blob: 593f2d27ab17952bae5528cf6eef34da84a424a0 [file] [log] [blame]
{{/*
Copyright 2018-present Open Networking Foundation
Copyright 2018 Intel Corporation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: spgwu
serviceName: spgwu-headless
labels:
{{ tuple "spgwu" . | include "omec-data-plane.metadata_labels" | indent 4 }}
spec:
replicas: 1
selector:
matchLabels:
{{ tuple "spgwu" . | include "omec-data-plane.metadata_labels" | indent 6 }}
template:
metadata:
labels:
{{ tuple "spgwu" . | include "omec-data-plane.metadata_labels" | indent 8 }}
annotations:
k8s.v1.cni.cncf.io/networks: '[
{
"name": "s1u-net",
"interface": {{ .Values.config.spgwu.s1u.device | quote }},
"ips": {{ .Values.config.spgwu.s1u.ip | quote }}
},
{
"name": "sgi-net",
"interface": {{ .Values.config.spgwu.sgi.device | quote }},
"ips": {{ .Values.config.spgwu.sgi.ip | quote }}
}
]'
spec:
{{- if .Values.nodeSelectors.enabled }}
nodeSelector:
{{ .Values.nodeSelectors.spgwu.label }}: {{ .Values.nodeSelectors.spgwu.value }}
{{- end }}
{{- if not .Values.config.sriov.enabled }}
initContainers:
- name: spgwu-iptables-init
image: {{ .Values.images.tags.init | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
command: [ "sh", "-xec"]
securityContext:
capabilities:
add:
- NET_ADMIN
args:
- iptables -I OUTPUT -p icmp --icmp-type destination-unreachable -j DROP;
- name: spgwu-af-iface-init
image: {{ .Values.images.tags.init | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
securityContext:
capabilities:
add:
- NET_ADMIN
command:
- /opt/dp/scripts/setup-af-iface.sh
volumeMounts:
- name: dp-script
mountPath: /opt/dp/scripts/setup-af-iface.sh
subPath: setup-af-iface.sh
{{- end }}
{{- if .Values.config.coreDump.enabled }}
{{ tuple "spgwc" . | include "omec-data-plane.coredump_init" | indent 8 }}
{{- end }}
containers:
- name: spgwu
image: {{ .Values.images.tags.spgwu | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
securityContext:
{{- if .Values.config.coreDump.enabled }}
privileged: true
runAsUser: 0
{{- end }}
capabilities:
add:
- IPC_LOCK
stdin: true
tty: true
env:
- name: MEM_LIMIT
valueFrom:
resourceFieldRef:
containerName: spgwu
resource: limits.memory
divisor: 1Mi
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: DP_NAME
value: "{{ .Values.config.spgwu.dpName }}"
command: ["bash", "-xc"]
args:
- ip a;
/opt/dp/scripts/run.sh;
volumeMounts:
- name: dp-script
mountPath: /opt/dp/scripts/run.sh
subPath: run.sh
- name: dp-config
mountPath: /etc/dp/config
{{- if .Values.config.coreDump.enabled }}
- name: coredump
mountPath: /tmp/coredump
{{- end }}
resources:
requests:
{{- if .Values.resources.enabled }}
{{ toYaml .Values.resources.spgwu.requests | indent 12 }}
{{- end }}
{{- if .Values.config.sriov.enabled }}
intel.com/sriov_vfio_s1u_net: 1
intel.com/sriov_vfio_sgi_net: 1
{{- end }}
limits:
{{- if .Values.resources.enabled }}
{{ toYaml .Values.resources.spgwu.limits | indent 12 }}
{{- end }}
{{- if .Values.config.sriov.enabled }}
intel.com/sriov_vfio_s1u_net: 1
intel.com/sriov_vfio_sgi_net: 1
{{- end }}
volumes:
- name: dp-script
configMap:
name: spgwu
defaultMode: 493
- name: dp-config
configMap:
name: spgwu
defaultMode: 420
{{- if .Values.config.coreDump.enabled }}
- name: host-rootfs
hostPath:
path: /
- name: coredump
hostPath:
path: {{ .Values.config.coreDump.path }}
{{- end }}