Adjust virtlet-ds.yaml to v1.1.2
Change-Id: I576bf328f1fa3498d3a7382c4a0bea55bfd2268a
diff --git a/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml b/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml
index beb4535..35cd05f 100644
--- a/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml
+++ b/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml
@@ -11,6 +11,9 @@
labels:
addonmanager.kubernetes.io/mode: Reconcile
spec:
+ selector:
+ matchLabels:
+ runtime: virtlet
template:
metadata:
creationTimestamp: null
@@ -18,18 +21,10 @@
runtime: virtlet
name: virtlet
spec:
- selector:
- matchLabels:
- runtime: virtlet
- hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
- # hostPID is true to (1) enable VMs to survive virtlet container restart
- # (to be checked) and (2) to enable the use of nsenter in init container
+ hostNetwork: true
hostPID: true
- # bootstrap procedure needs to create a configmap in kube-system namespace
serviceAccountName: virtlet
-
- # only run Virtlet pods on the nodes with extraRuntime=virtlet label
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
@@ -39,34 +34,10 @@
operator: In
values:
- virtlet
+
initContainers:
- # The init container copies virtlet's flexvolume driver
- # to the default kubelet plugin dir and ensures that
- # the directories needed by libvirt & virtlet exist on the host
- - name: prepare-node
- image: {{ common.addons.virtlet.image }}
- imagePullPolicy: IfNotPresent
- command:
+ - command:
- /prepare-node.sh
- volumeMounts:
- - name: k8s-flexvolume-plugins-dir
- mountPath: /kubelet-volume-plugins
- - name: run
- mountPropagation: Bidirectional
- mountPath: /run
- - name: dockersock
- mountPath: /var/run/docker.sock
- - name: log
- mountPath: /hostlog
- # for ensuring that /var/lib/libvirt/images exists on node
- - name: var-lib
- mountPath: /host-var-lib
- - name: dev
- mountPath: /dev
- - mountPath: /var/lib/virtlet
- name: virtlet
- securityContext:
- privileged: true
env:
- name: KUBE_NODE_NAME
valueFrom:
@@ -76,60 +47,88 @@
- name: VIRTLET_DISABLE_KVM
valueFrom:
configMapKeyRef:
- name: virtlet-config
key: disable_kvm
+ name: virtlet-config
optional: true
- name: VIRTLET_SRIOV_SUPPORT
valueFrom:
configMapKeyRef:
- name: virtlet-config
key: sriov_support
+ name: virtlet-config
optional: true
- name: VIRTLET_DOWNLOAD_PROTOCOL
valueFrom:
configMapKeyRef:
- name: virtlet-config
key: download_protocol
+ name: virtlet-config
optional: true
- name: VIRTLET_LOGLEVEL
valueFrom:
configMapKeyRef:
- name: virtlet-config
key: loglevel
+ name: virtlet-config
optional: true
- name: VIRTLET_CALICO_SUBNET
valueFrom:
configMapKeyRef:
- name: virtlet-config
key: calico-subnet
+ name: virtlet-config
optional: true
- name: IMAGE_REGEXP_TRANSLATION
valueFrom:
configMapKeyRef:
- name: virtlet-config
key: image_regexp_translation
+ name: virtlet-config
optional: true
- name: VIRTLET_RAW_DEVICES
valueFrom:
configMapKeyRef:
- name: virtlet-config
key: raw_devices
+ name: virtlet-config
optional: true
- name: VIRTLET_DISABLE_LOGGING
valueFrom:
configMapKeyRef:
- name: virtlet-config
key: disable_logging
+ name: virtlet-config
+ optional: true
+ - name: VIRTLET_CPU_MODEL
+ valueFrom:
+ configMapKeyRef:
+ key: cpu-model
+ name: virtlet-config
optional: true
- name: VIRTLET_IMAGE_TRANSLATIONS_DIR
value: /etc/virtlet/images
+ image: {{ common.addons.virtlet.image }}
+ imagePullPolicy: IfNotPresent
+ name: prepare-node
+ resources: {}
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - mountPath: /kubelet-volume-plugins
+ name: k8s-flexvolume-plugins-dir
+ - mountPath: /run
+ mountPropagation: Bidirectional
+ name: run
+ - mountPath: /var/run/docker.sock
+ name: dockersock
+ - mountPath: /hostlog
+ name: log
+ - mountPath: /host-var-lib
+ name: var-lib
+ - mountPath: /dev
+ name: dev
+ - mountPath: /var/lib/virtlet
+ name: virtlet
containers:
- name: libvirt
- image: {{ common.addons.virtlet.image }}
- imagePullPolicy: IfNotPresent
command:
- /libvirt.sh
+ image: {{ common.addons.virtlet.image }}
+ imagePullPolicy: IfNotPresent
readinessProbe:
exec:
command:
@@ -149,40 +148,37 @@
name: boot
readOnly: true
- mountPath: /run
- name: run
mountPropagation: Bidirectional
+ name: run
- mountPath: /var/lib/virtlet
name: virtlet
- mountPath: /var/lib/libvirt
name: libvirt
- mountPath: /var/run/libvirt
name: libvirt-sockets
- # the log dir is needed here because otherwise libvirt will produce errors
- # like this:
- # Unable to pre-create chardev file '/var/log/vms/afd75bbb-8e97-11e7-9561-02420ac00002/cirros-vm_0.log': No such file or directory
- - name: vms-log
- mountPath: /var/log/vms
- - name: libvirt-log
- mountPath: /var/log/libvirt
- - name: dev
- mountPath: /dev
- securityContext:
- privileged: true
+ - mountPath: /var/log/vms
+ name: vms-log
+ - mountPath: /var/log/libvirt
+ name: libvirt-log
+ - mountPath: /dev
+ name: dev
+
+ - name: virtlet
+ image: {{ common.addons.virtlet.image }}
+ imagePullPolicy: IfNotPresent
readinessProbe:
exec:
command:
- /bin/sh
- -c
- - socat - UNIX:/var/run/libvirt/libvirt-sock-ro </dev/null
- - name: virtlet
- image: {{ common.addons.virtlet.image }}
- # In case we inject local virtlet image we want to use it not officially available one
- imagePullPolicy: IfNotPresent
+ - socat - UNIX:/run/virtlet.sock </dev/null
+ resources: {}
+ securityContext:
+ privileged: true
volumeMounts:
- mountPath: /run
- name: run
mountPropagation: Bidirectional
- # /boot and /lib/modules are required by supermin
+ name: run
- mountPath: /lib/modules
name: modules
readOnly: true
@@ -198,40 +194,36 @@
- mountPath: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
name: k8s-flexvolume-plugins-dir
- mountPath: /var/lib/kubelet/pods
- name: k8s-pods-dir
mountPropagation: Bidirectional
- - name: vms-log
- mountPath: /var/log/vms
+ name: k8s-pods-dir
+ - mountPath: /var/log/vms
+ name: vms-log
- mountPath: /etc/virtlet/images
name: image-name-translations
- - name: pods-log
- mountPath: /var/log/pods
- securityContext:
- privileged: true
- readinessProbe:
- exec:
- command:
- - /bin/sh
- - -c
- - socat - UNIX:/run/virtlet.sock </dev/null
+ - mountPath: /var/log/pods
+ name: pods-log
+ - mountPath: /var/log/libvirt
+ name: libvirt-log
+
- name: vms
- image: {{ common.addons.virtlet.image }}
- imagePullPolicy: IfNotPresent
command:
- /vms.sh
+ image: {{ common.addons.virtlet.image }}
+ imagePullPolicy: IfNotPresent
+ resources: {}
volumeMounts:
- mountPath: /var/lib/virtlet
name: virtlet
- mountPath: /var/lib/libvirt
name: libvirt
- - name: vms-log
- mountPath: /var/log/vms
- - name: dev
- mountPath: /dev
- - name: modules
- mountPath: /lib/modules
+ - mountPath: /var/log/vms
+ name: vms-log
+ - mountPath: /dev
+ name: dev
+ - mountPath: /lib/modules
+ name: modules
+
volumes:
- # /dev is needed for host raw device access
- hostPath:
path: /dev
name: dev
@@ -247,9 +239,6 @@
- hostPath:
path: /run
name: run
- # TODO: don't hardcode docker socket location here
- # This will require CRI proxy installation to run
- # in host mount namespace.
- hostPath:
path: /var/run/docker.sock
name: dockersock
@@ -283,12 +272,16 @@
- hostPath:
path: /var/log/pods
name: pods-log
- - hostPath:
- path: /var/run/netns
- name: netns-dir
- configMap:
name: virtlet-image-translations
name: image-name-translations
+ updateStrategy: {}
+status:
+ currentNumberScheduled: 0
+ desiredNumberScheduled: 0
+ numberMisscheduled: 0
+ numberReady: 0
+
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
@@ -305,6 +298,7 @@
- kind: ServiceAccount
name: virtlet
namespace: {{ common.addons.virtlet.namespace }}
+
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
@@ -315,14 +309,15 @@
labels:
addonmanager.kubernetes.io/mode: Reconcile
rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- - nodes
- verbs:
- - create
- - get
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - nodes
+ verbs:
+ - create
+ - get
+
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
@@ -340,6 +335,7 @@
- get
- list
- watch
+
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
@@ -356,6 +352,7 @@
- secrets
verbs:
- get
+
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
@@ -372,6 +369,7 @@
- apiGroup: rbac.authorization.k8s.io
kind: Group
name: system:nodes
+
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
@@ -388,6 +386,7 @@
- kind: ServiceAccount
name: virtlet
namespace: {{ common.addons.virtlet.namespace }}
+
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
@@ -411,6 +410,7 @@
verbs:
- list
- get
+
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
@@ -427,6 +427,7 @@
- kind: ServiceAccount
name: virtlet
namespace: {{ common.addons.virtlet.namespace }}
+
---
apiVersion: v1
kind: ServiceAccount
@@ -436,6 +437,7 @@
namespace: {{ common.addons.virtlet.namespace }}
labels:
addonmanager.kubernetes.io/mode: Reconcile
+
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
@@ -461,6 +463,7 @@
kind: ""
plural: ""
conditions: null
+
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
@@ -495,6 +498,8 @@
type: string
cniPluginDir:
type: string
+ cpuModel:
+ type: string
criSocketPath:
type: string
databasePath:
@@ -512,7 +517,6 @@
type: boolean
fdServerSocketPath:
type: string
- type: string
imageDir:
type: string
imageTranslationConfigsDir:
@@ -539,6 +543,7 @@
kind: ""
plural: ""
conditions: null
+
---
apiVersion: v1
data: