| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
The default is 2.14.1 (the existing value). Setting
KUBESPRAY_VERSION=2.16.0 in the installer environment uses the newer
Kubespray version.
The newer Kubespray version installs Kubernetes 1.20.7. Kubernetes
1.20.7 comes with following caveats:
- The Virtlet addon is disabled; it does not work with 1.20.7. This
requires removing the plugin_fw test as well.
- Kubernetes 1.20.7 removed support for basic auth.
Issue-ID: MULTICLOUD-1251
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: Ic8b9fb1f3effc31da58de5bb3768ed9e509d50de
|
|
SR-IOV wants to drain the nodes during reconciliation of SriovNetwork
resources, while KubeVirt wants to keep at least one instance running
at all times via a PodDisruptionBudget.
KubeVirt's behavior is not customizable, so split the addons into
different composite apps that allow finer control of the instantiation
order.
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I15c5cec3ef524b0b1d60dc201e04157272cbe376
|
|
|
|
The moves the addons from the default namespace into their own, "kud"
namespace.
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I5476c7634af7affe1b6bbd7d2bf9b5cd7a8206e5
|
|
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: Ifd8ae34b8f04da52acc4c3a6a8259d1bcd05616c
|
|
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I5e2c2ebe5af7ee86cc213f0861516664cf4399a7
|
|
Issue-ID: MULTICLOUD-1375
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I0433a55ef2ac9caba976a267fa9e1f41d5353248
|
|
Issue-ID: MULTICLOUD-1370
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: If3b71f64b5994bbe6bd68e2b620452f4081cd705
|
|
|
|
A dependency of kubespray-2.14 now requires python3. Specifically,
ruamel.yaml now fetches ruamel.yaml.clib-0.2.4 whereas it used to
fetch ruamel.yaml.clib-0.2.2. The 0.2.4 requires python 3.5 or
greater.
Issue-ID: MULTICLOUD-1369
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: Ia362d5adfbe6e08750b493dbceea17df640f26ed
|
|
This chart contains the ovn-networkobj NetworkAttachmentDefinition
required by EMCO.
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: Iaf10bacaf7ff263b165ca18a427958f7e75c3628
|
|
Some minor refactoring of _functions.sh was done to allow setup and
related functions to use the "vmi" resource type in addition to the
"deployment" type.
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I42b5ef1c48412675a095f2aab68a0efdfdbe0df9
|
|
|
|
|
|
|
|
The steps performed by the existing ansible playbook can be
performed directly by kubespray. In addtion, fix and enable the
topology-manager.sh test.
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: Iee2197c1fc3e35288796399cccff0d3ae0925a6c
|
|
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I6ba134140f0aca6717c656ffa35c6576426a8b98
|
|
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I90b33cd99c42017b50f3174b6f9033a861e11dd3
|
|
Specifying 'latest' as the docker_version without specifying a
compatible version of containerd can lead to package dependency
errors. Let kubespray select the versions to ensure consistency.
Also, installing docker from vagrant installer instead of letting
kubespray install it can lead to the same issues.
Issue-ID: MULTICLOUD-1359
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: Iff41682fa0897fae8200e0f179137af844e314c0
|
|
webhook
Issue-ID: MULTICLOUD-1320
Signed-off-by: Eric Adams <eric.adams@intel.com>
Change-Id: I9ef0bcde7c2ef22a04c32311d4571abc3b688ffe
|
|
An example is provided with instructions on how to install the addons
with emcoctl. Addtionally, the containerized installer will populate
/opt/kud/addons and /opt/kud/multi-cluster/$CLUSTER_NAME/artifacts
with the files and instructions necessary as well.
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I74de1c9d18a0aaec4a96e38684ec80f00ab0b940
|
|
|
|
|
|
This chart follows the upstream installation guide with the following
exceptions:
- The node-role.kubernetes.io/master:NoSchedule taint is not removed.
The YAML files already included the necessary tolerations.
- No node labeling is done. Instead, the ovn-control-plane node
selector is for the master role, and the nfn-operator pod affinity
is for "role: ovn-control-plane". This ensures that the
ovn-control-plane and nfn-operator run are scheduled on the same
master node, equivalent to the labelling approach used upstream.
Also, additional allowed capabilities are needed to run the pods with
the restricted PodSecurityPolicy. These capabilities are requested by
the Pods, but not available in the default set of allowed
capabilities.
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I54ae12434572e2e2dd1fe2ec9298d04557331d94
|
|
This change also installs emcoctl in the artifacts directory, similar
to what is done for kubectl by kubespray.
Issue-ID: MULTICLOUD-1324
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I8447210487578ceeef61afc7c3e4d97905303c8a
|
|
|
|
|
|
Issue-ID: MULTICLOUD-1323
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: Iac2046b6df4f76efc7f7745567740fffb9b8e72a
|
|
This fixes the following error when running ./setup.sh -p libvirt:
usermod: group 'libvirtd' does not exist
Newer versions of Ubuntu appear to have renamed the libvirtd group to
libvirt.
Issue-ID: MULTICLOUD-1322
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I54ffc4558cb8945e8c9f9ca751518b20a6de64d0
|
|
This fixes the following error when running ./setup.sh -p libvirt:
Installing the 'vagrant-libvirt' plugin. This can take a few minutes...
Bundler, the underlying system Vagrant uses to install plugins,
reported an error. The error is shown below. These errors are usually
caused by misconfigured plugin installations or transient network
issues. The error from Bundler is:
nokogiri requires Ruby version < 3.1.dev, >= 2.5.
Issue-ID: MULTICLOUD-1321
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: Ia867df9df3ec1cc27e2f17df4a72ffc88f6bdf44
|
|
It turned out prior url has been further changed and pip is unavailable
by it.
Issue-ID: MULTICLOUD-1255
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Change-Id: Id5c9285f74bda17c28ac56de8a847ab74005beba
|
|
Issue-ID: MULTICLOUD-1255
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Change-Id: I800c4bdbe1fecc61f196ac3098910ae4278bf0cf
|
|
invalid syntax error when KUD is deployed
sys.stderr.write(f"ERROR: {exc}") SyntaxError: invalid syntax
Issue-ID: MULTICLOUD-1255
Signed-off-by: Ritu Sood <ritu.sood@intel.com>
Change-Id: Ia4ecbad5735617a5606cbce2ed93a58cb7322cb5
|
|
|
|
Previously the installer would exit immediately after a failure by one
of the addon tests. Now, record the failure and run subsequent tests,
then exit if any fail.
Issue-ID: MULTICLOUD-1258
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I4fcad9b51b58277344de4fed0e40e87493dc3663
|
|
|
|
The intention with this change is to disable CAP_NET_RAW (which can be
a security vulnerability) for created Pods.
kubespray provides the podsecuritypolicy_enabled variable for enabling
privileged (for kube-system) and restricted (for everyone else)
policies. Enabling this requires binding the KUD_ADDONs to the
privileged policy and specifying the security context correctly for
Pods running in the default namespace.
As of this change, the only difference between the privileged and
restricted security policies is the dropping of CAP_NET_RAW in the
restricted policy. To use the default restricted policy provided with
kubespray, additional changes must be made to the Pods that are run in
the default namespace (such as runing as a non-root user, not
requesting privileged mode, etc.).
Issue-ID: MULTICLOUD-1256
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I7d6add122ad4046f9116ef03a249f5c9da1d7eec
|
|
Note that as mentioned in install_qat.sh, the kernel command line must
include "intel_iommu=on iommu=pt" for the deploy and test to succeed.
The underlying issue is that the playbook was expecting to be run on
the same host it executed on and was looking for files in the wrong
places.
Issue-ID: MULTICLOUD-1261
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I5f59b9147f34f077fcdc63d7fc5f80b56977054c
|
|
|
|
- Replace move of ansible.cfg from kubespray distribution to
/etc/ansible with ANSIBLE_CONFIG environment variable. Ansible
modifies ansible.cfg during installation, and the paths in it are
relative.
- kubespray 2.14.1 requires a kubernetes version > 1.16. Use the
default versions of kubernetes and helm provided by kubespray
2.14.1.
- kubespray 2.14.1 replaces helm 2 with helm 3. This removes support
for helm init and helm serve. It is no longer necessary to call
helm init, and the helm serve repository is replaced with file
relative URLs. This also triggered a subsequent update of the
kubernetes-helm ansible module to include the newer helm versions.
- Add "storageType: hostPath" to etcd/values.yaml. Helm deploy of
etcd will fail without this due to nil
PersistentVolume.metadata.labels.type.
- The mitogen module used by kubespray/ansible requires python2 on the
hosts. Use the linear strategy to bypass mitogen and install
python2 on the cluster hosts.
Issue-ID: MULTICLOUD-1230
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I9f50bb4e123fdcacab6b6a97e79cd09fb5c96634
|
|
Building on the target host fixes a couple issues:
- In the containerized installer, the container image does not include
the necessary kernel headers to build the module.
- The build and target host must have the same kernel version. There
is no guarantee of this.
The deploy uses NFD, similar to the QAT playbook.
Issue-ID: MULTICLOUD-1228
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I58705b73b8ce6d381b4649d5a20b8644e51e1b13
|
|
To deploy to multiple clusters, set the KUD_PLUGIN_FW_CLUSTERS
environment variable to the following format (an array of cluster data
objects):
[
{
"metadata": {
"name": "NAME",
"description": "DESCRIPTION",
"userData1": "USER_DATA_1",
"userData2": "USER_DATA_2"
},
"file": "KUBECONFIG_PATH"
},
{
...
}
]
Issue-ID: MULTICLOUD-1217
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I4c80fbcef1162b441c4dfba4ce2bfd3ac419bc25
|
|
Issue-ID: MULTICLOUD-1181
Signed-off-by: Todd <todd.malsbary@intel.com>
Change-Id: Ibfdf401d40398bf6b94543dedf4c860951d50de7
|
|
Integrate topology manager by utilizing ansible
scripts from openness.
Issue-ID: MULTICLOUD-1102
Signed-off-by: ChenjieXu <chenjie.xu@intel.com>
Change-Id: Ibaaf77e44c97edffe1ae03bf77c2422c89783e75
|
|
|
|
Updates the kud/hosting_providers/vagrant/README.md to include
info about the ./config/samples/pdf.yml.* sample files.
Issue-ID: MULTICLOUD-1129
Change-Id: I5ab02948932d8a9e9e5a8cfc65350726183cd78d
Signed-off-by: Larry Sachs <larry.j.sachs@intel.com>
|
|
host_providers/vagrant/setup.sh -p virtualbox
update to /etc/apt/sources.list is now 'bionic' (was 'trusty')
Issue-ID: MULTICLOUD-1122
Signed-off-by: Larry Sachs <larry.j.sachs@intel.com>
Change-Id: I0cd989466bab4a571b9e18a5e666c8516b168c1d
|
|
Updates the Baremetal README.md with info from
https://wiki.onap.org/display/DW/Kubernetes+Baremetal+deployment+setup+instructions
These scripts were tested on Ubuntu 18.04
Issue-ID: MULTICLOUD-1108
Change-Id: I16d41f3459deef16d156aa85a115aee57b78cf09
Signed-off-by: Larry Sachs <larry.j.sachs@intel.com>
|
|
Change the directory to $HOME instead of /tmp which will refresh after reboot.
Same with what we do in vagrant installation.
Issue-ID: MULTICLOUD-1050
Signed-off-by: Yao Le <le.yao@intel.com>
Change-Id: I413ac0b6c668851841e1bc39d0aafe132ec56ef8
|
Ritu Sood
Todd Malsbary
Eric Multanen
Eric Adams
Konrad Bańka
chenjie1
Larry Sachs
Yao Le