From 3de63ee756f9d7c0a4524b40a89e92b918a9249f Mon Sep 17 00:00:00 2001 From: Kuralamudhan Ramakrishnan Date: Tue, 21 Apr 2020 17:19:34 +0000 Subject: Adding cnishim and cniserver - inspired from ovn-kubernetes and sdn openshift - cniserver & cnishim concepts - removed cni binary to depend on the host ovs binary installation - encapsulated all the binaries within the ovn and ovs containers - ovn4nfv-k8s cni server run along with nfn-agent - cnishim act as the httpclient and cniserver as httpservers - cnishim wrap all the cni commands to cniserver - cniserver do the actual network pumping work and send result back to cnishim - cnishim print the results as per the cni spec requirement - currently supports only debian installation for ovn daemon - support for debian kernel installation - Consolidated all yaml into single ovn4nfv-k8s-plugin Signed-off-by: Kuralamudhan Ramakrishnan Change-Id: I1e2b114d90f717baa2ee94ff379c849d73b2754e --- deploy/ovn4nfv-k8s-plugin-daemonset.yml | 571 ------------------------------ deploy/ovn4nfv-k8s-plugin.yaml | 602 ++++++++++++++++++++++++++++++++ 2 files changed, 602 insertions(+), 571 deletions(-) delete mode 100644 deploy/ovn4nfv-k8s-plugin-daemonset.yml create mode 100644 deploy/ovn4nfv-k8s-plugin.yaml (limited to 'deploy') diff --git a/deploy/ovn4nfv-k8s-plugin-daemonset.yml b/deploy/ovn4nfv-k8s-plugin-daemonset.yml deleted file mode 100644 index 13e749f..0000000 --- a/deploy/ovn4nfv-k8s-plugin-daemonset.yml +++ /dev/null @@ -1,571 +0,0 @@ - ---- - -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: networks.k8s.plugin.opnfv.org -spec: - group: k8s.plugin.opnfv.org - names: - kind: Network - listKind: NetworkList - plural: networks - singular: network - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - cniType: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - Important: Run "operator-sdk generate k8s" to regenerate code after - modifying this file Add custom validation using kubebuilder tags: - https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' - type: string - dns: - properties: - domain: - type: string - nameservers: - items: - type: string - type: array - options: - items: - type: string - type: array - search: - items: - type: string - type: array - type: object - ipv4Subnets: - items: - properties: - excludeIps: - type: string - gateway: - type: string - name: - type: string - subnet: - type: string - required: - - name - - subnet - type: object - type: array - ipv6Subnets: - items: - properties: - excludeIps: - type: string - gateway: - type: string - name: - type: string - subnet: - type: string - required: - - name - - subnet - type: object - type: array - routes: - items: - properties: - dst: - type: string - gw: - type: string - required: - - dst - type: object - type: array - required: - - cniType - - ipv4Subnets - type: object - status: - properties: - state: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "operator-sdk generate k8s" to regenerate - code after modifying this file Add custom validation using kubebuilder - tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' - type: string - required: - - state - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true - - ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: providernetworks.k8s.plugin.opnfv.org -spec: - group: k8s.plugin.opnfv.org - names: - kind: ProviderNetwork - listKind: ProviderNetworkList - plural: providernetworks - singular: providernetwork - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: ProviderNetwork is the Schema for the providernetworks API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ProviderNetworkSpec defines the desired state of ProviderNetwork - properties: - cniType: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - Important: Run "operator-sdk generate k8s" to regenerate code after - modifying this file Add custom validation using kubebuilder tags: - https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' - type: string - direct: - properties: - directNodeSelector: - type: string - nodeLabelList: - items: - type: string - type: array - providerInterfaceName: - type: string - required: - - directNodeSelector - - providerInterfaceName - type: object - dns: - properties: - domain: - type: string - nameservers: - items: - type: string - type: array - options: - items: - type: string - type: array - search: - items: - type: string - type: array - type: object - ipv4Subnets: - items: - properties: - excludeIps: - type: string - gateway: - type: string - name: - type: string - subnet: - type: string - required: - - name - - subnet - type: object - type: array - ipv6Subnets: - items: - properties: - excludeIps: - type: string - gateway: - type: string - name: - type: string - subnet: - type: string - required: - - name - - subnet - type: object - type: array - providerNetType: - type: string - routes: - items: - properties: - dst: - type: string - gw: - type: string - required: - - dst - type: object - type: array - vlan: - properties: - logicalInterfaceName: - type: string - nodeLabelList: - items: - type: string - type: array - providerInterfaceName: - type: string - vlanId: - type: string - vlanNodeSelector: - type: string - required: - - providerInterfaceName - - vlanId - - vlanNodeSelector - type: object - required: - - cniType - - ipv4Subnets - - providerNetType - type: object - status: - description: ProviderNetworkStatus defines the observed state of ProviderNetwork - properties: - state: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "operator-sdk generate k8s" to regenerate - code after modifying this file Add custom validation using kubebuilder - tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' - type: string - required: - - state - type: object - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true ---- - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: k8s-nfn-sa - namespace: operator - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - name: k8s-nfn-cr -rules: -- apiGroups: - - "" - resources: - - pods - - services - - endpoints - - persistentvolumeclaims - - events - - configmaps - - secrets - - nodes - verbs: - - '*' -- apiGroups: - - apps - resources: - - deployments - - daemonsets - - replicasets - - statefulsets - verbs: - - '*' -- apiGroups: - - monitoring.coreos.com - resources: - - servicemonitors - verbs: - - get - - create -- apiGroups: - - apps - resourceNames: - - nfn-operator - resources: - - deployments/finalizers - verbs: - - update -- apiGroups: - - k8s.plugin.opnfv.org - resources: - - '*' - - providernetworks - verbs: - - '*' - ---- - -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: k8s-nfn-crb -subjects: -- kind: Group - name: system:serviceaccounts - apiGroup: rbac.authorization.k8s.io -roleRef: - kind: ClusterRole - name: k8s-nfn-cr - apiGroup: rbac.authorization.k8s.io - - ---- - -apiVersion: v1 -kind: Service -metadata: - name: nfn-operator - namespace: operator -spec: - type: NodePort - ports: - - port: 50000 - protocol: TCP - targetPort: 50000 - selector: - name: nfn-operator - - ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: ovn-controller-network - namespace: operator -data: - OVN_SUBNET: "10.244.64.0/18" - OVN_GATEWAYIP: "10.244.64.20/18" - OVN_EXCLUDEIPS: "10.244.64.0..10.244.64.16" - - ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nfn-operator - namespace: operator -spec: - replicas: 1 - selector: - matchLabels: - name: nfn-operator - template: - metadata: - labels: - name: nfn-operator - spec: - hostNetwork: true - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: nfnType - operator: In - values: - - operator - tolerations: - - key: "node-role.kubernetes.io/master" - effect: "NoSchedule" - operator: "Exists" - serviceAccountName: k8s-nfn-sa - containers: - - name: nfn-operator - image: integratedcloudnative/ovn4nfv-k8s-plugin:master - command: ["/usr/local/bin/entrypoint", "operator"] - imagePullPolicy: IfNotPresent - envFrom: - - configMapRef: - name: ovn-controller-network - ports: - - containerPort: 50000 - protocol: TCP - env: - - name: HOST_IP - valueFrom: - fieldRef: - fieldPath: status.hostIP - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OPERATOR_NAME - value: "nfn-operator" - ---- -kind: ConfigMap -apiVersion: v1 -metadata: - name: ovn4nfv-cni-config - namespace: operator - labels: - app: ovn4nfv -data: - ovn4nfv_k8s.conf: | - [logging] - loglevel=5 - logfile=/var/log/openvswitch/ovn4k8s.log - - [cni] - conf-dir=/etc/cni/net.d - plugin=ovn4nfvk8s-cni - - [kubernetes] - kubeconfig=/etc/kubernetes/admin.conf - ---- -apiVersion: extensions/v1beta1 -kind: DaemonSet -metadata: - name: ovn4nfv-cni - namespace: operator - labels: - app: ovn4nfv -spec: - updateStrategy: - type: RollingUpdate - template: - metadata: - labels: - app: ovn4nfv - spec: - hostNetwork: true - nodeSelector: - beta.kubernetes.io/arch: amd64 - tolerations: - - operator: Exists - effect: NoSchedule - containers: - - name: ovn4nfv - image: integratedcloudnative/ovn4nfv-k8s-plugin:master - command: ["/usr/local/bin/entrypoint", "cni"] - resources: - requests: - cpu: "100m" - memory: "50Mi" - limits: - cpu: "100m" - memory: "50Mi" - securityContext: - privileged: true - volumeMounts: - - name: cnibin - mountPath: /host/opt/cni/bin - - name: cniconf - mountPath: /host/etc/openvswitch - - name: ovn4nfv-cfg - mountPath: /tmp/ovn4nfv-conf - volumes: - - name: cnibin - hostPath: - path: /opt/cni/bin - - name: cniconf - hostPath: - path: /etc/openvswitch - - name: ovn4nfv-cfg - configMap: - name: ovn4nfv-cni-config - items: - - key: ovn4nfv_k8s.conf - path: ovn4nfv_k8s.conf - ---- -apiVersion: extensions/v1beta1 -kind: DaemonSet -metadata: - name: nfn-agent - namespace: operator - labels: - app: nfn-agent -spec: - updateStrategy: - type: RollingUpdate - template: - metadata: - labels: - app: nfn-agent - spec: - hostNetwork: true - nodeSelector: - beta.kubernetes.io/arch: amd64 - tolerations: - - operator: Exists - effect: NoSchedule - containers: - - name: nfn-agent - image: integratedcloudnative/ovn4nfv-k8s-plugin:master - command: ["/usr/local/bin/entrypoint", "agent"] - resources: - requests: - cpu: "100m" - memory: "50Mi" - limits: - cpu: "100m" - memory: "50Mi" - env: - - name: NFN_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - securityContext: - privileged: true - volumeMounts: - - mountPath: /run/openvswitch - name: host-run-ovs - - mountPath: /var/run/openvswitch - name: host-var-run-ovs - volumes: - - name: host-run-ovs - hostPath: - path: /run/openvswitch - - name: host-var-run-ovs - hostPath: - path: /var/run/openvswitch diff --git a/deploy/ovn4nfv-k8s-plugin.yaml b/deploy/ovn4nfv-k8s-plugin.yaml new file mode 100644 index 0000000..5d5017e --- /dev/null +++ b/deploy/ovn4nfv-k8s-plugin.yaml @@ -0,0 +1,602 @@ + +--- + +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: networks.k8s.plugin.opnfv.org +spec: + group: k8s.plugin.opnfv.org + names: + kind: Network + listKind: NetworkList + plural: networks + singular: network + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + cniType: + description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + Important: Run "operator-sdk generate k8s" to regenerate code after + modifying this file Add custom validation using kubebuilder tags: + https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' + type: string + dns: + properties: + domain: + type: string + nameservers: + items: + type: string + type: array + options: + items: + type: string + type: array + search: + items: + type: string + type: array + type: object + ipv4Subnets: + items: + properties: + excludeIps: + type: string + gateway: + type: string + name: + type: string + subnet: + type: string + required: + - name + - subnet + type: object + type: array + ipv6Subnets: + items: + properties: + excludeIps: + type: string + gateway: + type: string + name: + type: string + subnet: + type: string + required: + - name + - subnet + type: object + type: array + routes: + items: + properties: + dst: + type: string + gw: + type: string + required: + - dst + type: object + type: array + required: + - cniType + - ipv4Subnets + type: object + status: + properties: + state: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "operator-sdk generate k8s" to regenerate + code after modifying this file Add custom validation using kubebuilder + tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' + type: string + required: + - state + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: providernetworks.k8s.plugin.opnfv.org +spec: + group: k8s.plugin.opnfv.org + names: + kind: ProviderNetwork + listKind: ProviderNetworkList + plural: providernetworks + singular: providernetwork + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + description: ProviderNetwork is the Schema for the providernetworks API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ProviderNetworkSpec defines the desired state of ProviderNetwork + properties: + cniType: + description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + Important: Run "operator-sdk generate k8s" to regenerate code after + modifying this file Add custom validation using kubebuilder tags: + https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' + type: string + direct: + properties: + directNodeSelector: + type: string + nodeLabelList: + items: + type: string + type: array + providerInterfaceName: + type: string + required: + - directNodeSelector + - providerInterfaceName + type: object + dns: + properties: + domain: + type: string + nameservers: + items: + type: string + type: array + options: + items: + type: string + type: array + search: + items: + type: string + type: array + type: object + ipv4Subnets: + items: + properties: + excludeIps: + type: string + gateway: + type: string + name: + type: string + subnet: + type: string + required: + - name + - subnet + type: object + type: array + ipv6Subnets: + items: + properties: + excludeIps: + type: string + gateway: + type: string + name: + type: string + subnet: + type: string + required: + - name + - subnet + type: object + type: array + providerNetType: + type: string + routes: + items: + properties: + dst: + type: string + gw: + type: string + required: + - dst + type: object + type: array + vlan: + properties: + logicalInterfaceName: + type: string + nodeLabelList: + items: + type: string + type: array + providerInterfaceName: + type: string + vlanId: + type: string + vlanNodeSelector: + type: string + required: + - providerInterfaceName + - vlanId + - vlanNodeSelector + type: object + required: + - cniType + - ipv4Subnets + - providerNetType + type: object + status: + description: ProviderNetworkStatus defines the observed state of ProviderNetwork + properties: + state: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "operator-sdk generate k8s" to regenerate + code after modifying this file Add custom validation using kubebuilder + tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' + type: string + required: + - state + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +--- + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: k8s-nfn-sa + namespace: kube-system + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: k8s-nfn-cr +rules: +- apiGroups: + - "" + resources: + - pods + - pods/status + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - nodes + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create +- apiGroups: + - apps + resourceNames: + - nfn-operator + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - k8s.plugin.opnfv.org + resources: + - '*' + - providernetworks + verbs: + - '*' + +--- + +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: k8s-nfn-crb +subjects: +- kind: Group + name: system:serviceaccounts + apiGroup: rbac.authorization.k8s.io +roleRef: + kind: ClusterRole + name: k8s-nfn-cr + apiGroup: rbac.authorization.k8s.io + + +--- + +apiVersion: v1 +kind: Service +metadata: + name: nfn-operator + namespace: kube-system +spec: + type: NodePort + ports: + - port: 50000 + protocol: TCP + targetPort: 50000 + selector: + name: nfn-operator + + +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: ovn-controller-network + namespace: kube-system +data: + OVN_SUBNET: "10.244.64.0/18" + OVN_GATEWAYIP: "10.244.64.20/18" + OVN_EXCLUDEIPS: "10.244.64.0..10.244.64.16" + + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nfn-operator + namespace: kube-system +spec: + replicas: 1 + selector: + matchLabels: + name: nfn-operator + template: + metadata: + labels: + name: nfn-operator + spec: + hostNetwork: true + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: ovn4nfv-k8s-plugin + operator: In + values: + - ovn-control-plane + tolerations: + - key: "node-role.kubernetes.io/master" + effect: "NoSchedule" + operator: "Exists" + serviceAccountName: k8s-nfn-sa + containers: + - name: nfn-operator + image: integratedcloudnative/ovn4nfv-k8s-plugin:master + command: ["/usr/local/bin/entrypoint", "operator"] + imagePullPolicy: IfNotPresent + envFrom: + - configMapRef: + name: ovn-controller-network + ports: + - containerPort: 50000 + protocol: TCP + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: "nfn-operator" + +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: ovn4nfv-cni-config + namespace: kube-system + labels: + app: ovn4nfv +data: + ovn4nfv_k8s.conf: | + [logging] + loglevel=5 + logfile=/var/log/openvswitch/ovn4k8s.log + + [cni] + conf-dir=/etc/cni/net.d + plugin=ovn4nfvk8s-cni + + [kubernetes] + kubeconfig=/etc/cni/net.d/ovn4nfv-k8s.d/ovn4nfv-k8s.kubeconfig + 00-network.conf: | + { + "name": "ovn4nfv-k8s-plugin", + "type": "ovn4nfvk8s-cni", + "cniVersion": "0.3.1" + } + +--- +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: ovn4nfv-cni + namespace: kube-system + labels: + app: ovn4nfv +spec: + updateStrategy: + type: RollingUpdate + template: + metadata: + labels: + app: ovn4nfv + spec: + hostNetwork: true + nodeSelector: + beta.kubernetes.io/arch: amd64 + tolerations: + - operator: Exists + effect: NoSchedule + serviceAccountName: k8s-nfn-sa + containers: + - name: ovn4nfv + image: integratedcloudnative/ovn4nfv-k8s-plugin:master + command: ["/usr/local/bin/entrypoint", "cni"] + resources: + requests: + cpu: "100m" + memory: "50Mi" + limits: + cpu: "100m" + memory: "50Mi" + securityContext: + privileged: true + volumeMounts: + - name: cni + mountPath: /host/etc/cni/net.d + - name: cnibin + mountPath: /host/opt/cni/bin + - name: cniconf + mountPath: /host/etc/openvswitch + - name: ovn4nfv-cfg + mountPath: /tmp/ovn4nfv-conf + - name: ovn4nfv-cni-net-conf + mountPath: /tmp/ovn4nfv-cni + volumes: + - name: cni + hostPath: + path: /etc/cni/net.d + - name: cnibin + hostPath: + path: /opt/cni/bin + - name: cniconf + hostPath: + path: /etc/openvswitch + - name: ovn4nfv-cfg + configMap: + name: ovn4nfv-cni-config + items: + - key: ovn4nfv_k8s.conf + path: ovn4nfv_k8s.conf + - name: ovn4nfv-cni-net-conf + configMap: + name: ovn4nfv-cni-config + items: + - key: 00-network.conf + path: 00-network.conf +--- +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: nfn-agent + namespace: kube-system + labels: + app: nfn-agent +spec: + updateStrategy: + type: RollingUpdate + template: + metadata: + labels: + app: nfn-agent + spec: + hostNetwork: true + hostPID: true + nodeSelector: + beta.kubernetes.io/arch: amd64 + tolerations: + - operator: Exists + effect: NoSchedule + serviceAccountName: k8s-nfn-sa + containers: + - name: nfn-agent + image: integratedcloudnative/ovn4nfv-k8s-plugin:master + command: ["/usr/local/bin/entrypoint", "agent"] + resources: + requests: + cpu: "100m" + memory: "50Mi" + limits: + cpu: "100m" + memory: "50Mi" + env: + - name: NFN_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + securityContext: + runAsUser: 0 + capabilities: + add: ["NET_ADMIN", "SYS_ADMIN", "SYS_PTRACE"] + privileged: true + volumeMounts: + - mountPath: /var/run/dbus/ + name: host-var-run-dbus + readOnly: true + - mountPath: /run/openvswitch + name: host-run-ovs + - mountPath: /var/run/openvswitch + name: host-var-run-ovs + - mountPath: /var/run/ovn4nfv-k8s-plugin + name: host-var-cniserver-socket-dir + volumes: + - name: host-run-ovs + hostPath: + path: /run/openvswitch + - name: host-var-run-ovs + hostPath: + path: /var/run/openvswitch + - name: host-var-run-dbus + hostPath: + path: /var/run/dbus + - name: host-var-cniserver-socket-dir + hostPath: + path: /var/run/ovn4nfv-k8s-plugin -- cgit 1.2.3-korg