Gitiles
Code Review Sign In
gerrit.opencord.org / sdfabric-helm-charts / 318b3b1ca1be00a76418b57c063dfaf5e08a82e0 / . / bess-upf / templates / statefulset-upf.yaml
blob: 3786a896188e6d1d61808c7c58371d7fb0094c92 [file] [log] [blame]
Charles Chane1e5e622022-02-16 15:17:05 -0800[diff] [blame]1{{/*
2# Copyright 2020-present Open Networking Foundation
3
4# SPDX-License-Identifier: Apache-2.0
5*/}}
6
7{{- $upfConfig := index .Values.config.upf.cfgFiles "upf.json" }}
8{{- $accessConfig := index $upfConfig "access" }}
9{{- $coreConfig := index $upfConfig "core" }}
10---
11apiVersion: apps/v1
12kind: StatefulSet
13metadata:
14 name: upf
15 labels:
16{{ tuple "upf" . | include "omec-user-plane.metadata_labels" | indent 4 }}
17spec:
18 replicas: 1
19 serviceName: upf-headless
20 selector:
21 matchLabels:
22{{ tuple "upf" . | include "omec-user-plane.metadata_labels" | indent 6 }}
23 template:
24 metadata:
25 labels:
26{{ tuple "upf" . | include "omec-user-plane.metadata_labels" | indent 8 }}
27 annotations:
28 k8s.v1.cni.cncf.io/networks: '[
29 {
30 "name": "access-net",
31 "interface": {{ index $accessConfig "ifname" | quote }},
32 {{- if hasKey .Values.config.upf.access "mac" }}
33 "mac": {{ .Values.config.upf.access.mac | quote }},
34 {{- end }}
35 "ips": [{{ .Values.config.upf.access.ip | quote }}]
36 },
37 {
38 "name": "core-net",
39 "interface": {{ index $coreConfig "ifname" | quote }},
40 {{- if hasKey .Values.config.upf.core "mac" }}
41 "mac": {{ .Values.config.upf.core.mac | quote }},
42 {{- end }}
43 "ips": [{{ .Values.config.upf.core.ip | quote }}]
44 }
45 ]'
46 spec:
47 shareProcessNamespace: true
48 {{- if .Values.nodeSelectors.enabled }}
49 nodeSelector:
50 {{ .Values.nodeSelectors.upf.label }}: {{ .Values.nodeSelectors.upf.value }}
51 {{- end }}
52 {{- if hasKey .Values.images "pullSecrets" }}
53 imagePullSecrets:
54{{ toYaml .Values.images.pullSecrets | indent 8 }}
55 {{- end }}
56 initContainers:
57 - name: bess-init
58 image: {{ .Values.images.tags.bess | quote }}
59 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
60 command: ["sh", "-xec"]
61 args:
62 - ip route replace {{ .Values.config.upf.enb.subnet }} via {{ .Values.config.upf.access.gateway }};
63 ip route replace default via {{ .Values.config.upf.core.gateway }} metric 110;
Hyunsun Moon318b3b12022-03-24 15:06:10 -0600[diff] [blame^]64 {{- range .Values.config.upf.routes }}
65 ip route replace {{ .to }} via {{ .via }};
66 {{- end }}
Charles Chane1e5e622022-02-16 15:17:05 -0800[diff] [blame]67 iptables -I OUTPUT -p icmp --icmp-type port-unreachable -j DROP;
68 securityContext:
69 capabilities:
70 add:
71 - NET_ADMIN
72 resources:
73 limits:
74 cpu: 128m
75 memory: 64Mi
76 requests:
77 cpu: 128m
78 memory: 64Mi
79 {{- if .Values.config.coreDump.enabled }}
80{{ tuple "upf" . | include "omec-user-plane.coredump_init" | indent 6 }}
81 {{- end }}
82 containers:
83 - name: bessd
84 image: {{ .Values.images.tags.bess | quote }}
85 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
86 securityContext:
87 {{- if .Values.config.upf.privileged }}
88 privileged: true
89 {{- end }}
90 capabilities:
91 add:
92 - IPC_LOCK
93 stdin: true
94 tty: true
95 command: ["/bin/bash", "-xc"]
96 args:
97 {{- if .Values.config.upf.hugepage.enabled }}
98 - bessd -f -grpc-url=0.0.0.0:10514
99 {{- else }}
100 - bessd -m 0 -f -grpc-url=0.0.0.0:10514
101 {{- end }}
102 lifecycle:
103 postStart:
104 exec:
105 command: ["/etc/bess/conf/bessd-poststart.sh"]
106 livenessProbe:
107 tcpSocket:
108 port: 10514
109 initialDelaySeconds: 15
110 periodSeconds: 20
111 resources:
112 requests:
113 {{- if .Values.resources.enabled }}
114{{ toYaml .Values.resources.bess.requests | indent 12 }}
115 {{- end }}
116 {{- if .Values.config.upf.hugepage.enabled }}
117 hugepages-1Gi: 2Gi
118 {{- end }}
119 {{- if .Values.config.upf.sriov.enabled }}
120 {{- if eq .Values.config.upf.access.resourceName .Values.config.upf.core.resourceName }}
121 {{ .Values.config.upf.access.resourceName }}: 2
122 {{- else }}
123 {{ .Values.config.upf.access.resourceName }}: 1
124 {{ .Values.config.upf.core.resourceName }}: 1
125 {{- end }}
126 {{- end }}
127 limits:
128 {{- if .Values.resources.enabled }}
129{{ toYaml .Values.resources.bess.limits | indent 12 }}
130 {{- end }}
131 {{- if .Values.config.upf.hugepage.enabled }}
132 hugepages-1Gi: 2Gi
133 {{- end }}
134 {{- if .Values.config.upf.sriov.enabled }}
135 {{- if eq .Values.config.upf.access.resourceName .Values.config.upf.core.resourceName }}
136 {{ .Values.config.upf.access.resourceName }}: 2
137 {{- else }}
138 {{ .Values.config.upf.access.resourceName }}: 1
139 {{ .Values.config.upf.core.resourceName }}: 1
140 {{- end }}
141 {{- end }}
142 env:
143 - name: CONF_FILE
144 value: /etc/bess/conf/upf.json
145 volumeMounts:
146 - name: shared-app
147 mountPath: /pod-share
148 {{- if .Values.config.upf.hugepage.enabled }}
149 - name: hugepages
150 mountPath: /dev/hugepages
151 {{- end }}
152 - name: configs
153 mountPath: /etc/bess/conf
154 {{- if .Values.config.coreDump.enabled }}
155 - name: coredump
156 mountPath: /tmp/coredump
157 {{- end }}
158 - name: routectl
159 image: {{ .Values.images.tags.bess | quote }}
160 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
161 env:
162 - name: PYTHONUNBUFFERED
163 value: "1"
164 command: ["/opt/bess/bessctl/conf/route_control.py"]
165 args:
166 - -i
167 - {{ index $accessConfig "ifname" }}
168 - {{ index $coreConfig "ifname" }}
169 {{- if .Values.resources.enabled }}
170 resources:
171{{ toYaml .Values.resources.routectl | indent 10 }}
172 {{- end }}
173 - name: web
174 image: {{ .Values.images.tags.bess | quote }}
175 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
176 command: ["/bin/bash", "-xc", "bessctl http 0.0.0.0 8000"]
177 {{- if .Values.resources.enabled }}
178 resources:
179{{ toYaml .Values.resources.web | indent 10 }}
180 {{- end }}
181 - name: pfcp-agent
182 image: {{ .Values.images.tags.pfcpiface | quote }}
183 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
184 command: ["pfcpiface"]
185 args:
186 - -config
187 - /tmp/conf/upf.json
188 {{- if .Values.resources.enabled }}
189 resources:
190{{ toYaml .Values.resources.cpiface | indent 10 }}
191 {{- end }}
192 volumeMounts:
193 - name: shared-app
194 mountPath: /pod-share
195 - name: configs
196 mountPath: /tmp/conf
197 {{- if .Values.config.gratuitousArp.enabled }}
198 - name: arping
199 image: {{ .Values.images.tags.tools | quote }}
200 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
201 command: ["sh", "-xc"]
202 args:
203 - |
204 while true; do
205 # arping does not work - BESS graph is still disconnected
206 #arping -c 2 -I {{ index $accessConfig "ifname" }} {{ .Values.config.upf.access.gateway }}
207 #arping -c 2 -I {{ index $coreConfig "ifname" }} {{ .Values.config.upf.core.gateway }}
208 ping -c 2 {{ .Values.config.upf.access.gateway }}
209 ping -c 2 {{ .Values.config.upf.core.gateway }}
210 sleep {{ .Values.config.gratuitousArp.interval }}
211 done
212 resources:
213 limits:
214 cpu: 128m
215 memory: 64Mi
216 requests:
217 cpu: 128m
218 memory: 64Mi
219 {{- end }}
220 volumes:
221 - name: configs
222 configMap:
223 name: upf
224 defaultMode: 493
225 - name: shared-app
226 emptyDir: {}
227 {{- if .Values.config.upf.hugepage.enabled }}
228 - name: hugepages
229 emptyDir:
230 medium: HugePages
231 {{- end }}
232 {{- if .Values.config.coreDump.enabled }}
233 - name: host-rootfs
234 hostPath:
235 path: /
236 - name: coredump
237 hostPath:
238 path: {{ .Values.config.coreDump.path }}
239 {{- end }}