summaryrefslogtreecommitdiffstats
path: root/kud/hosting_providers
AgeCommit message (Collapse)AuthorFilesLines
2021-10-22Merge "Allow KuD installer to specify Kubespray 2.14.1 or 2.16.0"Ritu Sood5-27/+60
2021-10-12Allow KuD installer to specify Kubespray 2.14.1 or 2.16.00.9.2Todd Malsbary5-27/+60
The default is 2.14.1 (the existing value). Setting KUBESPRAY_VERSION=2.16.0 in the installer environment uses the newer Kubespray version. The newer Kubespray version installs Kubernetes 1.20.7. Kubernetes 1.20.7 comes with following caveats: - The Virtlet addon is disabled; it does not work with 1.20.7. This requires removing the plugin_fw test as well. - Kubernetes 1.20.7 removed support for basic auth. Issue-ID: MULTICLOUD-1251 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ic8b9fb1f3effc31da58de5bb3768ed9e509d50de
2021-09-15Fix KubeVirt and SR-IOV addon interactionTodd Malsbary2-39/+49
SR-IOV wants to drain the nodes during reconciliation of SriovNetwork resources, while KubeVirt wants to keep at least one instance running at all times via a PodDisruptionBudget. KubeVirt's behavior is not customizable, so split the addons into different composite apps that allow finer control of the instantiation order. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I15c5cec3ef524b0b1d60dc201e04157272cbe376
2021-08-25Merge "Replace virtlet with kubevirt in plugin_fw_v2"Ritu Sood1-0/+3
2021-08-17Use EMCO logical cloud with addonsTodd Malsbary1-1/+1
The moves the addons from the default namespace into their own, "kud" namespace. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I5476c7634af7affe1b6bbd7d2bf9b5cd7a8206e5
2021-08-17Replace virtlet with kubevirt in plugin_fw_v2Todd Malsbary1-0/+3
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ifd8ae34b8f04da52acc4c3a6a8259d1bcd05616c
2021-07-28Add kubevirt to list of EMCO deployed addonsTodd Malsbary2-0/+10
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I5e2c2ebe5af7ee86cc213f0861516664cf4399a7
2021-07-16Update KUD to python3Todd Malsbary5-17/+25
Issue-ID: MULTICLOUD-1375 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I0433a55ef2ac9caba976a267fa9e1f41d5353248
2021-06-30Fix error when attempting to remove missing webhookTodd Malsbary1-1/+1
Issue-ID: MULTICLOUD-1370 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: If3b71f64b5994bbe6bd68e2b620452f4081cd705
2021-06-30Merge "Add ovn4nfv-network addon"Ritu Sood2-1/+2
2021-06-28Update python version used in KUD installers to python3Todd Malsbary2-28/+22
A dependency of kubespray-2.14 now requires python3. Specifically, ruamel.yaml now fetches ruamel.yaml.clib-0.2.4 whereas it used to fetch ruamel.yaml.clib-0.2.2. The 0.2.4 requires python 3.5 or greater. Issue-ID: MULTICLOUD-1369 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ia362d5adfbe6e08750b493dbceea17df640f26ed
2021-06-24Add ovn4nfv-network addonTodd Malsbary2-1/+2
This chart contains the ovn-networkobj NetworkAttachmentDefinition required by EMCO. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Iaf10bacaf7ff263b165ca18a427958f7e75c3628
2021-06-24Add kubevirt testTodd Malsbary1-1/+1
Some minor refactoring of _functions.sh was done to allow setup and related functions to use the "vmi" resource type in addition to the "deployment" type. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I42b5ef1c48412675a095f2aab68a0efdfdbe0df9
2021-06-24Merge "Move topology-manager configuration to kubespray"Eric Multanen4-3/+15
2021-06-24Merge "Refactor EMCO deploy of addons"Eric Multanen4-48/+46
2021-06-24Merge "Add kubevirt and cdi addon helm charts"Eric Multanen1-1/+1
2021-06-21Move topology-manager configuration to kubesprayTodd Malsbary4-3/+15
The steps performed by the existing ansible playbook can be performed directly by kubespray. In addtion, fix and enable the topology-manager.sh test. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Iee2197c1fc3e35288796399cccff0d3ae0925a6c
2021-06-15Add kubevirt and cdi addon helm chartsTodd Malsbary1-1/+1
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I6ba134140f0aca6717c656ffa35c6576426a8b98
2021-06-09Refactor EMCO deploy of addonsTodd Malsbary4-48/+46
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I90b33cd99c42017b50f3174b6f9033a861e11dd3
2021-06-07Let kubespray choose installed docker versionTodd Malsbary3-42/+0
Specifying 'latest' as the docker_version without specifying a compatible version of containerd can lead to package dependency errors. Let kubespray select the versions to ensure consistency. Also, installing docker from vagrant installer instead of letting kubespray install it can lead to the same issues. Issue-ID: MULTICLOUD-1359 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Iff41682fa0897fae8200e0f179137af844e314c0
2021-05-20Added initial kata files and containerd support as well as adding the Kata ↵Eric Adams4-28/+184
webhook Issue-ID: MULTICLOUD-1320 Signed-off-by: Eric Adams <eric.adams@intel.com> Change-Id: I9ef0bcde7c2ef22a04c32311d4571abc3b688ffe
2021-05-07EMCO deploy of addonsTodd Malsbary5-15/+139
An example is provided with instructions on how to install the addons with emcoctl. Addtionally, the containerized installer will populate /opt/kud/addons and /opt/kud/multi-cluster/$CLUSTER_NAME/artifacts with the files and instructions necessary as well. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I74de1c9d18a0aaec4a96e38684ec80f00ab0b940
2021-05-07Merge "Replace emco with openness-21.03 release"Ritu Sood2-6/+9
2021-05-05Merge "Add ovn4nfv addon helm chart"Ritu Sood2-0/+20
2021-05-04Add ovn4nfv addon helm chartTodd Malsbary2-0/+20
This chart follows the upstream installation guide with the following exceptions: - The node-role.kubernetes.io/master:NoSchedule taint is not removed. The YAML files already included the necessary tolerations. - No node labeling is done. Instead, the ovn-control-plane node selector is for the master role, and the nfn-operator pod affinity is for "role: ovn-control-plane". This ensures that the ovn-control-plane and nfn-operator run are scheduled on the same master node, equivalent to the labelling approach used upstream. Also, additional allowed capabilities are needed to run the pods with the restricted PodSecurityPolicy. These capabilities are requested by the Pods, but not available in the default set of allowed capabilities. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I54ae12434572e2e2dd1fe2ec9298d04557331d94
2021-05-04Replace emco with openness-21.03 releaseTodd Malsbary2-6/+9
This change also installs emcoctl in the artifacts directory, similar to what is done for kubectl by kubespray. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I8447210487578ceeef61afc7c3e4d97905303c8a
2021-04-30Merge "Upgrade vagrant version from 2.4 to 2.2.14"Ritu Sood1-1/+1
2021-04-30Merge "Use group libvirt instead of libvirtd"Ritu Sood1-1/+0
2021-03-30Set helm stable repo URL value to updated URLTodd Malsbary2-0/+2
Issue-ID: MULTICLOUD-1323 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Iac2046b6df4f76efc7f7745567740fffb9b8e72a
2021-03-30Use group libvirt instead of libvirtdTodd Malsbary1-1/+0
This fixes the following error when running ./setup.sh -p libvirt: usermod: group 'libvirtd' does not exist Newer versions of Ubuntu appear to have renamed the libvirtd group to libvirt. Issue-ID: MULTICLOUD-1322 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I54ffc4558cb8945e8c9f9ca751518b20a6de64d0
2021-03-30Upgrade vagrant version from 2.4 to 2.2.14Todd Malsbary1-1/+1
This fixes the following error when running ./setup.sh -p libvirt: Installing the 'vagrant-libvirt' plugin. This can take a few minutes... Bundler, the underlying system Vagrant uses to install plugins, reported an error. The error is shown below. These errors are usually caused by misconfigured plugin installations or transient network issues. The error from Bundler is: nokogiri requires Ruby version < 3.1.dev, >= 2.5. Issue-ID: MULTICLOUD-1321 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ia867df9df3ec1cc27e2f17df4a72ffc88f6bdf44
2021-03-09Correct get-pip.py url for python2.7Konrad Bańka2-2/+2
It turned out prior url has been further changed and pip is unavailable by it. Issue-ID: MULTICLOUD-1255 Signed-off-by: Konrad Bańka <k.banka@samsung.com> Change-Id: Id5c9285f74bda17c28ac56de8a847ab74005beba
2021-02-23Correct pip url due to using python2.7Konrad Bańka1-1/+1
Issue-ID: MULTICLOUD-1255 Signed-off-by: Konrad Bańka <k.banka@samsung.com> Change-Id: I800c4bdbe1fecc61f196ac3098910ae4278bf0cf
2021-01-29get-pip.py error on Python 2.7Ritu Sood1-1/+1
invalid syntax error when KUD is deployed sys.stderr.write(f"ERROR: {exc}") SyntaxError: invalid syntax Issue-ID: MULTICLOUD-1255 Signed-off-by: Ritu Sood <ritu.sood@intel.com> Change-Id: Ia4ecbad5735617a5606cbce2ed93a58cb7322cb5
2020-12-10Merge "Containerized base installation directory change"Eric Multanen1-2/+2
2020-12-09Run all addon tests even when one failsTodd Malsbary2-4/+14
Previously the installer would exit immediately after a failure by one of the addon tests. Now, record the failure and run subsequent tests, then exit if any fail. Issue-ID: MULTICLOUD-1258 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I4fcad9b51b58277344de4fed0e40e87493dc3663
2020-12-10Merge "Enable pod security policies"Eric Multanen2-2/+68
2020-12-09Enable pod security policiesTodd Malsbary2-2/+68
The intention with this change is to disable CAP_NET_RAW (which can be a security vulnerability) for created Pods. kubespray provides the podsecuritypolicy_enabled variable for enabling privileged (for kube-system) and restricted (for everyone else) policies. Enabling this requires binding the KUD_ADDONs to the privileged policy and specifying the security context correctly for Pods running in the default namespace. As of this change, the only difference between the privileged and restricted security policies is the dropping of CAP_NET_RAW in the restricted policy. To use the default restricted policy provided with kubespray, additional changes must be made to the Pods that are run in the default namespace (such as runing as a non-root user, not requesting privileged mode, etc.). Issue-ID: MULTICLOUD-1256 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I7d6add122ad4046f9116ef03a249f5c9da1d7eec
2020-12-07Fix QAT addon deploy and testTodd Malsbary1-2/+2
Note that as mentioned in install_qat.sh, the kernel command line must include "intel_iommu=on iommu=pt" for the deploy and test to succeed. The underlying issue is that the playbook was expecting to be run on the same host it executed on and was looking for files in the wrong places. Issue-ID: MULTICLOUD-1261 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I5f59b9147f34f077fcdc63d7fc5f80b56977054c
2020-11-19Merge "Build and deploy sriov module only on supported hosts."Ritu Sood2-0/+4
2020-10-30Upgrade kubespray from 2.12.6 to 2.14.1Todd Malsbary4-11/+11
- Replace move of ansible.cfg from kubespray distribution to /etc/ansible with ANSIBLE_CONFIG environment variable. Ansible modifies ansible.cfg during installation, and the paths in it are relative. - kubespray 2.14.1 requires a kubernetes version > 1.16. Use the default versions of kubernetes and helm provided by kubespray 2.14.1. - kubespray 2.14.1 replaces helm 2 with helm 3. This removes support for helm init and helm serve. It is no longer necessary to call helm init, and the helm serve repository is replaced with file relative URLs. This also triggered a subsequent update of the kubernetes-helm ansible module to include the newer helm versions. - Add "storageType: hostPath" to etcd/values.yaml. Helm deploy of etcd will fail without this due to nil PersistentVolume.metadata.labels.type. - The mitogen module used by kubespray/ansible requires python2 on the hosts. Use the linear strategy to bypass mitogen and install python2 on the cluster hosts. Issue-ID: MULTICLOUD-1230 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I9f50bb4e123fdcacab6b6a97e79cd09fb5c96634
2020-10-05Build and deploy sriov module only on supported hosts.Todd Malsbary2-0/+4
Building on the target host fixes a couple issues: - In the containerized installer, the container image does not include the necessary kernel headers to build the module. - The build and target host must have the same kernel version. There is no guarantee of this. The deploy uses NFD, similar to the QAT playbook. Issue-ID: MULTICLOUD-1228 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I58705b73b8ce6d381b4649d5a20b8644e51e1b13
2020-09-23Add plugin_fw.sh test for v2 and run as part of installer.Todd Malsbary1-0/+6
To deploy to multiple clusters, set the KUD_PLUGIN_FW_CLUSTERS environment variable to the following format (an array of cluster data objects): [ { "metadata": { "name": "NAME", "description": "DESCRIPTION", "userData1": "USER_DATA_1", "userData2": "USER_DATA_2" }, "file": "KUBECONFIG_PATH" }, { ... } ] Issue-ID: MULTICLOUD-1217 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I4c80fbcef1162b441c4dfba4ce2bfd3ac419bc25
2020-09-23Enable installer.sh to use --plugins emco in place of onap4k8s.Todd1-20/+9
Issue-ID: MULTICLOUD-1181 Signed-off-by: Todd <todd.malsbary@intel.com> Change-Id: Ibfdf401d40398bf6b94543dedf4c860951d50de7
2020-08-10Integrate Topology Managerchenjie11-2/+2
Integrate topology manager by utilizing ansible scripts from openness. Issue-ID: MULTICLOUD-1102 Signed-off-by: ChenjieXu <chenjie.xu@intel.com> Change-Id: Ibaaf77e44c97edffe1ae03bf77c2422c89783e75
2020-07-17Merge "Update host_providers/vagrant/setup.sh for virtualbox"Ritu Sood1-1/+1
2020-07-17Update vagrant readme to include info about sample yml filesLarry Sachs1-0/+8
Updates the kud/hosting_providers/vagrant/README.md to include info about the ./config/samples/pdf.yml.* sample files. Issue-ID: MULTICLOUD-1129 Change-Id: I5ab02948932d8a9e9e5a8cfc65350726183cd78d Signed-off-by: Larry Sachs <larry.j.sachs@intel.com>
2020-07-08Update host_providers/vagrant/setup.sh for virtualboxLarry Sachs1-1/+1
host_providers/vagrant/setup.sh -p virtualbox update to /etc/apt/sources.list is now 'bionic' (was 'trusty') Issue-ID: MULTICLOUD-1122 Signed-off-by: Larry Sachs <larry.j.sachs@intel.com> Change-Id: I0cd989466bab4a571b9e18a5e666c8516b168c1d
2020-07-08Update Baremetal Deployment READMELarry Sachs1-8/+113
Updates the Baremetal README.md with info from https://wiki.onap.org/display/DW/Kubernetes+Baremetal+deployment+setup+instructions These scripts were tested on Ubuntu 18.04 Issue-ID: MULTICLOUD-1108 Change-Id: I16d41f3459deef16d156aa85a115aee57b78cf09 Signed-off-by: Larry Sachs <larry.j.sachs@intel.com>
2020-06-22Containerized base installation directory changeYao Le1-2/+2
Change the directory to $HOME instead of /tmp which will refresh after reboot. Same with what we do in vagrant installation. Issue-ID: MULTICLOUD-1050 Signed-off-by: Yao Le <le.yao@intel.com> Change-Id: I413ac0b6c668851841e1bc39d0aafe132ec56ef8