Add support CNI-genie
Change-Id: I69855ec2d7ae4616f991fdf35edcfb2ec8a60447
diff --git a/kubernetes/files/calico/calico.conf b/kubernetes/files/calico/calico.conf
index 4f8c3aa..81e383f 100644
--- a/kubernetes/files/calico/calico.conf
+++ b/kubernetes/files/calico/calico.conf
@@ -3,6 +3,7 @@
{
"nodeName": "{{ pool.host.name }}{% if pool.host.get('domain') %}.{{ pool.host.domain }}{%- endif %}",
"name": "calico-k8s-network",
+ "cniVersion": "0.3.0",
"type": "calico",
"etcd_endpoints": "{% for member in pool.network.calico.etcd.members %}http{% if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}",
{%- if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}
diff --git a/kubernetes/files/flannel/flannel.conflist b/kubernetes/files/flannel/flannel.conflist
index 9c17665..583e5e6 100644
--- a/kubernetes/files/flannel/flannel.conflist
+++ b/kubernetes/files/flannel/flannel.conflist
@@ -1,8 +1,10 @@
{
"name": "cbr0",
+ "cniVersion": "0.3.0",
"plugins": [
{
"type": "flannel",
+ "cniVersion": "0.3.0",
"delegate": {
"hairpinMode": true,
"isDefaultGateway": true
diff --git a/kubernetes/files/genie/genie.conf b/kubernetes/files/genie/genie.conf
new file mode 100644
index 0000000..819ee56
--- /dev/null
+++ b/kubernetes/files/genie/genie.conf
@@ -0,0 +1,15 @@
+{
+ "name": "k8s-pod-network",
+ "cniVersion": "0.3.0",
+ "type": "genie",
+ "log_level": "info",
+ "datastore_type": "kubernetes",
+ "hostname": "{{ hostname }}",
+ "policy": {
+ "type": "k8s"
+ },
+ "kubernetes": {
+ "kubeconfig": "/etc/kubernetes/kubelet.kubeconfig"
+ }
+}
+
diff --git a/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml b/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
index 98e4715..19611f2 100644
--- a/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
+++ b/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
@@ -20,6 +20,10 @@
namespace: {{ common.addons.calico_policy.namespace }}
labels:
k8s-app: calico-policy
+ annotations:
+{%- if common.addons.calico_policy.cni is defined %}
+ cni: {{ common.addons.calico_policy.cni }}
+{%- endif %}
spec:
hostNetwork: true
tolerations:
diff --git a/kubernetes/files/kube-addons/coredns/coredns-deploy.yml b/kubernetes/files/kube-addons/coredns/coredns-deploy.yml
index e1e2dd3..065b48c 100644
--- a/kubernetes/files/kube-addons/coredns/coredns-deploy.yml
+++ b/kubernetes/files/kube-addons/coredns/coredns-deploy.yml
@@ -22,6 +22,9 @@
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
+{%- if common.addons.coredns.cni is defined %}
+ cni: {{ common.addons.coredns.cni }}
+{%- endif %}
spec:
tolerations:
- key: node-role.kubernetes.io/master
diff --git a/kubernetes/files/kube-addons/coredns/coredns-etcd-operator-deployment.yaml b/kubernetes/files/kube-addons/coredns/coredns-etcd-operator-deployment.yaml
index 0ec870d..ba981f4 100644
--- a/kubernetes/files/kube-addons/coredns/coredns-etcd-operator-deployment.yaml
+++ b/kubernetes/files/kube-addons/coredns/coredns-etcd-operator-deployment.yaml
@@ -19,6 +19,10 @@
metadata:
labels:
name: coredns-etcd-operator
+ annotations:
+{%- if common.addons.coredns.cni is defined %}
+ cni: {{ common.addons.coredns.cni }}
+{%- endif %}
spec:
tolerations:
- key: node-role.kubernetes.io/master
diff --git a/kubernetes/files/kube-addons/dashboard/dashboard-controller.yaml b/kubernetes/files/kube-addons/dashboard/dashboard-controller.yaml
index 371b4ca..c4b22ee 100644
--- a/kubernetes/files/kube-addons/dashboard/dashboard-controller.yaml
+++ b/kubernetes/files/kube-addons/dashboard/dashboard-controller.yaml
@@ -19,6 +19,9 @@
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
+{%- if common.addons.dashboard.cni is defined %}
+ cni: {{ common.addons.dashboard.cni }}
+{%- endif %}
spec:
tolerations:
- key: node-role.kubernetes.io/master
diff --git a/kubernetes/files/kube-addons/dashboard/dashboard-service.yaml b/kubernetes/files/kube-addons/dashboard/dashboard-service.yaml
index f087ad9..717010d 100644
--- a/kubernetes/files/kube-addons/dashboard/dashboard-service.yaml
+++ b/kubernetes/files/kube-addons/dashboard/dashboard-service.yaml
@@ -1,3 +1,4 @@
+{%- from "kubernetes/map.jinja" import common with context %}
{%- from "kubernetes/map.jinja" import master with context %}
apiVersion: v1
kind: Service
@@ -9,9 +10,9 @@
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
spec:
-{%- if 'opencontrail' not in master.network.cnis %}
selector:
k8s-app: kubernetes-dashboard
+{%- if (common.addons.dashboard.cni is defined and common.addons.dashboard.cni != 'opencontrail') or 'opencontrail' not in master.network.cnis %}
type: NodePort
{%- endif %}
ports:
diff --git a/kubernetes/files/kube-addons/dns/kubedns-autoscaler.yaml b/kubernetes/files/kube-addons/dns/kubedns-autoscaler.yaml
index d07f47b..2403540 100644
--- a/kubernetes/files/kube-addons/dns/kubedns-autoscaler.yaml
+++ b/kubernetes/files/kube-addons/dns/kubedns-autoscaler.yaml
@@ -12,6 +12,10 @@
metadata:
labels:
k8s-app: kube-dns-autoscaler
+ annotations:
+{%- if common.addons.dns.cni is defined %}
+ cni: {{ common.addons.dns.cni }}
+{%- endif %}
spec:
tolerations:
- key: node-role.kubernetes.io/master
diff --git a/kubernetes/files/kube-addons/dns/kubedns-rc.yaml b/kubernetes/files/kube-addons/dns/kubedns-rc.yaml
index 7a415b0..8090402 100644
--- a/kubernetes/files/kube-addons/dns/kubedns-rc.yaml
+++ b/kubernetes/files/kube-addons/dns/kubedns-rc.yaml
@@ -45,6 +45,9 @@
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
+{%- if common.addons.dns.cni is defined %}
+ cni: {{ common.addons.dns.cni }}
+{%- endif %}
spec:
tolerations:
- key: node-role.kubernetes.io/master
diff --git a/kubernetes/files/kube-addons/externaldns/externaldns-deploy.yml b/kubernetes/files/kube-addons/externaldns/externaldns-deploy.yml
index a47d75e..4304de9 100644
--- a/kubernetes/files/kube-addons/externaldns/externaldns-deploy.yml
+++ b/kubernetes/files/kube-addons/externaldns/externaldns-deploy.yml
@@ -16,6 +16,10 @@
metadata:
labels:
app: external-dns
+ annotations:
+{%- if common.addons.externaldns.cni is defined %}
+ cni: {{ common.addons.externaldns.cni }}
+{%- endif %}
spec:
tolerations:
- key: node-role.kubernetes.io/master
diff --git a/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml b/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml
index cfbb823..ef8df02 100644
--- a/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml
+++ b/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml
@@ -21,6 +21,10 @@
labels:
app: helm
name: tiller
+ annotations:
+{%- if common.addons.helm.cni is defined %}
+ cni: {{ common.addons.helm.cni }}
+{%- endif %}
spec:
{%- if 'RBAC' in master.auth.get('mode', "") %}
serviceAccountName: tiller
diff --git a/kubernetes/files/kube-addons/netchecker/netchecker-agent.yml b/kubernetes/files/kube-addons/netchecker/netchecker-agent.yml
index 5ee722b..efcd2c1 100644
--- a/kubernetes/files/kube-addons/netchecker/netchecker-agent.yml
+++ b/kubernetes/files/kube-addons/netchecker/netchecker-agent.yml
@@ -13,6 +13,10 @@
name: netchecker-agent
labels:
app: netchecker-agent
+ annotations:
+{%- if common.addons.netchecker.cni is defined %}
+ cni: {{ common.addons.netchecker.cni }}
+{%- endif %}
spec:
tolerations:
- key: node-role.kubernetes.io/master
diff --git a/kubernetes/files/kube-addons/netchecker/netchecker-server.yml b/kubernetes/files/kube-addons/netchecker/netchecker-server.yml
index 181765c..fd3e46c 100644
--- a/kubernetes/files/kube-addons/netchecker/netchecker-server.yml
+++ b/kubernetes/files/kube-addons/netchecker/netchecker-server.yml
@@ -18,6 +18,9 @@
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "{{ common.addons.netchecker.port }}"
+{%- if common.addons.netchecker.cni is defined %}
+ cni: {{ common.addons.netchecker.cni }}
+{%- endif %}
spec:
tolerations:
- key: node-role.kubernetes.io/master
@@ -49,4 +52,4 @@
- hostPath:
path: /var/lib/etcd
name: etcd-certs
-{%- endif %}
\ No newline at end of file
+{%- endif %}
diff --git a/kubernetes/files/kube-addons/registry/registry-rc.yaml b/kubernetes/files/kube-addons/registry/registry-rc.yaml
index bd2f50f..ba115c6 100644
--- a/kubernetes/files/kube-addons/registry/registry-rc.yaml
+++ b/kubernetes/files/kube-addons/registry/registry-rc.yaml
@@ -19,6 +19,10 @@
labels:
k8s-app: kube-registry
version: v0
+ annotations:
+{%- if common.addons.registry.cni is defined %}
+ cni: {{ common.addons.registry.cni }}
+{%- endif %}
spec:
tolerations:
- key: node-role.kubernetes.io/master
diff --git a/kubernetes/files/opencontrail/opencontrail.conf b/kubernetes/files/opencontrail/opencontrail.conf
index 3b42588..de28481 100644
--- a/kubernetes/files/opencontrail/opencontrail.conf
+++ b/kubernetes/files/opencontrail/opencontrail.conf
@@ -1,6 +1,6 @@
{%- from "kubernetes/map.jinja" import pool with context %}
{
- "cniVersion": "0.2.0",
+ "cniVersion": "0.3.0",
"contrail" : {
"apiserver": {"address": "{{ pool.network.contrail.config.api.host }}", "port": {{ pool.network.contrail.config.api.get('port', 8082) }}, "default-domain": "default-domain"},
"vrouter" : {
diff --git a/kubernetes/master/flannel.sls b/kubernetes/master/flannel.sls
index fa140eb..c11283d 100644
--- a/kubernetes/master/flannel.sls
+++ b/kubernetes/master/flannel.sls
@@ -3,7 +3,7 @@
{%- if not pillar.kubernetes.pool is defined %}
-/etc/cni/net.d/11-flannel.conflist:
+/etc/cni/net.d/12-flannel.conflist:
file.managed:
- source: salt://kubernetes/files/flannel/flannel.conflist
- user: root
diff --git a/kubernetes/master/genie.sls b/kubernetes/master/genie.sls
new file mode 100644
index 0000000..51c2139
--- /dev/null
+++ b/kubernetes/master/genie.sls
@@ -0,0 +1,46 @@
+{%- from "kubernetes/map.jinja" import master with context %}
+{%- if master.enabled %}
+
+{%- if not pillar.kubernetes.pool is defined %}
+
+/etc/cni/net.d/00-genie.conf:
+ file.managed:
+ - source: salt://kubernetes/files/genie/genie.conf
+ - user: root
+ - group: root
+ - mode: 644
+ - makedirs: true
+ - dir_mode: 755
+ - template: jinja
+ - default:
+ hostname: {{ master.host.name }}{% if master.host.get('domain') %}.{{ master.host.domain }}{%- endif %}
+
+/tmp/genie/:
+ file.directory:
+ - user: root
+ - group: root
+
+copy-genie-bin:
+ cmd.run:
+ - name: docker run --rm -v /tmp/genie/:/tmp/genie/ --entrypoint cp {{ master.network.genie.image }} -v /opt/cni/bin/genie /tmp/genie/
+ - require:
+ - file: /tmp/genie/
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
+
+/opt/cni/bin/genie:
+ file.managed:
+ - source: /tmp/genie/genie
+ - mode: 751
+ - user: root
+ - group: root
+ - require:
+ - cmd: copy-genie-bin
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
+
+{%- endif %}
+
+{%- endif %}
diff --git a/kubernetes/master/init.sls b/kubernetes/master/init.sls
index e1b7319..9994124 100644
--- a/kubernetes/master/init.sls
+++ b/kubernetes/master/init.sls
@@ -13,6 +13,11 @@
- kubernetes.master.calico
{%- endif %}
{%- endif %}
+{%- if "genie" in master.network.cnis %}
+{%- if not pillar.kubernetes.pool is defined %}
+- kubernetes.master.genie
+{%- endif %}
+{%- endif %}
{%- if master.storage.get('engine', 'none') == 'glusterfs' %}
- kubernetes.master.glusterfs
{%- endif %}
diff --git a/kubernetes/pool/flannel.sls b/kubernetes/pool/flannel.sls
index 4f00759..416a107 100644
--- a/kubernetes/pool/flannel.sls
+++ b/kubernetes/pool/flannel.sls
@@ -1,7 +1,7 @@
{%- from "kubernetes/map.jinja" import pool with context %}
{%- if pool.enabled %}
-/etc/cni/net.d/11-flannel.conflist:
+/etc/cni/net.d/12-flannel.conflist:
file.managed:
- source: salt://kubernetes/files/flannel/flannel.conflist
- user: root
diff --git a/kubernetes/pool/genie.sls b/kubernetes/pool/genie.sls
new file mode 100644
index 0000000..4bba5cc
--- /dev/null
+++ b/kubernetes/pool/genie.sls
@@ -0,0 +1,42 @@
+{%- from "kubernetes/map.jinja" import pool with context %}
+{%- if pool.enabled %}
+
+/etc/cni/net.d/00-genie.conf:
+ file.managed:
+ - source: salt://kubernetes/files/genie/genie.conf
+ - user: root
+ - group: root
+ - mode: 644
+ - makedirs: true
+ - dir_mode: 755
+ - template: jinja
+ - default:
+ hostname: {{ pool.host.name }}{% if pool.host.get('domain') %}.{{ pool.host.domain }}{%- endif %}
+
+/tmp/genie/:
+ file.directory:
+ - user: root
+ - group: root
+
+copy-genie-bin:
+ cmd.run:
+ - name: docker run --rm -v /tmp/genie/:/tmp/genie/ --entrypoint cp {{ pool.network.genie.image }} -v /opt/cni/bin/genie /tmp/genie/
+ - require:
+ - file: /tmp/genie/
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
+
+/opt/cni/bin/genie:
+ file.managed:
+ - source: /tmp/genie/genie
+ - mode: 751
+ - user: root
+ - group: root
+ - require:
+ - cmd: copy-genie-bin
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
+
+{%- endif %}
diff --git a/kubernetes/pool/init.sls b/kubernetes/pool/init.sls
index 5395a1c..3acb6f8 100644
--- a/kubernetes/pool/init.sls
+++ b/kubernetes/pool/init.sls
@@ -11,4 +11,7 @@
{%- if "flannel" in pool.network.cnis %}
- kubernetes.pool.flannel
{%- endif %}
+{%- if "genie" in pool.network.cnis %}
+- kubernetes.pool.genie
+{%- endif %}
- kubernetes.pool.kube-proxy