Adds a wrapper script to run ovs-vsctl commands in the container
Libvirt needs to be able to plug ports into openvswitch bridges. It does this using the ovs-vsctl command, which it searches for in $PATH[1, 2]. This change will optionally install a wrapper script that executes the ovs-vsctl commands in the context of the openvswitchd container. This is useful when running libvirt on the host whilst still running openvswitch in a container. The advantage of this method over install the packages on the host is that it ensures client compatability with the daemon. The default is set to false as the wrapper could overwrite ovs-vsctl installed on the host. [1]ee51ab86c2/src/util/virnetdevopenvswitch.c (L59)
[2]a89b17c2a7/docs/kbase/internals/command.rst (id3)
Closes-Bug: #1995409 Change-Id: Iaa6bfb012ae847f5f6aa0a1fc1c27970ac265f93
This commit is contained in:
parent
4fa36cbe08
commit
a82443481e
@ -96,6 +96,8 @@ openvswitch_extra_volumes: "{{ default_extra_volumes }}"
|
||||
openvswitch_db_extra_volumes: "{{ openvswitch_extra_volumes }}"
|
||||
openvswitch_vswitchd_extra_volumes: "{{ openvswitch_extra_volumes }}"
|
||||
|
||||
openvswitch_ovs_vsctl_wrapper_enabled: false
|
||||
|
||||
#############
|
||||
# OpenvSwitch
|
||||
#############
|
||||
|
@ -52,3 +52,16 @@
|
||||
- service.enabled | bool
|
||||
notify:
|
||||
- "Restart openvswitch-db-server container"
|
||||
|
||||
- name: Copying over ovs-vsctl wrapper
|
||||
vars:
|
||||
service: "{{ openvswitch_services['openvswitch-vswitchd'] }}"
|
||||
template:
|
||||
src: "ovs-vsctl.j2"
|
||||
dest: "/usr/bin/ovs-vsctl"
|
||||
mode: "0755"
|
||||
become: true
|
||||
when:
|
||||
- service.host_in_groups | bool
|
||||
- service.enabled | bool
|
||||
- openvswitch_ovs_vsctl_wrapper_enabled | bool
|
||||
|
3
ansible/roles/openvswitch/templates/ovs-vsctl.j2
Normal file
3
ansible/roles/openvswitch/templates/ovs-vsctl.j2
Normal file
@ -0,0 +1,3 @@
|
||||
#!/bin/bash
|
||||
|
||||
exec docker exec openvswitch_vswitchd ovs-vsctl "$@"
|
@ -54,6 +54,23 @@ libvirt as a host daemon. However, since the Yoga release, if a libvirt daemon
|
||||
has already been set up, then Kolla Ansible may be configured to use it. This
|
||||
may be achieved by setting ``enable_nova_libvirt_container`` to ``false``.
|
||||
|
||||
When the firewall driver is set to ``openvswitch``, libvirt will plug VMs
|
||||
directly into the integration bridge, ``br-int``. To do this it uses the
|
||||
``ovs-vsctl`` utility. The search path for this binary is controlled by the
|
||||
``$PATH`` environment variable (as seen by the libvirt process). There are a
|
||||
few options to ensure that this binary can be found:
|
||||
|
||||
* Set ``openvswitch_ovs_vsctl_wrapper_enabled`` to ``True``. This will install
|
||||
a wrapper script to the path: ``/usr/bin/ovs-vsctl`` that will execute
|
||||
``ovs-vsctl`` in the context of the ``openvswitch_vswitchd`` container. This
|
||||
option is useful if you do not have openvswitch installed on the host. It
|
||||
also has the advantage that the ``ovs-vsctl`` utility will match the version
|
||||
of the server.
|
||||
|
||||
* Install openvswitch on the hypervisor. Kolla mounts ``/run/openvswitch`` from
|
||||
the host into the ``openvswitch_vswitchd`` container. This means that socket
|
||||
is in the location ``ovs-vsctl`` expects with its default options.
|
||||
|
||||
Migration from container to host
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
|
@ -0,0 +1,6 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
Adds a new flag, ``openvswitch_ovs_vsctl_wrapper_enabled`` which will
|
||||
install a wrapper script to ``/usr/bin/ovs-vsctl`` to docker exec into
|
||||
the openvswitchd container.
|
Loading…
Reference in New Issue
Block a user