Add OVS driver installation in initContainer for Antrea Windows agent

By integrating the OVS driver installation into an initContainer, we ensure that the necessary driver is installed before the main containers start, and the driver's presence is checked only once during the pod's lifecycle. Signed-off-by: Shuyang Xin <gavinx@vmware.com>
antrea-io · May 21, 2024 · a9e27b1 · a9e27b1
1 parent d4922f0
commit a9e27b1
Show file tree

Hide file tree

Showing 12 changed files with 87 additions and 43 deletions.
diff --git a/build/yamls/antrea-windows-with-ovs.yml b/build/yamls/antrea-windows-with-ovs.yml
@@ -1,6 +1,23 @@
 apiVersion: v1
 data:
-  Install-WindowsCNI-Containerd.ps1: |
+  Install-OVSDriver.ps1: |
+    $ErrorActionPreference = "Stop"
+    $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
+    $mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/')
+    $OVSDriverDir = "$mountPath\openvswitch\driver"
+
+    # Check if OVSExt driver is already installed
+    $driverStatus = netcfg -q ovsext
+    if ($driverStatus -like '*not installed*') {
+      # Install OVS Driver
+      $result = netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt
+      if ($result -like '*failed*') {
+        Write-Host "Failed to install OVSExt driver: $result"
+        exit 1
+      }
+      Write-Host "OVSExt driver has been installed"
+    }
+  Install-WindowsCNI.ps1: |
     $ErrorActionPreference = "Stop";
     mkdir -force c:/var/log/antrea
     $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
@@ -34,25 +51,18 @@ data:
     cp $mountPath/etc/antrea/antrea-cni.conflist c:/etc/cni/net.d/10-antrea.conflist
     mkdir -force c:/k/antrea/bin
     cp $mountPath/k/antrea/bin/antctl.exe c:/k/antrea/bin/antctl.exe
-  Run-AntreaAgent-Containerd.ps1: |
+  Run-AntreaAgent.ps1: |
     $ErrorActionPreference = "Stop"
     $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
     $mountPath =  ($mountPath.Replace('\', '/')).TrimEnd('/')
     $env:PATH = $env:PATH + ";$mountPath/Windows/System32;$mountPath/k/antrea/bin;$mountPath/openvswitch/usr/bin;$mountPath/openvswitch/usr/sbin"
     & antrea-agent --config=$mountPath/etc/antrea/antrea-agent.conf --logtostderr=false --log_dir=c:/var/log/antrea --alsologtostderr --log_file_max_size=100 --log_file_max_num=4 --v=0
-  Run-AntreaOVS-Containerd.ps1: |
+  Run-AntreaOVS.ps1: |
     $ErrorActionPreference = "Stop"
     $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
     $mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/')
     $env:PATH = $env:PATH + ";$mountPath/Windows/System32;$mountPath/openvswitch/usr/bin;$mountPath/openvswitch/usr/sbin"
-    $OVSDriverDir="$mountPath\openvswitch\driver"
-
-    # Check if OVSExt driver is already installed
-    $driverStatus = netcfg -q ovsext
-    if ($driverStatus -like '*not installed*') {
-      # Install OVS Driver
-      netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt
-    }
+    $OVSDriverDir = "$mountPath\openvswitch\driver"
 
     # Configure OVS processes
     $OVS_DB_SCHEMA_PATH = "$mountPath/openvswitch/usr/share/openvswitch/vswitch.ovsschema"
@@ -87,7 +97,7 @@ data:
         }
         Start-Sleep -Seconds $SleepInterval
     }
-  VMSwitchExtension-AntreaAgent-Containerd.ps1: |
+  VMSwitchExtension-AntreaAgent.ps1: |
     Param(
         [parameter(Mandatory = $false)] [ValidateSet("enable", "disable")] [string] $VMSwitchExtension = "disable"
     )
@@ -293,7 +303,7 @@ spec:
   template:
     metadata:
       annotations:
-        checksum/agent-windows: bb43d8d5840ffd71ff946d44052fefc5bd88ca5ad58ac5048d85a5cf26a7ef13
+        checksum/agent-windows: 3a8371fd1b923b1176641950074efc943c326c1638293f84ba16bbeec889ce2d
         checksum/windows-config: 6ff4f8bd0b310ebe4d4612bdd9697ffb3d79e0e0eab3936420417dd5a8fc128d
         microsoft.com/hostprocess-inherit-user: "true"
       labels:
@@ -303,7 +313,7 @@ spec:
       containers:
       - args:
         - -file
-        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Run-AntreaAgent-Containerd.ps1
+        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Run-AntreaAgent.ps1
         command:
         - powershell
         env:
@@ -327,15 +337,15 @@ spec:
               command:
               - powershell
               - -file
-              - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/VMSwitchExtension-AntreaAgent-Containerd.ps1
+              - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/VMSwitchExtension-AntreaAgent.ps1
               - -VMSwitchExtension
               - enable
           preStop:
             exec:
               command:
               - powershell
               - -file
-              - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/VMSwitchExtension-AntreaAgent-Containerd.ps1
+              - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/VMSwitchExtension-AntreaAgent.ps1
               - -VMSwitchExtension
               - disable
         name: antrea-agent
@@ -348,7 +358,7 @@ spec:
           name: var-log-antrea
       - args:
         - -file
-        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Run-AntreaOVS-Containerd.ps1
+        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Run-AntreaOVS.ps1
         command:
         - powershell
         image: antrea/antrea-windows:latest
@@ -364,7 +374,7 @@ spec:
       initContainers:
       - args:
         - -file
-        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-WindowsCNI-Containerd.ps1
+        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-WindowsCNI.ps1
         command:
         - powershell
         image: antrea/antrea-windows:latest
@@ -376,6 +386,17 @@ spec:
           readOnly: true
         - mountPath: /var/lib/antrea-windows
           name: antrea-agent-windows
+      - args:
+        - -file
+        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-OVSDriver.ps1
+        command:
+        - powershell
+        image: antrea/antrea-windows:latest
+        imagePullPolicy: IfNotPresent
+        name: install-ovs-driver
+        volumeMounts:
+        - mountPath: /var/lib/antrea-windows
+          name: antrea-agent-windows
       nodeSelector:
         kubernetes.io/os: windows
       priorityClassName: system-node-critical

diff --git a/build/yamls/antrea-windows.yml b/build/yamls/antrea-windows.yml
@@ -1,6 +1,6 @@
 apiVersion: v1
 data:
-  Install-WindowsCNI-Containerd.ps1: |
+  Install-WindowsCNI.ps1: |
     $ErrorActionPreference = "Stop";
     mkdir -force c:/var/log/antrea
     $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
@@ -34,7 +34,7 @@ data:
     cp $mountPath/etc/antrea/antrea-cni.conflist c:/etc/cni/net.d/10-antrea.conflist
     mkdir -force c:/k/antrea/bin
     cp $mountPath/k/antrea/bin/antctl.exe c:/k/antrea/bin/antctl.exe
-  Run-AntreaAgent-Containerd.ps1: |
+  Run-AntreaAgent.ps1: |
     $ErrorActionPreference = "Stop"
     $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
     $mountPath =  ($mountPath.Replace('\', '/')).TrimEnd('/')
@@ -239,7 +239,7 @@ spec:
       containers:
       - args:
         - -file
-        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Run-AntreaAgent-Containerd.ps1
+        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Run-AntreaAgent.ps1
         command:
         - powershell
         env:
@@ -269,7 +269,7 @@ spec:
       initContainers:
       - args:
         - -file
-        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-WindowsCNI-Containerd.ps1
+        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-WindowsCNI.ps1
         command:
         - powershell
         image: antrea/antrea-windows:latest

diff --git a/build/yamls/windows/containerd-with-ovs/conf/Install-OVSDriver.ps1 b/build/yamls/windows/containerd-with-ovs/conf/Install-OVSDriver.ps1
@@ -0,0 +1,16 @@
+$ErrorActionPreference = "Stop"
+$mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
+$mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/')
+$OVSDriverDir = "$mountPath\openvswitch\driver"
+
+# Check if OVSExt driver is already installed
+$driverStatus = netcfg -q ovsext
+if ($driverStatus -like '*not installed*') {
+  # Install OVS Driver
+  $result = netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt
+  if ($result -like '*failed*') {
+    Write-Host "Failed to install OVSExt driver: $result"
+    exit 1
+  }
+  Write-Host "OVSExt driver has been installed"
+}
diff --git a/...ith-ovs/conf/Run-AntreaOVS-Containerd.ps1 → ...ontainerd-with-ovs/conf/Run-AntreaOVS.ps1 b/...ith-ovs/conf/Run-AntreaOVS-Containerd.ps1 → ...ontainerd-with-ovs/conf/Run-AntreaOVS.ps1
@@ -2,14 +2,7 @@ $ErrorActionPreference = "Stop"
 $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
 $mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/')
 $env:PATH = $env:PATH + ";$mountPath/Windows/System32;$mountPath/openvswitch/usr/bin;$mountPath/openvswitch/usr/sbin"
-$OVSDriverDir="$mountPath\openvswitch\driver"
-
-# Check if OVSExt driver is already installed
-$driverStatus = netcfg -q ovsext
-if ($driverStatus -like '*not installed*') {
-  # Install OVS Driver
-  netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt
-}
+$OVSDriverDir = "$mountPath\openvswitch\driver"
 
 # Configure OVS processes
 $OVS_DB_SCHEMA_PATH = "$mountPath/openvswitch/usr/share/openvswitch/vswitch.ovsschema"

diff --git a/...witchExtension-AntreaAgent-Containerd.ps1 → ...vs/conf/VMSwitchExtension-AntreaAgent.ps1 b/...witchExtension-AntreaAgent-Containerd.ps1 → ...vs/conf/VMSwitchExtension-AntreaAgent.ps1
diff --git a/build/yamls/windows/containerd-with-ovs/containerd-with-ovs.yml b/build/yamls/windows/containerd-with-ovs/containerd-with-ovs.yml
@@ -10,16 +10,16 @@ spec:
           lifecycle:
             preStop:
               exec:
-                command: ["powershell", "-file", "$env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/VMSwitchExtension-AntreaAgent-Containerd.ps1", "-VMSwitchExtension", "disable"]
+                command: ["powershell", "-file", "$env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/VMSwitchExtension-AntreaAgent.ps1", "-VMSwitchExtension", "disable"]
             postStart:
               exec:
-                command: ["powershell", "-file", "$env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/VMSwitchExtension-AntreaAgent-Containerd.ps1", "-VMSwitchExtension", "enable"]
+                command: ["powershell", "-file", "$env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/VMSwitchExtension-AntreaAgent.ps1", "-VMSwitchExtension", "enable"]
         - name: antrea-ovs
           image: antrea-windows
           imagePullPolicy: IfNotPresent
           args:
             - -file
-            - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Run-AntreaOVS-Containerd.ps1
+            - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Run-AntreaOVS.ps1
           command:
           - powershell
           volumeMounts:
@@ -28,3 +28,15 @@ spec:
           - mountPath: /var/log/openvswitch
             name: var-log-antrea
             subPath: openvswitch
+      initContainers:
+      - args:
+        - -file
+        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-OVSDriver.ps1
+        command:
+        - powershell
+        image: antrea/antrea-windows:latest
+        imagePullPolicy: IfNotPresent
+        name: install-ovs-driver
+        volumeMounts:
+        - mountPath: /var/lib/antrea-windows
+          name: antrea-agent-windows
diff --git a/build/yamls/windows/containerd-with-ovs/kustomization.yml b/build/yamls/windows/containerd-with-ovs/kustomization.yml
@@ -8,8 +8,9 @@ commonLabels:
   app: antrea
 configMapGenerator:
 - files:
-  - conf/Run-AntreaOVS-Containerd.ps1
-  - conf/VMSwitchExtension-AntreaAgent-Containerd.ps1
+  - conf/Install-OVSDriver.ps1
+  - conf/Run-AntreaOVS.ps1
+  - conf/VMSwitchExtension-AntreaAgent.ps1
   name: antrea-agent-windows
   namespace: kube-system
   behavior: merge

diff --git a/build/yamls/windows/containerd/agent-containerd.yml b/build/yamls/windows/containerd/agent-containerd.yml
@@ -24,7 +24,7 @@ spec:
       containers:
       - args:
         - -file
-        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Run-AntreaAgent-Containerd.ps1
+        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Run-AntreaAgent.ps1
         command:
         - powershell
         env:
@@ -53,7 +53,7 @@ spec:
       initContainers:
       - args:
         - -file
-        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-WindowsCNI-Containerd.ps1
+        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-WindowsCNI.ps1
         command:
         - powershell
         image: antrea-windows

diff --git a/...rd/conf/Install-WindowsCNI-Containerd.ps1 → ...ws/containerd/conf/Install-WindowsCNI.ps1 b/...rd/conf/Install-WindowsCNI-Containerd.ps1 → ...ws/containerd/conf/Install-WindowsCNI.ps1
diff --git a/...inerd/conf/Run-AntreaAgent-Containerd.ps1 → ...ndows/containerd/conf/Run-AntreaAgent.ps1 b/...inerd/conf/Run-AntreaAgent-Containerd.ps1 → ...ndows/containerd/conf/Run-AntreaAgent.ps1
diff --git a/build/yamls/windows/containerd/kustomization.yml b/build/yamls/windows/containerd/kustomization.yml
@@ -8,8 +8,8 @@ commonLabels:
   app: antrea
 configMapGenerator:
 - files:
-  - conf/Run-AntreaAgent-Containerd.ps1
-  - conf/Install-WindowsCNI-Containerd.ps1
+  - conf/Run-AntreaAgent.ps1
+  - conf/Install-WindowsCNI.ps1
   name: antrea-agent-windows
 generatorOptions:
   disableNameSuffixHash: true
diff --git a/hack/update-checksum-windows.sh b/hack/update-checksum-windows.sh
@@ -21,10 +21,11 @@ YAMLS_DIR="${WORK_DIR}"/../build/yamls
 MANIFESTS=$(ls $YAMLS_DIR/antrea-windows*.yml)
 WINDOWS_DIR="${YAMLS_DIR}"/windows
 BASE_CONF_FILES="${WINDOWS_DIR}/base/conf/antrea-agent.conf ${WINDOWS_DIR}/base/conf/antrea-cni.conflist"
-CONTAINERD_CONF_FILES="${WINDOWS_DIR}/containerd/conf/Install-WindowsCNI-Containerd.ps1 \
-    ${WINDOWS_DIR}/containerd/conf/Run-AntreaAgent-Containerd.ps1"
-CONTAINERD_WITH_OVS_CONF_FILES="${WINDOWS_DIR}/containerd-with-ovs/conf/Run-AntreaOVS-Containerd.ps1 \
-    ${WINDOWS_DIR}/containerd-with-ovs/conf/VMSwitchExtension-AntreaAgent-Containerd.ps1"
+CONTAINERD_CONF_FILES="${WINDOWS_DIR}/containerd/conf/Install-WindowsCNI.ps1 \
+    ${WINDOWS_DIR}/containerd/conf/Run-AntreaAgent.ps1"
+CONTAINERD_WITH_OVS_CONF_FILES="${WINDOWS_DIR}/containerd-with-ovs/conf/Run-AntreaOVS.ps1 \
+    ${WINDOWS_DIR}/containerd-with-ovs/conf/VMSwitchExtension-AntreaAgent.ps1 \
+    ${WINDOWS_DIR}/containerd-with-ovs/conf/Install-OVSDriver.ps1"
 
 checksum_windows_config=$(cat ${BASE_CONF_FILES} | sha256sum | cut -d " " -f 1)