diff options
| author |   Bin Yang <bin.yang@windriver.com> | 2020-02-24 12:42:24 +0800 |
|---|---|---|
| committer | Bin Yang <bin.yang@windriver.com> | 2020-02-24 12:42:24 +0800 |
| commit | 219a7eab4129b3e500bcaf6c62819011580895ba (patch) | |
| tree | d9f2eff458c8e1cd6ef36c250983a876a8322448 /starlingx/demo/firewall-host-netdevice | |
| parent | 6547e45fd9f60437811ef35b9d101cdaef494542 (diff) | |
Add nodeaffinity for cFW pods
Change-Id: I31077bbaff99f7ffc2c13abd5899afd05cf560f9
Issue-ID: MULTICLOUD-999
Signed-off-by: Bin Yang <bin.yang@windriver.com>
Diffstat (limited to 'starlingx/demo/firewall-host-netdevice')
4 files changed, 58 insertions, 17 deletions
diff --git a/starlingx/demo/firewall-host-netdevice/charts/pktgen-host-netdevice/templates/deployment.yaml b/starlingx/demo/firewall-host-netdevice/charts/pktgen-host-netdevice/templates/deployment.yaml index 4e48937e..276b3df8 100644 --- a/starlingx/demo/firewall-host-netdevice/charts/pktgen-host-netdevice/templates/deployment.yaml +++ b/starlingx/demo/firewall-host-netdevice/charts/pktgen-host-netdevice/templates/deployment.yaml @@ -23,6 +23,19 @@ spec: "interface": "veth11" } ]' spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + {{- range .Values.global.nodeAffinity }} + - key: {{ .label.labelkey }} + operator: {{ .label.op }} + values: + {{- range .label.labelvalues }} + - {{ . }} + {{- end }} + {{- end }} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" @@ -32,12 +45,10 @@ spec: env: - name: unprotectedNetCidr value: "{{.Values.global.unprotectedNetCidr}}" - - name: unprotectedNetGw - value: "{{.Values.global.unprotectedNetGw}}" + - name: unprotectedNetGwIp + value: "{{.Values.global.unprotectedNetGwIp}}" - name: protectedNetCidr value: "{{.Values.global.protectedNetCidr}}" - - name: protectedNetGw - value: "{{.Values.global.protectedNetGw}}" - name: protectedNetGwIp value: "{{.Values.global.protectedNetGwIp}}" - name: dcaeCollectorIp diff --git a/starlingx/demo/firewall-host-netdevice/charts/sink-host-netdevice/templates/deployment.yaml b/starlingx/demo/firewall-host-netdevice/charts/sink-host-netdevice/templates/deployment.yaml index fe3d03fe..eaa928ae 100644 --- a/starlingx/demo/firewall-host-netdevice/charts/sink-host-netdevice/templates/deployment.yaml +++ b/starlingx/demo/firewall-host-netdevice/charts/sink-host-netdevice/templates/deployment.yaml @@ -23,6 +23,19 @@ spec: "interface": "veth22" } ]' spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + {{- range .Values.global.nodeAffinity }} + - key: {{ .label.labelkey }} + operator: {{ .label.op }} + values: + {{- range .label.labelvalues }} + - {{ . }} + {{- end }} + {{- end }} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" @@ -32,12 +45,10 @@ spec: env: - name: unprotectedNetCidr value: "{{.Values.global.unprotectedNetCidr}}" - - name: unprotectedNetGw - value: "{{.Values.global.unprotectedNetGw}}" + - name: unprotectedNetGwIp + value: "{{.Values.global.unprotectedNetGwIp}}" - name: protectedNetCidr value: "{{.Values.global.protectedNetCidr}}" - - name: protectedNetGw - value: "{{.Values.global.protectedNetGw}}" - name: protectedNetGwIp value: "{{.Values.global.protectedNetGwIp}}" - name: dcaeCollectorIp diff --git a/starlingx/demo/firewall-host-netdevice/templates/deployment.yaml b/starlingx/demo/firewall-host-netdevice/templates/deployment.yaml index be0af964..e93e9da2 100644 --- a/starlingx/demo/firewall-host-netdevice/templates/deployment.yaml +++ b/starlingx/demo/firewall-host-netdevice/templates/deployment.yaml @@ -25,6 +25,19 @@ spec: "interface": "veth21" } ]' spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + {{- range .Values.global.nodeAffinity }} + - key: {{ .label.labelkey }} + operator: {{ .label.op }} + values: + {{- range .label.labelvalues }} + - {{ . }} + {{- end }} + {{- end }} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" @@ -34,12 +47,10 @@ spec: env: - name: unprotectedNetCidr value: "{{.Values.global.unprotectedNetCidr}}" - - name: unprotectedNetGw - value: "{{.Values.global.unprotectedNetGw}}" + - name: unprotectedNetGwIp + value: "{{.Values.global.unprotectedNetGwIp}}" - name: protectedNetCidr value: "{{.Values.global.protectedNetCidr}}" - - name: protectedNetGw - value: "{{.Values.global.protectedNetGw}}" - name: protectedNetGwIp value: "{{.Values.global.protectedNetGwIp}}" - name: dcaeCollectorIp diff --git a/starlingx/demo/firewall-host-netdevice/values.yaml b/starlingx/demo/firewall-host-netdevice/values.yaml index 199551c1..0e044c1a 100644 --- a/starlingx/demo/firewall-host-netdevice/values.yaml +++ b/starlingx/demo/firewall-host-netdevice/values.yaml @@ -22,9 +22,16 @@ resources: global: nodeAffinity: - key: nodeName - values: worker-0 - op: In + - label: + labelkey: sriovdp + op: In + labelvalues: + - enabled + - label: + labelkey: kube-cpu-mgr-policy + op: In + labelvalues: + - static #Networks #unprotectedNetworkName: unprotected-private-net @@ -34,7 +41,8 @@ global: unprotectedNetPortVpg: veth11 unprotectedNetPortVfw: veth12 unprotectedNetCidr: 10.10.1.0/24 - unprotectedNetGw: 10.10.1.1/24 + #unprotectedNetGw: 10.10.1.1/24 + unprotectedNetGwIp: 10.10.1.1 #onapPrivateNetworkName: onap-private-net #onapPrivateNetCidr: 10.10.0.0/16 @@ -48,7 +56,7 @@ global: protectedNetPortVsn: veth22 protectedNetCidr: 10.10.2.0/24 protectedNetGwIp: 10.10.2.1 - protectedNetGw: 10.10.2.1/24 + #protectedNetGw: 10.10.2.1/24 #vFirewall container #vfwPrivateIp0: 192.168.10.3 |