Description of problem: In OpenShift of OpenStack environments we should have the option to use OpenStack Kuryr as the Software Defined Networking solution that openshift-ansible deploys so that OpenShift Pods and services can consume the native OpenStack networking provided. This integration should consist on roles that deploy the Kuryr-Controller as an OpenShift deployment and the CNI component as a DaemonSet. All the relevant kuryr options should be made available as options the user can place in the inventory and with sane defaults. Steps to Reproduce: 1. place kuryr Neutron options in /etc/ansible/hosts alongside the rest of the BYO configuration 2. ansible-playbook playbooks/byo/config.yml -vvv Actual results: Not implemented Expected results: OpenShift successfully deploys and the kube-system namespace has the Kuryr controller Deployment and the Kuryr CNI daemonset Additional info:
Changes have been merged into master but note that target release is 3.8.0.
Hi Ofer, Please verify this bug,thanks!
The feature is merged, though meanwhile we needed to make some more fixes as well. I'm not sure about QA status of that. As development team we've recently verified that this works.
This has been implemented. However, the namespace is openshift-infra not kube-system. How to test: 1. Configure the Kuryr SDN in the openshift-ansible inventory all.yml: openshift_use_kuryr: True openshift_use_openshift_sdn: False openshift_master_open_ports: - service: dns tcp port: 53/tcp - service: dns udp port: 53/udp openshift_node_open_ports: - service: dns tcp port: 53/tcp - service: dns udp port: 53/udp use_trunk_ports: True os_sdn_network_plugin_name: cni openshift_node_proxy_mode: userspace openshift_hosted_manage_registry: false # # Kuryr needs to know the subnet you will be taking Floating IPs for the # loadbalancer services from. kuryr_openstack_public_subnet_id: cdbd1855-0b23-4ddc-8186-e10a963156b8 openshift_kuryr_precreate_subports: 5 openshift_kuryr_device_owner: compute:kuryr enable_kuryr_controller_probes: False enable_kuryr_cni_probes: False 2. Run the openshift-ansible/playbooks/openstack/openshift-cluster/provision_install.yml playbook Verification: 1. The playbook must finish without errors. 2. Running `oc get pod -n openshift-infra` from a master node should list one CNI pod for every OpenShift node and a single kuryr-controller pod
Verified in openshift-ansible-3.10.0-0.53.0.git.0.53fe016.el7.noarch and openshift-ansible-playbooks-3.10.0-0.53.0.git.0.53fe016.el7.noarch. Verification steps: 1. Configure the Kuryr SDN in the openshift-ansible inventory all.yml: openshift_use_kuryr: True openshift_use_openshift_sdn: False openshift_master_open_ports: - service: dns tcp port: 53/tcp - service: dns udp port: 53/udp openshift_node_open_ports: - service: dns tcp port: 53/tcp - service: dns udp port: 53/udp use_trunk_ports: True os_sdn_network_plugin_name: cni openshift_node_proxy_mode: userspace openshift_hosted_manage_registry: false # # Kuryr needs to know the subnet you will be taking Floating IPs for the # loadbalancer services from. kuryr_openstack_public_net_id: dd5a700a-a0bf-4e18-b6db-a59f4063f7b4 openshift_kuryr_precreate_subports: 5 openshift_kuryr_device_owner: compute:kuryr enable_kuryr_controller_probes: False enable_kuryr_cni_probes: False 2. Run the openshift-ansible openstack playbook (deployed 1 master, 1 infra and 2 app nodes) 3. Verify kuryr-cni daemon set and kuryr controller deployment config: [openshift@master-0 ~]$ oc -n openshift-infra get ds NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE kuryr-cni-ds 4 4 4 4 4 <none> 16h [openshift@master-0 ~]$ oc -n openshift-infra get cm NAME DATA AGE kuryr-config 2 16h 4. Verify kuryr controller and cni pods are ready and running: [openshift@master-0 ~]$ oc get pod -n openshift-infra NAME READY STATUS RESTARTS AGE bootstrap-autoapprover-0 1/1 Running 0 16h kuryr-cni-ds-bcvrp 1/1 Running 0 16h kuryr-cni-ds-hnqw2 1/1 Running 0 16h kuryr-cni-ds-jvn5x 1/1 Running 0 16h kuryr-cni-ds-kjxnv 1/1 Running 0 16h kuryr-controller-65c98f7444-vv5l8 1/1 Running 0 16h
It seems so, yes.