From 26df20f90f456b9674186ed57e5722c37a762584 Mon Sep 17 00:00:00 2001 From: Shuyang Xin Date: Thu, 9 May 2024 23:50:49 +0800 Subject: [PATCH] Add OVS driver installation in initContainer for Antrea Windows agent By integrating the OVS driver installation into an initContainer, we ensure that the necessary driver is installed before the main containers start, and the driver's presence is checked only once during the pod's lifecycle. Signed-off-by: Shuyang Xin --- build/yamls/antrea-windows-with-ovs.yml | 41 +++++++++++++++---- .../conf/Install-OVSDriver-Containerd.ps1 | 18 ++++++++ .../conf/Run-AntreaOVS-Containerd.ps1 | 9 +--- .../containerd-with-ovs.yml | 12 ++++++ .../containerd-with-ovs/kustomization.yml | 1 + hack/update-checksum-windows.sh | 3 +- 6 files changed, 66 insertions(+), 18 deletions(-) create mode 100644 build/yamls/windows/containerd-with-ovs/conf/Install-OVSDriver-Containerd.ps1 diff --git a/build/yamls/antrea-windows-with-ovs.yml b/build/yamls/antrea-windows-with-ovs.yml index ffc1e1bb0dd..6c22a78808d 100644 --- a/build/yamls/antrea-windows-with-ovs.yml +++ b/build/yamls/antrea-windows-with-ovs.yml @@ -1,5 +1,24 @@ apiVersion: v1 data: + Install-OVSDriver-Containerd.ps1: | + $ErrorActionPreference = "Stop" + mkdir -force c:/openvswitch/driver + $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT + $mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/') + $OVSDriverDir = "$mountPath\openvswitch\driver" + + # Check if OVSExt driver is already installed + $driverStatus = netcfg -q ovsext + if ($driverStatus -like '*not installed*') { + # Install OVS Driver + $result = netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt + if ($result -like '*failed*') { + Write-Host "Failed to install OVSExt driver: $result" + exit 1 + } else { + Write-Host "OVSExt driver has been installed" + } + } Install-WindowsCNI-Containerd.ps1: | $ErrorActionPreference = "Stop"; mkdir -force c:/var/log/antrea @@ -45,14 +64,7 @@ data: $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT $mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/') $env:PATH = $env:PATH + ";$mountPath/Windows/System32;$mountPath/openvswitch/usr/bin;$mountPath/openvswitch/usr/sbin" - $OVSDriverDir="$mountPath\openvswitch\driver" - - # Check if OVSExt driver is already installed - $driverStatus = netcfg -q ovsext - if ($driverStatus -like '*not installed*') { - # Install OVS Driver - netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt - } + $OVSDriverDir = "$mountPath\openvswitch\driver" # Configure OVS processes $OVS_DB_SCHEMA_PATH = "$mountPath/openvswitch/usr/share/openvswitch/vswitch.ovsschema" @@ -293,7 +305,7 @@ spec: template: metadata: annotations: - checksum/agent-windows: bb43d8d5840ffd71ff946d44052fefc5bd88ca5ad58ac5048d85a5cf26a7ef13 + checksum/agent-windows: 8c254572ffa923c76be75d5d6b235a82e65d3e0da4a4ce969dac0bbcababa3c4 checksum/windows-config: 6ff4f8bd0b310ebe4d4612bdd9697ffb3d79e0e0eab3936420417dd5a8fc128d microsoft.com/hostprocess-inherit-user: "true" labels: @@ -376,6 +388,17 @@ spec: readOnly: true - mountPath: /var/lib/antrea-windows name: antrea-agent-windows + - args: + - -file + - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-OVSDriver-Containerd.ps1 + command: + - powershell + image: antrea/antrea-windows:latest + imagePullPolicy: IfNotPresent + name: install-ovs-driver + volumeMounts: + - mountPath: /var/lib/antrea-windows + name: antrea-agent-windows nodeSelector: kubernetes.io/os: windows priorityClassName: system-node-critical diff --git a/build/yamls/windows/containerd-with-ovs/conf/Install-OVSDriver-Containerd.ps1 b/build/yamls/windows/containerd-with-ovs/conf/Install-OVSDriver-Containerd.ps1 new file mode 100644 index 00000000000..99c7bab304b --- /dev/null +++ b/build/yamls/windows/containerd-with-ovs/conf/Install-OVSDriver-Containerd.ps1 @@ -0,0 +1,18 @@ +$ErrorActionPreference = "Stop" +mkdir -force c:/openvswitch/driver +$mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT +$mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/') +$OVSDriverDir = "$mountPath\openvswitch\driver" + +# Check if OVSExt driver is already installed +$driverStatus = netcfg -q ovsext +if ($driverStatus -like '*not installed*') { + # Install OVS Driver + $result = netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt + if ($result -like '*failed*') { + Write-Host "Failed to install OVSExt driver: $result" + exit 1 + } else { + Write-Host "OVSExt driver has been installed" + } +} diff --git a/build/yamls/windows/containerd-with-ovs/conf/Run-AntreaOVS-Containerd.ps1 b/build/yamls/windows/containerd-with-ovs/conf/Run-AntreaOVS-Containerd.ps1 index 13f0f9c4f06..ee0747ada51 100644 --- a/build/yamls/windows/containerd-with-ovs/conf/Run-AntreaOVS-Containerd.ps1 +++ b/build/yamls/windows/containerd-with-ovs/conf/Run-AntreaOVS-Containerd.ps1 @@ -2,14 +2,7 @@ $ErrorActionPreference = "Stop" $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT $mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/') $env:PATH = $env:PATH + ";$mountPath/Windows/System32;$mountPath/openvswitch/usr/bin;$mountPath/openvswitch/usr/sbin" -$OVSDriverDir="$mountPath\openvswitch\driver" - -# Check if OVSExt driver is already installed -$driverStatus = netcfg -q ovsext -if ($driverStatus -like '*not installed*') { - # Install OVS Driver - netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt -} +$OVSDriverDir = "$mountPath\openvswitch\driver" # Configure OVS processes $OVS_DB_SCHEMA_PATH = "$mountPath/openvswitch/usr/share/openvswitch/vswitch.ovsschema" diff --git a/build/yamls/windows/containerd-with-ovs/containerd-with-ovs.yml b/build/yamls/windows/containerd-with-ovs/containerd-with-ovs.yml index d4df7b9a5fa..ae9560245cf 100644 --- a/build/yamls/windows/containerd-with-ovs/containerd-with-ovs.yml +++ b/build/yamls/windows/containerd-with-ovs/containerd-with-ovs.yml @@ -28,3 +28,15 @@ spec: - mountPath: /var/log/openvswitch name: var-log-antrea subPath: openvswitch + initContainers: + - args: + - -file + - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-OVSDriver-Containerd.ps1 + command: + - powershell + image: antrea/antrea-windows:latest + imagePullPolicy: IfNotPresent + name: install-ovs-driver + volumeMounts: + - mountPath: /var/lib/antrea-windows + name: antrea-agent-windows diff --git a/build/yamls/windows/containerd-with-ovs/kustomization.yml b/build/yamls/windows/containerd-with-ovs/kustomization.yml index 6326ee0dd0d..2ad451f34aa 100644 --- a/build/yamls/windows/containerd-with-ovs/kustomization.yml +++ b/build/yamls/windows/containerd-with-ovs/kustomization.yml @@ -8,6 +8,7 @@ commonLabels: app: antrea configMapGenerator: - files: + - conf/Install-OVSDriver-Containerd.ps1 - conf/Run-AntreaOVS-Containerd.ps1 - conf/VMSwitchExtension-AntreaAgent-Containerd.ps1 name: antrea-agent-windows diff --git a/hack/update-checksum-windows.sh b/hack/update-checksum-windows.sh index 66f52b2d4d4..078ca94537f 100755 --- a/hack/update-checksum-windows.sh +++ b/hack/update-checksum-windows.sh @@ -24,7 +24,8 @@ BASE_CONF_FILES="${WINDOWS_DIR}/base/conf/antrea-agent.conf ${WINDOWS_DIR}/base/ CONTAINERD_CONF_FILES="${WINDOWS_DIR}/containerd/conf/Install-WindowsCNI-Containerd.ps1 \ ${WINDOWS_DIR}/containerd/conf/Run-AntreaAgent-Containerd.ps1" CONTAINERD_WITH_OVS_CONF_FILES="${WINDOWS_DIR}/containerd-with-ovs/conf/Run-AntreaOVS-Containerd.ps1 \ - ${WINDOWS_DIR}/containerd-with-ovs/conf/VMSwitchExtension-AntreaAgent-Containerd.ps1" + ${WINDOWS_DIR}/containerd-with-ovs/conf/VMSwitchExtension-AntreaAgent-Containerd.ps1 \ + ${WINDOWS_DIR}/containerd-with-ovs/conf/Install-OVSDriver-Containerd.ps1" checksum_windows_config=$(cat ${BASE_CONF_FILES} | sha256sum | cut -d " " -f 1)