diff --git a/doc/quickstart.md b/doc/quickstart.md index 4c8734d13..6c75b5a37 100644 --- a/doc/quickstart.md +++ b/doc/quickstart.md @@ -27,6 +27,12 @@ We'll apply files to `kubectl` from this repo. The files we're applying here spe $ cat ./images/{multus-daemonset.yml,flannel-daemonset.yml} | kubectl apply -f - ``` +Note: For crio runtime use multus-crio-daemonset.yml (crio uses /usr/libexec/cni as default path for plugin directory). Before deploying daemonsets,delete all default network plugin configuration files under /etc/cni/net.d +If the runtime is cri-o, then apply these files. + +``` +$ cat ./images/{multus-crio-daemonset.yml,flannel-daemonset.yml} | kubectl apply -f - +``` ### Validating your installation Generally, the first step in validating your installation is to look at the `STATUS` field of your nodes, you can check it out by looking at: diff --git a/images/multus-crio-daemonset.yml b/images/multus-crio-daemonset.yml new file mode 100644 index 000000000..621453d62 --- /dev/null +++ b/images/multus-crio-daemonset.yml @@ -0,0 +1,148 @@ +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: network-attachment-definitions.k8s.cni.cncf.io +spec: + group: k8s.cni.cncf.io + version: v1 + scope: Namespaced + names: + plural: network-attachment-definitions + singular: network-attachment-definition + kind: NetworkAttachmentDefinition + shortNames: + - net-attach-def + validation: + openAPIV3Schema: + properties: + spec: + properties: + config: + type: string +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: multus +rules: + - apiGroups: ["k8s.cni.cncf.io"] + resources: + - '*' + verbs: + - '*' + - apiGroups: + - "" + resources: + - pods + - pods/status + verbs: + - get + - update +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: multus +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: multus +subjects: +- kind: ServiceAccount + name: multus + namespace: kube-system +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: multus + namespace: kube-system +--- +# ------------------------------------------------------ +# Currently unused! +# If you wish to customize, mount this in the +# daemonset @ /usr/src/multus-cni/images/70-multus.conf +# ------------------------------------------------------ +kind: ConfigMap +apiVersion: v1 +metadata: + name: multus-cni-config + namespace: kube-system + labels: + tier: node + app: multus +data: + cni-conf.json: | + { + "name": "multus-cni-network", + "type": "multus", + "delegates": [ + { + "type": "flannel", + "name": "flannel.1", + "delegate": { + "isDefaultGateway": true + } + } + ], + "kubeconfig": "/etc/cni/net.d/multus.d/multus.kubeconfig" + } +# -------------- for openshift. +# "delegates": [{ +# "type": "openshift-sdn", +# "name:" "openshift.1", +# "masterplugin": true +# }], +--- +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: kube-multus-ds-amd64 + namespace: kube-system + labels: + tier: node + app: multus +spec: + template: + metadata: + labels: + tier: node + app: multus + spec: + hostNetwork: true + nodeSelector: + beta.kubernetes.io/arch: amd64 + tolerations: + - operator: Exists + effect: NoSchedule + serviceAccountName: multus + containers: + - name: kube-multus + image: nfvpe/multus:latest + command: ["/entrypoint.sh"] + args: ["--cni-bin-dir=/host/usr/libexec/cni"] + resources: + requests: + cpu: "100m" + memory: "50Mi" + limits: + cpu: "100m" + memory: "50Mi" + securityContext: + privileged: true + volumeMounts: + - name: cni + mountPath: /host/etc/cni/net.d + - name: cnibin + mountPath: /host/usr/libexec/cni + volumes: + - name: cni + hostPath: + path: /etc/cni/net.d + - name: cnibin + hostPath: + path: /usr/libexec/cni + - name: multus-cfg + configMap: + name: multus-cni-config