summaryrefslogtreecommitdiffstats
path: root/kud/deployment_infra
AgeCommit message (Collapse)AuthorFilesLines
2021-08-17Use EMCO logical cloud with addonsTodd Malsbary2-4/+50
The moves the addons from the default namespace into their own, "kud" namespace. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I5476c7634af7affe1b6bbd7d2bf9b5cd7a8206e5
2021-08-16Merge "Update ovn4nfv chart version to support kubevirt"Ritu Sood2-2/+2
2021-08-16Merge "Select vfio-pci deviceType in SR-IOV network"Ritu Sood1-1/+7
2021-08-16Merge "Enable CPUManager feature gate in kubevirt"Ritu Sood1-1/+2
2021-07-28Select vfio-pci deviceType in SR-IOV networkTodd Malsbary1-1/+7
This enables the sriov interface type in kubevirt VMs. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I03ab6a4d374b6abdcad9264ac8a959bb40ca9870
2021-07-28Enable CPUManager feature gate in kubevirtTodd Malsbary1-1/+2
This allows for CPU pinning in VirtualMachine specs with the dedicatedCpuPlacement and isolateEmulatorThread keys. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Icba3eb07b80367d5bdda8708658f50486fc0780d
2021-07-28Update ovn4nfv chart version to support kubevirtTodd Malsbary2-2/+2
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I38a8dab6b57847f9f7b4f6a816772783fa981079
2021-07-28Update EMCO playbook to 21.03.06Todd Malsbary2-2/+10
Issue-ID: MULTICLOUD-1376 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I91422116714e16f520ed37bd00185383b01d41aa
2021-07-16Update KUD to python3Todd Malsbary1-8/+5
Issue-ID: MULTICLOUD-1375 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I0433a55ef2ac9caba976a267fa9e1f41d5353248
2021-06-24Add ovn4nfv-network addonTodd Malsbary8-0/+63
This chart contains the ovn-networkobj NetworkAttachmentDefinition required by EMCO. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Iaf10bacaf7ff263b165ca18a427958f7e75c3628
2021-06-24Merge "Move topology-manager configuration to kubespray"Eric Multanen2-73/+0
2021-06-24Merge "Refactor EMCO deploy of addons"Eric Multanen10-266/+380
2021-06-24Merge "Add kubevirt and cdi addon helm charts"Eric Multanen41-1/+6056
2021-06-21Move topology-manager configuration to kubesprayTodd Malsbary2-73/+0
The steps performed by the existing ansible playbook can be performed directly by kubespray. In addtion, fix and enable the topology-manager.sh test. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Iee2197c1fc3e35288796399cccff0d3ae0925a6c
2021-06-16SDEWAN CNF helm chartYao Le6-0/+351
Create SDEWAN CNF helm chart and configure it with default value Issue-ID: MULTICLOUD-1092 Signed-off-by: Yao Le <le.yao@intel.com> Change-Id: Ib80e6b734c599a91f90d2fa4c32b098d6d279c0b Signed-off-by: Ruoyu <ruoyu.ying@intel.com>
2021-06-15Add kubevirt and cdi addon helm chartsTodd Malsbary41-1/+6056
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I6ba134140f0aca6717c656ffa35c6576426a8b98
2021-06-09Refactor EMCO deploy of addonsTodd Malsbary10-266/+380
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I90b33cd99c42017b50f3174b6f9033a861e11dd3
2021-06-04Expose installer ENV vars through DockerfileTodd Malsbary3-1/+9
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ie913d3f26d039fae0bff98149ebe0a6e6dea2ebd
2021-05-21Merge "Mount /var/run as shared"Ritu Sood1-0/+1
2021-05-20Added initial kata files and containerd support as well as adding the Kata ↵Eric Adams4-0/+139
webhook Issue-ID: MULTICLOUD-1320 Signed-off-by: Eric Adams <eric.adams@intel.com> Change-Id: I9ef0bcde7c2ef22a04c32311d4571abc3b688ffe
2021-05-19Mount /var/run as sharedTodd Malsbary1-0/+1
This fixes the "unknown FS magic" error reported by nfn-agent: E0518 22:05:58.596460 20593 cni.go:150] Failed to configure interface in pod: failed to open netns "/var/run/netns/cni-c24e4d8e-819c-6a0c-9ae5-6b4e5cf8f68d": unknown FS magic on "/var/run/netns/cni-c24e4d8e-819c-6a0c-9ae5-6b4e5cf8f68d": 1021994 It can be observed as a failure of the ovn4nfv.sh test when CONTAINER_RUNTIME is "containerd". Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: If979110d125511827a65a5de5101a2832d5efeb5
2021-05-10Merge "EMCO deploy of addons"Ritu Sood21-0/+403
2021-05-07Update go_version from 1.12 to 1.14.Todd Malsbary1-1/+1
Go reports a missing crypto/ed25519 module when running the vagrant installer with KUD_PLUGIN_ENABLED. The package was introduced in go 1.13 (https://golang.org/doc/go1.13#crypto/ed25519). Issue-ID: MULTICLOUD-1343 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I2fdd06b67122506308038be0fe6b00a2e737f0f0
2021-05-07EMCO deploy of addonsTodd Malsbary21-0/+403
An example is provided with instructions on how to install the addons with emcoctl. Addtionally, the containerized installer will populate /opt/kud/addons and /opt/kud/multi-cluster/$CLUSTER_NAME/artifacts with the files and instructions necessary as well. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I74de1c9d18a0aaec4a96e38684ec80f00ab0b940
2021-05-07Merge "Replace emco with openness-21.03 release"Ritu Sood6-45/+244
2021-05-05Add qat addon helm chartTodd Malsbary11-1/+971
This chart contains the upstream qat plugin from intel-device-plugins-for-kubernetes together with a qat driver installer. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I3467ba204276999dac4087bdf68ac0d4439861ad
2021-05-05Merge "Add cmk addon helm chart"Ritu Sood9-0/+654
2021-05-05Merge "Add sriov-network addon helm chart"Ritu Sood6-0/+317
2021-05-05Merge "Add ovn4nfv addon helm chart"Ritu Sood17-0/+1232
2021-05-05Merge "Add sriov-network-operator addon helm chart"Ritu Sood20-0/+1384
2021-05-04Add ovn4nfv addon helm chartTodd Malsbary17-0/+1232
This chart follows the upstream installation guide with the following exceptions: - The node-role.kubernetes.io/master:NoSchedule taint is not removed. The YAML files already included the necessary tolerations. - No node labeling is done. Instead, the ovn-control-plane node selector is for the master role, and the nfn-operator pod affinity is for "role: ovn-control-plane". This ensures that the ovn-control-plane and nfn-operator run are scheduled on the same master node, equivalent to the labelling approach used upstream. Also, additional allowed capabilities are needed to run the pods with the restricted PodSecurityPolicy. These capabilities are requested by the Pods, but not available in the default set of allowed capabilities. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I54ae12434572e2e2dd1fe2ec9298d04557331d94
2021-05-04Replace emco with openness-21.03 releaseTodd Malsbary6-45/+244
This change also installs emcoctl in the artifacts directory, similar to what is done for kubectl by kubespray. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I8447210487578ceeef61afc7c3e4d97905303c8a
2021-05-04Add sriov-network addon helm chartTodd Malsbary6-0/+317
This chart deploys the CR used by the sriov-network-operator. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I9364868d3e58fd64e51a77aaa934284fad86a1b1
2021-05-04Add sriov-network-operator addon helm chartTodd Malsbary20-0/+1384
This chart contains the upstream sriov-network-operator from k8snetworkplumbingwg together with an iavf driver installer. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ic925c66f8e2b28b7604240c3ed35b1a56883b60b
2021-04-30Merge "Remove unused cmk kud vars"Ritu Sood1-4/+0
2021-04-30Merge "Add nfd addon helm chart"Ritu Sood11-0/+619
2021-04-30Merge "Add multus addon helm chart"Ritu Sood10-0/+433
2021-04-30Merge "Add Makefile for addon helm charts"Ritu Sood2-0/+52
2021-04-29Add cmk addon helm chartTodd Malsbary9-0/+654
The chart follows the instructions laid out in the CMK operator manual, with the following notes: - The nodes are prepared by running each CMK subcommand as a Pod instead of running cmk cluster-init. The first reason for this is that the existing addon only deploys CMK to the worker nodes in the cluster. This is not possible using cluster-init without explicitly providing the list of worker nodes to cluster-init, and this list is unknown by helm. Instead it is sufficient to rely on the node-role.kubernetes.io/master:NoSchedule taint. The second reason is that cluster-init creates resources which are unknown to helm, thus uninstall does not behave as expected. - The v1.4.1 version of CMK is chosen. In v1.5.2, the description key of the cmk-nodereport resource is not correct. - All values listed as possibly requiring modification are exposed in values.yaml Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ibc75462de3729cd88edeb4b15602d57fe12791ca
2021-04-29Remove unused cmk kud varsTodd Malsbary1-4/+0
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I0c1d43de8506233eb62bde52641bb7fc95b422fc
2021-04-28Add X710 to iavf driver NICsTodd Malsbary2-9/+3
Issue-ID: MULTICLOUD-1336 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I7a0ee4302c020e6b7ec785d6a85af636b6a85ecc
2021-04-09Add multus addon helm chartTodd Malsbary10-0/+433
- Support for calico configuration is present but currently disabled. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I2d2161564c4da2e165e5cf13cea92fae4935f8b2
2021-04-06Add Makefile for addon helm chartsTodd Malsbary2-0/+52
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I90a9cf23a8fb01cbc579d2b6670b476494c2a7bb
2021-03-30Add nfd addon helm chartTodd Malsbary11-0/+619
This change adds iavf, qat, and pci device labels to the node feature discovery config. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ie6296caf898983149483ac581428f2c80405bca8
2021-01-24Merge "Fix the nodeSelector indent and define name"Ritu Sood3-5/+5
2020-12-10Merge "Fix broken virtlet image URL"Eric Multanen1-1/+1
2020-12-10Merge "Enable pod security policies"Eric Multanen4-2/+39
2020-12-09Enable pod security policiesTodd Malsbary4-2/+39
The intention with this change is to disable CAP_NET_RAW (which can be a security vulnerability) for created Pods. kubespray provides the podsecuritypolicy_enabled variable for enabling privileged (for kube-system) and restricted (for everyone else) policies. Enabling this requires binding the KUD_ADDONs to the privileged policy and specifying the security context correctly for Pods running in the default namespace. As of this change, the only difference between the privileged and restricted security policies is the dropping of CAP_NET_RAW in the restricted policy. To use the default restricted policy provided with kubespray, additional changes must be made to the Pods that are run in the default namespace (such as runing as a non-root user, not requesting privileged mode, etc.). Issue-ID: MULTICLOUD-1256 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I7d6add122ad4046f9116ef03a249f5c9da1d7eec
2020-12-07Fix QAT addon deploy and testTodd Malsbary3-91/+75
Note that as mentioned in install_qat.sh, the kernel command line must include "intel_iommu=on iommu=pt" for the deploy and test to succeed. The underlying issue is that the playbook was expecting to be run on the same host it executed on and was looking for files in the wrong places. Issue-ID: MULTICLOUD-1261 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I5f59b9147f34f077fcdc63d7fc5f80b56977054c
2020-12-02Fix broken virtlet image URLTodd Malsbary1-1/+1
Issue-ID: MULTICLOUD-1259 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I92cc722818b9023b4aa29d191cf92e2c319f957b