deploy/ovn4nfv-k8s-plugin.yaml

   1
   2 ---
   3
   4 apiVersion: apiextensions.k8s.io/v1beta1
   5 kind: CustomResourceDefinition
   6 metadata:
   7   name: networks.k8s.plugin.opnfv.org
   8 spec:
   9   group: k8s.plugin.opnfv.org
  10   names:
  11     kind: Network
  12     listKind: NetworkList
  13     plural: networks
  14     singular: network
  15   scope: Namespaced
  16   subresources:
  17     status: {}
  18   validation:
  19     openAPIV3Schema:
  20       properties:
  21         apiVersion:
  22           description: 'APIVersion defines the versioned schema of this representation
  23             of an object. Servers should convert recognized schemas to the latest
  24             internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
  25           type: string
  26         kind:
  27           description: 'Kind is a string value representing the REST resource this
  28             object represents. Servers may infer this from the endpoint the client
  29             submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
  30           type: string
  31         metadata:
  32           type: object
  33         spec:
  34           properties:
  35             cniType:
  36               description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
  37                 Important: Run "operator-sdk generate k8s" to regenerate code after
  38                 modifying this file Add custom validation using kubebuilder tags:
  39                 https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html'
  40               type: string
  41             dns:
  42               properties:
  43                 domain:
  44                   type: string
  45                 nameservers:
  46                   items:
  47                     type: string
  48                   type: array
  49                 options:
  50                   items:
  51                     type: string
  52                   type: array
  53                 search:
  54                   items:
  55                     type: string
  56                   type: array
  57               type: object
  58             ipv4Subnets:
  59               items:
  60                 properties:
  61                   excludeIps:
  62                     type: string
  63                   gateway:
  64                     type: string
  65                   name:
  66                     type: string
  67                   subnet:
  68                     type: string
  69                 required:
  70                 - name
  71                 - subnet
  72                 type: object
  73               type: array
  74             ipv6Subnets:
  75               items:
  76                 properties:
  77                   excludeIps:
  78                     type: string
  79                   gateway:
  80                     type: string
  81                   name:
  82                     type: string
  83                   subnet:
  84                     type: string
  85                 required:
  86                 - name
  87                 - subnet
  88                 type: object
  89               type: array
  90             routes:
  91               items:
  92                 properties:
  93                   dst:
  94                     type: string
  95                   gw:
  96                     type: string
  97                 required:
  98                 - dst
  99                 type: object
 100               type: array
 101           required:
 102           - cniType
 103           - ipv4Subnets
 104           type: object
 105         status:
 106           properties:
 107             state:
 108               description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
 109                 of cluster Important: Run "operator-sdk generate k8s" to regenerate
 110                 code after modifying this file Add custom validation using kubebuilder
 111                 tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html'
 112               type: string
 113           required:
 114           - state
 115           type: object
 116   version: v1alpha1
 117   versions:
 118   - name: v1alpha1
 119     served: true
 120     storage: true
 121
 122
 123 ---
 124 apiVersion: apiextensions.k8s.io/v1beta1
 125 kind: CustomResourceDefinition
 126 metadata:
 127   name: providernetworks.k8s.plugin.opnfv.org
 128 spec:
 129   group: k8s.plugin.opnfv.org
 130   names:
 131     kind: ProviderNetwork
 132     listKind: ProviderNetworkList
 133     plural: providernetworks
 134     singular: providernetwork
 135   scope: Namespaced
 136   subresources:
 137     status: {}
 138   validation:
 139     openAPIV3Schema:
 140       description: ProviderNetwork is the Schema for the providernetworks API
 141       properties:
 142         apiVersion:
 143           description: 'APIVersion defines the versioned schema of this representation
 144             of an object. Servers should convert recognized schemas to the latest
 145             internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
 146           type: string
 147         kind:
 148           description: 'Kind is a string value representing the REST resource this
 149             object represents. Servers may infer this from the endpoint the client
 150             submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
 151           type: string
 152         metadata:
 153           type: object
 154         spec:
 155           description: ProviderNetworkSpec defines the desired state of ProviderNetwork
 156           properties:
 157             cniType:
 158               description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
 159                 Important: Run "operator-sdk generate k8s" to regenerate code after
 160                 modifying this file Add custom validation using kubebuilder tags:
 161                 https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html'
 162               type: string
 163             direct:
 164               properties:
 165                 directNodeSelector:
 166                   type: string
 167                 nodeLabelList:
 168                   items:
 169                     type: string
 170                   type: array
 171                 providerInterfaceName:
 172                   type: string
 173               required:
 174               - directNodeSelector
 175               - providerInterfaceName
 176               type: object
 177             dns:
 178               properties:
 179                 domain:
 180                   type: string
 181                 nameservers:
 182                   items:
 183                     type: string
 184                   type: array
 185                 options:
 186                   items:
 187                     type: string
 188                   type: array
 189                 search:
 190                   items:
 191                     type: string
 192                   type: array
 193               type: object
 194             ipv4Subnets:
 195               items:
 196                 properties:
 197                   excludeIps:
 198                     type: string
 199                   gateway:
 200                     type: string
 201                   name:
 202                     type: string
 203                   subnet:
 204                     type: string
 205                 required:
 206                 - name
 207                 - subnet
 208                 type: object
 209               type: array
 210             ipv6Subnets:
 211               items:
 212                 properties:
 213                   excludeIps:
 214                     type: string
 215                   gateway:
 216                     type: string
 217                   name:
 218                     type: string
 219                   subnet:
 220                     type: string
 221                 required:
 222                 - name
 223                 - subnet
 224                 type: object
 225               type: array
 226             providerNetType:
 227               type: string
 228             routes:
 229               items:
 230                 properties:
 231                   dst:
 232                     type: string
 233                   gw:
 234                     type: string
 235                 required:
 236                 - dst
 237                 type: object
 238               type: array
 239             vlan:
 240               properties:
 241                 logicalInterfaceName:
 242                   type: string
 243                 nodeLabelList:
 244                   items:
 245                     type: string
 246                   type: array
 247                 providerInterfaceName:
 248                   type: string
 249                 vlanId:
 250                   type: string
 251                 vlanNodeSelector:
 252                   type: string
 253               required:
 254               - providerInterfaceName
 255               - vlanId
 256               - vlanNodeSelector
 257               type: object
 258           required:
 259           - cniType
 260           - ipv4Subnets
 261           - providerNetType
 262           type: object
 263         status:
 264           description: ProviderNetworkStatus defines the observed state of ProviderNetwork
 265           properties:
 266             state:
 267               description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
 268                 of cluster Important: Run "operator-sdk generate k8s" to regenerate
 269                 code after modifying this file Add custom validation using kubebuilder
 270                 tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html'
 271               type: string
 272           required:
 273           - state
 274           type: object
 275       type: object
 276   version: v1alpha1
 277   versions:
 278   - name: v1alpha1
 279     served: true
 280     storage: true
 281 ---
 282
 283 apiVersion: v1
 284 kind: ServiceAccount
 285 metadata:
 286   name: k8s-nfn-sa
 287   namespace: kube-system
 288
 289 ---
 290 apiVersion: rbac.authorization.k8s.io/v1
 291 kind: ClusterRole
 292 metadata:
 293   creationTimestamp: null
 294   name: k8s-nfn-cr
 295 rules:
 296 - apiGroups:
 297   - ""
 298   resources:
 299   - pods
 300   - pods/status
 301   - services
 302   - endpoints
 303   - persistentvolumeclaims
 304   - events
 305   - configmaps
 306   - secrets
 307   - nodes
 308   verbs:
 309   - '*'
 310 - apiGroups:
 311   - apps
 312   resources:
 313   - deployments
 314   - daemonsets
 315   - replicasets
 316   - statefulsets
 317   verbs:
 318   - '*'
 319 - apiGroups:
 320   - monitoring.coreos.com
 321   resources:
 322   - servicemonitors
 323   verbs:
 324   - get
 325   - create
 326 - apiGroups:
 327   - apps
 328   resourceNames:
 329   - nfn-operator
 330   resources:
 331   - deployments/finalizers
 332   verbs:
 333   - update
 334 - apiGroups:
 335   - k8s.plugin.opnfv.org
 336   resources:
 337   - '*'
 338   - providernetworks
 339   verbs:
 340   - '*'
 341
 342 ---
 343
 344 kind: ClusterRoleBinding
 345 apiVersion: rbac.authorization.k8s.io/v1
 346 metadata:
 347   name: k8s-nfn-crb
 348 subjects:
 349 - kind: Group
 350   name: system:serviceaccounts
 351   apiGroup: rbac.authorization.k8s.io
 352 roleRef:
 353   kind: ClusterRole
 354   name: k8s-nfn-cr
 355   apiGroup: rbac.authorization.k8s.io
 356
 357
 358 ---
 359
 360 apiVersion: v1
 361 kind: Service
 362 metadata:
 363   name: nfn-operator
 364   namespace: kube-system
 365 spec:
 366   type: NodePort
 367   ports:
 368   - port: 50000
 369     protocol: TCP
 370     targetPort: 50000
 371   selector:
 372     name: nfn-operator
 373
 374
 375 ---
 376
 377 apiVersion: v1
 378 kind: ConfigMap
 379 metadata:
 380   name: ovn-controller-network
 381   namespace: kube-system
 382 data:
 383   OVN_SUBNET: "10.244.64.0/18"
 384   OVN_GATEWAYIP: "10.244.64.20/18"
 385   OVN_EXCLUDEIPS: "10.244.64.0..10.244.64.16"
 386
 387
 388 ---
 389
 390 apiVersion: apps/v1
 391 kind: Deployment
 392 metadata:
 393   name: nfn-operator
 394   namespace: kube-system
 395 spec:
 396   replicas: 1
 397   selector:
 398     matchLabels:
 399       name: nfn-operator
 400   template:
 401     metadata:
 402       labels:
 403         name: nfn-operator
 404     spec:
 405       hostNetwork: true
 406       affinity:
 407         nodeAffinity:
 408           requiredDuringSchedulingIgnoredDuringExecution:
 409             nodeSelectorTerms:
 410             - matchExpressions:
 411               - key: ovn4nfv-k8s-plugin
 412                 operator: In
 413                 values:
 414                 - ovn-control-plane
 415       tolerations:
 416        - key: "node-role.kubernetes.io/master"
 417          effect: "NoSchedule"
 418          operator: "Exists"
 419       serviceAccountName: k8s-nfn-sa
 420       containers:
 421         - name: nfn-operator
 422           image: integratedcloudnative/ovn4nfv-k8s-plugin:master
 423           command: ["/usr/local/bin/entrypoint", "operator"]
 424           imagePullPolicy: IfNotPresent
 425           envFrom:
 426           - configMapRef:
 427               name: ovn-controller-network
 428           ports:
 429           - containerPort: 50000
 430             protocol: TCP
 431           env:
 432             - name: POD_NAME
 433               valueFrom:
 434                 fieldRef:
 435                   fieldPath: metadata.name
 436             - name: OPERATOR_NAME
 437               value: "nfn-operator"
 438
 439 ---
 440 kind: ConfigMap
 441 apiVersion: v1
 442 metadata:
 443   name: ovn4nfv-cni-config
 444   namespace: kube-system
 445   labels:
 446     app: ovn4nfv
 447 data:
 448   ovn4nfv_k8s.conf: |
 449           [logging]
 450           loglevel=5
 451           logfile=/var/log/openvswitch/ovn4k8s.log
 452
 453           [cni]
 454           conf-dir=/etc/cni/net.d
 455           plugin=ovn4nfvk8s-cni
 456
 457           [kubernetes]
 458           kubeconfig=/etc/cni/net.d/ovn4nfv-k8s.d/ovn4nfv-k8s.kubeconfig
 459   00-network.conf: |
 460           {
 461             "name": "ovn4nfv-k8s-plugin",
 462             "type": "ovn4nfvk8s-cni",
 463             "cniVersion": "0.3.1"
 464           }
 465
 466 ---
 467 apiVersion: extensions/v1beta1
 468 kind: DaemonSet
 469 metadata:
 470   name: ovn4nfv-cni
 471   namespace: kube-system
 472   labels:
 473     app: ovn4nfv
 474 spec:
 475   updateStrategy:
 476     type: RollingUpdate
 477   template:
 478     metadata:
 479       labels:
 480         app: ovn4nfv
 481     spec:
 482       hostNetwork: true
 483       nodeSelector:
 484         beta.kubernetes.io/arch: amd64
 485       tolerations:
 486       - operator: Exists
 487         effect: NoSchedule
 488       serviceAccountName: k8s-nfn-sa
 489       containers:
 490       - name: ovn4nfv
 491         image: integratedcloudnative/ovn4nfv-k8s-plugin:master
 492         command: ["/usr/local/bin/entrypoint", "cni"]
 493         imagePullPolicy: IfNotPresent
 494         resources:
 495           requests:
 496             cpu: "100m"
 497             memory: "50Mi"
 498           limits:
 499             cpu: "100m"
 500             memory: "50Mi"
 501         securityContext:
 502           privileged: true
 503         volumeMounts:
 504         - name: cni
 505           mountPath: /host/etc/cni/net.d
 506         - name: cnibin
 507           mountPath: /host/opt/cni/bin
 508         - name: cniconf
 509           mountPath: /host/etc/openvswitch
 510         - name: ovn4nfv-cfg
 511           mountPath: /tmp/ovn4nfv-conf
 512         - name: ovn4nfv-cni-net-conf
 513           mountPath: /tmp/ovn4nfv-cni
 514       volumes:
 515         - name: cni
 516           hostPath:
 517             path: /etc/cni/net.d
 518         - name: cnibin
 519           hostPath:
 520             path: /opt/cni/bin
 521         - name: cniconf
 522           hostPath:
 523             path: /etc/openvswitch
 524         - name: ovn4nfv-cfg
 525           configMap:
 526             name: ovn4nfv-cni-config
 527             items:
 528             - key: ovn4nfv_k8s.conf
 529               path: ovn4nfv_k8s.conf
 530         - name: ovn4nfv-cni-net-conf
 531           configMap:
 532             name: ovn4nfv-cni-config
 533             items:
 534             - key: 00-network.conf
 535               path: 00-network.conf
 536 ---
 537 apiVersion: extensions/v1beta1
 538 kind: DaemonSet
 539 metadata:
 540   name: nfn-agent
 541   namespace: kube-system
 542   labels:
 543     app: nfn-agent
 544 spec:
 545   updateStrategy:
 546     type: RollingUpdate
 547   template:
 548     metadata:
 549       labels:
 550         app: nfn-agent
 551     spec:
 552       hostNetwork: true
 553       hostPID: true
 554       nodeSelector:
 555         beta.kubernetes.io/arch: amd64
 556       tolerations:
 557       - operator: Exists
 558         effect: NoSchedule
 559       serviceAccountName: k8s-nfn-sa
 560       containers:
 561       - name: nfn-agent
 562         image: integratedcloudnative/ovn4nfv-k8s-plugin:master
 563         command: ["/usr/local/bin/entrypoint", "agent"]
 564         resources:
 565           requests:
 566             cpu: "100m"
 567             memory: "50Mi"
 568           limits:
 569             cpu: "100m"
 570             memory: "50Mi"
 571         env:
 572           - name: NFN_NODE_NAME
 573             valueFrom:
 574               fieldRef:
 575                 fieldPath: spec.nodeName
 576         securityContext:
 577           runAsUser: 0
 578           capabilities:
 579             add: ["NET_ADMIN", "SYS_ADMIN", "SYS_PTRACE"]
 580           privileged: true
 581         volumeMounts:
 582         - mountPath: /var/run/dbus/
 583           name: host-var-run-dbus
 584           readOnly: true
 585         - mountPath: /run/openvswitch
 586           name: host-run-ovs
 587         - mountPath: /var/run/openvswitch
 588           name: host-var-run-ovs
 589         - mountPath: /var/run/ovn4nfv-k8s-plugin
 590           name: host-var-cniserver-socket-dir
 591       volumes:
 592       - name: host-run-ovs
 593         hostPath:
 594           path: /run/openvswitch
 595       - name: host-var-run-ovs
 596         hostPath:
 597           path: /var/run/openvswitch
 598       - name: host-var-run-dbus
 599         hostPath:
 600           path: /var/run/dbus
 601       - name: host-var-cniserver-socket-dir
 602         hostPath:
 603           path: /var/run/ovn4nfv-k8s-plugin