blob: a55bb5271d26620a5cf0c7235177889f4ba70e25 [file] [log] [blame]
Wei-Yu Chen450a98a2019-01-15 16:56:30 -08001---
2# Copyright 2017-present Open Networking Foundation
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15
16---
17apiVersion: v1
18kind: Service
19metadata:
Wei-Yu Chen450a98a2019-01-15 16:56:30 -080020 name: ngic-dp
21spec:
22 selector:
23 app: ngic-dp
24 clusterIP: None
25 ports:
26 - name: sx
27 port: {{ .Values.ngic_dp.ports.sx }}
28 protocol: UDP
29---
30apiVersion: apps/v1
31kind: StatefulSet
32metadata:
Wei-Yu Chen450a98a2019-01-15 16:56:30 -080033 name: ngic-dp
34 labels:
35 app: ngic-dp
36spec:
37 replicas: {{ .Values.ngic_dp.replicas }}
38 selector:
39 matchLabels:
40 app: ngic-dp
41 serviceName: "ngic-dp"
42 template:
43 metadata:
Wei-Yu Chen450a98a2019-01-15 16:56:30 -080044 labels:
45 app: ngic-dp
46 annotations:
47 k8s.v1.cni.cncf.io/networks: '[
48 { "name": "s1u-net", "interface": "s1u-net", "namespace": "default" },
49 { "name": "sgi-net", "interface": "sgi-net", "namespace": "default" }
50 ]'
51 spec:
52 initContainers:
53 - name: init-iptables
54 image: {{ .Values.ngic_dp.images.init }}
55 command: [ "sh", "-c"]
56 securityContext:
57 capabilities:
58 add:
59 - NET_ADMIN
60 args:
61 - iptables -I OUTPUT -p icmp --icmp-type destination-unreachable -j DROP;
62 terminationGracePeriodSeconds: 1
63 containers:
64 - name: ngic
65 image: {{ .Values.ngic_dp.images.dp }}
66 imagePullPolicy: IfNotPresent
67 stdin: true
68 tty: true
69 env:
70 - name: RTR_SGI_IP
71 value: {{ .Values.ngic_dp.config.rtr_sgi_ip }}
72 - name: SGI_MASK
73 value: {{ .Values.ngic_dp.config.sgi_mask }}
74 - name: MEM_LIMIT
75 valueFrom:
76 resourceFieldRef:
77 containerName: ngic
78 resource: limits.memory
79 divisor: 1Mi
80 command: [ "bash", "-cx", "ifconfig -a; . /opt/ngic/config/dp_config.cfg ; ./ngic_dataplane $EAL_ARGS -- $APP_ARGS"]
81 #command: ["sleep", "3600"]
82 volumeMounts:
83 - name: config-volume
84 mountPath: /opt/ngic/config
85 {{- if .Values.ngic_dp.config.hugepage_enabled}}
86 - name: hugepage
87 mountPath: /dev/hugepages
88 {{- end}}
89 - name: shared-data
90 mountPath: /opt/ngic/config/shared
91 {{- if .Values.ngic_dp.config.dpdk_enabled}}
92 - name: sriov-volume
93 mountPath: /sriov-cni
94 - name: vfio-volume
95 mountPath: /dev/vfio
96 {{- end}}
97 resources:
98 limits:
99 hugepages-1Gi: {{ .Values.ngic_dp.resources.hugepage }}
100 cpu: {{ .Values.ngic_dp.resources.cpu }}
101 memory: {{ .Values.ngic_dp.resources.mem }}
102 intel.com/sriov: '2'
103 securityContext:
104 {{- if .Values.ngic_dp.config.dpdk_enabled}}
105 privileged: true
106 {{- else}}
107 capabilities:
108 add:
109 - NET_ADMIN
110 - IPC_LOCK
111 {{- end}}
112 volumes:
113 - name: config-volume
114 configMap:
115 name: ngicdp-config
116 {{- if .Values.ngic_dp.config.hugepage_enabled }}
117 - name: hugepage
118 emptyDir:
119 medium: HugePages
120 {{- end}}
121 - name: shared-data
122 emptyDir: {}
123 {{- if .Values.ngic_dp.config.dpdk_enabled}}
124 - name: sriov-volume
125 hostPath:
126 path: /var/lib/cni/sriov
127 type: Directory
128 - name: vfio-volume
129 hostPath:
130 path: /dev/vfio
131 type: Directory
132 {{- end}}