Gitiles
Code Review Sign In
gerrit.opencord.org / sdfabric-helm-charts / refs/heads/master / . / bess-upf / templates / statefulset-upf.yaml
blob: ace168545f33a8ff6712be23da14dd0d2fefb249 [file] [log] [blame]
Charles Chane1e5e622022-02-16 15:17:05 -0800[diff] [blame]1{{/*
2# Copyright 2020-present Open Networking Foundation
3
4# SPDX-License-Identifier: Apache-2.0
5*/}}
6
7{{- $upfConfig := index .Values.config.upf.cfgFiles "upf.json" }}
8{{- $accessConfig := index $upfConfig "access" }}
9{{- $coreConfig := index $upfConfig "core" }}
10---
11apiVersion: apps/v1
12kind: StatefulSet
13metadata:
14 name: upf
15 labels:
16{{ tuple "upf" . | include "omec-user-plane.metadata_labels" | indent 4 }}
17spec:
18 replicas: 1
19 serviceName: upf-headless
20 selector:
21 matchLabels:
22{{ tuple "upf" . | include "omec-user-plane.metadata_labels" | indent 6 }}
23 template:
24 metadata:
25 labels:
26{{ tuple "upf" . | include "omec-user-plane.metadata_labels" | indent 8 }}
27 annotations:
28 k8s.v1.cni.cncf.io/networks: '[
29 {
30 "name": "access-net",
31 "interface": {{ index $accessConfig "ifname" | quote }},
32 {{- if hasKey .Values.config.upf.access "mac" }}
33 "mac": {{ .Values.config.upf.access.mac | quote }},
34 {{- end }}
35 "ips": [{{ .Values.config.upf.access.ip | quote }}]
36 },
37 {
38 "name": "core-net",
39 "interface": {{ index $coreConfig "ifname" | quote }},
40 {{- if hasKey .Values.config.upf.core "mac" }}
41 "mac": {{ .Values.config.upf.core.mac | quote }},
42 {{- end }}
43 "ips": [{{ .Values.config.upf.core.ip | quote }}]
44 }
45 ]'
46 spec:
47 shareProcessNamespace: true
48 {{- if .Values.nodeSelectors.enabled }}
49 nodeSelector:
50 {{ .Values.nodeSelectors.upf.label }}: {{ .Values.nodeSelectors.upf.value }}
51 {{- end }}
52 {{- if hasKey .Values.images "pullSecrets" }}
53 imagePullSecrets:
54{{ toYaml .Values.images.pullSecrets | indent 8 }}
55 {{- end }}
56 initContainers:
57 - name: bess-init
58 image: {{ .Values.images.tags.bess | quote }}
59 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
60 command: ["sh", "-xec"]
61 args:
62 - ip route replace {{ .Values.config.upf.enb.subnet }} via {{ .Values.config.upf.access.gateway }};
63 ip route replace default via {{ .Values.config.upf.core.gateway }} metric 110;
Hyunsun Moon318b3b12022-03-24 15:06:10 -0600[diff] [blame]64 {{- range .Values.config.upf.routes }}
65 ip route replace {{ .to }} via {{ .via }};
66 {{- end }}
Charles Chane1e5e622022-02-16 15:17:05 -0800[diff] [blame]67 iptables -I OUTPUT -p icmp --icmp-type port-unreachable -j DROP;
68 securityContext:
69 capabilities:
70 add:
71 - NET_ADMIN
72 resources:
73 limits:
74 cpu: 128m
75 memory: 64Mi
76 requests:
77 cpu: 128m
78 memory: 64Mi
79 {{- if .Values.config.coreDump.enabled }}
80{{ tuple "upf" . | include "omec-user-plane.coredump_init" | indent 6 }}
81 {{- end }}
82 containers:
83 - name: bessd
84 image: {{ .Values.images.tags.bess | quote }}
85 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
86 securityContext:
87 {{- if .Values.config.upf.privileged }}
88 privileged: true
89 {{- end }}
90 capabilities:
91 add:
92 - IPC_LOCK
Hyunsun Moon0f0c8ac2022-11-04 18:47:44 -0700[diff] [blame]93 - CAP_SYS_NICE
Charles Chane1e5e622022-02-16 15:17:05 -0800[diff] [blame]94 stdin: true
95 tty: true
96 command: ["/bin/bash", "-xc"]
97 args:
98 {{- if .Values.config.upf.hugepage.enabled }}
99 - bessd -f -grpc-url=0.0.0.0:10514
100 {{- else }}
101 - bessd -m 0 -f -grpc-url=0.0.0.0:10514
102 {{- end }}
103 lifecycle:
104 postStart:
105 exec:
106 command: ["/etc/bess/conf/bessd-poststart.sh"]
107 livenessProbe:
108 tcpSocket:
109 port: 10514
110 initialDelaySeconds: 15
111 periodSeconds: 20
112 resources:
113 requests:
114 {{- if .Values.resources.enabled }}
115{{ toYaml .Values.resources.bess.requests | indent 12 }}
116 {{- end }}
117 {{- if .Values.config.upf.hugepage.enabled }}
118 hugepages-1Gi: 2Gi
119 {{- end }}
120 {{- if .Values.config.upf.sriov.enabled }}
121 {{- if eq .Values.config.upf.access.resourceName .Values.config.upf.core.resourceName }}
122 {{ .Values.config.upf.access.resourceName }}: 2
123 {{- else }}
124 {{ .Values.config.upf.access.resourceName }}: 1
125 {{ .Values.config.upf.core.resourceName }}: 1
126 {{- end }}
127 {{- end }}
128 limits:
129 {{- if .Values.resources.enabled }}
130{{ toYaml .Values.resources.bess.limits | indent 12 }}
131 {{- end }}
132 {{- if .Values.config.upf.hugepage.enabled }}
133 hugepages-1Gi: 2Gi
134 {{- end }}
135 {{- if .Values.config.upf.sriov.enabled }}
136 {{- if eq .Values.config.upf.access.resourceName .Values.config.upf.core.resourceName }}
137 {{ .Values.config.upf.access.resourceName }}: 2
138 {{- else }}
139 {{ .Values.config.upf.access.resourceName }}: 1
140 {{ .Values.config.upf.core.resourceName }}: 1
141 {{- end }}
142 {{- end }}
143 env:
144 - name: CONF_FILE
145 value: /etc/bess/conf/upf.json
146 volumeMounts:
147 - name: shared-app
148 mountPath: /pod-share
149 {{- if .Values.config.upf.hugepage.enabled }}
150 - name: hugepages
151 mountPath: /dev/hugepages
152 {{- end }}
153 - name: configs
154 mountPath: /etc/bess/conf
155 {{- if .Values.config.coreDump.enabled }}
156 - name: coredump
157 mountPath: /tmp/coredump
158 {{- end }}
159 - name: routectl
160 image: {{ .Values.images.tags.bess | quote }}
161 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
162 env:
163 - name: PYTHONUNBUFFERED
164 value: "1"
165 command: ["/opt/bess/bessctl/conf/route_control.py"]
166 args:
167 - -i
168 - {{ index $accessConfig "ifname" }}
169 - {{ index $coreConfig "ifname" }}
170 {{- if .Values.resources.enabled }}
171 resources:
172{{ toYaml .Values.resources.routectl | indent 10 }}
173 {{- end }}
174 - name: web
175 image: {{ .Values.images.tags.bess | quote }}
176 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
177 command: ["/bin/bash", "-xc", "bessctl http 0.0.0.0 8000"]
178 {{- if .Values.resources.enabled }}
179 resources:
180{{ toYaml .Values.resources.web | indent 10 }}
181 {{- end }}
182 - name: pfcp-agent
183 image: {{ .Values.images.tags.pfcpiface | quote }}
184 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
185 command: ["pfcpiface"]
186 args:
187 - -config
188 - /tmp/conf/upf.json
189 {{- if .Values.resources.enabled }}
190 resources:
191{{ toYaml .Values.resources.cpiface | indent 10 }}
192 {{- end }}
193 volumeMounts:
194 - name: shared-app
195 mountPath: /pod-share
196 - name: configs
197 mountPath: /tmp/conf
198 {{- if .Values.config.gratuitousArp.enabled }}
199 - name: arping
200 image: {{ .Values.images.tags.tools | quote }}
201 imagePullPolicy: {{ .Values.images.pullPolicy | quote }}
202 command: ["sh", "-xc"]
203 args:
204 - |
205 while true; do
206 # arping does not work - BESS graph is still disconnected
207 #arping -c 2 -I {{ index $accessConfig "ifname" }} {{ .Values.config.upf.access.gateway }}
208 #arping -c 2 -I {{ index $coreConfig "ifname" }} {{ .Values.config.upf.core.gateway }}
209 ping -c 2 {{ .Values.config.upf.access.gateway }}
210 ping -c 2 {{ .Values.config.upf.core.gateway }}
211 sleep {{ .Values.config.gratuitousArp.interval }}
212 done
213 resources:
214 limits:
215 cpu: 128m
216 memory: 64Mi
217 requests:
218 cpu: 128m
219 memory: 64Mi
220 {{- end }}
221 volumes:
222 - name: configs
223 configMap:
224 name: upf
225 defaultMode: 493
226 - name: shared-app
227 emptyDir: {}
228 {{- if .Values.config.upf.hugepage.enabled }}
229 - name: hugepages
230 emptyDir:
231 medium: HugePages
232 {{- end }}
233 {{- if .Values.config.coreDump.enabled }}
234 - name: host-rootfs
235 hostPath:
236 path: /
237 - name: coredump
238 hostPath:
239 path: {{ .Values.config.coreDump.path }}
240 {{- end }}