summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSaravanan KR <skramaja@redhat.com>2017-06-27 19:17:43 +0530
committerSaravanan KR <skramaja@redhat.com>2017-07-10 16:12:05 +0530
commitd7738012e13668e992c8d35cdd23e8527305a88e (patch)
treebc643d17cf25b631cc04fe122eed80a9e8699e6f
parentb5081b67e5f5a6c88c149f0cd13e0053494f6d60 (diff)
Added OvS permission workaround for enabling DPDK
The vhost sockets sockets are created with qemu permission, but ovs runs with root permission. In order to allow ovs to access vhost sockets reducing the ovs group permission from root to qemu. This is a temprovary workaround, until ovs fixes the permission issue. The script supports both ovs2.6 and ovs2.7 versions. Change-Id: I172956390c19fc9824bf7590cd48bfcf6201191b
-rw-r--r--extraconfig/pre_network/host_config_and_reboot.yaml26
-rw-r--r--releasenotes/notes/ovs-dpdk-permission-workaround-20aaebcc8d6009ec.yaml6
2 files changed, 32 insertions, 0 deletions
diff --git a/extraconfig/pre_network/host_config_and_reboot.yaml b/extraconfig/pre_network/host_config_and_reboot.yaml
index 009a0879..6ea5b691 100644
--- a/extraconfig/pre_network/host_config_and_reboot.yaml
+++ b/extraconfig/pre_network/host_config_and_reboot.yaml
@@ -178,6 +178,32 @@ resources:
template: |
#!/bin/bash
set -x
+
+ # OvS Permission issue temporary workaround
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1459436
+ # Actual solution from openvswitch - https://mail.openvswitch.org/pipermail/ovs-dev/2017-June/333423.html
+ ovs_service_path="/usr/lib/systemd/system/ovs-vswitchd.service"
+
+ if grep -q 'RuntimeDirectoryMode' $ovs_service_path; then
+ sed -i 's/RuntimeDirectoryMode=.*/RuntimeDirectoryMode=0775/' $ovs_service_path
+ else
+ echo "RuntimeDirectoryMode=0775" >> $ovs_service_path
+ fi
+
+ if ! grep -Fxq "Group=qemu" $ovs_service_path ; then
+ echo "Group=qemu" >> $ovs_service_path
+ fi
+
+ if ! grep -Fxq "UMask=0002" $ovs_service_path ; then
+ echo "UMask=0002" >> $ovs_service_path
+ fi
+
+ ovs_ctl_path='/usr/share/openvswitch/scripts/ovs-ctl'
+ if ! grep -q "umask 0002 \&\& start_daemon \"\$OVS_VSWITCHD_PRIORITY\"" $ovs_ctl_path ; then
+ sed -i 's/start_daemon \"\$OVS_VSWITCHD_PRIORITY\"/umask 0002 \&\& start_daemon \"$OVS_VSWITCHD_PRIORITY\"/' $ovs_ctl_path
+ fi
+
+
# DO NOT use --detailed-exitcodes
puppet apply --logdest console \
--modulepath /etc/puppet/modules:/opt/stack/puppet-modules:/usr/share/openstack-puppet/modules \
diff --git a/releasenotes/notes/ovs-dpdk-permission-workaround-20aaebcc8d6009ec.yaml b/releasenotes/notes/ovs-dpdk-permission-workaround-20aaebcc8d6009ec.yaml
new file mode 100644
index 00000000..f8c06fd6
--- /dev/null
+++ b/releasenotes/notes/ovs-dpdk-permission-workaround-20aaebcc8d6009ec.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+ - Fixed the openvswitch permission to allow ovs to access vhost
+ sockets created by qemu. This is a workaround until openvswitch
+ provides the actual solution.
+