Add static routes instead of changing rp_filter
- remove the shell options '-e', script should not stop if it can't
access the TOST.
Change-Id: I15fc03229dc16bc3f484d5221701fb34f9eb6781
diff --git a/apps/dbuf/Chart.yaml b/apps/dbuf/Chart.yaml
index 99683fd..ded633a 100644
--- a/apps/dbuf/Chart.yaml
+++ b/apps/dbuf/Chart.yaml
@@ -18,7 +18,7 @@
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.5
+version: 0.1.6
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
diff --git a/apps/dbuf/templates/configmap-config.yaml b/apps/dbuf/templates/configmap-config.yaml
index 2df6d11..e41a9ae 100644
--- a/apps/dbuf/templates/configmap-config.yaml
+++ b/apps/dbuf/templates/configmap-config.yaml
@@ -11,10 +11,15 @@
labels:
{{- include "dbuf.labels" . | nindent 4 }}
data:
- push-onos: |
+ config: |
#!/bin/sh
- set -e -x
+ set -x
env
+ export IFS=','
+ for r in $STATIC_ROUTES; do
+ ip route add $r dev $DP_INTERFACE
+ done
+ unset IFS
ifconfig
while true
do
diff --git a/apps/dbuf/templates/deployment.yaml b/apps/dbuf/templates/deployment.yaml
index 53393f6..9eb0822 100644
--- a/apps/dbuf/templates/deployment.yaml
+++ b/apps/dbuf/templates/deployment.yaml
@@ -22,12 +22,6 @@
labels:
{{- include "dbuf.selectorLabels" . | nindent 8 }}
spec:
- securityContext:
- sysctls:
- - name: ipv4.conf.all.rp_filter
- value: "2"
- - name: ipv4.conf.net0.rp_filter
- value: "2"
{{- if .Values.image.credentials }}
imagePullSecrets:
- name: {{ .Release.Name }}.registry
@@ -54,7 +48,8 @@
containerPort: 8080
protocol: {{ .Values.service.stats.protocol }}
# Push data plane address to ONOS via netcfgc
- - name: push-onos
+ # Add the static route for sr-iov interface
+ - name: config
image: curlimages/curl:7.75.0
imagePullPolicy: IfNotPresent
env:
@@ -78,11 +73,17 @@
value: "{{ .Values.dataplane.interface }}"
- name: DP_PORT
value: "{{ .Values.dataplane.port }}"
+ - name: STATIC_ROUTES
+ value: "{{ .Values.network.route }}"
volumeMounts:
- - name: onos-push-script
- mountPath: /tmp/push-onos
- subPath: push-onos
- command: ["sh", "-c", "/tmp/push-onos"]
+ - name: config-script
+ mountPath: /tmp/config
+ subPath: config
+ command: ["sh", "-c", "/tmp/config"]
+ securityContext:
+ runAsUser: 0
+ capabilities:
+ add: ["NET_ADMIN"]
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
@@ -96,7 +97,7 @@
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- - name: onos-push-script
+ - name: config-script
configMap:
name: {{ include "dbuf.fullname" . }}
defaultMode: 0755
diff --git a/apps/dbuf/values.yaml b/apps/dbuf/values.yaml
index 0373f03..2b3e261 100644
--- a/apps/dbuf/values.yaml
+++ b/apps/dbuf/values.yaml
@@ -24,6 +24,7 @@
k8s.v1.cni.cncf.io/networks: dbuf-sriov@net0
podSecurityContext: {}
+
resources:
requests:
intel.com/intel_sriov_netdevice: "1"
@@ -63,3 +64,6 @@
static:
subnets: "10.56.217.0/24"
gateway: "10.56.217.1"
+ # route the following subnets via sr-iov interface
+ # route: 10.56.215.0/24,10.56.214.0/24
+ route: ""