-
Notifications
You must be signed in to change notification settings - Fork 10
/
ose-nuage-node-config-daemonset.yaml
executable file
·208 lines (203 loc) · 6.25 KB
/
ose-nuage-node-config-daemonset.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
# This ConfigMap is used to configure Nuage VSP configuration
kind: ConfigMap
apiVersion: v1
metadata:
name: nuage-node-config
namespace: kube-system
data:
# This will generate the required Nuage vsp-openshift.yaml
# config on each slave node
plugin_yaml_config: |
clientCert: /etc/origin/node/server.crt
# The key to the certificate in clientCert above
clientKey: /etc/origin/node/server.key
# The certificate authority's certificate for the local kubelet. Usually the
# same as the CA cert used to create the client Cert/Key pair.
CACert: /etc/origin/node/ca.crt
# Name of the enterprise in which pods will reside
enterpriseName: OpenShift
# Name of the domain in which pods will reside
domainName: OpenShift-domain
# Name of the VSD user in admin group
vsdUser: ose-admin
# IP address and port number of master API server
masterApiServer: https://10.31.45.147:8443
# REST server URL
nuageMonRestServer: https://10.31.45.147:9443
# Bridge name for the docker bridge
dockerBridgeName: docker0
# Certificate for connecting to the openshift monitor REST api
nuageMonClientCert: /etc/origin/node/server.crt
# Key to the certificate in restClientCert
nuageMonClientKey: /etc/origin/node/server.key
# CA certificate for verifying the master's rest server
nuageMonServerCA: /etc/origin/node/ca.crt
# This will generate the required Nuage CNI yaml configuration
cni_yaml_config: |
vrsendpoint: "/var/run/openvswitch/db.sock"
vrsbridge: "alubr0"
monitorinterval: 60
cniversion: 0.2.0
loglevel: "info"
portresolvetimer: 60
logfilesize: 1
vrsconnectionchecktimer: 180
mtu: 1450
staleentrytimeout: 600
---
# This manifest installs Nuage CNI plugins and network config on
# each worker node in a Kubernetes cluster.
kind: DaemonSet
apiVersion: extensions/v1beta1
metadata:
name: nuage-cni-ds
namespace: kube-system
labels:
k8s-app: nuage-cni-ds
spec:
selector:
matchLabels:
k8s-app: nuage-cni-ds
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
k8s-app: nuage-cni-ds
spec:
hostNetwork: true
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
operator: Exists
containers:
# This container installs Nuage CNI binaries
# and CNI network config file on each node.
- name: install-nuage-cni
image: nuage/cni:v5.1.2
command: ["/install-cni.sh"]
args: ["nuage-cni-openshift", "is_rhel_server"]
securityContext:
privileged: true
env:
# Nuage vsp-openshift.yaml config to install on each slave node.
- name: NUAGE_VSP_CONFIG
valueFrom:
configMapKeyRef:
name: nuage-node-config
key: plugin_yaml_config
# Nuage nuage-cni.yaml config to install on each slave node.
- name: NUAGE_CNI_YAML_CONFIG
valueFrom:
configMapKeyRef:
name: nuage-node-config
key: cni_yaml_config
# Nuage cluster network CIDR for iptables configuration
- name: NUAGE_CLUSTER_NW_CIDR
value: "70.70.0.0/16"
volumeMounts:
- mountPath: /host/opt
name: cni-bin-dir
- mountPath: /host/etc
name: cni-yaml-dir
- mountPath: /var/run
name: var-run-dir
- mountPath: /var/log
name: cni-log-dir
- mountPath: /host/var
name: atomic-var-dir
- mountPath: /usr/share
name: usr-share-dir
- mountPath: /etc/origin
name: node-config-dir
volumes:
- name: cni-bin-dir
hostPath:
path: /opt
- name: cni-yaml-dir
hostPath:
path: /etc
- name: var-run-dir
hostPath:
path: /var/run
- name: cni-log-dir
hostPath:
path: /var/log
- name: atomic-var-dir
hostPath:
path: /var
- name: usr-share-dir
hostPath:
path: /usr/share
- name: node-config-dir
hostPath:
path: /etc/origin
---
# This manifest installs Nuage VRS on
# each worker node in a Kubernetes cluster.
kind: DaemonSet
apiVersion: extensions/v1beta1
metadata:
name: nuage-vrs-ds
namespace: kube-system
labels:
k8s-app: nuage-vrs-ds
spec:
selector:
matchLabels:
k8s-app: nuage-vrs-ds
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
k8s-app: nuage-vrs-ds
spec:
hostNetwork: true
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
operator: Exists
containers:
# This container installs Nuage VRS running as a
# container on each worker node
- name: install-nuage-vrs
image: nuage/vrs:v5.1.2
securityContext:
privileged: true
env:
# Configure parameters for VRS openvswitch file
- name: NUAGE_ACTIVE_CONTROLLER
value: "10.100.100.100"
- name: NUAGE_STANDBY_CONTROLLER
value: "10.100.100.101"
- name: NUAGE_PLATFORM
value: '"kvm, k8s"'
- name: NUAGE_K8S_SERVICE_IPV4_SUBNET
value: '172.30.0.0\/16'
- name: NUAGE_NETWORK_UPLINK_INTF
value: "eth0"
volumeMounts:
- mountPath: /var/run
name: vrs-run-dir
- mountPath: /var/log
name: vrs-log-dir
- mountPath: /sys/module
name: sys-mod-dir
readOnly: true
- mountPath: /lib/modules
name: lib-mod-dir
readOnly: true
volumes:
- name: vrs-run-dir
hostPath:
path: /var/run
- name: vrs-log-dir
hostPath:
path: /var/log
- name: sys-mod-dir
hostPath:
path: /sys/module
- name: lib-mod-dir
hostPath:
path: /lib/modules