COMAC-172 Remove multus from mcord-setup
It prevents sriov device plugin daemon to work in multi-node environment.
Multus will be considered outside the scope of COMAC chart from now on.
Change-Id: Ie40cab2ec673cdcbea9cac8d00cb6778af7ba788
diff --git a/mcord-release/mcord-setup/Chart.yaml b/mcord-release/mcord-setup/Chart.yaml
index 06fb83b..7f96054 100644
--- a/mcord-release/mcord-setup/Chart.yaml
+++ b/mcord-release/mcord-setup/Chart.yaml
@@ -18,4 +18,4 @@
appVersion: "1.0"
description: The prerequisite setup of M-CORD
name: mcord-setup
-version: 0.1.3
+version: 0.1.4
diff --git a/mcord-release/mcord-setup/templates/sriov-conf.yaml b/mcord-release/mcord-setup/templates/configmap-sriov-conf.yaml
similarity index 96%
rename from mcord-release/mcord-setup/templates/sriov-conf.yaml
rename to mcord-release/mcord-setup/templates/configmap-sriov-conf.yaml
index df303bb..65623f9 100644
--- a/mcord-release/mcord-setup/templates/sriov-conf.yaml
+++ b/mcord-release/mcord-setup/templates/configmap-sriov-conf.yaml
@@ -20,7 +20,6 @@
apiVersion: v1
metadata:
name: sriov-config
- namespace: kube-system
data:
config.json: |
{
diff --git a/mcord-release/mcord-setup/templates/daemonset-sriov-dp.yaml b/mcord-release/mcord-setup/templates/daemonset-sriov-dp.yaml
new file mode 100644
index 0000000..3e459e1
--- /dev/null
+++ b/mcord-release/mcord-setup/templates/daemonset-sriov-dp.yaml
@@ -0,0 +1,72 @@
+{{/*
+Copyright 2018-present Open Networking Foundation
+Copyright 2018 Intel Corporation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: sriov-device-plugin
+spec:
+ selector:
+ matchLabels:
+ name: sriov-device-plugin
+ template:
+ metadata:
+ labels:
+ name: sriov-device-plugin
+ spec:
+ hostNetwork: true
+ hostPID: true
+ initContainers:
+ - name: init-sriov-cni
+ image: {{ .Values.images.tags.omecCni }}
+ imagePullPolicy: {{ .Values.images.pullPolicy }}
+ command: [ "bash", "-c" ]
+ args:
+ - cp /tmp/cni/bin/{sriov,vfioveth,centralip,jq} /host/opt/cni/bin/
+ volumeMounts:
+ - name: cni-bin
+ mountPath: /host/opt/cni/bin
+ containers:
+ - name: sriov-device-plugin
+ image: {{ .Values.images.tags.sriovDp }}
+ imagePullPolicy: {{ .Values.images.pullPolicy }}
+ command: [ "/bin/sh", "-c", "--" ]
+ args: [ "sriovdp --logtostderr 10;" ]
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - mountPath: /var/lib/kubelet/
+ name: devicesock
+ readOnly: false
+ - mountPath: /sys
+ name: net
+ readOnly: true
+ - name: sriov-config
+ mountPath: /etc/pcidp
+ volumes:
+ - name: devicesock
+ hostPath:
+ path: /var/lib/kubelet/
+ - name: net
+ hostPath:
+ path: /sys
+ - name: sriov-config
+ configMap:
+ name: sriov-config
+ - name: cni-bin
+ hostPath:
+ path: /opt/cni/bin
diff --git a/mcord-release/mcord-setup/templates/multus-sriov-ds.yaml b/mcord-release/mcord-setup/templates/multus-sriov-ds.yaml
deleted file mode 100644
index 135e769..0000000
--- a/mcord-release/mcord-setup/templates/multus-sriov-ds.yaml
+++ /dev/null
@@ -1,234 +0,0 @@
----
-# Copyright 2018-present Open Networking Foundation
-# Copyright 2018 Intel Corporation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
----
-apiVersion: apiextensions.k8s.io/v1beta1
-kind: CustomResourceDefinition
-metadata:
- # name must match the spec fields below, and be in the form: <plural>.<group>
- name: network-attachment-definitions.k8s.cni.cncf.io
- annotations:
- "helm.sh/hook": "crd-install"
- "helm.sh/hook-delete-policy": "before-hook-creation"
-spec:
- # group name to use for REST API: /apis/<group>/<version>
- group: k8s.cni.cncf.io
- # version name to use for REST API: /apis/<group>/<version>
- version: v1
- # either Namespaced or Cluster
- scope: Namespaced
- names:
- # plural name to be used in the URL: /apis/<group>/<version>/<plural>
- plural: network-attachment-definitions
- # singular name to be used as an alias on the CLI and for display
- singular: network-attachment-definition
- # kind is normally the CamelCased singular type. Your resource manifests use this.
- kind: NetworkAttachmentDefinition
- # shortNames allow shorter string to match your resource on the CLI
- shortNames:
- - net-attach-def
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: multus-sa
- namespace: kube-system
- annotations:
- "helm.sh/hook": "pre-install"
- "helm.sh/hook-delete-policy": "before-hook-creation"
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: multus-sa-secret
- namespace: kube-system
- annotations:
- kubernetes.io/service-account.name: multus-sa
-type: kubernetes.io/service-account-token
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: multus-pod-networks-lister
-rules:
-- apiGroups: [""]
- resources: ["pods"]
- verbs: ["get"]
-- apiGroups: [""]
- resources: ["pods/status"]
- verbs: ["update"]
-- apiGroups: ["k8s.cni.cncf.io"]
- resources: ["*"]
- verbs: ["get"]
----
-kind: ConfigMap
-apiVersion: v1
-metadata:
- name: multus-scripts
- namespace: kube-system
-data:
- install-certs.sh: |
- # Copied from Calico
- # https://github.com/projectcalico/cni-plugin/blob/master/k8s-install/scripts/install-cni.sh
- touch /host/etc/cni/net.d/multus-kubeconfig
- chmod 600 /host/etc/cni/net.d/multus-kubeconfig
- SERVICE_ACCOUNT_PATH=/var/run/secrets/multus/serviceaccount
- KUBE_CA_FILE=$SERVICE_ACCOUNT_PATH/ca.crt
- TLS_CFG="certificate-authority-data: $(cat $KUBE_CA_FILE | base64 | tr -d '\n')"
- SERVICEACCOUNT_TOKEN=$(cat $SERVICE_ACCOUNT_PATH/token)
- cat > /host/etc/cni/net.d/multus-kubeconfig <<EOF
- # Kubeconfig file for Multus CNI plugin.
- apiVersion: v1
- kind: Config
- clusters:
- - name: local
- cluster:
- server: https://${KUBERNETES_SERVICE_HOST}:${KUBERNETES_SERVICE_PORT}
- $TLS_CFG
- users:
- - name: multus
- user:
- token: "${SERVICEACCOUNT_TOKEN}"
- contexts:
- - name: multus-context
- context:
- cluster: local
- user: multus
- current-context: multus-context
- EOF
- install-multus-conf.sh: |
- # copied from https://github.com/intel/multus-cni/blob/master/images/entrypoint.sh
- rm -f /host/etc/cni/net.d/00-multus.conf
- MASTER_PLUGIN="$(ls /host/etc/cni/net.d | grep -E '\.conf(list)?$' | head -1)"
- MASTER_PLUGIN_JSON="$(cat /host/etc/cni/net.d/$MASTER_PLUGIN)"
- cat > /host/etc/cni/net.d/00-multus.conf <<EOF
- {
- "name": "multus-cni-network",
- "type": "multus",
- "logFile": "/var/log/multus.log",
- "logLevel": "debug",
- "kubeconfig": "/etc/cni/net.d/multus-kubeconfig",
- "delegates": [
- $MASTER_PLUGIN_JSON
- ]
- }
- EOF
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: multus-rb
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: multus-pod-networks-lister
-subjects:
-- kind: ServiceAccount
- name: multus-sa
- namespace: kube-system
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: sriov-device-plugin
- namespace: kube-system
-spec:
- selector:
- matchLabels:
- name: sriov-device-plugin
- template:
- metadata:
- labels:
- name: sriov-device-plugin
- spec:
- initContainers:
- - name: init-sriovds
- image: {{ .Values.sriovds.initimage }}
- command: [ "bash", "-c" ]
- args:
- - cp /tmp/cni/bin/{multus,sriov,vfioveth,centralip,jq} /host/opt/cni/bin/;
- /tmp/multus/install-multus-conf.sh;
- /tmp/multus/install-certs.sh;
- systemctl stop kubelet;
- echo "Restarting crio/containerd, kubelet";
- systemctl restart containerd;
- systemctl restart crio;
- systemctl restart kubelet;
- volumeMounts:
- - name: usr-bin
- mountPath: /host/usr/bin
- - name: cni-bin
- mountPath: /host/opt/cni/bin
- - name: multus-sa
- mountPath: /var/run/secrets/multus/serviceaccount
- - name: multus-scripts
- mountPath: /tmp/multus
- - name: cni-conf
- mountPath: /host/etc/cni/net.d
- - name: dbus
- mountPath: /var/run/dbus
- - name: systemd
- mountPath: /run/systemd
- containers:
- - name: sriovds
- image: {{ .Values.sriovds.image }}
- command: [ "sh", "-c" ]
- args:
- - /usr/bin/sriovdp --logtostderr -v 10;
- sleep infinity;
- volumeMounts:
- - name: net
- mountPath: /sys/class/net
- readOnly: true
- - name: dp-sock
- mountPath: /var/lib/kubelet/device-plugins/
- readOnly: false
- - mountPath: /etc/pcidp
- name: sriov-config
- readOnly: false
- volumes:
- - name: sriov-config
- configMap:
- name: sriov-config
- - name: usr-bin
- hostPath:
- path: /usr/bin
- - name: cni-bin
- hostPath:
- path: /opt/cni/bin
- - name: multus-sa
- secret:
- secretName: multus-sa-secret
- - name: multus-scripts
- configMap:
- defaultMode: 511
- name: multus-scripts
- - name: cni-conf
- hostPath:
- path: /etc/cni/net.d
- - name: dbus
- hostPath:
- path: /var/run/dbus
- - name: systemd
- hostPath:
- path: /run/systemd
- - name: net
- hostPath:
- path: /sys/class/net
- - name: dp-sock
- hostPath:
- path: /var/lib/kubelet/device-plugins/
- hostNetwork: true
- hostPID: true
diff --git a/mcord-release/mcord-setup/values.yaml b/mcord-release/mcord-setup/values.yaml
index b19f9f7..e9d4d7f 100644
--- a/mcord-release/mcord-setup/values.yaml
+++ b/mcord-release/mcord-setup/values.yaml
@@ -13,9 +13,11 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-sriovds:
- initimage: docker.io/omecproject/omec-cni:0.0.1
- image: docker.io/omecproject/omec-cni:0.0.1
+images:
+ tags:
+ omecCni: docker.io/omecproject/omec-cni:0.0.1
+ sriovDp: docker.io/nfvpe/sriov-device-plugin:v3.0.0
+ pullPolicy: IfNotPresent
# We need to speficy both pfName and driver name to prevent one interface to be
# allocated to multiple resource pools