From 51d0cb7e04d16c34ab76cfe2a34dcb8287486fa5 Mon Sep 17 00:00:00 2001
From: Steven Webster <steven.webster@windriver.com>
Date: Wed, 7 Aug 2019 12:51:53 -0500
Subject: [PATCH] Configure multus with the portmap plugin

With the introduction of Multus CNI, the portmap chained plugin
was no longer configured.

This commit simply adds the portmap plugin to the Multus configuration
template.

The portmap plugin allows a user to create a pod/deployment with a
host->container port mapping by including the hostPort, containerPort
in the container specification.  ie:

spec:
  containers:
    ports:
    - containerPort: 80
      hostPort: 8089

In this example, one could access the service in the pod via
container_ip:80 or node_ip:8089

Closes-Bug: 1832892

Change-Id: I0549bff242df881e652b742abdf4fb342b5d7a5e
Signed-off-by: Steven Webster <steven.webster@windriver.com>
---
 .../templates/multus-cni.yaml.j2                       | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/playbookconfig/src/playbooks/bootstrap/roles/bringup-essential-services/templates/multus-cni.yaml.j2 b/playbookconfig/src/playbooks/bootstrap/roles/bringup-essential-services/templates/multus-cni.yaml.j2
index 91e5e6d20..ef67589e3 100644
--- a/playbookconfig/src/playbooks/bootstrap/roles/bringup-essential-services/templates/multus-cni.yaml.j2
+++ b/playbookconfig/src/playbooks/bootstrap/roles/bringup-essential-services/templates/multus-cni.yaml.j2
@@ -8,6 +8,8 @@
 #   it has a lower lexographic order than the calico CNI configuration file.
 # - The configMap has been modified to work with Calico rather than Flannel
 # - The tuning plugin is used to update sysctl tcp_keepalive timers.
+# - The portmap plugin is enabled to allow forwarding from one or more ports
+#   on the host to the container
 ---
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
@@ -82,6 +84,9 @@ data:
     {
       "name": "multus-cni-network",
       "type": "multus",
+      "capabilities": {
+          "portMappings": true
+      },
       "delegates": [
         {
           "cniVersion": "0.3.0",
@@ -116,6 +121,11 @@ data:
                 "net.ipv4.tcp_keepalive_probes": "5",
                 "net.ipv4.tcp_keepalive_time": "5"
               }
+            },
+            {
+              "type": "portmap",
+              "snat": true,
+              "capabilities": {"portMappings": true}
             }
           ]
         }