aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com>2020-09-22 23:58:24 -0700
committerKuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com>2020-09-23 00:06:17 -0700
commite6a24cfca33c68b7000ff6198f51561cbfc69920 (patch)
tree17e14e8c01b30b7e5cd9ecd81a6ae4d1bba407ed
parentbf12f2d0486990d9d9bce6f5649c7e0d941b1599 (diff)
adding fixes to deploy yaml
Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com> Change-Id: I37d0c1066f33b0a35bbf47545cc001737ee68b2f
Diffstat
-rw-r--r--README.md6
-rw-r--r--demo/sfc-setup/README.md4
-rw-r--r--deploy/ovn-daemonset-centos.yaml239
-rw-r--r--deploy/ovn-daemonset.yaml8
-rw-r--r--deploy/ovn4nfv-k8s-plugin-centos.yaml714
-rw-r--r--deploy/ovn4nfv-k8s-plugin.yaml145
6 files changed, 1090 insertions, 26 deletions
diff --git a/README.md b/README.md
index 148c884..8fd91c6 100644
--- a/README.md
+++ b/README.md
@@ -38,7 +38,7 @@ OVN control plane and OVN controller take care of OVN configuration and installa
### Networks traffice between pods
![ovn4nfv network traffic](./images/ovn4nfv-network-traffic.png)
-ovn4nfv-default-nw is the default logic switch create for the default networking in kubernetes pod network for cidr 10.244.64.0/18. Both node and pod in the kubernetes cluster share the same ipam information.
+ovn4nfv-default-nw is the default logic switch create for the default networking in kubernetes pod network for cidr 10.233.64.0/18. Both node and pod in the kubernetes cluster share the same ipam information.
### Service Function Chaining Demo
![sfc-with-sdewan](./images/sfc-with-sdewan.png)
@@ -57,9 +57,9 @@ OVN4NFV SFC currently support all 3 follows. The detailed demo is include [demo/
Install the [docker](https://docs.docker.com/engine/install/ubuntu/) in the Kubernetes cluster node.
Follow the steps in [create cluster kubeadm](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/) to create kubernetes cluster in master
-In the master node run the `kubeadm init` as below. The ovn4nfv uses pod network cidr `10.244.64.0/18`
+In the master node run the `kubeadm init` as below. The ovn4nfv uses pod network cidr `10.233.64.0/18`
```
- $ kubeadm init --kubernetes-version=1.19.0 --pod-network-cidr=10.244.64.0/18 --apiserver-advertise-address=<master_eth0_ip_address>
+ $ kubeadm init --kubernetes-version=1.19.0 --pod-network-cidr=10.233.64.0/18 --apiserver-advertise-address=<master_eth0_ip_address>
```
Deploy the ovn4nfv Pod network to the cluster.
```
diff --git a/demo/sfc-setup/README.md b/demo/sfc-setup/README.md
index 6f58b82..9f8c355 100644
--- a/demo/sfc-setup/README.md
+++ b/demo/sfc-setup/README.md
@@ -32,9 +32,9 @@ is available on the Vagrant site.
Install the [docker](https://docs.docker.com/engine/install/ubuntu/) in the master, minion01 and minion02 vm.
Follow the steps in [create cluster kubeadm](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/) to create kubernetes cluster in master
-In the master vm run the `kubeadm init` as below. The ovn4nfv uses same pod network cidr `10.244.64.0/18`
+In the master vm run the `kubeadm init` as below. The ovn4nfv uses same pod network cidr `10.233.64.0/18`
```
- $ kubeadm init --kubernetes-version=1.19.0 --pod-network-cidr=10.244.64.0/18 --apiserver-advertise-address=<master_eth0_ip_address>
+ $ kubeadm init --kubernetes-version=1.19.0 --pod-network-cidr=10.233.64.0/18 --apiserver-advertise-address=<master_eth0_ip_address>
```
Deploy the ovn4nfv Pod network to the cluster.
```
diff --git a/deploy/ovn-daemonset-centos.yaml b/deploy/ovn-daemonset-centos.yaml
new file mode 100644
index 0000000..93a3e31
--- /dev/null
+++ b/deploy/ovn-daemonset-centos.yaml
@@ -0,0 +1,239 @@
+---
+kind: Service
+apiVersion: v1
+metadata:
+ name: ovn-nb-tcp
+ namespace: kube-system
+spec:
+ ports:
+ - name: ovn-nb-tcp
+ protocol: TCP
+ port: 6641
+ targetPort: 6641
+ type: ClusterIP
+ selector:
+ app: ovn-control-plane
+ sessionAffinity: None
+
+---
+kind: Service
+apiVersion: v1
+metadata:
+ name: ovn-sb-tcp
+ namespace: kube-system
+spec:
+ ports:
+ - name: ovn-sb-tcp
+ protocol: TCP
+ port: 6642
+ targetPort: 6642
+ type: ClusterIP
+ selector:
+ app: ovn-control-plane
+ sessionAffinity: None
+
+---
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+ name: ovn-control-plane
+ namespace: kube-system
+ annotations:
+ kubernetes.io/description: |
+ OVN control plane deployment using tcp: ovn-northd-tcp, ovn-nb-tcp and ovn-sb-tcp.
+spec:
+ replicas: 1
+ strategy:
+ rollingUpdate:
+ maxSurge: 0%
+ maxUnavailable: 100%
+ type: RollingUpdate
+ selector:
+ matchLabels:
+ app: ovn-control-plane
+ template:
+ metadata:
+ labels:
+ app: ovn-control-plane
+ spec:
+ tolerations:
+ - operator: Exists
+ effect: NoSchedule
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchLabels:
+ app: ovn-control-plane
+ topologyKey: kubernetes.io/hostname
+ priorityClassName: system-cluster-critical
+ hostNetwork: true
+ containers:
+ - name: ovn-control-plane
+ image: docker.io/integratedcloudnative/ovn-images:centos-v2.0.0
+ imagePullPolicy: IfNotPresent
+ command: ["ovn4nfv-k8s", "start_ovn_control_plane"]
+ securityContext:
+ capabilities:
+ add: ["SYS_NICE"]
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ resources:
+ requests:
+ cpu: 500m
+ memory: 300Mi
+ volumeMounts:
+ - mountPath: /var/run/openvswitch
+ name: host-run-ovs
+ - mountPath: /var/run/ovn
+ name: host-run-ovn
+ - mountPath: /sys
+ name: host-sys
+ readOnly: true
+ - mountPath: /etc/openvswitch
+ name: host-config-openvswitch
+ - mountPath: /var/log/openvswitch
+ name: host-log-ovs
+ - mountPath: /var/log/ovn
+ name: host-log-ovn
+ readinessProbe:
+ exec:
+ command: ["ovn4nfv-k8s", "check_ovn_control_plane"]
+ periodSeconds: 3
+ livenessProbe:
+ exec:
+ command: ["ovn4nfv-k8s", "check_ovn_control_plane"]
+ initialDelaySeconds: 30
+ periodSeconds: 7
+ failureThreshold: 5
+ nodeSelector:
+ beta.kubernetes.io/os: "linux"
+ ovn4nfv-k8s-plugin: ovn-control-plane
+ volumes:
+ - name: host-run-ovs
+ hostPath:
+ path: /run/openvswitch
+ - name: host-run-ovn
+ hostPath:
+ path: /run/ovn
+ - name: host-sys
+ hostPath:
+ path: /sys
+ - name: host-config-openvswitch
+ hostPath:
+ path: /etc/origin/openvswitch
+ - name: host-log-ovs
+ hostPath:
+ path: /var/log/openvswitch
+ - name: host-log-ovn
+ hostPath:
+ path: /var/log/ovn
+
+---
+kind: DaemonSet
+apiVersion: apps/v1
+metadata:
+ name: ovn-controller
+ namespace: kube-system
+ annotations:
+ kubernetes.io/description: |
+ OVN controller: Start ovsdb-server & ovs-vswitchd components, and ovn controller
+spec:
+ selector:
+ matchLabels:
+ app: ovn-controller
+ updateStrategy:
+ type: OnDelete
+ template:
+ metadata:
+ labels:
+ app: ovn-controller
+ spec:
+ tolerations:
+ - operator: Exists
+ effect: NoSchedule
+ priorityClassName: system-cluster-critical
+ hostNetwork: true
+ hostPID: true
+ containers:
+ - name: ovn-controller
+ image: docker.io/integratedcloudnative/ovn-images:centos-v2.0.0
+ imagePullPolicy: IfNotPresent
+ command: ["ovn4nfv-k8s", "start_ovn_controller"]
+ securityContext:
+ runAsUser: 0
+ privileged: true
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ volumeMounts:
+ - mountPath: /lib/modules
+ name: host-modules
+ readOnly: true
+ - mountPath: /var/run/openvswitch
+ name: host-run-ovs
+ - mountPath: /var/run/ovn
+ name: host-run-ovn
+ - mountPath: /sys
+ name: host-sys
+ readOnly: true
+ - mountPath: /etc/openvswitch
+ name: host-config-openvswitch
+ - mountPath: /var/log/openvswitch
+ name: host-log-ovs
+ - mountPath: /var/log/ovn
+ name: host-log-ovn
+ readinessProbe:
+ exec:
+ command: ["ovn4nfv-k8s", "check_ovn_controller"]
+ periodSeconds: 5
+ livenessProbe:
+ exec:
+ command: ["ovn4nfv-k8s", "check_ovn_controller"]
+ initialDelaySeconds: 10
+ periodSeconds: 5
+ failureThreshold: 5
+ resources:
+ requests:
+ cpu: 200m
+ memory: 300Mi
+ limits:
+ cpu: 1000m
+ memory: 800Mi
+ nodeSelector:
+ beta.kubernetes.io/os: "linux"
+ volumes:
+ - name: host-modules
+ hostPath:
+ path: /lib/modules
+ - name: host-run-ovs
+ hostPath:
+ path: /run/openvswitch
+ - name: host-run-ovn
+ hostPath:
+ path: /run/ovn
+ - name: host-sys
+ hostPath:
+ path: /sys
+ - name: host-config-openvswitch
+ hostPath:
+ path: /etc/origin/openvswitch
+ - name: host-log-ovs
+ hostPath:
+ path: /var/log/openvswitch
+ - name: host-log-ovn
+ hostPath:
+ path: /var/log/ovn
diff --git a/deploy/ovn-daemonset.yaml b/deploy/ovn-daemonset.yaml
index bb64d84..bd8b123 100644
--- a/deploy/ovn-daemonset.yaml
+++ b/deploy/ovn-daemonset.yaml
@@ -70,8 +70,8 @@ spec:
hostNetwork: true
containers:
- name: ovn-control-plane
- image: integratedcloudnative/ovn-images:master
- imagePullPolicy: "IfNotPresent"
+ image: docker.io/integratedcloudnative/ovn-images:v2.0.0
+ imagePullPolicy: IfNotPresent
command: ["ovn4nfv-k8s", "start_ovn_control_plane"]
securityContext:
capabilities:
@@ -158,7 +158,7 @@ spec:
template:
metadata:
labels:
- app: ovn-controller
+ app: ovn-controller
spec:
tolerations:
- operator: Exists
@@ -168,7 +168,7 @@ spec:
hostPID: true
containers:
- name: ovn-controller
- image: integratedcloudnative/ovn-images:master
+ image: docker.io/integratedcloudnative/ovn-images:v2.0.0
imagePullPolicy: IfNotPresent
command: ["ovn4nfv-k8s", "start_ovn_controller"]
securityContext:
diff --git a/deploy/ovn4nfv-k8s-plugin-centos.yaml b/deploy/ovn4nfv-k8s-plugin-centos.yaml
new file mode 100644
index 0000000..43d2da9
--- /dev/null
+++ b/deploy/ovn4nfv-k8s-plugin-centos.yaml
@@ -0,0 +1,714 @@
+---
+
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ name: networkchainings.k8s.plugin.opnfv.org
+spec:
+ group: k8s.plugin.opnfv.org
+ names:
+ kind: NetworkChaining
+ listKind: NetworkChainingList
+ plural: networkchainings
+ singular: networkchaining
+ scope: Namespaced
+ subresources:
+ status: {}
+ validation:
+ openAPIV3Schema:
+ description: NetworkChaining is the Schema for the networkchainings API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: NetworkChainingSpec defines the desired state of NetworkChaining
+ properties:
+ chainType:
+ type: string
+ routingSpec:
+ properties:
+ leftNetwork:
+ items:
+ properties:
+ gatewayIp:
+ type: string
+ networkName:
+ type: string
+ required:
+ - gatewayIp
+ - networkName
+ type: object
+ type: array
+ namespace:
+ type: string
+ networkChain:
+ type: string
+ rightNetwork:
+ items:
+ properties:
+ gatewayIp:
+ type: string
+ networkName:
+ type: string
+ required:
+ - gatewayIp
+ - networkName
+ type: object
+ type: array
+ required:
+ - leftNetwork
+ - namespace
+ - networkChain
+ - rightNetwork
+ type: object
+ required:
+ - chainType
+ - routingSpec
+ type: object
+ status:
+ description: NetworkChainingStatus defines the observed state of NetworkChaining
+ properties:
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
+ version: v1alpha1
+ versions:
+ - name: v1alpha1
+ served: true
+ storage: true
+
+---
+
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ name: networks.k8s.plugin.opnfv.org
+spec:
+ group: k8s.plugin.opnfv.org
+ names:
+ kind: Network
+ listKind: NetworkList
+ plural: networks
+ singular: network
+ scope: Namespaced
+ subresources:
+ status: {}
+ validation:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ cniType:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+ Important: Run "operator-sdk generate k8s" to regenerate code after
+ modifying this file Add custom validation using kubebuilder tags:
+ https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html'
+ type: string
+ dns:
+ properties:
+ domain:
+ type: string
+ nameservers:
+ items:
+ type: string
+ type: array
+ options:
+ items:
+ type: string
+ type: array
+ search:
+ items:
+ type: string
+ type: array
+ type: object
+ ipv4Subnets:
+ items:
+ properties:
+ excludeIps:
+ type: string
+ gateway:
+ type: string
+ name:
+ type: string
+ subnet:
+ type: string
+ required:
+ - name
+ - subnet
+ type: object
+ type: array
+ ipv6Subnets:
+ items:
+ properties:
+ excludeIps:
+ type: string
+ gateway:
+ type: string
+ name:
+ type: string
+ subnet:
+ type: string
+ required:
+ - name
+ - subnet
+ type: object
+ type: array
+ routes:
+ items:
+ properties:
+ dst:
+ type: string
+ gw:
+ type: string
+ required:
+ - dst
+ type: object
+ type: array
+ required:
+ - cniType
+ - ipv4Subnets
+ type: object
+ status:
+ properties:
+ state:
+ description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
+ of cluster Important: Run "operator-sdk generate k8s" to regenerate
+ code after modifying this file Add custom validation using kubebuilder
+ tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html'
+ type: string
+ required:
+ - state
+ type: object
+ version: v1alpha1
+ versions:
+ - name: v1alpha1
+ served: true
+ storage: true
+
+
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ name: providernetworks.k8s.plugin.opnfv.org
+spec:
+ group: k8s.plugin.opnfv.org
+ names:
+ kind: ProviderNetwork
+ listKind: ProviderNetworkList
+ plural: providernetworks
+ singular: providernetwork
+ scope: Namespaced
+ subresources:
+ status: {}
+ validation:
+ openAPIV3Schema:
+ description: ProviderNetwork is the Schema for the providernetworks API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ProviderNetworkSpec defines the desired state of ProviderNetwork
+ properties:
+ cniType:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+ Important: Run "operator-sdk generate k8s" to regenerate code after
+ modifying this file Add custom validation using kubebuilder tags:
+ https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html'
+ type: string
+ direct:
+ properties:
+ directNodeSelector:
+ type: string
+ nodeLabelList:
+ items:
+ type: string
+ type: array
+ providerInterfaceName:
+ type: string
+ required:
+ - directNodeSelector
+ - providerInterfaceName
+ type: object
+ dns:
+ properties:
+ domain:
+ type: string
+ nameservers:
+ items:
+ type: string
+ type: array
+ options:
+ items:
+ type: string
+ type: array
+ search:
+ items:
+ type: string
+ type: array
+ type: object
+ ipv4Subnets:
+ items:
+ properties:
+ excludeIps:
+ type: string
+ gateway:
+ type: string
+ name:
+ type: string
+ subnet:
+ type: string
+ required:
+ - name
+ - subnet
+ type: object
+ type: array
+ ipv6Subnets:
+ items:
+ properties:
+ excludeIps:
+ type: string
+ gateway:
+ type: string
+ name:
+ type: string
+ subnet:
+ type: string
+ required:
+ - name
+ - subnet
+ type: object
+ type: array
+ providerNetType:
+ type: string
+ routes:
+ items:
+ properties:
+ dst:
+ type: string
+ gw:
+ type: string
+ required:
+ - dst
+ type: object
+ type: array
+ vlan:
+ properties:
+ logicalInterfaceName:
+ type: string
+ nodeLabelList:
+ items:
+ type: string
+ type: array
+ providerInterfaceName:
+ type: string
+ vlanId:
+ type: string
+ vlanNodeSelector:
+ type: string
+ required:
+ - providerInterfaceName
+ - vlanId
+ - vlanNodeSelector
+ type: object
+ required:
+ - cniType
+ - ipv4Subnets
+ - providerNetType
+ type: object
+ status:
+ description: ProviderNetworkStatus defines the observed state of ProviderNetwork
+ properties:
+ state:
+ description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
+ of cluster Important: Run "operator-sdk generate k8s" to regenerate
+ code after modifying this file Add custom validation using kubebuilder
+ tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html'
+ type: string
+ required:
+ - state
+ type: object
+ type: object
+ version: v1alpha1
+ versions:
+ - name: v1alpha1
+ served: true
+ storage: true
+---
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: k8s-nfn-sa
+ namespace: kube-system
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ creationTimestamp: null
+ name: k8s-nfn-cr
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ - pods/status
+ - services
+ - endpoints
+ - persistentvolumeclaims
+ - events
+ - configmaps
+ - secrets
+ - nodes
+ verbs:
+ - '*'
+- apiGroups:
+ - apps
+ resources:
+ - deployments
+ - daemonsets
+ - replicasets
+ - statefulsets
+ verbs:
+ - '*'
+- apiGroups:
+ - monitoring.coreos.com
+ resources:
+ - servicemonitors
+ verbs:
+ - get
+ - create
+- apiGroups:
+ - apps
+ resourceNames:
+ - nfn-operator
+ resources:
+ - deployments/finalizers
+ verbs:
+ - update
+- apiGroups:
+ - k8s.plugin.opnfv.org
+ resources:
+ - '*'
+ - providernetworks
+ verbs:
+ - '*'
+
+---
+
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: k8s-nfn-crb
+subjects:
+- kind: Group
+ name: system:serviceaccounts
+ apiGroup: rbac.authorization.k8s.io
+roleRef:
+ kind: ClusterRole
+ name: k8s-nfn-cr
+ apiGroup: rbac.authorization.k8s.io
+
+
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: nfn-operator
+ namespace: kube-system
+spec:
+ type: NodePort
+ ports:
+ - port: 50000
+ protocol: TCP
+ targetPort: 50000
+ selector:
+ name: nfn-operator
+
+
+---
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: ovn-controller-network
+ namespace: kube-system
+data:
+ OVN_SUBNET: "10.233.64.0/18"
+ OVN_GATEWAYIP: "10.233.64.1/18"
+
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nfn-operator
+ namespace: kube-system
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ name: nfn-operator
+ template:
+ metadata:
+ labels:
+ name: nfn-operator
+ spec:
+ hostNetwork: true
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: ovn4nfv-k8s-plugin
+ operator: In
+ values:
+ - ovn-control-plane
+ tolerations:
+ - key: "node-role.kubernetes.io/master"
+ effect: "NoSchedule"
+ operator: "Exists"
+ serviceAccountName: k8s-nfn-sa
+ containers:
+ - name: nfn-operator
+ image: docker.io/integratedcloudnative/ovn4nfv-k8s-plugin:centos-v2.0.0
+ command: ["/usr/local/bin/entrypoint", "operator"]
+ imagePullPolicy: IfNotPresent
+ envFrom:
+ - configMapRef:
+ name: ovn-controller-network
+ ports:
+ - containerPort: 50000
+ protocol: TCP
+ env:
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: OPERATOR_NAME
+ value: "nfn-operator"
+
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: ovn4nfv-cni-config
+ namespace: kube-system
+ labels:
+ app: ovn4nfv
+data:
+ ovn4nfv_k8s.conf: |
+ [logging]
+ loglevel=5
+ logfile=/var/log/openvswitch/ovn4k8s.log
+
+ [cni]
+ conf-dir=/etc/cni/net.d
+ plugin=ovn4nfvk8s-cni
+
+ [kubernetes]
+ kubeconfig=/etc/cni/net.d/ovn4nfv-k8s.d/ovn4nfv-k8s.kubeconfig
+ 00-network.conf: |
+ {
+ "name": "ovn4nfv-k8s-plugin",
+ "type": "ovn4nfvk8s-cni",
+ "cniVersion": "0.3.1"
+ }
+
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: ovn4nfv-cni
+ namespace: kube-system
+ labels:
+ app: ovn4nfv
+spec:
+ updateStrategy:
+ type: RollingUpdate
+ selector:
+ matchLabels:
+ app: ovn4nfv
+ template:
+ metadata:
+ labels:
+ app: ovn4nfv
+ spec:
+ hostNetwork: true
+ nodeSelector:
+ beta.kubernetes.io/arch: amd64
+ tolerations:
+ - operator: Exists
+ effect: NoSchedule
+ serviceAccountName: k8s-nfn-sa
+ containers:
+ - name: ovn4nfv
+ image: docker.io/integratedcloudnative/ovn4nfv-k8s-plugin:centos-v2.0.0
+ command: ["/usr/local/bin/entrypoint", "cni"]
+ imagePullPolicy: IfNotPresent
+ resources:
+ requests:
+ cpu: 100m
+ memory: 50Mi
+ limits:
+ cpu: 100m
+ memory: 50Mi
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - name: cni
+ mountPath: /host/etc/cni/net.d
+ - name: cnibin
+ mountPath: /host/opt/cni/bin
+ - name: cniconf
+ mountPath: /host/etc/openvswitch
+ - name: ovn4nfv-cfg
+ mountPath: /tmp/ovn4nfv-conf
+ - name: ovn4nfv-cni-net-conf
+ mountPath: /tmp/ovn4nfv-cni
+ volumes:
+ - name: cni
+ hostPath:
+ path: /etc/cni/net.d
+ - name: cnibin
+ hostPath:
+ path: /opt/cni/bin
+ - name: cniconf
+ hostPath:
+ path: /etc/openvswitch
+ - name: ovn4nfv-cfg
+ configMap:
+ name: ovn4nfv-cni-config
+ items:
+ - key: ovn4nfv_k8s.conf
+ path: ovn4nfv_k8s.conf
+ - name: ovn4nfv-cni-net-conf
+ configMap:
+ name: ovn4nfv-cni-config
+ items:
+ - key: 00-network.conf
+ path: 00-network.conf
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: nfn-agent
+ namespace: kube-system
+ labels:
+ app: nfn-agent
+spec:
+ selector:
+ matchLabels:
+ app: nfn-agent
+ updateStrategy:
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: nfn-agent
+ spec:
+ hostNetwork: true
+ hostPID: true
+ nodeSelector:
+ beta.kubernetes.io/arch: amd64
+ tolerations:
+ - operator: Exists
+ effect: NoSchedule
+ serviceAccountName: k8s-nfn-sa
+ containers:
+ - name: nfn-agent
+ image: docker.io/integratedcloudnative/ovn4nfv-k8s-plugin:centos-v2.0.0
+ command: ["/usr/local/bin/entrypoint", "agent"]
+ imagePullPolicy: IfNotPresent
+ resources:
+ requests:
+ cpu: 100m
+ memory: 50Mi
+ limits:
+ cpu: 100m
+ memory: 50Mi
+ env:
+ - name: NFN_NODE_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ securityContext:
+ runAsUser: 0
+ capabilities:
+ add: ["NET_ADMIN", "SYS_ADMIN", "SYS_PTRACE"]
+ privileged: true
+ volumeMounts:
+ - mountPath: /var/run/dbus/
+ name: host-var-run-dbus
+ readOnly: true
+ - mountPath: /run/openvswitch
+ name: host-run-ovs
+ - mountPath: /var/run/openvswitch
+ name: host-var-run-ovs
+ - mountPath: /var/run
+ name: host-var-run
+ - mountPath: /host/proc
+ name: host-proc
+ - mountPath: /host/sys
+ name: host-sys
+ - mountPath: /var/run/ovn4nfv-k8s-plugin
+ name: host-var-cniserver-socket-dir
+ volumes:
+ - name: host-run-ovs
+ hostPath:
+ path: /run/openvswitch
+ - name: host-var-run-ovs
+ hostPath:
+ path: /var/run/openvswitch
+ - name: host-var-run-dbus
+ hostPath:
+ path: /var/run/dbus
+ - name: host-var-cniserver-socket-dir
+ hostPath:
+ path: /var/run/ovn4nfv-k8s-plugin
+ - name: host-var-run
+ hostPath:
+ path: /var/run
+ - name: host-proc
+ hostPath:
+ path: /proc
+ - name: host-sys
+ hostPath:
+ path: /sys
diff --git a/deploy/ovn4nfv-k8s-plugin.yaml b/deploy/ovn4nfv-k8s-plugin.yaml
index 73d3ab3..ab69dd7 100644
--- a/deploy/ovn4nfv-k8s-plugin.yaml
+++ b/deploy/ovn4nfv-k8s-plugin.yaml
@@ -1,3 +1,94 @@
+---
+
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+ name: networkchainings.k8s.plugin.opnfv.org
+spec:
+ group: k8s.plugin.opnfv.org
+ names:
+ kind: NetworkChaining
+ listKind: NetworkChainingList
+ plural: networkchainings
+ singular: networkchaining
+ scope: Namespaced
+ subresources:
+ status: {}
+ validation:
+ openAPIV3Schema:
+ description: NetworkChaining is the Schema for the networkchainings API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: NetworkChainingSpec defines the desired state of NetworkChaining
+ properties:
+ chainType:
+ type: string
+ routingSpec:
+ properties:
+ leftNetwork:
+ items:
+ properties:
+ gatewayIp:
+ type: string
+ networkName:
+ type: string
+ required:
+ - gatewayIp
+ - networkName
+ type: object
+ type: array
+ namespace:
+ type: string
+ networkChain:
+ type: string
+ rightNetwork:
+ items:
+ properties:
+ gatewayIp:
+ type: string
+ networkName:
+ type: string
+ required:
+ - gatewayIp
+ - networkName
+ type: object
+ type: array
+ required:
+ - leftNetwork
+ - namespace
+ - networkChain
+ - rightNetwork
+ type: object
+ required:
+ - chainType
+ - routingSpec
+ type: object
+ status:
+ description: NetworkChainingStatus defines the observed state of NetworkChaining
+ properties:
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
+ version: v1alpha1
+ versions:
+ - name: v1alpha1
+ served: true
+ storage: true
---
@@ -380,10 +471,8 @@ metadata:
name: ovn-controller-network
namespace: kube-system
data:
- OVN_SUBNET: "10.244.64.0/18"
- OVN_GATEWAYIP: "10.244.64.20/18"
- OVN_EXCLUDEIPS: "10.244.64.0..10.244.64.16"
-
+ OVN_SUBNET: "10.233.64.0/18"
+ OVN_GATEWAYIP: "10.233.64.1/18"
---
@@ -419,7 +508,7 @@ spec:
serviceAccountName: k8s-nfn-sa
containers:
- name: nfn-operator
- image: integratedcloudnative/ovn4nfv-k8s-plugin:master
+ image: docker.io/integratedcloudnative/ovn4nfv-k8s-plugin:v2.0.0
command: ["/usr/local/bin/entrypoint", "operator"]
imagePullPolicy: IfNotPresent
envFrom:
@@ -464,7 +553,7 @@ data:
}
---
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
kind: DaemonSet
metadata:
name: ovn4nfv-cni
@@ -474,6 +563,9 @@ metadata:
spec:
updateStrategy:
type: RollingUpdate
+ selector:
+ matchLabels:
+ app: ovn4nfv
template:
metadata:
labels:
@@ -488,16 +580,16 @@ spec:
serviceAccountName: k8s-nfn-sa
containers:
- name: ovn4nfv
- image: integratedcloudnative/ovn4nfv-k8s-plugin:master
+ image: docker.io/integratedcloudnative/ovn4nfv-k8s-plugin:v2.0.0
command: ["/usr/local/bin/entrypoint", "cni"]
imagePullPolicy: IfNotPresent
resources:
requests:
- cpu: "100m"
- memory: "50Mi"
+ cpu: 100m
+ memory: 50Mi
limits:
- cpu: "100m"
- memory: "50Mi"
+ cpu: 100m
+ memory: 50Mi
securityContext:
privileged: true
volumeMounts:
@@ -534,7 +626,7 @@ spec:
- key: 00-network.conf
path: 00-network.conf
---
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
kind: DaemonSet
metadata:
name: nfn-agent
@@ -542,6 +634,9 @@ metadata:
labels:
app: nfn-agent
spec:
+ selector:
+ matchLabels:
+ app: nfn-agent
updateStrategy:
type: RollingUpdate
template:
@@ -559,15 +654,16 @@ spec:
serviceAccountName: k8s-nfn-sa
containers:
- name: nfn-agent
- image: integratedcloudnative/ovn4nfv-k8s-plugin:master
+ image: docker.io/integratedcloudnative/ovn4nfv-k8s-plugin:v2.0.0
command: ["/usr/local/bin/entrypoint", "agent"]
+ imagePullPolicy: IfNotPresent
resources:
requests:
- cpu: "100m"
- memory: "50Mi"
+ cpu: 100m
+ memory: 50Mi
limits:
- cpu: "100m"
- memory: "50Mi"
+ cpu: 100m
+ memory: 50Mi
env:
- name: NFN_NODE_NAME
valueFrom:
@@ -586,6 +682,12 @@ spec:
name: host-run-ovs
- mountPath: /var/run/openvswitch
name: host-var-run-ovs
+ - mountPath: /var/run
+ name: host-var-run
+ - mountPath: /host/proc
+ name: host-proc
+ - mountPath: /host/sys
+ name: host-sys
- mountPath: /var/run/ovn4nfv-k8s-plugin
name: host-var-cniserver-socket-dir
volumes:
@@ -601,3 +703,12 @@ spec:
- name: host-var-cniserver-socket-dir
hostPath:
path: /var/run/ovn4nfv-k8s-plugin
+ - name: host-var-run
+ hostPath:
+ path: /var/run
+ - name: host-proc
+ hostPath:
+ path: /proc
+ - name: host-sys
+ hostPath:
+ path: /sys