From dff4c6b328d165bf8c18b57965b90467669c6aa5 Mon Sep 17 00:00:00 2001 From: Mathieu Rohon Date: Fri, 4 Aug 2017 17:56:18 +0200 Subject: [PATCH] Skydive: allow access to netns for skydive agents This access is now mandatory for skydive. It allows to add netns info to the topology, and to attach interfaces to their netns if needed. Closes-Bug: #1710627 Change-Id: I41cc1fd0fdeae0757a2c4e3e310ec6375da0b8cf --- ansible/roles/skydive/defaults/main.yml | 2 ++ ansible/roles/skydive/handlers/main.yml | 1 + ansible/roles/skydive/tasks/config.yml | 1 + ansible/roles/skydive/templates/skydive-agent.conf.j2 | 3 +++ 4 files changed, 7 insertions(+) diff --git a/ansible/roles/skydive/defaults/main.yml b/ansible/roles/skydive/defaults/main.yml index 3d9b96d254..82a74fc5e2 100644 --- a/ansible/roles/skydive/defaults/main.yml +++ b/ansible/roles/skydive/defaults/main.yml @@ -16,10 +16,12 @@ skydive_services: group: skydive-agent enabled: true image: "{{ skydive_agent_image_full }}" + privileged: True volumes: - "{{ node_config_directory }}/skydive-agent/:{{ container_config_directory }}/:ro" - "/etc/localtime:/etc/localtime:ro" - "/var/run/openvswitch/db.sock:/var/run/openvswitch/db.sock:ro" + - "/var/run/netns:/host/run:shared" - "kolla_logs:/var/log/kolla/" #################### diff --git a/ansible/roles/skydive/handlers/main.yml b/ansible/roles/skydive/handlers/main.yml index af6386e231..353f9e87d0 100644 --- a/ansible/roles/skydive/handlers/main.yml +++ b/ansible/roles/skydive/handlers/main.yml @@ -32,6 +32,7 @@ common_options: "{{ docker_common_options }}" name: "{{ service.container_name }}" image: "{{ service.image }}" + privileged: "{{ service.privileged }}" volumes: "{{ service.volumes }}" when: - action != "config" diff --git a/ansible/roles/skydive/tasks/config.yml b/ansible/roles/skydive/tasks/config.yml index 0ebcce2ba4..e22ad196ee 100644 --- a/ansible/roles/skydive/tasks/config.yml +++ b/ansible/roles/skydive/tasks/config.yml @@ -41,6 +41,7 @@ common_options: "{{ docker_common_options }}" name: "{{ item.value.container_name }}" image: "{{ item.value.image }}" + privileged: "{{ item.value.privileged | default(False) }}" volumes: "{{ item.value.volumes }}" register: check_skydive_containers when: diff --git a/ansible/roles/skydive/templates/skydive-agent.conf.j2 b/ansible/roles/skydive/templates/skydive-agent.conf.j2 index 8985b11b68..1f6ec118a5 100644 --- a/ansible/roles/skydive/templates/skydive-agent.conf.j2 +++ b/ansible/roles/skydive/templates/skydive-agent.conf.j2 @@ -52,3 +52,6 @@ agent: - ovsdb {% endif %} +netns: + run_path: /host/run +