From def68865a28f0819d08812d02839ba70483d0e10 Mon Sep 17 00:00:00 2001
From: Tin Lam <tin@irrational.io>
Date: Thu, 9 Jan 2020 10:53:24 -0600
Subject: [PATCH] Add functionality to specify FQDN
Patch set to allow for FQDN for neutron agents.
Change-Id: Idde7ba35e940de59e0def35507ce2506cad672ed
Signed-off-by: Tin Lam <tin@irrational.io>
---
neutron/templates/bin/_health-probe.py.tpl | 15 +++-
.../bin/_neutron-dhcp-agent-init.sh.tpl | 27 +++++++
.../templates/bin/_neutron-dhcp-agent.sh.tpl | 9 ++-
.../bin/_neutron-ironic-agent.sh.tpl | 3 +
.../templates/bin/_neutron-l2gw-agent.sh.tpl | 3 +
.../bin/_neutron-l3-agent-init.sh.tpl | 27 +++++++
.../templates/bin/_neutron-l3-agent.sh.tpl | 10 ++-
.../_neutron-linuxbridge-agent-init.sh.tpl | 8 +++
.../bin/_neutron-linuxbridge-agent.sh.tpl | 3 +
.../bin/_neutron-metadata-agent-init.sh.tpl | 8 +++
.../bin/_neutron-metadata-agent.sh.tpl | 9 ++-
.../_neutron-openvswitch-agent-init.sh.tpl | 8 +++
.../bin/_neutron-openvswitch-agent.sh.tpl | 17 +++--
.../bin/_neutron-sriov-agent-init.sh.tpl | 8 +++
.../templates/bin/_neutron-sriov-agent.sh.tpl | 9 ++-
neutron/templates/configmap-bin.yaml | 4 ++
neutron/templates/daemonset-dhcp-agent.yaml | 70 +++++++++++++++++++
neutron/templates/daemonset-l2gw-agent.yaml | 6 ++
neutron/templates/daemonset-l3-agent.yaml | 70 +++++++++++++++++++
.../templates/daemonset-metadata-agent.yaml | 6 ++
neutron/templates/daemonset-ovs-agent.yaml | 3 +
neutron/templates/daemonset-sriov-agent.yaml | 3 +
neutron/values.yaml | 2 +
23 files changed, 307 insertions(+), 21 deletions(-)
create mode 100644 neutron/templates/bin/_neutron-dhcp-agent-init.sh.tpl
create mode 100644 neutron/templates/bin/_neutron-l3-agent-init.sh.tpl
diff --git a/neutron/templates/bin/_health-probe.py.tpl b/neutron/templates/bin/_health-probe.py.tpl
index b45aa5633b..284163afe6 100644
--- a/neutron/templates/bin/_health-probe.py.tpl
+++ b/neutron/templates/bin/_health-probe.py.tpl
@@ -54,11 +54,18 @@ tcp_established = "ESTABLISHED"
log.logging.basicConfig(level=log.ERROR)
+def _get_hostname(use_fqdn):
+ if use_fqdn:
+ return socket.getfqdn()
+ return socket.gethostname()
+
def check_agent_status(transport):
"""Verify agent status. Return success if agent consumes message"""
try:
- target = oslo_messaging.Target(topic=cfg.CONF.agent_queue_name,
- server=socket.gethostname())
+ use_fqdn = cfg.CONF.use_fqdn
+ target = oslo_messaging.Target(
+ topic=cfg.CONF.agent_queue_name,
+ server=_get_hostname(use_fqdn))
client = oslo_messaging.RPCClient(transport, target,
timeout=60,
retry=2)
@@ -199,6 +206,8 @@ def test_socket_liveness():
"""Test if agent can respond to message over the socket"""
cfg.CONF.register_cli_opt(cfg.BoolOpt('liveness-probe', default=False,
required=False))
+ cfg.CONF.register_cli_opt(cfg.BoolOpt('use-fqdn', default=False,
+ required=False))
cfg.CONF(sys.argv[1:])
agentq = "metadata_agent"
@@ -253,6 +262,8 @@ def test_rpc_liveness():
cfg.CONF.register_cli_opt(cfg.StrOpt('agent-queue-name'))
cfg.CONF.register_cli_opt(cfg.BoolOpt('liveness-probe', default=False,
required=False))
+ cfg.CONF.register_cli_opt(cfg.BoolOpt('use-fqdn', default=False,
+ required=False))
cfg.CONF(sys.argv[1:])
diff --git a/neutron/templates/bin/_neutron-dhcp-agent-init.sh.tpl b/neutron/templates/bin/_neutron-dhcp-agent-init.sh.tpl
new file mode 100644
index 0000000000..91e9946e6f
--- /dev/null
+++ b/neutron/templates/bin/_neutron-dhcp-agent-init.sh.tpl
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+set -ex
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
diff --git a/neutron/templates/bin/_neutron-dhcp-agent.sh.tpl b/neutron/templates/bin/_neutron-dhcp-agent.sh.tpl
index 2e4c40df38..7043f1aa66 100644
--- a/neutron/templates/bin/_neutron-dhcp-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-dhcp-agent.sh.tpl
@@ -21,7 +21,10 @@ exec neutron-dhcp-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/dhcp_agent.ini \
--config-file /etc/neutron/metadata_agent.ini \
- --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
-{{- if ( has "openvswitch" .Values.network.backend ) }} \
- --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+ --config-file /tmp/pod-shared/neutron-agent.ini \
{{- end }}
+{{- if ( has "openvswitch" .Values.network.backend ) }}
+ --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini \
+{{- end }}
+ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
diff --git a/neutron/templates/bin/_neutron-ironic-agent.sh.tpl b/neutron/templates/bin/_neutron-ironic-agent.sh.tpl
index 075b5d423c..632b3685b2 100644
--- a/neutron/templates/bin/_neutron-ironic-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-ironic-agent.sh.tpl
@@ -22,6 +22,9 @@ COMMAND="${@:-start}"
function start () {
exec ironic-neutron-agent \
--config-file /etc/neutron/neutron.conf \
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+ --config-file /tmp/pod-shared/neutron-agent.ini \
+{{- end }}
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
function stop () {
diff --git a/neutron/templates/bin/_neutron-l2gw-agent.sh.tpl b/neutron/templates/bin/_neutron-l2gw-agent.sh.tpl
index dddf9e157a..790899f730 100644
--- a/neutron/templates/bin/_neutron-l2gw-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-l2gw-agent.sh.tpl
@@ -19,4 +19,7 @@ limitations under the License.
set -x
exec neutron-l2gateway-agent \
--config-file=/etc/neutron/neutron.conf \
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+ --config-file /tmp/pod-shared/neutron-agent.ini \
+{{- end }}
--config-file=/etc/neutron/l2gw_agent.ini
diff --git a/neutron/templates/bin/_neutron-l3-agent-init.sh.tpl b/neutron/templates/bin/_neutron-l3-agent-init.sh.tpl
new file mode 100644
index 0000000000..9a34628ac1
--- /dev/null
+++ b/neutron/templates/bin/_neutron-l3-agent-init.sh.tpl
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+set -ex
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
diff --git a/neutron/templates/bin/_neutron-l3-agent.sh.tpl b/neutron/templates/bin/_neutron-l3-agent.sh.tpl
index 6b613c011d..d7c6b317fa 100644
--- a/neutron/templates/bin/_neutron-l3-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-l3-agent.sh.tpl
@@ -17,11 +17,15 @@ limitations under the License.
*/}}
set -x
+
exec neutron-l3-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/l3_agent.ini \
--config-file /etc/neutron/metadata_agent.ini \
- --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
-{{- if ( has "openvswitch" .Values.network.backend ) }} \
- --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+ --config-file /tmp/pod-shared/neutron-agent.ini \
{{- end }}
+{{- if ( has "openvswitch" .Values.network.backend ) }}
+ --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini \
+{{- end }}
+ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
diff --git a/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl b/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl
index fb8123bc6e..60519efc5c 100644
--- a/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl
+++ b/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl
@@ -58,3 +58,11 @@ tee > /tmp/pod-shared/ml2-local-ip.ini << EOF
[vxlan]
local_ip = "${LOCAL_IP}"
EOF
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
diff --git a/neutron/templates/bin/_neutron-linuxbridge-agent.sh.tpl b/neutron/templates/bin/_neutron-linuxbridge-agent.sh.tpl
index 2645668099..0f4dad5e31 100644
--- a/neutron/templates/bin/_neutron-linuxbridge-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-linuxbridge-agent.sh.tpl
@@ -22,4 +22,7 @@ exec neutron-linuxbridge-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
--config-file /tmp/pod-shared/ml2-local-ip.ini \
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+ --config-file /tmp/pod-shared/neutron-agent.ini \
+{{- end }}
--config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini
diff --git a/neutron/templates/bin/_neutron-metadata-agent-init.sh.tpl b/neutron/templates/bin/_neutron-metadata-agent-init.sh.tpl
index 795479b50d..cc7d4435f8 100644
--- a/neutron/templates/bin/_neutron-metadata-agent-init.sh.tpl
+++ b/neutron/templates/bin/_neutron-metadata-agent-init.sh.tpl
@@ -19,3 +19,11 @@ limitations under the License.
set -ex
chown ${NEUTRON_USER_UID} /var/lib/neutron/openstack-helm
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
diff --git a/neutron/templates/bin/_neutron-metadata-agent.sh.tpl b/neutron/templates/bin/_neutron-metadata-agent.sh.tpl
index 8607791772..d09e2a417b 100644
--- a/neutron/templates/bin/_neutron-metadata-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-metadata-agent.sh.tpl
@@ -20,7 +20,10 @@ set -x
exec neutron-metadata-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/metadata_agent.ini \
- --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
-{{- if ( has "openvswitch" .Values.network.backend ) }} \
- --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+ --config-file /tmp/pod-shared/neutron-agent.ini \
{{- end }}
+{{- if ( has "openvswitch" .Values.network.backend ) }}
+ --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini \
+{{- end }}
+ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
diff --git a/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl b/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
index 2517a87fd6..e0d72c2da8 100644
--- a/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
+++ b/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
@@ -402,3 +402,11 @@ tee > /tmp/pod-shared/ml2-local-ip.ini << EOF
local_ip = "${LOCAL_IP}"
EOF
fi
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
diff --git a/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl b/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl
index 10cd19dc36..5673cd2a5b 100644
--- a/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl
@@ -20,11 +20,14 @@ set -ex
exec neutron-openvswitch-agent \
--config-file /etc/neutron/neutron.conf \
- --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
-{{- if .Values.conf.plugins.openvswitch_agent.agent.tunnel_types }} \
- --config-file /tmp/pod-shared/ml2-local-ip.ini
-{{- end }} \
- --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
-{{- if .Values.conf.plugins.taas.taas.enabled }} \
- --config-file /etc/neutron/plugins/ml2/taas.ini
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+ --config-file /tmp/pod-shared/neutron-agent.ini \
{{- end }}
+{{- if .Values.conf.plugins.openvswitch_agent.agent.tunnel_types }}
+ --config-file /tmp/pod-shared/ml2-local-ip.ini \
+{{- end }}
+{{- if .Values.conf.plugins.taas.taas.enabled }}
+ --config-file /etc/neutron/plugins/ml2/taas.ini \
+{{- end }}
+ --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini \
+ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
diff --git a/neutron/templates/bin/_neutron-sriov-agent-init.sh.tpl b/neutron/templates/bin/_neutron-sriov-agent-init.sh.tpl
index d0961903b9..e86202f3ba 100644
--- a/neutron/templates/bin/_neutron-sriov-agent-init.sh.tpl
+++ b/neutron/templates/bin/_neutron-sriov-agent-init.sh.tpl
@@ -67,3 +67,11 @@ ethtool --set-priv-flags ${NIC_FIRST_PORT} vf-true-promisc-support ${promisc_mod
{{- if ( has "besteffort" .Values.conf.sriov_init ) }}
exit 0
{{ end }}
+
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+mkdir -p /tmp/pod-shared
+tee > /tmp/pod-shared/neutron-agent.ini << EOF
+[DEFAULT]
+host = $(hostname --fqdn)
+EOF
+{{- end }}
diff --git a/neutron/templates/bin/_neutron-sriov-agent.sh.tpl b/neutron/templates/bin/_neutron-sriov-agent.sh.tpl
index 98bf5e9210..02a3027ed0 100644
--- a/neutron/templates/bin/_neutron-sriov-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-sriov-agent.sh.tpl
@@ -21,7 +21,10 @@ set -ex
exec neutron-sriov-nic-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
- --config-file /etc/neutron/plugins/ml2/sriov_agent.ini
-{{- if .Values.conf.plugins.taas.taas.enabled }} \
- --config-file /etc/neutron/plugins/ml2/taas.ini
+{{- if and ( empty .Values.conf.neutron.DEFAULT.host ) ( .Values.pod.use_fqdn.neutron_agent ) }}
+ --config-file /tmp/pod-shared/neutron-agent.ini \
{{- end }}
+{{- if .Values.conf.plugins.taas.taas.enabled }}
+ --config-file /etc/neutron/plugins/ml2/taas.ini \
+{{- end }}
+ --config-file /etc/neutron/plugins/ml2/sriov_agent.ini
diff --git a/neutron/templates/configmap-bin.yaml b/neutron/templates/configmap-bin.yaml
index 20baba9813..2d6b43192b 100644
--- a/neutron/templates/configmap-bin.yaml
+++ b/neutron/templates/configmap-bin.yaml
@@ -49,8 +49,12 @@ data:
{{ tuple "bin/_health-probe.py.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-dhcp-agent.sh: |
{{ tuple "bin/_neutron-dhcp-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+ neutron-dhcp-agent-init.sh: |
+{{ tuple "bin/_neutron-dhcp-agent-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-l3-agent.sh: |
{{ tuple "bin/_neutron-l3-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+ neutron-l3-agent-init.sh: |
+{{ tuple "bin/_neutron-l3-agent-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-linuxbridge-agent.sh: |
{{ tuple "bin/_neutron-linuxbridge-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-linuxbridge-agent-init.sh: |
diff --git a/neutron/templates/daemonset-dhcp-agent.yaml b/neutron/templates/daemonset-dhcp-agent.yaml
index 5757ef6bad..d0a6ebc0a5 100644
--- a/neutron/templates/daemonset-dhcp-agent.yaml
+++ b/neutron/templates/daemonset-dhcp-agent.yaml
@@ -25,6 +25,9 @@ exec:
- /etc/neutron/dhcp_agent.ini
- --agent-queue-name
- dhcp_agent
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+ - --use-fqdn
+{{- end }}
{{- end }}
{{- define "dhcpAgentLivenessProbeTemplate" }}
exec:
@@ -37,6 +40,9 @@ exec:
- /etc/neutron/dhcp_agent.ini
- --agent-queue-name
- dhcp_agent
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+ - --use-fqdn
+{{- end }}
{{- end }}
{{- define "neutron.dhcp_agent.daemonset" }}
@@ -85,6 +91,66 @@ spec:
{{- end }}
initContainers:
{{ tuple $envAll "pod_dependency" $mounts_neutron_dhcp_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+ - name: neutron-dhcp-agent-init
+{{ tuple $envAll "neutron_dhcp" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.agent.dhcp | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" $envAll "application" "neutron_dhcp_agent" "container" "neutron_dhcp_agent_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+ command:
+ - /tmp/neutron-dhcp-agent-init.sh
+ volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: pod-shared
+ mountPath: /tmp/pod-shared
+ - name: neutron-bin
+ mountPath: /tmp/neutron-dhcp-agent-init.sh
+ subPath: neutron-dhcp-agent-init.sh
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /etc/neutron/neutron.conf
+ subPath: neutron.conf
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /etc/neutron/dhcp_agent.ini
+ subPath: dhcp_agent.ini
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /etc/neutron/metadata_agent.ini
+ subPath: metadata_agent.ini
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
+ subPath: ml2_conf.ini
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
+ subPath: openvswitch_agent.ini
+ readOnly: true
+ - name: neutron-etc
+ # NOTE (Portdirect): We mount here to override Kollas
+ # custom sudoers file when using Kolla images, this
+ # location will also work fine for other images.
+ mountPath: /etc/sudoers.d/kolla_neutron_sudoers
+ subPath: neutron_sudoers
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /tmp/auto_bridge_add
+ subPath: auto_bridge_add
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /etc/neutron/rootwrap.conf
+ subPath: rootwrap.conf
+ readOnly: true
+ {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
+ {{- if ( has "dhcp_agent" $value.pods ) }}
+ {{- $filePrefix := replace "_" "-" $key }}
+ {{- $rootwrapFile := printf "/etc/neutron/rootwrap.d/%s.filters" $filePrefix }}
+ - name: neutron-etc
+ mountPath: {{ $rootwrapFile }}
+ subPath: {{ base $rootwrapFile }}
+ readOnly: true
+ {{- end }}
+ {{- end }}
containers:
- name: neutron-dhcp-agent
{{ tuple $envAll "neutron_dhcp" | include "helm-toolkit.snippets.image" | indent 10 }}
@@ -97,6 +163,8 @@ spec:
volumeMounts:
- name: pod-tmp
mountPath: /tmp
+ - name: pod-shared
+ mountPath: /tmp/pod-shared
- name: pod-var-neutron
mountPath: {{ .Values.conf.neutron.DEFAULT.state_path }}
- name: neutron-bin
@@ -184,6 +252,8 @@ spec:
- name: socket
hostPath:
path: /var/lib/neutron/openstack-helm
+ - name: pod-shared
+ emptyDir: {}
{{- if .Values.network.share_namespaces }}
- name: host-run-netns
hostPath:
diff --git a/neutron/templates/daemonset-l2gw-agent.yaml b/neutron/templates/daemonset-l2gw-agent.yaml
index a44384e857..50daf29a9e 100644
--- a/neutron/templates/daemonset-l2gw-agent.yaml
+++ b/neutron/templates/daemonset-l2gw-agent.yaml
@@ -77,6 +77,9 @@ spec:
- /etc/neutron/l2gw_agent.ini
- --agent-queue-name
- l2gateway_agent
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+ - --use-fqdn
+{{- end }}
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 65
@@ -92,6 +95,9 @@ spec:
- --agent-queue-name
- l2gateway_agent
- --liveness-probe
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+ - --use-fqdn
+{{- end }}
initialDelaySeconds: 120
periodSeconds: 90
timeoutSeconds: 70
diff --git a/neutron/templates/daemonset-l3-agent.yaml b/neutron/templates/daemonset-l3-agent.yaml
index ac16aec633..78b738d9a3 100644
--- a/neutron/templates/daemonset-l3-agent.yaml
+++ b/neutron/templates/daemonset-l3-agent.yaml
@@ -25,6 +25,9 @@ exec:
- /etc/neutron/l3_agent.ini
- --agent-queue-name
- l3_agent
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+ - --use-fqdn
+{{- end }}
{{- end }}
{{- define "l3AgentLivenessProbeTemplate" }}
exec:
@@ -38,6 +41,9 @@ exec:
- --agent-queue-name
- l3_agent
- --liveness-probe
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+ - --use-fqdn
+{{- end }}
{{- end }}
{{- define "neutron.l3_agent.daemonset" }}
@@ -86,6 +92,66 @@ spec:
{{- end }}
initContainers:
{{ tuple $envAll "pod_dependency" $mounts_neutron_l3_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+ - name: neutron-l3-agent-init
+{{ tuple $envAll "neutron_l3" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.agent.l3 | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+{{ dict "envAll" $envAll "application" "neutron_l3_agent" "container" "neutron_l3_agent_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+ command:
+ - /tmp/neutron-l3-agent-init.sh
+ volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: neutron-bin
+ mountPath: /tmp/neutron-l3-agent-init.sh
+ subPath: neutron-l3-agent-init.sh
+ readOnly: true
+ - name: pod-shared
+ mountPath: /tmp/pod-shared
+ - name: neutron-etc
+ mountPath: /etc/neutron/l3_agent.ini
+ subPath: l3_agent.ini
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /etc/neutron/neutron.conf
+ subPath: neutron.conf
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /etc/neutron/metadata_agent.ini
+ subPath: metadata_agent.ini
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
+ subPath: ml2_conf.ini
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
+ subPath: openvswitch_agent.ini
+ readOnly: true
+ - name: neutron-etc
+ # NOTE (Portdirect): We mount here to override Kollas
+ # custom sudoers file when using Kolla images, this
+ # location will also work fine for other images.
+ mountPath: /etc/sudoers.d/kolla_neutron_sudoers
+ subPath: neutron_sudoers
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /tmp/auto_bridge_add
+ subPath: auto_bridge_add
+ readOnly: true
+ - name: neutron-etc
+ mountPath: /etc/neutron/rootwrap.conf
+ subPath: rootwrap.conf
+ readOnly: true
+ {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
+ {{- if ( has "l3_agent" $value.pods ) }}
+ {{- $filePrefix := replace "_" "-" $key }}
+ {{- $rootwrapFile := printf "/etc/neutron/rootwrap.d/%s.filters" $filePrefix }}
+ - name: neutron-etc
+ mountPath: {{ $rootwrapFile }}
+ subPath: {{ base $rootwrapFile }}
+ readOnly: true
+ {{- end }}
+ {{- end }}
containers:
- name: neutron-l3-agent
{{ tuple $envAll "neutron_l3" | include "helm-toolkit.snippets.image" | indent 10 }}
@@ -98,6 +164,8 @@ spec:
volumeMounts:
- name: pod-tmp
mountPath: /tmp
+ - name: pod-shared
+ mountPath: /tmp/pod-shared
- name: pod-var-neutron
mountPath: {{ .Values.conf.neutron.DEFAULT.state_path }}
- name: neutron-bin
@@ -189,6 +257,8 @@ spec:
- name: iptables-lockfile
hostPath:
path: /run/xtables.lock
+ - name: pod-shared
+ emptyDir: {}
- name: socket
hostPath:
path: /var/lib/neutron/openstack-helm
diff --git a/neutron/templates/daemonset-metadata-agent.yaml b/neutron/templates/daemonset-metadata-agent.yaml
index 695fccf1ec..6858786c31 100644
--- a/neutron/templates/daemonset-metadata-agent.yaml
+++ b/neutron/templates/daemonset-metadata-agent.yaml
@@ -23,6 +23,9 @@ exec:
- /etc/neutron/neutron.conf
- --config-file
- /etc/neutron/metadata_agent.ini
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+ - --use-fqdn
+{{- end }}
{{- end }}
{{- define "metadataAgentLivenessProbeTemplate" }}
exec:
@@ -34,6 +37,9 @@ exec:
- --config-file
- /etc/neutron/metadata_agent.ini
- --liveness-probe
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+ - --use-fqdn
+{{- end }}
{{- end }}
{{- define "neutron.metadata_agent.daemonset" }}
diff --git a/neutron/templates/daemonset-ovs-agent.yaml b/neutron/templates/daemonset-ovs-agent.yaml
index 552020f73f..ae67487d7c 100644
--- a/neutron/templates/daemonset-ovs-agent.yaml
+++ b/neutron/templates/daemonset-ovs-agent.yaml
@@ -31,6 +31,9 @@ exec:
- --agent-queue-name
- q-agent-notifier-tunnel-update
- --liveness-probe
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+ - --use-fqdn
+{{- end }}
{{- end }}
{{- define "neutron.ovs_agent.daemonset" }}
diff --git a/neutron/templates/daemonset-sriov-agent.yaml b/neutron/templates/daemonset-sriov-agent.yaml
index e1bb2e9cab..3039edcb16 100644
--- a/neutron/templates/daemonset-sriov-agent.yaml
+++ b/neutron/templates/daemonset-sriov-agent.yaml
@@ -23,6 +23,9 @@ exec:
- /etc/neutron/neutron.conf
- --config-file
- /etc/neutron/sriov_agent.ini
+{{- if .Values.pod.use_fqdn.neutron_agent }}
+ - --use-fqdn
+{{- end }}
{{- end }}
{{- define "neutron.sriov_agent.daemonset" }}
diff --git a/neutron/values.yaml b/neutron/values.yaml
index eec768926d..aef2c446f7 100644
--- a/neutron/values.yaml
+++ b/neutron/values.yaml
@@ -330,6 +330,8 @@ dependencies:
service: local_image_registry
pod:
+ use_fqdn:
+ neutron_agent: true
probes:
dhcp_agent:
dhcp_agent: