Skip to content

Commit

Permalink
neonvm: use 3.9.3 multus for arm
Browse files Browse the repository at this point in the history
Signed-off-by: Misha Sakhnov <[email protected]>
  • Loading branch information
mikhail-sakhnov committed Oct 30, 2024
1 parent 9416891 commit b13ee03
Show file tree
Hide file tree
Showing 2 changed files with 91 additions and 120 deletions.
193 changes: 84 additions & 109 deletions neonvm/config/multus-arm64/daemonset_patch.yaml
Original file line number Diff line number Diff line change
@@ -1,137 +1,112 @@
---
# Source: multus-cni/templates/daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kube-multus-ds
namespace: kube-system
labels:
tier: node
app: multus
name: multus
tier: node
name: kube-multus-ds
namespace: kube-system
spec:
selector:
matchLabels:
name: multus
app: multus
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
app: multus
name: multus
tier: node
annotations:
spec:

hostNetwork: true
serviceAccountName: multus
securityContext:
fsGroup: 0
affinity:
podAffinity:

nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- arm64
- key: kubernetes.io/os
operator: In
values:
- linux
containers:
- command:
- /usr/src/multus-cni/bin/multus-daemon
image: ghcr.io/k8snetworkplumbingwg/multus-cni:v4.1.3-thick
name: kube-multus
resources:
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
securityContext:
privileged: true
volumeMounts:
- name: cni
mountPath: /host/etc/cni/net.d
# multus-daemon expects that cnibin path must be identical between pod and container host.
# e.g. if the cni bin is in '/opt/cni/bin' on the container host side, then it should be mount to '/opt/cni/bin' in multus-daemon,
# not to any other directory, like '/opt/bin' or '/usr/bin'.
- name: cnibin
mountPath: /opt/cni/bin
- name: host-run
mountPath: /host/run
- name: host-var-lib-cni-multus
mountPath: /var/lib/cni/multus
- name: host-var-lib-kubelet
mountPath: /var/lib/kubelet
mountPropagation: HostToContainer
- name: host-run-k8s-cni-cncf-io
mountPath: /run/k8s.cni.cncf.io
- name: host-run-netns
mountPath: /run/netns
mountPropagation: HostToContainer
- name: multus-daemon-config
mountPath: /etc/cni/net.d/multus.d
readOnly: true
- name: hostroot
mountPath: /hostroot
mountPropagation: HostToContainer
env:
- name: MULTUS_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
hostNetwork: true
hostPID: true
- linux
priorityClassName: ""
initContainers:
- name: install-multus-binary
image: ghcr.io/k8snetworkplumbingwg/multus-cni:v4.1.3-thick
image: docker.io/bitnami/multus-cni:3.9.3
command:
- "cp"
- "/usr/src/multus-cni/bin/multus-shim"
- "/host/opt/cni/bin/multus-shim"
resources:
requests:
cpu: "10m"
memory: "15Mi"
- cp
- "/usr/src/multus-cni/bin/multus"
- "/bitnami/multus-cni/host/opt/cni/bin"
securityContext:
privileged: true
terminationMessagePolicy: FallbackToLogsOnError
runAsNonRoot: false
runAsUser: 0
volumeMounts:
- name: cnibin
mountPath: /host/opt/cni/bin
- name: cni-bin-dir
mountPath: /bitnami/multus-cni/host/opt/cni/bin
mountPropagation: Bidirectional
serviceAccountName: multus
terminationGracePeriodSeconds: 10
tolerations:
- effect: NoSchedule
operator: Exists
- name: generate-kubeconfig
image: docker.io/bitnami/multus-cni:3.9.3
command:
- generate-kubeconfig
args:
- "-k8s-service-host=$(KUBERNETES_SERVICE_HOST)"
- "-k8s-service-port=$(KUBERNETES_SERVICE_PORT)"
- "-cni-config-dir=/bitnami/multus-cni/host/etc/cni/net.d"
securityContext:
privileged: true
runAsNonRoot: false
runAsUser: 0
volumeMounts:
- name: cni-net-dir
mountPath: /bitnami/multus-cni/host/etc/cni/net.d
mountPropagation: Bidirectional
containers:
- name: kube-multus
image: docker.io/bitnami/multus-cni:3.9.3
imagePullPolicy: "IfNotPresent"
command:
- multus-daemon
args:
- "-cni-version=0.3.0"
- "-cni-config-dir=/bitnami/multus-cni/host/etc/cni/net.d"
- "-multus-autoconfig-dir=/bitnami/multus-cni/host/etc/cni/net.d"
- "-multus-log-to-stderr=true"
- "-multus-log-level=verbose"
securityContext:
privileged: true
runAsNonRoot: false
runAsUser: 0
env:
- name: BITNAMI_DEBUG
value: "false"
envFrom:
livenessProbe:
exec:
command:
- pgrep
- multus-daemon
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
resources:
limits: {}
requests: {}
volumeMounts:
- name: cni-net-dir
mountPath: /bitnami/multus-cni/host/etc/cni/net.d
volumes:
- hostPath:
path: /etc/cni/net.d
name: cni
- hostPath:
path: /opt/cni/bin
name: cnibin
- name: hostroot
hostPath:
path: /
- name: multus-daemon-config
configMap:
name: multus-daemon-config
items:
- key: daemon-config.json
path: daemon-config.json
- name: host-run
hostPath:
path: /run
- name: host-var-lib-cni-multus
hostPath:
path: /var/lib/cni/multus
- name: host-var-lib-kubelet
hostPath:
path: /var/lib/kubelet
- name: host-run-k8s-cni-cncf-io
hostPath:
path: /run/k8s.cni.cncf.io
- name: host-run-netns
hostPath:
path: /run/netns/

updateStrategy:
type: RollingUpdate
- name: cni-bin-dir
hostPath:
path: /opt/cni/bin
- name: cni-net-dir
hostPath:
path: /etc/cni/net.d
18 changes: 7 additions & 11 deletions neonvm/config/multus-arm64/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,21 +8,17 @@ images:
- name: kube-multus
newName: ghcr.io/k8snetworkplumbingwg/multus-cni
newTag: v4.1.3-thick

resources:
- config_map.yaml


patchesStrategicMerge:
- cluster_role.yaml
- daemonset_patch.yaml

patches:
- target:
kind: DaemonSet
name: kube-multus-ds
- target:
kind: ServiceAccount
name: multus
patch: |-
- op: replace
path: /spec/template/spec/containers/0/command
value: ["/usr/src/multus-cni/bin/multus-daemon"]
- op: replace
path: /spec/template/spec/containers/0/args
value: []
path: /automountServiceAccountToken
value: true

0 comments on commit b13ee03

Please sign in to comment.