blob: 1a77d5349e8495fc5d33a52fc20a8069d0ce8b5b [file] [log] [blame]
{{/*
# Copyright 2020-present Open Networking Foundation
# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0
*/}}
{{- $upfConfig := index .Values.config.upf.cfgFiles "upf.json" }}
{{- $accessConfig := index $upfConfig "access" }}
{{- $coreConfig := index $upfConfig "core" }}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: upf
labels:
{{ tuple "upf" . | include "omec-user-plane.metadata_labels" | indent 4 }}
spec:
replicas: 1
serviceName: upf-headless
selector:
matchLabels:
{{ tuple "upf" . | include "omec-user-plane.metadata_labels" | indent 6 }}
template:
metadata:
labels:
{{ tuple "upf" . | include "omec-user-plane.metadata_labels" | indent 8 }}
annotations:
k8s.v1.cni.cncf.io/networks: '[
{
"name": "access-net",
"interface": {{ index $accessConfig "ifname" | quote }},
{{- if hasKey .Values.config.upf.access "mac" }}
"mac": {{ .Values.config.upf.access.mac | quote }},
{{- end }}
"ips": [{{ .Values.config.upf.access.ip | quote }}]
},
{
"name": "core-net",
"interface": {{ index $coreConfig "ifname" | quote }},
{{- if hasKey .Values.config.upf.core "mac" }}
"mac": {{ .Values.config.upf.core.mac | quote }},
{{- end }}
"ips": [{{ .Values.config.upf.core.ip | quote }}]
}
]'
spec:
shareProcessNamespace: true
{{- if .Values.nodeSelectors.enabled }}
nodeSelector:
{{ .Values.nodeSelectors.upf.label }}: {{ .Values.nodeSelectors.upf.value }}
{{- end }}
{{- if hasKey .Values.images "pullSecrets" }}
imagePullSecrets:
{{ toYaml .Values.images.pullSecrets | indent 8 }}
{{- end }}
initContainers:
- name: bess-init
image: {{ .Values.images.tags.bess | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
command: ["sh", "-xec"]
args:
- ip route replace {{ .Values.config.upf.enb.subnet }} via {{ .Values.config.upf.access.gateway }};
ip route replace default via {{ .Values.config.upf.core.gateway }} metric 110;
iptables -I OUTPUT -p icmp --icmp-type port-unreachable -j DROP;
securityContext:
capabilities:
add:
- NET_ADMIN
{{- if .Values.config.coreDump.enabled }}
{{ tuple "upf" . | include "omec-user-plane.coredump_init" | indent 6 }}
{{- end }}
containers:
- name: bessd
image: {{ .Values.images.tags.bess | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
securityContext:
{{- if .Values.config.upf.privileged }}
privileged: true
{{- end }}
capabilities:
add:
- IPC_LOCK
stdin: true
tty: true
command: ["/bin/bash", "-xc"]
args:
{{- if .Values.config.upf.hugepage.enabled }}
- bessd -f -grpc-url=0.0.0.0:10514
{{- else }}
- bessd -m 0 -f -grpc-url=0.0.0.0:10514
{{- end }}
lifecycle:
postStart:
exec:
command: ["/etc/bess/conf/bessd-poststart.sh"]
livenessProbe:
tcpSocket:
port: 10514
initialDelaySeconds: 15
periodSeconds: 20
resources:
requests:
{{- if .Values.resources.enabled }}
{{ toYaml .Values.resources.bess.requests | indent 12 }}
{{- end }}
{{- if .Values.config.upf.hugepage.enabled }}
hugepages-1Gi: 2Gi
{{- end }}
{{- if .Values.config.upf.sriov.enabled }}
intel.com/intel_sriov_vfio: 2
{{- end }}
limits:
{{- if .Values.resources.enabled }}
{{ toYaml .Values.resources.bess.limits | indent 12 }}
{{- end }}
{{- if .Values.config.upf.hugepage.enabled }}
hugepages-1Gi: 2Gi
{{- end }}
{{- if .Values.config.upf.sriov.enabled }}
intel.com/intel_sriov_vfio: 2
{{- end }}
env:
- name: CONF_FILE
value: /etc/bess/conf/upf.json
volumeMounts:
- name: shared-app
mountPath: /pod-share
{{- if .Values.config.upf.hugepage.enabled }}
- name: hugepages
mountPath: /dev/hugepages
{{- end }}
- name: configs
mountPath: /etc/bess/conf
{{- if .Values.config.coreDump.enabled }}
- name: coredump
mountPath: /tmp/coredump
{{- end }}
- name: routectl
image: {{ .Values.images.tags.bess | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
env:
- name: PYTHONUNBUFFERED
value: "1"
command: ["/opt/bess/bessctl/conf/route_control.py"]
args:
- -i
- {{ index $accessConfig "ifname" }}
- {{ index $coreConfig "ifname" }}
{{- if .Values.resources.enabled }}
resources:
{{ toYaml .Values.resources.routectl | indent 10 }}
{{- end }}
- name: web
image: {{ .Values.images.tags.bess | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
command: ["/bin/bash", "-xc", "bessctl http 0.0.0.0 8000"]
{{- if .Values.resources.enabled }}
resources:
{{ toYaml .Values.resources.web | indent 10 }}
{{- end }}
- name: cpiface
image: {{ .Values.images.tags.pfcpiface | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
command: ["pfcpiface"]
args:
- -config
- /tmp/conf/upf.json
{{- if .Values.resources.enabled }}
resources:
{{ toYaml .Values.resources.cpiface | indent 10 }}
{{- end }}
volumeMounts:
- name: shared-app
mountPath: /pod-share
- name: configs
mountPath: /tmp/conf
volumes:
- name: configs
configMap:
name: upf
defaultMode: 493
- name: shared-app
emptyDir: {}
{{- if .Values.config.upf.hugepage.enabled }}
- name: hugepages
emptyDir:
medium: HugePages
{{- end }}
{{- if .Values.config.coreDump.enabled }}
- name: host-rootfs
hostPath:
path: /
- name: coredump
hostPath:
path: {{ .Values.config.coreDump.path }}
{{- end }}