src/foundation/scripts/cni/multus/multus-sriov-flannel/flannel-daemonset.yml

   1 # yamllint disable
   2 # This is a modified Flannel daemonset.
   3 # it is based on: https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
   4 # Notably, it removes the creation of an configuration file in/etc/cni/net.d/
   5 ---
   6 kind: ClusterRole
   7 apiVersion: rbac.authorization.k8s.io/v1beta1
   8 metadata:
   9   name: flannel
  10 rules:
  11   - apiGroups:
  12       - ""
  13     resources:
  14       - pods
  15     verbs:
  16       - get
  17   - apiGroups:
  18       - ""
  19     resources:
  20       - nodes
  21     verbs:
  22       - list
  23       - watch
  24   - apiGroups:
  25       - ""
  26     resources:
  27       - nodes/status
  28     verbs:
  29       - patch
  30 ---
  31 kind: ClusterRoleBinding
  32 apiVersion: rbac.authorization.k8s.io/v1beta1
  33 metadata:
  34   name: flannel
  35 roleRef:
  36   apiGroup: rbac.authorization.k8s.io
  37   kind: ClusterRole
  38   name: flannel
  39 subjects:
  40   - kind: ServiceAccount
  41     name: flannel
  42     namespace: kube-system
  43 ---
  44 apiVersion: v1
  45 kind: ServiceAccount
  46 metadata:
  47   name: flannel
  48   namespace: kube-system
  49 ---
  50 kind: ConfigMap
  51 apiVersion: v1
  52 metadata:
  53   name: kube-flannel-cfg
  54   namespace: kube-system
  55   labels:
  56     tier: node
  57     app: flannel
  58 data:
  59   # ------------------------------- Intentionally removed, Multus daemonset configures /etc/cni/net.d
  60   #cni-conf.json: |
  61   #  {
  62   #    "name": "cbr0",
  63   #    "plugins": [
  64   #      {
  65   #        "type": "flannel",
  66   #        "delegate": {
  67   #          "hairpinMode": true,
  68   #          "isDefaultGateway": true
  69   #        }
  70   #      },
  71   #      {
  72   #        "type": "portmap",
  73   #        "capabilities": {
  74   #          "portMappings": true
  75   #        }
  76   #      }
  77   #    ]
  78   #  }
  79   net-conf.json: |
  80     {
  81       "Network": "10.244.0.0/16",
  82       "Backend": {
  83         "Type": "vxlan",
  84         "Port": 18989
  85       }
  86     }
  87 ---
  88 apiVersion: extensions/v1beta1
  89 kind: DaemonSet
  90 metadata:
  91   name: kube-flannel-ds-amd64
  92   namespace: kube-system
  93   labels:
  94     tier: node
  95     app: flannel
  96 spec:
  97   template:
  98     metadata:
  99       labels:
 100         tier: node
 101         app: flannel
 102     spec:
 103       hostNetwork: true
 104       nodeSelector:
 105         beta.kubernetes.io/arch: amd64
 106       tolerations:
 107       - operator: Exists
 108         effect: NoSchedule
 109       serviceAccountName: flannel
 110       # ------------------------------- Intentionally removed, Multus daemonset configures /etc/cni/net.d
 111       # initContainers:
 112       # - name: install-cni
 113       #   image: quay.io/coreos/flannel:v0.10.0-amd64
 114       #   command:
 115       #   - cp
 116       #   args:
 117       #   - -f
 118       #   - /etc/kube-flannel/cni-conf.json
 119       #   - /etc/cni/net.d/10-flannel.conflist
 120       #   volumeMounts:
 121       #   - name: cni
 122       #     mountPath: /etc/cni/net.d
 123       #   - name: flannel-cfg
 124       #     mountPath: /etc/kube-flannel/
 125       containers:
 126       - name: kube-flannel
 127         image: quay.io/coreos/flannel:v0.10.0-amd64
 128         imagePullPolicy: IfNotPresent
 129         command:
 130         - /opt/bin/flanneld
 131         args:
 132         - --ip-masq
 133         - --kube-subnet-mgr
 134         resources:
 135           requests:
 136             cpu: "100m"
 137             memory: "50Mi"
 138           limits:
 139             cpu: "100m"
 140             memory: "50Mi"
 141         securityContext:
 142           privileged: true
 143         env:
 144         - name: POD_NAME
 145           valueFrom:
 146             fieldRef:
 147               fieldPath: metadata.name
 148         - name: POD_NAMESPACE
 149           valueFrom:
 150             fieldRef:
 151               fieldPath: metadata.namespace
 152         volumeMounts:
 153         - name: run
 154           mountPath: /run
 155         - name: flannel-cfg
 156           mountPath: /etc/kube-flannel/
 157       volumes:
 158         - name: run
 159           hostPath:
 160             path: /run
 161         - name: cni
 162           hostPath:
 163             path: /etc/cni/net.d
 164         - name: flannel-cfg
 165           configMap:
 166             name: kube-flannel-cfg
 167 ---
 168 apiVersion: extensions/v1beta1
 169 kind: DaemonSet
 170 metadata:
 171   name: kube-flannel-ds-arm64
 172   namespace: kube-system
 173   labels:
 174     tier: node
 175     app: flannel
 176 spec:
 177   template:
 178     metadata:
 179       labels:
 180         tier: node
 181         app: flannel
 182     spec:
 183       hostNetwork: true
 184       nodeSelector:
 185         beta.kubernetes.io/arch: arm64
 186       tolerations:
 187       - operator: Exists
 188         effect: NoSchedule
 189       serviceAccountName: flannel
 190       # ------------------------------- Intentionally removed, Multus daemonset configures /etc/cni/net.d
 191       # initContainers:
 192       # - name: install-cni
 193       #   image: quay.io/coreos/flannel:v0.10.0-arm64
 194       #   command:
 195       #   - cp
 196       #   args:
 197       #   - -f
 198       #   - /etc/kube-flannel/cni-conf.json
 199       #   - /etc/cni/net.d/10-flannel.conflist
 200       #   volumeMounts:
 201       #   - name: cni
 202       #     mountPath: /etc/cni/net.d
 203       #   - name: flannel-cfg
 204       #     mountPath: /etc/kube-flannel/
 205       containers:
 206       - name: kube-flannel
 207         image: quay.io/coreos/flannel:v0.10.0-arm64
 208         command:
 209         - /opt/bin/flanneld
 210         args:
 211         - --ip-masq
 212         - --kube-subnet-mgr
 213         resources:
 214           requests:
 215             cpu: "100m"
 216             memory: "50Mi"
 217           limits:
 218             cpu: "100m"
 219             memory: "50Mi"
 220         securityContext:
 221           privileged: true
 222         env:
 223         - name: POD_NAME
 224           valueFrom:
 225             fieldRef:
 226               fieldPath: metadata.name
 227         - name: POD_NAMESPACE
 228           valueFrom:
 229             fieldRef:
 230               fieldPath: metadata.namespace
 231         volumeMounts:
 232         - name: run
 233           mountPath: /run
 234         - name: flannel-cfg
 235           mountPath: /etc/kube-flannel/
 236       volumes:
 237         - name: run
 238           hostPath:
 239             path: /run
 240         - name: cni
 241           hostPath:
 242             path: /etc/cni/net.d
 243         - name: flannel-cfg
 244           configMap:
 245             name: kube-flannel-cfg
 246 ---
 247 apiVersion: extensions/v1beta1
 248 kind: DaemonSet
 249 metadata:
 250   name: kube-flannel-ds-arm
 251   namespace: kube-system
 252   labels:
 253     tier: node
 254     app: flannel
 255 spec:
 256   template:
 257     metadata:
 258       labels:
 259         tier: node
 260         app: flannel
 261     spec:
 262       hostNetwork: true
 263       nodeSelector:
 264         beta.kubernetes.io/arch: arm
 265       tolerations:
 266       - operator: Exists
 267         effect: NoSchedule
 268       serviceAccountName: flannel
 269       initContainers:
 270       - name: install-cni
 271         image: quay.io/coreos/flannel:v0.10.0-arm
 272         command:
 273         - cp
 274         args:
 275         - -f
 276         - /etc/kube-flannel/cni-conf.json
 277         - /etc/cni/net.d/10-flannel.conflist
 278         volumeMounts:
 279         - name: cni
 280           mountPath: /etc/cni/net.d
 281         - name: flannel-cfg
 282           mountPath: /etc/kube-flannel/
 283       containers:
 284       - name: kube-flannel
 285         image: quay.io/coreos/flannel:v0.10.0-arm
 286         command:
 287         - /opt/bin/flanneld
 288         args:
 289         - --ip-masq
 290         - --kube-subnet-mgr
 291         resources:
 292           requests:
 293             cpu: "100m"
 294             memory: "50Mi"
 295           limits:
 296             cpu: "100m"
 297             memory: "50Mi"
 298         securityContext:
 299           privileged: true
 300         env:
 301         - name: POD_NAME
 302           valueFrom:
 303             fieldRef:
 304               fieldPath: metadata.name
 305         - name: POD_NAMESPACE
 306           valueFrom:
 307             fieldRef:
 308               fieldPath: metadata.namespace
 309         volumeMounts:
 310         - name: run
 311           mountPath: /run
 312         - name: flannel-cfg
 313           mountPath: /etc/kube-flannel/
 314       volumes:
 315         - name: run
 316           hostPath:
 317             path: /run
 318         - name: cni
 319           hostPath:
 320             path: /etc/cni/net.d
 321         - name: flannel-cfg
 322           configMap:
 323             name: kube-flannel-cfg
 324 ---
 325 apiVersion: extensions/v1beta1
 326 kind: DaemonSet
 327 metadata:
 328   name: kube-flannel-ds-ppc64le
 329   namespace: kube-system
 330   labels:
 331     tier: node
 332     app: flannel
 333 spec:
 334   template:
 335     metadata:
 336       labels:
 337         tier: node
 338         app: flannel
 339     spec:
 340       hostNetwork: true
 341       nodeSelector:
 342         beta.kubernetes.io/arch: ppc64le
 343       tolerations:
 344       - operator: Exists
 345         effect: NoSchedule
 346       serviceAccountName: flannel
 347       initContainers:
 348       - name: install-cni
 349         image: quay.io/coreos/flannel:v0.10.0-ppc64le
 350         command:
 351         - cp
 352         args:
 353         - -f
 354         - /etc/kube-flannel/cni-conf.json
 355         - /etc/cni/net.d/10-flannel.conflist
 356         volumeMounts:
 357         - name: cni
 358           mountPath: /etc/cni/net.d
 359         - name: flannel-cfg
 360           mountPath: /etc/kube-flannel/
 361       containers:
 362       - name: kube-flannel
 363         image: quay.io/coreos/flannel:v0.10.0-ppc64le
 364         command:
 365         - /opt/bin/flanneld
 366         args:
 367         - --ip-masq
 368         - --kube-subnet-mgr
 369         resources:
 370           requests:
 371             cpu: "100m"
 372             memory: "50Mi"
 373           limits:
 374             cpu: "100m"
 375             memory: "50Mi"
 376         securityContext:
 377           privileged: true
 378         env:
 379         - name: POD_NAME
 380           valueFrom:
 381             fieldRef:
 382               fieldPath: metadata.name
 383         - name: POD_NAMESPACE
 384           valueFrom:
 385             fieldRef:
 386               fieldPath: metadata.namespace
 387         volumeMounts:
 388         - name: run
 389           mountPath: /run
 390         - name: flannel-cfg
 391           mountPath: /etc/kube-flannel/
 392       volumes:
 393         - name: run
 394           hostPath:
 395             path: /run
 396         - name: cni
 397           hostPath:
 398             path: /etc/cni/net.d
 399         - name: flannel-cfg
 400           configMap:
 401             name: kube-flannel-cfg
 402 ---
 403 apiVersion: extensions/v1beta1
 404 kind: DaemonSet
 405 metadata:
 406   name: kube-flannel-ds-s390x
 407   namespace: kube-system
 408   labels:
 409     tier: node
 410     app: flannel
 411 spec:
 412   template:
 413     metadata:
 414       labels:
 415         tier: node
 416         app: flannel
 417     spec:
 418       hostNetwork: true
 419       nodeSelector:
 420         beta.kubernetes.io/arch: s390x
 421       tolerations:
 422       - operator: Exists
 423         effect: NoSchedule
 424       serviceAccountName: flannel
 425       initContainers:
 426       - name: install-cni
 427         image: quay.io/coreos/flannel:v0.10.0-s390x
 428         command:
 429         - cp
 430         args:
 431         - -f
 432         - /etc/kube-flannel/cni-conf.json
 433         - /etc/cni/net.d/10-flannel.conflist
 434         volumeMounts:
 435         - name: cni
 436           mountPath: /etc/cni/net.d
 437         - name: flannel-cfg
 438           mountPath: /etc/kube-flannel/
 439       containers:
 440       - name: kube-flannel
 441         image: quay.io/coreos/flannel:v0.10.0-s390x
 442         command:
 443         - /opt/bin/flanneld
 444         args:
 445         - --ip-masq
 446         - --kube-subnet-mgr
 447         resources:
 448           requests:
 449             cpu: "100m"
 450             memory: "50Mi"
 451           limits:
 452             cpu: "100m"
 453             memory: "50Mi"
 454         securityContext:
 455           privileged: true
 456         env:
 457         - name: POD_NAME
 458           valueFrom:
 459             fieldRef:
 460               fieldPath: metadata.name
 461         - name: POD_NAMESPACE
 462           valueFrom:
 463             fieldRef:
 464               fieldPath: metadata.namespace
 465         volumeMounts:
 466         - name: run
 467           mountPath: /run
 468         - name: flannel-cfg
 469           mountPath: /etc/kube-flannel/
 470       volumes:
 471         - name: run
 472           hostPath:
 473             path: /run
 474         - name: cni
 475           hostPath:
 476             path: /etc/cni/net.d
 477         - name: flannel-cfg
 478           configMap:
 479             name: kube-flannel-cfg