aboutsummaryrefslogtreecommitdiffstats
path: root/kud/deployment_infra
diff options
context:
space:
mode:
Diffstat (limited to 'kud/deployment_infra')
-rw-r--r--kud/deployment_infra/galaxy-requirements.yml17
-rw-r--r--kud/deployment_infra/playbooks/Debian.yml22
-rw-r--r--kud/deployment_infra/playbooks/RedHat.yml19
-rw-r--r--kud/deployment_infra/playbooks/Suse.yml20
-rw-r--r--kud/deployment_infra/playbooks/configure-istio.yml50
-rw-r--r--kud/deployment_infra/playbooks/configure-kud.yml16
-rw-r--r--kud/deployment_infra/playbooks/configure-multus.yml120
-rw-r--r--kud/deployment_infra/playbooks/configure-nfd.yml61
-rw-r--r--kud/deployment_infra/playbooks/configure-ovn-kubernetes.yml136
-rw-r--r--kud/deployment_infra/playbooks/configure-ovn.yml109
-rw-r--r--kud/deployment_infra/playbooks/configure-ovn4nfv.yml98
-rw-r--r--kud/deployment_infra/playbooks/configure-virtlet.yml250
-rw-r--r--kud/deployment_infra/playbooks/kud-vars.yml63
13 files changed, 981 insertions, 0 deletions
diff --git a/kud/deployment_infra/galaxy-requirements.yml b/kud/deployment_infra/galaxy-requirements.yml
new file mode 100644
index 00000000..5d232451
--- /dev/null
+++ b/kud/deployment_infra/galaxy-requirements.yml
@@ -0,0 +1,17 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- src: andrewrothstein.go
+ version: v2.1.10
+- src: andrewrothstein.kubectl
+ version: v1.1.18
+- src: andrewrothstein.kubernetes-helm
+ version: v1.2.9
+- src: geerlingguy.docker
+ version: 2.5.2
diff --git a/kud/deployment_infra/playbooks/Debian.yml b/kud/deployment_infra/playbooks/Debian.yml
new file mode 100644
index 00000000..96357fe2
--- /dev/null
+++ b/kud/deployment_infra/playbooks/Debian.yml
@@ -0,0 +1,22 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+openvswitch_service: openvswitch-switch
+openvswitch_pkgs:
+ - openvswitch-common
+ - openvswitch-switch
+ - libopenvswitch
+ - openvswitch-datapath-dkms
+ovn_central_service: ovn-central
+ovn_central_pkgs:
+ - ovn-central # <= 2.8.1-1
+ovn_controller_service: ovn-host
+ovn_pkgs:
+ - ovn-common # <= 2.8.1-1
+ - ovn-host
diff --git a/kud/deployment_infra/playbooks/RedHat.yml b/kud/deployment_infra/playbooks/RedHat.yml
new file mode 100644
index 00000000..fe839bbd
--- /dev/null
+++ b/kud/deployment_infra/playbooks/RedHat.yml
@@ -0,0 +1,19 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+openvswitch_service:
+openvswitch_pkgs:
+ - openvswitch
+ovn_central_service: ovn-central
+ovn_central_pkgs:
+ - ovn-central # <= 2.8.1-1
+ovn_controller_service: ovn-host
+ovn_pkgs:
+ - ovn-common # <= 2.8.1-1
+ - ovn-host
diff --git a/kud/deployment_infra/playbooks/Suse.yml b/kud/deployment_infra/playbooks/Suse.yml
new file mode 100644
index 00000000..17d1147c
--- /dev/null
+++ b/kud/deployment_infra/playbooks/Suse.yml
@@ -0,0 +1,20 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+openvswitch_service:
+openvswitch_pkgs:
+ - openvswitch
+ - openvswitch-switch
+ovn_central_service: ovn-central
+ovn_central_pkgs:
+ - ovn-central # <= 2.8.1-1
+ovn_controller_service: ovn-host
+ovn_pkgs:
+ - ovn-common # <= 2.8.1-1
+ - ovn-host
diff --git a/kud/deployment_infra/playbooks/configure-istio.yml b/kud/deployment_infra/playbooks/configure-istio.yml
new file mode 100644
index 00000000..72542e5a
--- /dev/null
+++ b/kud/deployment_infra/playbooks/configure-istio.yml
@@ -0,0 +1,50 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+- hosts: localhost
+ pre_tasks:
+ - name: Load kud variables
+ include_vars:
+ file: kud-vars.yml
+ roles:
+ - role: andrewrothstein.kubectl
+ kubectl_ver: "v{{ kubectl_version }}"
+ - role: andrewrothstein.kubernetes-helm
+ kubernetes_helm_ver: "v{{ helm_client_version }}"
+ tasks:
+ - name: create istio folder
+ file:
+ state: directory
+ path: "{{ istio_dest }}"
+ - name: getting istio CRDs
+ block:
+ - name: download istio tarball
+ get_url:
+ url: "{{ istio_url }}"
+ dest: "/tmp/istio.tar.gz"
+ - name: extract istio source code
+ unarchive:
+ src: "/tmp/istio.tar.gz"
+ dest: "{{ istio_dest }}"
+ remote_src: yes
+ - name: copy istioctl binary to usr/local/bin folder
+ become: yes
+ command: "mv {{ istio_dest }}/istio-{{ istio_version }}/bin/istioctl /usr/local/bin/"
+ when: istio_source_type == "tarball"
+ - name: create network objects
+ shell: "/usr/local/bin/kubectl apply -f {{ istio_dest }}/istio-{{ istio_version }}/install/kubernetes/helm/istio/templates/crds.yaml"
+ - name: render istio's core components
+ shell: "/usr/local/bin/helm template {{ istio_dest }}/istio-{{ istio_version }}/install/kubernetes/helm/istio --name istio --namespace istio-system > /tmp/istio.yaml"
+ - name: create istio manifest
+ shell: "/usr/local/bin/kubectl create namespace istio-system"
+ ignore_errors: True
+ - name: install the components via the manifest
+ shell: "/usr/local/bin/kubectl apply -f /tmp/istio.yaml"
+ ignore_errors: True
diff --git a/kud/deployment_infra/playbooks/configure-kud.yml b/kud/deployment_infra/playbooks/configure-kud.yml
new file mode 100644
index 00000000..9dcf6f39
--- /dev/null
+++ b/kud/deployment_infra/playbooks/configure-kud.yml
@@ -0,0 +1,16 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- hosts: kube-node
+ become: yes
+ tasks:
+ - name: copy admin.conf file to kube-nodes
+ copy:
+ src: "{{ lookup('env','kud_inventory_folder') }}/artifacts/admin.conf"
+ dest: "/etc/kubernetes/admin.conf"
diff --git a/kud/deployment_infra/playbooks/configure-multus.yml b/kud/deployment_infra/playbooks/configure-multus.yml
new file mode 100644
index 00000000..1f6d6ce9
--- /dev/null
+++ b/kud/deployment_infra/playbooks/configure-multus.yml
@@ -0,0 +1,120 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- hosts: kube-node
+ become: yes
+ pre_tasks:
+ - name: Load kud variables
+ include_vars:
+ file: kud-vars.yml
+ roles:
+ - role: andrewrothstein.go
+ go_ver: "{{ go_version }}"
+ when: multus_source_type == "source"
+ environment:
+ PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/"
+ tasks:
+ - name: create multus binary folder
+ file:
+ state: directory
+ path: "{{ item }}"
+ with_items:
+ - /opt/cni/bin
+ - "{{ multus_dest }}"
+ - name: getting source code
+ block:
+ - name: clone Multus repo
+ git:
+ repo: "{{ multus_url }}"
+ dest: "{{ multus_dest }}"
+ version: "{{ multus_version }}"
+ force: yes
+ - name: build multus source code
+ command: ./build
+ args:
+ chdir: "{{ multus_dest }}"
+ - name: copy multus binary to opt folder
+ command: "mv {{ multus_dest }}/bin/multus /opt/cni/bin/multus"
+ when: multus_source_type == "source"
+ - name: getting binary
+ block:
+ - name: download Multus tarball
+ get_url:
+ url: "{{ multus_url }}"
+ dest: "/tmp/multus.tar.gz"
+ - name: extract multus source code
+ unarchive:
+ src: "/tmp/multus.tar.gz"
+ dest: "{{ multus_dest }}"
+ remote_src: yes
+ - name: copy multus binary to opt folder
+ command: "mv {{ multus_dest }}/multus-cni_v{{ multus_version }}_linux_amd64/multus-cni /opt/cni/bin/multus"
+ when: multus_source_type == "tarball"
+ - name: create multus configuration file
+ blockinfile:
+ marker: ""
+ path: /etc/cni/net.d/00-multus.conf
+ create: yes
+ block: |
+ {
+ "type": "multus",
+ "name": "multus-cni",
+ "cniVersion": "0.3.1",
+ "kubeconfig": "/etc/kubernetes/admin.conf",
+ "delegates": [
+ {
+ "type": "flannel",
+ "cniVersion": "0.3.1",
+ "masterplugin": true,
+ "delegate": {
+ "isDefaultGateway": true
+ }
+ }
+ ]
+ }
+
+- hosts: localhost
+ pre_tasks:
+ - name: Load kud variables
+ include_vars:
+ file: kud-vars.yml
+ roles:
+ - role: andrewrothstein.kubectl
+ kubectl_ver: "v{{ kubectl_version }}"
+ tasks:
+ - name: define a CRD network object specification
+ blockinfile:
+ path: /tmp/crdnetwork.yml
+ create: yes
+ block: |
+ apiVersion: apiextensions.k8s.io/v1beta1
+ kind: CustomResourceDefinition
+ metadata:
+ name: network-attachment-definitions.k8s.cni.cncf.io
+ spec:
+ group: k8s.cni.cncf.io
+ version: v1
+ scope: Namespaced
+ names:
+ plural: network-attachment-definitions
+ singular: network-attachment-definition
+ kind: NetworkAttachmentDefinition
+ shortNames:
+ - net-attach-def
+ validation:
+ openAPIV3Schema:
+ properties:
+ spec:
+ properties:
+ config:
+ type: string
+
+ - name: create network objects
+ shell: "/usr/local/bin/kubectl apply -f /tmp/crdnetwork.yml"
+ ignore_errors: True
diff --git a/kud/deployment_infra/playbooks/configure-nfd.yml b/kud/deployment_infra/playbooks/configure-nfd.yml
new file mode 100644
index 00000000..a091d04b
--- /dev/null
+++ b/kud/deployment_infra/playbooks/configure-nfd.yml
@@ -0,0 +1,61 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+- hosts: kube-node
+ tasks:
+ - name: Load kud variables
+ include_vars:
+ file: kud-vars.yml
+ - name: clone NFD repo
+ git:
+ repo: "{{ nfd_url }}"
+ dest: "{{ nfd_dest }}"
+ version: "{{ nfd_version }}"
+ force: yes
+ when: nfd_source_type == "source"
+ - name: build NFD image
+ become: yes
+ make:
+ chdir: "{{ nfd_dest }}"
+ - name: get NDF image name
+ become: yes
+ shell: "docker images | grep kubernetes_incubator | awk '{printf(\"%s:%s\\n\", $1,$2)}'"
+ register: nfd_image
+ - name: replace NFD image name
+ lineinfile:
+ path: "{{ nfd_dest }}/node-feature-discovery-{{ item }}.json.template"
+ regexp: "\"image\": \"quay.io/kubernetes_incubator.*i"
+ line: "\"image\": \"{{ nfd_image.stdout }}\","
+ with_items:
+ - daemonset
+ - job
+ - name: copying rbac and daemonset files
+ fetch:
+ src: "{{ nfd_dest }}/{{ item }}"
+ dest: "/tmp/"
+ flat: yes
+ with_items:
+ - rbac.yaml
+ - node-feature-discovery-daemonset.json.template
+
+- hosts: localhost
+ pre_tasks:
+ - name: Load kud variables
+ include_vars:
+ file: kud-vars.yml
+ roles:
+ - role: andrewrothstein.kubectl
+ kubectl_ver: "v{{ kubectl_version }}"
+ tasks:
+ - name: create service accounts
+ command: "/usr/local/bin/kubectl apply -f /tmp/{{ item }}"
+ with_items:
+ - rbac.yaml
+ - node-feature-discovery-daemonset.json.template
diff --git a/kud/deployment_infra/playbooks/configure-ovn-kubernetes.yml b/kud/deployment_infra/playbooks/configure-ovn-kubernetes.yml
new file mode 100644
index 00000000..5f1c9f64
--- /dev/null
+++ b/kud/deployment_infra/playbooks/configure-ovn-kubernetes.yml
@@ -0,0 +1,136 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- import_playbook: configure-ovn.yml
+
+- hosts: ovn-central:ovn-controller
+ vars:
+ central_node_ip: "{{ hostvars[groups['ovn-central'][0]]['ansible_ssh_host'] }}"
+ environment:
+ PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/"
+ pre_tasks:
+ - name: Load kud variables
+ include_vars:
+ file: kud-vars.yml
+ roles:
+ - role: andrewrothstein.go
+ go_ver: "{{ go_version }}"
+ tasks:
+ - name: Load kud variables
+ include_vars:
+ file: kud-vars.yml
+ - name: clone ovn-kubernetes repo
+ git:
+ repo: "{{ ovn_kubernetes_url }}"
+ dest: "{{ ovn_kubernetes_dest }}"
+ version: "{{ ovn_kubernetes_version }}"
+ force: yes
+ when: ovn_kubernetes_source_type == "source"
+ - name: getting binaries
+ block:
+ - name: download ovn-kubernetes tarball
+ get_url:
+ url: "{{ ovn_kubernetes_url }}"
+ dest: /tmp/ovn-kubernetes.tar.gz
+ - name: extract ovn-kubernetes source code
+ unarchive:
+ src: /tmp/ovn-kubernetes.tar.gz
+ dest: /tmp/
+ remote_src: yes
+ - name: rename extracted folder
+ command: "mv /tmp/ovn-kubernetes-{{ ovn_kubernetes_version }}/ {{ ovn_kubernetes_dest }}/"
+ when: ovn_kubernetes_source_type == "tarball"
+ - name: make ovnkube files
+ make:
+ chdir: "{{ ovn_kubernetes_dest }}/go-controller"
+ - name: install ovnkube files
+ make:
+ chdir: "{{ ovn_kubernetes_dest }}/go-controller"
+ target: install
+ become: yes
+ - name: create OVN Kubernetes config file
+ become: yes
+ blockinfile:
+ path: /etc/openvswitch/ovn_k8s.conf
+ create: yes
+ block: |
+ [logging]
+ loglevel=5
+ logfile=/var/log/openvswitch/ovnkube.log
+
+ [cni]
+ conf-dir=/etc/cni/net.d
+ plugin=ovn-k8s-cni-overlay
+ - name: create ovnkube logging directory
+ file:
+ path: /var/log/openvswitch
+ state: directory
+
+- hosts: ovn-central
+ become: yes
+ vars:
+ central_node_ip: "{{ hostvars[groups['ovn-central'][0]]['ansible_ssh_host'] }}"
+ tasks:
+ - name: create ovnkube central systemd service
+ blockinfile:
+ path: /etc/systemd/system/ovn-k8s-central.service
+ create: yes
+ block: |
+ [Unit]
+ Description=OVN Central Daemon
+
+ [Service]
+ ExecStart=/usr/bin/ovnkube \
+ -net-controller \
+ -init-master="{{ ansible_hostname }}" \
+ -init-node="{{ ansible_hostname }}" \
+ -nodeport \
+ -k8s-kubeconfig=/etc/kubernetes/admin.conf \
+ -k8s-token="test" \
+ -nb-address="tcp://{{ central_node_ip }}:6641" \
+ -sb-address="tcp://{{ central_node_ip }}:6642"
+
+ [Install]
+ WantedBy=multi-user.target
+ - name: start ovnkube central systemd service
+ service:
+ name: ovn-k8s-central
+ state: started
+ enabled: yes
+
+- hosts: ovn-controller
+ become: yes
+ vars:
+ central_node_ip: "{{ hostvars[groups['ovn-central'][0]]['ansible_ssh_host'] }}"
+ tasks:
+ - name: create ovnkube controller systemd service
+ blockinfile:
+ path: /etc/systemd/system/ovn-k8s-host.service
+ create: yes
+ block: |
+ [Unit]
+ Description=OVN Controller Daemon
+
+ [Service]
+ ExecStart=/usr/bin/ovnkube \
+ -init-gateways \
+ -init-node="{{ ansible_hostname }}" \
+ -nodeport \
+ -k8s-kubeconfig=/etc/kubernetes/admin.conf \
+ -k8s-token="test" \
+ -nb-address="tcp://{{ central_node_ip }}:6641" \
+ -sb-address="tcp://{{ central_node_ip }}:6642"
+
+ [Install]
+ WantedBy=multi-user.target
+ - name: start ovnkube controller systemd service
+ service:
+ name: ovn-k8s-host
+ state: started
+ enabled: yes
diff --git a/kud/deployment_infra/playbooks/configure-ovn.yml b/kud/deployment_infra/playbooks/configure-ovn.yml
new file mode 100644
index 00000000..3fd2c765
--- /dev/null
+++ b/kud/deployment_infra/playbooks/configure-ovn.yml
@@ -0,0 +1,109 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- hosts: ovn-central:ovn-controller
+ become: yes
+ tasks:
+ - name: Load distribution variables
+ include_vars:
+ file: "{{ item }}"
+ with_items:
+ - "{{ ansible_os_family }}.yml"
+ - name: get Wand GPI files
+ get_url:
+ url: https://packages.wand.net.nz/keyring.gpg
+ dest: /etc/apt/trusted.gpg.d/wand.gpg
+ - name: add WAND Debian Repo
+ apt_repository:
+ repo: "deb https://packages.wand.net.nz {{ ansible_lsb.codename }} main"
+ state: present
+ - name: install OpenVSwitch packages
+ package:
+ name: "{{ item }}"
+ state: present
+ with_items: "{{ openvswitch_pkgs }}"
+ - name: install Open Virtual Network components
+ package:
+ name: "{{ item }}"
+ state: present
+ with_items: "{{ ovn_pkgs }}"
+ - name: start OpenVSwitch services
+ service:
+ name: "{{ openvswitch_service }}"
+ state: started
+
+- hosts: ovn-central
+ become: yes
+ tasks:
+ - name: Load distribution variables
+ include_vars:
+ file: "{{ item }}"
+ with_items:
+ - "{{ ansible_os_family }}.yml"
+ - name: install Open Virtual Network central components
+ package:
+ name: "{{ item }}"
+ state: present
+ with_items: "{{ ovn_central_pkgs }}"
+ - name: enable remote connections to southbound and northbound dbs
+ lineinfile:
+ path: /etc/default/ovn-central
+ line: "OVN_CTL_OPTS=\" --db-sb-create-insecure-remote=yes --db-nb-create-insecure-remote=yes\""
+ state: present
+ when: ansible_os_family == "Debian"
+ - name: start OVN northbound database services
+ service:
+ name: "{{ ovn_central_service }}"
+ state: restarted
+
+- hosts: ovn-controller
+ become: yes
+ vars:
+ ovn_central_ips: "{{ groups['ovn-central'] | map('extract', hostvars, ['ansible_ssh_host']) | join(',') }}"
+ tasks:
+ - name: Load distribution variables
+ include_vars:
+ file: "{{ item }}"
+ with_items:
+ - "{{ ansible_os_family }}.yml"
+ - name: stop the ovn-controller service
+ service:
+ name: "{{ ovn_controller_service }}"
+ state: stopped
+ - name: configure OpenVSwitch databases
+ openvswitch_db:
+ table: Open_vSwitch
+ record: .
+ col: external_ids
+ key: ovn-remote
+ value: \""tcp:{{ item }}:6642"\"
+ with_items: "{{ ovn_central_ips }}"
+ - name: enable overlay network protocols
+ openvswitch_db:
+ table: Open_vSwitch
+ record: .
+ col: external_ids
+ key: ovn-encap-type
+ value: geneve
+ - name: configure the overlay network local endpoint IP address.
+ openvswitch_db:
+ table: Open_vSwitch
+ record: .
+ col: external_ids
+ key: ovn-encap-ip
+ value: "{{ ansible_default_ipv4.address }}"
+ - name: start the ovn-controller service
+ service:
+ name: "{{ ovn_controller_service }}"
+ state: started
+ - name: ensuring that br-int bridge exists
+ openvswitch_bridge:
+ bridge: br-int
+ state: present
+ fail_mode: secure
diff --git a/kud/deployment_infra/playbooks/configure-ovn4nfv.yml b/kud/deployment_infra/playbooks/configure-ovn4nfv.yml
new file mode 100644
index 00000000..f8dabd9d
--- /dev/null
+++ b/kud/deployment_infra/playbooks/configure-ovn4nfv.yml
@@ -0,0 +1,98 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- import_playbook: configure-ovn.yml
+- import_playbook: configure-multus.yml
+
+- hosts: kube-master:kube-node
+ environment:
+ PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/"
+ roles:
+ - role: andrewrothstein.go
+ tasks:
+ - name: Load kud variables
+ include_vars:
+ file: kud-vars.yml
+ - name: clone ovn4nfv-k8s-plugin repo
+ git:
+ repo: "{{ ovn4nfv_url }}"
+ dest: "{{ ovn4nfv_dest }}"
+ version: "{{ ovn4nfv_version }}"
+ force: yes
+ when: ovn4nfv_source_type == "source"
+ - name: clean ovn4nfvk8s left over files
+ make:
+ chdir: "{{ ovn4nfv_dest }}"
+ target: clean
+ - name: build ovn4nfvk8s-cni
+ make:
+ chdir: "{{ ovn4nfv_dest }}"
+ target: ovn4nfvk8s-cni
+ become: yes
+ environment:
+ GOPATH: "{{ go_path }}"
+ - name: copy ovn4nfvk8s-cni to cni folder
+ command: "mv {{ ovn4nfv_dest }}/ovn4nfvk8s-cni /opt/cni/bin/ovn4nfvk8s-cni"
+ become: yes
+ - name: create ovn4k8s config file
+ become: yes
+ blockinfile:
+ path: /etc/openvswitch/ovn4nfv_k8s.conf
+ create: yes
+ block: |
+ [logging]
+ loglevel=5
+ logfile=/var/log/openvswitch/ovn4k8s.log
+
+ [cni]
+ conf-dir=/etc/cni/net.d
+ plugin=ovn4nfvk8s-cni
+
+ [kubernetes]
+ kubeconfig=/etc/kubernetes/admin.conf
+ - name: create ovnkube logging directory
+ file:
+ path: /var/log/openvswitch
+ state: directory
+
+- hosts: kube-master
+ environment:
+ PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/"
+ become: yes
+ tasks:
+ - name: Load kud variables
+ include_vars:
+ file: kud-vars.yml
+ - name: build ovn4nfvk8s
+ make:
+ chdir: "{{ ovn4nfv_dest }}"
+ target: ovn4nfvk8s
+ environment:
+ GOPATH: "{{ go_path }}"
+ - name: copy ovn4nfvk8s to /usr/bin folder
+ command: "mv {{ ovn4nfv_dest }}/ovn4nfvk8s /usr/bin/ovn4nfvk8s"
+ - name: create ovn4nfvk8s systemd service
+ blockinfile:
+ path: /etc/systemd/system/ovn4nfvk8s.service
+ create: yes
+ block: |
+ [Unit]
+ Description=OVN4NFV Kubernetes Daemon
+
+ [Service]
+ ExecStart=/usr/bin/ovn4nfvk8s \
+ -k8s-kubeconfig=/etc/kubernetes/admin.conf
+
+ [Install]
+ WantedBy=multi-user.target
+ - name: start ovn4nfvk8s systemd service
+ service:
+ name: ovn4nfvk8s
+ state: started
+ enabled: yes
diff --git a/kud/deployment_infra/playbooks/configure-virtlet.yml b/kud/deployment_infra/playbooks/configure-virtlet.yml
new file mode 100644
index 00000000..753e487e
--- /dev/null
+++ b/kud/deployment_infra/playbooks/configure-virtlet.yml
@@ -0,0 +1,250 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+- hosts: localhost
+ vars:
+ images_file: /tmp/images.yaml
+ pre_tasks:
+ - name: Load kud variables
+ include_vars:
+ file: kud-vars.yml
+ roles:
+ - role: andrewrothstein.kubectl
+ kubectl_ver: "v{{ kubectl_version }}"
+ - role: geerlingguy.docker
+ when: virtlet_source_type == "source"
+ tasks:
+ - name: create Virtlet binary folder
+ file:
+ state: directory
+ path: "{{ virtlet_dest }}"
+ - name: apply virtlet extraRuntime label
+ command: "/usr/local/bin/kubectl label node {{ item }} extraRuntime=virtlet --overwrite"
+ with_inventory_hostnames: virtlet
+ - name: create image translations confimap file
+ blockinfile:
+ path: "{{ images_file }}"
+ create: yes
+ block: |
+ translations:
+ - name: ubuntu/14.04
+ url: https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img
+ - name: ubuntu/16.04
+ url: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img
+ - name: ubuntu/18.04
+ url: https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img
+ - regexp: 'centos/(\d+)-(\d+)'
+ url: 'https://cloud.centos.org/centos/$1/images/CentOS-$1-x86_64-GenericCloud-$2.qcow2'
+ - name: fedora
+ url: https://download.fedoraproject.org/pub/fedora/linux/releases/27/CloudImages/x86_64/images/Fedora-Cloud-Base-27-1.6.x86_64.qcow2
+ {% if lookup('env','http_proxy') != "" %}
+ transports:
+ "":
+ proxy: "{{ lookup('env','http_proxy') }}"
+ {% endif %}
+ - name: install image translations configmap
+ shell: "/usr/local/bin/kubectl create configmap -n kube-system virtlet-image-translations --from-file {{ images_file }} --dry-run -o yaml | /usr/local/bin/kubectl apply -f -"
+ ignore_errors: True
+ - name: create Virtlet folder
+ file:
+ state: directory
+ path: "{{ virtlet_dest }}"
+ - name: getting source code
+ block:
+ - name: clone Virtlet repo
+ git:
+ repo: "{{ virtlet_url }}"
+ dest: "{{ virtlet_dest }}"
+ version: "{{ virtlet_version }}"
+ force: yes
+ - name: configure proxy values for docker service
+ block:
+ - name: create docker config folder
+ become: yes
+ file:
+ state: directory
+ path: "/etc/systemd/system/docker.service.d"
+ - name: Configure docker service to use http_proxy env value
+ become: yes
+ blockinfile:
+ dest: "/etc/systemd/system/docker.service.d/http-proxy.conf"
+ create: yes
+ block: |
+ [Service]
+ Environment="HTTP_PROXY={{ lookup('env','http_proxy') }}"
+ when:
+ - lookup('env','http_proxy') != "fooproxy"
+ - name: Configure docker service to use https_proxy env value
+ become: yes
+ blockinfile:
+ dest: "/etc/systemd/system/docker.service.d/https-proxy.conf"
+ create: yes
+ block: |
+ [Service]
+ Environment="HTTPS_PROXY={{ lookup('env','https_proxy') }}"
+ when:
+ - lookup('env','https_proxy') != "fooproxy"
+ - name: Configure docker service to use no_proxy env value
+ become: yes
+ blockinfile:
+ dest: "/etc/systemd/system/docker.service.d/no-proxy.conf"
+ create: yes
+ block: |
+ [Service]
+ Environment="NO_PROXY={{ lookup('env','no_proxy') }}"
+ when:
+ - lookup('env','no_proxy') != "fooproxy"
+ - name: reload systemd
+ become: yes
+ command: systemctl daemon-reload
+ - name: restart docker service
+ become: yes
+ service:
+ name: docker
+ state: restarted
+ when: lookup('env','http_proxy') != "fooproxy" or lookup('env','https_proxy') != "fooproxy" or lookup('env','no_proxy') != "fooproxy"
+ - name: build virtlet source code
+ command: ./cmd.sh build
+ args:
+ chdir: "{{ virtlet_dest }}/build"
+ environment:
+ http_proxy: "{{ lookup('env','http_proxy') }}"
+ https_proxy: "{{ lookup('env','https_proxy') }}"
+ no_proxy: "{{ lookup('env','no_proxy') }}"
+ when: virtlet_source_type == "source"
+ - name: download virtletctl
+ get_url:
+ url: "{{ virtlet_url }}"
+ dest: "{{ virtlet_dest }}/virtletctl"
+ when: virtlet_source_type == "binary"
+ - name: set virtletctl execution permissions
+ file:
+ path: "{{ virtlet_dest }}/virtletctl"
+ mode: "+x"
+ - name: install virtletctl as kubectl plugin
+ become: yes
+ command: "mv {{ virtlet_dest }}/virtletctl /usr/local/bin/kubectl-virt"
+ - name: create Virtlet k8s objects
+ shell: "/usr/local/bin/kubectl virt gen | /usr/local/bin/kubectl apply -f -"
+ ignore_errors: True
+ - name: wait for Virtlet daemonset
+ shell: "/usr/local/bin/kubectl get ds virtlet -n=kube-system -o=jsonpath --template={.status.numberReady}"
+ register: daemonset
+ until:
+ - '1'
+ retries: 6
+ delay: 10
+
+- hosts: virtlet
+ tasks:
+ - name: Load kud variables
+ include_vars:
+ file: kud-vars.yml
+ - name: create CRIProxy binary folder
+ file:
+ state: directory
+ path: "{{ criproxy_dest }}"
+ - name: disable AppArmor in all nodes
+ become: yes
+ service:
+ name: apparmor
+ state: stopped
+ enabled: no
+ when: ansible_os_family == "Debian"
+ - name: modify args for kubelet service
+ become: yes
+ lineinfile:
+ dest: /etc/systemd/system/kubelet.service
+ line: " --container-runtime=remote --container-runtime-endpoint=unix:///run/criproxy.sock --image-service-endpoint=unix:///run/criproxy.sock --enable-controller-attach-detach=false \\"
+ insertafter: '^ExecStart=/usr/local/bin/kubelet *'
+ state: present
+ - name: create dockershim service
+ become: yes
+ blockinfile:
+ path: /etc/systemd/system/dockershim.service
+ create: yes
+ block: |
+ [Unit]
+ Description=dockershim for criproxy
+
+ [Service]
+ EnvironmentFile=-/etc/kubernetes/kubelet.env
+ ExecStartPre=-/bin/mkdir -p /var/lib/kubelet/volume-plugins
+ ExecStart=/usr/local/bin/kubelet --experimental-dockershim --port 11250 \
+ $KUBE_LOGTOSTDERR \
+ $KUBE_LOG_LEVEL \
+ $KUBELET_API_SERVER \
+ $KUBELET_ADDRESS \
+ $KUBELET_PORT \
+ $KUBELET_HOSTNAME \
+ $KUBE_ALLOW_PRIV \
+ $KUBELET_ARGS \
+ $DOCKER_SOCKET \
+ $KUBELET_NETWORK_PLUGIN \
+ $KUBELET_VOLUME_PLUGIN \
+ $KUBELET_CLOUDPROVIDER
+ Restart=always
+ StartLimitInterval=0
+ RestartSec=10
+
+ [Install]
+ RequiredBy=criproxy.service
+ - name: getting source code
+ block:
+ - name: clone CRIProxy repo
+ git:
+ repo: "{{ criproxy_url }}"
+ dest: "{{ criproxy_dest }}"
+ version: "{{ criproxy_version }}"
+ force: yes
+ - name: build criproxy source code
+ command: ./build-package.sh
+ args:
+ chdir: "{{ criproxy_dest }}"
+ when: criproxy_source_type == "source"
+ - name: download CRIproxy package
+ get_url:
+ url: "{{ criproxy_url }}"
+ dest: "{{ criproxy_dest }}/criproxy"
+ when: criproxy_source_type == "binary"
+ - name: set criproxy execution permissions
+ file:
+ path: "{{ criproxy_dest }}/criproxy"
+ mode: "+x"
+ - name: create criproxy service
+ become: yes
+ blockinfile:
+ path: /etc/systemd/system/criproxy.service
+ create: yes
+ block: |
+ [Unit]
+ Description=CRI Proxy
+
+ [Service]
+ ExecStart={{ criproxy_dest }}/criproxy -v 3 -logtostderr -connect /var/run/dockershim.sock,virtlet.cloud:/run/virtlet.sock -listen /run/criproxy.sock
+ Restart=always
+ StartLimitInterval=0
+ RestartSec=10
+
+ [Install]
+ WantedBy=kubelet.service
+ - name: start criproxy and dockershim services
+ become: yes
+ service:
+ name: "{{ item }}"
+ state: started
+ enabled: yes
+ with_items:
+ - dockershim
+ - criproxy
+ - name: restart kubelet services
+ become: yes
+ service:
+ name: kubelet
+ state: restarted
diff --git a/kud/deployment_infra/playbooks/kud-vars.yml b/kud/deployment_infra/playbooks/kud-vars.yml
new file mode 100644
index 00000000..d6bd0ee6
--- /dev/null
+++ b/kud/deployment_infra/playbooks/kud-vars.yml
@@ -0,0 +1,63 @@
+---
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+base_dest: /tmp
+
+multus_dest: "{{ base_dest }}/multus-cni"
+#multus_source_type: "tarball"
+#multus_version: 3.1
+#multus_url: "https://github.com/intel/multus-cni/releases/download/v{{ multus_version }}/multus-cni_v{{ multus_version }}_linux_amd64.tar.gz"
+multus_source_type: "source"
+multus_version: 366f2120cb88c85deab6343b7062fd38fdb0ece9
+multus_url: "https://github.com/ritusood/multus-cni"
+
+ovn_kubernetes_dest: "{{ base_dest }}/ovn-kubernetes"
+ovn_kubernetes_source_type: "tarball"
+ovn_kubernetes_version: 0.3.0
+ovn_kubernetes_url: "https://github.com/openvswitch/ovn-kubernetes/archive/v{{ ovn_kubernetes_version }}.tar.gz"
+#ovn_kubernetes_source_type: "source"
+#ovn_kubernetes_version: 456a0857956988f968bb08644c650ba826592ec1
+#ovn_kubernetes_url: "https://github.com/openvswitch/ovn-kubernetes"
+
+criproxy_dest: "{{ base_dest }}/criproxy"
+criproxy_source_type: "binary"
+criproxy_version: 0.14.0
+criproxy_url: "https://github.com/Mirantis/criproxy/releases/download/v{{ criproxy_version }}/criproxy"
+#criproxy_source_type: "source"
+#criproxy_version: b5ca5a6cec278e2054dface4f7a3e111fb9ab84b
+#criproxy_url: "https://github.com/Mirantis/criproxy"
+virtlet_dest: "{{ base_dest }}/virtlet"
+virtlet_source_type: "binary"
+virtlet_version: 1.4.4
+virtlet_url: "https://github.com/Mirantis/virtlet/releases/download/v{{ virtlet_version }}/virtletctl"
+#virtlet_source_type: "source"
+#virtlet_version: 68e11b8f1db2c78b063126899f0e60910700975d
+#virtlet_url: "https://github.com/Mirantis/virtlet"
+
+nfd_dest: "{{ base_dest }}/nfd"
+nfd_source_type: "source"
+nfd_version: 175305b1ad73be7301ac94add475cec6fef797a9
+nfd_url: "https://github.com/kubernetes-incubator/node-feature-discovery"
+
+istio_dest: "{{ base_dest }}/istio"
+istio_source_type: "tarball"
+istio_version: 1.0.3
+istio_url: "https://github.com/istio/istio/releases/download/{{ istio_version }}/istio-{{ istio_version }}-linux.tar.gz"
+
+go_path: "{{ base_dest }}/go"
+ovn4nfv_dest: "{{ go_path }}/src/ovn4nfv-k8s-plugin"
+ovn4nfv_source_type: "source"
+ovn4nfv_version: 5026d1d89b05eac5e004279b742df6745a73d93a
+ovn4nfv_url: "https://git.opnfv.org/ovn4nfv-k8s-plugin/"
+
+go_version: '1.11'
+kubespray_version: 2.8.2
+kubectl_version: 1.12.2
+helm_client_version: 2.9.1