aboutsummaryrefslogtreecommitdiffstats
path: root/kud/hosting_providers/containerized
AgeCommit message (Collapse)AuthorFilesLines
2021-05-20Added initial kata files and containerd support as well as adding the Kata ↵Eric Adams2-22/+89
webhook Issue-ID: MULTICLOUD-1320 Signed-off-by: Eric Adams <eric.adams@intel.com> Change-Id: I9ef0bcde7c2ef22a04c32311d4571abc3b688ffe
2021-05-07EMCO deploy of addonsTodd Malsbary4-13/+137
An example is provided with instructions on how to install the addons with emcoctl. Addtionally, the containerized installer will populate /opt/kud/addons and /opt/kud/multi-cluster/$CLUSTER_NAME/artifacts with the files and instructions necessary as well. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I74de1c9d18a0aaec4a96e38684ec80f00ab0b940
2021-05-07Merge "Replace emco with openness-21.03 release"Ritu Sood1-5/+6
2021-05-04Add ovn4nfv addon helm chartTodd Malsbary1-0/+10
This chart follows the upstream installation guide with the following exceptions: - The node-role.kubernetes.io/master:NoSchedule taint is not removed. The YAML files already included the necessary tolerations. - No node labeling is done. Instead, the ovn-control-plane node selector is for the master role, and the nfn-operator pod affinity is for "role: ovn-control-plane". This ensures that the ovn-control-plane and nfn-operator run are scheduled on the same master node, equivalent to the labelling approach used upstream. Also, additional allowed capabilities are needed to run the pods with the restricted PodSecurityPolicy. These capabilities are requested by the Pods, but not available in the default set of allowed capabilities. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I54ae12434572e2e2dd1fe2ec9298d04557331d94
2021-05-04Replace emco with openness-21.03 releaseTodd Malsbary1-5/+6
This change also installs emcoctl in the artifacts directory, similar to what is done for kubectl by kubespray. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I8447210487578ceeef61afc7c3e4d97905303c8a
2021-03-30Set helm stable repo URL value to updated URLTodd Malsbary1-0/+1
Issue-ID: MULTICLOUD-1323 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Iac2046b6df4f76efc7f7745567740fffb9b8e72a
2020-12-10Merge "Containerized base installation directory change"Eric Multanen1-2/+2
2020-12-09Run all addon tests even when one failsTodd Malsbary1-3/+8
Previously the installer would exit immediately after a failure by one of the addon tests. Now, record the failure and run subsequent tests, then exit if any fail. Issue-ID: MULTICLOUD-1258 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I4fcad9b51b58277344de4fed0e40e87493dc3663
2020-12-10Merge "Enable pod security policies"Eric Multanen1-2/+34
2020-12-09Enable pod security policiesTodd Malsbary1-2/+34
The intention with this change is to disable CAP_NET_RAW (which can be a security vulnerability) for created Pods. kubespray provides the podsecuritypolicy_enabled variable for enabling privileged (for kube-system) and restricted (for everyone else) policies. Enabling this requires binding the KUD_ADDONs to the privileged policy and specifying the security context correctly for Pods running in the default namespace. As of this change, the only difference between the privileged and restricted security policies is the dropping of CAP_NET_RAW in the restricted policy. To use the default restricted policy provided with kubespray, additional changes must be made to the Pods that are run in the default namespace (such as runing as a non-root user, not requesting privileged mode, etc.). Issue-ID: MULTICLOUD-1256 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I7d6add122ad4046f9116ef03a249f5c9da1d7eec
2020-12-07Fix QAT addon deploy and testTodd Malsbary1-2/+2
Note that as mentioned in install_qat.sh, the kernel command line must include "intel_iommu=on iommu=pt" for the deploy and test to succeed. The underlying issue is that the playbook was expecting to be run on the same host it executed on and was looking for files in the wrong places. Issue-ID: MULTICLOUD-1261 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I5f59b9147f34f077fcdc63d7fc5f80b56977054c
2020-11-19Merge "Build and deploy sriov module only on supported hosts."Ritu Sood1-0/+2
2020-10-30Upgrade kubespray from 2.12.6 to 2.14.1Todd Malsbary2-7/+8
- Replace move of ansible.cfg from kubespray distribution to /etc/ansible with ANSIBLE_CONFIG environment variable. Ansible modifies ansible.cfg during installation, and the paths in it are relative. - kubespray 2.14.1 requires a kubernetes version > 1.16. Use the default versions of kubernetes and helm provided by kubespray 2.14.1. - kubespray 2.14.1 replaces helm 2 with helm 3. This removes support for helm init and helm serve. It is no longer necessary to call helm init, and the helm serve repository is replaced with file relative URLs. This also triggered a subsequent update of the kubernetes-helm ansible module to include the newer helm versions. - Add "storageType: hostPath" to etcd/values.yaml. Helm deploy of etcd will fail without this due to nil PersistentVolume.metadata.labels.type. - The mitogen module used by kubespray/ansible requires python2 on the hosts. Use the linear strategy to bypass mitogen and install python2 on the cluster hosts. Issue-ID: MULTICLOUD-1230 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I9f50bb4e123fdcacab6b6a97e79cd09fb5c96634
2020-10-05Build and deploy sriov module only on supported hosts.Todd Malsbary1-0/+2
Building on the target host fixes a couple issues: - In the containerized installer, the container image does not include the necessary kernel headers to build the module. - The build and target host must have the same kernel version. There is no guarantee of this. The deploy uses NFD, similar to the QAT playbook. Issue-ID: MULTICLOUD-1228 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I58705b73b8ce6d381b4649d5a20b8644e51e1b13
2020-09-23Add plugin_fw.sh test for v2 and run as part of installer.Todd Malsbary1-0/+6
To deploy to multiple clusters, set the KUD_PLUGIN_FW_CLUSTERS environment variable to the following format (an array of cluster data objects): [ { "metadata": { "name": "NAME", "description": "DESCRIPTION", "userData1": "USER_DATA_1", "userData2": "USER_DATA_2" }, "file": "KUBECONFIG_PATH" }, { ... } ] Issue-ID: MULTICLOUD-1217 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I4c80fbcef1162b441c4dfba4ce2bfd3ac419bc25
2020-09-23Enable installer.sh to use --plugins emco in place of onap4k8s.Todd1-20/+9
Issue-ID: MULTICLOUD-1181 Signed-off-by: Todd <todd.malsbary@intel.com> Change-Id: Ibfdf401d40398bf6b94543dedf4c860951d50de7
2020-06-22Containerized base installation directory changeYao Le1-2/+2
Change the directory to $HOME instead of /tmp which will refresh after reboot. Same with what we do in vagrant installation. Issue-ID: MULTICLOUD-1050 Signed-off-by: Yao Le <le.yao@intel.com> Change-Id: I413ac0b6c668851841e1bc39d0aafe132ec56ef8
2020-06-06optimize size and time using "--no-cache-dir"Pratik Raj1-2/+2
Using "--no-cache-dir" flag in pip install ,make sure dowloaded packages by pip don't cached on system . This is a best practise which make sure to fetch ftom repo instead of using local cached one . Further , in case of Docker Containers , by restricing caching , we can reduce image size. In term of stats , it depends upon the number of python packages multiplied by their respective size . e.g for heavy packages with a lot of dependencies it reduce a lot by don't caching pip packages. Further , more detail information can be found at https://medium.com/sciforce/strategies-of-docker-images-optimization-2ca9cc5719b6 Issue-ID: MULTICLOUD-1080 Signed-off-by: Pratik Raj <rajpratik71@gmail.com> Change-Id: Ib79fae7e69eb669e39bc3eb52373668367460ba2
2020-05-27Update the Kubernetes Version to 1.16Yao Le1-1/+3
Update kubespray to 2.12 to deploy Kubernetes 1.16 Issue-ID: MULTICLOUD-1063 Signed-off-by: Yao Le <le.yao@intel.com> Change-Id: I537f6395e5d05d8b72411dd1e0789e19972f1947
2020-05-26Fix the Multus Baremetal containerization testingr.kuralamudhan1-1/+1
- interface name will be different in each Baremetal - Multus testing good for Vagrant and AIO testing only Issue-ID: MULTICLOUD-1037 Co-authored-by: yu marin <weifei.yu@intel.com> Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com> Change-Id: I50786f07f0dbd9aadffda69d02597c85e2675203
2020-05-26Adding Multus test in vagrant and containerization installerKuralamudhan Ramakrishnan1-1/+1
Issue-ID: MULTICLOUD-1037 Co-authored-by: yu marin <weifei.yu@intel.com> Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com> Change-Id: Id07394cc454b3660fb5f06982fea020e93b26039
2020-05-20Update docker version in containerization soltuionr.kuralamudhan1-0/+2
Change docker version to fix kubespray issue in containerization soltuion Co-authored-by: Ritu Sood <ritu.sood@intel.com> Co-authored-by: Le yao <le.yao@intel.com> Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com> Issue-ID: MULTICLOUD-1073 Change-Id: Id575c64b1630127f1a06ce89ba5b89249d004956
2020-05-14remove the outdated SDWAN testingr.kuralamudhan1-17/+0
Issue-ID: MULTICLOUD-1071 Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com> Change-Id: Ia3818ee16393d8e8b2d465d354ce777192baca9e
2020-05-11Fixing README.md for containerization installationKuralamudhan Ramakrishnan2-4/+42
Issue-ID: MULTICLOUD-1068 Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com> Change-Id: I8ced72f4d9f13b9cb2305fc3778cdd65e933d778
2020-05-08Integrate Openness EAAChenjieXu1-1/+1
Openness EAA provides application/service registration and authentication. EAA is integrated by running EAA via ONAP4K8S. Issue-ID: MULTICLOUD-1044 Signed-off-by: ChenjieXu <chenjie.xu@intel.com> Change-Id: I66dffc5bcfc66675f6b62672e32496ec7f71454c
2020-05-05add cmk in KuDLiang Ding1-2/+2
- deploy cmk related pods - untaint compute nodes if necessary - run cmk unit tests: allocate CPUs from exclusive and shared pools - deploy a testing nginx pod along with cmk testing pods - preset 1/2 CPUs for shared/exlusive pools to fit CI server machines users can adjust the parameters to meet their own requirements Test Results: - many rounds of vagrant/5 VMs(controller01/02/03 and compute01/02) based test are all OK - 14 rounds tests on my local server (S2600WFQ (36C/72T) )and PC(HP Z228 (4C/4T)) with all-in-one bare metal deployment are all OK - CI(a 4C/4T machine) results of latest patch set also show that the test of bare metal deployment is OK - NOTE: both my local test and CI use the same testing method of calling aio.sh after applying the latest patch set. Change-Id: I046a4a63b94f92f23347ab76c21a661521e01119 Issue-ID: MULTICLOUD-879 Signed-off-by: Liang Ding <liang.ding@intel.com>
2019-12-19Fix verify build remove obs ppaMarcus G K Williams1-0/+3
Remove no longer public jonathonf ppa Issue-ID: CIMAN-359 Signed-off-by: Marcus G K Williams <marcus.williams@intel.com> Change-Id: I12a24a28914654127e3bd27e7814b42ecd897ca1
2019-11-22Adding SDWAN testing for KUD containerized installer scriptr.kuralamudhan1-0/+17
Please refer ICN SDWAN Module Design for architecture link:https://wiki.akraino.org/display/AK/SDWAN+Module+Design Issue-ID: MULTICLOUD-956 Co-authored-by: Huifeng Le <huifeng.le@intel.com> Signed-off-by: r.kuralamudhan <kuralamudhan.ramakrishnan@intel.com> Change-Id: I4bc35bc62f6bab52a5d290829f7406424d72d5ae
2019-11-20Enabling testing for the containerized installerr.kuralamudhan2-12/+11
Issue-ID: MULTICLOUD-942 Signed-off-by: r.kuralamudhan <kuralamudhan.ramakrishnan@intel.com> Change-Id: I4c5da84002135d856c5c3dcccf103aa52bb8a0f9
2019-11-07Optimizing the plugin option in containerized installerr.kuralamudhan2-9/+14
Issue-ID: MULTICLOUD-919 Signed-off-by: r.kuralamudhan <kuralamudhan.ramakrishnan@intel.com> Change-Id: I6850c2673b1d5e8e7ccc9d036a0a68fa896aa3ab
2019-10-30Bug fixes to containerized installer scriptKuralamudhan Ramakrishnan1-3/+16
Issue-ID: MULTICLOUD-905 Co-authored-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com> Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com> Change-Id: Ie9710146d4764f6b1f8ce11af9b28988131d75c8
2019-10-23Adding onap4ks installation script in kud containerized installerKuralamudhan Ramakrishnan2-3/+69
Issue-ID: MULTICLOUD-867 Co-authored-by: Pramod Raghavendra Jayathirth <pramod.raghavendra.jayathirth@intel.com> Co-authored-by: Ritu Sood <ritu.sood@intel.com> Change-Id: I37b8112bdd5809f1ae0eaa58ddb0d834d395e8d8 Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com>
2019-10-16Adding kud containerized featuresKuralamudhan Ramakrishnan5-0/+438
Issue-ID: MULTICLOUD-827 Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com> Change-Id: I0205459a032c8876943e9b50e61b2c315b138af9