- Update CPU-Pooler and all its requires to the latest available version.
- Extend custom filters with `get_mapped_key`.
- Add CPU mappings to CM config.
Change-Id: I4f948a02c1bf3bf4a05b97af91381baa4bde21e6
Signed-off-by: Krisztian Lengyel <krisztian.lengyel@nokia.com>
%define COMPONENT infra-charts
%define RPM_NAME caas-%{COMPONENT}
%define RPM_MAJOR_VERSION 1.0.0
-%define RPM_MINOR_VERSION 3
+%define RPM_MINOR_VERSION 4
Name: %{RPM_NAME}
Version: %{RPM_MAJOR_VERSION}
%define COMPONENT instantiate
%define RPM_NAME caas-%{COMPONENT}
%define RPM_MAJOR_VERSION 1.0.0
-%define RPM_MINOR_VERSION 3
+%define RPM_MINOR_VERSION 4
Name: %{RPM_NAME}
Version: %{RPM_MAJOR_VERSION}
%define COMPONENT utils
%define RPM_NAME caas-%{COMPONENT}
%define RPM_MAJOR_VERSION 1.0.0
-%define RPM_MINOR_VERSION 3
+%define RPM_MINOR_VERSION 4
%define KUBELET_PLUGINS_LOGDIR /var/log/kubelet-plugins/
Name: %{RPM_NAME}
def filters(self):
return {
'get_kube_options': get_kube_options,
+ 'get_mapped_key': get_mapped_key,
}
formated_options = [option_template.format(option, str(value))
for option, value in options.iteritems()]
return ",".join(formated_options)
+
+
+def get_mapped_key(mapping, search_key, key_name):
+ _validate_dict(mapping)
+ for key, value in mapping.iteritems():
+ if (value.get(search_key, None) and
+ value[search_key] == key_name):
+ return key
+
+
+def _validate_dict(value):
+ if not isinstance(value, dict):
+ raise AnsibleError("Invalid type {}. Options must be dictionary!".format(type(options)))
chartrepo: 150
elasticsearch: 202
flannel: 666
+cpu_allocation_mapping:
+ caas_exclusive:
+ pool_name: exclusive_caas
+ caas_shared:
+ pool_name: shared_caas
+ caas_default:
+ pool_name: default
name: cpu-pooler-config
- mountPath: /var/lib/kubelet/device-plugins/kubelet_internal_checkpoint
name: checkpointfile
- readOnly: false
+ readOnly: true
env:
- name: NODE_NAME
valueFrom:
--- /dev/null
+{{ if .Values.cpupooler.required }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: webhook-cfg-updater
+ namespace: kube-system
+ labels:
+ annotations:
+ "helm.sh/hook": post-install
+ "helm.sh/hook-delete-policy": hook-succeeded
+spec:
+ template:
+ metadata:
+ annotations:
+ danm.k8s.io/interfaces: |
+ [
+ {
+ "network":"flannel"
+ }
+ ]
+ spec:
+ containers:
+ - name: webhook-cfg-updater
+ image: {{ .Values.registry_url }}/{{ .Values.registry_reponame }}/cpupooler:{{ .Values.cpupooler.container_version }}
+ command: ["sh", "-c", "--"]
+ args: ["RESVER=$(curl -k -H \"Authorization: Bearer $(cat {{ .Values.cpupooler.secret_path }}/token)\" -H 'Accept: application/json' --cacert {{ .Values.cpupooler.secret_path }}/ca.cert https://{{ .Values.apiserver_service_name }}/apis/admissionregistration.k8s.io/v1beta1/mutatingwebhookconfigurations/{{ .Values.cpupooler.webhook_conf_name }} | grep resourceVersion | awk '{print $2}' | tr -d ',' | tr -d '\"'); curl -k -X PUT -H \"Authorization: Bearer $(cat {{ .Values.cpupooler.secret_path }}/token)\" -H 'Accept: application/json' -H 'Content-Type: application/json' --cacert {{ .Values.cpupooler.secret_path }}/ca.cert https://{{ .Values.apiserver_service_name }}/apis/admissionregistration.k8s.io/v1beta1/mutatingwebhookconfigurations/{{ .Values.cpupooler.webhook_conf_name }} -d '{ \"apiVersion\": \"admissionregistration.k8s.io/v1beta1\", \"kind\": \"MutatingWebhookConfiguration\", \"metadata\": { \"name\": \"{{ .Values.cpupooler.webhook_conf_name }}\", \"namespace\": \"kube-system\", \"resourceVersion\": \"'$RESVER'\" }, \"webhooks\": [{\"name\": \"cpu-dev-mutator.nokia.k8s.io\", \"clientConfig\": {\"service\": {\"name\": \"{{ .Values.cpupooler.webhook_svc_name }}\", \"namespace\":\"kube-system\", \"path\":\"/mutating-pods\"}, \"caBundle\": \"{{ .Values.cpupooler.webhook_ca_bundle }}\" }, \"rules\": [{\"operations\": [\"CREATE\", \"UPDATE\"], \"apiGroups\": [\"\"], \"apiVersions\": [\"v1\"], \"resources\": [\"pods\"] }], \"failurePolicy\": \"Fail\" }]}';"]
+ imagePullPolicy: IfNotPresent
+ restartPolicy: Never
+ serviceAccountName: webhookcfg-controller
+{{ end }}
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
- name: cpu-device-pod-mutator-webhook-config
+ name: {{ .Values.cpupooler.webhook_conf_name }}
namespace: kube-system
- annotations:
- "helm.sh/hook": post-install
- "helm.sh/hook-delete-policy": hook-failed, before-hook-creation
webhooks:
- name: cpu-dev-mutator.nokia.k8s.io
clientConfig:
service:
- name: cpu-dev-pod-mutator-svc
+ name: {{ .Values.cpupooler.webhook_svc_name }}
namespace: kube-system
path: "/mutating-pods"
caBundle: "{{ .Values.cpupooler.webhook_ca_bundle }}"
- rules:
- - operations: ["CREATE","UPDATE"]
- apiGroups: [""]
- apiVersions: ["v1"]
- resources: ["pods"]
failurePolicy: Fail
{{ end }}
apiVersion: v1
kind: Service
metadata:
- name: cpu-dev-pod-mutator-svc
+ name: {{ .Values.cpupooler.webhook_svc_name }}
namespace: kube-system
labels:
{{ .Values.kubernetes_component_label }}: cpu-dev-pod-mutator
registry_url: {{ caas.registry_url }}:{{ caas.registry_port }}
registry_reponame: "{{ caas.registry_repo }}"
domain: "{{ caas.dns_domain }}"
+apiserver_service_name: {{ caas.apiserver_service_name }}
metrics_server:
required: true
cpupooler:
required: true
+ webhook_conf_name: cpu-device-pod-mutator-webhook-config
+ webhook_svc_name: cpu-dev-pod-mutator-svc
+ secret_path: /var/run/secrets/kubernetes.io/serviceaccount
container_version: {{ container_image_names | select('search', '/cpupooler') | list | last | regex_replace('.*:([\\w\\-_\\.]+)$', '\\1') }}
webhook_ca_bundle: {{ webhooks_ca }}
webhook_port: {{ caas.webhook_port }}