rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-07-16 08:25:51 +00:00
Code Issues Releases Wiki Activity

Merge pull request #2339 from noironetworks/aci_cni_split_1

Browse Source 
Introduce ACI CNI network provider
This commit is contained in:
Sebastiaan van Steenis 2020-11-18 14:07:34 +01:00 committed by GitHub
commit dd3840a7bc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 755 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

162
cluster/defaults.go
View File

@ -71,6 +71,36 @@ const (
DefaultCanalFlexVolPluginDirectory = "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds"
DefaultAciApicRefreshTime = "1200"
DefaultAciOVSMemoryLimit = "1Gi"
DefaultAciImagePullPolicy = "Always"
DefaultAciServiceMonitorInterval = "5"
DefaultAciPBRTrackingNonSnat = "false"
DefaultAciInstallIstio = "false"
DefaultAciIstioProfile = "demo"
DefaultAciDropLogEnable = "true"
DefaultAciControllerLogLevel = "info"
DefaultAciHostAgentLogLevel = "info"
DefaultAciOpflexAgentLogLevel = "info"
DefaultAciUseAciCniPriorityClass = "false"
DefaultAciNoPriorityClass = "false"
DefaultAciMaxNodesSvcGraph = "32"
DefaultAciSnatContractScope = "global"
DefaultAciSnatNamespace = "aci-containers-system"
DefaultAciCApic = "false"
DefaultAciPodSubnetChunkSize = "32"
DefaultAciSnatPortRangeStart = "5000"
DefaultAciSnatPortRangeEnd = "65000"
DefaultAciSnatPortsPerNode = "3000"
DefaultAciUseHostNetnsVolume = "false"
DefaultAciRunGbpContainer = "false"
DefaultAciRunOpflexServerContainer = "false"
DefaultAciUseAciAnywhereCRD = "false"
DefaultAciEnableEndpointSlice = "false"
DefaultAciOpflexClientSSL = "true"
DefaultAciUsePrivilegedContainer = "false"
DefaultAciUseOpflexServerVolume = "false"
KubeAPIArgAdmissionControlConfigFile = "admission-control-config-file"
DefaultKubeAPIArgAdmissionControlConfigFileValue = "/etc/kubernetes/admission.yaml"
@ -477,6 +507,15 @@ func (c *Cluster) setClusterImageDefaults() error {
&c.SystemImages.IngressBackend: d(imageDefaults.IngressBackend, privRegURL),
&c.SystemImages.MetricsServer: d(imageDefaults.MetricsServer, privRegURL),
&c.SystemImages.Nodelocal: d(imageDefaults.Nodelocal, privRegURL),
&c.SystemImages.AciCniDeployContainer: d(imageDefaults.AciCniDeployContainer, privRegURL),
&c.SystemImages.AciHostContainer: d(imageDefaults.AciHostContainer, privRegURL),
&c.SystemImages.AciOpflexContainer: d(imageDefaults.AciOpflexContainer, privRegURL),
&c.SystemImages.AciMcastContainer: d(imageDefaults.AciMcastContainer, privRegURL),
&c.SystemImages.AciOpenvSwitchContainer: d(imageDefaults.AciOpenvSwitchContainer, privRegURL),
&c.SystemImages.AciControllerContainer: d(imageDefaults.AciControllerContainer, privRegURL),
&c.SystemImages.AciOpflexServerContainer: d(imageDefaults.AciOpflexServerContainer, privRegURL),
&c.SystemImages.AciGbpServerContainer: d(imageDefaults.AciGbpServerContainer, privRegURL),
// this's a stopgap, we could drop this after https://github.com/kubernetes/kubernetes/pull/75618 merged
&c.SystemImages.WindowsPodInfraContainer: d(imageDefaults.WindowsPodInfraContainer, privRegURL),
}
@ -544,6 +583,38 @@ func (c *Cluster) setClusterNetworkDefaults() {
CanalFlannelBackendVxLanNetworkIdentify: DefaultFlannelBackendVxLanVNI,
CanalFlexVolPluginDirectory: DefaultCanalFlexVolPluginDirectory,
}
case AciNetworkPlugin:
networkPluginConfigDefaultsMap = map[string]string{
AciOVSMemoryLimit: DefaultAciOVSMemoryLimit,
AciImagePullPolicy: DefaultAciImagePullPolicy,
AciPBRTrackingNonSnat: DefaultAciPBRTrackingNonSnat,
AciInstallIstio: DefaultAciInstallIstio,
AciIstioProfile: DefaultAciIstioProfile,
AciDropLogEnable: DefaultAciDropLogEnable,
AciControllerLogLevel: DefaultAciControllerLogLevel,
AciHostAgentLogLevel: DefaultAciHostAgentLogLevel,
AciOpflexAgentLogLevel: DefaultAciOpflexAgentLogLevel,
AciApicRefreshTime: DefaultAciApicRefreshTime,
AciServiceMonitorInterval: DefaultAciServiceMonitorInterval,
AciUseAciCniPriorityClass: DefaultAciUseAciCniPriorityClass,
AciNoPriorityClass: DefaultAciNoPriorityClass,
AciMaxNodesSvcGraph: DefaultAciMaxNodesSvcGraph,
AciSnatContractScope: DefaultAciSnatContractScope,
AciPodSubnetChunkSize: DefaultAciPodSubnetChunkSize,
AciEnableEndpointSlice: DefaultAciEnableEndpointSlice,
AciSnatNamespace: DefaultAciSnatNamespace,
AciSnatPortRangeStart: DefaultAciSnatPortRangeStart,
AciSnatPortRangeEnd: DefaultAciSnatPortRangeEnd,
AciSnatPortsPerNode: DefaultAciSnatPortsPerNode,
AciOpflexClientSSL: DefaultAciOpflexClientSSL,
AciUsePrivilegedContainer: DefaultAciUsePrivilegedContainer,
AciUseOpflexServerVolume: DefaultAciUseOpflexServerVolume,
AciUseHostNetnsVolume: DefaultAciUseHostNetnsVolume,
AciCApic: DefaultAciCApic,
AciUseAciAnywhereCRD: DefaultAciUseAciAnywhereCRD,
AciRunGbpContainer: DefaultAciRunGbpContainer,
AciRunOpflexServerContainer: DefaultAciRunOpflexServerContainer,
}
}
if c.Network.CalicoNetworkProvider != nil {
setDefaultIfEmpty(&c.Network.CalicoNetworkProvider.CloudProvider, DefaultNetworkCloudProvider)
@ -559,6 +630,97 @@ func (c *Cluster) setClusterNetworkDefaults() {
if c.Network.WeaveNetworkProvider != nil {
networkPluginConfigDefaultsMap[WeavePassword] = c.Network.WeaveNetworkProvider.Password
}
if c.Network.AciNetworkProvider != nil {
setDefaultIfEmpty(&c.Network.AciNetworkProvider.OVSMemoryLimit, DefaultAciOVSMemoryLimit)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.ImagePullPolicy, DefaultAciImagePullPolicy)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.PBRTrackingNonSnat, DefaultAciPBRTrackingNonSnat)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.InstallIstio, DefaultAciInstallIstio)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.IstioProfile, DefaultAciIstioProfile)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.DropLogEnable, DefaultAciDropLogEnable)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.ControllerLogLevel, DefaultAciControllerLogLevel)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.HostAgentLogLevel, DefaultAciHostAgentLogLevel)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.OpflexAgentLogLevel, DefaultAciOpflexAgentLogLevel)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.ApicRefreshTime, DefaultAciApicRefreshTime)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.ServiceMonitorInterval, DefaultAciServiceMonitorInterval)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.NoPriorityClass, DefaultAciNoPriorityClass)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.MaxNodesSvcGraph, DefaultAciMaxNodesSvcGraph)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.SnatContractScope, DefaultAciSnatContractScope)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.PodSubnetChunkSize, DefaultAciPodSubnetChunkSize)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.EnableEndpointSlice, DefaultAciEnableEndpointSlice)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.SnatNamespace, DefaultAciSnatNamespace)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.SnatPortRangeStart, DefaultAciSnatPortRangeStart)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.SnatPortRangeEnd, DefaultAciSnatPortRangeEnd)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.SnatPortsPerNode, DefaultAciSnatPortsPerNode)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.OpflexClientSSL, DefaultAciOpflexClientSSL)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.UsePrivilegedContainer, DefaultAciUsePrivilegedContainer)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.UseOpflexServerVolume, DefaultAciUseOpflexServerVolume)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.UseHostNetnsVolume, DefaultAciUseHostNetnsVolume)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.CApic, DefaultAciCApic)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.UseAciAnywhereCRD, DefaultAciUseAciAnywhereCRD)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.RunGbpContainer, DefaultAciRunGbpContainer)
setDefaultIfEmpty(&c.Network.AciNetworkProvider.RunOpflexServerContainer, DefaultAciRunOpflexServerContainer)
networkPluginConfigDefaultsMap[AciOVSMemoryLimit] = c.Network.AciNetworkProvider.OVSMemoryLimit
networkPluginConfigDefaultsMap[AciImagePullPolicy] = c.Network.AciNetworkProvider.ImagePullPolicy
networkPluginConfigDefaultsMap[AciPBRTrackingNonSnat] = c.Network.AciNetworkProvider.PBRTrackingNonSnat
networkPluginConfigDefaultsMap[AciInstallIstio] = c.Network.AciNetworkProvider.InstallIstio
networkPluginConfigDefaultsMap[AciIstioProfile] = c.Network.AciNetworkProvider.IstioProfile
networkPluginConfigDefaultsMap[AciDropLogEnable] = c.Network.AciNetworkProvider.DropLogEnable
networkPluginConfigDefaultsMap[AciControllerLogLevel] = c.Network.AciNetworkProvider.ControllerLogLevel
networkPluginConfigDefaultsMap[AciHostAgentLogLevel] = c.Network.AciNetworkProvider.HostAgentLogLevel
networkPluginConfigDefaultsMap[AciOpflexAgentLogLevel] = c.Network.AciNetworkProvider.OpflexAgentLogLevel
networkPluginConfigDefaultsMap[AciApicRefreshTime] = c.Network.AciNetworkProvider.ApicRefreshTime
networkPluginConfigDefaultsMap[AciServiceMonitorInterval] = c.Network.AciNetworkProvider.ServiceMonitorInterval
networkPluginConfigDefaultsMap[AciNoPriorityClass] = c.Network.AciNetworkProvider.NoPriorityClass
networkPluginConfigDefaultsMap[AciMaxNodesSvcGraph] = c.Network.AciNetworkProvider.MaxNodesSvcGraph
networkPluginConfigDefaultsMap[AciSnatContractScope] = c.Network.AciNetworkProvider.SnatContractScope
networkPluginConfigDefaultsMap[AciPodSubnetChunkSize] = c.Network.AciNetworkProvider.PodSubnetChunkSize
networkPluginConfigDefaultsMap[AciEnableEndpointSlice] = c.Network.AciNetworkProvider.EnableEndpointSlice
networkPluginConfigDefaultsMap[AciSnatNamespace] = c.Network.AciNetworkProvider.SnatNamespace
networkPluginConfigDefaultsMap[AciSnatPortRangeStart] = c.Network.AciNetworkProvider.SnatPortRangeStart
networkPluginConfigDefaultsMap[AciSnatPortRangeEnd] = c.Network.AciNetworkProvider.SnatPortRangeEnd
networkPluginConfigDefaultsMap[AciSnatPortsPerNode] = c.Network.AciNetworkProvider.SnatPortsPerNode
networkPluginConfigDefaultsMap[AciOpflexClientSSL] = c.Network.AciNetworkProvider.OpflexClientSSL
networkPluginConfigDefaultsMap[AciUsePrivilegedContainer] = c.Network.AciNetworkProvider.UsePrivilegedContainer
networkPluginConfigDefaultsMap[AciUseOpflexServerVolume] = c.Network.AciNetworkProvider.UseOpflexServerVolume
networkPluginConfigDefaultsMap[AciUseHostNetnsVolume] = c.Network.AciNetworkProvider.UseHostNetnsVolume
networkPluginConfigDefaultsMap[AciCApic] = c.Network.AciNetworkProvider.CApic
networkPluginConfigDefaultsMap[AciUseAciAnywhereCRD] = c.Network.AciNetworkProvider.UseAciAnywhereCRD
networkPluginConfigDefaultsMap[AciRunGbpContainer] = c.Network.AciNetworkProvider.RunGbpContainer
networkPluginConfigDefaultsMap[AciRunOpflexServerContainer] = c.Network.AciNetworkProvider.RunOpflexServerContainer
networkPluginConfigDefaultsMap[AciSystemIdentifier] = c.Network.AciNetworkProvider.SystemIdentifier
networkPluginConfigDefaultsMap[AciToken] = c.Network.AciNetworkProvider.Token
networkPluginConfigDefaultsMap[AciApicUserName] = c.Network.AciNetworkProvider.ApicUserName
networkPluginConfigDefaultsMap[AciApicUserKey] = c.Network.AciNetworkProvider.ApicUserKey
networkPluginConfigDefaultsMap[AciApicUserCrt] = c.Network.AciNetworkProvider.ApicUserCrt
networkPluginConfigDefaultsMap[AciApicRefreshTime] = c.Network.AciNetworkProvider.ApicRefreshTime
networkPluginConfigDefaultsMap[AciVmmDomain] = c.Network.AciNetworkProvider.VmmDomain
networkPluginConfigDefaultsMap[AciVmmController] = c.Network.AciNetworkProvider.VmmController
networkPluginConfigDefaultsMap[AciEncapType] = c.Network.AciNetworkProvider.EncapType
networkPluginConfigDefaultsMap[AciMcastRangeStart] = c.Network.AciNetworkProvider.McastRangeStart
networkPluginConfigDefaultsMap[AciMcastRangeEnd] = c.Network.AciNetworkProvider.McastRangeEnd
networkPluginConfigDefaultsMap[AciNodeSubnet] = c.Network.AciNetworkProvider.NodeSubnet
networkPluginConfigDefaultsMap[AciAEP] = c.Network.AciNetworkProvider.AEP
networkPluginConfigDefaultsMap[AciVRFName] = c.Network.AciNetworkProvider.VRFName
networkPluginConfigDefaultsMap[AciVRFTenant] = c.Network.AciNetworkProvider.VRFTenant
networkPluginConfigDefaultsMap[AciL3Out] = c.Network.AciNetworkProvider.L3Out
networkPluginConfigDefaultsMap[AciDynamicExternalSubnet] = c.Network.AciNetworkProvider.DynamicExternalSubnet
networkPluginConfigDefaultsMap[AciStaticExternalSubnet] = c.Network.AciNetworkProvider.StaticExternalSubnet
networkPluginConfigDefaultsMap[AciServiceGraphSubnet] = c.Network.AciNetworkProvider.ServiceGraphSubnet
networkPluginConfigDefaultsMap[AciKubeAPIVlan] = c.Network.AciNetworkProvider.KubeAPIVlan
networkPluginConfigDefaultsMap[AciServiceVlan] = c.Network.AciNetworkProvider.ServiceVlan
networkPluginConfigDefaultsMap[AciInfraVlan] = c.Network.AciNetworkProvider.InfraVlan
networkPluginConfigDefaultsMap[AciImagePullPolicy] = c.Network.AciNetworkProvider.ImagePullPolicy
networkPluginConfigDefaultsMap[AciImagePullSecret] = c.Network.AciNetworkProvider.ImagePullSecret
networkPluginConfigDefaultsMap[AciTenant] = c.Network.AciNetworkProvider.Tenant
networkPluginConfigDefaultsMap[AciKafkaClientCrt] = c.Network.AciNetworkProvider.KafkaClientCrt
networkPluginConfigDefaultsMap[AciKafkaClientKey] = c.Network.AciNetworkProvider.KafkaClientKey
networkPluginConfigDefaultsMap[AciSubnetDomainName] = c.Network.AciNetworkProvider.SubnetDomainName
networkPluginConfigDefaultsMap[AciEpRegistry] = c.Network.AciNetworkProvider.EpRegistry
networkPluginConfigDefaultsMap[AciOpflexMode] = c.Network.AciNetworkProvider.OpflexMode
networkPluginConfigDefaultsMap[AciOverlayVRFName] = c.Network.AciNetworkProvider.OverlayVRFName
networkPluginConfigDefaultsMap[AciGbpPodSubnet] = c.Network.AciNetworkProvider.GbpPodSubnet
networkPluginConfigDefaultsMap[AciOpflexServerPort] = c.Network.AciNetworkProvider.OpflexServerPort
}
for k, v := range networkPluginConfigDefaultsMap {
setDefaultIfEmptyMapValue(c.Network.Options, k, v)
}

282
cluster/network.go
View File

@ -7,6 +7,7 @@ import (
"strconv"
"strings"
cidr "github.com/apparentlymart/go-cidr/cidr"
"github.com/docker/docker/api/types/container"
"github.com/docker/go-connections/nat"
"github.com/rancher/rke/docker"
@ -70,6 +71,68 @@ const (
WeaveNetworkPlugin = "weave"
WeaveNetworkAppName = "weave-net"
AciNetworkPlugin = "aci"
AciOVSMemoryLimit = "aci_ovs_memory_limit"
AciImagePullPolicy = "aci_image_pull_policy"
AciPBRTrackingNonSnat = "aci_pbr_tracking_non_snat"
AciInstallIstio = "aci_install_istio"
AciIstioProfile = "aci_istio_profile"
AciDropLogEnable = "aci_drop_log_enable"
AciControllerLogLevel = "aci_controller_log_level"
AciHostAgentLogLevel = "aci_host_agent_log_level"
AciOpflexAgentLogLevel = "aci_opflex_agent_log_level"
AciApicRefreshTime = "aci_apic_refresh_time"
AciServiceMonitorInterval = "aci_server_monitor_interval"
AciSystemIdentifier = "aci_system_identifier"
AciToken = "aci_token"
AciApicUserName = "aci_apic_user_name"
AciApicUserKey = "aci_apic_user_key"
AciApicUserCrt = "aci_apic_user_crt"
AciVmmDomain = "aci_vmm_domain"
AciVmmController = "aci_vmm_controller"
AciEncapType = "aci_encap_type"
AciAEP = "aci_aep"
AciVRFName = "aci_vrf_name"
AciVRFTenant = "aci_vrf_tenant"
AciL3Out = "aci_l3out"
AciDynamicExternalSubnet = "aci_dynamic_external_subnet"
AciStaticExternalSubnet = "aci_static_external_subnet"
AciServiceGraphSubnet = "aci_service_graph_subnet"
AciKubeAPIVlan = "aci_kubeapi_vlan"
AciServiceVlan = "aci_service_vlan"
AciInfraVlan = "aci_infra_vlan"
AciImagePullSecret = "aci_image_pull_secret"
AciTenant = "aci_tenant"
AciNodeSubnet = "aci_node_subnet"
AciMcastRangeStart = "aci_mcast_range_start"
AciMcastRangeEnd = "aci_mcast_range_end"
AciUseAciCniPriorityClass = "aci_use_aci_cni_priority_class"
AciNoPriorityClass = "aci_no_priority_class"
AciMaxNodesSvcGraph = "aci_max_nodes_svc_graph"
AciSnatContractScope = "aci_snat_contract_scope"
AciPodSubnetChunkSize = "aci_pod_subnet_chunk_size"
AciEnableEndpointSlice = "aci_enable_endpoint_slice"
AciSnatNamespace = "aci_snat_namespace"
AciEpRegistry = "aci_ep_registry"
AciOpflexMode = "aci_opflex_mode"
AciSnatPortRangeStart = "aci_snat_port_range_start"
AciSnatPortRangeEnd = "aci_snat_port_range_end"
AciSnatPortsPerNode = "aci_snat_ports_per_node"
AciOpflexClientSSL = "aci_opflex_client_ssl"
AciUsePrivilegedContainer = "aci_use_privileged_container"
AciUseHostNetnsVolume = "aci_use_host_netns_volume"
AciUseOpflexServerVolume = "aci_use_opflex_server_volume"
AciKafkaClientCrt = "aci_kafka_client_crt"
AciKafkaClientKey = "aci_kafka_client_key"
AciSubnetDomainName = "aci_subnet_domain_name"
AciCApic = "aci_capic"
AciUseAciAnywhereCRD = "aci_use_aci_anywhere_crd"
AciOverlayVRFName = "aci_overlay_vrf_name"
AciGbpPodSubnet = "aci_gbp_pod_subnet"
AciRunGbpContainer = "aci_run_gbp_container"
AciRunOpflexServerContainer = "aci_run_opflex_server_container"
AciOpflexServerPort = "aci_opflex_server_port"
// List of map keys to be used with network templates
// EtcdEndpoints is the server address for Etcd, used by calico
@ -104,17 +167,96 @@ const (
Calicoctl = "Calicoctl"
FlannelInterface = "FlannelInterface"
FlannelBackend = "FlannelBackend"
CanalInterface = "CanalInterface"
FlexVolPluginDir = "FlexVolPluginDir"
WeavePassword = "WeavePassword"
MTU = "MTU"
RBACConfig = "RBACConfig"
ClusterVersion = "ClusterVersion"
NodeSelector = "NodeSelector"
UpdateStrategy = "UpdateStrategy"
FlannelInterface = "FlannelInterface"
FlannelBackend = "FlannelBackend"
CanalInterface = "CanalInterface"
FlexVolPluginDir = "FlexVolPluginDir"
WeavePassword = "WeavePassword"
MTU = "MTU"
RBACConfig = "RBACConfig"
ClusterVersion = "ClusterVersion"
SystemIdentifier = "SystemIdentifier"
ApicHosts = "ApicHosts"
Token = "Token"
ApicUserName = "ApicUserName"
ApicUserKey = "ApicUserKey"
ApicUserCrt = "ApicUserCrt"
ApicRefreshTime = "ApicRefreshTime"
VmmDomain = "VmmDomain"
VmmController = "VmmController"
EncapType = "EncapType"
McastRangeStart = "McastRangeStart"
McastRangeEnd = "McastRangeEnd"
AEP = "AEP"
VRFName = "VRFName"
VRFTenant = "VRFTenant"
L3Out = "L3Out"
L3OutExternalNetworks = "L3OutExternalNetworks"
DynamicExternalSubnet = "DynamicExternalSubnet"
StaticExternalSubnet = "StaticExternalSubnet"
ServiceGraphSubnet = "ServiceGraphSubnet"
KubeAPIVlan = "KubeAPIVlan"
ServiceVlan = "ServiceVlan"
InfraVlan = "InfraVlan"
ImagePullPolicy = "ImagePullPolicy"
ImagePullSecret = "ImagePullSecret"
Tenant = "Tenant"
ServiceMonitorInterval = "ServiceMonitorInterval"
PBRTrackingNonSnat = "PBRTrackingNonSnat"
InstallIstio = "InstallIstio"
IstioProfile = "IstioProfile"
DropLogEnable = "DropLogEnable"
ControllerLogLevel = "ControllerLogLevel"
HostAgentLogLevel = "HostAgentLogLevel"
OpflexAgentLogLevel = "OpflexAgentLogLevel"
AciCniDeployContainer = "AciCniDeployContainer"
AciHostContainer = "AciHostContainer"
AciOpflexContainer = "AciOpflexContainer"
AciMcastContainer = "AciMcastContainer"
AciOpenvSwitchContainer = "AciOpenvSwitchContainer"
AciControllerContainer = "AciControllerContainer"
AciGbpServerContainer = "AciGbpServerContainer"
AciOpflexServerContainer = "AciOpflexServerContainer"
StaticServiceIPStart = "StaticServiceIPStart"
StaticServiceIPEnd = "StaticServiceIPEnd"
PodGateway = "PodGateway"
PodIPStart = "PodIPStart"
PodIPEnd = "PodIPEnd"
NodeServiceIPStart = "NodeServiceIPStart"
NodeServiceIPEnd = "NodeServiceIPEnd"
ServiceIPStart = "ServiceIPStart"
ServiceIPEnd = "ServiceIPEnd"
UseAciCniPriorityClass = "UseAciCniPriorityClass"
NoPriorityClass = "NoPriorityClass"
MaxNodesSvcGraph = "MaxNodesSvcGraph"
SnatContractScope = "SnatContractScope"
PodSubnetChunkSize = "PodSubnetChunkSize"
EnableEndpointSlice = "EnableEndpointSlice"
SnatNamespace = "SnatNamespace"
EpRegistry = "EpRegistry"
OpflexMode = "OpflexMode"
SnatPortRangeStart = "SnatPortRangeStart"
SnatPortRangeEnd = "SnatPortRangeEnd"
SnatPortsPerNode = "SnatPortsPerNode"
OpflexClientSSL = "OpflexClientSSL"
UsePrivilegedContainer = "UsePrivilegedContainer"
UseHostNetnsVolume = "UseHostNetnsVolume"
UseOpflexServerVolume = "UseOpflexServerVolume"
KafkaBrokers = "KafkaBrokers"
KafkaClientCrt = "KafkaClientCrt"
KafkaClientKey = "KafkaClientKey"
SubnetDomainName = "SubnetDomainName"
CApic = "CApic"
UseAciAnywhereCRD = "UseAciAnywhereCRD"
OverlayVRFName = "OverlayVRFName"
GbpPodSubnet = "GbpPodSubnet"
RunGbpContainer = "RunGbpContainer"
RunOpflexServerContainer = "RunOpflexServerContainer"
OpflexServerPort = "OpflexServerPort"
OVSMemoryLimit = "OVSMemoryLimit"
NodeSubnet = "NodeSubnet"
NodeSelector = "NodeSelector"
UpdateStrategy = "UpdateStrategy"
)
var EtcdPortList = []string{
@ -147,6 +289,8 @@ func (c *Cluster) deployNetworkPlugin(ctx context.Context, data map[string]inter
return c.doCanalDeploy(ctx, data)
case WeaveNetworkPlugin:
return c.doWeaveDeploy(ctx, data)
case AciNetworkPlugin:
return c.doAciDeploy(ctx, data)
case NoNetworkPlugin:
log.Infof(ctx, "[network] Not deploying a cluster network, expecting custom CNI")
return nil
@ -285,9 +429,123 @@ func (c *Cluster) doWeaveDeploy(ctx context.Context, data map[string]interface{}
return c.doAddonDeploy(ctx, pluginYaml, NetworkPluginResourceName, true)
}
func (c *Cluster) doAciDeploy(ctx context.Context, data map[string]interface{}) error {
_, clusterCIDR, err := net.ParseCIDR(c.ClusterCIDR)
if err != nil {
return err
}
podIPStart, podIPEnd := cidr.AddressRange(clusterCIDR)
_, staticExternalSubnet, err := net.ParseCIDR(c.Network.Options[AciStaticExternalSubnet])
staticServiceIPStart, staticServiceIPEnd := cidr.AddressRange(staticExternalSubnet)
_, svcGraphSubnet, err := net.ParseCIDR(c.Network.Options[AciServiceGraphSubnet])
if err != nil {
return err
}
nodeServiceIPStart, nodeServiceIPEnd := cidr.AddressRange(svcGraphSubnet)
_, dynamicExternalSubnet, err := net.ParseCIDR(c.Network.Options[AciDynamicExternalSubnet])
if err != nil {
return err
}
serviceIPStart, serviceIPEnd := cidr.AddressRange(dynamicExternalSubnet)
if c.Network.Options[AciTenant] == "" {
c.Network.Options[AciTenant] = c.Network.Options[AciSystemIdentifier]
}
AciConfig := map[string]interface{}{
SystemIdentifier: c.Network.Options[AciSystemIdentifier],
ApicHosts: c.Network.AciNetworkProvider.ApicHosts,
Token: c.Network.Options[AciToken],
ApicUserName: c.Network.Options[AciApicUserName],
ApicUserKey: c.Network.Options[AciApicUserKey],
ApicUserCrt: c.Network.Options[AciApicUserCrt],
ApicRefreshTime: c.Network.Options[AciApicRefreshTime],
VmmDomain: c.Network.Options[AciVmmDomain],
VmmController: c.Network.Options[AciVmmController],
EncapType: c.Network.Options[AciEncapType],
McastRangeStart: c.Network.Options[AciMcastRangeStart],
McastRangeEnd: c.Network.Options[AciMcastRangeEnd],
NodeSubnet: c.Network.Options[AciNodeSubnet],
AEP: c.Network.Options[AciAEP],
VRFName: c.Network.Options[AciVRFName],
VRFTenant: c.Network.Options[AciVRFTenant],
L3Out: c.Network.Options[AciL3Out],
L3OutExternalNetworks: c.Network.AciNetworkProvider.L3OutExternalNetworks,
DynamicExternalSubnet: c.Network.Options[AciDynamicExternalSubnet],
StaticExternalSubnet: c.Network.Options[AciStaticExternalSubnet],
ServiceGraphSubnet: c.Network.Options[AciServiceGraphSubnet],
KubeAPIVlan: c.Network.Options[AciKubeAPIVlan],
ServiceVlan: c.Network.Options[AciServiceVlan],
InfraVlan: c.Network.Options[AciInfraVlan],
ImagePullPolicy: c.Network.Options[AciImagePullPolicy],
ImagePullSecret: c.Network.Options[AciImagePullSecret],
Tenant: c.Network.Options[AciTenant],
ServiceMonitorInterval: c.Network.Options[AciServiceMonitorInterval],
PBRTrackingNonSnat: c.Network.Options[AciPBRTrackingNonSnat],
InstallIstio: c.Network.Options[AciInstallIstio],
IstioProfile: c.Network.Options[AciIstioProfile],
DropLogEnable: c.Network.Options[AciDropLogEnable],
ControllerLogLevel: c.Network.Options[AciControllerLogLevel],
HostAgentLogLevel: c.Network.Options[AciHostAgentLogLevel],
OpflexAgentLogLevel: c.Network.Options[AciOpflexAgentLogLevel],
OVSMemoryLimit: c.Network.Options[AciOVSMemoryLimit],
ClusterCIDR: c.ClusterCIDR,
StaticServiceIPStart: cidr.Inc(cidr.Inc(staticServiceIPStart)),
StaticServiceIPEnd: cidr.Dec(staticServiceIPEnd),
PodGateway: cidr.Inc(podIPStart),
PodIPStart: cidr.Inc(cidr.Inc(podIPStart)),
PodIPEnd: cidr.Dec(podIPEnd),
NodeServiceIPStart: cidr.Inc(cidr.Inc(nodeServiceIPStart)),
NodeServiceIPEnd: cidr.Dec(nodeServiceIPEnd),
ServiceIPStart: cidr.Inc(cidr.Inc(serviceIPStart)),
ServiceIPEnd: cidr.Dec(serviceIPEnd),
UseAciCniPriorityClass: c.Network.Options[AciUseAciCniPriorityClass],
NoPriorityClass: c.Network.Options[AciNoPriorityClass],
MaxNodesSvcGraph: c.Network.Options[AciMaxNodesSvcGraph],
SnatContractScope: c.Network.Options[AciSnatContractScope],
PodSubnetChunkSize: c.Network.Options[AciPodSubnetChunkSize],
EnableEndpointSlice: c.Network.Options[AciEnableEndpointSlice],
SnatNamespace: c.Network.Options[AciSnatNamespace],
EpRegistry: c.Network.Options[AciEpRegistry],
OpflexMode: c.Network.Options[AciOpflexMode],
SnatPortRangeStart: c.Network.Options[AciSnatPortRangeStart],
SnatPortRangeEnd: c.Network.Options[AciSnatPortRangeEnd],
SnatPortsPerNode: c.Network.Options[AciSnatPortsPerNode],
OpflexClientSSL: c.Network.Options[AciOpflexClientSSL],
UsePrivilegedContainer: c.Network.Options[AciUsePrivilegedContainer],
UseHostNetnsVolume: c.Network.Options[AciUseHostNetnsVolume],
UseOpflexServerVolume: c.Network.Options[AciUseOpflexServerVolume],
KafkaBrokers: c.Network.AciNetworkProvider.KafkaBrokers,
KafkaClientCrt: c.Network.Options[AciKafkaClientCrt],
KafkaClientKey: c.Network.Options[AciKafkaClientKey],
SubnetDomainName: c.Network.Options[AciSubnetDomainName],
CApic: c.Network.Options[AciCApic],
UseAciAnywhereCRD: c.Network.Options[AciUseAciAnywhereCRD],
OverlayVRFName: c.Network.Options[AciOverlayVRFName],
GbpPodSubnet: c.Network.Options[AciGbpPodSubnet],
RunGbpContainer: c.Network.Options[AciRunGbpContainer],
RunOpflexServerContainer: c.Network.Options[AciRunOpflexServerContainer],
OpflexServerPort: c.Network.Options[AciOpflexServerPort],
AciCniDeployContainer: c.SystemImages.AciCniDeployContainer,
AciHostContainer: c.SystemImages.AciHostContainer,
AciOpflexContainer: c.SystemImages.AciOpflexContainer,
AciMcastContainer: c.SystemImages.AciMcastContainer,
AciOpenvSwitchContainer: c.SystemImages.AciOpenvSwitchContainer,
AciControllerContainer: c.SystemImages.AciControllerContainer,
AciGbpServerContainer: c.SystemImages.AciGbpServerContainer,
AciOpflexServerContainer: c.SystemImages.AciOpflexServerContainer,
MTU: c.Network.MTU,
}
pluginYaml, err := c.getNetworkPluginManifest(AciConfig, data)
if err != nil {
return err
}
return c.doAddonDeploy(ctx, pluginYaml, NetworkPluginResourceName, true)
}
func (c *Cluster) getNetworkPluginManifest(pluginConfig, data map[string]interface{}) (string, error) {
switch c.Network.Plugin {
case CanalNetworkPlugin, FlannelNetworkPlugin, CalicoNetworkPlugin, WeaveNetworkPlugin:
case CanalNetworkPlugin, FlannelNetworkPlugin, CalicoNetworkPlugin, WeaveNetworkPlugin, AciNetworkPlugin:
tmplt, err := templates.GetVersionedTemplates(c.Network.Plugin, data, c.Version)
if err != nil {
return "", err

195
cluster/validation.go
View File

@ -67,13 +67,184 @@ func validateAuthOptions(c *Cluster) error {
return nil
}
func transformAciNetworkOption(option string) (string, string) {
var description string
switch option {
case AciSystemIdentifier:
option = "system_id"
description = "unique suffix for all cluster related objects in aci"
case AciServiceGraphSubnet:
option = "node_svc_subnet"
description = "Subnet to use for service graph endpoints on aci"
case AciStaticExternalSubnet:
option = "extern_static"
description = "Subnet to use for static external IPs on aci"
case AciDynamicExternalSubnet:
option = "extern_dynamic"
description = "Subnet to use for dynamic external IPs on aci"
case AciToken:
description = "UUID for this version of the input configuration"
case AciApicUserName:
description = "User name for aci apic"
case AciApicUserKey:
description = "Base64 encoded private key for aci apic user"
case AciApicUserCrt:
description = "Base64 encoded certificate for aci apic user"
case AciEncapType:
description = "One of the supported encap types for aci(vlan/vxlan)"
case AciMcastRangeStart:
description = "Mcast range start address for endpoint groups on aci"
case AciMcastRangeEnd:
description = "Mcast range end address for endpoint groups on aci"
case AciNodeSubnet:
description = "Kubernetes node address subnet"
case AciAEP:
description = "Attachment entity profile name on aci"
case AciVRFName:
description = "VRF Name on aci"
case AciVRFTenant:
description = "Tenant for VRF on aci"
case AciL3Out:
description = "L3Out on aci"
case AciKubeAPIVlan:
description = "Vlan for node network on aci"
case AciServiceVlan:
description = "Vlan for service graph nodes on aci"
case AciInfraVlan:
description = "Vlan for infra network on aci"
}
return option, description
}
func validateAciCloudOptionsDisabled(option string, value string) (string, string, bool) {
var description string
ok := false
switch option {
case AciUseOpflexServerVolume:
if value == DefaultAciUseOpflexServerVolume {
ok = true
}
description = "Use mounted volume for opflex server"
case AciUseHostNetnsVolume:
if value == DefaultAciUseHostNetnsVolume {
ok = true
}
description = "Mount host netns for opflex server"
case AciCApic:
if value == DefaultAciCApic {
ok = true
}
description = "Provision cloud apic"
case AciUseAciAnywhereCRD:
if value == DefaultAciUseAciAnywhereCRD {
ok = true
}
description = "Use Aci anywhere CRD"
case AciRunGbpContainer:
if value == DefaultAciRunGbpContainer {
ok = true
}
description = "Run Gbp Server"
case AciRunOpflexServerContainer:
if value == DefaultAciRunOpflexServerContainer {
ok = true
}
description = "Run Opflex Server"
case AciEpRegistry:
if value == "" {
ok = true
}
description = "Registry for Ep whether CRD or MODB"
case AciOpflexMode:
if value == "" {
ok = true
}
description = "Opflex overlay mode or on-prem"
case AciSubnetDomainName:
if value == "" {
ok = true
}
description = "Subnet domain name"
case AciKafkaClientCrt:
if value == "" {
ok = true
}
description = "CApic Kafka client certificate"
case AciKafkaClientKey:
if value == "" {
ok = true
}
description = "CApic Kafka client key"
case AciOverlayVRFName:
if value == "" {
ok = true
}
description = "Overlay VRF name"
case AciGbpPodSubnet:
if value == "" {
ok = true
}
description = "Gbp pod subnet"
case AciOpflexServerPort:
if value == "" {
ok = true
}
description = "Opflex server port"
}
return option, description, ok
}
func validateNetworkOptions(c *Cluster) error {
if c.Network.Plugin != NoNetworkPlugin && c.Network.Plugin != FlannelNetworkPlugin && c.Network.Plugin != CalicoNetworkPlugin && c.Network.Plugin != CanalNetworkPlugin && c.Network.Plugin != WeaveNetworkPlugin {
if c.Network.Plugin != NoNetworkPlugin && c.Network.Plugin != FlannelNetworkPlugin && c.Network.Plugin != CalicoNetworkPlugin && c.Network.Plugin != CanalNetworkPlugin && c.Network.Plugin != WeaveNetworkPlugin && c.Network.Plugin != AciNetworkPlugin {
return fmt.Errorf("Network plugin [%s] is not supported", c.Network.Plugin)
}
if c.Network.Plugin == FlannelNetworkPlugin && c.Network.MTU != 0 {
return fmt.Errorf("Network plugin [%s] does not support configuring MTU", FlannelNetworkPlugin)
}
if c.Network.Plugin == AciNetworkPlugin {
//Skip cloud options and throw an error.
cloudOptionsList := []string{AciEpRegistry, AciOpflexMode, AciUseHostNetnsVolume, AciUseOpflexServerVolume,
AciSubnetDomainName, AciKafkaClientCrt, AciKafkaClientKey, AciCApic, UseAciAnywhereCRD,
AciOverlayVRFName, AciGbpPodSubnet, AciRunGbpContainer, AciRunOpflexServerContainer, AciOpflexServerPort}
for _, v := range cloudOptionsList {
val, ok := c.Network.Options[v]
_, _, disabled := validateAciCloudOptionsDisabled(v, val)
if ok && !disabled {
return fmt.Errorf("Network plugin aci: %s = %s is provided,but cloud options are not allowed in this release", v, val)
}
}
networkOptionsList := []string{AciSystemIdentifier, AciToken, AciApicUserName, AciApicUserKey,
AciApicUserCrt, AciEncapType, AciMcastRangeStart, AciMcastRangeEnd,
AciNodeSubnet, AciAEP, AciVRFName, AciVRFTenant, AciL3Out, AciDynamicExternalSubnet,
AciStaticExternalSubnet, AciServiceGraphSubnet, AciKubeAPIVlan, AciServiceVlan, AciInfraVlan,
AciNodeSubnet}
for _, v := range networkOptionsList {
val, ok := c.Network.Options[v]
if !ok || val == "" {
var description string
v, description = transformAciNetworkOption(v)
return fmt.Errorf("Network plugin aci: %s(%s) under aci_network_provider is not provided", strings.TrimPrefix(v, "aci_"), description)
}
}
if c.Network.AciNetworkProvider != nil {
if c.Network.AciNetworkProvider.ApicHosts == nil {
return fmt.Errorf("Network plugin aci: %s(address of aci apic hosts) under aci_network_provider is not provided", "apic_hosts")
}
if c.Network.AciNetworkProvider.L3OutExternalNetworks == nil {
return fmt.Errorf("Network plugin aci: %s(external network name/s on aci) under aci_network_provider is not provided", "l3out_external_networks")
}
} else {
var requiredArgs []string
for _, v := range networkOptionsList {
v, _ = transformAciNetworkOption(v)
requiredArgs = append(requiredArgs, fmt.Sprintf(" %s", strings.TrimPrefix("aci_", v)))
}
requiredArgs = append(requiredArgs, fmt.Sprintf(" %s", ApicHosts))
requiredArgs = append(requiredArgs, fmt.Sprintf(" %s", L3OutExternalNetworks))
return fmt.Errorf("Network plugin aci: multiple parameters under aci_network_provider are not provided: %s", requiredArgs)
}
}
return nil
}
@ -335,6 +506,28 @@ func validateNetworkImages(c *Cluster) error {
if len(c.SystemImages.WeaveNode) == 0 {
return errors.New("weave image is not populated")
}
} else if c.Network.Plugin == AciNetworkPlugin {
if len(c.SystemImages.AciCniDeployContainer) == 0 {
return errors.New("aci cnideploy image is not populated")
}
if len(c.SystemImages.AciHostContainer) == 0 {
return errors.New("aci host container image is not populated")
}
if len(c.SystemImages.AciOpflexContainer) == 0 {
return errors.New("aci opflex agent image is not populated")
}
if len(c.SystemImages.AciMcastContainer) == 0 {
return errors.New("aci mcast container image is not populated")
}
if len(c.SystemImages.AciOpenvSwitchContainer) == 0 {
return errors.New("aci openvswitch image is not populated")
}
if len(c.SystemImages.AciControllerContainer) == 0 {
return errors.New("aci controller image is not populated")
}
//Skipping Cloud image validation.
//c.SystemImages.AciOpflexServerContainer
//c.SystemImages.AciGbpServerContainer
}
return nil
}

2
cmd/config.go
View File

@ -380,7 +380,7 @@ func getAuthzConfig(reader *bufio.Reader) (*v3.AuthzConfig, error) {
func getNetworkConfig(reader *bufio.Reader) (*v3.NetworkConfig, error) {
networkConfig := v3.NetworkConfig{}
networkPlugin, err := getConfig(reader, "Network Plugin Type (flannel, calico, weave, canal)", cluster.DefaultNetworkPlugin)
networkPlugin, err := getConfig(reader, "Network Plugin Type (flannel, calico, weave, canal, aci)", cluster.DefaultNetworkPlugin)
if err != nil {
return nil, err
}

2
data/bindata.go
View File

File diff suppressed because one or more lines are too long

6
data/data.json
View File

@ -7113,7 +7113,7 @@
{
"maxChannelServerVersion": "v2.5.99",
"minChannelServerVersion": "v2.4.0-rc1",
"version": "v1.17.14+k3s1"
"version": "v1.17.14+k3s2"
},
{
"maxChannelServerVersion": "v2.5.99",
@ -7123,7 +7123,7 @@
{
"maxChannelServerVersion": "v2.5.99",
"minChannelServerVersion": "v2.5.0-rc1",
"version": "v1.19.4+k3s1"
"version": "v1.19.3+k3s3"
}
]
},
@ -7132,7 +7132,7 @@
{
"maxChannelServerVersion": "v2.5.99",
"minChannelServerVersion": "v2.5.0-rc1",
"version": "v1.18.11+rke2r1"
"version": "v1.18.10+rke2r1"
}
]
}

1
go.mod
View File

@ -11,6 +11,7 @@ replace (
require (
github.com/Masterminds/sprig/v3 v3.0.0
github.com/Microsoft/hcsshim v0.8.9 // indirect
github.com/apparentlymart/go-cidr v1.0.1
github.com/blang/semver v3.5.1+incompatible
github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe // indirect
github.com/coreos/bbolt v1.3.1-coreos.6 // indirect

2
go.sum
View File

@ -39,6 +39,8 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF
github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
github.com/antihax/optional v0.0.0-20180407024304-ca021399b1a6/go.mod h1:V8iCPQYkqmusNa815XgQio277wI47sdRh1dUOLdyC6Q=
github.com/apparentlymart/go-cidr v1.0.1 h1:NmIwLZ/KdsjIUlhf+/Np40atNXm/+lZ5txfTJ/SpF+U=
github.com/apparentlymart/go-cidr v1.0.1/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc=
github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=

1
types/kdm/kdm.go
View File

@ -11,6 +11,7 @@ const (
Canal = "canal"
Flannel = "flannel"
Weave = "weave"
Aci = "aci"
CoreDNS = "coreDNS"
KubeDNS = "kubeDNS"
MetricsServer = "metricsServer"

84
types/rke_types.go
View File

@ -171,6 +171,22 @@ type RKESystemImages struct {
MetricsServer string `yaml:"metrics_server" json:"metricsServer,omitempty"`
// Pod infra container image for Windows
WindowsPodInfraContainer string `yaml:"windows_pod_infra_container" json:"windowsPodInfraContainer,omitempty"`
// Cni deployer container image for Cisco ACI
AciCniDeployContainer string `yaml:"aci_cni_deploy_container" json:"aciCniDeployContainer,omitempty"`
// host container image for Cisco ACI
AciHostContainer string `yaml:"aci_host_container" json:"aciHostContainer,omitempty"`
// opflex agent container image for Cisco ACI
AciOpflexContainer string `yaml:"aci_opflex_container" json:"aciOpflexContainer,omitempty"`
// mcast daemon container image for Cisco ACI
AciMcastContainer string `yaml:"aci_mcast_container" json:"aciMcastContainer,omitempty"`
// OpenvSwitch container image for Cisco ACI
AciOpenvSwitchContainer string `yaml:"aci_ovs_container" json:"aciOvsContainer,omitempty"`
// Controller container image for Cisco ACI
AciControllerContainer string `yaml:"aci_controller_container" json:"aciControllerContainer,omitempty"`
// GBP Server container image for Cisco ACI
AciGbpServerContainer string `yaml:"aci_gbp_server_container" json:"aciGbpServerContainer,omitempty"`
// Opflex Server container image for Cisco ACI
AciOpflexServerContainer string `yaml:"aci_opflex_server_container" json:"aciOpflexServerContainer,omitempty"`
}
type RKEConfigNode struct {
@ -367,6 +383,8 @@ type NetworkConfig struct {
FlannelNetworkProvider *FlannelNetworkProvider `yaml:"flannel_network_provider,omitempty" json:"flannelNetworkProvider,omitempty"`
// WeaveNetworkProvider
WeaveNetworkProvider *WeaveNetworkProvider `yaml:"weave_network_provider,omitempty" json:"weaveNetworkProvider,omitempty"`
// AciNetworkProvider
AciNetworkProvider *AciNetworkProvider `yaml:"aci_network_provider,omitempty" json:"aciNetworkProvider,omitempty"`
// NodeSelector key pair
NodeSelector map[string]string `yaml:"node_selector" json:"nodeSelector,omitempty"`
// Network plugin daemonset upgrade strategy
@ -539,6 +557,72 @@ type WeaveNetworkProvider struct {
Password string `yaml:"password,omitempty" json:"password,omitempty" norman:"type=password"`
}
type AciNetworkProvider struct {
SystemIdentifier string `yaml:"system_id,omitempty" json:"systemId,omitempty"`
ApicHosts []string `yaml:"apic_hosts" json:"apicHosts,omitempty"`
Token string `yaml:"token,omitempty" json:"token,omitempty"`
ApicUserName string `yaml:"apic_user_name,omitempty" json:"apicUserName,omitempty"`
ApicUserKey string `yaml:"apic_user_key,omitempty" json:"apicUserKey,omitempty"`
ApicUserCrt string `yaml:"apic_user_crt,omitempty" json:"apicUserCrt,omitempty"`
ApicRefreshTime string `yaml:"apic_refresh_time,omitempty" json:"apicRefreshTime,omitempty" norman:"default=1200"`
VmmDomain string `yaml:"vmm_domain,omitempty" json:"vmmDomain,omitempty"`
VmmController string `yaml:"vmm_controller,omitempty" json:"vmmController,omitempty"`
EncapType string `yaml:"encap_type,omitempty" json:"encapType,omitempty"`
NodeSubnet string `yaml:"node_subnet,omitempty" json:"nodeSubnet,omitempty"`
McastRangeStart string `yaml:"mcast_range_start,omitempty" json:"mcastRangeStart,omitempty"`
McastRangeEnd string `yaml:"mcast_range_end,omitempty" json:"mcastRangeEnd,omitempty"`
AEP string `yaml:"aep,omitempty" json:"aep,omitempty"`
VRFName string `yaml:"vrf_name,omitempty" json:"vrfName,omitempty"`
VRFTenant string `yaml:"vrf_tenant,omitempty" json:"vrfTenant,omitempty"`
L3Out string `yaml:"l3out,omitempty" json:"l3Out,omitempty"`
L3OutExternalNetworks []string `yaml:"l3out_external_networks" json:"l3OutExternalNetworks,omitempty"`
DynamicExternalSubnet string `yaml:"extern_dynamic,omitempty" json:"externDynamic,omitempty"`
StaticExternalSubnet string `yaml:"extern_static,omitempty" json:"externStatic,omitempty"`
ServiceGraphSubnet string `yaml:"node_svc_subnet,omitempty" json:"nodeSvcSubnet,omitempty"`
KubeAPIVlan string `yaml:"kube_api_vlan,omitempty" json:"kubeAPIVlan,omitempty"`
ServiceVlan string `yaml:"service_vlan,omitempty" json:"serviceVlan,omitempty"`
InfraVlan string `yaml:"infra_vlan,omitempty" json:"infraVlan,omitempty"`
Tenant string `yaml:"tenant,omitempty" json:"tenant,omitempty"`
OVSMemoryLimit string `yaml:"ovs_memory_limit,omitempty" json:"ovsMemoryLimit,omitempty"`
ImagePullPolicy string `yaml:"image_pull_policy,omitempty" json:"imagePullPolicy,omitempty"`
ImagePullSecret string `yaml:"image_pull_secret,omitempty" json:"imagePullSecret,omitempty"`
ServiceMonitorInterval string `yaml:"service_monitor_interval,omitempty" json:"serviceMonitorInterval,omitempty"`
PBRTrackingNonSnat string `yaml:"pbr_tracking_non_snat,omitempty" json:"pbrTrackingNonSnat,omitempty"`
InstallIstio string `yaml:"install_istio,omitempty" json:"installIstio,omitempty"`
IstioProfile string `yaml:"istio_profile,omitempty" json:"istioProfile,omitempty"`
DropLogEnable string `yaml:"drop_log_enable,omitempty" json:"dropLogEnable,omitempty"`
ControllerLogLevel string `yaml:"controller_log_level,omitempty" json:"controllerLogLevel,omitempty"`
HostAgentLogLevel string `yaml:"host_agent_log_level,omitempty" json:"hostAgentLogLevel,omitempty"`
OpflexAgentLogLevel string `yaml:"opflex_log_level,omitempty" json:"opflexLogLevel,omitempty"`
UseAciCniPriorityClass string `yaml:"use_aci_cni_priority_class,omitempty" json:"useAciCniPriorityClass,omitempty"`
NoPriorityClass string `yaml:"no_priority_class,omitempty" json:"noPriorityClass,omitempty"`
MaxNodesSvcGraph string `yaml:"max_nodes_svc_graph,omitempty" json:"maxNodesSvcGraph,omitempty"`
SnatContractScope string `yaml:"snat_contract_scope,omitempty" json:"snatContractScope,omitempty"`
PodSubnetChunkSize string `yaml:"pod_subnet_chunk_size,omitempty" json:"podSubnetChunkSize,omitempty"`
EnableEndpointSlice string `yaml:"enable_endpoint_slice,omitempty" json:"enableEndpointSlice,omitempty"`
SnatNamespace string `yaml:"snat_namespace,omitempty" json:"snatNamespace,omitempty"`
EpRegistry string `yaml:"ep_registry,omitempty" json:"epRegistry,omitempty"`
OpflexMode string `yaml:"opflex_mode,omitempty" json:"opflexMode,omitempty"`
SnatPortRangeStart string `yaml:"snat_port_range_start,omitempty" json:"snatPortRangeStart,omitempty"`
SnatPortRangeEnd string `yaml:"snat_port_range_end,omitempty" json:"snatPortRangeEnd,omitempty"`
SnatPortsPerNode string `yaml:"snat_ports_per_node,omitempty" json:"snatPortsPerNode,omitempty"`
OpflexClientSSL string `yaml:"opflex_client_ssl,omitempty" json:"opflexClientSSL,omitempty"`
UsePrivilegedContainer string `yaml:"use_privileged_container,omitempty" json:"usePrivilegedContainer,omitempty"`
UseHostNetnsVolume string `yaml:"use_host_netns_volume,omitempty" json:"useHostNetnsVolume,omitempty"`
UseOpflexServerVolume string `yaml:"use_opflex_server_volume,omitempty" json:"useOpflexServerVolume,omitempty"`
SubnetDomainName string `yaml:"subnet_domain_name,omitempty" json:"subnetDomainName,omitempty"`
KafkaBrokers []string `yaml:"kafka_brokers,omitempty" json:"kafkaBrokers,omitempty"`
KafkaClientCrt string `yaml:"kafka_client_crt,omitempty" json:"kafkaClientCrt,omitempty"`
KafkaClientKey string `yaml:"kafka_client_key,omitempty" json:"kafkaClientKey,omitempty"`
CApic string `yaml:"capic,omitempty" json:"cApic,omitempty"`
UseAciAnywhereCRD string `yaml:"use_aci_anywhere_crd,omitempty" json:"useAciAnywhereCRD,omitempty"`
OverlayVRFName string `yaml:"overlay_vrf_name,omitempty" json:"overlayVRFName,omitempty"`
GbpPodSubnet string `yaml:"gbp_pod_subnet,omitempty" json:"gbpPodSubnet,omitempty"`
RunGbpContainer string `yaml:"run_gbp_container,omitempty" json:"runGbpContainer,omitempty"`
RunOpflexServerContainer string `yaml:"run_opflex_server_container,omitempty" json:"runOpflexServerContainer,omitempty"`
OpflexServerPort string `yaml:"opflex_server_port,omitempty" json:"opflexServerPort,omitempty"`
}
type KubernetesServicesOptions struct {
// Additional options passed to Etcd
Etcd map[string]string `json:"etcd"`

36
types/zz_generated_deepcopy.go
View File

@ -52,6 +52,37 @@ func (in *AWSCloudProvider) DeepCopy() *AWSCloudProvider {
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AciNetworkProvider) DeepCopyInto(out *AciNetworkProvider) {
*out = *in
if in.ApicHosts != nil {
in, out := &in.ApicHosts, &out.ApicHosts
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.L3OutExternalNetworks != nil {
in, out := &in.L3OutExternalNetworks, &out.L3OutExternalNetworks
*out = make([]string, len(*in))
copy(*out, *in)
}
if in.KafkaBrokers != nil {
in, out := &in.KafkaBrokers, &out.KafkaBrokers
*out = make([]string, len(*in))
copy(*out, *in)
}
return
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AciNetworkProvider.
func (in *AciNetworkProvider) DeepCopy() *AciNetworkProvider {
if in == nil {
return nil
}
out := new(AciNetworkProvider)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AuditLog) DeepCopyInto(out *AuditLog) {
*out = *in
@ -1121,6 +1152,11 @@ func (in *NetworkConfig) DeepCopyInto(out *NetworkConfig) {
*out = new(WeaveNetworkProvider)
**out = **in
}
if in.AciNetworkProvider != nil {
in, out := &in.AciNetworkProvider, &out.AciNetworkProvider
*out = new(AciNetworkProvider)
(*in).DeepCopyInto(*out)
}
if in.NodeSelector != nil {
in, out := &in.NodeSelector, &out.NodeSelector
*out = make(map[string]string, len(*in))