diff options
Diffstat (limited to 'kud/deployment_infra')
-rw-r--r-- | kud/deployment_infra/galaxy-requirements.yml | 17 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/Debian.yml | 22 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/RedHat.yml | 19 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/Suse.yml | 20 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/configure-istio.yml | 50 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/configure-kud.yml | 16 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/configure-multus.yml | 120 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/configure-nfd.yml | 61 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/configure-ovn-kubernetes.yml | 136 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/configure-ovn.yml | 109 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/configure-ovn4nfv.yml | 98 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/configure-virtlet.yml | 250 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/kud-vars.yml | 63 |
13 files changed, 981 insertions, 0 deletions
diff --git a/kud/deployment_infra/galaxy-requirements.yml b/kud/deployment_infra/galaxy-requirements.yml new file mode 100644 index 00000000..5d232451 --- /dev/null +++ b/kud/deployment_infra/galaxy-requirements.yml @@ -0,0 +1,17 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- src: andrewrothstein.go + version: v2.1.10 +- src: andrewrothstein.kubectl + version: v1.1.18 +- src: andrewrothstein.kubernetes-helm + version: v1.2.9 +- src: geerlingguy.docker + version: 2.5.2 diff --git a/kud/deployment_infra/playbooks/Debian.yml b/kud/deployment_infra/playbooks/Debian.yml new file mode 100644 index 00000000..96357fe2 --- /dev/null +++ b/kud/deployment_infra/playbooks/Debian.yml @@ -0,0 +1,22 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +openvswitch_service: openvswitch-switch +openvswitch_pkgs: + - openvswitch-common + - openvswitch-switch + - libopenvswitch + - openvswitch-datapath-dkms +ovn_central_service: ovn-central +ovn_central_pkgs: + - ovn-central # <= 2.8.1-1 +ovn_controller_service: ovn-host +ovn_pkgs: + - ovn-common # <= 2.8.1-1 + - ovn-host diff --git a/kud/deployment_infra/playbooks/RedHat.yml b/kud/deployment_infra/playbooks/RedHat.yml new file mode 100644 index 00000000..fe839bbd --- /dev/null +++ b/kud/deployment_infra/playbooks/RedHat.yml @@ -0,0 +1,19 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +openvswitch_service: +openvswitch_pkgs: + - openvswitch +ovn_central_service: ovn-central +ovn_central_pkgs: + - ovn-central # <= 2.8.1-1 +ovn_controller_service: ovn-host +ovn_pkgs: + - ovn-common # <= 2.8.1-1 + - ovn-host diff --git a/kud/deployment_infra/playbooks/Suse.yml b/kud/deployment_infra/playbooks/Suse.yml new file mode 100644 index 00000000..17d1147c --- /dev/null +++ b/kud/deployment_infra/playbooks/Suse.yml @@ -0,0 +1,20 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +openvswitch_service: +openvswitch_pkgs: + - openvswitch + - openvswitch-switch +ovn_central_service: ovn-central +ovn_central_pkgs: + - ovn-central # <= 2.8.1-1 +ovn_controller_service: ovn-host +ovn_pkgs: + - ovn-common # <= 2.8.1-1 + - ovn-host diff --git a/kud/deployment_infra/playbooks/configure-istio.yml b/kud/deployment_infra/playbooks/configure-istio.yml new file mode 100644 index 00000000..72542e5a --- /dev/null +++ b/kud/deployment_infra/playbooks/configure-istio.yml @@ -0,0 +1,50 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +- hosts: localhost + pre_tasks: + - name: Load kud variables + include_vars: + file: kud-vars.yml + roles: + - role: andrewrothstein.kubectl + kubectl_ver: "v{{ kubectl_version }}" + - role: andrewrothstein.kubernetes-helm + kubernetes_helm_ver: "v{{ helm_client_version }}" + tasks: + - name: create istio folder + file: + state: directory + path: "{{ istio_dest }}" + - name: getting istio CRDs + block: + - name: download istio tarball + get_url: + url: "{{ istio_url }}" + dest: "/tmp/istio.tar.gz" + - name: extract istio source code + unarchive: + src: "/tmp/istio.tar.gz" + dest: "{{ istio_dest }}" + remote_src: yes + - name: copy istioctl binary to usr/local/bin folder + become: yes + command: "mv {{ istio_dest }}/istio-{{ istio_version }}/bin/istioctl /usr/local/bin/" + when: istio_source_type == "tarball" + - name: create network objects + shell: "/usr/local/bin/kubectl apply -f {{ istio_dest }}/istio-{{ istio_version }}/install/kubernetes/helm/istio/templates/crds.yaml" + - name: render istio's core components + shell: "/usr/local/bin/helm template {{ istio_dest }}/istio-{{ istio_version }}/install/kubernetes/helm/istio --name istio --namespace istio-system > /tmp/istio.yaml" + - name: create istio manifest + shell: "/usr/local/bin/kubectl create namespace istio-system" + ignore_errors: True + - name: install the components via the manifest + shell: "/usr/local/bin/kubectl apply -f /tmp/istio.yaml" + ignore_errors: True diff --git a/kud/deployment_infra/playbooks/configure-kud.yml b/kud/deployment_infra/playbooks/configure-kud.yml new file mode 100644 index 00000000..9dcf6f39 --- /dev/null +++ b/kud/deployment_infra/playbooks/configure-kud.yml @@ -0,0 +1,16 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- hosts: kube-node + become: yes + tasks: + - name: copy admin.conf file to kube-nodes + copy: + src: "{{ lookup('env','kud_inventory_folder') }}/artifacts/admin.conf" + dest: "/etc/kubernetes/admin.conf" diff --git a/kud/deployment_infra/playbooks/configure-multus.yml b/kud/deployment_infra/playbooks/configure-multus.yml new file mode 100644 index 00000000..1f6d6ce9 --- /dev/null +++ b/kud/deployment_infra/playbooks/configure-multus.yml @@ -0,0 +1,120 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- hosts: kube-node + become: yes + pre_tasks: + - name: Load kud variables + include_vars: + file: kud-vars.yml + roles: + - role: andrewrothstein.go + go_ver: "{{ go_version }}" + when: multus_source_type == "source" + environment: + PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/" + tasks: + - name: create multus binary folder + file: + state: directory + path: "{{ item }}" + with_items: + - /opt/cni/bin + - "{{ multus_dest }}" + - name: getting source code + block: + - name: clone Multus repo + git: + repo: "{{ multus_url }}" + dest: "{{ multus_dest }}" + version: "{{ multus_version }}" + force: yes + - name: build multus source code + command: ./build + args: + chdir: "{{ multus_dest }}" + - name: copy multus binary to opt folder + command: "mv {{ multus_dest }}/bin/multus /opt/cni/bin/multus" + when: multus_source_type == "source" + - name: getting binary + block: + - name: download Multus tarball + get_url: + url: "{{ multus_url }}" + dest: "/tmp/multus.tar.gz" + - name: extract multus source code + unarchive: + src: "/tmp/multus.tar.gz" + dest: "{{ multus_dest }}" + remote_src: yes + - name: copy multus binary to opt folder + command: "mv {{ multus_dest }}/multus-cni_v{{ multus_version }}_linux_amd64/multus-cni /opt/cni/bin/multus" + when: multus_source_type == "tarball" + - name: create multus configuration file + blockinfile: + marker: "" + path: /etc/cni/net.d/00-multus.conf + create: yes + block: | + { + "type": "multus", + "name": "multus-cni", + "cniVersion": "0.3.1", + "kubeconfig": "/etc/kubernetes/admin.conf", + "delegates": [ + { + "type": "flannel", + "cniVersion": "0.3.1", + "masterplugin": true, + "delegate": { + "isDefaultGateway": true + } + } + ] + } + +- hosts: localhost + pre_tasks: + - name: Load kud variables + include_vars: + file: kud-vars.yml + roles: + - role: andrewrothstein.kubectl + kubectl_ver: "v{{ kubectl_version }}" + tasks: + - name: define a CRD network object specification + blockinfile: + path: /tmp/crdnetwork.yml + create: yes + block: | + apiVersion: apiextensions.k8s.io/v1beta1 + kind: CustomResourceDefinition + metadata: + name: network-attachment-definitions.k8s.cni.cncf.io + spec: + group: k8s.cni.cncf.io + version: v1 + scope: Namespaced + names: + plural: network-attachment-definitions + singular: network-attachment-definition + kind: NetworkAttachmentDefinition + shortNames: + - net-attach-def + validation: + openAPIV3Schema: + properties: + spec: + properties: + config: + type: string + + - name: create network objects + shell: "/usr/local/bin/kubectl apply -f /tmp/crdnetwork.yml" + ignore_errors: True diff --git a/kud/deployment_infra/playbooks/configure-nfd.yml b/kud/deployment_infra/playbooks/configure-nfd.yml new file mode 100644 index 00000000..a091d04b --- /dev/null +++ b/kud/deployment_infra/playbooks/configure-nfd.yml @@ -0,0 +1,61 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +- hosts: kube-node + tasks: + - name: Load kud variables + include_vars: + file: kud-vars.yml + - name: clone NFD repo + git: + repo: "{{ nfd_url }}" + dest: "{{ nfd_dest }}" + version: "{{ nfd_version }}" + force: yes + when: nfd_source_type == "source" + - name: build NFD image + become: yes + make: + chdir: "{{ nfd_dest }}" + - name: get NDF image name + become: yes + shell: "docker images | grep kubernetes_incubator | awk '{printf(\"%s:%s\\n\", $1,$2)}'" + register: nfd_image + - name: replace NFD image name + lineinfile: + path: "{{ nfd_dest }}/node-feature-discovery-{{ item }}.json.template" + regexp: "\"image\": \"quay.io/kubernetes_incubator.*i" + line: "\"image\": \"{{ nfd_image.stdout }}\"," + with_items: + - daemonset + - job + - name: copying rbac and daemonset files + fetch: + src: "{{ nfd_dest }}/{{ item }}" + dest: "/tmp/" + flat: yes + with_items: + - rbac.yaml + - node-feature-discovery-daemonset.json.template + +- hosts: localhost + pre_tasks: + - name: Load kud variables + include_vars: + file: kud-vars.yml + roles: + - role: andrewrothstein.kubectl + kubectl_ver: "v{{ kubectl_version }}" + tasks: + - name: create service accounts + command: "/usr/local/bin/kubectl apply -f /tmp/{{ item }}" + with_items: + - rbac.yaml + - node-feature-discovery-daemonset.json.template diff --git a/kud/deployment_infra/playbooks/configure-ovn-kubernetes.yml b/kud/deployment_infra/playbooks/configure-ovn-kubernetes.yml new file mode 100644 index 00000000..5f1c9f64 --- /dev/null +++ b/kud/deployment_infra/playbooks/configure-ovn-kubernetes.yml @@ -0,0 +1,136 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- import_playbook: configure-ovn.yml + +- hosts: ovn-central:ovn-controller + vars: + central_node_ip: "{{ hostvars[groups['ovn-central'][0]]['ansible_ssh_host'] }}" + environment: + PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/" + pre_tasks: + - name: Load kud variables + include_vars: + file: kud-vars.yml + roles: + - role: andrewrothstein.go + go_ver: "{{ go_version }}" + tasks: + - name: Load kud variables + include_vars: + file: kud-vars.yml + - name: clone ovn-kubernetes repo + git: + repo: "{{ ovn_kubernetes_url }}" + dest: "{{ ovn_kubernetes_dest }}" + version: "{{ ovn_kubernetes_version }}" + force: yes + when: ovn_kubernetes_source_type == "source" + - name: getting binaries + block: + - name: download ovn-kubernetes tarball + get_url: + url: "{{ ovn_kubernetes_url }}" + dest: /tmp/ovn-kubernetes.tar.gz + - name: extract ovn-kubernetes source code + unarchive: + src: /tmp/ovn-kubernetes.tar.gz + dest: /tmp/ + remote_src: yes + - name: rename extracted folder + command: "mv /tmp/ovn-kubernetes-{{ ovn_kubernetes_version }}/ {{ ovn_kubernetes_dest }}/" + when: ovn_kubernetes_source_type == "tarball" + - name: make ovnkube files + make: + chdir: "{{ ovn_kubernetes_dest }}/go-controller" + - name: install ovnkube files + make: + chdir: "{{ ovn_kubernetes_dest }}/go-controller" + target: install + become: yes + - name: create OVN Kubernetes config file + become: yes + blockinfile: + path: /etc/openvswitch/ovn_k8s.conf + create: yes + block: | + [logging] + loglevel=5 + logfile=/var/log/openvswitch/ovnkube.log + + [cni] + conf-dir=/etc/cni/net.d + plugin=ovn-k8s-cni-overlay + - name: create ovnkube logging directory + file: + path: /var/log/openvswitch + state: directory + +- hosts: ovn-central + become: yes + vars: + central_node_ip: "{{ hostvars[groups['ovn-central'][0]]['ansible_ssh_host'] }}" + tasks: + - name: create ovnkube central systemd service + blockinfile: + path: /etc/systemd/system/ovn-k8s-central.service + create: yes + block: | + [Unit] + Description=OVN Central Daemon + + [Service] + ExecStart=/usr/bin/ovnkube \ + -net-controller \ + -init-master="{{ ansible_hostname }}" \ + -init-node="{{ ansible_hostname }}" \ + -nodeport \ + -k8s-kubeconfig=/etc/kubernetes/admin.conf \ + -k8s-token="test" \ + -nb-address="tcp://{{ central_node_ip }}:6641" \ + -sb-address="tcp://{{ central_node_ip }}:6642" + + [Install] + WantedBy=multi-user.target + - name: start ovnkube central systemd service + service: + name: ovn-k8s-central + state: started + enabled: yes + +- hosts: ovn-controller + become: yes + vars: + central_node_ip: "{{ hostvars[groups['ovn-central'][0]]['ansible_ssh_host'] }}" + tasks: + - name: create ovnkube controller systemd service + blockinfile: + path: /etc/systemd/system/ovn-k8s-host.service + create: yes + block: | + [Unit] + Description=OVN Controller Daemon + + [Service] + ExecStart=/usr/bin/ovnkube \ + -init-gateways \ + -init-node="{{ ansible_hostname }}" \ + -nodeport \ + -k8s-kubeconfig=/etc/kubernetes/admin.conf \ + -k8s-token="test" \ + -nb-address="tcp://{{ central_node_ip }}:6641" \ + -sb-address="tcp://{{ central_node_ip }}:6642" + + [Install] + WantedBy=multi-user.target + - name: start ovnkube controller systemd service + service: + name: ovn-k8s-host + state: started + enabled: yes diff --git a/kud/deployment_infra/playbooks/configure-ovn.yml b/kud/deployment_infra/playbooks/configure-ovn.yml new file mode 100644 index 00000000..3fd2c765 --- /dev/null +++ b/kud/deployment_infra/playbooks/configure-ovn.yml @@ -0,0 +1,109 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- hosts: ovn-central:ovn-controller + become: yes + tasks: + - name: Load distribution variables + include_vars: + file: "{{ item }}" + with_items: + - "{{ ansible_os_family }}.yml" + - name: get Wand GPI files + get_url: + url: https://packages.wand.net.nz/keyring.gpg + dest: /etc/apt/trusted.gpg.d/wand.gpg + - name: add WAND Debian Repo + apt_repository: + repo: "deb https://packages.wand.net.nz {{ ansible_lsb.codename }} main" + state: present + - name: install OpenVSwitch packages + package: + name: "{{ item }}" + state: present + with_items: "{{ openvswitch_pkgs }}" + - name: install Open Virtual Network components + package: + name: "{{ item }}" + state: present + with_items: "{{ ovn_pkgs }}" + - name: start OpenVSwitch services + service: + name: "{{ openvswitch_service }}" + state: started + +- hosts: ovn-central + become: yes + tasks: + - name: Load distribution variables + include_vars: + file: "{{ item }}" + with_items: + - "{{ ansible_os_family }}.yml" + - name: install Open Virtual Network central components + package: + name: "{{ item }}" + state: present + with_items: "{{ ovn_central_pkgs }}" + - name: enable remote connections to southbound and northbound dbs + lineinfile: + path: /etc/default/ovn-central + line: "OVN_CTL_OPTS=\" --db-sb-create-insecure-remote=yes --db-nb-create-insecure-remote=yes\"" + state: present + when: ansible_os_family == "Debian" + - name: start OVN northbound database services + service: + name: "{{ ovn_central_service }}" + state: restarted + +- hosts: ovn-controller + become: yes + vars: + ovn_central_ips: "{{ groups['ovn-central'] | map('extract', hostvars, ['ansible_ssh_host']) | join(',') }}" + tasks: + - name: Load distribution variables + include_vars: + file: "{{ item }}" + with_items: + - "{{ ansible_os_family }}.yml" + - name: stop the ovn-controller service + service: + name: "{{ ovn_controller_service }}" + state: stopped + - name: configure OpenVSwitch databases + openvswitch_db: + table: Open_vSwitch + record: . + col: external_ids + key: ovn-remote + value: \""tcp:{{ item }}:6642"\" + with_items: "{{ ovn_central_ips }}" + - name: enable overlay network protocols + openvswitch_db: + table: Open_vSwitch + record: . + col: external_ids + key: ovn-encap-type + value: geneve + - name: configure the overlay network local endpoint IP address. + openvswitch_db: + table: Open_vSwitch + record: . + col: external_ids + key: ovn-encap-ip + value: "{{ ansible_default_ipv4.address }}" + - name: start the ovn-controller service + service: + name: "{{ ovn_controller_service }}" + state: started + - name: ensuring that br-int bridge exists + openvswitch_bridge: + bridge: br-int + state: present + fail_mode: secure diff --git a/kud/deployment_infra/playbooks/configure-ovn4nfv.yml b/kud/deployment_infra/playbooks/configure-ovn4nfv.yml new file mode 100644 index 00000000..f8dabd9d --- /dev/null +++ b/kud/deployment_infra/playbooks/configure-ovn4nfv.yml @@ -0,0 +1,98 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- import_playbook: configure-ovn.yml +- import_playbook: configure-multus.yml + +- hosts: kube-master:kube-node + environment: + PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/" + roles: + - role: andrewrothstein.go + tasks: + - name: Load kud variables + include_vars: + file: kud-vars.yml + - name: clone ovn4nfv-k8s-plugin repo + git: + repo: "{{ ovn4nfv_url }}" + dest: "{{ ovn4nfv_dest }}" + version: "{{ ovn4nfv_version }}" + force: yes + when: ovn4nfv_source_type == "source" + - name: clean ovn4nfvk8s left over files + make: + chdir: "{{ ovn4nfv_dest }}" + target: clean + - name: build ovn4nfvk8s-cni + make: + chdir: "{{ ovn4nfv_dest }}" + target: ovn4nfvk8s-cni + become: yes + environment: + GOPATH: "{{ go_path }}" + - name: copy ovn4nfvk8s-cni to cni folder + command: "mv {{ ovn4nfv_dest }}/ovn4nfvk8s-cni /opt/cni/bin/ovn4nfvk8s-cni" + become: yes + - name: create ovn4k8s config file + become: yes + blockinfile: + path: /etc/openvswitch/ovn4nfv_k8s.conf + create: yes + block: | + [logging] + loglevel=5 + logfile=/var/log/openvswitch/ovn4k8s.log + + [cni] + conf-dir=/etc/cni/net.d + plugin=ovn4nfvk8s-cni + + [kubernetes] + kubeconfig=/etc/kubernetes/admin.conf + - name: create ovnkube logging directory + file: + path: /var/log/openvswitch + state: directory + +- hosts: kube-master + environment: + PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/" + become: yes + tasks: + - name: Load kud variables + include_vars: + file: kud-vars.yml + - name: build ovn4nfvk8s + make: + chdir: "{{ ovn4nfv_dest }}" + target: ovn4nfvk8s + environment: + GOPATH: "{{ go_path }}" + - name: copy ovn4nfvk8s to /usr/bin folder + command: "mv {{ ovn4nfv_dest }}/ovn4nfvk8s /usr/bin/ovn4nfvk8s" + - name: create ovn4nfvk8s systemd service + blockinfile: + path: /etc/systemd/system/ovn4nfvk8s.service + create: yes + block: | + [Unit] + Description=OVN4NFV Kubernetes Daemon + + [Service] + ExecStart=/usr/bin/ovn4nfvk8s \ + -k8s-kubeconfig=/etc/kubernetes/admin.conf + + [Install] + WantedBy=multi-user.target + - name: start ovn4nfvk8s systemd service + service: + name: ovn4nfvk8s + state: started + enabled: yes diff --git a/kud/deployment_infra/playbooks/configure-virtlet.yml b/kud/deployment_infra/playbooks/configure-virtlet.yml new file mode 100644 index 00000000..753e487e --- /dev/null +++ b/kud/deployment_infra/playbooks/configure-virtlet.yml @@ -0,0 +1,250 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +- hosts: localhost + vars: + images_file: /tmp/images.yaml + pre_tasks: + - name: Load kud variables + include_vars: + file: kud-vars.yml + roles: + - role: andrewrothstein.kubectl + kubectl_ver: "v{{ kubectl_version }}" + - role: geerlingguy.docker + when: virtlet_source_type == "source" + tasks: + - name: create Virtlet binary folder + file: + state: directory + path: "{{ virtlet_dest }}" + - name: apply virtlet extraRuntime label + command: "/usr/local/bin/kubectl label node {{ item }} extraRuntime=virtlet --overwrite" + with_inventory_hostnames: virtlet + - name: create image translations confimap file + blockinfile: + path: "{{ images_file }}" + create: yes + block: | + translations: + - name: ubuntu/14.04 + url: https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img + - name: ubuntu/16.04 + url: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img + - name: ubuntu/18.04 + url: https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img + - regexp: 'centos/(\d+)-(\d+)' + url: 'https://cloud.centos.org/centos/$1/images/CentOS-$1-x86_64-GenericCloud-$2.qcow2' + - name: fedora + url: https://download.fedoraproject.org/pub/fedora/linux/releases/27/CloudImages/x86_64/images/Fedora-Cloud-Base-27-1.6.x86_64.qcow2 + {% if lookup('env','http_proxy') != "" %} + transports: + "": + proxy: "{{ lookup('env','http_proxy') }}" + {% endif %} + - name: install image translations configmap + shell: "/usr/local/bin/kubectl create configmap -n kube-system virtlet-image-translations --from-file {{ images_file }} --dry-run -o yaml | /usr/local/bin/kubectl apply -f -" + ignore_errors: True + - name: create Virtlet folder + file: + state: directory + path: "{{ virtlet_dest }}" + - name: getting source code + block: + - name: clone Virtlet repo + git: + repo: "{{ virtlet_url }}" + dest: "{{ virtlet_dest }}" + version: "{{ virtlet_version }}" + force: yes + - name: configure proxy values for docker service + block: + - name: create docker config folder + become: yes + file: + state: directory + path: "/etc/systemd/system/docker.service.d" + - name: Configure docker service to use http_proxy env value + become: yes + blockinfile: + dest: "/etc/systemd/system/docker.service.d/http-proxy.conf" + create: yes + block: | + [Service] + Environment="HTTP_PROXY={{ lookup('env','http_proxy') }}" + when: + - lookup('env','http_proxy') != "fooproxy" + - name: Configure docker service to use https_proxy env value + become: yes + blockinfile: + dest: "/etc/systemd/system/docker.service.d/https-proxy.conf" + create: yes + block: | + [Service] + Environment="HTTPS_PROXY={{ lookup('env','https_proxy') }}" + when: + - lookup('env','https_proxy') != "fooproxy" + - name: Configure docker service to use no_proxy env value + become: yes + blockinfile: + dest: "/etc/systemd/system/docker.service.d/no-proxy.conf" + create: yes + block: | + [Service] + Environment="NO_PROXY={{ lookup('env','no_proxy') }}" + when: + - lookup('env','no_proxy') != "fooproxy" + - name: reload systemd + become: yes + command: systemctl daemon-reload + - name: restart docker service + become: yes + service: + name: docker + state: restarted + when: lookup('env','http_proxy') != "fooproxy" or lookup('env','https_proxy') != "fooproxy" or lookup('env','no_proxy') != "fooproxy" + - name: build virtlet source code + command: ./cmd.sh build + args: + chdir: "{{ virtlet_dest }}/build" + environment: + http_proxy: "{{ lookup('env','http_proxy') }}" + https_proxy: "{{ lookup('env','https_proxy') }}" + no_proxy: "{{ lookup('env','no_proxy') }}" + when: virtlet_source_type == "source" + - name: download virtletctl + get_url: + url: "{{ virtlet_url }}" + dest: "{{ virtlet_dest }}/virtletctl" + when: virtlet_source_type == "binary" + - name: set virtletctl execution permissions + file: + path: "{{ virtlet_dest }}/virtletctl" + mode: "+x" + - name: install virtletctl as kubectl plugin + become: yes + command: "mv {{ virtlet_dest }}/virtletctl /usr/local/bin/kubectl-virt" + - name: create Virtlet k8s objects + shell: "/usr/local/bin/kubectl virt gen | /usr/local/bin/kubectl apply -f -" + ignore_errors: True + - name: wait for Virtlet daemonset + shell: "/usr/local/bin/kubectl get ds virtlet -n=kube-system -o=jsonpath --template={.status.numberReady}" + register: daemonset + until: + - '1' + retries: 6 + delay: 10 + +- hosts: virtlet + tasks: + - name: Load kud variables + include_vars: + file: kud-vars.yml + - name: create CRIProxy binary folder + file: + state: directory + path: "{{ criproxy_dest }}" + - name: disable AppArmor in all nodes + become: yes + service: + name: apparmor + state: stopped + enabled: no + when: ansible_os_family == "Debian" + - name: modify args for kubelet service + become: yes + lineinfile: + dest: /etc/systemd/system/kubelet.service + line: " --container-runtime=remote --container-runtime-endpoint=unix:///run/criproxy.sock --image-service-endpoint=unix:///run/criproxy.sock --enable-controller-attach-detach=false \\" + insertafter: '^ExecStart=/usr/local/bin/kubelet *' + state: present + - name: create dockershim service + become: yes + blockinfile: + path: /etc/systemd/system/dockershim.service + create: yes + block: | + [Unit] + Description=dockershim for criproxy + + [Service] + EnvironmentFile=-/etc/kubernetes/kubelet.env + ExecStartPre=-/bin/mkdir -p /var/lib/kubelet/volume-plugins + ExecStart=/usr/local/bin/kubelet --experimental-dockershim --port 11250 \ + $KUBE_LOGTOSTDERR \ + $KUBE_LOG_LEVEL \ + $KUBELET_API_SERVER \ + $KUBELET_ADDRESS \ + $KUBELET_PORT \ + $KUBELET_HOSTNAME \ + $KUBE_ALLOW_PRIV \ + $KUBELET_ARGS \ + $DOCKER_SOCKET \ + $KUBELET_NETWORK_PLUGIN \ + $KUBELET_VOLUME_PLUGIN \ + $KUBELET_CLOUDPROVIDER + Restart=always + StartLimitInterval=0 + RestartSec=10 + + [Install] + RequiredBy=criproxy.service + - name: getting source code + block: + - name: clone CRIProxy repo + git: + repo: "{{ criproxy_url }}" + dest: "{{ criproxy_dest }}" + version: "{{ criproxy_version }}" + force: yes + - name: build criproxy source code + command: ./build-package.sh + args: + chdir: "{{ criproxy_dest }}" + when: criproxy_source_type == "source" + - name: download CRIproxy package + get_url: + url: "{{ criproxy_url }}" + dest: "{{ criproxy_dest }}/criproxy" + when: criproxy_source_type == "binary" + - name: set criproxy execution permissions + file: + path: "{{ criproxy_dest }}/criproxy" + mode: "+x" + - name: create criproxy service + become: yes + blockinfile: + path: /etc/systemd/system/criproxy.service + create: yes + block: | + [Unit] + Description=CRI Proxy + + [Service] + ExecStart={{ criproxy_dest }}/criproxy -v 3 -logtostderr -connect /var/run/dockershim.sock,virtlet.cloud:/run/virtlet.sock -listen /run/criproxy.sock + Restart=always + StartLimitInterval=0 + RestartSec=10 + + [Install] + WantedBy=kubelet.service + - name: start criproxy and dockershim services + become: yes + service: + name: "{{ item }}" + state: started + enabled: yes + with_items: + - dockershim + - criproxy + - name: restart kubelet services + become: yes + service: + name: kubelet + state: restarted diff --git a/kud/deployment_infra/playbooks/kud-vars.yml b/kud/deployment_infra/playbooks/kud-vars.yml new file mode 100644 index 00000000..d6bd0ee6 --- /dev/null +++ b/kud/deployment_infra/playbooks/kud-vars.yml @@ -0,0 +1,63 @@ +--- +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +base_dest: /tmp + +multus_dest: "{{ base_dest }}/multus-cni" +#multus_source_type: "tarball" +#multus_version: 3.1 +#multus_url: "https://github.com/intel/multus-cni/releases/download/v{{ multus_version }}/multus-cni_v{{ multus_version }}_linux_amd64.tar.gz" +multus_source_type: "source" +multus_version: 366f2120cb88c85deab6343b7062fd38fdb0ece9 +multus_url: "https://github.com/ritusood/multus-cni" + +ovn_kubernetes_dest: "{{ base_dest }}/ovn-kubernetes" +ovn_kubernetes_source_type: "tarball" +ovn_kubernetes_version: 0.3.0 +ovn_kubernetes_url: "https://github.com/openvswitch/ovn-kubernetes/archive/v{{ ovn_kubernetes_version }}.tar.gz" +#ovn_kubernetes_source_type: "source" +#ovn_kubernetes_version: 456a0857956988f968bb08644c650ba826592ec1 +#ovn_kubernetes_url: "https://github.com/openvswitch/ovn-kubernetes" + +criproxy_dest: "{{ base_dest }}/criproxy" +criproxy_source_type: "binary" +criproxy_version: 0.14.0 +criproxy_url: "https://github.com/Mirantis/criproxy/releases/download/v{{ criproxy_version }}/criproxy" +#criproxy_source_type: "source" +#criproxy_version: b5ca5a6cec278e2054dface4f7a3e111fb9ab84b +#criproxy_url: "https://github.com/Mirantis/criproxy" +virtlet_dest: "{{ base_dest }}/virtlet" +virtlet_source_type: "binary" +virtlet_version: 1.4.4 +virtlet_url: "https://github.com/Mirantis/virtlet/releases/download/v{{ virtlet_version }}/virtletctl" +#virtlet_source_type: "source" +#virtlet_version: 68e11b8f1db2c78b063126899f0e60910700975d +#virtlet_url: "https://github.com/Mirantis/virtlet" + +nfd_dest: "{{ base_dest }}/nfd" +nfd_source_type: "source" +nfd_version: 175305b1ad73be7301ac94add475cec6fef797a9 +nfd_url: "https://github.com/kubernetes-incubator/node-feature-discovery" + +istio_dest: "{{ base_dest }}/istio" +istio_source_type: "tarball" +istio_version: 1.0.3 +istio_url: "https://github.com/istio/istio/releases/download/{{ istio_version }}/istio-{{ istio_version }}-linux.tar.gz" + +go_path: "{{ base_dest }}/go" +ovn4nfv_dest: "{{ go_path }}/src/ovn4nfv-k8s-plugin" +ovn4nfv_source_type: "source" +ovn4nfv_version: 5026d1d89b05eac5e004279b742df6745a73d93a +ovn4nfv_url: "https://git.opnfv.org/ovn4nfv-k8s-plugin/" + +go_version: '1.11' +kubespray_version: 2.8.2 +kubectl_version: 1.12.2 +helm_client_version: 2.9.1 |