Add OVS driver installation in initContainer for Antrea Windows agent

By integrating the OVS driver installation into an initContainer, we ensure that
the necessary driver is installed before the main containers start, and the driver's
presence is checked only once during the pod's lifecycle.

Signed-off-by: Shuyang Xin <gavinx@vmware.com>

build/yamls/antrea-windows-with-ovs.yml

@@ -34,6 +34,26 @@ data:
     cp $mountPath/etc/antrea/antrea-cni.conflist c:/etc/cni/net.d/10-antrea.conflist
     mkdir -force c:/k/antrea/bin
     cp $mountPath/k/antrea/bin/antctl.exe c:/k/antrea/bin/antctl.exe
+  Install-OVSDriver-Containerd.ps1: |
+    $ErrorActionPreference = "Stop"
+    mkdir -force c:/openvswitch/driver
+    $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
+    $mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/')
+    $OVSDriverDir = "$mountPath\openvswitch\driver"
+
+    # Check if OVSExt driver is already installed
+    $driverStatus = netcfg -q ovsext
+    if ($driverStatus -like '*not installed*') {
+      # Install OVS Driver
+      $result = netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt
+      if ($result -like '*failed*') {
+        Write-Host "Failed to install OVSExt driver: $result"
+        exit 1
+      } else {
+        Write-Host "OVSExt driver has been installed"
+      }
+    }
+
   Run-AntreaAgent-Containerd.ps1: |
     $ErrorActionPreference = "Stop"
     $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
@@ -45,14 +65,7 @@ data:
     $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
     $mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/')
     $env:PATH = $env:PATH + ";$mountPath/Windows/System32;$mountPath/openvswitch/usr/bin;$mountPath/openvswitch/usr/sbin"
-    $OVSDriverDir="$mountPath\openvswitch\driver"
-
-    # Check if OVSExt driver is already installed
-    $driverStatus = netcfg -q ovsext
-    if ($driverStatus -like '*not installed*') {
-      # Install OVS Driver
-      netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt
-    }
+    $OVSDriverDir = "$mountPath\openvswitch\driver"
 
     # Configure OVS processes
     $OVS_DB_SCHEMA_PATH = "$mountPath/openvswitch/usr/share/openvswitch/vswitch.ovsschema"
@@ -376,6 +389,17 @@ spec:
           readOnly: true
         - mountPath: /var/lib/antrea-windows
           name: antrea-agent-windows
+      - args:
+        - -file
+        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-OVSDriver-Containerd.ps1
+        command:
+        - powershell
+        image: antrea/antrea-windows:latest
+        imagePullPolicy: IfNotPresent
+        name: install-ovs-driver
+        volumeMounts:
+        - mountPath: /var/lib/antrea-windows
+          name: antrea-agent-windows
       nodeSelector:
         kubernetes.io/os: windows
       priorityClassName: system-node-critical

build/yamls/windows/containerd-with-ovs/conf/Install-OVSDriver-Containerd.ps1

@@ -0,0 +1,18 @@
+$ErrorActionPreference = "Stop"
+mkdir -force c:/openvswitch/driver
+$mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
+$mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/')
+$OVSDriverDir = "$mountPath\openvswitch\driver"
+
+# Check if OVSExt driver is already installed
+$driverStatus = netcfg -q ovsext
+if ($driverStatus -like '*not installed*') {
+  # Install OVS Driver
+  $result = netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt
+  if ($result -like '*failed*') {
+    Write-Host "Failed to install OVSExt driver: $result"
+    exit 1
+  } else {
+    Write-Host "OVSExt driver has been installed"
+  }
+}

build/yamls/windows/containerd-with-ovs/conf/Run-AntreaOVS-Containerd.ps1

@@ -4,13 +4,6 @@ $mountPath = ($mountPath.Replace('\', '/')).TrimEnd('/')
 $env:PATH = $env:PATH + ";$mountPath/Windows/System32;$mountPath/openvswitch/usr/bin;$mountPath/openvswitch/usr/sbin"
 $OVSDriverDir="$mountPath\openvswitch\driver"
 
-# Check if OVSExt driver is already installed
-$driverStatus = netcfg -q ovsext
-if ($driverStatus -like '*not installed*') {
-  # Install OVS Driver
-  netcfg -l $OVSDriverDir/ovsext.inf -c s -i OVSExt
-}
-
 # Configure OVS processes
 $OVS_DB_SCHEMA_PATH = "$mountPath/openvswitch/usr/share/openvswitch/vswitch.ovsschema"
 $OVS_DB_PATH = "C:\openvswitch\etc\openvswitch\conf.db"

build/yamls/windows/containerd-with-ovs/kustomization.yml

@@ -8,6 +8,7 @@ commonLabels:
   app: antrea
 configMapGenerator:
 - files:
+  - conf/Install-OVSDriver-Containerd.ps1
   - conf/Run-AntreaOVS-Containerd.ps1
   - conf/VMSwitchExtension-AntreaAgent-Containerd.ps1
   name: antrea-agent-windows

build/yamls/windows/containerd/agent-containerd.yml

@@ -64,6 +64,17 @@ spec:
           readOnly: true
         - mountPath: /var/lib/antrea-windows
           name: antrea-agent-windows
+      - args:
+        - -file
+        - $env:CONTAINER_SANDBOX_MOUNT_POINT/var/lib/antrea-windows/Install-OVSDriver-Containerd.ps1
+        command:
+        - powershell
+        image: antrea/antrea-windows:latest
+        imagePullPolicy: IfNotPresent
+        name: install-ovs-driver
+        volumeMounts:
+        - mountPath: /var/lib/antrea-windows
+          name: antrea-agent-windows
       nodeSelector:
         kubernetes.io/os: windows
       priorityClassName: system-node-critical

hack/update-checksum-windows.sh

@@ -24,7 +24,8 @@ BASE_CONF_FILES="${WINDOWS_DIR}/base/conf/antrea-agent.conf ${WINDOWS_DIR}/base/
 CONTAINERD_CONF_FILES="${WINDOWS_DIR}/containerd/conf/Install-WindowsCNI-Containerd.ps1 \
     ${WINDOWS_DIR}/containerd/conf/Run-AntreaAgent-Containerd.ps1"
 CONTAINERD_WITH_OVS_CONF_FILES="${WINDOWS_DIR}/containerd-with-ovs/conf/Run-AntreaOVS-Containerd.ps1 \
-    ${WINDOWS_DIR}/containerd-with-ovs/conf/VMSwitchExtension-AntreaAgent-Containerd.ps1"
+    ${WINDOWS_DIR}/containerd-with-ovs/conf/VMSwitchExtension-AntreaAgent-Containerd.ps1 \
+    ${WINDOWS_DIR}/containerd-with-ovs/conf/Install-OVSDriver-Containerd.ps1"
 
 checksum_windows_config=$(cat ${BASE_CONF_FILES} | sha256sum | cut -d " " -f 1)