l3-agent-init.sh
+          volumeMounts:
+            - name: pod-tmp
+              mountPath: /tmp
+            - name: neutron-bin
+              mountPath: /tmp/neutron-l3-agent-init.sh
+              subPath: neutron-l3-agent-init.sh
+              readOnly: true
+            - name: pod-shared
+              mountPath: /tmp/pod-shared
+            - name: neutron-etc
+              mountPath: /etc/neutron/l3_agent.ini
+              subPath: l3_agent.ini
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /etc/neutron/neutron.conf
+              subPath: neutron.conf
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /etc/neutron/metadata_agent.ini
+              subPath: metadata_agent.ini
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
+              subPath: ml2_conf.ini
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
+              subPath: openvswitch_agent.ini
+              readOnly: true
+            - name: neutron-etc
+              # NOTE (Portdirect): We mount here to override Kollas
+              # custom sudoers file when using Kolla images, this
+              # location will also work fine for other images.
+              mountPath: /etc/sudoers.d/kolla_neutron_sudoers
+              subPath: neutron_sudoers
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /tmp/auto_bridge_add
+              subPath: auto_bridge_add
+              readOnly: true
+            - name: neutron-etc
+              mountPath: /etc/neutron/rootwrap.conf
+              subPath: rootwrap.conf
+              readOnly: true
+            {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
+            {{- if ( has "l3_agent" $value.pods ) }}
+            {{- $filePrefix := replace "_" "-"  $key }}
+            {{- $rootwrapFile := printf "/etc/neutron/rootwrap.d/%s.filters" $filePrefix }}
+            - name: neutron-etc
+              mountPath: {{ $rootwrapFile }}
+              subPath: {{ base $rootwrapFile }}
+              readOnly: true
+            {{- end }}
+            {{- end }}
      containers:
        - name: neutron-l3-agent
 {{ tuple $envAll "neutron_l3" | include "helm-toolkit.snippets.image" | indent 10 }}
@ -98,6 +164,8 @@ spec:
          volumeMounts:
            - name: pod-tmp
              mountPath: /tmp
+            - name: pod-shared
+              mountPath: /tmp/pod-shared
            - name: pod-var-neutron
              mountPath: {{ .Values.conf.neutron.DEFAULT.state_path }}
            - name: neutron-bin
@ -189,6 +257,8 @@ spec:
        - name: iptables-lockfile
          hostPath:
            path: /run/xtables.lock
+        - name: pod-shared
+          emptyDir: {}
        - name: socket
          hostPath:
            path: /var/lib/neutron/openstack-helm
--- a/neutron/templates/daemonset-metadata-agent.yaml
+++ b/neutron/templates/daemonset-metadata-agent.yaml
@ -23,6 +23,9 @@ exec:
    - /etc/neutron/neutron.conf
    - --config-file
    - /etc/neutron/metadata_agent.ini
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+    - --use-fqdn
+{{- end }}
 {{- end }}
 {{- define "metadataAgentLivenessProbeTemplate" }}
 exec:
@ -34,6 +37,9 @@ exec:
    - --config-file
    - /etc/neutron/metadata_agent.ini
    - --liveness-probe
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+    - --use-fqdn
+{{- end }}
 {{- end }}

 {{- define "neutron.metadata_agent.daemonset" }}
--- a/neutron/templates/daemonset-ovs-agent.yaml
+++ b/neutron/templates/daemonset-ovs-agent.yaml
@ -31,6 +31,9 @@ exec:
    - --agent-queue-name
    - q-agent-notifier-tunnel-update
    - --liveness-probe
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+    - --use-fqdn
+{{- end }}
 {{- end }}

 {{- define "neutron.ovs_agent.daemonset" }}
--- a/neutron/templates/daemonset-sriov-agent.yaml
+++ b/neutron/templates/daemonset-sriov-agent.yaml
@ -23,6 +23,9 @@ exec:
    - /etc/neutron/neutron.conf
    - --config-file
    - /etc/neutron/sriov_agent.ini
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+    - --use-fqdn
+{{- end }}
 {{- end }}

 {{- define "neutron.sriov_agent.daemonset" }}
--- a/neutron/values.yaml
+++ b/neutron/values.yaml
@ -330,6 +330,8 @@ dependencies:
          service: local_image_registry

 pod:
+  use_fqdn:
+    neutron_agent: true
  probes:
    dhcp_agent:
      dhcp_agent: