aboutsummaryrefslogtreecommitdiffstats
path: root/tools/k8s/cluster-deployment/k8scluster/roles/clustermanager/tasks/deploy-danm.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'tools/k8s/cluster-deployment/k8scluster/roles/clustermanager/tasks/deploy-danm.yaml')
-rw-r--r--tools/k8s/cluster-deployment/k8scluster/roles/clustermanager/tasks/deploy-danm.yaml125
1 files changed, 125 insertions, 0 deletions
diff --git a/tools/k8s/cluster-deployment/k8scluster/roles/clustermanager/tasks/deploy-danm.yaml b/tools/k8s/cluster-deployment/k8scluster/roles/clustermanager/tasks/deploy-danm.yaml
new file mode 100644
index 00000000..04852e55
--- /dev/null
+++ b/tools/k8s/cluster-deployment/k8scluster/roles/clustermanager/tasks/deploy-danm.yaml
@@ -0,0 +1,125 @@
+---
+
+- name: Clean Danm
+ import_tasks: clear-danm.yaml
+
+- name: Deploy DanmNet CRD
+ k8s:
+ state: present
+ apply: yes
+ definition: '{{ item }}'
+ with_items: '{{ lookup("url", "https://raw.githubusercontent.com/nokia/danm/v4.3.0/integration/crds/lightweight/DanmNet.yaml", split_lines=False) | from_yaml_all | list }}'
+ when: item is not none
+
+- name: Deploy DanmEp CRD
+ k8s:
+ state: present
+ apply: yes
+ definition: '{{ item }}'
+ with_items: '{{ lookup("url", "https://raw.githubusercontent.com/nokia/danm/v4.3.0/integration/crds/lightweight/DanmEp.yaml", split_lines=False) | from_yaml_all | list }}'
+ when: item is not none
+
+- name: Create Danm service account
+ command: kubectl create --namespace kube-system serviceaccount danm
+
+- name: Create Danm cni conf
+ copy:
+ dest: /etc/cni/net.d/00-danm.conf
+ mode: 0644
+ content: |
+ {
+ "cniVersion": "0.3.1",
+ "name": "meta_cni",
+ "type": "danm",
+ "kubeconfig": "/etc/cni/net.d/danm-kubeconfig",
+ "cniDir": "/etc/cni/net.d",
+ "namingScheme": "awesome",
+ }
+ become: yes
+
+- name: Get Cluster name
+ command: kubectl config view -o jsonpath='{.clusters[0].name}'
+ register: cluster_name
+
+- name: Get Cluster Server
+ command: kubectl config view -o jsonpath='{.clusters[0].cluster.server}'
+ register: cluster_server
+
+- name: Get Cluster CA certification
+ command: kubectl config view --flatten -o jsonpath='{.clusters[0].cluster.certificate-authority-data}'
+ register: cluster_ca_certificate
+
+- name: Get Danm Secret Name
+ command: kubectl get --namespace kube-system -o jsonpath='{.secrets[0].name}' serviceaccounts danm
+ register: danm_secret_name
+
+- name: Get Danm Service Account Token
+ shell: kubectl get --namespace kube-system secrets {{ danm_secret_name.stdout }} -o jsonpath='{.data.token}' | base64 -d
+ register: danm_service_account_token
+
+- name: Create Danm kubeconfig
+ copy:
+ dest: /etc/cni/net.d/danm-kubeconfig
+ mode: 0644
+ content: |
+ apiVersion: v1
+ kind: Config
+ current-context: default
+ clusters:
+ - cluster:
+ certificate-authority-data: {{ cluster_ca_certificate.stdout }}
+ server: {{ cluster_server.stdout }}
+ name: {{ cluster_name.stdout }}
+ contexts:
+ - context:
+ cluster: {{ cluster_name.stdout }}
+ user: danm
+ name: default
+ users:
+ - name: danm
+ user:
+ token: {{ danm_service_account_token.stdout }}
+ preferences: {}
+ become: yes
+
+- name: Deploy Danm rbac
+ k8s:
+ state: present
+ apply: yes
+ definition: '{{ item }}'
+ with_items: '{{ lookup("url", "https://raw.githubusercontent.com/nokia/danm/v4.3.0/integration/cni_config/danm_rbac.yaml", split_lines=False) | from_yaml_all | list }}'
+ when: item is not none
+
+- name: Deploy Danm cni plugins
+ k8s:
+ state: present
+ apply: yes
+ wait: yes
+ definition: "{{ lookup('file', 'danm-cni-plugins.yaml') }}"
+
+- name: Deploy Danm netwatcher
+ k8s:
+ state: present
+ apply: yes
+ definition: "{{ lookup('file', 'danm-netwatcher-daemonset.yaml') }}"
+
+- name: Create Danm webhook signed cert
+ script: danm-webhook-create-signed-cert.sh
+
+- name: Get CA Bundle
+ shell: kubectl config view --raw -o json | jq -r '.clusters[0].cluster."certificate-authority-data"' | tr -d '"'
+ register: danm_ca_bundle
+
+- name: Generate webhook deployment
+ template:
+ src: danm-webhook.yaml
+ dest: /tmp/danm-webhook.yaml
+ mode: 0644
+ vars:
+ ca_bundle: "{{ danm_ca_bundle.stdout }}"
+
+- name: Deploy Danm webhook
+ k8s:
+ state: present
+ apply: yes
+ src: /tmp/danm-webhook.yaml