diff options
author | Sridhar K. N. Rao <srao@linuxfoundation.org> | 2022-12-13 22:05:48 +0530 |
---|---|---|
committer | Sridhar K. N. Rao <srao@linuxfoundation.org> | 2022-12-19 21:22:29 +0530 |
commit | 9bb2fe4b0f99a0c7a8a675f3277c19ed304d852f (patch) | |
tree | 325889d69060e227f7a62249cd119ab2244551dd /tools/ebpfautomation/afxdp-deploy | |
parent | 34147ac299351c44d4f7d135892457fba38a132b (diff) |
TOOLS: Add eBPF-based solution support
This patch adds automation support for eBPF based CNI.
Add license headers
Signed-off-by: Sridhar K. N. Rao <srao@linuxfoundation.org>
Change-Id: I1ad7e6f785b5dd98a170c87a74f8b7ce02daa765
Diffstat (limited to 'tools/ebpfautomation/afxdp-deploy')
-rw-r--r-- | tools/ebpfautomation/afxdp-deploy/afxdp-nad.yaml | 68 | ||||
-rw-r--r-- | tools/ebpfautomation/afxdp-deploy/daemonset.yml | 135 | ||||
-rw-r--r-- | tools/ebpfautomation/afxdp-deploy/deploy.sh | 42 |
3 files changed, 245 insertions, 0 deletions
diff --git a/tools/ebpfautomation/afxdp-deploy/afxdp-nad.yaml b/tools/ebpfautomation/afxdp-deploy/afxdp-nad.yaml new file mode 100644 index 00000000..1174941c --- /dev/null +++ b/tools/ebpfautomation/afxdp-deploy/afxdp-nad.yaml @@ -0,0 +1,68 @@ +# Copyright 2022 The Linux Foundation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# WARNING: This is an example definition only. Remove all comments before use. + +apiVersion: "k8s.cni.cncf.io/v1" +kind: NetworkAttachmentDefinition +metadata: + name: afxdp-east-network # Name of this network, pods will request this network by name + annotations: + k8s.v1.cni.cncf.io/resourceName: afxdp/eastPool # Needs to match the device plugin pool name / resource type +spec: + config: '{ + "cniVersion": "0.3.0", + "type": "afxdp", # CNI binary, leave as afxdp + "mode": "cdq", # CNI mode setting (required) + "logFile": "afxdp-cni-east.log", # CNI log file location (optional) + "logLevel": "debug", # CNI logging level (optional) + "ipam": { # CNI IPAM plugin and associated config (optional) + "type": "host-local", + "subnet": "192.168.1.0/24", + "rangeStart": "192.168.1.200", + "rangeEnd": "192.168.1.220", + "routes": [ + { "dst": "0.0.0.0/0" } + ], + "gateway": "192.168.1.1" + } + }' + +--- + +apiVersion: "k8s.cni.cncf.io/v1" +kind: NetworkAttachmentDefinition +metadata: + name: afxdp-west-network # Name of this network, pods will request this network by name + annotations: + k8s.v1.cni.cncf.io/resourceName: afxdp/westPool # Needs to match the device plugin pool name / resource type +spec: + config: '{ + "cniVersion": "0.3.0", + "type": "afxdp", + "mode": "cdq", + "logFile": "afxdp-cni-west.log", + "logLevel": "debug", + "ipam": { + "type": "host-local", + "subnet": "192.168.2.0/24", + "rangeStart": "192.168.2.200", + "rangeEnd": "192.168.2.220", + "routes": [ + { "dst": "0.0.0.0/0" } + ], + "gateway": "192.168.2.1" + } + }' + diff --git a/tools/ebpfautomation/afxdp-deploy/daemonset.yml b/tools/ebpfautomation/afxdp-deploy/daemonset.yml new file mode 100644 index 00000000..c2979703 --- /dev/null +++ b/tools/ebpfautomation/afxdp-deploy/daemonset.yml @@ -0,0 +1,135 @@ +# Copyright 2022 The Linux Foundation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: afxdp-dp-config + namespace: kube-system +data: + config.json: | + { + "logLevel":"debug", + "logFile":"afxdp-dp.log", + "pools":[ + { + "name":"eastPool", + "mode":"cdq", + "devices":[ + { + "name":"ens801f0", + "secondary":10 + } + ] + }, + { + "name":"westPool", + "mode":"cdq", + "devices":[ + { + "name":"ens801f1" + "secondary":10 + + }, + ] + } + ] + } +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: afxdp-device-plugin + namespace: kube-system +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: kube-afxdp-device-plugin + namespace: kube-system + labels: + tier: node + app: afxdp +spec: + selector: + matchLabels: + name: afxdp-device-plugin + template: + metadata: + labels: + name: afxdp-device-plugin + tier: node + app: afxdp + spec: + hostNetwork: true + nodeSelector: + kubernetes.io/arch: amd64 + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + serviceAccountName: afxdp-device-plugin + containers: + - name: kube-afxdp + image: afxdp-device-plugin:latest + imagePullPolicy: IfNotPresent + securityContext: + capabilities: + drop: + - all + add: + - SYS_ADMIN + - NET_ADMIN + resources: + requests: + cpu: "250m" + memory: "40Mi" + limits: + cpu: "1" + memory: "200Mi" + volumeMounts: + - name: unixsock + mountPath: /tmp/afxdp_dp/ + - name: devicesock + mountPath: /var/lib/kubelet/device-plugins/ + - name: resources + mountPath: /var/lib/kubelet/pod-resources/ + - name: config-volume + mountPath: /afxdp/config + - name: log + mountPath: /var/log/afxdp-k8s-plugins/ + - name: cnibin + mountPath: /opt/cni/bin/ + volumes: + - name: unixsock + hostPath: + path: /tmp/afxdp_dp/ + - name: devicesock + hostPath: + path: /var/lib/kubelet/device-plugins/ + - name: resources + hostPath: + path: /var/lib/kubelet/pod-resources/ + - name: config-volume + configMap: + name: afxdp-dp-config + items: + - key: config.json + path: config.json + - name: log + hostPath: + path: /var/log/afxdp-k8s-plugins/ + - name: cnibin + hostPath: + path: /opt/cni/bin/ diff --git a/tools/ebpfautomation/afxdp-deploy/deploy.sh b/tools/ebpfautomation/afxdp-deploy/deploy.sh new file mode 100644 index 00000000..4d6adb5f --- /dev/null +++ b/tools/ebpfautomation/afxdp-deploy/deploy.sh @@ -0,0 +1,42 @@ +#!/bin/bash + +# Copyright 2022 The Linux Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This script should be run from a node that has access to K8S Cluster + +ROOT_UID=0 +SUDO="" + +# check if root +if [ "$UID" -ne "$ROOT_UID" ] +then + # installation must be run via sudo + SUDO="sudo -E" +fi + +# clone afxdp plugins repository +echo "Cloning afxdp-plugins-for-kubernetes repository..." +[ -d afxdp-plugins-for-kubernetes ] && rm -rf afxdp-plugins-for-kubernetes +git clone https://github.com/intel/afxdp-plugins-for-kubernetes &> /dev/null + + +# Copy daemonset.yml to the appropriate folder +cp daemonset.yml afxdp-plugins-for-kubernetes/deployments + +# Build and deploy +cd afxdp-plugins-for-kubernetes && make deploy + +# Deploy the network attachment definition +kubectl create -f afxdp-nad.yaml |