From 600ca0824b34ad8a4c5e670977b7dd126e111f5e Mon Sep 17 00:00:00 2001 From: dougbtv Date: Thu, 3 May 2018 15:01:11 -0400 Subject: [PATCH] Demo examples including updates This changes introduces example configuration files for npwg poc. --- examples/npwg-demo-1/01_crd.yml | 22 +++ examples/npwg-demo-1/02_clusterrole.yml | 16 ++ examples/npwg-demo-1/03_namespace1.yml | 5 + examples/npwg-demo-1/04_macvlan1.yml | 72 +++++++++ examples/npwg-demo-1/05_vlan1.yml | 19 +++ examples/npwg-demo-1/06_flannel2.yml | 194 ++++++++++++++++++++++++ examples/npwg-demo-1/11_pod_case1.yml | 13 ++ examples/npwg-demo-1/12_pod_case2.yml | 18 +++ examples/npwg-demo-1/13_pod_case3.yml | 17 +++ examples/npwg-demo-1/14_pod_case4.yml | 11 ++ 10 files changed, 387 insertions(+) create mode 100644 examples/npwg-demo-1/01_crd.yml create mode 100644 examples/npwg-demo-1/02_clusterrole.yml create mode 100644 examples/npwg-demo-1/03_namespace1.yml create mode 100644 examples/npwg-demo-1/04_macvlan1.yml create mode 100644 examples/npwg-demo-1/05_vlan1.yml create mode 100644 examples/npwg-demo-1/06_flannel2.yml create mode 100644 examples/npwg-demo-1/11_pod_case1.yml create mode 100644 examples/npwg-demo-1/12_pod_case2.yml create mode 100644 examples/npwg-demo-1/13_pod_case3.yml create mode 100644 examples/npwg-demo-1/14_pod_case4.yml diff --git a/examples/npwg-demo-1/01_crd.yml b/examples/npwg-demo-1/01_crd.yml new file mode 100644 index 000000000..cb1486560 --- /dev/null +++ b/examples/npwg-demo-1/01_crd.yml @@ -0,0 +1,22 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + # name must match the spec fields below, and be in the form: . + name: networks.kubernetes.cni.cncf.io +spec: + # group name to use for REST API: /apis// + group: kubernetes.cni.cncf.io + # version name to use for REST API: /apis// + version: v1 + # either Namespaced or Cluster + scope: Namespaced + names: + # plural name to be used in the URL: /apis/// + plural: networks + # singular name to be used as an alias on the CLI and for display + singular: network + # kind is normally the CamelCased singular type. Your resource manifests use this. + kind: Network + # shortNames allow shorter string to match your resource on the CLI + shortNames: + - net diff --git a/examples/npwg-demo-1/02_clusterrole.yml b/examples/npwg-demo-1/02_clusterrole.yml new file mode 100644 index 000000000..635ba0c1e --- /dev/null +++ b/examples/npwg-demo-1/02_clusterrole.yml @@ -0,0 +1,16 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: multus-crd-overpowered +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +- nonResourceURLs: + - '*' + verbs: + - '*' diff --git a/examples/npwg-demo-1/03_namespace1.yml b/examples/npwg-demo-1/03_namespace1.yml new file mode 100644 index 000000000..aa3b0bc9b --- /dev/null +++ b/examples/npwg-demo-1/03_namespace1.yml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: testns1 diff --git a/examples/npwg-demo-1/04_macvlan1.yml b/examples/npwg-demo-1/04_macvlan1.yml new file mode 100644 index 000000000..7c02f1a1c --- /dev/null +++ b/examples/npwg-demo-1/04_macvlan1.yml @@ -0,0 +1,72 @@ +--- +apiVersion: "kubernetes.cni.cncf.io/v1" +kind: Network +metadata: + name: macvlan-conf-1 +spec: + config: '{ + "cniVersion": "0.3.0", + "type": "macvlan", + "master": "eth1", + "mode": "bridge", + "ipam": { + "type": "static", + "addresses": [ + { "address": "10.1.1.101/24" } + ] + } + }' +--- +apiVersion: "kubernetes.cni.cncf.io/v1" +kind: Network +metadata: + name: macvlan-conf-2 +spec: + config: '{ + "cniVersion": "0.3.0", + "type": "macvlan", + "master": "eth1", + "mode": "bridge", + "ipam": { + "type": "static", + "addresses": [ + { "address": "10.1.1.102/24" } + ] + } + }' +--- +apiVersion: "kubernetes.cni.cncf.io/v1" +kind: Network +metadata: + name: macvlan-conf-3 +spec: + config: '{ + "cniVersion": "0.3.0", + "type": "macvlan", + "master": "eth1", + "mode": "bridge", + "ipam": { + "type": "static", + "addresses": [ + { "address": "10.1.1.103/24" } + ] + } + }' +--- +apiVersion: "kubernetes.cni.cncf.io/v1" +kind: Network +metadata: + name: macvlan-conf-4 +spec: + config: '{ + "cniVersion": "0.3.0", + "type": "macvlan", + "master": "eth1", + "mode": "bridge", + "ipam": { + "type": "static", + "addresses": [ + { "address": "10.1.1.104/24" } + ] + } + }' diff --git a/examples/npwg-demo-1/05_vlan1.yml b/examples/npwg-demo-1/05_vlan1.yml new file mode 100644 index 000000000..a68c42483 --- /dev/null +++ b/examples/npwg-demo-1/05_vlan1.yml @@ -0,0 +1,19 @@ +--- +apiVersion: "kubernetes.cni.cncf.io/v1" +kind: Network +metadata: + name: vlan-conf-1-1 + namespace: testns1 +spec: + config: '{ + "cniVersion": "0.3.0", + "type": "vlan", + "master": "eth1", + "vlanid": 1, + "ipam": { + "type": "static", + "addresses": [ + { "address": "172.16.1.101/24" + } ] + } + }' diff --git a/examples/npwg-demo-1/06_flannel2.yml b/examples/npwg-demo-1/06_flannel2.yml new file mode 100644 index 000000000..a1e3d8105 --- /dev/null +++ b/examples/npwg-demo-1/06_flannel2.yml @@ -0,0 +1,194 @@ +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: flannel2 + namespace: kube-system +rules: + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - nodes/status + verbs: + - patch +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: flannel2 + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flannel2 +subjects: +- kind: ServiceAccount + name: flannel2 + namespace: kube-system +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: flannel2 + namespace: kube-system +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: kube-flannel2-cfg + namespace: kube-system + labels: + tier: node + app: flannel2 +data: + flannel2-conf.json: | + { + "type": "flannel", + "name": "flannel-2", + "subnetFile": "/run/flannel/flannel2.env", + "dataDir": "/var/lib/cni/flannel2", + "delegate": { + "bridge": "kbr1" + } + } + net-conf.json: | + { + "Network": "10.144.0.0/16", + "SubnetLen": 24, + "SubnetMin": "10.144.0.0", + "Backend": { + "Type": "vxlan" + } + } +--- +apiVersion: v1 +kind: Pod +metadata: + name: flannel-etcd + namespace: kube-system +spec: + containers: + - command: + - etcd + - --advertise-client-urls=http://10.1.1.1:12379 + - --listen-client-urls=http://0.0.0.0:12379 + - --listen-peer-urls=http://localhost:12380 + image: quay.io/coreos/etcd:latest + name: etcd + hostNetwork: true + nodeName: kube-master +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: flannel-etcdctl + namespace: kube-system +spec: + template: + spec: + containers: + - name: flannel-etcdctl + image: quay.io/coreos/etcd:latest + command: ["etcdctl"] + args: ["--endpoints=http://10.1.1.1:12379", "set", "/flannel2/network/config", '{ "Network": "10.5.0.0/16", "Backend": {"Type": "vxlan"}}'] + hostNetwork: true + nodeName: kube-master + restartPolicy: Never +--- +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: kube-flannel2-ds + namespace: kube-system + labels: + tier: node + app: flannel2 +spec: + template: + metadata: + labels: + tier: node + app: flannel2 + spec: + hostNetwork: true + nodeSelector: + beta.kubernetes.io/arch: amd64 + tolerations: + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + serviceAccountName: flannel2 + initContainers: + - name: install-cni + image: quay.io/coreos/flannel:v0.10.0-amd64 + command: + - cp + args: + - -f + - /etc/kube-flannel/flannel2-conf.json + - /etc/cni/multus/net.d/10-flannel.conf + volumeMounts: + - name: cni + mountPath: /etc/cni/multus/net.d + - name: flannel2-cfg + mountPath: /etc/kube-flannel/ + containers: + - name: kube-flannel2 + image: quay.io/coreos/flannel:v0.10.0-amd64 + command: + - /opt/bin/flanneld + args: + - --ip-masq + - --etcd-endpoints=http://10.1.1.1:12379 + - -iface=eth1 + - -subnet-file=/run/flannel/flannel2.env + - -etcd-prefix=/flannel2/network + resources: + requests: + cpu: "100m" + memory: "50Mi" + limits: + cpu: "100m" + memory: "50Mi" + securityContext: + privileged: true + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + volumeMounts: + - name: run + mountPath: /run + volumes: + - name: run + hostPath: + path: /run + - name: cni + hostPath: + path: /etc/cni/multus/net.d + - name: flannel2-cfg + configMap: + name: kube-flannel2-cfg +--- +apiVersion: "kubernetes.cni.cncf.io/v1" +kind: Network +metadata: + name: flannel-2 diff --git a/examples/npwg-demo-1/11_pod_case1.yml b/examples/npwg-demo-1/11_pod_case1.yml new file mode 100644 index 000000000..9501ba9ee --- /dev/null +++ b/examples/npwg-demo-1/11_pod_case1.yml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: Pod +metadata: + name: pod-case-01 + annotations: + kubernetes.v1.cni.cncf.io/networks: macvlan-conf-1 +spec: + containers: + - name: pod-case-01 + image: docker.io/centos/tools:latest + command: + - /sbin/init diff --git a/examples/npwg-demo-1/12_pod_case2.yml b/examples/npwg-demo-1/12_pod_case2.yml new file mode 100644 index 000000000..e0666081b --- /dev/null +++ b/examples/npwg-demo-1/12_pod_case2.yml @@ -0,0 +1,18 @@ +--- +apiVersion: v1 +kind: Pod +metadata: + name: pod-case-02 + annotations: + kubernetes.v1.cni.cncf.io/networks: '[ + { "name": "macvlan-conf-2" }, + { "name": "vlan-conf-1-1", + "namespace": "testns1", + "interfaceRequest": "vlan1-1" } + ]' +spec: + containers: + - name: pod-case-02 + image: docker.io/centos/tools:latest + command: + - /sbin/init diff --git a/examples/npwg-demo-1/13_pod_case3.yml b/examples/npwg-demo-1/13_pod_case3.yml new file mode 100644 index 000000000..a8538e588 --- /dev/null +++ b/examples/npwg-demo-1/13_pod_case3.yml @@ -0,0 +1,17 @@ +--- +apiVersion: v1 +kind: Pod +metadata: + name: pod-case-03 + annotations: + kubernetes.v1.cni.cncf.io/networks: '[ + { "name": "macvlan-conf-3" }, + { "name": "macvlan-conf-4" }, + { "name": "flannel-2" } + ]' +spec: + containers: + - name: pod-case-03 + image: docker.io/centos/tools:latest + command: + - /sbin/init diff --git a/examples/npwg-demo-1/14_pod_case4.yml b/examples/npwg-demo-1/14_pod_case4.yml new file mode 100644 index 000000000..ee94fc765 --- /dev/null +++ b/examples/npwg-demo-1/14_pod_case4.yml @@ -0,0 +1,11 @@ +--- +apiVersion: v1 +kind: Pod +metadata: + name: pod-case-04 +spec: + containers: + - name: pod-case-04 + image: docker.io/centos/tools:latest + command: + - /sbin/init