kubernetes-sigs
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update multus to v4.1.0 and clarify cilium compatibility (#11434) 

* Update multus to v4.1.0 and clarify cilium compatibility

* Fix: bug introduced by #10934 where the template would break if multus was defined

* Set priorityClassName to system-node-critical for multus pods
pull/11514/head
Qasim Mehmood 2024-09-09 07:56:27 +05:00 committed by GitHub
parent 4b324cb0f0
commit 538a1f2791
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 34 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/CNI/multus.md
View File

@ -17,6 +17,16 @@ kube_network_plugin_multus: true
will install Multus and Calico and configure Multus to use Calico as the primary network plugin. will install Multus and Calico and configure Multus to use Calico as the primary network plugin.
### Cilium compatibility
If you are using `cilium` as the primary CNI you'll have to set `cilium_cni_exclusive` to `false` to avoid cillium reverting multus config.
```yml
kube_network_plugin: cilium
kube_network_plugin_multus: true
cilium_cni_exclusive: false
```
## Using Multus ## Using Multus
Once Multus is installed, you can create CNI configurations (as a CRD objects) for additional networks, in this case a macvlan CNI configuration is defined. You may replace the config field with any valid CNI configuration where the CNI binary is available on the nodes. Once Multus is installed, you can create CNI configurations (as a CRD objects) for additional networks, in this case a macvlan CNI configuration is defined. You may replace the config field with any valid CNI configuration where the CNI binary is available on the nodes.

2
roles/kubernetes-apps/network_plugin/multus/tasks/main.yml
View File

@ -9,7 +9,7 @@
state: "latest" state: "latest"
delegate_to: "{{ groups['kube_control_plane'][0] }}" delegate_to: "{{ groups['kube_control_plane'][0] }}"
run_once: true run_once: true
with_items: "{{ (multus_manifest_1.results | default([])) + (multus_nodes_list | map('extract', hostvars, 'multus_manifest_2.results') | default([]) | list) }}" with_items: "{{ (multus_manifest_1.results | default([])) + (multus_nodes_list | map('extract', hostvars, 'multus_manifest_2') | map('default', []) | list | json_query('[].results')) }}"
loop_control: loop_control:
label: "{{ item.item.name if item != None else 'skipped' }}" label: "{{ item.item.name if item != None else 'skipped' }}"
vars: vars:

2
roles/kubespray-defaults/defaults/main/download.yml
View File

@ -122,7 +122,7 @@ cilium_enable_hubble: false
kube_ovn_version: "v1.12.21" kube_ovn_version: "v1.12.21"
kube_ovn_dpdk_version: "19.11-{{ kube_ovn_version }}" kube_ovn_dpdk_version: "19.11-{{ kube_ovn_version }}"
kube_router_version: "v2.0.0" kube_router_version: "v2.0.0"
multus_version: "v3.8" multus_version: "v4.1.0"
helm_version: "v3.15.4" helm_version: "v3.15.4"
nerdctl_version: "1.7.6" nerdctl_version: "1.7.6"
krew_version: "v0.4.4" krew_version: "v0.4.4"

1
roles/network_plugin/multus/defaults/main.yml
View File

@ -6,5 +6,4 @@ multus_cni_run_dir_host: "/run"
multus_cni_conf_dir: "{{ ('/host', multus_cni_conf_dir_host) | join }}" multus_cni_conf_dir: "{{ ('/host', multus_cni_conf_dir_host) | join }}"
multus_cni_bin_dir: "{{ ('/host', multus_cni_bin_dir_host) | join }}" multus_cni_bin_dir: "{{ ('/host', multus_cni_bin_dir_host) | join }}"
multus_cni_run_dir: "{{ ('/host', multus_cni_run_dir_host) | join }}" multus_cni_run_dir: "{{ ('/host', multus_cni_run_dir_host) | join }}"
multus_cni_version: "0.4.0"
multus_kubeconfig_file_host: "{{ (multus_cni_conf_dir_host, '/multus.d/multus.kubeconfig') | join }}" multus_kubeconfig_file_host: "{{ (multus_cni_conf_dir_host, '/multus.d/multus.kubeconfig') | join }}"

24
roles/network_plugin/multus/templates/multus-daemonset.yml.j2
View File

@ -24,6 +24,7 @@ spec:
spec: spec:
hostNetwork: true hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet dnsPolicy: ClusterFirstWithHostNet
priorityClassName: system-node-critical
nodeSelector: nodeSelector:
kubernetes.io/arch: {{ image_arch }} kubernetes.io/arch: {{ image_arch }}
{% if container_manager_types | length >= 2 %} {% if container_manager_types | length >= 2 %}
@ -32,16 +33,34 @@ spec:
tolerations: tolerations:
- operator: Exists - operator: Exists
serviceAccountName: multus serviceAccountName: multus
initContainers:
- name: install-multus-binary
image: {{ multus_image_repo }}:{{ multus_image_tag }}
command: ["/install_multus"]
args:
- "--type"
- "thin"
resources:
requests:
cpu: "10m"
memory: "15Mi"
securityContext:
privileged: true
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts:
- name: cnibin
mountPath: {{ multus_cni_bin_dir }}
mountPropagation: Bidirectional
containers: containers:
- name: kube-multus - name: kube-multus
image: {{ multus_image_repo }}:{{ multus_image_tag }} image: {{ multus_image_repo }}:{{ multus_image_tag }}
command: ["/entrypoint.sh"] command: ["/thin_entrypoint"]
args: args:
- "--cni-conf-dir={{ multus_cni_conf_dir }}" - "--cni-conf-dir={{ multus_cni_conf_dir }}"
- "--multus-autoconfig-dir={{ multus_cni_conf_dir }}"
- "--cni-bin-dir={{ multus_cni_bin_dir }}" - "--cni-bin-dir={{ multus_cni_bin_dir }}"
- "--multus-conf-file={{ multus_conf_file }}" - "--multus-conf-file={{ multus_conf_file }}"
- "--multus-kubeconfig-file-host={{ multus_kubeconfig_file_host }}" - "--multus-kubeconfig-file-host={{ multus_kubeconfig_file_host }}"
- "--cni-version={{ multus_cni_version }}"
resources: resources:
requests: requests:
cpu: "100m" cpu: "100m"
@ -55,6 +74,7 @@ spec:
capabilities: capabilities:
add: ["SYS_ADMIN"] add: ["SYS_ADMIN"]
{% endif %} {% endif %}
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts: volumeMounts:
{% if container_manager == 'crio' %} {% if container_manager == 'crio' %}
- name: run - name: run