diff options
Diffstat (limited to 'kud/deployment_infra/images')
-rw-r--r-- | kud/deployment_infra/images/multus-daemonset.yml | 62 | ||||
-rw-r--r-- | kud/deployment_infra/images/nfd-master.yaml | 17 | ||||
-rw-r--r-- | kud/deployment_infra/images/qat_plugin_privileges.yaml | 9 | ||||
-rw-r--r-- | kud/deployment_infra/images/sriov-cni.yml | 9 | ||||
-rw-r--r-- | kud/deployment_infra/images/sriov-daemonset.yml | 9 |
5 files changed, 89 insertions, 17 deletions
diff --git a/kud/deployment_infra/images/multus-daemonset.yml b/kud/deployment_infra/images/multus-daemonset.yml index d6d8d533..09759360 100644 --- a/kud/deployment_infra/images/multus-daemonset.yml +++ b/kud/deployment_infra/images/multus-daemonset.yml @@ -1,11 +1,10 @@ --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: network-attachment-definitions.k8s.cni.cncf.io spec: group: k8s.cni.cncf.io - version: v1 scope: Namespaced names: plural: network-attachment-definitions @@ -13,16 +12,27 @@ spec: kind: NetworkAttachmentDefinition shortNames: - net-attach-def - validation: - openAPIV3Schema: - properties: - spec: + versions: + - name: v1 + served: true + storage: true + schema: + openAPIV3Schema: + description: 'NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing + Working Group to express the intent for attaching pods to one or more logical or physical + networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec' + type: object properties: - config: - type: string + spec: + description: 'NetworkAttachmentDefinition spec defines the desired state of a network attachment' + type: object + properties: + config: + description: 'NetworkAttachmentDefinition config is a JSON-formatted CNI configuration' + type: string --- kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 metadata: name: multus rules: @@ -39,9 +49,18 @@ rules: verbs: - get - update + - apiGroups: + - "" + - events.k8s.io + resources: + - events + verbs: + - create + - patch + - update --- kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 metadata: name: multus roleRef: @@ -68,11 +87,18 @@ metadata: tier: node app: multus data: + # NOTE: If you'd prefer to manually apply a configuration file, you may create one here. + # In the case you'd like to customize the Multus installation, you should change the arguments to the Multus pod + # change the "args" line below from + # - "--multus-conf-file=auto" + # to: + # "--multus-conf-file=/tmp/multus-conf/70-multus.conf" + # Additionally -- you should ensure that the name "70-multus.conf" is the alphabetically first name in the + # /etc/cni/net.d/ directory on each node, otherwise, it will not be used by the Kubelet. cni-conf.json: | { "name": "multus-cni-network", "type": "multus", - "cniVersion": "0.3.1", "capabilities": { "portMappings": true }, @@ -109,11 +135,11 @@ metadata: labels: tier: node app: multus + name: multus spec: selector: matchLabels: - tier: node - app: multus + name: multus updateStrategy: type: RollingUpdate template: @@ -121,20 +147,22 @@ spec: labels: tier: node app: multus + name: multus spec: hostNetwork: true nodeSelector: - beta.kubernetes.io/arch: amd64 + kubernetes.io/arch: amd64 tolerations: - operator: Exists effect: NoSchedule serviceAccountName: multus containers: - name: kube-multus - image: nfvpe/multus:v3.3-tp + image: integratedcloudnative/multus:v3.4.1-tp command: ["/entrypoint.sh"] args: - - "--multus-conf-file=/tmp/multus-conf/00-multus.conf" + - "--multus-conf-file=auto" + - "--cni-version=0.3.1" resources: requests: cpu: "100m" @@ -163,4 +191,4 @@ spec: name: multus-cni-config items: - key: cni-conf.json - path: 00-multus.conf + path: 70-multus.conf diff --git a/kud/deployment_infra/images/nfd-master.yaml b/kud/deployment_infra/images/nfd-master.yaml index 846bb753..4e07c2ed 100644 --- a/kud/deployment_infra/images/nfd-master.yaml +++ b/kud/deployment_infra/images/nfd-master.yaml @@ -37,6 +37,23 @@ subjects: name: nfd-master namespace: node-feature-discovery --- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: psp:default:privileged + namespace: node-feature-discovery +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: psp:privileged +subjects: +- kind: ServiceAccount + name: default + namespace: node-feature-discovery +- kind: ServiceAccount + name: nfd-master + namespace: node-feature-discovery +--- apiVersion: apps/v1 kind: DaemonSet metadata: diff --git a/kud/deployment_infra/images/qat_plugin_privileges.yaml b/kud/deployment_infra/images/qat_plugin_privileges.yaml index b4eb58bf..e1413d0e 100644 --- a/kud/deployment_infra/images/qat_plugin_privileges.yaml +++ b/kud/deployment_infra/images/qat_plugin_privileges.yaml @@ -13,6 +13,15 @@ spec: labels: app: intel-qat-kernel-plugin spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: feature.node.kubernetes.io/pci-0b40_8086.present + operator: In + values: + - "true" containers: - name: intel-qat-kernel-plugin securityContext: diff --git a/kud/deployment_infra/images/sriov-cni.yml b/kud/deployment_infra/images/sriov-cni.yml index 7503b872..570b00ee 100644 --- a/kud/deployment_infra/images/sriov-cni.yml +++ b/kud/deployment_infra/images/sriov-cni.yml @@ -21,6 +21,15 @@ spec: tier: node app: sriov-cni spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: feature.node.kubernetes.io/network-sriov.capable + operator: In + values: + - "true" hostNetwork: true nodeSelector: beta.kubernetes.io/arch: amd64 diff --git a/kud/deployment_infra/images/sriov-daemonset.yml b/kud/deployment_infra/images/sriov-daemonset.yml index e392028d..41b1cbaa 100644 --- a/kud/deployment_infra/images/sriov-daemonset.yml +++ b/kud/deployment_infra/images/sriov-daemonset.yml @@ -46,6 +46,15 @@ spec: tier: node app: sriovdp spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: feature.node.kubernetes.io/network-sriov.capable + operator: In + values: + - "true" hostNetwork: true hostPID: true nodeSelector: |