Added OvS permission workaround for enabling DPDK

The vhost sockets sockets are created with qemu permission, but ovs
runs with root permission. In order to allow ovs to access vhost sockets
reducing the ovs group permission from root to qemu. This is a temprovary
workaround, until ovs fixes the permission issue. The script supports
both ovs2.6 and ovs2.7 versions.

Change-Id: I172956390c19fc9824bf7590cd48bfcf6201191b
This commit is contained in:
Saravanan KR 2017-06-27 19:17:43 +05:30
parent b5081b67e5
commit d7738012e1
2 changed files with 32 additions and 0 deletions

@ -178,6 +178,32 @@ resources:
template: |
#!/bin/bash
set -x
# OvS Permission issue temporary workaround
# https://bugzilla.redhat.com/show_bug.cgi?id=1459436
# Actual solution from openvswitch - https://mail.openvswitch.org/pipermail/ovs-dev/2017-June/333423.html
ovs_service_path="/usr/lib/systemd/system/ovs-vswitchd.service"
if grep -q 'RuntimeDirectoryMode' $ovs_service_path; then
sed -i 's/RuntimeDirectoryMode=.*/RuntimeDirectoryMode=0775/' $ovs_service_path
else
echo "RuntimeDirectoryMode=0775" >> $ovs_service_path
fi
if ! grep -Fxq "Group=qemu" $ovs_service_path ; then
echo "Group=qemu" >> $ovs_service_path
fi
if ! grep -Fxq "UMask=0002" $ovs_service_path ; then
echo "UMask=0002" >> $ovs_service_path
fi
ovs_ctl_path='/usr/share/openvswitch/scripts/ovs-ctl'
if ! grep -q "umask 0002 \&\& start_daemon \"\$OVS_VSWITCHD_PRIORITY\"" $ovs_ctl_path ; then
sed -i 's/start_daemon \"\$OVS_VSWITCHD_PRIORITY\"/umask 0002 \&\& start_daemon \"$OVS_VSWITCHD_PRIORITY\"/' $ovs_ctl_path
fi
# DO NOT use --detailed-exitcodes
puppet apply --logdest console \
--modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules \

@ -0,0 +1,6 @@
---
fixes:
- Fixed the openvswitch permission to allow ovs to access vhost
sockets created by qemu. This is a workaround until openvswitch
provides the actual solution.