blob: 000dca3b862c80ad4ff9d99adcf141ab2ac50a14 [file] [log] [blame]
Wei-Yu Chen450a98a2019-01-15 16:56:30 -08001---
Wei-Yu Chen53aec362019-01-18 16:30:33 -08002# Copyright 2018-present Open Networking Foundation
3# Copyright 2018 Intel Corporation
Wei-Yu Chen450a98a2019-01-15 16:56:30 -08004#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
17---
18apiVersion: v1
19kind: Service
20metadata:
Wei-Yu Chen450a98a2019-01-15 16:56:30 -080021 name: ngic-dp
22spec:
23 selector:
24 app: ngic-dp
25 clusterIP: None
26 ports:
27 - name: sx
28 port: {{ .Values.ngic_dp.ports.sx }}
29 protocol: UDP
30---
31apiVersion: apps/v1
32kind: StatefulSet
33metadata:
Wei-Yu Chen450a98a2019-01-15 16:56:30 -080034 name: ngic-dp
35 labels:
36 app: ngic-dp
37spec:
38 replicas: {{ .Values.ngic_dp.replicas }}
39 selector:
40 matchLabels:
41 app: ngic-dp
42 serviceName: "ngic-dp"
43 template:
44 metadata:
Wei-Yu Chen450a98a2019-01-15 16:56:30 -080045 labels:
46 app: ngic-dp
47 annotations:
48 k8s.v1.cni.cncf.io/networks: '[
49 { "name": "s1u-net", "interface": "s1u-net", "namespace": "default" },
50 { "name": "sgi-net", "interface": "sgi-net", "namespace": "default" }
51 ]'
52 spec:
53 initContainers:
54 - name: init-iptables
55 image: {{ .Values.ngic_dp.images.init }}
56 command: [ "sh", "-c"]
57 securityContext:
58 capabilities:
59 add:
60 - NET_ADMIN
61 args:
62 - iptables -I OUTPUT -p icmp --icmp-type destination-unreachable -j DROP;
63 terminationGracePeriodSeconds: 1
64 containers:
65 - name: ngic
66 image: {{ .Values.ngic_dp.images.dp }}
67 imagePullPolicy: IfNotPresent
68 stdin: true
69 tty: true
70 env:
71 - name: RTR_SGI_IP
72 value: {{ .Values.ngic_dp.config.rtr_sgi_ip }}
73 - name: SGI_MASK
74 value: {{ .Values.ngic_dp.config.sgi_mask }}
75 - name: MEM_LIMIT
76 valueFrom:
77 resourceFieldRef:
78 containerName: ngic
79 resource: limits.memory
80 divisor: 1Mi
Wei-Yu Chenda76c322019-01-18 13:31:55 -080081 command: [ "bash", "-xc"]
82 args:
Wei-Yu Chen9e5e0462019-01-18 16:58:10 -080083 - ifconfig -a;
84 ifconfig lo down;
85 . /opt/ngic/config/dp_config.cfg;
86 ./ngic_dataplane $EAL_ARGS -- $APP_ARGS
Wei-Yu Chen450a98a2019-01-15 16:56:30 -080087 volumeMounts:
88 - name: config-volume
89 mountPath: /opt/ngic/config
90 {{- if .Values.ngic_dp.config.hugepage_enabled}}
91 - name: hugepage
92 mountPath: /dev/hugepages
93 {{- end}}
94 - name: shared-data
95 mountPath: /opt/ngic/config/shared
96 {{- if .Values.ngic_dp.config.dpdk_enabled}}
97 - name: sriov-volume
98 mountPath: /sriov-cni
99 - name: vfio-volume
100 mountPath: /dev/vfio
101 {{- end}}
102 resources:
103 limits:
104 hugepages-1Gi: {{ .Values.ngic_dp.resources.hugepage }}
105 cpu: {{ .Values.ngic_dp.resources.cpu }}
106 memory: {{ .Values.ngic_dp.resources.mem }}
107 intel.com/sriov: '2'
108 securityContext:
109 {{- if .Values.ngic_dp.config.dpdk_enabled}}
110 privileged: true
111 {{- else}}
112 capabilities:
113 add:
114 - NET_ADMIN
115 - IPC_LOCK
116 {{- end}}
117 volumes:
118 - name: config-volume
119 configMap:
120 name: ngicdp-config
121 {{- if .Values.ngic_dp.config.hugepage_enabled }}
122 - name: hugepage
123 emptyDir:
124 medium: HugePages
125 {{- end}}
126 - name: shared-data
127 emptyDir: {}
128 {{- if .Values.ngic_dp.config.dpdk_enabled}}
129 - name: sriov-volume
130 hostPath:
131 path: /var/lib/cni/sriov
132 type: Directory
133 - name: vfio-volume
134 hostPath:
135 path: /dev/vfio
136 type: Directory
137 {{- end}}