blob: 11749e78500185d0946b4cda780e01b237ca97b6 [file] [log] [blame]
{{/*
Copyright 2018-present Open Networking Foundation
Copyright 2018 Intel Corporation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: spgwu
labels:
{{ tuple "spgwu" . | include "omec-data-plane.metadata_labels" | indent 4 }}
spec:
replicas: 1
selector:
matchLabels:
{{ tuple "spgwu" . | include "omec-data-plane.metadata_labels" | indent 6 }}
template:
metadata:
labels:
{{ tuple "spgwu" . | include "omec-data-plane.metadata_labels" | indent 8 }}
annotations:
k8s.v1.cni.cncf.io/networks: '[
{
"name": "s1u-net",
"interface": {{ .Values.config.spgwu.s1u.device | quote }},
"ips": {{ .Values.config.spgwu.s1u.ip | quote }}
},
{
"name": "sgi-net",
"interface": {{ .Values.config.spgwu.sgi.device | quote }},
"ips": {{ .Values.config.spgwu.sgi.ip | quote }}
}
]'
spec:
{{- if .Values.nodeSelectors.enabled }}
nodeSelector:
{{ .Values.nodeSelectors.spgwu.label }}: {{ .Values.nodeSelectors.spgwu.value }}
{{- end }}
{{- if not .Values.config.sriov.enabled }}
initContainers:
- name: spgwu-iptables-init
image: {{ .Values.images.tags.init | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
command: [ "sh", "-xec"]
securityContext:
capabilities:
add:
- NET_ADMIN
args:
- iptables -I OUTPUT -p icmp --icmp-type destination-unreachable -j DROP;
- name: spgwu-af-iface-init
image: {{ .Values.images.tags.init | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
securityContext:
capabilities:
add:
- NET_ADMIN
command:
- /opt/dp/scripts/setup-af-iface.sh
volumeMounts:
- name: dp-script
mountPath: /opt/dp/scripts/setup-af-iface.sh
subPath: setup-af-iface.sh
{{- end }}
containers:
- name: spgwu
image: {{ .Values.images.tags.spgwu | quote }}
imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
stdin: true
tty: true
env:
- name: MEM_LIMIT
valueFrom:
resourceFieldRef:
containerName: spgwu
resource: limits.memory
divisor: 1Mi
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
command: ["bash", "-xc"]
args:
- ip a;
/opt/dp/scripts/run.sh;
volumeMounts:
- name: dp-script
mountPath: /opt/dp/scripts/run.sh
subPath: run.sh
- name: dp-config
mountPath: /etc/dp/config
resources:
requests:
{{- if .Values.resources.enabled }}
{{ toYaml .Values.resources.spgwu.requests | indent 12 }}
{{- end }}
{{- if .Values.config.sriov.enabled }}
intel.com/sriov_vfio: 2
{{- end }}
limits:
{{- if .Values.resources.enabled }}
{{ toYaml .Values.resources.spgwu.limits | indent 12 }}
{{- end }}
{{- if .Values.config.sriov.enabled }}
intel.com/sriov_vfio: 2
{{- end }}
securityContext:
capabilities:
add:
- IPC_LOCK
volumes:
- name: dp-script
configMap:
name: spgwu
defaultMode: 493
- name: dp-config
configMap:
name: spgwu
defaultMode: 420