Add network config to stabilise multi-NIC scenario

When there is more than one NIC attached to an instance, openstack cloud provider returns a random InternalIP back to the host resulting in instability with API server which only talks to a default interface. This patch incorporates the changes made in kubernetes/cloud-provider-openstack#444 which enables OpenStack Cloud Controller Manager (OCCM) to respect the `internal-network-name` in cloud-config file which ensures that InternalIP remains stable. Uses a separate cloud-config file for OCCM to ensure in-tree Cinder volumes remain compatible. Conflicts: magnum/drivers/common/templates/kubernetes/fragments/write-kube-os-config.sh magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml Change-Id: Idfa52ed2d512e7dc383a556371e896205dd542f9 Story: 2005333 Task: 30271 (cherry picked from commit 425fb0f)
stackhpc · Nov 8, 2019 · 9b768e8 · 9b768e8
1 parent 0f5f950
commit 9b768e8
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 2 deletions.
diff --git a/magnum/drivers/common/templates/kubernetes/fragments/kube-apiserver-to-kubelet-role.sh b/magnum/drivers/common/templates/kubernetes/fragments/kube-apiserver-to-kubelet-role.sh
@@ -292,7 +292,7 @@ spec:
         command:
         - /bin/openstack-cloud-controller-manager
         - --v=2
-        - --cloud-config=/etc/kubernetes/cloud-config
+        - --cloud-config=/etc/kubernetes/cloud-config-occm
         - --cluster-name=${CLUSTER_UUID}
         - --use-service-account-credentials=true
         - --bind-address=127.0.0.1

diff --git a/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml b/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml
@@ -29,6 +29,7 @@ write_files:
       ETCD_DISCOVERY_URL="$ETCD_DISCOVERY_URL"
       USERNAME="$USERNAME"
       PASSWORD="$PASSWORD"
+      CLUSTER_NETWORK="$CLUSTER_NETWORK"
       CLUSTER_SUBNET="$CLUSTER_SUBNET"
       TLS_DISABLED="$TLS_DISABLED"
       KUBE_DASHBOARD_ENABLED="$KUBE_DASHBOARD_ENABLED"

diff --git a/magnum/drivers/common/templates/kubernetes/fragments/write-kube-os-config.sh b/magnum/drivers/common/templates/kubernetes/fragments/write-kube-os-config.sh
@@ -10,7 +10,7 @@ if [ -n "${TRUST_ID}" ]; then
 
     # Generate a the configuration for Kubernetes services
     # to talk to OpenStack Neutron and Cinder
-    cat > ${KUBE_OS_CLOUD_CONFIG} <<EOF
+    CLOUD_CONFIG=$(cat <<EOF
 [Global]
 auth-url=$AUTH_URL
 user-id=$TRUSTEE_USER_ID
@@ -28,6 +28,8 @@ monitor-max-retries=3
 [BlockStorage]
 bs-version=v2
 EOF
+)
+    echo $CLOUD_CONFIG > $KUBE_OS_CLOUD_CONFIG
 
     # Provide optional region parameter if it's set.
     if [ -n "${REGION_NAME}" ]; then
@@ -36,4 +38,12 @@ EOF
 
     # backwards compatibility, some apps may expect this file from previous magnum versions.
     cp ${KUBE_OS_CLOUD_CONFIG} /etc/kubernetes/kube_openstack_config
+
+    # Append additional networking config to config file provided to openstack
+    # cloud controller manager (not supported by in-tree Cinder).
+    cat > ${KUBE_OS_CLOUD_CONFIG}-occm <<EOF
+$CLOUD_CONFIG
+[Networking]
+internal-network-name=$CLUSTER_NETWORK
+EOF
 fi
diff --git a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml
@@ -530,6 +530,7 @@ resources:
             "$AUTH_URL": {get_param: auth_url}
             "$USERNAME": {get_param: username}
             "$PASSWORD": {get_param: password}
+            "$CLUSTER_NETWORK": {get_param: fixed_network}
             "$CLUSTER_SUBNET": {get_param: fixed_subnet}
             "$TLS_DISABLED": {get_param: tls_disabled}
             "$KUBE_DASHBOARD_ENABLED": {get_param: kube_dashboard_enabled}