Browse Source

Remove way of running without kuryr-daemon

Deploying without kuryr-daemon is deprecated since Rocky and we
announced that it will be removed in the Rocky release notes. This
commit removes all the code that allows that, updates the documentation,
DevStack plugin and gates definitions.

Implements: blueprint remove-non-daemon

Change-Id: I65598d4a6ecb5c3dfde04dc5fefd7b02fc72a0cb
tags/1.0.0
Michał Dulko 7 months ago
parent
commit
3e3ed9dbb3

+ 1
- 0
.zuul.d/base.yaml View File

@@ -76,6 +76,7 @@
76 76
         kubernetes-scheduler: true
77 77
         kubelet: true
78 78
         kuryr-kubernetes: true
79
+        kuryr-daemon: true
79 80
       zuul_copy_output:
80 81
         '{{ devstack_log_dir }}/kubernetes': 'logs'
81 82
     irrelevant-files:

+ 3
- 3
.zuul.d/multi-vif.yaml View File

@@ -13,10 +13,10 @@
13 13
 # limitations under the License.
14 14
 
15 15
 - job:
16
-    name: kuryr-kubernetes-tempest-daemon-openshift-octavia-multi-vif
17
-    parent: kuryr-kubernetes-tempest-daemon-openshift-octavia
16
+    name: kuryr-kubernetes-tempest-openshift-octavia-multi-vif
17
+    parent: kuryr-kubernetes-tempest-openshift-octavia
18 18
     description: |
19
-      Kuryr-Kubernetes tempest job using octavia, CNI daemon, Openshift and NPWG multi-vif driver
19
+      Kuryr-Kubernetes tempest job using octavia, Openshift and NPWG multi-vif driver
20 20
     vars:
21 21
       devstack_localrc:
22 22
         KURYR_MULTI_VIF_DRIVER: npwg_multiple_interfaces

+ 3
- 3
.zuul.d/multinode.yaml View File

@@ -13,7 +13,7 @@
13 13
 # limitations under the License.
14 14
 
15 15
 - job:
16
-    name: kuryr-kubernetes-tempest-multinode-daemon-octavia-containerized
16
+    name: kuryr-kubernetes-tempest-multinode-octavia-containerized
17 17
     parent: kuryr-kubernetes-tempest-octavia
18 18
     description: |
19 19
         Kuryr-Kubernetes tempest multinode job using octavia
@@ -55,8 +55,8 @@
55 55
     voting: false
56 56
 
57 57
 - job:
58
-    name: kuryr-kubernetes-tempest-multinode-daemon-octavia-ha
59
-    parent: kuryr-kubernetes-tempest-multinode-daemon-octavia-containerized
58
+    name: kuryr-kubernetes-tempest-multinode-octavia-ha
59
+    parent: kuryr-kubernetes-tempest-multinode-octavia-containerized
60 60
     description: |
61 61
         Kuryr-Kubernetes tempest multinode job using octavia and running
62 62
         containerized in HA

+ 28
- 49
.zuul.d/octavia.yaml View File

@@ -44,7 +44,6 @@
44 44
         o-cw: true
45 45
         o-hk: true
46 46
         o-hm: true
47
-        kuryr-daemon: false
48 47
 
49 48
 - job:
50 49
     name: kuryr-kubernetes-tempest-octavia-centos-7
@@ -53,38 +52,29 @@
53 52
     voting: false
54 53
 
55 54
 - job:
56
-    name: kuryr-kubernetes-tempest-daemon-octavia
55
+    name: kuryr-kubernetes-tempest-octavia-py36
57 56
     parent: kuryr-kubernetes-tempest-octavia
58 57
     description: |
59
-        Kuryr-Kubernetes tempest job using octavia and CNI daemon
60
-    vars:
61
-      devstack_services:
62
-        kuryr-daemon: true
63
-
64
-- job:
65
-    name: kuryr-kubernetes-tempest-daemon-octavia-py36
66
-    parent: kuryr-kubernetes-tempest-daemon-octavia
67
-    description: |
68
-      Tempest with Octavia, CNI daemon with DevStack running on Python 3.6
58
+      Tempest with Octavia with DevStack running on Python 3.6
69 59
     vars:
70 60
       devstack_localrc:
71 61
         USE_PYTHON3: true
72 62
 
73 63
 - job:
74
-    name: kuryr-kubernetes-tempest-daemon-containerized-octavia
75
-    parent: kuryr-kubernetes-tempest-daemon-octavia
64
+    name: kuryr-kubernetes-tempest-containerized-octavia
65
+    parent: kuryr-kubernetes-tempest-octavia
76 66
     description: |
77
-        Kuryr-Kubernetes tempest job using octavia, kuryr containerized and CNI daemon
67
+        Kuryr-Kubernetes tempest job using octavia, kuryr containerized
78 68
     vars:
79 69
       devstack_localrc:
80 70
         KURYR_K8S_CONTAINERIZED_DEPLOYMENT: true
81 71
     voting: false
82 72
 
83 73
 - job:
84
-    name: kuryr-kubernetes-tempest-daemon-containerized-octavia-l2
85
-    parent: kuryr-kubernetes-tempest-daemon-containerized-octavia
74
+    name: kuryr-kubernetes-tempest-containerized-octavia-l2
75
+    parent: kuryr-kubernetes-tempest-containerized-octavia
86 76
     description: |
87
-        Kuryr-Kubernetes tempest job using octavia in l2 mode, kuryr containerized and CNI daemon
77
+        Kuryr-Kubernetes tempest job using octavia in l2 mode, kuryr containerized
88 78
     vars:
89 79
       devstack_localrc:
90 80
         KURYR_K8S_OCTAVIA_MEMBER_MODE: L2
@@ -97,6 +87,9 @@
97 87
     vars:
98 88
       devstack_localrc:
99 89
         DOCKER_CGROUP_DRIVER: "systemd"
90
+        KURYR_SUBNET_DRIVER: namespace
91
+        KURYR_SG_DRIVER: namespace
92
+        KURYR_ENABLED_HANDLERS: vif,lb,lbaasspec,namespace
100 93
       devstack_services:
101 94
         kubernetes-api: false
102 95
         kubernetes-controller-manager: false
@@ -106,26 +99,13 @@
106 99
         openshift-node: true
107 100
         openshift-dnsmasq: true
108 101
         openshift-dns: true
109
-
110
-- job:
111
-    name: kuryr-kubernetes-tempest-daemon-openshift-octavia
112
-    parent: kuryr-kubernetes-tempest-openshift-octavia
113
-    description: |
114
-      Kuryr-Kubernetes tempest job using octavia, CNI daemon and OpenShift
115
-    vars:
116
-      devstack_services:
117
-        kuryr-daemon: true
118
-      devstack_localrc:
119
-        KURYR_SUBNET_DRIVER: namespace
120
-        KURYR_SG_DRIVER: namespace
121
-        KURYR_ENABLED_HANDLERS: vif,lb,lbaasspec,namespace
122 102
     voting: false
123 103
 
124 104
 - job:
125
-    name: kuryr-kubernetes-tempest-daemon-containerized-octavia-pools-namespace
105
+    name: kuryr-kubernetes-tempest-containerized-octavia-pools-namespace
126 106
     description: |
127 107
       Tempest with Octavia, CNI daemon, containers, port pools and namespace subnet driver
128
-    parent: kuryr-kubernetes-tempest-daemon-containerized-octavia
108
+    parent: kuryr-kubernetes-tempest-containerized-octavia
129 109
     vars:
130 110
       devstack_localrc:
131 111
         KURYR_SUBNET_DRIVER: namespace
@@ -136,10 +116,10 @@
136 116
         KURYR_VIF_POOL_DRIVER: neutron
137 117
 
138 118
 - job:
139
-    name: kuryr-kubernetes-tempest-daemon-containerized-octavia-network-policy
119
+    name: kuryr-kubernetes-tempest-containerized-octavia-network-policy
140 120
     description: |
141 121
       Tempest with Octavia, CNI daemon, containers and network policy driver
142
-    parent: kuryr-kubernetes-tempest-daemon-containerized-octavia
122
+    parent: kuryr-kubernetes-tempest-containerized-octavia
143 123
     vars:
144 124
       tempest_test_regex: '^(kuryr_tempest_plugin.tests.scenario.test_network_policy.TestNetworkPolicyScenario)'
145 125
       devstack_localrc:
@@ -149,11 +129,10 @@
149 129
     voting: false
150 130
 
151 131
 - job:
152
-    name: kuryr-kubernetes-tempest-daemon-containerized-octavia-py36
132
+    name: kuryr-kubernetes-tempest-containerized-octavia-py36
153 133
     description: |
154
-      Tempest with Octavia, CNI daemon, containers with Kuryr running on
155
-      Python3.6 containers
156
-    parent: kuryr-kubernetes-tempest-daemon-containerized-octavia
134
+      Tempest with Octavia and Kuryr running on Python3.6 containers
135
+    parent: kuryr-kubernetes-tempest-containerized-octavia
157 136
     vars:
158 137
       devstack_localrc:
159 138
         KURYR_CONTAINERS_USE_PY3: True
@@ -161,17 +140,17 @@
161 140
     voting: true
162 141
 
163 142
 - job:
164
-    name: kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia
165
-    description: Tempest with Octavia, CNI daemon enabled, containers and OpenShift
166
-    parent: kuryr-kubernetes-tempest-daemon-openshift-octavia
143
+    name: kuryr-kubernetes-tempest-containerized-openshift-octavia
144
+    description: Tempest with Octavia, containers and OpenShift
145
+    parent: kuryr-kubernetes-tempest-openshift-octavia
167 146
     vars:
168 147
       devstack_localrc:
169 148
         KURYR_K8S_CONTAINERIZED_DEPLOYMENT: true
170 149
 
171 150
 - job:
172
-    name: kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia-serial
173
-    description: Tempest with Octavia running in serial, CNI daemon enabled, containers and OpenShift
174
-    parent: kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia
151
+    name: kuryr-kubernetes-tempest-containerized-openshift-octavia-serial
152
+    description: Tempest with Octavia running in serial, containers and OpenShift
153
+    parent: kuryr-kubernetes-tempest-containerized-openshift-octavia
175 154
     vars:
176 155
       devstack_localrc:
177 156
         KURYR_K8S_SERIAL_TESTS: True
@@ -179,8 +158,8 @@
179 158
 
180 159
 
181 160
 - job:
182
-   name: kuryr-kubernetes-tempest-daemon-openshift-octavia-ingress
183
-   parent: kuryr-kubernetes-tempest-daemon-openshift-octavia
161
+   name: kuryr-kubernetes-tempest-openshift-octavia-ingress
162
+   parent: kuryr-kubernetes-tempest-openshift-octavia
184 163
    description: |
185 164
      Kuryr-Kubernetes tempest job using octavia, ingress controller and OpenShift
186 165
    vars:
@@ -190,8 +169,8 @@
190 169
    voting: false
191 170
 
192 171
 - job:
193
-    name: kuryr-kubernetes-tempest-daemon-containerized-octavia-crio
194
-    parent: kuryr-kubernetes-tempest-daemon-containerized-octavia
172
+    name: kuryr-kubernetes-tempest-containerized-octavia-crio
173
+    parent: kuryr-kubernetes-tempest-containerized-octavia
195 174
     nodeset: openstack-single-node-bionic
196 175
     vars:
197 176
       devstack_localrc:

+ 18
- 20
.zuul.d/project.yaml View File

@@ -17,33 +17,31 @@
17 17
     check:
18 18
       jobs:
19 19
         - kuryr-kubernetes-tempest-octavia
20
-        - kuryr-kubernetes-tempest-daemon-octavia
21
-        - kuryr-kubernetes-tempest-daemon-openshift-octavia
22
-        - kuryr-kubernetes-tempest-daemon-containerized-octavia
23
-        - kuryr-kubernetes-tempest-daemon-containerized-ovn
24
-        - kuryr-kubernetes-tempest-daemon-octavia-py36
25
-        - kuryr-kubernetes-tempest-daemon-containerized-octavia-py36
26
-        - kuryr-kubernetes-tempest-multinode-daemon-octavia-containerized
20
+        - kuryr-kubernetes-tempest-openshift-octavia
21
+        - kuryr-kubernetes-tempest-containerized-octavia
22
+        - kuryr-kubernetes-tempest-containerized-ovn
23
+        - kuryr-kubernetes-tempest-octavia-py36
24
+        - kuryr-kubernetes-tempest-containerized-octavia-py36
25
+        - kuryr-kubernetes-tempest-multinode-octavia-containerized
27 26
         - kuryr-kubernetes-tempest-octavia-centos-7
28 27
     gate:
29 28
       jobs:
30 29
         - kuryr-kubernetes-tempest-octavia
31
-        - kuryr-kubernetes-tempest-daemon-octavia
32
-        - kuryr-kubernetes-tempest-daemon-octavia-py36
33
-        - kuryr-kubernetes-tempest-daemon-containerized-octavia-py36
30
+        - kuryr-kubernetes-tempest-octavia-py36
31
+        - kuryr-kubernetes-tempest-containerized-octavia-py36
34 32
     experimental:
35 33
       jobs:
36 34
         - kuryr-kubernetes-tempest-dragonflow
37
-        - kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia
38
-        - kuryr-kubernetes-tempest-daemon-containerized-octavia-l2
39
-        - kuryr-kubernetes-tempest-daemon-containerized-octavia-pools-namespace
40
-        - kuryr-kubernetes-tempest-daemon-containerized-octavia-network-policy
41
-        - kuryr-kubernetes-tempest-daemon-containerized-openshift-octavia-serial
42
-        - kuryr-kubernetes-tempest-daemon-ovn
43
-        - kuryr-kubernetes-tempest-daemon-openshift-octavia-ingress
44
-        - kuryr-kubernetes-tempest-daemon-openshift-octavia-multi-vif
45
-        - kuryr-kubernetes-tempest-multinode-daemon-octavia-ha
46
-        - kuryr-kubernetes-tempest-daemon-containerized-octavia-crio
35
+        - kuryr-kubernetes-tempest-containerized-openshift-octavia
36
+        - kuryr-kubernetes-tempest-containerized-octavia-l2
37
+        - kuryr-kubernetes-tempest-containerized-octavia-pools-namespace
38
+        - kuryr-kubernetes-tempest-containerized-octavia-network-policy
39
+        - kuryr-kubernetes-tempest-containerized-openshift-octavia-serial
40
+        - kuryr-kubernetes-tempest-ovn
41
+        - kuryr-kubernetes-tempest-openshift-octavia-ingress
42
+        - kuryr-kubernetes-tempest-openshift-octavia-multi-vif
43
+        - kuryr-kubernetes-tempest-multinode-octavia-ha
44
+        - kuryr-kubernetes-tempest-containerized-octavia-crio
47 45
 
48 46
 - project:
49 47
     templates:

+ 2
- 12
.zuul.d/sdn.yaml View File

@@ -41,23 +41,13 @@
41 41
         q-dhcp: false
42 42
         q-meta: false
43 43
         q-trunk: true
44
-        kuryr-daemon: true
45 44
     voting: false
46 45
 
47 46
 - job:
48
-    name: kuryr-kubernetes-tempest-daemon-ovn
47
+    name: kuryr-kubernetes-tempest-containerized-ovn
49 48
     parent: kuryr-kubernetes-tempest-ovn
50 49
     description: |
51
-        Kuryr-Kubernetes tempest job using OVN, CNI daemon
52
-    vars:
53
-      devstack_services:
54
-        kuryr-daemon: true
55
-
56
-- job:
57
-    name: kuryr-kubernetes-tempest-daemon-containerized-ovn
58
-    parent: kuryr-kubernetes-tempest-daemon-ovn
59
-    description: |
60
-        Kuryr-Kubernetes tempest job using OVN, CNI daemon and Containerized
50
+        Kuryr-Kubernetes tempest job using OVN and Containerized
61 51
     vars:
62 52
       devstack_localrc:
63 53
         KURYR_K8S_CONTAINERIZED_DEPLOYMENT: true

+ 1
- 6
cni_ds_init View File

@@ -61,9 +61,4 @@ EOF
61 61
 cleanup
62 62
 deploy
63 63
 
64
-# Start CNI daemon if required
65
-if [ "$CNI_DAEMON" == "True" ]; then
66
-    exec kuryr-daemon --config-file /etc/kuryr/kuryr.conf
67
-else
68
-    exec sleep infinity
69
-fi
64
+exec kuryr-daemon --config-file /etc/kuryr/kuryr.conf

+ 3
- 10
devstack/lib/kuryr_kubernetes View File

@@ -583,9 +583,8 @@ EOF
583 583
 function generate_cni_daemon_set() {
584 584
     output_dir=$1
585 585
     cni_health_server_port=$2
586
-    cni_daemon=${3:-False}
587
-    cni_bin_dir=${4:-/opt/cni/bin}
588
-    cni_conf_dir=${5:-/etc/cni/net.d}
586
+    cni_bin_dir=${3:-/opt/cni/bin}
587
+    cni_conf_dir=${4:-/etc/cni/net.d}
589 588
     mkdir -p "$output_dir"
590 589
     rm -f ${output_dir}/cni_ds.yml
591 590
     cat >> "${output_dir}/cni_ds.yml" << EOF
@@ -624,8 +623,6 @@ spec:
624 623
           valueFrom:
625 624
             fieldRef:
626 625
               fieldPath: metadata.name
627
-        - name: CNI_DAEMON
628
-          value: "${cni_daemon}"
629 626
         securityContext:
630 627
           privileged: true
631 628
         volumeMounts:
@@ -645,8 +642,7 @@ EOF
645 642
           mountPath: /var/run
646 643
 EOF
647 644
     fi
648
-    if [ "$cni_daemon" == "True" ]; then
649
-        cat >> "${output_dir}/cni_ds.yml" << EOF
645
+    cat >> "${output_dir}/cni_ds.yml" << EOF
650 646
         readinessProbe:
651 647
           httpGet:
652 648
             path: /ready
@@ -659,9 +655,6 @@ EOF
659 655
             path: /alive
660 656
             port: ${cni_health_server_port}
661 657
           initialDelaySeconds: 60
662
-EOF
663
-    fi
664
-    cat >> "${output_dir}/cni_ds.yml" << EOF
665 658
       volumes:
666 659
         - name: bin
667 660
           hostPath:

+ 2
- 17
devstack/plugin.sh View File

@@ -99,8 +99,6 @@ function configure_kuryr {
99 99
             iniset "$KURYR_CONFIG" cni_health_server cg_path \
100 100
                 "/system.slice/system-devstack.slice/devstack@kuryr-daemon.service"
101 101
         fi
102
-    else
103
-        iniset "$KURYR_CONFIG" cni_daemon daemon_enabled False
104 102
     fi
105 103
 
106 104
     create_kuryr_cache_dir
@@ -131,8 +129,6 @@ function configure_kuryr {
131 129
 }
132 130
 
133 131
 function generate_containerized_kuryr_resources {
134
-    local cni_daemon
135
-    cni_daemon=$1
136 132
     if [[ $KURYR_CONTROLLER_REPLICAS -eq 1 ]]; then
137 133
         KURYR_CONTROLLER_HA="False"
138 134
     else
@@ -892,9 +888,6 @@ function update_tempest_conf_file {
892 888
     if [[ "$KURYR_ENABLED_HANDLERS" =~ .*policy.* ]]; then
893 889
         iniset $TEMPEST_CONFIG kuryr_kubernetes network_policy_enabled True
894 890
     fi
895
-    if ! is_service_enabled kuryr-daemon; then
896
-        iniset $TEMPEST_CONFIG kuryr_kubernetes kuryr_daemon_enabled False
897
-    fi
898 891
     # NOTE(yboaron): Services with protocol UDP are supported in Kuryr
899 892
     # starting from Stein release
900 893
     iniset $TEMPEST_CONFIG kuryr_kubernetes test_udp_services True
@@ -1038,11 +1031,7 @@ if [[ "$1" == "stack" && "$2" == "extra" ]]; then
1038 1031
     KURYR_FORCE_IMAGE_BUILD=$(trueorfalse False KURYR_FORCE_IMAGE_BUILD)
1039 1032
     if is_service_enabled kuryr-kubernetes || [[ ${KURYR_FORCE_IMAGE_BUILD} == "True" ]]; then
1040 1033
         if [ "$KURYR_K8S_CONTAINERIZED_DEPLOYMENT" == "True" ]; then
1041
-            if is_service_enabled kuryr-daemon; then
1042
-                build_kuryr_containers True
1043
-            else
1044
-                build_kuryr_containers False
1045
-            fi
1034
+            build_kuryr_containers
1046 1035
         fi
1047 1036
     fi
1048 1037
 
@@ -1050,11 +1039,7 @@ if [[ "$1" == "stack" && "$2" == "extra" ]]; then
1050 1039
         /usr/local/bin/kubectl apply -f ${KURYR_HOME}/kubernetes_crds/kuryrnet.yaml
1051 1040
         /usr/local/bin/kubectl apply -f ${KURYR_HOME}/kubernetes_crds/kuryrnetpolicy.yaml
1052 1041
         if [ "$KURYR_K8S_CONTAINERIZED_DEPLOYMENT" == "True" ]; then
1053
-            if is_service_enabled kuryr-daemon; then
1054
-                generate_containerized_kuryr_resources True
1055
-            else
1056
-                generate_containerized_kuryr_resources False
1057
-            fi
1042
+            generate_containerized_kuryr_resources
1058 1043
         fi
1059 1044
         if [ "$KURYR_MULTI_VIF_DRIVER" == "npwg_multiple_interfaces" ]; then
1060 1045
             /usr/local/bin/kubectl apply -f ${KURYR_HOME}/kubernetes_crds/network_attachment_definition_crd.yaml

+ 16
- 45
doc/source/devref/kuryr_kubernetes_design.rst View File

@@ -194,19 +194,27 @@ CNI driver to complete pod handling.
194 194
 The NeutronPodVifDriver is the default driver that creates neutron port upon
195 195
 Pod addition and deletes port upon Pod removal.
196 196
 
197
+CNI Driver
198
+----------
199
+
200
+CNI driver is just a thin client that passes CNI ADD and DEL requests to
201
+kuryr-daemon instance via its HTTP API. It's simple Python executable that is
202
+supposed to be called by kublet's CNI.
203
+
197 204
 .. _cni-daemon:
198 205
 
199 206
 CNI Daemon
200 207
 ----------
201 208
 
202 209
 CNI Daemon is a service that should run on every Kubernetes node. Starting from
203
-Rocky release it should be seen as a default supported deployment option.
204
-It is responsible for watching pod events on the node it's running on,
205
-answering calls from CNI Driver and attaching VIFs when they are ready. In the
206
-future it will also keep information about pooled ports in memory. This helps
207
-to limit the number of processes spawned when creating multiple Pods, as a
208
-single Watcher is enough for each node and CNI Driver will only wait on local
209
-network socket for response from the Daemon.
210
+Rocky release it should be seen as a default supported deployment option. And
211
+running without it is impossible starting from Stein release. It is responsible
212
+for watching pod events on the node it's running on, answering calls from CNI
213
+Driver and attaching VIFs when they are ready. In the future it will also keep
214
+information about pooled ports in memory. This helps to limit the number of
215
+processes spawned when creating multiple Pods, as a single Watcher is enough
216
+for each node and CNI Driver will only wait on local network socket for
217
+response from the Daemon.
210 218
 
211 219
 Currently CNI Daemon consists of two processes i.e. Watcher and Server.
212 220
 Processes communicate between each other using Python's
@@ -229,7 +237,7 @@ expected to be JSON).
229 237
 
230 238
 For reference see updated pod creation flow diagram:
231 239
 
232
-.. image:: ../../images/pod_creation_flow_daemon.png
240
+.. image:: ../../images/pod_creation_flow.png
233 241
     :alt: Controller-CNI-daemon interaction
234 242
     :align: center
235 243
     :width: 100%
@@ -255,43 +263,6 @@ deserialized using o.vo's ``obj_from_primitive()`` method.
255 263
 When running in daemonized mode, CNI Driver will call CNI Daemon over those APIs
256 264
 to perform its tasks and wait on socket for result.
257 265
 
258
-CNI Driver (deprecated)
259
------------------------
260
-
261
-.. warning::
262
-    Running with CNI Driver in this mode is deprecated since Rocky release.
263
-    Currently the preferred way of deploying kuryr-kubernetes is with
264
-    kuryr-daemon that takes over most of the CNI Driver tasks. In that case CNI
265
-    driver becomes a thin client that passes CNI ADD and DEL requests to
266
-    kuryr-daemon instance via its HTTP API.
267
-
268
-Kuryr kubernetes integration takes advantage of the kubernetes `CNI plugin
269
-<http://kubernetes.io/docs/admin/network-plugins/#cni>`_ and introduces
270
-Kuryr-K8s CNI Driver. Based on design decision, kuryr-kubernetes
271
-CNI Driver should get all information required to plug and bind Pod via
272
-kubernetes control plane and should not depend on Neutron. CNI plugin/driver
273
-is invoked in a blocking manner by kubelet (Kubernetes node agent), therefore
274
-it is expected to return when either success or error state determined.
275
-
276
-Kuryr-K8s CNI Driver has 2 sources for Pod binding information: kubelet/node
277
-environment and Kubernetes API. The Kuryr-K8s Controller Service and CNI share the
278
-contract that defines Pod annotation that Controller Server adds and CNI
279
-driver reads. The contract is `os_vif VIF
280
-<https://github.com/openstack/os-vif/blob/master/os_vif/objects/vif.py>`_
281
-
282
-With VIF object loaded from the Pod object annotation, the CNI driver performs
283
-Pod plugging. Kuryr-K8s CNI driver uses ov_vif library to perform Pod plug and
284
-unplug operations. The CNI driver should complete its job and return control to
285
-Kubelet when all the network plugging is completed.
286
-In the cases when Neutron initially creates port in 'Down' state, CNI driver
287
-will plug the Pod, but will have to watch the Pod annotations for vif state
288
-change to 'Active' before returning the control to the caller.
289
-
290
-.. image:: ../../images/pod_creation_flow.png
291
-    :alt: Controller-CNI interaction
292
-    :align: center
293
-    :width: 100%
294
-
295 266
 
296 267
 Kubernetes Documentation
297 268
 ------------------------

+ 0
- 3
doc/source/installation/devstack/basic.rst View File

@@ -48,9 +48,6 @@ Now edit ``devstack/local.conf`` to set up some initial options:
48 48
   omitted.
49 49
 * If you already have Docker installed on the machine, you can comment out line
50 50
   starting with ``enable_plugin devstack-plugin-container``.
51
-* If you want to disable kuryr-daemon add ``disable_service kuryr-daemon``
52
-  line. Please note that running without kuryr-daemon was deprecated in Rocky
53
-  release.
54 51
 
55 52
 Once ``local.conf`` is configured, you can start the installation: ::
56 53
 

+ 0
- 20
kuryr_kubernetes/cni/api.py View File

@@ -26,7 +26,6 @@ from os_vif.objects import base
26 26
 from oslo_log import log as logging
27 27
 from oslo_serialization import jsonutils
28 28
 
29
-from kuryr_kubernetes.cni import utils
30 29
 from kuryr_kubernetes import config
31 30
 from kuryr_kubernetes import constants as k_const
32 31
 from kuryr_kubernetes import exceptions as k_exc
@@ -129,25 +128,6 @@ class CNIRunner(object):
129 128
         return result
130 129
 
131 130
 
132
-class CNIStandaloneRunner(CNIRunner):
133
-
134
-    def __init__(self, plugin):
135
-        self._plugin = plugin
136
-
137
-    def _add(self, params):
138
-        vif = self._plugin.add(params)
139
-        return self._vif_data(vif, params)
140
-
141
-    def _delete(self, params):
142
-        self._plugin.delete(params)
143
-
144
-    def prepare_env(self, env, stdin):
145
-        return utils.CNIParameters(env, stdin)
146
-
147
-    def get_container_id(self, params):
148
-        return params.CNI_CONTAINERID
149
-
150
-
151 131
 class CNIDaemonizedRunner(CNIRunner):
152 132
 
153 133
     def _add(self, params):

+ 1
- 9
kuryr_kubernetes/cni/main.py View File

@@ -21,11 +21,9 @@ import sys
21 21
 import os_vif
22 22
 from oslo_config import cfg
23 23
 from oslo_log import log as logging
24
-from oslo_log import versionutils
25 24
 from oslo_serialization import jsonutils
26 25
 
27 26
 from kuryr_kubernetes.cni import api as cni_api
28
-from kuryr_kubernetes.cni.plugins import k8s_cni
29 27
 from kuryr_kubernetes.cni import utils
30 28
 from kuryr_kubernetes import config
31 29
 from kuryr_kubernetes import constants as k_const
@@ -56,13 +54,7 @@ def run():
56 54
     k_objects.register_locally_defined_vifs()
57 55
     os_vif.initialize()
58 56
 
59
-    if CONF.cni_daemon.daemon_enabled:
60
-        runner = cni_api.CNIDaemonizedRunner()
61
-    else:
62
-        versionutils.deprecation_warning(
63
-            'Deploying kuryr-kubernetes without kuryr-daemon service', 'R')
64
-        runner = cni_api.CNIStandaloneRunner(k8s_cni.K8sCNIPlugin())
65
-    LOG.info("Using '%s' ", runner.__class__.__name__)
57
+    runner = cni_api.CNIDaemonizedRunner()
66 58
 
67 59
     def _timeout(signum, frame):
68 60
         runner._write_dict(sys.stdout, {

+ 0
- 49
kuryr_kubernetes/cni/plugins/k8s_cni.py View File

@@ -1,49 +0,0 @@
1
-# Copyright (c) 2016 Mirantis, Inc.
2
-# All Rights Reserved.
3
-#
4
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
-#    not use this file except in compliance with the License. You may obtain
6
-#    a copy of the License at
7
-#
8
-#         http://www.apache.org/licenses/LICENSE-2.0
9
-#
10
-#    Unless required by applicable law or agreed to in writing, software
11
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
-#    License for the specific language governing permissions and limitations
14
-#    under the License.
15
-
16
-from kuryr_kubernetes import clients
17
-from kuryr_kubernetes.cni import handlers as h_cni
18
-from kuryr_kubernetes.cni.plugins import base as base_cni
19
-from kuryr_kubernetes import constants as k_const
20
-from kuryr_kubernetes import watcher as k_watcher
21
-
22
-
23
-class K8sCNIPlugin(base_cni.CNIPlugin):
24
-
25
-    def add(self, params):
26
-        self._setup(params)
27
-        self._pipeline.register(h_cni.AddHandler(params, self._done))
28
-        self._watcher.start()
29
-        return self._vif
30
-
31
-    def delete(self, params):
32
-        self._setup(params)
33
-        self._pipeline.register(h_cni.DelHandler(params, self._done))
34
-        self._watcher.start()
35
-
36
-    def _done(self, vif):
37
-        self._vif = vif
38
-        self._watcher.stop()
39
-
40
-    def _setup(self, params):
41
-        clients.setup_kubernetes_client()
42
-        self._pipeline = h_cni.CNIPipeline()
43
-        self._watcher = k_watcher.Watcher(self._pipeline)
44
-        self._watcher.add(
45
-            "%(base)s/namespaces/%(namespace)s/pods"
46
-            "?fieldSelector=metadata.name=%(pod)s" % {
47
-                'base': k_const.K8S_API_BASE,
48
-                'namespace': params.args.K8S_POD_NAMESPACE,
49
-                'pod': params.args.K8S_POD_NAME})

+ 0
- 7
kuryr_kubernetes/config.py View File

@@ -31,13 +31,6 @@ kuryr_k8s_opts = [
31 31
 ]
32 32
 
33 33
 daemon_opts = [
34
-    cfg.BoolOpt('daemon_enabled',
35
-                help=_('Enable CNI Daemon configuration.'),
36
-                default=True,
37
-                deprecated_for_removal=True,
38
-                deprecated_reason="Deployment without kuryr-daemon is now "
39
-                                  "deprecated.",
40
-                deprecated_since="Rocky"),
41 34
     cfg.StrOpt('bind_address',
42 35
                help=_('Bind address for CNI daemon HTTP server. It is '
43 36
                       'recommened to allow only local connections.'),

+ 0
- 67
kuryr_kubernetes/tests/unit/cni/plugins/test_k8s_cni.py View File

@@ -1,67 +0,0 @@
1
-# Copyright (c) 2017 NEC Corporation.
2
-# All Rights Reserved.
3
-#
4
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
-#    not use this file except in compliance with the License. You may obtain
6
-#    a copy of the License at
7
-#
8
-#         http://www.apache.org/licenses/LICENSE-2.0
9
-#
10
-#    Unless required by applicable law or agreed to in writing, software
11
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
-#    License for the specific language governing permissions and limitations
14
-#    under the License.
15
-
16
-import mock
17
-
18
-from kuryr_kubernetes.cni.plugins import k8s_cni
19
-from kuryr_kubernetes import constants
20
-from kuryr_kubernetes.tests import base as test_base
21
-
22
-
23
-class TestK8sCNIPlugin(test_base.TestCase):
24
-    @mock.patch('kuryr_kubernetes.watcher.Watcher')
25
-    @mock.patch('kuryr_kubernetes.cni.handlers.CNIPipeline')
26
-    @mock.patch('kuryr_kubernetes.cni.handlers.DelHandler')
27
-    @mock.patch('kuryr_kubernetes.cni.handlers.AddHandler')
28
-    def _test_method(self, method, m_add_handler, m_del_handler, m_cni_pipe,
29
-                     m_watcher_class):
30
-        self.passed_handler = None
31
-
32
-        def _save_handler(params, handler):
33
-            self.passed_handler = handler
34
-
35
-        def _call_handler(*args):
36
-            self.passed_handler(mock.sentinel.vif)
37
-
38
-        m_add_handler.side_effect = _save_handler
39
-        m_del_handler.side_effect = _save_handler
40
-
41
-        m_watcher = mock.MagicMock(
42
-            add=mock.MagicMock(),
43
-            start=mock.MagicMock(side_effect=_call_handler))
44
-        m_watcher_class.return_value = m_watcher
45
-
46
-        m_params = mock.MagicMock()
47
-        m_params.args.K8S_POD_NAMESPACE = 'k8s_pod_namespace'
48
-        m_params.args.K8S_POD_NAME = 'k8s_pod'
49
-
50
-        cni_plugin = k8s_cni.K8sCNIPlugin()
51
-        result = getattr(cni_plugin, method)(m_params)
52
-        self.assertEqual(mock.sentinel.vif, cni_plugin._vif)
53
-        m_watcher.add.assert_called_with(
54
-            "%(base)s/namespaces/%(namespace)s/pods"
55
-            "?fieldSelector=metadata.name=%(pod)s" % {
56
-                'base': constants.K8S_API_BASE,
57
-                'namespace': m_params.args.K8S_POD_NAMESPACE,
58
-                'pod': m_params.args.K8S_POD_NAME})
59
-
60
-        return result
61
-
62
-    def test_add(self):
63
-        result = self._test_method('add')
64
-        self.assertEqual(result, mock.sentinel.vif)
65
-
66
-    def test_delete(self):
67
-        self._test_method('delete')

+ 0
- 57
kuryr_kubernetes/tests/unit/cni/test_api.py View File

@@ -22,7 +22,6 @@ from oslo_config import cfg
22 22
 from oslo_serialization import jsonutils
23 23
 
24 24
 from kuryr_kubernetes.cni import api
25
-from kuryr_kubernetes.cni.plugins import k8s_cni
26 25
 from kuryr_kubernetes.tests import base as test_base
27 26
 from kuryr_kubernetes.tests import fake
28 27
 
@@ -51,62 +50,6 @@ class TestCNIRunnerMixin(object):
51 50
         self.assertEqual(api.CNIRunner.VERSION, result['cniVersion'])
52 51
 
53 52
 
54
-class TestCNIStandaloneRunner(test_base.TestCase, TestCNIRunnerMixin):
55
-    def setUp(self):
56
-        super(TestCNIStandaloneRunner, self).setUp()
57
-        self.runner = api.CNIStandaloneRunner(k8s_cni.K8sCNIPlugin())
58
-
59
-    @mock.patch('kuryr_kubernetes.cni.plugins.k8s_cni.K8sCNIPlugin.add')
60
-    def test_run_add(self, m_k8s_add):
61
-        vif = fake._fake_vif()
62
-        m_k8s_add.return_value = vif
63
-        m_fin = StringIO()
64
-        m_fout = StringIO()
65
-        container_id = 'a4181c680a39'
66
-        env = {
67
-            'CNI_COMMAND': 'ADD',
68
-            'CNI_CONTAINERID': container_id,
69
-            'CNI_ARGS': 'foo=bar',
70
-        }
71
-        self.runner.run(env, m_fin, m_fout)
72
-        self.assertTrue(m_k8s_add.called)
73
-        self.assertEqual('foo=bar', m_k8s_add.call_args[0][0].CNI_ARGS)
74
-        result = jsonutils.loads(m_fout.getvalue())
75
-        self.assertDictEqual(
76
-            {"cniVersion": '0.3.1',
77
-             "dns": {"nameservers": ["192.168.0.1"]},
78
-             "ips": [
79
-                 {
80
-                     "version": "4",
81
-                     "gateway": "192.168.0.1",
82
-                     "address": "192.168.0.2/24",
83
-                     "interface": 0,
84
-                 }],
85
-             "interfaces": [
86
-                 {
87
-                     "name": vif.vif_name,
88
-                     "mac": vif.address,
89
-                     "sandbox": container_id,
90
-                 }],
91
-             "routes": []},
92
-            result)
93
-
94
-    @mock.patch('kuryr_kubernetes.cni.plugins.k8s_cni.K8sCNIPlugin.delete')
95
-    def test_run_del(self, m_k8s_delete):
96
-        vif = fake._fake_vif()
97
-        m_k8s_delete.return_value = vif
98
-        m_fin = StringIO()
99
-        m_fout = StringIO()
100
-        env = {
101
-            'CNI_COMMAND': 'DEL',
102
-            'CNI_CONTAINERID': 'a4181c680a39',
103
-            'CNI_ARGS': 'foo=bar',
104
-        }
105
-        self.runner.run(env, m_fin, m_fout)
106
-        self.assertTrue(m_k8s_delete.called)
107
-        self.assertEqual('foo=bar', m_k8s_delete.call_args[0][0].CNI_ARGS)
108
-
109
-
110 53
 @mock.patch('requests.post')
111 54
 class TestCNIDaemonizedRunner(test_base.TestCase, TestCNIRunnerMixin):
112 55
     def setUp(self):

+ 0
- 28
kuryr_kubernetes/tests/unit/cni/test_main.py View File

@@ -15,8 +15,6 @@
15 15
 
16 16
 import mock
17 17
 
18
-from oslo_config import cfg
19
-
20 18
 from kuryr_kubernetes.cni import main
21 19
 from kuryr_kubernetes.tests import base as test_base
22 20
 
@@ -37,32 +35,6 @@ class TestCNIMain(test_base.TestCase):
37 35
         m_cni_dr.return_value = mock.MagicMock()
38 36
         m_cni_daemon = m_cni_dr.return_value
39 37
 
40
-        cfg.CONF.set_override('daemon_enabled', True, group='cni_daemon')
41
-
42
-        main.run()
43
-
44
-        m_config_init.assert_called()
45
-        m_setup_logging.assert_called()
46
-        m_cni_daemon.run.assert_called()
47
-        m_sysexit.assert_called()
48
-
49
-    @mock.patch('kuryr_kubernetes.cni.main.jsonutils.load')
50
-    @mock.patch('sys.exit')
51
-    @mock.patch('sys.stdin')
52
-    @mock.patch('kuryr_kubernetes.cni.utils.CNIConfig')
53
-    @mock.patch('kuryr_kubernetes.cni.api')
54
-    @mock.patch('kuryr_kubernetes.config.init')
55
-    @mock.patch('kuryr_kubernetes.config.setup_logging')
56
-    @mock.patch('kuryr_kubernetes.cni.api.CNIStandaloneRunner')
57
-    def test_standalone_run(self, m_cni_sr, m_setup_logging, m_config_init,
58
-                            m_api, m_conf, m_sys, m_sysexit, m_json):
59
-        m_conf.debug = mock.Mock()
60
-        m_conf.debug.return_value = True
61
-        m_cni_sr.return_value = mock.MagicMock()
62
-        m_cni_daemon = m_cni_sr.return_value
63
-
64
-        cfg.CONF.set_override('daemon_enabled', False, group='cni_daemon')
65
-
66 38
         main.run()
67 39
 
68 40
         m_config_init.assert_called()

+ 5
- 0
releasenotes/notes/remove-non-daemon-836e4825384b1b88.yaml View File

@@ -0,0 +1,5 @@
1
+---
2
+upgrade:
3
+  - |
4
+    As announced, possiblity of running Kuryr-Kubernetes without kuryr-daemon
5
+    service is now removed from the project and considered not supported.

Loading…
Cancel
Save