Revert systemd sidecars
We've found that the systemd sidecars tend to drop events when spawning multiple processes at once. Rather than continue to try and patch it, we need to go back to the drawing board. This change reverts the various patches that were related to the systemd side car code. Revert "Use exec when spawning any neutron sidecar container" This reverts commit5b799136fa
. Revert "Remove neutron wrappers usage" This reverts commitf4f3045c41
. Revert "Use a systemd service to handle sidecar containers" This reverts commit2dc7066b05
. Change-Id: I8b9578b7c7d6bd23f0b677f64afae7be76ddcadf (cherry picked from commit62e529ce32
)
This commit is contained in:
parent
df3c2ebf29
commit
0d3d01edfe
|
@ -0,0 +1,71 @@
|
|||
#!/bin/bash
|
||||
{% if debug_enabled|bool -%}
|
||||
set -x
|
||||
{% endif -%}
|
||||
add_date() {
|
||||
echo "$(date) $@"
|
||||
}
|
||||
|
||||
# Set up script logging for debugging purpose.
|
||||
# It will be taken care of by logrotate since there is the .log
|
||||
# suffix.
|
||||
exec 3>&1 4>&2
|
||||
trap 'exec 2>&4 1>&3' 0 1 2 3
|
||||
exec 1>>/var/log/neutron/kill-script.log 2>&1
|
||||
|
||||
SIG=$1
|
||||
PID=$2
|
||||
NETNS=$(ip netns identify ${PID})
|
||||
|
||||
if [ "x${NETNS}" == "x" ]; then
|
||||
add_date "No network namespace detected, exiting"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
{% if container_cli == 'podman' %}
|
||||
CLI="nsenter --net=/run/netns/${NETNS} --preserve-credentials -m -t 1 podman"
|
||||
{% elif container_cli == 'docker' %}
|
||||
{% if docker_additional_sockets and docker_additional_sockets|length > 0-%}
|
||||
export DOCKER_HOST=unix://{{ docker_additional_sockets[0] }}
|
||||
{% endif -%}
|
||||
CLI='docker'
|
||||
{% else %}
|
||||
CLI='echo noop'
|
||||
{% endif %}
|
||||
|
||||
kill_container() {
|
||||
add_date "Stopping container $1 ($2)"
|
||||
$CLI stop $2
|
||||
add_date "Deleting container $1 ($2)"
|
||||
$CLI rm $2
|
||||
}
|
||||
|
||||
hup_container() {
|
||||
add_date "Sending HUP signal to $1 ($2)"
|
||||
$CLI kill --signal HUP $2
|
||||
}
|
||||
|
||||
{% raw -%}
|
||||
if [ -f /proc/$PID/cgroup ]; then
|
||||
# Get container ID based on process cgroups
|
||||
CT_ID=$(awk 'BEGIN {FS="[-.]"} /name=/{print $3}' /proc/$PID/cgroup)
|
||||
CT_NAME=$($CLI inspect -f '{{.Name}}' $CT_ID)
|
||||
|
||||
case $SIG in
|
||||
HUP)
|
||||
hup_container $CT_NAME $CT_ID
|
||||
;;
|
||||
9)
|
||||
kill_container $CT_NAME $CT_ID
|
||||
;;
|
||||
*)
|
||||
add_date "Unknown action ${SIG} for ${$CT_NAME} ${CT_ID}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
else
|
||||
add_date "No such PID: ${PID}"
|
||||
exit 1
|
||||
fi
|
||||
{% endraw %}
|
|
@ -316,33 +316,45 @@ outputs:
|
|||
- service_debug_unset
|
||||
- {get_param: Debug }
|
||||
- {get_param: NeutronWrapperDebug}
|
||||
- name: Create dhcp systemd wrappers
|
||||
include_role:
|
||||
name: tripleo-systemd-wrapper
|
||||
vars:
|
||||
tripleo_systemd_wrapper_cmd: "{{ dhcp_wrapper_item.cmd }}"
|
||||
tripleo_systemd_wrapper_config_bind_mount: "/var/lib/config-data/puppet-generated/neutron:/etc/neutron:ro"
|
||||
tripleo_systemd_wrapper_container_cli: "{{ container_cli }}"
|
||||
tripleo_systemd_wrapper_debug: "{{ debug_enabled }}"
|
||||
tripleo_systemd_wrapper_docker_additional_sockets: {get_param: DockerAdditionalSockets}
|
||||
tripleo_systemd_wrapper_image_name: {get_param: ContainerNeutronDHCPImage}
|
||||
tripleo_systemd_wrapper_service_dir: /var/lib/neutron
|
||||
tripleo_systemd_wrapper_service_kill_script: "{{ dhcp_wrapper_item.kill_script }}"
|
||||
tripleo_systemd_wrapper_service_name: "{{ dhcp_wrapper_item.name }}"
|
||||
loop_control:
|
||||
loop_var: dhcp_wrapper_item
|
||||
loop:
|
||||
- name: dhcp_dnsmasq
|
||||
cmd: exec /usr/sbin/dnsmasq -k
|
||||
kill_script: dnsmasq-kill
|
||||
- name: dhcp_haproxy
|
||||
cmd: >-
|
||||
$(if [ -f /usr/sbin/haproxy-systemd-wrapper ]; then
|
||||
echo "exec /usr/sbin/haproxy -Ds";
|
||||
else
|
||||
echo "exec /usr/sbin/haproxy -Ws"; fi)
|
||||
kill_script: haproxy-kill
|
||||
docker_additional_sockets: {get_param: DockerAdditionalSockets}
|
||||
- name: create kill_scripts directory within /var/lib/neutron
|
||||
file:
|
||||
state: directory
|
||||
path: /var/lib/neutron/kill_scripts
|
||||
- name: create dnsmasq dhcp kill script
|
||||
when: dnsmasq_wrapper_enabled|bool
|
||||
copy:
|
||||
dest: /var/lib/neutron/kill_scripts/dnsmasq-kill
|
||||
mode: 0755
|
||||
content: {get_file: ./kill-script}
|
||||
- name: create haproxy kill script
|
||||
when: haproxy_wrapper_enabled|bool
|
||||
copy:
|
||||
dest: /var/lib/neutron/kill_scripts/haproxy-kill
|
||||
mode: 0755
|
||||
content: {get_file: ./kill-script}
|
||||
docker_config:
|
||||
step_2:
|
||||
create_dnsmasq_wrapper:
|
||||
start_order: 1
|
||||
detach: false
|
||||
net: host
|
||||
pid: host
|
||||
user: root
|
||||
command: # '/container_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
|
||||
list_concat:
|
||||
-
|
||||
- '/container_puppet_apply.sh'
|
||||
- '4'
|
||||
- 'file'
|
||||
- 'include ::tripleo::profile::base::neutron::dhcp_agent_wrappers'
|
||||
image: {get_param: ContainerNeutronDHCPImage}
|
||||
volumes:
|
||||
list_concat:
|
||||
- {get_attr: [ContainersCommon, container_puppet_apply_volumes]}
|
||||
-
|
||||
- /run/openvswitch:/run/openvswitch:shared,z
|
||||
- /var/lib/neutron:/var/lib/neutron:shared,z
|
||||
step_4:
|
||||
neutron_dhcp:
|
||||
start_order: 10
|
||||
|
@ -376,12 +388,12 @@ outputs:
|
|||
-
|
||||
if:
|
||||
- dnsmasq_wrapper_enabled
|
||||
- - /var/lib/neutron/dhcp_dnsmasq/wrapper:/usr/local/bin/dnsmasq:ro
|
||||
- - /var/lib/neutron/dnsmasq_wrapper:/usr/local/bin/dnsmasq:ro
|
||||
- null
|
||||
-
|
||||
if:
|
||||
- haproxy_wrapper_enabled
|
||||
- - /var/lib/neutron/dhcp_haproxy/wrapper:/usr/local/bin/haproxy:ro
|
||||
- - /var/lib/neutron/dhcp_haproxy_wrapper:/usr/local/bin/haproxy:ro
|
||||
- null
|
||||
-
|
||||
if:
|
||||
|
|
|
@ -269,39 +269,57 @@ outputs:
|
|||
- service_debug_unset
|
||||
- {get_param: Debug }
|
||||
- {get_param: NeutronWrapperDebug}
|
||||
- name: Create l3 systemd wrappers
|
||||
include_role:
|
||||
name: tripleo-systemd-wrapper
|
||||
vars:
|
||||
tripleo_systemd_wrapper_cmd: "{{ l3_wrapper_item.cmd }}"
|
||||
tripleo_systemd_wrapper_config_bind_mount: "/var/lib/config-data/puppet-generated/neutron:/etc/neutron:ro"
|
||||
tripleo_systemd_wrapper_container_cli: "{{ container_cli }}"
|
||||
tripleo_systemd_wrapper_debug: "{{ debug_enabled }}"
|
||||
tripleo_systemd_wrapper_docker_additional_sockets: {get_param: DockerAdditionalSockets}
|
||||
tripleo_systemd_wrapper_image_name: {get_param: ContainerNeutronL3AgentImage}
|
||||
tripleo_systemd_wrapper_service_dir: /var/lib/neutron
|
||||
tripleo_systemd_wrapper_service_kill_script: "{{ l3_wrapper_item.kill_script }}"
|
||||
tripleo_systemd_wrapper_service_name: "{{ l3_wrapper_item.name }}"
|
||||
loop_control:
|
||||
loop_var: l3_wrapper_item
|
||||
loop:
|
||||
- name: l3_keepalived
|
||||
cmd: exec /usr/sbin/keepalived -n -l -D
|
||||
kill_script: keepalived-kill
|
||||
- name: l3_haproxy
|
||||
cmd: >-
|
||||
$(if [ -f /usr/sbin/haproxy-systemd-wrapper ]; then
|
||||
echo "exec /usr/sbin/haproxy -Ds";
|
||||
else
|
||||
echo "exec /usr/sbin/haproxy -Ws"; fi)
|
||||
kill_script: haproxy-kill
|
||||
- name: l3_dibbler
|
||||
cmd: exec /usr/sbin/dibbler-client run
|
||||
kill_script: dibbler-kill
|
||||
- name: l3_radvd
|
||||
cmd: exec /usr/sbin/radvd -n
|
||||
kill_script: radvd-kill
|
||||
docker_additional_sockets: {get_param: DockerAdditionalSockets}
|
||||
- name: create kill_scripts directory within /var/lib/neutron
|
||||
file:
|
||||
state: directory
|
||||
path: /var/lib/neutron/kill_scripts
|
||||
- name: create keepalived kill script
|
||||
when: keepalived_wrapper_enabled|bool
|
||||
copy:
|
||||
dest: /var/lib/neutron/kill_scripts/keepalived-kill
|
||||
mode: 0755
|
||||
content: {get_file: ./kill-script}
|
||||
- name: create haproxy kill script
|
||||
when: haproxy_wrapper_enabled|bool
|
||||
copy:
|
||||
dest: /var/lib/neutron/kill_scripts/haproxy-kill
|
||||
mode: 0755
|
||||
content: {get_file: ./kill-script}
|
||||
- name: create dibbler kill script
|
||||
when: dibbler_wrapper_enabled|bool
|
||||
copy:
|
||||
dest: /var/lib/neutron/kill_scripts/dibbler-kill
|
||||
mode: 0755
|
||||
content: {get_file: ./kill-script}
|
||||
- name: create radvd kill script
|
||||
when: radvd_wrapper_enabled|bool
|
||||
copy:
|
||||
dest: /var/lib/neutron/kill_scripts/radvd-kill
|
||||
mode: 0755
|
||||
content: {get_file: ./kill-script}
|
||||
docker_config:
|
||||
step_2:
|
||||
create_keepalived_wrapper:
|
||||
start_order: 1
|
||||
detach: false
|
||||
net: host
|
||||
pid: host
|
||||
user: root
|
||||
command: # '/container_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
|
||||
list_concat:
|
||||
-
|
||||
- '/container_puppet_apply.sh'
|
||||
- '4'
|
||||
- 'file'
|
||||
- 'include ::tripleo::profile::base::neutron::l3_agent_wrappers'
|
||||
image: {get_param: ContainerNeutronL3AgentImage}
|
||||
volumes:
|
||||
list_concat:
|
||||
- {get_attr: [ContainersCommon, container_puppet_apply_volumes]}
|
||||
-
|
||||
- /run/openvswitch:/run/openvswitch:shared,z
|
||||
- /var/lib/neutron:/var/lib/neutron:shared,z
|
||||
step_4:
|
||||
neutron_l3_agent:
|
||||
start_order: 10
|
||||
|
@ -334,22 +352,22 @@ outputs:
|
|||
-
|
||||
if:
|
||||
- keepalived_wrapper_enabled
|
||||
- - /var/lib/neutron/l3_keepalived/wrapper:/usr/local/bin/keepalived:ro
|
||||
- - /var/lib/neutron/keepalived_wrapper:/usr/local/bin/keepalived:ro
|
||||
- null
|
||||
-
|
||||
if:
|
||||
- haproxy_wrapper_enabled
|
||||
- - /var/lib/neutron/l3_haproxy/wrapper:/usr/local/bin/haproxy:ro
|
||||
- - /var/lib/neutron/l3_haproxy_wrapper:/usr/local/bin/haproxy:ro
|
||||
- null
|
||||
-
|
||||
if:
|
||||
- radvd_wrapper_enabled
|
||||
- - /var/lib/neutron/l3_radvd/wrapper:/usr/local/bin/radvd:ro
|
||||
- - /var/lib/neutron/radvd_wrapper:/usr/local/bin/radvd:ro
|
||||
- null
|
||||
-
|
||||
if:
|
||||
- dibbler_wrapper_enabled
|
||||
- - /var/lib/neutron/l3_dibbler/wrapper:/usr/local/bin/dibbler_client:ro
|
||||
- - /var/lib/neutron/dibbler_wrapper:/usr/local/bin/dibbler_client:ro
|
||||
- null
|
||||
environment:
|
||||
KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
|
||||
|
|
|
@ -251,30 +251,39 @@ outputs:
|
|||
- service_debug_unset
|
||||
- {get_param: Debug }
|
||||
- {get_param: NeutronWrapperDebug}
|
||||
- name: Create ovn metadata systemd wrappers
|
||||
include_role:
|
||||
name: tripleo-systemd-wrapper
|
||||
vars:
|
||||
tripleo_systemd_wrapper_cmd: "{{ ovn_wrapper_item.cmd }}"
|
||||
tripleo_systemd_wrapper_config_bind_mount: "/var/lib/config-data/puppet-generated/neutron:/etc/neutron:ro"
|
||||
tripleo_systemd_wrapper_container_cli: "{{ container_cli }}"
|
||||
tripleo_systemd_wrapper_debug: "{{ debug_enabled }}"
|
||||
tripleo_systemd_wrapper_docker_additional_sockets: {get_param: DockerAdditionalSockets}
|
||||
tripleo_systemd_wrapper_image_name: {get_param: ContainerOvnMetadataImage}
|
||||
tripleo_systemd_wrapper_service_dir: /var/lib/neutron
|
||||
tripleo_systemd_wrapper_service_kill_script: "{{ ovn_wrapper_item.kill_script }}"
|
||||
tripleo_systemd_wrapper_service_name: "{{ ovn_wrapper_item.name }}"
|
||||
loop_control:
|
||||
loop_var: ovn_wrapper_item
|
||||
loop:
|
||||
- name: ovn_metadata_haproxy
|
||||
cmd: >-
|
||||
$(if [ -f /usr/sbin/haproxy-systemd-wrapper ]; then
|
||||
echo "/usr/sbin/haproxy -Ds";
|
||||
else
|
||||
echo "/usr/sbin/haproxy -Ws"; fi)
|
||||
kill_script: haproxy-kill
|
||||
docker_additional_sockets: {get_param: DockerAdditionalSockets}
|
||||
- name: create kill_scripts directory within /var/lib/neutron
|
||||
file:
|
||||
state: directory
|
||||
path: /var/lib/neutron/kill_scripts
|
||||
- name: create haproxy kill script
|
||||
when: haproxy_wrapper_enabled|bool
|
||||
copy:
|
||||
dest: /var/lib/neutron/kill_scripts/haproxy-kill
|
||||
mode: 0755
|
||||
content: {get_file: ../neutron/kill-script}
|
||||
docker_config:
|
||||
step_2:
|
||||
create_haproxy_wrapper:
|
||||
start_order: 1
|
||||
detach: false
|
||||
net: host
|
||||
pid: host
|
||||
user: root
|
||||
command: # '/container_puppet_apply.sh "STEP" "TAGS" "CONFIG" "DEBUG"'
|
||||
list_concat:
|
||||
-
|
||||
- '/container_puppet_apply.sh'
|
||||
- '4'
|
||||
- 'file'
|
||||
- 'include ::tripleo::profile::base::neutron::ovn_metadata_agent_wrappers'
|
||||
image: {get_param: ContainerOvnMetadataImage}
|
||||
volumes:
|
||||
list_concat:
|
||||
- {get_attr: [ContainersCommon, container_puppet_apply_volumes]}
|
||||
-
|
||||
- /run/openvswitch:/run/openvswitch:shared,z
|
||||
- /var/lib/neutron:/var/lib/neutron:shared,z
|
||||
step_4:
|
||||
setup_ovs_manager:
|
||||
start_order: 0
|
||||
|
@ -323,7 +332,7 @@ outputs:
|
|||
-
|
||||
if:
|
||||
- haproxy_wrapper_enabled
|
||||
- - /var/lib/neutron/ovn_metadata_haproxy/wrapper:/usr/local/bin/haproxy:ro
|
||||
- - /var/lib/neutron/ovn_metadata_haproxy_wrapper:/usr/local/bin/haproxy:ro
|
||||
- null
|
||||
- if:
|
||||
- internal_tls_enabled
|
||||
|
|
Loading…
Reference in New Issue