diff options
| -rw-r--r-- | demo/ansible/hosts | 2 | ||||
| -rw-r--r-- | demo/ansible/provision.yml (renamed from demo/provision.yml) | 3 | ||||
| -rw-r--r-- | demo/ansible/tasks/provision.yml | 18 | ||||
| -rw-r--r-- | demo/ansible/templates/tsg-containerd-wr.yml.j2 | 91 | ||||
| -rw-r--r-- | demo/provision.sh | 3 |
5 files changed, 117 insertions, 0 deletions
diff --git a/demo/ansible/hosts b/demo/ansible/hosts new file mode 100644 index 0000000..71c3838 --- /dev/null +++ b/demo/ansible/hosts @@ -0,0 +1,2 @@ +[provision] +localhost ansible_connection=local
\ No newline at end of file diff --git a/demo/provision.yml b/demo/ansible/provision.yml index ec96db3..f0ffe66 100644 --- a/demo/provision.yml +++ b/demo/ansible/provision.yml @@ -1,5 +1,8 @@ version: 1 +vsys: + id: vsys1 + device: tags: - device_group: group-xxg-three diff --git a/demo/ansible/tasks/provision.yml b/demo/ansible/tasks/provision.yml new file mode 100644 index 0000000..4d566a5 --- /dev/null +++ b/demo/ansible/tasks/provision.yml @@ -0,0 +1,18 @@ +--- +- hosts: provision + tasks: + - name: create vsys workload resource directory + file: + path: /opt/tsg/{{vsys.id}}/containerd/workload-resouce + state: directory + + - name: Template the tsg-containerd-wr.yml + template: + src: "../templates/tsg-containerd-wr.yml.j2" + dest: /opt/tsg/{{vsys.id}}/containerd/workload-resouce/tsg-containerd-wr.yml + + - name: Apply configmap + shell: kubectl create configmap {{vsys.id}}-provision-config --from-file provision.yml + + - name: Apply tsg-containerd-wr.yml + shell: kubectl apply -f /opt/tsg/{{vsys.id}}/containerd/workload-resouce/tsg-containerd-wr.yml
\ No newline at end of file diff --git a/demo/ansible/templates/tsg-containerd-wr.yml.j2 b/demo/ansible/templates/tsg-containerd-wr.yml.j2 new file mode 100644 index 0000000..9b8566a --- /dev/null +++ b/demo/ansible/templates/tsg-containerd-wr.yml.j2 @@ -0,0 +1,91 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ vsys.id }} + labels: + app: {{ vsys.id }} + +spec: + selector: + matchLabels: + app: {{ vsys.id }} + template: + metadata: + labels: + app: {{ vsys.id }} + + spec: + tolerations: + - key: node-role.kubernetes.io/control-plane + operator: Exists + effect: NoSchedule + - key: node-role.kubernetes.io/master + operator: Exists + effect: NoSchedule + containers: + - name: firewall + image: docker.io/library/tsg:firewall + imagePullPolicy: Never + command: ["/bin/bash", "-c", "tail -f /dev/null"] + securityContext: + privileged: true + + volumeMounts: + - mountPath: /opt/tsg/mrzcpd + name: opt-tsg-mrzcpd + readOnly: false + - mountPath: /var/run/mrzcpd + name: var-run-mrzcpd + readOnly: false + - mountPath: /var/run/dpdk + name: var-run-dpdk + readOnly: false + - mountPath: /root/sys + name: root-sys + readOnly: false + - name: provision-config + mountPath: "/data/tsg-os-provision" + readOnly: true + +{% if proxy.enable == 1 %} + - name: proxy + image: docker.io/library/tsg:proxy + imagePullPolicy: Never + command: ["/bin/bash", "-c", "tail -f /dev/null"] + securityContext: + privileged: true + + volumeMounts: + - mountPath: /opt/tsg/mrzcpd + name: opt-tsg-mrzcpd + readOnly: false + - mountPath: /var/run/mrzcpd + name: var-run-mrzcpd + readOnly: false + - mountPath: /var/run/dpdk + name: var-run-dpdk + readOnly: false + - mountPath: /root/sys + name: root-sys + readOnly: false + - name: provision-config + mountPath: "/data/tsg-os-provision" + readOnly: true +{% endif %} + + volumes: + - name: opt-tsg-mrzcpd + hostPath: + path: /opt/tsg/mrzcpd + - name: var-run-mrzcpd + hostPath: + path: /var/run/mrzcpd + - name: var-run-dpdk + hostPath: + path: /var/run/dpdk + - name: root-sys + hostPath: + path: /root/sys + - name: provision-config + configMap: + name: {{vsys.id}}-prosivion-config
\ No newline at end of file diff --git a/demo/provision.sh b/demo/provision.sh new file mode 100644 index 0000000..52f2d32 --- /dev/null +++ b/demo/provision.sh @@ -0,0 +1,3 @@ +#!/bin/bash -ex + +ansible-playbook -i ansible/hosts -e @ansible/provision.yml ansible/tasks/provision.yml
\ No newline at end of file |