Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP DNM, try the new lane #1811

Closed
wants to merge 4 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions .github/workflows/checks.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
name: Checks
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]

jobs:
e2e:
runs-on: ubuntu-latest
steps:

- uses: actions/checkout@v3

- name: Set up Go
uses: actions/setup-go@v3
with:
go-version-file: 'go.mod'

- name: Run e2e tests
env:
KIND_ALLOW_SYSTEM_WRITES: true
run: automation/check-patch.e2e-kubevirt-ipam-controller-functests.sh
1 change: 1 addition & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,7 @@ gen-manifests: manifest-templator
MACVTAP_CNI_IMAGE=$(MACVTAP_CNI_IMAGE) \
MULTUS_DYNAMIC_NETWORKS_CONTROLLER_IMAGE=$(MULTUS_DYNAMIC_NETWORKS_CONTROLLER_IMAGE) \
KUBE_SECONDARY_DNS_IMAGE=$(KUBE_SECONDARY_DNS_IMAGE) \
KUBEVIRT_IPAM_CONTROLLER_IMAGE=$(KUBEVIRT_IPAM_CONTROLLER_IMAGE) \
CORE_DNS_IMAGE=$(CORE_DNS_IMAGE) \
KUBE_RBAC_PROXY_IMAGE=$(KUBE_RBAC_PROXY_IMAGE) \
./hack/generate-manifests.sh
Expand Down
20 changes: 20 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ spec:
ovs: {}
macvtap: {}
kubeSecondaryDNS: {}
kubevirtIpamController: {}
imagePullPolicy: Always
```

Expand Down Expand Up @@ -180,6 +181,25 @@ Additionally, container image used to deliver this plugin can be set using
`KUBE_SECONDARY_DNS_IMAGE` environment variable in operator
deployment manifest.

## kubevirtIpamController

[This controller](https://github.com/maiqueb/kubevirt-ipam-claims)
allows to support IPAM for secondary networks.

```yaml
apiVersion: networkaddonsoperator.network.kubevirt.io/v1
kind: NetworkAddonsConfig
metadata:
name: cluster
spec:
multus: {}
kubevirtIpamController: {}
```

Additionally, container image used to deliver this plugin can be set using
`KUBEVIRT_IPAM_CONTROLLER_IMAGE` environment variable in operator
deployment manifest.

## Image Pull Policy

Administrator can specify [image pull policy](https://kubernetes.io/docs/concepts/containers/images/)
Expand Down
52 changes: 52 additions & 0 deletions automation/check-patch.e2e-kubevirt-ipam-controller-functests.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
#!/usr/bin/env bash

set -xeuE

# automation/check-patch.e2e-kubevirt-ipam-controller-functests.sh

teardown() {
cd ${TMP_COMPONENT_PATH}
make cluster-down || true
rm -rf "${TMP_COMPONENT_PATH}"
}

main() {
if [ "$GITHUB_ACTIONS" == "true" ]; then
ARCH="amd64"
OS_TYPE="linux"
kubevirt_version="$(curl -L https://storage.googleapis.com/kubevirt-prow/release/kubevirt/kubevirt/stable.txt)"
kubevirt_release_url="https://github.com/kubevirt/kubevirt/releases/download/${kubevirt_version}"
cli_name="virtctl-${kubevirt_version}-${OS_TYPE}-${ARCH}"
curl -LO "${kubevirt_release_url}/${cli_name}"
mv ${cli_name} virtctl
chmod +x virtctl
mv virtctl /usr/local/bin
fi

# Setup CNAO and artifacts temp directory
source automation/check-patch.setup.sh
cd ${TMP_PROJECT_PATH}

export USE_KUBEVIRTCI=false
COMPONENT="kubevirt-ipam-controller" source automation/components-functests.setup.sh

cd ${TMP_COMPONENT_PATH}
export KIND_ARGS="-ic -i6 -mne"
make cluster-up
export KUBECONFIG=${TMP_COMPONENT_PATH}/.output/kubeconfig

trap teardown EXIT

cd ${TMP_PROJECT_PATH}
export KUBEVIRT_PROVIDER=external
export DEV_IMAGE_REGISTRY=localhost:5000
deploy_cnao
deploy_cnao_cr
./hack/deploy-kubevirt.sh

cd ${TMP_COMPONENT_PATH}
echo "Run kubevirt-ipam-controller functional tests"
make test-e2e
}

[[ "${BASH_SOURCE[0]}" == "$0" ]] && main "$@"
61 changes: 43 additions & 18 deletions automation/components-functests.setup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -21,19 +21,27 @@ source hack/components/git-utils.sh
source hack/components/yaml-utils.sh
source cluster/cluster.sh

# Spin up Kubernetes cluster
make cluster-down cluster-up
USE_KUBEVIRTCI=${USE_KUBEVIRTCI:-"true"}

# Export .kubeconfig full path, so it will be possible
# to use 'kubectl' directly from the component directory path
export KUBECONFIG=$(cluster::kubeconfig)
export KUBECONFIG=${KUBECONFIG:-$(cluster::kubeconfig)}

# Deploy CNAO latest changes
make cluster-operator-push
make cluster-operator-install
function deploy_cluster {
# Spin up Kubernetes cluster
export KUBEVIRT_MEMORY_SIZE=9216M
make cluster-down cluster-up
}

# Test kubemacpool with restricted
if [ "$COMPONENT" == "kubemacpool" ]; then
function deploy_cnao {
# Deploy CNAO latest changes
make cluster-operator-push
make cluster-operator-install
}

function patch_restricted_namespace {
# Test kubemacpool with restricted
if [ "$COMPONENT" == "kubemacpool" ]; then
cluster/kubectl.sh apply -f - <<EOF
apiVersion: v1
kind: Namespace
Expand All @@ -42,32 +50,42 @@ metadata:
labels:
pod-security.kubernetes.io/enforce: restricted
EOF
fi
fi
}

# Deploy all network addons components with CNAO
cat <<EOF | cluster/kubectl.sh apply -f -
function deploy_cnao_cr {
# Deploy all network addons components with CNAO

cat <<EOF > cr.yaml
apiVersion: networkaddonsoperator.network.kubevirt.io/v1
kind: NetworkAddonsConfig
metadata:
name: cluster
spec:
multus: {}
multusDynamicNetworks: {}
linuxBridge: {}
kubeMacPool:
rangeStart: "02:00:00:00:00:00"
rangeEnd: "02:00:00:00:00:0F"
ovs: {}
macvtap: {}
kubeSecondaryDNS: {}
kubevirtIpamController: {}
imagePullPolicy: Always
EOF

if [[ ! $(cluster/kubectl.sh wait networkaddonsconfig cluster --for condition=Available --timeout=13m) ]]; then
echo "Failed to wait for CNAO CR to be ready"
cluster/kubectl.sh get networkaddonsconfig -o custom-columns="":.status.conditions[*].message
exit 1
fi
if [[ $USE_KUBEVIRTCI == true ]]; then
echo " multus: {}" >> cr.yaml
echo " multusDynamicNetworks: {}" >> cr.yaml
fi

cluster/kubectl.sh apply -f cr.yaml

if [[ ! $(cluster/kubectl.sh wait networkaddonsconfig cluster --for condition=Available --timeout=13m) ]]; then
echo "Failed to wait for CNAO CR to be ready"
cluster/kubectl.sh get networkaddonsconfig -o custom-columns="":.status.conditions[*].message
exit 1
fi
}

# Clone component repository
component_url=$(yaml-utils::get_component_url ${COMPONENT})
Expand All @@ -80,3 +98,10 @@ component_path=${component_temp_dir}/${component_repo}
git-utils::fetch_component ${component_path} ${component_url} ${component_commit}

export TMP_COMPONENT_PATH=${component_path}

if [[ $USE_KUBEVIRTCI == true ]]; then
deploy_cluster
deploy_cnao
patch_restricted_namespace
deploy_cnao_cr
fi
6 changes: 6 additions & 0 deletions components.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,12 @@ components:
branch: main
update-policy: tagged
metadata: v0.43.0
kubevirt-ipam-controller:
url: https://github.com/maiqueb/kubevirt-ipam-claims
commit: c01d8855783da6b2a1773ec1f82694cd0658cd10
branch: main
update-policy: tagged
metadata: v0.1.1-alpha
linux-bridge:
url: https://github.com/containernetworking/plugins
commit: 14bdce598f9d332303c375c35719c4a158f1e7db
Expand Down
65 changes: 65 additions & 0 deletions data/kubevirt-ipam-controller/000-crd.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
{{ if not .IsOpenshift }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
name: ipamclaims.k8s.cni.cncf.io
spec:
group: k8s.cni.cncf.io
names:
kind: IPAMClaim
listKind: IPAMClaimList
plural: ipamclaims
singular: ipamclaim
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: IPAMClaim is the Schema for the IPAMClaim API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
interface:
description: The pod interface name for which this allocation was
created
type: string
network:
description: The network name for which this persistent allocation
was created
type: string
required:
- interface
- network
type: object
status:
properties:
ips:
description: The list of IP addresses (v4, v6) that were allocated
for the pod interface
items:
type: string
type: array
required:
- ips
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{ end }}
Loading
Loading