richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Update multus to v4.1.0 and clarify cilium compatibility (#11434) 

* Update multus to v4.1.0 and clarify cilium compatibility

* Fix: bug introduced by #10934 where the template would break if multus was defined

* Set priorityClassName to system-node-critical for multus pods
pull/11514/head
Qasim Mehmood 8 months ago
committed by GitHub
parent
4b324cb0f0
commit
538a1f2791
No known key found for this signature in database GPG Key ID: B5690EEEBB952194
5 changed files with 34 additions and 5 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      docs/CNI/multus.md
  2. 2
      roles/kubernetes-apps/network_plugin/multus/tasks/main.yml
  3. 2
      roles/kubespray-defaults/defaults/main/download.yml
  4. 1
      roles/network_plugin/multus/defaults/main.yml
  5. 24
      roles/network_plugin/multus/templates/multus-daemonset.yml.j2

10
docs/CNI/multus.md
View File

@ -17,6 +17,16 @@ kube_network_plugin_multus: true
will install Multus and Calico and configure Multus to use Calico as the primary network plugin. will install Multus and Calico and configure Multus to use Calico as the primary network plugin.
### Cilium compatibility
If you are using `cilium` as the primary CNI you'll have to set `cilium_cni_exclusive` to `false` to avoid cillium reverting multus config.
```yml
kube_network_plugin: cilium
kube_network_plugin_multus: true
cilium_cni_exclusive: false
```
## Using Multus ## Using Multus
Once Multus is installed, you can create CNI configurations (as a CRD objects) for additional networks, in this case a macvlan CNI configuration is defined. You may replace the config field with any valid CNI configuration where the CNI binary is available on the nodes. Once Multus is installed, you can create CNI configurations (as a CRD objects) for additional networks, in this case a macvlan CNI configuration is defined. You may replace the config field with any valid CNI configuration where the CNI binary is available on the nodes.

2
roles/kubernetes-apps/network_plugin/multus/tasks/main.yml
View File

@ -9,7 +9,7 @@
state: "latest" state: "latest"
delegate_to: "{{ groups['kube_control_plane'][0] }}" delegate_to: "{{ groups['kube_control_plane'][0] }}"
run_once: true run_once: true
with_items: "{{ (multus_manifest_1.results | default([])) + (multus_nodes_list | map('extract', hostvars, 'multus_manifest_2.results') | default([]) | list) }}"
with_items: "{{ (multus_manifest_1.results | default([])) + (multus_nodes_list | map('extract', hostvars, 'multus_manifest_2') | map('default', []) | list | json_query('[].results')) }}"
loop_control: loop_control:
label: "{{ item.item.name if item != None else 'skipped' }}" label: "{{ item.item.name if item != None else 'skipped' }}"
vars: vars:

2
roles/kubespray-defaults/defaults/main/download.yml
View File

@ -122,7 +122,7 @@ cilium_enable_hubble: false
kube_ovn_version: "v1.12.21" kube_ovn_version: "v1.12.21"
kube_ovn_dpdk_version: "19.11-{{ kube_ovn_version }}" kube_ovn_dpdk_version: "19.11-{{ kube_ovn_version }}"
kube_router_version: "v2.0.0" kube_router_version: "v2.0.0"
multus_version: "v3.8"
multus_version: "v4.1.0"
helm_version: "v3.15.4" helm_version: "v3.15.4"
nerdctl_version: "1.7.6" nerdctl_version: "1.7.6"
krew_version: "v0.4.4" krew_version: "v0.4.4"

1
roles/network_plugin/multus/defaults/main.yml
View File

@ -6,5 +6,4 @@ multus_cni_run_dir_host: "/run"
multus_cni_conf_dir: "{{ ('/host', multus_cni_conf_dir_host) | join }}" multus_cni_conf_dir: "{{ ('/host', multus_cni_conf_dir_host) | join }}"
multus_cni_bin_dir: "{{ ('/host', multus_cni_bin_dir_host) | join }}" multus_cni_bin_dir: "{{ ('/host', multus_cni_bin_dir_host) | join }}"
multus_cni_run_dir: "{{ ('/host', multus_cni_run_dir_host) | join }}" multus_cni_run_dir: "{{ ('/host', multus_cni_run_dir_host) | join }}"
multus_cni_version: "0.4.0"
multus_kubeconfig_file_host: "{{ (multus_cni_conf_dir_host, '/multus.d/multus.kubeconfig') | join }}" multus_kubeconfig_file_host: "{{ (multus_cni_conf_dir_host, '/multus.d/multus.kubeconfig') | join }}"

24
roles/network_plugin/multus/templates/multus-daemonset.yml.j2
View File

@ -24,6 +24,7 @@ spec:
spec: spec:
hostNetwork: true hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet dnsPolicy: ClusterFirstWithHostNet
priorityClassName: system-node-critical
nodeSelector: nodeSelector:
kubernetes.io/arch: {{ image_arch }} kubernetes.io/arch: {{ image_arch }}
{% if container_manager_types | length >= 2 %} {% if container_manager_types | length >= 2 %}
@ -32,16 +33,34 @@ spec:
tolerations: tolerations:
- operator: Exists - operator: Exists
serviceAccountName: multus serviceAccountName: multus
initContainers:
- name: install-multus-binary
image: {{ multus_image_repo }}:{{ multus_image_tag }}
command: ["/install_multus"]
args:
- "--type"
- "thin"
resources:
requests:
cpu: "10m"
memory: "15Mi"
securityContext:
privileged: true
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts:
- name: cnibin
mountPath: {{ multus_cni_bin_dir }}
mountPropagation: Bidirectional
containers: containers:
- name: kube-multus - name: kube-multus
image: {{ multus_image_repo }}:{{ multus_image_tag }} image: {{ multus_image_repo }}:{{ multus_image_tag }}
command: ["/entrypoint.sh"]
command: ["/thin_entrypoint"]
args: args:
- "--cni-conf-dir={{ multus_cni_conf_dir }}" - "--cni-conf-dir={{ multus_cni_conf_dir }}"
- "--multus-autoconfig-dir={{ multus_cni_conf_dir }}"
- "--cni-bin-dir={{ multus_cni_bin_dir }}" - "--cni-bin-dir={{ multus_cni_bin_dir }}"
- "--multus-conf-file={{ multus_conf_file }}" - "--multus-conf-file={{ multus_conf_file }}"
- "--multus-kubeconfig-file-host={{ multus_kubeconfig_file_host }}" - "--multus-kubeconfig-file-host={{ multus_kubeconfig_file_host }}"
- "--cni-version={{ multus_cni_version }}"
resources: resources:
requests: requests:
cpu: "100m" cpu: "100m"
@ -55,6 +74,7 @@ spec:
capabilities: capabilities:
add: ["SYS_ADMIN"] add: ["SYS_ADMIN"]
{% endif %} {% endif %}
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts: volumeMounts:
{% if container_manager == 'crio' %} {% if container_manager == 'crio' %}
- name: run - name: run

Write Preview
Loading…
Cancel
Save