Blame - ponnet/templates/ponnet-cni.yaml - helm-charts

blob: a3cf4f8508652db6fca38b930a7d0bc9eb6ed4e1 [file] [log] [blame]

Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	1	---
				2	# Copyright 2017-present Open Networking Foundation
				3	#
				4	# Licensed under the Apache License, Version 2.0 (the "License");
				5	# you may not use this file except in compliance with the License.
				6	# You may obtain a copy of the License at
				7	#
				8	# http://www.apache.org/licenses/LICENSE-2.0
				9	#
				10	# Unless required by applicable law or agreed to in writing, software
				11	# distributed under the License is distributed on an "AS IS" BASIS,
				12	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	# See the License for the specific language governing permissions and
				14	# limitations under the License.
				15
				16	kind: ClusterRole
				17	apiVersion: rbac.authorization.k8s.io/v1beta1
				18	metadata:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	19	name: ponnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	20	rules:
				21	- apiGroups:
				22	- ""
				23	resources:
				24	- pods
				25	verbs:
				26	- get
				27	- update
				28	- patch
				29	- apiGroups:
				30	- "alpha.network.k8s.io"
				31	resources:
				32	- logicalnetworks
				33	verbs:
				34	- get
				35	- update
				36	- patch
				37	- apiGroups:
				38	- "alpha.network.k8s.io"
				39	resources:
				40	- physicalnetworks
				41	verbs:
				42	- get
				43	- update
				44	- patch
				45	- apiGroups:
				46	- ""
				47	resources:
				48	- configmaps
				49	verbs:
				50	- get
				51	- apiGroups:
				52	- "admissionregistration.k8s.io"
				53	resources:
				54	- validatingwebhookconfigurations
				55	verbs:
				56	- get
				57	- update
				58	- create
				59	- delete
				60
				61	---
				62	kind: ClusterRoleBinding
				63	apiVersion: rbac.authorization.k8s.io/v1beta1
				64	metadata:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	65	name: ponnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	66	roleRef:
				67	apiGroup: rbac.authorization.k8s.io
				68	kind: ClusterRole
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	69	name: ponnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	70	subjects:
				71	- kind: ServiceAccount
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	72	name: ponnnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	73	namespace: kube-system
				74	- kind: Group
				75	name: system:authenticated
				76	apiGroup: rbac.authorization.k8s.io
				77
				78	---
				79	apiVersion: v1
				80	kind: ServiceAccount
				81	metadata:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	82	name: ponnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	83	namespace: kube-system
				84
				85	---
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	86	# This ConfigMap can be used to configure a self-hosted Ponnet installation.
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	87	kind: ConfigMap
				88	apiVersion: v1
				89	metadata:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	90	name: ponnet-config
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	91	namespace: kube-system
				92	data:
Andy Bavier	e21a5f5	2019-05-28 15:39:52 -0700	[diff] [blame^]	93	{{- range $i, $junk := until (.Values.numOlts\|int) }}
				94	pon{{ $i }}.conf: \|
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	95	{
Andy Bavier	e21a5f5	2019-05-28 15:39:52 -0700	[diff] [blame^]	96	"name": "pon{{ $i }}",
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	97	"type": "bridge",
Andy Bavier	e21a5f5	2019-05-28 15:39:52 -0700	[diff] [blame^]	98	"bridge": "pon{{ $i }}",
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	99	"isGateway": false,
				100	"ipMask": false,
				101	"ipam": {
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	102	"type": "host-local",
Andy Bavier	33efb82	2018-08-24 12:47:49 -0700	[diff] [blame]	103	"subnet": "10.22.0.0/16"
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	104	}
				105	}
Andy Bavier	e21a5f5	2019-05-28 15:39:52 -0700	[diff] [blame^]	106	nni{{ $i }}.conf: \|
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	107	{
Andy Bavier	e21a5f5	2019-05-28 15:39:52 -0700	[diff] [blame^]	108	"name": "nni{{ $i }}",
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	109	"type": "bridge",
Andy Bavier	e21a5f5	2019-05-28 15:39:52 -0700	[diff] [blame^]	110	"bridge": "nni{{ $i }}",
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	111	"isGateway": false,
				112	"ipMask": false,
				113	"ipam": {
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	114	"type": "host-local",
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	115	"subnet": "10.23.0.0/16"
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	116	}
				117	}
Andy Bavier	e21a5f5	2019-05-28 15:39:52 -0700	[diff] [blame^]	118	{{- end }}
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	119
				120	---
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	121	# Install Ponnnet CNI conf on each slave node.
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	122	kind: DaemonSet
				123	apiVersion: extensions/v1beta1
				124	metadata:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	125	name: ponnet-plugin
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	126	namespace: kube-system
				127	labels:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	128	k8s-app: ponnet
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	129	spec:
				130	selector:
				131	matchLabels:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	132	k8s-app: ponnet
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	133	template:
				134	metadata:
				135	labels:
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	136	k8s-app: ponnet
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	137	annotations:
				138	scheduler.alpha.kubernetes.io/critical-pod: ''
				139	scheduler.alpha.kubernetes.io/tolerations: \|
				140	[
				141	{
				142	"key": "dedicated",
				143	"value": "master",
				144	"effect": "NoSchedule"
				145	},
				146	{
				147	"key": "CriticalAddonsOnly",
				148	"operator": "Exists"
				149	}
				150	]
				151	spec:
				152	hostNetwork: true
				153	hostPID: true
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	154	serviceAccountName: ponnet-plugin
				155	initContainers:
				156	# Installs CNI config files on each node
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	157	- name: install-cni
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	158	image: {{ .Values.pull_docker_registry }}{{ .Values.images.ponnet.repository }}:{{ .Values.images.ponnet.tag }}
				159	imagePullPolicy: {{ .Values.images.ponnet.pullPolicy }}
				160	command: ["/bin/sh", "-c", "cp /tmp/cni/* /host/etc/cni/net.d"]
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	161	env:
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	162	- name: KUBERNETES_NODE_NAME
				163	valueFrom:
				164	fieldRef:
				165	fieldPath: spec.nodeName
				166	volumeMounts:
				167	- mountPath: /host/opt/cni/bin
				168	name: cni-bin-dir
				169	- mountPath: /host/etc/cni/net.d
				170	name: cni-net-dir
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	171	- mountPath: /tmp/cni
				172	name: ponnet-config
Andy Bavier	2259a6b	2018-07-12 15:27:48 -0700	[diff] [blame]	173	volumes:
				174	- name: cni-bin-dir
				175	hostPath:
				176	path: /opt/cni/bin
				177	- name: cni-net-dir
				178	hostPath:
				179	path: /etc/cni/net.d
Andy Bavier	cb9b478	2019-05-24 15:30:26 -0700	[diff] [blame]	180	- name: ponnet-config
				181	configMap:
				182	name: ponnet-config
				183	containers:
				184	- name: pause
				185	image: gcr.io/google_containers/pause
				186