Skip to content

Commit 0d305dd

Browse files
thomasriccithomasricci
authored
Create azure-cns-cni-1.4.43.1.yaml
adding new cns version for mdnc testing Signed-off-by: Thomas Ricci <[email protected]>
1 parent 1eed84e commit 0d305dd

File tree

1 file changed

+207
-0
lines changed

1 file changed

+207
-0
lines changed

.pipelines/mdnc/azure-cns-cni-1.4.43.1.yaml

+207
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,207 @@
1+
apiVersion: v1
2+
kind: ServiceAccount
3+
metadata:
4+
name: azure-cns
5+
namespace: kube-system
6+
---
7+
apiVersion: rbac.authorization.k8s.io/v1
8+
kind: Role
9+
metadata:
10+
namespace: kube-system
11+
name: nodeNetConfigEditor
12+
rules:
13+
- apiGroups: ["acn.azure.com"]
14+
resources: ["nodenetworkconfigs"]
15+
verbs: ["get", "list", "watch", "patch", "update"]
16+
---
17+
apiVersion: rbac.authorization.k8s.io/v1
18+
kind: ClusterRole
19+
metadata:
20+
name: pod-reader-all-namespaces
21+
rules:
22+
- apiGroups: [""]
23+
resources: ["pods"]
24+
verbs: ["get", "watch", "list"]
25+
- apiGroups: [""]
26+
resources: ["nodes"]
27+
verbs: ["get"]
28+
---
29+
apiVersion: rbac.authorization.k8s.io/v1
30+
kind: RoleBinding
31+
metadata:
32+
name: nodeNetConfigEditorRoleBinding
33+
namespace: kube-system
34+
subjects:
35+
- kind: ServiceAccount
36+
name: azure-cns
37+
namespace: kube-system
38+
roleRef:
39+
kind: Role
40+
name: nodeNetConfigEditor
41+
apiGroup: rbac.authorization.k8s.io
42+
---
43+
apiVersion: rbac.authorization.k8s.io/v1
44+
kind: ClusterRoleBinding
45+
metadata:
46+
name: pod-reader-all-namespaces-binding
47+
subjects:
48+
- kind: ServiceAccount
49+
name: azure-cns
50+
namespace: kube-system
51+
roleRef:
52+
kind: ClusterRole
53+
name: pod-reader-all-namespaces
54+
apiGroup: rbac.authorization.k8s.io
55+
---
56+
apiVersion: apps/v1
57+
kind: DaemonSet
58+
metadata:
59+
name: azure-cns
60+
namespace: kube-system
61+
labels:
62+
app: azure-cns
63+
spec:
64+
selector:
65+
matchLabels:
66+
k8s-app: azure-cns
67+
template:
68+
metadata:
69+
labels:
70+
k8s-app: azure-cns
71+
annotations:
72+
cluster-autoscaler.kubernetes.io/daemonset-pod: "true"
73+
spec:
74+
affinity:
75+
nodeAffinity:
76+
requiredDuringSchedulingIgnoredDuringExecution:
77+
nodeSelectorTerms:
78+
- matchExpressions:
79+
- key: kubernetes.azure.com/cluster
80+
operator: Exists
81+
- key: type
82+
operator: NotIn
83+
values:
84+
- virtual-kubelet
85+
- key: beta.kubernetes.io/os
86+
operator: In
87+
values:
88+
- linux
89+
priorityClassName: system-node-critical
90+
tolerations:
91+
- key: CriticalAddonsOnly
92+
operator: Exists
93+
- operator: "Exists"
94+
effect: NoExecute
95+
- operator: "Exists"
96+
effect: NoSchedule
97+
initContainers:
98+
- name: init-cni-dropgz
99+
image: mcr.microsoft.com/containernetworking/azure-cns:v1.4.43.1 # CNI
100+
imagePullPolicy: IfNotPresent
101+
command: ["/dropgz"]
102+
args: ["deploy" , "azure-vnet", "-o", "/opt/cni/bin/azure-vnet", "azure-vnet-telemetry", "-o", "/opt/cni/bin/azure-vnet-telemetry", "azure-swift.conflist", "-o", "/etc/cni/net.d/10-azure.conflist"]
103+
volumeMounts:
104+
- name: cni-bin
105+
mountPath: /opt/cni/bin
106+
- name: cni-conflist
107+
mountPath: /etc/cni/net.d
108+
containers:
109+
- name: cns-container
110+
image: mcr.microsoft.com/containernetworking/azure-cns:v1.4.32
111+
imagePullPolicy: IfNotPresent
112+
args: [ "-c", "tcp://$(CNSIpAddress):$(CNSPort)", "-t", "$(CNSLogTarget)"]
113+
volumeMounts:
114+
- name: log
115+
mountPath: /var/log
116+
- name: cns-state
117+
mountPath: /var/lib/azure-network
118+
- name: azure-endpoints
119+
mountPath: /var/run/azure-cns/
120+
- name: cns-config
121+
mountPath: /etc/azure-cns
122+
- name: cni-bin
123+
mountPath: /opt/cni/bin
124+
- name: azure-vnet
125+
mountPath: /var/run/azure-vnet
126+
- name: legacy-cni-state
127+
mountPath: /var/run/azure-vnet.json
128+
ports:
129+
- containerPort: 10090
130+
env:
131+
- name: CNSIpAddress
132+
value: "127.0.0.1"
133+
- name: CNSPort
134+
value: "10090"
135+
- name: CNSLogTarget
136+
value: "stdoutfile"
137+
- name: CNS_CONFIGURATION_PATH
138+
value: /etc/azure-cns/cns_config.json
139+
- name: NODENAME
140+
valueFrom:
141+
fieldRef:
142+
apiVersion: v1
143+
fieldPath: spec.nodeName
144+
hostNetwork: true
145+
volumes:
146+
- name: azure-endpoints
147+
hostPath:
148+
path: /var/run/azure-cns/
149+
type: DirectoryOrCreate
150+
- name: log
151+
hostPath:
152+
path: /var/log
153+
type: Directory
154+
- name: cns-state
155+
hostPath:
156+
path: /var/lib/azure-network
157+
type: DirectoryOrCreate
158+
- name: cni-bin
159+
hostPath:
160+
path: /opt/cni/bin
161+
type: Directory
162+
- name: azure-vnet
163+
hostPath:
164+
path: /var/run/azure-vnet
165+
type: DirectoryOrCreate
166+
- name: legacy-cni-state
167+
hostPath:
168+
path: /var/run/azure-vnet.json
169+
type: FileOrCreate
170+
- name: cni-conflist
171+
hostPath:
172+
path: /etc/cni/net.d
173+
type: Directory
174+
- name: cns-config
175+
configMap:
176+
name: cns-config
177+
serviceAccountName: azure-cns
178+
---
179+
apiVersion: v1
180+
kind: ConfigMap
181+
metadata:
182+
name: cns-config
183+
namespace: kube-system
184+
data:
185+
cns_config.json: |
186+
{
187+
"TelemetrySettings": {
188+
"TelemetryBatchSizeBytes": 16384,
189+
"TelemetryBatchIntervalInSecs": 15,
190+
"RefreshIntervalInSecs": 15,
191+
"DisableAll": false,
192+
"HeartBeatIntervalInMins": 30,
193+
"DebugMode": false,
194+
"SnapshotIntervalInMins": 60
195+
},
196+
"ManagedSettings": {
197+
"PrivateEndpoint": "",
198+
"InfrastructureNetworkID": "",
199+
"NodeID": "",
200+
"NodeSyncIntervalInSeconds": 30
201+
},
202+
"ChannelMode": "CRD",
203+
"InitializeFromCNI": true,
204+
"ManageEndpointState": false,
205+
"ProgramSNATIPTables" : false
206+
}
207+
# Toggle ManageEndpointState and ProgramSNATIPTables to true for delegated IPAM use case.

0 commit comments

Comments
 (0)