aboutsummaryrefslogtreecommitdiffstats
path: root/kud/deployment_infra
diff options
context:
space:
mode:
authorRitu Sood <ritu.sood@intel.com>2019-08-14 19:41:37 +0000
committerRitu Sood <ritu.sood@intel.com>2019-08-29 06:14:02 -0700
commitb5e4a8178fce6ab9d60f1c4e2cd9ec53cbd5d2f8 (patch)
treee7fc7f5a240389ed569f5f7cfc32253ada73b34b /kud/deployment_infra
parentdcace0784979890bb986fb078348b4b3ceef146c (diff)
Add support for Network Operator
ovn4nfvk8s plugin now uses operator sdk and controller runtime. It now includes support for Network operator. This patch includes changes needed in KUD for that. Signed-off-by: Ritu Sood <ritu.sood@intel.com> Issue-ID: MULTICLOUD-684 Change-Id: I63dc971e257067c69c70a8996eaffd1a9d8a4c2c
Diffstat (limited to 'kud/deployment_infra')
-rw-r--r--kud/deployment_infra/images/nfn.yml322
-rw-r--r--kud/deployment_infra/playbooks/configure-ovn4nfv.yml101
2 files changed, 334 insertions, 89 deletions
diff --git a/kud/deployment_infra/images/nfn.yml b/kud/deployment_infra/images/nfn.yml
new file mode 100644
index 00000000..6e583b95
--- /dev/null
+++ b/kud/deployment_infra/images/nfn.yml
@@ -0,0 +1,322 @@
+
+---
+
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ name: networks.k8s.plugin.opnfv.org
+spec:
+ group: k8s.plugin.opnfv.org
+ names:
+ kind: Network
+ listKind: NetworkList
+ plural: networks
+ singular: network
+ scope: Namespaced
+ subresources:
+ status: {}
+ validation:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ cniType:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+ Important: Run "operator-sdk generate k8s" to regenerate code after
+ modifying this file Add custom validation using kubebuilder tags:
+ https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html'
+ type: string
+ dns:
+ properties:
+ domain:
+ type: string
+ nameservers:
+ items:
+ type: string
+ type: array
+ options:
+ items:
+ type: string
+ type: array
+ search:
+ items:
+ type: string
+ type: array
+ type: object
+ ipv4Subnets:
+ items:
+ properties:
+ excludeIps:
+ type: string
+ gateway:
+ type: string
+ name:
+ type: string
+ subnet:
+ type: string
+ required:
+ - name
+ - subnet
+ type: object
+ type: array
+ ipv6Subnets:
+ items:
+ properties:
+ excludeIps:
+ type: string
+ gateway:
+ type: string
+ name:
+ type: string
+ subnet:
+ type: string
+ required:
+ - name
+ - subnet
+ type: object
+ type: array
+ routes:
+ items:
+ properties:
+ dst:
+ type: string
+ gw:
+ type: string
+ required:
+ - dst
+ type: object
+ type: array
+ required:
+ - cniType
+ - ipv4Subnets
+ type: object
+ status:
+ properties:
+ state:
+ description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
+ of cluster Important: Run "operator-sdk generate k8s" to regenerate
+ code after modifying this file Add custom validation using kubebuilder
+ tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html'
+ type: string
+ required:
+ - state
+ type: object
+ version: v1alpha1
+ versions:
+ - name: v1alpha1
+ served: true
+ storage: true
+
+---
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: k8s-nfn-sa
+ namespace: operator
+
+---
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ creationTimestamp: null
+ name: k8s-nfn-cr
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ - services
+ - endpoints
+ - persistentvolumeclaims
+ - events
+ - configmaps
+ - secrets
+ verbs:
+ - '*'
+- apiGroups:
+ - apps
+ resources:
+ - deployments
+ - daemonsets
+ - replicasets
+ - statefulsets
+ verbs:
+ - '*'
+- apiGroups:
+ - monitoring.coreos.com
+ resources:
+ - servicemonitors
+ verbs:
+ - get
+ - create
+- apiGroups:
+ - apps
+ resourceNames:
+ - nfn-operator
+ resources:
+ - deployments/finalizers
+ verbs:
+ - update
+- apiGroups:
+ - k8s.plugin.opnfv.org
+ resources:
+ - '*'
+ - providernetworks
+ verbs:
+ - '*'
+
+---
+
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: k8s-nfn-crb
+subjects:
+- kind: Group
+ name: system:serviceaccounts
+ apiGroup: rbac.authorization.k8s.io
+roleRef:
+ kind: ClusterRole
+ name: k8s-nfn-cr
+ apiGroup: rbac.authorization.k8s.io
+
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nfn-operator
+ namespace: operator
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ name: nfn-operator
+ template:
+ metadata:
+ labels:
+ name: nfn-operator
+ spec:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: nfnType
+ operator: In
+ values:
+ - operator
+ tolerations:
+ - key: "node-role.kubernetes.io/master"
+ effect: "NoSchedule"
+ operator: "Exists"
+ serviceAccountName: k8s-nfn-sa
+ containers:
+ - name: nfn-operator
+ image: rtsood/nfn-operator:latest
+ command: ["/usr/local/bin/entrypoint", "operator"]
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: HOST_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.hostIP
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: OPERATOR_NAME
+ value: "nfn-operator"
+
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: ovn4nfv-cni-config
+ namespace: operator
+ labels:
+ app: ovn4nfv
+data:
+ ovn4nfv_k8s.conf: |
+ [logging]
+ loglevel=5
+ logfile=/var/log/openvswitch/ovn4k8s.log
+
+ [cni]
+ conf-dir=/etc/cni/net.d
+ plugin=ovn4nfvk8s-cni
+
+ [kubernetes]
+ kubeconfig=/etc/kubernetes/admin.conf
+
+---
+apiVersion: extensions/v1beta1
+kind: DaemonSet
+metadata:
+ name: ovn4nfv-cni
+ namespace: operator
+ labels:
+ app: ovn4nfv
+spec:
+ updateStrategy:
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: ovn4nfv
+ spec:
+ hostNetwork: true
+ nodeSelector:
+ beta.kubernetes.io/arch: amd64
+ tolerations:
+ - operator: Exists
+ effect: NoSchedule
+ containers:
+ - name: ovn4nfv
+ image: rtsood/nfn-operator:latest
+ command: ["/usr/local/bin/entrypoint", "cni"]
+ resources:
+ requests:
+ cpu: "100m"
+ memory: "50Mi"
+ limits:
+ cpu: "100m"
+ memory: "50Mi"
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - name: cnibin
+ mountPath: /host/opt/cni/bin
+ - name: cniconf
+ mountPath: /host/etc/openvswitch
+ - name: ovn4nfv-cfg
+ mountPath: /tmp/ovn4nfv-conf
+ volumes:
+ - name: cnibin
+ hostPath:
+ path: /opt/cni/bin
+ - name: cniconf
+ hostPath:
+ path: /etc/openvswitch
+ - name: ovn4nfv-cfg
+ configMap:
+ name: ovn4nfv-cni-config
+ items:
+ - key: ovn4nfv_k8s.conf
+ path: ovn4nfv_k8s.conf
+
+
diff --git a/kud/deployment_infra/playbooks/configure-ovn4nfv.yml b/kud/deployment_infra/playbooks/configure-ovn4nfv.yml
index 2084c95d..cff05296 100644
--- a/kud/deployment_infra/playbooks/configure-ovn4nfv.yml
+++ b/kud/deployment_infra/playbooks/configure-ovn4nfv.yml
@@ -10,95 +10,6 @@
- import_playbook: configure-ovn.yml
- import_playbook: configure-multus.yml
-- hosts: kube-master:kube-node
- environment:
- PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/"
- pre_tasks:
- - name: Load kud variables
- include_vars:
- file: kud-vars.yml
- roles:
- - role: andrewrothstein.go
- go_ver: "{{ go_version }}"
- tasks:
- - name: clone ovn4nfv-k8s-plugin repo
- git:
- repo: "{{ ovn4nfv_url }}"
- dest: "{{ ovn4nfv_dest }}"
- version: "{{ ovn4nfv_version }}"
- force: yes
- when: ovn4nfv_source_type == "source"
- - name: clean ovn4nfvk8s left over files
- make:
- chdir: "{{ ovn4nfv_dest }}"
- target: clean
- - name: build ovn4nfvk8s-cni
- make:
- chdir: "{{ ovn4nfv_dest }}"
- target: ovn4nfvk8s-cni
- become: yes
- environment:
- GOPATH: "{{ go_path }}"
- - name: copy ovn4nfvk8s-cni to cni folder
- command: "mv {{ ovn4nfv_dest }}/ovn4nfvk8s-cni /opt/cni/bin/ovn4nfvk8s-cni"
- become: yes
- - name: create ovn4k8s config file
- become: yes
- blockinfile:
- path: /etc/openvswitch/ovn4nfv_k8s.conf
- create: yes
- block: |
- [logging]
- loglevel=5
- logfile=/var/log/openvswitch/ovn4k8s.log
-
- [cni]
- conf-dir=/etc/cni/net.d
- plugin=ovn4nfvk8s-cni
-
- [kubernetes]
- kubeconfig=/etc/kubernetes/admin.conf
- - name: create ovnkube logging directory
- file:
- path: /var/log/openvswitch
- state: directory
-
-- hosts: kube-master
- environment:
- PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/"
- become: yes
- tasks:
- - name: Load kud variables
- include_vars:
- file: kud-vars.yml
- - name: build ovn4nfvk8s
- make:
- chdir: "{{ ovn4nfv_dest }}"
- target: ovn4nfvk8s
- environment:
- GOPATH: "{{ go_path }}"
- - name: copy ovn4nfvk8s to /usr/bin folder
- command: "mv {{ ovn4nfv_dest }}/ovn4nfvk8s /usr/bin/ovn4nfvk8s"
- - name: create ovn4nfvk8s systemd service
- blockinfile:
- path: /etc/systemd/system/ovn4nfvk8s.service
- create: yes
- block: |
- [Unit]
- Description=OVN4NFV Kubernetes Daemon
-
- [Service]
- ExecStart=/usr/bin/ovn4nfvk8s \
- -k8s-kubeconfig=/etc/kubernetes/admin.conf
-
- [Install]
- WantedBy=multi-user.target
- - name: start ovn4nfvk8s systemd service
- service:
- name: ovn4nfvk8s
- state: started
- enabled: yes
-
- hosts: localhost
pre_tasks:
- name: Load kud variables
@@ -124,3 +35,15 @@
- name: create network objects
shell: "/usr/local/bin/kubectl apply -f /tmp/ovn4nfvnetwork.yml"
ignore_errors: True
+
+ - name: create operator namespace
+ shell: "/usr/local/bin/kubectl create namespace operator"
+ ignore_errors: True
+
+ - name: apply nfn operator label
+ command: "/usr/local/bin/kubectl label node {{ item }} nfnType=operator --overwrite"
+ with_inventory_hostnames: ovn-central
+
+ - name: Apply NFN operator, operator roles, CRD's and ovn4nfv Daemonset
+ shell: "/usr/local/bin/kubectl apply -f ../images/nfn.yml"
+ ignore_errors: True