Blame - ponnet/templates/ponnet-cni.yaml - helm-charts

blob: 0241df67a5ed023802ae02fd4e14b292cb4499a1 [file] [log] [blame]

Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	1	---
				2	# Copyright 2017-present Open Networking Foundation
				3	#
				4	# Licensed under the Apache License, Version 2.0 (the "License");
				5	# you may not use this file except in compliance with the License.
				6	# You may obtain a copy of the License at
				7	#
				8	# http://www.apache.org/licenses/LICENSE-2.0
				9	#
				10	# Unless required by applicable law or agreed to in writing, software
				11	# distributed under the License is distributed on an "AS IS" BASIS,
				12	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	# See the License for the specific language governing permissions and
				14	# limitations under the License.
				15
				16	kind: ClusterRole
				17	apiVersion: rbac.authorization.k8s.io/v1beta1
				18	metadata:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	19	name: ponnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	20	rules:
				21	- apiGroups:
				22	- ""
				23	resources:
				24	- pods
				25	verbs:
				26	- get
				27	- update
				28	- patch
				29	- apiGroups:
				30	- "alpha.network.k8s.io"
				31	resources:
				32	- logicalnetworks
				33	verbs:
				34	- get
				35	- update
				36	- patch
				37	- apiGroups:
				38	- "alpha.network.k8s.io"
				39	resources:
				40	- physicalnetworks
				41	verbs:
				42	- get
				43	- update
				44	- patch
				45	- apiGroups:
				46	- ""
				47	resources:
				48	- configmaps
				49	verbs:
				50	- get
				51	- apiGroups:
				52	- "admissionregistration.k8s.io"
				53	resources:
				54	- validatingwebhookconfigurations
				55	verbs:
				56	- get
				57	- update
				58	- create
				59	- delete
				60
				61	---
				62	kind: ClusterRoleBinding
				63	apiVersion: rbac.authorization.k8s.io/v1beta1
				64	metadata:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	65	name: ponnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	66	roleRef:
				67	apiGroup: rbac.authorization.k8s.io
				68	kind: ClusterRole
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	69	name: ponnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	70	subjects:
				71	- kind: ServiceAccount
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	72	name: ponnnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	73	namespace: kube-system
				74	- kind: Group
				75	name: system:authenticated
				76	apiGroup: rbac.authorization.k8s.io
				77
				78	---
				79	apiVersion: v1
				80	kind: ServiceAccount
				81	metadata:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	82	name: ponnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	83	namespace: kube-system
				84
				85	---
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	86	# This ConfigMap can be used to configure a self-hosted Ponnet installation.
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	87	kind: ConfigMap
				88	apiVersion: v1
				89	metadata:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	90	name: ponnet-config
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	91	namespace: kube-system
				92	data:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	93	pon0.conf: \|
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	94	{
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	95	"name": "pon0",
				96	"type": "bridge",
				97	"bridge": "pon0",
				98	"isGateway": false,
				99	"ipMask": false,
				100	"ipam": {
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	101	"type": "host-local",
Andy Bavier	33efb82	2018-08-24 12:47:49 -0700	[diff] [blame]	102	"subnet": "10.22.0.0/16"
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	103	}
				104	}
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	105	pon1.conf: \|
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	106	{
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	107	"name": "pon1",
				108	"type": "bridge",
				109	"bridge": "pon1",
				110	"isGateway": false,
				111	"ipMask": false,
				112	"ipam": {
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	113	"type": "host-local",
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	114	"subnet": "10.23.0.0/16"
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	115	}
				116	}
				117
				118	---
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	119	# Install Ponnnet CNI conf on each slave node.
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	120	kind: DaemonSet
				121	apiVersion: extensions/v1beta1
				122	metadata:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	123	name: ponnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	124	namespace: kube-system
				125	labels:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	126	k8s-app: ponnet
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	127	spec:
				128	selector:
				129	matchLabels:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	130	k8s-app: ponnet
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	131	template:
				132	metadata:
				133	labels:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	134	k8s-app: ponnet
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	135	annotations:
				136	scheduler.alpha.kubernetes.io/critical-pod: ''
				137	scheduler.alpha.kubernetes.io/tolerations: \|
				138	[
				139	{
				140	"key": "dedicated",
				141	"value": "master",
				142	"effect": "NoSchedule"
				143	},
				144	{
				145	"key": "CriticalAddonsOnly",
				146	"operator": "Exists"
				147	}
				148	]
				149	spec:
				150	hostNetwork: true
				151	hostPID: true
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	152	serviceAccountName: ponnet-plugin
				153	initContainers:
				154	# Installs CNI config files on each node
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	155	- name: install-cni
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	156	image: {{ .Values.pull_docker_registry }}{{ .Values.images.ponnet.repository }}:{{ .Values.images.ponnet.tag }}
				157	imagePullPolicy: {{ .Values.images.ponnet.pullPolicy }}
				158	command: ["/bin/sh", "-c", "cp /tmp/cni/* /host/etc/cni/net.d"]
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	159	env:
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	160	- name: KUBERNETES_NODE_NAME
				161	valueFrom:
				162	fieldRef:
				163	fieldPath: spec.nodeName
				164	volumeMounts:
				165	- mountPath: /host/opt/cni/bin
				166	name: cni-bin-dir
				167	- mountPath: /host/etc/cni/net.d
				168	name: cni-net-dir
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	169	- mountPath: /tmp/cni
				170	name: ponnet-config
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	171	volumes:
				172	- name: cni-bin-dir
				173	hostPath:
				174	path: /opt/cni/bin
				175	- name: cni-net-dir
				176	hostPath:
				177	path: /etc/cni/net.d
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame^]	178	- name: ponnet-config
				179	configMap:
				180	name: ponnet-config
				181	containers:
				182	- name: pause
				183	image: gcr.io/google_containers/pause
				184