diff options
Diffstat (limited to 'kud/deployment_infra')
-rw-r--r-- | kud/deployment_infra/images/nfn.yml | 322 | ||||
-rw-r--r-- | kud/deployment_infra/playbooks/configure-ovn4nfv.yml | 101 |
2 files changed, 334 insertions, 89 deletions
diff --git a/kud/deployment_infra/images/nfn.yml b/kud/deployment_infra/images/nfn.yml new file mode 100644 index 00000000..6e583b95 --- /dev/null +++ b/kud/deployment_infra/images/nfn.yml @@ -0,0 +1,322 @@ + +--- + +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: networks.k8s.plugin.opnfv.org +spec: + group: k8s.plugin.opnfv.org + names: + kind: Network + listKind: NetworkList + plural: networks + singular: network + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + cniType: + description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + Important: Run "operator-sdk generate k8s" to regenerate code after + modifying this file Add custom validation using kubebuilder tags: + https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' + type: string + dns: + properties: + domain: + type: string + nameservers: + items: + type: string + type: array + options: + items: + type: string + type: array + search: + items: + type: string + type: array + type: object + ipv4Subnets: + items: + properties: + excludeIps: + type: string + gateway: + type: string + name: + type: string + subnet: + type: string + required: + - name + - subnet + type: object + type: array + ipv6Subnets: + items: + properties: + excludeIps: + type: string + gateway: + type: string + name: + type: string + subnet: + type: string + required: + - name + - subnet + type: object + type: array + routes: + items: + properties: + dst: + type: string + gw: + type: string + required: + - dst + type: object + type: array + required: + - cniType + - ipv4Subnets + type: object + status: + properties: + state: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "operator-sdk generate k8s" to regenerate + code after modifying this file Add custom validation using kubebuilder + tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' + type: string + required: + - state + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + +--- + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: k8s-nfn-sa + namespace: operator + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: k8s-nfn-cr +rules: +- apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create +- apiGroups: + - apps + resourceNames: + - nfn-operator + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - k8s.plugin.opnfv.org + resources: + - '*' + - providernetworks + verbs: + - '*' + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: k8s-nfn-crb +subjects: +- kind: Group + name: system:serviceaccounts + apiGroup: rbac.authorization.k8s.io +roleRef: + kind: ClusterRole + name: k8s-nfn-cr + apiGroup: rbac.authorization.k8s.io + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nfn-operator + namespace: operator +spec: + replicas: 1 + selector: + matchLabels: + name: nfn-operator + template: + metadata: + labels: + name: nfn-operator + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: nfnType + operator: In + values: + - operator + tolerations: + - key: "node-role.kubernetes.io/master" + effect: "NoSchedule" + operator: "Exists" + serviceAccountName: k8s-nfn-sa + containers: + - name: nfn-operator + image: rtsood/nfn-operator:latest + command: ["/usr/local/bin/entrypoint", "operator"] + imagePullPolicy: IfNotPresent + env: + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: "nfn-operator" + +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: ovn4nfv-cni-config + namespace: operator + labels: + app: ovn4nfv +data: + ovn4nfv_k8s.conf: | + [logging] + loglevel=5 + logfile=/var/log/openvswitch/ovn4k8s.log + + [cni] + conf-dir=/etc/cni/net.d + plugin=ovn4nfvk8s-cni + + [kubernetes] + kubeconfig=/etc/kubernetes/admin.conf + +--- +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: ovn4nfv-cni + namespace: operator + labels: + app: ovn4nfv +spec: + updateStrategy: + type: RollingUpdate + template: + metadata: + labels: + app: ovn4nfv + spec: + hostNetwork: true + nodeSelector: + beta.kubernetes.io/arch: amd64 + tolerations: + - operator: Exists + effect: NoSchedule + containers: + - name: ovn4nfv + image: rtsood/nfn-operator:latest + command: ["/usr/local/bin/entrypoint", "cni"] + resources: + requests: + cpu: "100m" + memory: "50Mi" + limits: + cpu: "100m" + memory: "50Mi" + securityContext: + privileged: true + volumeMounts: + - name: cnibin + mountPath: /host/opt/cni/bin + - name: cniconf + mountPath: /host/etc/openvswitch + - name: ovn4nfv-cfg + mountPath: /tmp/ovn4nfv-conf + volumes: + - name: cnibin + hostPath: + path: /opt/cni/bin + - name: cniconf + hostPath: + path: /etc/openvswitch + - name: ovn4nfv-cfg + configMap: + name: ovn4nfv-cni-config + items: + - key: ovn4nfv_k8s.conf + path: ovn4nfv_k8s.conf + + diff --git a/kud/deployment_infra/playbooks/configure-ovn4nfv.yml b/kud/deployment_infra/playbooks/configure-ovn4nfv.yml index 2084c95d..cff05296 100644 --- a/kud/deployment_infra/playbooks/configure-ovn4nfv.yml +++ b/kud/deployment_infra/playbooks/configure-ovn4nfv.yml @@ -10,95 +10,6 @@ - import_playbook: configure-ovn.yml - import_playbook: configure-multus.yml -- hosts: kube-master:kube-node - environment: - PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/" - pre_tasks: - - name: Load kud variables - include_vars: - file: kud-vars.yml - roles: - - role: andrewrothstein.go - go_ver: "{{ go_version }}" - tasks: - - name: clone ovn4nfv-k8s-plugin repo - git: - repo: "{{ ovn4nfv_url }}" - dest: "{{ ovn4nfv_dest }}" - version: "{{ ovn4nfv_version }}" - force: yes - when: ovn4nfv_source_type == "source" - - name: clean ovn4nfvk8s left over files - make: - chdir: "{{ ovn4nfv_dest }}" - target: clean - - name: build ovn4nfvk8s-cni - make: - chdir: "{{ ovn4nfv_dest }}" - target: ovn4nfvk8s-cni - become: yes - environment: - GOPATH: "{{ go_path }}" - - name: copy ovn4nfvk8s-cni to cni folder - command: "mv {{ ovn4nfv_dest }}/ovn4nfvk8s-cni /opt/cni/bin/ovn4nfvk8s-cni" - become: yes - - name: create ovn4k8s config file - become: yes - blockinfile: - path: /etc/openvswitch/ovn4nfv_k8s.conf - create: yes - block: | - [logging] - loglevel=5 - logfile=/var/log/openvswitch/ovn4k8s.log - - [cni] - conf-dir=/etc/cni/net.d - plugin=ovn4nfvk8s-cni - - [kubernetes] - kubeconfig=/etc/kubernetes/admin.conf - - name: create ovnkube logging directory - file: - path: /var/log/openvswitch - state: directory - -- hosts: kube-master - environment: - PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin/" - become: yes - tasks: - - name: Load kud variables - include_vars: - file: kud-vars.yml - - name: build ovn4nfvk8s - make: - chdir: "{{ ovn4nfv_dest }}" - target: ovn4nfvk8s - environment: - GOPATH: "{{ go_path }}" - - name: copy ovn4nfvk8s to /usr/bin folder - command: "mv {{ ovn4nfv_dest }}/ovn4nfvk8s /usr/bin/ovn4nfvk8s" - - name: create ovn4nfvk8s systemd service - blockinfile: - path: /etc/systemd/system/ovn4nfvk8s.service - create: yes - block: | - [Unit] - Description=OVN4NFV Kubernetes Daemon - - [Service] - ExecStart=/usr/bin/ovn4nfvk8s \ - -k8s-kubeconfig=/etc/kubernetes/admin.conf - - [Install] - WantedBy=multi-user.target - - name: start ovn4nfvk8s systemd service - service: - name: ovn4nfvk8s - state: started - enabled: yes - - hosts: localhost pre_tasks: - name: Load kud variables @@ -124,3 +35,15 @@ - name: create network objects shell: "/usr/local/bin/kubectl apply -f /tmp/ovn4nfvnetwork.yml" ignore_errors: True + + - name: create operator namespace + shell: "/usr/local/bin/kubectl create namespace operator" + ignore_errors: True + + - name: apply nfn operator label + command: "/usr/local/bin/kubectl label node {{ item }} nfnType=operator --overwrite" + with_inventory_hostnames: ovn-central + + - name: Apply NFN operator, operator roles, CRD's and ovn4nfv Daemonset + shell: "/usr/local/bin/kubectl apply -f ../images/nfn.yml" + ignore_errors: True |