Merge pull request ovn-org#83 from dceara/make-podman-default

Make podman default
flavio-fernandes · May 25, 2023 · d7783cb · d7783cb
2 parents 9e11994 + 9f407c2
commit d7783cb
Show file tree

Hide file tree

Showing 12 changed files with 367 additions and 395 deletions.
diff --git a/README.md b/README.md
@@ -16,12 +16,13 @@ from the [2019 OVScon](https://www.openvswitch.org/support/ovscon2019/):
 
 Step 1: Build the container images
 
-By default, Docker is used (we can switch to Podman later):
+By default, podman is used (users can control the container runtime through
+the `RUNC_CMD` environment variable):
 ```
 sudo OVN_SRC_PATH=<path_t_ovn_src_folder> OVS_SRC_PATH=<path_to_ovs_src_folder> ./ovn_cluster.sh build
 ```
 
-This will create 2 docker images
+This will create 2 container images
 
 - **ovn/cinc**: base image that gives us the nesting capability
 - **ovn/ovn-multi-node**: built on top of cinc where ovs+ovn is compiled and installed

diff --git a/README_DEVELOPMENT.md b/README_DEVELOPMENT.md
@@ -19,7 +19,7 @@ vagrant up && vagrant ssh
 As there is no simple plugin to re-size the vagrant image with the libvirt
 provider, we will manually resize it. This will allow us to store and build
 a custom kernel, and meet the additional storage requirements for the
-updated docker images.
+updated container images.
 
 The following set of commands will re-size the image:
 

diff --git a/Vagrantfile b/Vagrantfile
@@ -59,13 +59,13 @@ Vagrant.configure(2) do |config|
     end
 
     config.vm.provision :shell do |shell|
-        shell.path = 'provisioning/install_docker.sh'
+        shell.path = 'provisioning/install_podman.sh'
     end
 
     config.vm.provision "build_images", type: "shell", inline: $build_images, privileged: true
 
-    # Install and start ovs used to interconnect the docker
-    # containers that are used to emulate the ovn chassis (below). This does not need
+    # Install and start ovs used to interconnect the containers
+    # that are used to emulate the ovn chassis (below). This does not need
     # to run ovn, since it is purely used as an underlay network.
     config.vm.provision :shell do |shell|
          shell.path = 'provisioning/install_ovs_in_underlay.sh'

diff --git a/ovn_cluster.sh b/ovn_cluster.sh
@@ -5,7 +5,7 @@
 #set -o xtrace
 set -o errexit
 
-RUNC_CMD="${RUNC_CMD:-docker}"
+RUNC_CMD="${RUNC_CMD:-podman}"
 
 CENTRAL_IMAGE=${CENTRAL_IMAGE:-"ovn/ovn-multi-node:latest"}
 CHASSIS_IMAGE=${CHASSIS_IMAGE:-"ovn/ovn-multi-node:latest"}
@@ -32,8 +32,6 @@ OVN_BR="br-ovn"
 OVN_EXT_BR="br-ovn-ext"
 OVN_BR_CLEANUP="${OVN_BR_CLEANUP:-yes}"
 
-OVS_DOCKER="./ovs-docker"
-
 OVN_SRC_PATH="${OVN_SRC_PATH:-}"
 OVS_SRC_PATH="${OVS_SRC_PATH:-}"
 
@@ -76,13 +74,6 @@ INSTALL_UTILS_FROM_SOURCES="${INSTALL_UTILS_FROM_SOURCES:-no}"
 OVN_NBDB_SRC=${OVN_NBDB_SRC}
 OVN_SBDB_SRC=${OVN_SBDB_SRC}
 
-function check-selinux() {
-  if [[ "$(getenforce)" = "Enforcing" ]]; then
-    >&2 echo "Error: This script is not compatible with SELinux enforcing mode."
-    exit 1
-  fi
-}
-
 function count-central() {
     local filter=${1:-}
     count-containers "${CENTRAL_NAME}" "${filter}"
@@ -165,20 +156,20 @@ function stop() {
         ovs-vsctl --if-exists del-br $OVN_EXT_BR || exit 1
     else
         if [ "$OVN_DB_CLUSTER" = "yes" ]; then
-            del-ovs-docker-ports ${CENTRAL_NAME}-1
-            del-ovs-docker-ports ${CENTRAL_NAME}-2
-            del-ovs-docker-ports ${CENTRAL_NAME}-3
+            del-ovs-container-ports ${CENTRAL_NAME}-1
+            del-ovs-container-ports ${CENTRAL_NAME}-2
+            del-ovs-container-ports ${CENTRAL_NAME}-3
         else
-            del-ovs-docker-ports ${CENTRAL_NAME}
+            del-ovs-container-ports ${CENTRAL_NAME}
         fi
         for name in "${RELAY_NAMES[@]}"; do
-            del-ovs-docker-ports ${name}
+            del-ovs-container-ports ${name}
         done
         for name in "${GW_NAMES[@]}"; do
-            del-ovs-docker-ports ${name}
+            del-ovs-container-ports ${name}
         done
         for name in "${CHASSIS_NAMES[@]}"; do
-            del-ovs-docker-ports ${name}
+            del-ovs-container-ports ${name}
         done
     fi
 
@@ -194,7 +185,7 @@ function setup-ovs-in-host() {
     ovs-vsctl br-exists $OVN_BR || ovs-vsctl add-br $OVN_EXT_BR || exit 1
 }
 
-function add-ovs-docker-ports() {
+function add-ovs-container-ports() {
     ovn_central=$1
     ip_range=$IP_HOST
     cidr=$IP_CIDR
@@ -208,35 +199,35 @@ function add-ovs-docker-ports() {
     if [ "$ovn_central" == "yes" ]; then
         if [ "$OVN_DB_CLUSTER" = "yes" ]; then
             ip1=$ip
-            ${OVS_DOCKER} add-port $br $eth ${CENTRAL_NAME}-1 --ipaddress=${ip1}/${cidr}
+            ./ovs-runc add-port $br $eth ${CENTRAL_NAME}-1 --ipaddress=${ip1}/${cidr}
             echo $ip1 > _ovn_central_1
             (( ip_index += 1))
             ip2=$(./ip_gen.py $ip_range/$cidr $ip_start $ip_index)
-            ${OVS_DOCKER} add-port $br $eth ${CENTRAL_NAME}-2 --ipaddress=${ip2}/${cidr}
+            ./ovs-runc add-port $br $eth ${CENTRAL_NAME}-2 --ipaddress=${ip2}/${cidr}
             echo $ip2 > _ovn_central_2
 
             (( ip_index += 1))
             ip3=$(./ip_gen.py $ip_range/$cidr $ip_start $ip_index)
-            ${OVS_DOCKER} add-port $br $eth ${CENTRAL_NAME}-3 --ipaddress=${ip3}/${cidr}
+            ./ovs-runc add-port $br $eth ${CENTRAL_NAME}-3 --ipaddress=${ip3}/${cidr}
             echo $ip3 > _ovn_central_3
             echo "${REMOTE_PROT}:$ip1:6642,${REMOTE_PROT}:$ip2:6642,${REMOTE_PROT}:$ip3:6642" > _ovn_remote
         else
-            ${OVS_DOCKER} add-port $br $eth ${CENTRAL_NAME} --ipaddress=${ip}/${cidr}
+            ./ovs-runc add-port $br $eth ${CENTRAL_NAME} --ipaddress=${ip}/${cidr}
             echo "${REMOTE_PROT}:$ip:6642" > _ovn_remote
         fi
 
         for name in "${GW_NAMES[@]}"; do
             (( ip_index += 1))
             ip=$(./ip_gen.py $ip_range/$cidr $ip_start $ip_index)
-            ${OVS_DOCKER} add-port $br $eth ${name} --ipaddress=${ip}/${cidr}
+            ./ovs-runc add-port $br $eth ${name} --ipaddress=${ip}/${cidr}
         done
 
         if [ "$RELAY_COUNT" -gt 0 ]; then
             relay_remotes=""
             for name in "${RELAY_NAMES[@]}"; do
                 (( ip_index += 1))
                 ip=$(./ip_gen.py $ip_range/$cidr $ip_start $ip_index)
-                ${OVS_DOCKER} add-port $br $eth ${name} --ipaddress=${ip}/${cidr}
+                ./ovs-runc add-port $br $eth ${name} --ipaddress=${ip}/${cidr}
                 relay_remotes=$relay_remotes",${REMOTE_PROT}:$ip:6642"
             done
             orig_remotes=$(cat _ovn_remote)
@@ -262,35 +253,35 @@ function add-ovs-docker-ports() {
     for name in "${CHASSIS_NAMES[@]}"; do
         (( ip_index += 1))
         ip=$(./ip_gen.py $ip_range/$cidr $ip_start $ip_index)
-        ${OVS_DOCKER} add-port $br $eth ${name} --ipaddress=${ip}/${cidr}
+        ./ovs-runc add-port $br $eth ${name} --ipaddress=${ip}/${cidr}
     done
 
     if [ "$ovn_central" == "yes" ]; then
         if [ "$OVN_DB_CLUSTER" = "yes" ]; then
-            ${OVS_DOCKER} add-port ${OVN_EXT_BR} eth2 ${CENTRAL_NAME}-1
-            ${OVS_DOCKER} add-port ${OVN_EXT_BR} eth2 ${CENTRAL_NAME}-2
-            ${OVS_DOCKER} add-port ${OVN_EXT_BR} eth2 ${CENTRAL_NAME}-3
+            ./ovs-runc add-port ${OVN_EXT_BR} eth2 ${CENTRAL_NAME}-1
+            ./ovs-runc add-port ${OVN_EXT_BR} eth2 ${CENTRAL_NAME}-2
+            ./ovs-runc add-port ${OVN_EXT_BR} eth2 ${CENTRAL_NAME}-3
         else
-            ${OVS_DOCKER} add-port ${OVN_EXT_BR} eth2 ${CENTRAL_NAME}
+            ./ovs-runc add-port ${OVN_EXT_BR} eth2 ${CENTRAL_NAME}
         fi
         for name in "${RELAY_NAMES[@]}"; do
-            ${OVS_DOCKER} add-port ${OVN_EXT_BR} eth2 ${name}
+            ./ovs-runc add-port ${OVN_EXT_BR} eth2 ${name}
         done
         for name in "${GW_NAMES[@]}"; do
-            ${OVS_DOCKER} add-port ${OVN_EXT_BR} eth2 ${name}
+            ./ovs-runc add-port ${OVN_EXT_BR} eth2 ${name}
         done
     fi
 
     for name in "${CHASSIS_NAMES[@]}"; do
-        ${OVS_DOCKER} add-port ${OVN_EXT_BR} eth2 ${name}
+        ./ovs-runc add-port ${OVN_EXT_BR} eth2 ${name}
     done
 }
 
-function del-ovs-docker-ports() {
+function del-ovs-container-ports() {
     local name=$1
 
-    ${OVS_DOCKER} del-port $OVN_BR eth1 ${name} || :
-    ${OVS_DOCKER} del-port $OVN_EXT_BR eth2 ${name} || :
+    ./ovs-runc del-port $OVN_BR eth1 ${name} || :
+    ./ovs-runc del-port $OVN_EXT_BR eth2 ${name} || :
 }
 
 function configure-ovn() {
@@ -487,9 +478,6 @@ function start() {
         check-no-containers "start"
     fi
 
-    # docker-in-docker's use of volumes is not compatible with SELinux
-    #check-selinux
-
     setup-ovs-in-host
 
     mkdir -p ${FAKENODE_MNT_DIR}
@@ -520,7 +508,7 @@ function start() {
 
     echo "Adding ovs-ports"
     # Add ovs ports to each of the nodes.
-    add-ovs-docker-ports ${ovn_central}
+    add-ovs-container-ports ${ovn_central}
 
     if [ "$ovn_remote" == "" ]; then
         if [ -e _ovn_remote ]; then
@@ -978,7 +966,7 @@ case "${1:-""}" in
         stop
         ;;
     stop-chassis)
-        del-ovs-docker-ports $2
+        del-ovs-container-ports $2
         stop-container $2
         ;;
     build)