Add helm support for custom_cni deployment (#10529)

* Add helm support for custom_cni deployment

* Linting correction

* Ansible linting correction

* Add test packet with values

Signed-off-by: Lukáš Kubín <lukas.kubin@gmail.com>

* Add custom_cni configuration file with comments

Signed-off-by: Lukáš Kubín <lukas.kubin@gmail.com>

* Default values cleanup

Signed-off-by: Lukáš Kubín <lukas.kubin@gmail.com>

* Add details to custom_cni configuration file

Signed-off-by: Lukáš Kubín <lukas.kubin@gmail.com>

* Set correct yaml type of helm values

Signed-off-by: Lukáš Kubín <lukas.kubin@gmail.com>

* Set CNI filesystem ownership to root

Signed-off-by: Lukáš Kubín <lukas.kubin@gmail.com>

* Update cilium example parameter name

Signed-off-by: Lukáš Kubín <lukas.kubin@gmail.com>

---------

Signed-off-by: Lukáš Kubín <lukas.kubin@gmail.com>
pull/10625/head
Lukáš Kubín 2023-11-16 00:32:21 +01:00 committed by GitHub
parent adb8ff14b9
commit f46910eac3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 133 additions and 23 deletions

View File

@ -260,6 +260,11 @@ packet_debian11-kubelet-csr-approver:
extends: .packet_pr
when: manual
packet_debian12-custom-cni-helm:
stage: deploy-part2
extends: .packet_pr
when: manual
# ### PR JOBS PART3
# Long jobs (45min+)

View File

@ -11,7 +11,7 @@ amazon | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |
centos7 | :white_check_mark: | :x: | :x: | :white_check_mark: | :x: | :white_check_mark: | :x: | :white_check_mark: |
debian10 | :white_check_mark: | :white_check_mark: | :x: | :x: | :x: | :x: | :white_check_mark: | :x: |
debian11 | :white_check_mark: | :x: | :white_check_mark: | :x: | :x: | :x: | :x: | :x: |
debian12 | :white_check_mark: | :white_check_mark: | :x: | :x: | :x: | :x: | :x: | :x: |
debian12 | :white_check_mark: | :white_check_mark: | :white_check_mark: | :x: | :x: | :x: | :x: | :x: |
fedora37 | :white_check_mark: | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | :x: |
fedora38 | :x: | :x: | :x: | :x: | :white_check_mark: | :x: | :x: | :x: |
opensuse | :x: | :x: | :x: | :x: | :x: | :x: | :x: | :x: |

View File

@ -0,0 +1,51 @@
---
# custom_cni network plugin configuration
# There are two deployment options to choose from, select one
## OPTION 1 - Static manifest files
## With this option, referred manifest file will be deployed
## as if the `kubectl apply -f` method was used with it.
#
## List of Kubernetes resource manifest files
## See tests/files/custom_cni/README.md for example
# custom_cni_manifests: []
## OPTION 1 EXAMPLE - Cilium static manifests in Kubespray tree
# custom_cni_manifests:
# - "{{ playbook_dir }}/../tests/files/custom_cni/cilium.yaml"
## OPTION 2 - Helm chart application
## This allows the CNI backend to be deployed to Kubespray cluster
## as common Helm application.
#
## Helm release name - how the local instance of deployed chart will be named
# custom_cni_chart_release_name: ""
#
## Kubernetes namespace to deploy into
# custom_cni_chart_namespace: "kube-system"
#
## Helm repository name - how the local record of Helm repository will be named
# custom_cni_chart_repository_name: ""
#
## Helm repository URL
# custom_cni_chart_repository_url: ""
#
## Helm chart reference - path to the chart in the repository
# custom_cni_chart_ref: ""
#
## Helm chart version
# custom_cni_chart_version: ""
#
## Custom Helm values to be used for deployment
# custom_cni_chart_values: {}
## OPTION 2 EXAMPLE - Cilium deployed from official public Helm chart
# custom_cni_chart_namespace: kube-system
# custom_cni_chart_release_name: cilium
# custom_cni_chart_repository_name: cilium
# custom_cni_chart_repository_url: https://helm.cilium.io
# custom_cni_chart_ref: cilium/cilium
# custom_cni_chart_version: 1.14.3
# custom_cni_chart_values:
# cluster:
# name: "cilium-demo"

View File

@ -1,3 +1,11 @@
---
custom_cni_manifests: []
custom_cni_chart_namespace: kube-system
custom_cni_chart_release_name: ""
custom_cni_chart_repository_name: ""
custom_cni_chart_repository_url: ""
custom_cni_chart_ref: ""
custom_cni_chart_version: ""
custom_cni_chart_values: {}

View File

@ -0,0 +1,20 @@
---
dependencies:
- role: helm-apps
when:
- inventory_hostname == groups['kube_control_plane'][0]
- custom_cni_chart_release_name | length > 0
environment:
http_proxy: "{{ http_proxy | default('') }}"
https_proxy: "{{ https_proxy | default('') }}"
release_common_opts: {}
releases:
- name: "{{ custom_cni_chart_release_name }}"
namespace: "{{ custom_cni_chart_namespace }}"
chart_ref: "{{ custom_cni_chart_ref }}"
chart_version: "{{ custom_cni_chart_version }}"
wait: true
values: "{{ custom_cni_chart_values }}"
repositories:
- name: "{{ custom_cni_chart_repository_name }}"
url: "{{ custom_cni_chart_repository_url }}"

View File

@ -1,26 +1,29 @@
---
- name: Custom CNI | Check Custom CNI Manifests
assert:
that:
- name: Custom CNI | Manifest deployment
when: not custom_cni_chart_release_name | length > 0
block:
- name: Custom CNI | Check Custom CNI Manifests
assert:
that:
- "custom_cni_manifests | length > 0"
msg: "custom_cni_manifests should not be empty"
msg: "custom_cni_manifests should not be empty"
- name: Custom CNI | Copy Custom manifests
template:
src: "{{ item }}"
dest: "{{ kube_config_dir }}/{{ item | basename | replace('.j2', '') }}"
mode: 0644
loop: "{{ custom_cni_manifests }}"
delegate_to: "{{ groups['kube_control_plane'] | first }}"
run_once: true
- name: Custom CNI | Copy Custom manifests
template:
src: "{{ item }}"
dest: "{{ kube_config_dir }}/{{ item | basename | replace('.j2', '') }}"
mode: 0644
loop: "{{ custom_cni_manifests }}"
delegate_to: "{{ groups['kube_control_plane'] | first }}"
run_once: true
- name: Custom CNI | Start Resources
kube:
namespace: "kube-system"
kubectl: "{{ bin_dir }}/kubectl"
filename: "{{ kube_config_dir }}/{{ item | basename | replace('.j2', '') }}"
state: "latest"
wait: true
loop: "{{ custom_cni_manifests }}"
delegate_to: "{{ groups['kube_control_plane'] | first }}"
run_once: true
- name: Custom CNI | Start Resources
kube:
namespace: "kube-system"
kubectl: "{{ bin_dir }}/kubectl"
filename: "{{ kube_config_dir }}/{{ item | basename | replace('.j2', '') }}"
state: "latest"
wait: true
loop: "{{ custom_cni_manifests }}"
delegate_to: "{{ groups['kube_control_plane'] | first }}"
run_once: true

View File

@ -0,0 +1,23 @@
---
# Instance settings
cloud_image: debian-12
mode: default
# Kubespray settings
kube_owner: root
kube_network_plugin: custom_cni
custom_cni_chart_namespace: kube-system
custom_cni_chart_release_name: cilium
custom_cni_chart_repository_name: cilium
custom_cni_chart_repository_url: https://helm.cilium.io
custom_cni_chart_ref: cilium/cilium
custom_cni_chart_version: 1.14.3
custom_cni_chart_values:
cluster:
name: kubespray
hubble:
enabled: false
ipam:
operator:
clusterPoolIPv4PodCIDRList:
- "{{ kube_pods_subnet }}"