From c0216fefeb665ac811554b0b88eb4df5bd96c0ef Mon Sep 17 00:00:00 2001 From: adrianc Date: Wed, 19 Jun 2024 15:35:36 +0300 Subject: [PATCH] bump multus version - deploy multus thin plugin v4.1.0. update manifests accordingly Signed-off-by: adrianc --- deployment/network-operator/values.yaml | 2 +- ...f.io_networkattachmentdefinitions_crd.yaml | 2 +- hack/release.yaml | 2 +- manifests/state-multus-cni/0040-configmap.yml | 4 +- manifests/state-multus-cni/0050-multus-ds.yml | 44 +++++++++++++------ pkg/state/state_multus_cni_test.go | 4 +- 6 files changed, 38 insertions(+), 20 deletions(-) diff --git a/deployment/network-operator/values.yaml b/deployment/network-operator/values.yaml index c7e98abe..7e5e3ccd 100644 --- a/deployment/network-operator/values.yaml +++ b/deployment/network-operator/values.yaml @@ -487,7 +487,7 @@ secondaryNetwork: # -- Multus image repository. repository: ghcr.io/k8snetworkplumbingwg # -- Multus image version. - version: v3.9.3 + version: v4.1.0 # imagePullSecrets: [] # config: '' # containerResources: diff --git a/hack/crds/k8s.cni.cncf.io_networkattachmentdefinitions_crd.yaml b/hack/crds/k8s.cni.cncf.io_networkattachmentdefinitions_crd.yaml index 5916055f..163097b3 100644 --- a/hack/crds/k8s.cni.cncf.io_networkattachmentdefinitions_crd.yaml +++ b/hack/crds/k8s.cni.cncf.io_networkattachmentdefinitions_crd.yaml @@ -23,7 +23,7 @@ spec: singular: network-attachment-definition kind: NetworkAttachmentDefinition shortNames: - - net-attach-def + - net-attach-def versions: - name: v1 served: true diff --git a/hack/release.yaml b/hack/release.yaml index 16e28cff..46d55604 100644 --- a/hack/release.yaml +++ b/hack/release.yaml @@ -49,7 +49,7 @@ CniPlugins: Multus: image: multus-cni repository: ghcr.io/k8snetworkplumbingwg - version: v3.9.3 + version: v4.1.0 Ipoib: image: ipoib-cni repository: ghcr.io/mellanox diff --git a/manifests/state-multus-cni/0040-configmap.yml b/manifests/state-multus-cni/0040-configmap.yml index ed9f3db2..c3c2c209 100644 --- a/manifests/state-multus-cni/0040-configmap.yml +++ b/manifests/state-multus-cni/0040-configmap.yml @@ -11,7 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -{{ if .CrSpec.Config -}} +{{- if .CrSpec.Config }} kind: ConfigMap apiVersion: v1 metadata: @@ -22,4 +22,4 @@ metadata: app: multus data: cni-conf.json: '{{ .CrSpec.Config }}' -{{ end -}} +{{- end }} diff --git a/manifests/state-multus-cni/0050-multus-ds.yml b/manifests/state-multus-cni/0050-multus-ds.yml index 7cdbb29a..3ec299c2 100644 --- a/manifests/state-multus-cni/0050-multus-ds.yml +++ b/manifests/state-multus-cni/0050-multus-ds.yml @@ -21,6 +21,8 @@ spec: name: multus spec: hostNetwork: true + priorityClassName: "system-node-critical" + terminationGracePeriodSeconds: 10 {{- if .NodeAffinity }} affinity: nodeAffinity: @@ -40,21 +42,36 @@ spec: - key: nvidia.com/gpu operator: Exists effect: NoSchedule + initContainers: + - name: install-multus-binary + image: {{ .CrSpec.Repository }}/{{ .CrSpec.Image }}:{{ .CrSpec.Version }} + command: ["/install_multus"] + args: + - "--type" + - "thin" + resources: + requests: + cpu: "10m" + memory: "15Mi" + securityContext: + privileged: true + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - name: cnibin + mountPath: /host/opt/cni/bin + mountPropagation: Bidirectional containers: - name: kube-multus image: {{ .CrSpec.Repository }}/{{ .CrSpec.Image }}:{{ .CrSpec.Version }} - command: ["/entrypoint.sh"] + command: ["/thin_entrypoint"] args: - - "--cni-version=0.3.1" # /tmp/multus-conf/00-multus.conf is where multus-cfg ConfigMap is mounted then entrypoint.sh copy it to # /host/etc/cni/net.d/00-multus.conf - "--multus-conf-file={{- if .CrSpec.Config -}}/tmp/multus-conf/00-multus.conf{{- else -}}auto{{- end -}}" - # Remove multus config file to prevent failing of creating/deleting pods since multus will fail due to - # permission issue, https://github.com/intel/multus-cni/issues/592 - lifecycle: - preStop: - exec: - command: ["/bin/sh", "-c", "rm -f /host/etc/cni/net.d/00-multus.conf"] + - "--multus-autoconfig-dir=/host/etc/cni/net.d" + - "--cni-conf-dir=/host/etc/cni/net.d" + - "--cleanup-config-on-exit" + - "--skip-config-watch" {{- with .RuntimeSpec.ContainerResources }} {{- with index . "kube-multus" }} resources: @@ -78,13 +95,14 @@ spec: {{- end }} securityContext: privileged: true + terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - name: cni mountPath: /host/etc/cni/net.d - name: cnibin mountPath: /host/opt/cni/bin {{- if .CrSpec.Config }} - - name: multus-cfg + - name: multus-cni-config mountPath: /tmp/multus-conf {{- end }} volumes: @@ -95,10 +113,10 @@ spec: hostPath: path: {{ .RuntimeSpec.CniBinDirectory }} {{- if .CrSpec.Config }} - - name: multus-cfg + - name: multus-cni-config configMap: name: multus-cni-config items: - - key: cni-conf.json - path: 00-multus.conf - {{- end }} + - key: cni-conf.json + path: 00-multus.conf + {{- end}} diff --git a/pkg/state/state_multus_cni_test.go b/pkg/state/state_multus_cni_test.go index 607eac74..e8e98766 100644 --- a/pkg/state/state_multus_cni_test.go +++ b/pkg/state/state_multus_cni_test.go @@ -265,14 +265,14 @@ var _ = Describe("Multus CNI state", func() { Expect(daemonSet.Spec.Template.Spec.Containers[0].VolumeMounts).To(ContainElement( corev1.VolumeMount{ - Name: "multus-cfg", + Name: "multus-cni-config", MountPath: "/tmp/multus-conf", }, )) Expect(daemonSet.Spec.Template.Spec.Volumes).To(ContainElement( corev1.Volume{ - Name: "multus-cfg", + Name: "multus-cni-config", VolumeSource: corev1.VolumeSource{ ConfigMap: &corev1.ConfigMapVolumeSource{ LocalObjectReference: corev1.LocalObjectReference{