diff options
Diffstat (limited to 'kud/deployment_infra')
6 files changed, 351 insertions, 0 deletions
diff --git a/kud/deployment_infra/helm/sdewan_cnf/.helmignore b/kud/deployment_infra/helm/sdewan_cnf/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/kud/deployment_infra/helm/sdewan_cnf/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/kud/deployment_infra/helm/sdewan_cnf/Chart.yaml b/kud/deployment_infra/helm/sdewan_cnf/Chart.yaml new file mode 100644 index 00000000..a7221426 --- /dev/null +++ b/kud/deployment_infra/helm/sdewan_cnf/Chart.yaml @@ -0,0 +1,21 @@ +#/* +# * Copyright 2021 Intel Corporation, Inc +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# */ + +apiVersion: v1 +name: sdewan_cnf +description: A Helm chart for Kubernetes - SDEWAN CNF +version: 0.1.0 +appVersion: "1.0" diff --git a/kud/deployment_infra/helm/sdewan_cnf/templates/_helpers.tpl b/kud/deployment_infra/helm/sdewan_cnf/templates/_helpers.tpl new file mode 100644 index 00000000..d3e0f7c4 --- /dev/null +++ b/kud/deployment_infra/helm/sdewan_cnf/templates/_helpers.tpl @@ -0,0 +1,79 @@ +{{/* +# * Copyright 2021 Intel Corporation, Inc +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +*/}} + +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "cnf.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cnf.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "cnf.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "cnf.labels" -}} +helm.sh/chart: {{ include "cnf.chart" . }} +{{ include "cnf.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "cnf.selectorLabels" -}} +app.kubernetes.io/name: {{ include "cnf.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "cnf.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "cnf.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/kud/deployment_infra/helm/sdewan_cnf/templates/cm.yaml b/kud/deployment_infra/helm/sdewan_cnf/templates/cm.yaml new file mode 100644 index 00000000..29660add --- /dev/null +++ b/kud/deployment_infra/helm/sdewan_cnf/templates/cm.yaml @@ -0,0 +1,80 @@ +#/* +# * Copyright 2021 Intel Corporation, Inc +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# */ + +apiVersion: v1 +data: + entrypoint.sh: |- + #!/bin/bash + # Always exit on errors. + set -ex + echo "" > /etc/config/network + cat > /etc/config/mwan3 <<EOF + config globals 'globals' + option mmx_mask '0x3F00' + option local_source 'lan' + EOF + eval "networks=$(grep nfn-network /tmp/podinfo/annotations | awk -F '=' '{print $2}')" + for net in $(echo -e $networks | jq -c ".interface[]") + do + interface=$(echo $net | jq -r .interface) + ipaddr=$(ifconfig $interface | awk '/inet/{print $2}' | cut -f2 -d ":" | awk 'NR==1 {print $1}') + vif="$interface" + netmask=$(ifconfig $interface | awk '/inet/{print $4}'| cut -f2 -d ":" | head -1) + cat >> /etc/config/network <<EOF + config interface '$vif' + option ifname '$interface' + option proto 'static' + option ipaddr '$ipaddr' + option netmask '$netmask' + EOF + cat >> /etc/config/mwan3 <<EOF + config interface '$vif' + option enabled '1' + option family 'ipv4' + option reliability '2' + option count '1' + option timeout '2' + option failure_latency '1000' + option recovery_latency '500' + option failure_loss '20' + option recovery_loss '5' + option interval '5' + option down '3' + option up '8' + EOF + done + /sbin/procd & + /sbin/ubusd & + iptables -S + sleep 1 + /etc/init.d/rpcd start + /etc/init.d/dnsmasq start + /etc/init.d/network start + /etc/init.d/odhcpd start + /etc/init.d/uhttpd start + /etc/init.d/log start + /etc/init.d/dropbear start + /etc/init.d/mwan3 restart + /etc/init.d/firewall restart + sysctl -w net.ipv4.conf.all.rp_filter=1 + sysctl -w net.ipv4.ip_forward=1 + echo "Entering sleep... (success)" + # Sleep forever. + while true; do sleep 100; done +kind: ConfigMap +metadata: + name: sdewan-sh + namespace: default diff --git a/kud/deployment_infra/helm/sdewan_cnf/templates/deployment.yaml b/kud/deployment_infra/helm/sdewan_cnf/templates/deployment.yaml new file mode 100644 index 00000000..90c81380 --- /dev/null +++ b/kud/deployment_infra/helm/sdewan_cnf/templates/deployment.yaml @@ -0,0 +1,94 @@ +#/* +# * Copyright 2021 Intel Corporation, Inc +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# */ + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.metadata.name }} + namespace: {{ .Values.metadata.namespace }} + labels: + sdewanPurpose: {{ .Values.metadata.labels }} +spec: + progressDeadlineSeconds: {{ .Values.spec.progressDeadlineSeconds }} + replicas: {{ .Values.spec.replicas }} + selector: + matchLabels: + sdewanPurpose: {{ .Values.metadata.labels }} + strategy: + rollingUpdate: + maxSurge: {{ .Values.strategy.maxSurge }} + maxUnavailable: {{ .Values.strategy.maxUnavailable }} + type: RollingUpdate + template: + metadata: + annotations: + k8s.plugin.opnfv.org/nfn-network: |- + { "type": "ovn4nfv", "interface": [ + {{- range .Values.nfn }} {{- with . }} + { + "defaultGateway": "{{- .defaultGateway -}}", + "interface": "{{- .interface -}}", + "ipAddress": "{{- .ipAddress -}}", + "name": "{{- .name -}}" + } {{- .separate -}} + {{- end }} {{- end }} + ]} + k8s.v1.cni.cncf.io/networks: '[{ "name": "ovn-networkobj"}]' + labels: + sdewanPurpose: {{ .Values.metadata.labels }} + spec: + containers: + - command: + - /usr/bin/sudo + - /bin/sh + - /tmp/sdewan/entrypoint.sh + image: {{ .Values.containers.image }} + imagePullPolicy: {{ .Values.containers.imagePullPolicy }} + name: {{ .Values.containers.name }} + readinessProbe: + failureThreshold: 5 + httpGet: + path: / + port: 80 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 1 + securityContext: + privileged: true + procMount: Default + volumeMounts: + - mountPath: /tmp/sdewan + name: sdewan-sh + readOnly: true + - mountPath: /tmp/podinfo + name: podinfo + readOnly: true + nodeSelector: + {{ .Values.labelName }}: "{{ .Values.labelValue }}" + restartPolicy: {{ .Values.restartPolicy }} + volumes: + - configMap: + defaultMode: 420 + name: sdewan-sh + name: sdewan-sh + - name: podinfo + downwardAPI: + items: + - path: "annotations" + fieldRef: + fieldPath: metadata.annotations diff --git a/kud/deployment_infra/helm/sdewan_cnf/values.yaml b/kud/deployment_infra/helm/sdewan_cnf/values.yaml new file mode 100644 index 00000000..c882378e --- /dev/null +++ b/kud/deployment_infra/helm/sdewan_cnf/values.yaml @@ -0,0 +1,54 @@ +#/* +# * Copyright 2021 Intel Corporation, Inc +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# */ + +# Default values for cnf. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +metadata: + name: sdewan-cnf + namespace: default + labels: sdewan-cnf + +spec: + progressDeadlineSeconds: 600 + replicas: 1 + +strategy: + maxSurge: 25% + maxUnavailable: 25% + +nfn: + - defaultGateway: false + interface: net2 + ipAddress: 10.10.10.15 + name: pnetwork + separate: "," + - defaultGateway: false + interface: net0 + ipAddress: 172.16.30.10 + name: ovn-network + separate: "" + +containers: + image: integratedcloudnative/openwrt:0.3.1 + imagePullPolicy: IfNotPresent + name: sdewan + +labelName: "node-role.kubernetes.io/master" +labelValue: "" + +restartPolicy: Always |