aboutsummaryrefslogtreecommitdiffstats
path: root/kud
AgeCommit message (Collapse)AuthorFilesLines
2021-05-05Merge "Add cmk addon helm chart"Ritu Sood9-0/+654
2021-05-05Merge "Add sriov-network addon helm chart"Ritu Sood8-1/+420
2021-05-05Merge "Add ovn4nfv addon helm chart"Ritu Sood21-4/+1256
2021-05-05Merge "Add sriov-network-operator addon helm chart"Ritu Sood20-0/+1384
2021-05-04Add ovn4nfv addon helm chartTodd Malsbary21-4/+1256
This chart follows the upstream installation guide with the following exceptions: - The node-role.kubernetes.io/master:NoSchedule taint is not removed. The YAML files already included the necessary tolerations. - No node labeling is done. Instead, the ovn-control-plane node selector is for the master role, and the nfn-operator pod affinity is for "role: ovn-control-plane". This ensures that the ovn-control-plane and nfn-operator run are scheduled on the same master node, equivalent to the labelling approach used upstream. Also, additional allowed capabilities are needed to run the pods with the restricted PodSecurityPolicy. These capabilities are requested by the Pods, but not available in the default set of allowed capabilities. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I54ae12434572e2e2dd1fe2ec9298d04557331d94
2021-05-04Add sriov-network addon helm chartTodd Malsbary8-1/+420
This chart deploys the CR used by the sriov-network-operator. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I9364868d3e58fd64e51a77aaa934284fad86a1b1
2021-05-04Add sriov-network-operator addon helm chartTodd Malsbary20-0/+1384
This chart contains the upstream sriov-network-operator from k8snetworkplumbingwg together with an iavf driver installer. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ic925c66f8e2b28b7604240c3ed35b1a56883b60b
2021-04-30Merge "Remove unused cmk kud vars"Ritu Sood1-4/+0
2021-04-30Merge "Add nfd addon helm chart"Ritu Sood11-0/+619
2021-04-30Merge "Add multus addon helm chart"Ritu Sood10-0/+433
2021-04-30Merge "Add Makefile for addon helm charts"Ritu Sood2-0/+52
2021-04-30Merge "Upgrade vagrant version from 2.4 to 2.2.14"Ritu Sood1-1/+1
2021-04-30Merge "Use group libvirt instead of libvirtd"Ritu Sood1-1/+0
2021-04-29Add cmk addon helm chartTodd Malsbary9-0/+654
The chart follows the instructions laid out in the CMK operator manual, with the following notes: - The nodes are prepared by running each CMK subcommand as a Pod instead of running cmk cluster-init. The first reason for this is that the existing addon only deploys CMK to the worker nodes in the cluster. This is not possible using cluster-init without explicitly providing the list of worker nodes to cluster-init, and this list is unknown by helm. Instead it is sufficient to rely on the node-role.kubernetes.io/master:NoSchedule taint. The second reason is that cluster-init creates resources which are unknown to helm, thus uninstall does not behave as expected. - The v1.4.1 version of CMK is chosen. In v1.5.2, the description key of the cmk-nodereport resource is not correct. - All values listed as possibly requiring modification are exposed in values.yaml Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ibc75462de3729cd88edeb4b15602d57fe12791ca
2021-04-29Remove unused cmk kud varsTodd Malsbary1-4/+0
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I0c1d43de8506233eb62bde52641bb7fc95b422fc
2021-04-28Merge "Add X710 to iavf driver NICs"Ritu Sood3-10/+5
2021-04-28Add X710 to iavf driver NICsTodd Malsbary3-10/+5
Issue-ID: MULTICLOUD-1336 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I7a0ee4302c020e6b7ec785d6a85af636b6a85ecc
2021-04-09Add multus addon helm chartTodd Malsbary10-0/+433
- Support for calico configuration is present but currently disabled. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I2d2161564c4da2e165e5cf13cea92fae4935f8b2
2021-04-06Add Makefile for addon helm chartsTodd Malsbary2-0/+52
Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I90a9cf23a8fb01cbc579d2b6670b476494c2a7bb
2021-03-30Add nfd addon helm chartTodd Malsbary11-0/+619
This change adds iavf, qat, and pci device labels to the node feature discovery config. Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ie6296caf898983149483ac581428f2c80405bca8
2021-03-30Set helm stable repo URL value to updated URLTodd Malsbary2-0/+2
Issue-ID: MULTICLOUD-1323 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Iac2046b6df4f76efc7f7745567740fffb9b8e72a
2021-03-30Use group libvirt instead of libvirtdTodd Malsbary1-1/+0
This fixes the following error when running ./setup.sh -p libvirt: usermod: group 'libvirtd' does not exist Newer versions of Ubuntu appear to have renamed the libvirtd group to libvirt. Issue-ID: MULTICLOUD-1322 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I54ffc4558cb8945e8c9f9ca751518b20a6de64d0
2021-03-30Upgrade vagrant version from 2.4 to 2.2.14Todd Malsbary1-1/+1
This fixes the following error when running ./setup.sh -p libvirt: Installing the 'vagrant-libvirt' plugin. This can take a few minutes... Bundler, the underlying system Vagrant uses to install plugins, reported an error. The error is shown below. These errors are usually caused by misconfigured plugin installations or transient network issues. The error from Bundler is: nokogiri requires Ruby version < 3.1.dev, >= 2.5. Issue-ID: MULTICLOUD-1321 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ia867df9df3ec1cc27e2f17df4a72ffc88f6bdf44
2021-03-09Merge "Enable plugin_fw.sh to preserve CNF after tests"Ritu Sood1-10/+23
2021-03-09Correct get-pip.py url for python2.7Konrad Bańka2-2/+2
It turned out prior url has been further changed and pip is unavailable by it. Issue-ID: MULTICLOUD-1255 Signed-off-by: Konrad Bańka <k.banka@samsung.com> Change-Id: Id5c9285f74bda17c28ac56de8a847ab74005beba
2021-03-09Enable plugin_fw.sh to preserve CNF after testsKonrad Bańka1-10/+23
Issue-ID: MULTICLOUD-1306 Signed-off-by: Konrad Bańka <k.banka@samsung.com> Change-Id: Iea0c2e2a36adadc81860f622f04e85a389f53e0c
2021-02-23Correct pip url due to using python2.7Konrad Bańka1-1/+1
Issue-ID: MULTICLOUD-1255 Signed-off-by: Konrad Bańka <k.banka@samsung.com> Change-Id: I800c4bdbe1fecc61f196ac3098910ae4278bf0cf
2021-01-29get-pip.py error on Python 2.7Ritu Sood1-1/+1
invalid syntax error when KUD is deployed sys.stderr.write(f"ERROR: {exc}") SyntaxError: invalid syntax Issue-ID: MULTICLOUD-1255 Signed-off-by: Ritu Sood <ritu.sood@intel.com> Change-Id: Ia4ecbad5735617a5606cbce2ed93a58cb7322cb5
2021-01-24Merge "Fix the nodeSelector indent and define name"Ritu Sood3-5/+5
2020-12-10Merge "Containerized base installation directory change"Eric Multanen1-2/+2
2020-12-09Run all addon tests even when one failsTodd Malsbary2-4/+14
Previously the installer would exit immediately after a failure by one of the addon tests. Now, record the failure and run subsequent tests, then exit if any fail. Issue-ID: MULTICLOUD-1258 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I4fcad9b51b58277344de4fed0e40e87493dc3663
2020-12-10Merge "Fix broken virtlet image URL"Eric Multanen1-1/+1
2020-12-10Merge "Fix sriov test in baremetal deploy"Eric Multanen1-9/+4
2020-12-10Merge "Enable pod security policies"Eric Multanen6-4/+107
2020-12-09Enable pod security policiesTodd Malsbary6-4/+107
The intention with this change is to disable CAP_NET_RAW (which can be a security vulnerability) for created Pods. kubespray provides the podsecuritypolicy_enabled variable for enabling privileged (for kube-system) and restricted (for everyone else) policies. Enabling this requires binding the KUD_ADDONs to the privileged policy and specifying the security context correctly for Pods running in the default namespace. As of this change, the only difference between the privileged and restricted security policies is the dropping of CAP_NET_RAW in the restricted policy. To use the default restricted policy provided with kubespray, additional changes must be made to the Pods that are run in the default namespace (such as runing as a non-root user, not requesting privileged mode, etc.). Issue-ID: MULTICLOUD-1256 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I7d6add122ad4046f9116ef03a249f5c9da1d7eec
2020-12-07Fix QAT addon deploy and testTodd Malsbary5-103/+82
Note that as mentioned in install_qat.sh, the kernel command line must include "intel_iommu=on iommu=pt" for the deploy and test to succeed. The underlying issue is that the playbook was expecting to be run on the same host it executed on and was looking for files in the wrong places. Issue-ID: MULTICLOUD-1261 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I5f59b9147f34f077fcdc63d7fc5f80b56977054c
2020-12-03Fix sriov test in baremetal deployTodd Malsbary1-9/+4
The test incorrectly checked the node running the test for sriov feature support. This fix now checks the cluster for it. Issue-ID: MULTICLOUD-1260 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I869823cc062968c8ac7b9fa037d425244a03799c
2020-12-02Fix broken virtlet image URLTodd Malsbary1-1/+1
Issue-ID: MULTICLOUD-1259 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I92cc722818b9023b4aa29d191cf92e2c319f957b
2020-11-23Fix the nodeSelector indent and define nameLe Yao3-5/+5
Deploy the sdewan controller on master node Change sdewan-contoller-manager to sdewan-crd-controller Issue-ID: MULTICLOUD-1253 Signed-off-by: Le Yao <le.yao@intel.com> Change-Id: Ic55744914266278f1c344c10af587d41f4426918
2020-11-19Fix CrashLoopBackoff in emco-fluentd PodTodd Malsbary1-0/+4
The emco-fluentd pod is stuck in CrashLoopBackOff due to a failure to resolve the "cluster.local" name. Explicitly set the fluentd.clusterDomain value to the actual cluster name during helm install. Issue-ID: MULTICLOUD-1244 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: Ia6424e7ce8d4544511ad88c478e65fa8c4df0c52
2020-11-19Merge "Build and deploy sriov module only on supported hosts."Ritu Sood7-89/+100
2020-11-19Merge "Update multus-daemonset.yml to that of multus-cni v3.6 release"Ritu Sood1-17/+45
2020-11-19Merge "Upgrade kubespray from 2.12.6 to 2.14.1"Ritu Sood12-59/+38
2020-11-19Merge "Use same host in both copy and run of deploy_optane.sh"Ritu Sood2-9/+9
2020-11-19Merge "Ignore 404 when deleting non-existent project in emco.sh"Ritu Sood1-1/+1
2020-11-19Merge "Properly escape query string to jq"Ritu Sood1-2/+2
2020-11-11Update multus-daemonset.yml to that of multus-cni v3.6 releaseTodd Malsbary1-17/+45
The only change to the upstream yml is the removal of the kube-multus-ds-ppc64le DaemonSet and the replacement of "default-cni-network" with "cni0". Note also that the v3.6 yml actually uses the v3.4.1 image tag. The yml now points to a v3.4.1 image with the addition of code to merge the results from all delegates to support Virtlet. Issue-ID: MULTICLOUD-1230 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I0e18644a567facfac1fd7dc1c053002b2d906288
2020-10-30Upgrade kubespray from 2.12.6 to 2.14.1Todd Malsbary12-59/+38
- Replace move of ansible.cfg from kubespray distribution to /etc/ansible with ANSIBLE_CONFIG environment variable. Ansible modifies ansible.cfg during installation, and the paths in it are relative. - kubespray 2.14.1 requires a kubernetes version > 1.16. Use the default versions of kubernetes and helm provided by kubespray 2.14.1. - kubespray 2.14.1 replaces helm 2 with helm 3. This removes support for helm init and helm serve. It is no longer necessary to call helm init, and the helm serve repository is replaced with file relative URLs. This also triggered a subsequent update of the kubernetes-helm ansible module to include the newer helm versions. - Add "storageType: hostPath" to etcd/values.yaml. Helm deploy of etcd will fail without this due to nil PersistentVolume.metadata.labels.type. - The mitogen module used by kubespray/ansible requires python2 on the hosts. Use the linear strategy to bypass mitogen and install python2 on the cluster hosts. Issue-ID: MULTICLOUD-1230 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I9f50bb4e123fdcacab6b6a97e79cd09fb5c96634
2020-10-30Use same host in both copy and run of deploy_optane.shTodd Malsbary2-9/+9
NOTE: This is not a complete fix, it is only a workaround so that installer.sh can succeed when Optane hardware is not present. Without this, "No such file or directory" is reported during the "Apply Optane PMEM CSI Daemonset" task of the configure-optane playbook. This error was observed with kubespray 2.14.1 and not with 2.12.6. Issue-ID: MULTICLOUD-1234 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I1e23741d704ab117a84b4ed11e2f7ac02f0f2ec2
2020-10-30Ignore 404 when deleting non-existent project in emco.shTodd Malsbary1-1/+1
The delete is run at the start of the test, it is expected that the resource does not exist. Issue-ID: MULTICLOUD-1243 Signed-off-by: Todd Malsbary <todd.malsbary@intel.com> Change-Id: I1b060ec8f17fd4b9b76ed03d8dc3bd7c21756690