You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
---
apiVersion: apiextensions.k8s.io/v1beta1kind: CustomResourceDefinitionmetadata: name: networks.k8s.plugin.opnfv.orgspec: group: k8s.plugin.opnfv.org names: kind: Network listKind: NetworkList plural: networks singular: network scope: Namespaced subresources: status: {} validation: openAPIV3Schema: properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' type: string metadata: type: object spec: properties: cniType: description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster Important: Run "operator-sdk generate k8s" to regenerate code after modifying this file Add custom validation using kubebuilder tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' type: string dns: properties: domain: type: string nameservers: items: type: string type: array options: items: type: string type: array search: items: type: string type: array type: object ipv4Subnets: items: properties: excludeIps: type: string gateway: type: string name: type: string subnet: type: string required: - name - subnet type: object type: array ipv6Subnets: items: properties: excludeIps: type: string gateway: type: string name: type: string subnet: type: string required: - name - subnet type: object type: array routes: items: properties: dst: type: string gw: type: string required: - dst type: object type: array required: - cniType - ipv4Subnets type: object status: properties: state: description: 'INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "operator-sdk generate k8s" to regenerate code after modifying this file Add custom validation using kubebuilder tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' type: string required: - state type: object version: v1alpha1 versions: - name: v1alpha1 served: true storage: true
---apiVersion: apiextensions.k8s.io/v1beta1kind: CustomResourceDefinitionmetadata: name: providernetworks.k8s.plugin.opnfv.orgspec: group: k8s.plugin.opnfv.org names: kind: ProviderNetwork listKind: ProviderNetworkList plural: providernetworks singular: providernetwork scope: Namespaced subresources: status: {} validation: openAPIV3Schema: description: ProviderNetwork is the Schema for the providernetworks API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: ProviderNetworkSpec defines the desired state of ProviderNetwork properties: cniType: description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster Important: Run "operator-sdk generate k8s" to regenerate code after modifying this file Add custom validation using kubebuilder tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' type: string direct: properties: directNodeSelector: type: string nodeLabelList: items: type: string type: array providerInterfaceName: type: string required: - directNodeSelector - providerInterfaceName type: object dns: properties: domain: type: string nameservers: items: type: string type: array options: items: type: string type: array search: items: type: string type: array type: object ipv4Subnets: items: properties: excludeIps: type: string gateway: type: string name: type: string subnet: type: string required: - name - subnet type: object type: array ipv6Subnets: items: properties: excludeIps: type: string gateway: type: string name: type: string subnet: type: string required: - name - subnet type: object type: array providerNetType: type: string routes: items: properties: dst: type: string gw: type: string required: - dst type: object type: array vlan: properties: logicalInterfaceName: type: string nodeLabelList: items: type: string type: array providerInterfaceName: type: string vlanId: type: string vlanNodeSelector: type: string required: - providerInterfaceName - vlanId - vlanNodeSelector type: object required: - cniType - ipv4Subnets - providerNetType type: object status: description: ProviderNetworkStatus defines the observed state of ProviderNetwork properties: state: description: 'INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "operator-sdk generate k8s" to regenerate code after modifying this file Add custom validation using kubebuilder tags: https://book-v1.book.kubebuilder.io/beyond_basics/generating_crd.html' type: string required: - state type: object type: object version: v1alpha1 versions: - name: v1alpha1 served: true storage: true---
apiVersion: v1kind: ServiceAccountmetadata: name: k8s-nfn-sa namespace: kube-system
---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata: creationTimestamp: null name: k8s-nfn-crrules:- apiGroups: - "" resources: - pods - pods/status - services - endpoints - persistentvolumeclaims - events - configmaps - secrets - nodes verbs: - '*'- apiGroups: - apps resources: - deployments - daemonsets - replicasets - statefulsets verbs: - '*'- apiGroups: - monitoring.coreos.com resources: - servicemonitors verbs: - get - create- apiGroups: - apps resourceNames: - nfn-operator resources: - deployments/finalizers verbs: - update- apiGroups: - k8s.plugin.opnfv.org resources: - '*' - providernetworks verbs: - '*'
---
kind: ClusterRoleBindingapiVersion: rbac.authorization.k8s.io/v1metadata: name: k8s-nfn-crbsubjects:- kind: Group name: system:serviceaccounts apiGroup: rbac.authorization.k8s.ioroleRef: kind: ClusterRole name: k8s-nfn-cr apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1kind: Servicemetadata: name: nfn-operator namespace: kube-systemspec: type: NodePort ports: - port: 50000 protocol: TCP targetPort: 50000 selector: name: nfn-operator
---
apiVersion: v1kind: ConfigMapmetadata: name: ovn-controller-network namespace: kube-systemdata: OVN_SUBNET: "{{ kube_pods_subnet }}" OVN_GATEWAYIP: "{{ kube_pods_subnet|ipaddr('net')|ipaddr(1) }}"
---
apiVersion: apps/v1kind: Deploymentmetadata: name: nfn-operator namespace: kube-systemspec: replicas: 1 selector: matchLabels: name: nfn-operator template: metadata: labels: name: nfn-operator spec: hostNetwork: true affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: ovn4nfv-k8s-plugin operator: In values: - ovn-control-plane tolerations: - key: "node-role.kubernetes.io/master" effect: "NoSchedule" operator: "Exists" - key: "node-role.kubernetes.io/control-plane" effect: "NoSchedule" operator: "Exists" serviceAccountName: k8s-nfn-sa containers: - name: nfn-operator image: {{ ovn4nfv_k8s_plugin_image_repo }}:{{ ovn4nfv_k8s_plugin_image_tag }} command: ["/usr/local/bin/entrypoint", "operator"] imagePullPolicy: {{ k8s_image_pull_policy }} envFrom: - configMapRef: name: ovn-controller-network ports: - containerPort: 50000 protocol: TCP env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: OPERATOR_NAME value: "nfn-operator"
---kind: ConfigMapapiVersion: v1metadata: name: ovn4nfv-cni-config namespace: kube-system labels: app: ovn4nfvdata: ovn4nfv_k8s.conf: | [logging] loglevel=5 logfile=/var/log/openvswitch/ovn4k8s.log
[cni] conf-dir=/etc/cni/net.d plugin=ovn4nfvk8s-cni
[kubernetes] kubeconfig=/etc/cni/net.d/ovn4nfv-k8s.d/ovn4nfv-k8s.kubeconfig 00-network.conf: | { "name": "ovn4nfv-k8s-plugin", "type": "ovn4nfvk8s-cni", "cniVersion": "0.3.1" }
---apiVersion: apps/v1kind: DaemonSetmetadata: name: ovn4nfv-cni namespace: kube-system labels: app: ovn4nfvspec: updateStrategy: type: RollingUpdate selector: matchLabels: app: ovn4nfv template: metadata: labels: app: ovn4nfv spec: hostNetwork: true nodeSelector: kubernetes.io/arch: amd64 tolerations: - operator: Exists effect: NoSchedule serviceAccountName: k8s-nfn-sa containers: - name: ovn4nfv image: {{ ovn4nfv_k8s_plugin_image_repo }}:{{ ovn4nfv_k8s_plugin_image_tag }} command: ["/usr/local/bin/entrypoint", "cni"] imagePullPolicy: {{ k8s_image_pull_policy }} resources: requests: cpu: {{ ovn4nfv_cni_cpu_request }} memory: {{ ovn4nfv_cni_memory_request }} limits: cpu: {{ ovn4nfv_cni_cpu_limit }} memory: {{ ovn4nfv_cni_memory_limit }} securityContext: privileged: true volumeMounts: - name: cni mountPath: /host/etc/cni/net.d - name: cnibin mountPath: /host/opt/cni/bin - name: cniconf mountPath: /host/etc/openvswitch - name: ovn4nfv-cfg mountPath: /tmp/ovn4nfv-conf - name: ovn4nfv-cni-net-conf mountPath: /tmp/ovn4nfv-cni volumes: - name: cni hostPath: path: /etc/cni/net.d - name: cnibin hostPath: path: /opt/cni/bin - name: cniconf hostPath: path: /etc/openvswitch - name: ovn4nfv-cfg configMap: name: ovn4nfv-cni-config items: - key: ovn4nfv_k8s.conf path: ovn4nfv_k8s.conf - name: ovn4nfv-cni-net-conf configMap: name: ovn4nfv-cni-config items: - key: 00-network.conf path: 00-network.conf---apiVersion: apps/v1kind: DaemonSetmetadata: name: nfn-agent namespace: kube-system labels: app: nfn-agentspec: selector: matchLabels: app: nfn-agent updateStrategy: type: RollingUpdate template: metadata: labels: app: nfn-agent spec: hostNetwork: true hostPID: true nodeSelector: kubernetes.io/arch: amd64 tolerations: - operator: Exists effect: NoSchedule serviceAccountName: k8s-nfn-sa containers: - name: nfn-agent image: {{ ovn4nfv_k8s_plugin_image_repo }}:{{ ovn4nfv_k8s_plugin_image_tag }} command: ["/usr/local/bin/entrypoint", "agent"] imagePullPolicy: {{ k8s_image_pull_policy }} resources: requests: cpu: {{ nfn_agent_cpu_request }} memory: {{ nfn_agent_memory_request }} limits: cpu: {{ nfn_agent_cpu_limit }} memory: {{ nfn_agent_memory_limit }} env: - name: NFN_NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName securityContext: runAsUser: 0 capabilities: add: ["NET_ADMIN", "SYS_ADMIN", "SYS_PTRACE"] privileged: true volumeMounts: - mountPath: /var/run/dbus/ name: host-var-run-dbus readOnly: true - mountPath: /run/openvswitch name: host-run-ovs - mountPath: /var/run/openvswitch name: host-var-run-ovs - mountPath: /var/run/ovn4nfv-k8s-plugin name: host-var-cniserver-socket-dir volumes: - name: host-run-ovs hostPath: path: /run/openvswitch - name: host-var-run-ovs hostPath: path: /var/run/openvswitch - name: host-var-run-dbus hostPath: path: /var/run/dbus - name: host-var-cniserver-socket-dir hostPath: path: /var/run/ovn4nfv-k8s-plugin
|
