From 6547e45fd9f60437811ef35b9d101cdaef494542 Mon Sep 17 00:00:00 2001
From: Bin Yang <bin.yang@windriver.com>
Date: Sun, 23 Feb 2020 20:18:41 +0800
Subject: Add cnf for firewall with network of sriov

sriov driver can be either netdevice or vfio
start scripts support netdevice only yet

Change-Id: Ifa1e9acc558387d38245bd99669225fbf5fb8d05
Issue-ID: MULTICLOUD-999
Signed-off-by: Bin Yang <bin.yang@windriver.com>
---
 .../templates/unprotected-private-net.yaml         | 29 ++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 starlingx/demo/firewall-sriov/templates/unprotected-private-net.yaml

(limited to 'starlingx/demo/firewall-sriov/templates/unprotected-private-net.yaml')

diff --git a/starlingx/demo/firewall-sriov/templates/unprotected-private-net.yaml b/starlingx/demo/firewall-sriov/templates/unprotected-private-net.yaml
new file mode 100644
index 00000000..568768f7
--- /dev/null
+++ b/starlingx/demo/firewall-sriov/templates/unprotected-private-net.yaml
@@ -0,0 +1,29 @@
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+  name: sriov-device-{{ .Values.global.unprotectedNetName }}
+  annotations:
+    k8s.v1.cni.cncf.io/resourceName: intel.com/pci_sriov_net_{{ .Values.global.unprotectedNetProviderName }}
+{{- if eq .Values.global.unprotectedNetProviderDriver "netdevice" }}
+spec:
+  config: '{
+    "type": "sriov",
+    "name": "sriov-device",
+    "vlan": {{ .Values.global.unprotectedNetProviderVlan }},
+    "ipam": {
+      "type": "host-local",
+      "subnet": "{{ .Values.global.unprotectedNetCidr }}",
+      "routes": [{
+        "dst": "0.0.0.0/0"
+      }],
+      "gateway": "{{ .Values.global.unprotectedNetGwIp }}"
+    }
+  }'
+{{- else }}
+spec:
+  config: '{
+    "type": "sriov",
+    "name": "sriov-device",
+    "vlan": {{ .Values.global.unprotectedNetProviderVlan }}
+  }'
+{{ end -}}
\ No newline at end of file
-- 
cgit 1.2.3-korg