c12s-kubespray/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
Cédric de Saint Martin 53d87e53c5 All CNIs: support ANY toleration. (#3391)
Before, Nodes tainted with NoExecute policy did not have calico/weave Pod.
Network pod should run on all nodes whatever happens on a specific node.

Also always set the Pods to be critical.
Also remove deprecated scheduler.alpha.kubernetes.io/tolerations annotations.
2018-09-27 05:28:54 -07:00

86 lines
2.7 KiB
Django/Jinja

---
apiVersion: apps/v1
# This manifest deploys the contiv-ovs pod.
kind: DaemonSet
apiVersion: extensions/v1beta1
metadata:
name: contiv-ovs
namespace: kube-system
labels:
k8s-app: contiv-ovs
spec:
selector:
matchLabels:
k8s-app: contiv-ovs
template:
metadata:
labels:
k8s-app: contiv-ovs
annotations:
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
{% if kube_version|version_compare('v1.11.1', '>=') %}
priorityClassName: system-node-critical
{% endif %}
hostNetwork: true
hostPID: true
tolerations:
- operator: Exists
# Mark pod as critical for rescheduling (Will have no effect starting with kubernetes 1.12)
- key: CriticalAddonsOnly
operator: "Exists"
containers:
# Runs ovs containers on each Kubernetes node.
- name: contiv-ovsdb-server
image: {{ contiv_ovs_image_repo }}:{{ contiv_ovs_image_tag }}
command: ["/scripts/start-ovsdb-server.sh"]
securityContext:
privileged: false
# Won't work until https://github.com/contiv/ovs-docker/pull/4 is merged and image is built again
env:
- name: OVSDBSERVER_EXTRA_FLAGS
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_ovsdb_server_extra_flags
volumeMounts:
- mountPath: /etc/openvswitch
name: etc-openvswitch
readOnly: false
- mountPath: /var/run
name: var-run
readOnly: false
- name: contiv-ovs-vswitchd
image: {{ contiv_ovs_image_repo }}:{{ contiv_ovs_image_tag }}
command: ["/scripts/start-ovs-vswitchd.sh"]
securityContext:
privileged: true
# Won't work until https://github.com/contiv/ovs-docker/pull/4 is merged and image is built again
env:
- name: OVSVSWITCHD_EXTRA_FLAGS
valueFrom:
configMapKeyRef:
name: contiv-config
key: contiv_ovs_vswitchd_extra_flags
volumeMounts:
- mountPath: /etc/openvswitch
name: etc-openvswitch
readOnly: false
- mountPath: /lib/modules
name: lib-modules
readOnly: true
- mountPath: /var/run
name: var-run
readOnly: false
volumes:
# Used by contiv-ovs
- name: etc-openvswitch
hostPath:
path: /etc/openvswitch
- name: lib-modules
hostPath:
path: /lib/modules
- name: var-run
hostPath:
path: /var/run