+++ /dev/null
-# 🛠️ AWS S3 Publish Logs
-
-Uploads logs from archive folder into AWS S3 bucket. Logs are gzipped before
-upload.
-
-## Usage Example
-
-An example workflow step using this action:
-
-<!-- markdownlint-disable MD013 -->
-```yaml
-- name: AWS S3 Publish Logs
- uses: fdio/csit/.github/actions/aws_s3_publish_logs@master
-```
-<!-- markdownlint-enable MD013 -->
-
-## Inputs
-
-<!-- markdownlint-disable MD013 -->
-
-| Variable Name | Description |
-| --------------- | ----------------------------------------------- |
-| S3_BUCKET | Name of the Amazon S3 bucket. |
-| S3_PATH | Path within Amazon AWS S3 bucket. |
-| ARCHIVES_PATH | Source directory with logs artifact to archive. |
-
-<!-- markdownlint-enable MD013 -->
-
-## Requirements/Dependencies
-
-The gzip command-line tool must be available in the environment for the action
-to succeed.
\ No newline at end of file
+++ /dev/null
----
-name: "🛠️ AWS S3 Publish Logs"
-description: |
- This GitHub Action uploads logs to AWS S3.
-
-inputs:
- AWS_ACCESS_KEY_ID:
- description: "Unique, public identifier for an AWS IAM user."
- required: true
- type: string
- AWS_SECRET_ACCESS_KEY:
- description: "Long-term security credential for AWS account or an IAM user."
- required: true
- type: string
- AWS_REGION:
- description: "Long-term security credential for AWS account or an IAM user."
- required: true
- type: string
- S3_BUCKET:
- description: "Name of the Amazon S3 bucket."
- required: true
- default: "fdio-logs-s3-cloudfront-index"
- type: string
- S3_PATH:
- description: "Path within Amazon AWS S3 bucket."
- required: false
- default: "vex-yul-rot-jenkins-1/${{ github.job }}/${{ github.run_id }}"
- type: string
- ARCHIVES_PATH:
- description: "Source directory with logs artifact to archive."
- required: false
- default: "${{ github.workspace }}/archives"
- type: string
-
-runs:
- using: "composite"
- steps:
- - name: Check if AWS CLI is pre-installed
- id: aws-binary-check
- shell: bash
- run: |
- if command -v aws >/dev/null 2>&1; then
- echo "AWS CLI is already installed. Skipping install."
- echo "AWS_CLI_PREINSTALLED=true" >> "$GITHUB_OUTPUT"
- aws --version
- exit 0
- fi
- echo "AWS_CLI_PREINSTALLED=false" >> "$GITHUB_OUTPUT"
-
- - name: Cache or Restore the zip
- if: ${{ steps.aws-binary-check.outputs.AWS_CLI_PREINSTALLED == 'false' }}
- uses: actions/cache@v4
- id: aws-cli-cache
- with:
- path: ${{ runner.temp }}/aws-cli-cache/*.zip
- key: ${{ runner.os }}-${{ runner.arch }}-aws-cli-v2-zip
-
- - name: Install AWS CLI
- shell: bash
- if: ${{ steps.aws-binary-check.outputs.AWS_CLI_PREINSTALLED == 'false' }}
- env:
- CACHE_HIT: ${{ steps.aws-cli-cache.outputs.cache-hit == 'true' }}
- CACHE_PATH: ${{ runner.temp }}/aws-cli-cache
- run: |
- AWS_PACKAGE="awscli-exe-linux-$(uname -m).zip"
-
- mkdir -p "$CACHE_PATH"
- cd "$CACHE_PATH"
-
- if [ "$CACHE_HIT" = "false" ]; then
- curl -fsSL \
- --retry 3 \
- --retry-delay 5 \
- --connect-timeout 15 \
- --max-time 60 \
- -o "$AWS_PACKAGE" "https://awscli.amazonaws.com/$AWS_PACKAGE"
- fi
-
- unzip -o -q "$AWS_PACKAGE"
- sudo ./aws/install --update
- rm -rf ./aws
-
- #- name: Configure AWS Credentials
- # with:
- # aws-access-key-id: ${{ inputs.AWS_ACCESS_KEY_ID }}
- # aws-secret-access-key: ${{ inputs.AWS_SECRET_ACCESS_KEY }}
- # aws-region: ${{ inputs.AWS_REGION }}
-
- - name: Upload archives directory content to S3
- shell: bash
- run: |
- get_content_type() {
- local file_ext="${1##*.}"
- case "$file_ext" in
- xml) echo "application/xml" ;;
- html) echo "text/html" ;;
- txt) echo "text/plain" ;;
- log) echo "text/plain" ;;
- css) echo "text/css" ;;
- md) echo "text/markdown" ;;
- rst) echo "text/x-rst" ;;
- csv) echo "text/csv" ;;
- svg) echo "image/svg+xml" ;;
- jpg|jpeg) echo "image/jpeg" ;;
- png) echo "image/png" ;;
- gif) echo "image/gif" ;;
- js) echo "application/javascript" ;;
- pdf) echo "application/pdf" ;;
- json) echo "application/json" ;;
- otf) echo "application/otf" ;;
- ttf) echo "application/ttf" ;;
- woff) echo "application/woff" ;;
- woff2) echo "application/woff2" ;;
- *) echo "application/octet-stream" ;;
- esac
- }
-
- export -f get_content_type
-
- pushd ${{ inputs.ARCHIVES_PATH }}
-
- # Traverse and upload
- find . -type f | while read -r file; do
- rel_path="${file#./}" # relative path
- tmp_file="$(mktemp).gz" # temp gzip file
- gzip -c "${file}" > "${tmp_file}" # compress
-
- content_type=$(get_content_type "${file}")
-
- S3_ARN="s3://${{ inputs.S3_BUCKET }}/${{ inputs.S3_PATH }}/${rel_path}.gz"
-
- echo "Uploading ${rel_path}.gz -> ${S3_ARN} (Content-Type: ${content_type}, gzip)"
- #aws s3 cp "${tmp_file}" "${S3_ARN}" --content-type "${content_type}" --content-encoding "gzip"
-
- rm -f "${tmp_file}"
- done
+++ /dev/null
-# 🛠️ Setup Executor Environment
-
-Action to setup FD.io Nomad executor environment inside a GitHub
-action/workflow.
-
-## Usage Example
-
-Sets the OS details used for Git operations inside other actions/workflows.
-
-<!-- markdownlint-disable MD013 -->
-```yaml
-- name: "Setup Environment"
- uses: fdio/csit/.github/actions/setup_executor_env@master
-```
-<!-- markdownlint-enable MD013 -->
-
-## Outputs
-
-<!-- markdownlint-disable MD013 -->
-
-| Variable Name | Description |
-| --------------- | ------------------------------- |
-| OS_ID | Operating system ID. |
-| OS_VERSION_ID | Operating system Version ID. |
-| OS_ARCH | Operating system architecture. |
-
-<!-- markdownlint-enable MD013 -->
-
-## Requirements/Dependencies
-
-The git command-line tool must be available in the environment for the action
-to succeed.
\ No newline at end of file
+++ /dev/null
----
-name: "🛠️ Setup Executor Environment"
-description: |
- This GitHub Action prepares FD.io executor environment.
-
-outputs:
- OS_ID:
- description: "Operating system ID"
- value: ${{ steps.attributes.outputs.OS_ID }}
- OS_VERSION_ID:
- description: "Operating system Version ID"
- value: ${{ steps.attributes.outputs.OS_VERSION_ID }}
- OS_ARCH:
- description: "Operating system architecture"
- value: ${{ steps.attributes.outputs.OS_ARCH }}
-
-runs:
- using: "composite"
- steps:
- - name: "GitHub Runner Attributes"
- id: attributes
- shell: bash
- run: |
- . /etc/os-release
- OS_ARCH=$(uname -m)
-
- echo "OS: ${ID:-unknown}-${VERSION_ID:-unknown}"
- echo "Arch: ${OS_ARCH}"
- echo "GitHub Runner: ${RUNNER_NAME:-Unknown}"
- echo "GitHub Workflow: ${GITHUB_WORKFLOW:-Unknown}"
- echo "GitHub Run ID: ${GITHUB_RUN_ID:-Unknown}"
- echo "Runner Hostname: $(hostname)"
-
- # Set GitHub Outputs
- echo "OS_ID=$ID" >> "$GITHUB_ENV"
- echo "OS_ID=$ID" >> "$GITHUB_OUTPUT"
- echo "OS_VERSION_ID=$VERSION_ID" >> "$GITHUB_ENV"
- echo "OS_VERSION_ID=$VERSION_ID" >> "$GITHUB_OUTPUT"
- echo "OS_ARCH=$OS_ARCH" >> "$GITHUB_ENV"
- echo "OS_ARCH=$OS_ARCH" >> "$GITHUB_OUTPUT"
-
- - name: "GitHub Actions Environment"
- id: environment
- shell: bash
- run: |
- echo "GITHUB_WORKSPACE: ${GITHUB_WORKSPACE:-Not set}"
- echo "GITHUB_REPOSITORY: ${GITHUB_REPOSITORY:-Not set}"
- echo "GITHUB_REF: ${GITHUB_REF:-Not set}"
- echo "GITHUB_SHA: ${GITHUB_SHA:-Not set}"
- echo "GITHUB_EVENT_NAME: ${GITHUB_EVENT_NAME:-Not set}"
-
- - name: "Show Python Packages"
- id: python_packages
- shell: bash
- run: |
- pip3 list 2>/dev/null | column -t || true
-
- - name: "Show OS Packages"
- id: os_packages
- shell: bash
- run: |
- if [ "${OS_ID}" = "ubuntu" ] || [ "${OS_ID}" = "debian" ]; then
- dpkg-query -W -f='${binary:Package}\t${Version}\n' | column -t || true
- elif [ "${OS_ID}" = "centos" ]; then
- yum list installed || true
- else
- echo "Unsupported OS for package listing"
- fi
-
- - name: "Setup ccache"
- id: ccache_packages
- shell: bash
- run: |
- downloads_cache="/root/Downloads"
-
- # Toggle envs (can be overridden from workflow)
- : "${VERBOSE_PACKAGES:=1}" # 1 to list installed OS packages
- : "${VERBOSE_PY:=1}" # 1 to list python packages
- : "${CCACHE_MAXSIZE:=20G}" # Max ccache size
- : "${CCACHE_COMPILERCHECK:=content}" # Safer compiler change detection
-
- if command -v ccache >/dev/null 2>&1; then
- # Ensure CCACHE_DIR is set and exists
- if [ -z "${CCACHE_DIR:-}" ]; then
- # Derive a default if not provided (caller may pass one via env)
- CCACHE_DIR="/scratch/ccache/${OS_ID}-${OS_VERSION_ID}-${OS_ARCH}"
- export CCACHE_DIR
- fi
- if [ ! -d "${CCACHE_DIR}" ]; then
- echo "Creating CCACHE_DIR='${CCACHE_DIR}'"
- if ! mkdir -p "${CCACHE_DIR}" 2>/dev/null; then
- echo "Failed to create CCACHE_DIR; disabling ccache"
- export CCACHE_DISABLE=1
- fi
- fi
- if [ -z "${CCACHE_DISABLE:-}" ]; then
- export CCACHE_MAXSIZE CCACHE_COMPILERCHECK
- echo "ccache enabled: dir='${CCACHE_DIR}' max='${CCACHE_MAXSIZE}' compilercheck='${CCACHE_COMPILERCHECK}'"
- echo "Initial ccache stats:"; ccache -s || true
- else
- echo "ccache explicitly disabled (CCACHE_DISABLE='${CCACHE_DISABLE}')"
- fi
- else
- echo "WARNING: ccache is not installed (will proceed without caching)"
- export CCACHE_DISABLE=1
- fi
-
- downloads_cache="${GITHUB_WORKSPACE:-/github/workspace}/.cache"
- mkdir -p "${downloads_cache}" 2>/dev/null || true
\ No newline at end of file
rxMode: "polling"
pci: "0000:38:00.0"
ip_addr: "192.168.1.2/24"
+ ip_route: "10.0.0.0/8 via 192.168.1.1"
- interfaceName: "enp58s0np0"
vppDriver: "avf"
rx: 8
rxMode: "polling"
pci: "0000:3a:00.0"
- ip_addr: "192.168.2.2/24"
\ No newline at end of file
+ ip_addr: "192.168.2.2/24"
+ ip_route: "20.0.0.0/8 via 192.168.2.1"
\ No newline at end of file
--- /dev/null
+- name: calico
+ src: https://github.com/pmikus/calico
+ version: master
\ No newline at end of file
cidr: "192.168.0.0/16"
kubernetes_calico_version: "3.30.3"
+calicovppctl_version: "3.30.0"
kubernetes_calico_resources:
tigera-operator.yaml: https://raw.githubusercontent.com/projectcalico/calico/v{{ kubernetes_calico_version }}/manifests/tigera-operator.yaml
operator-crds.yaml: https://raw.githubusercontent.com/projectcalico/calico/v{{ kubernetes_calico_version }}/manifests/operator-crds.yaml
-calico_vpp_state: "present"
+calicovppctl_resource: https://raw.githubusercontent.com/projectcalico/vpp-dataplane/v{{ calicovppctl_version }}/test/scripts/vppdev.sh
+
+calico_vpp_state: present
--- /dev/null
+---
+# file: meta/main.yaml
+
+dependencies: []
+
+galaxy_info:
+ role_name: calico
+ author: pmikus
+ description: Calico VPP.
+ company: "none"
+ license: "license (BSD, MIT)"
+ min_ansible_version: "2.10"
+ platforms:
+ - name: "Ubuntu"
+ versions:
+ - "noble"
+ galaxy_tags:
+ - kubernetes
+ - cni
+ - vpp
---
-# file: tasks/cleanup.yaml
+# file: tasks/cleanup.yml
- name: reset network interface
ansible.builtin.shell: |
---
-# file: tasks/deploy.yaml
+# file: tasks/deploy.yml
- name: download calico manifest to the cluster
ansible.builtin.get_url:
dest: "/tmp/{{ item }}"
src: "{{ item }}.j2"
loop:
- - "calico-vpp.yaml"
+ - "calico-vpp-multinet.yaml"
when:
- calico_sut is defined
tags:
- calico_sut is defined
- pod_list['resources'] | length > 0
tags:
- - calico-info
\ No newline at end of file
+ - calico-info
+
+- name: download calicovppctl
+ ansible.builtin.get_url:
+ url: "{{ calicovppctl_resource }}"
+ dest: /usr/bin/calicovppctl
+ mode: 0740
+ when:
+ - calico_sut is defined
+ tags:
+ - calico-deploy
\ No newline at end of file
+++ /dev/null
----
-# file: tasks/execute.yaml
-
-- name: execute command on calico-vpp-pod
- kubernetes.core.k8s_exec:
- namespace: calico-vpp-dataplane
- pod: "{{ calico_pod_name }}"
- container: vpp
- command: vppctl sh version
- register: command_status
- when:
- - calico_pod_name is defined
- - calico_sut is defined
- - calico_vpp_state == "present"
- tags:
- - calico-execute
-
-- name: check last command status
- ansible.builtin.debug:
- msg: "{{ command_status.stdout }}"
- when:
- - calico_pod_name is defined
- - calico_sut is defined
- - calico_vpp_state == "present"
- tags:
- - calico-execute
\ No newline at end of file
+++ /dev/null
----
-# file: tasks/main.yaml
-
-- import_tasks: pre-set.yaml
- tags:
- - calico-pre-set
-
-- import_tasks: deploy.yaml
- tags:
- - calico-deploy
-
-- import_tasks: execute.yaml
- tags:
- - calico-execute
-
-- import_tasks: cleanup.yaml
- tags:
- - calico-cleanup
\ No newline at end of file
--- /dev/null
+---
+# file: tasks/main.yml
+
+- import_tasks: pre-action.yml
+ tags:
+ - calico-pre-action
+
+- import_tasks: deploy.yml
+ tags:
+ - calico-deploy
+
+- import_tasks: post-action.yml
+ tags:
+ - calico-post-action
+
+- import_tasks: cleanup.yml
+ tags:
+ - calico-cleanup
\ No newline at end of file
--- /dev/null
+---
+# file: tasks/post-action.yml
+
+#- name: executel command on calico-vpp-pod
+# kubernetes.core.k8s_exec:
+# namespace: calico-vpp-dataplane
+# pod: "{{ calico_pod_name }}"
+# container: vpp
+# command: vppctl sh version
+# register: command_status
+
+- name: wait for deploy
+ ansible.builtin.wait_for:
+ timeout: 5
+ when:
+ - calico_sut is defined
+ - calico_vpp_state == "present"
+ tags:
+ - calico-pre-action
+
+- name: calicovppctl show version
+ ansible.builtin.shell: |
+ calicovppctl vppctl {{ hostname }} show version
+ register: command_status
+ when:
+ - calico_sut is defined
+ - calico_vpp_state == "present"
+ tags:
+ - calico-pre-action
+
+- name: check last command status
+ ansible.builtin.debug:
+ msg: "{{ command_status.stdout }}"
+ when:
+ - calico_sut is defined
+ - calico_vpp_state == "present"
+ tags:
+ - calico-pre-action
\ No newline at end of file
---
-# file: tasks/pre-set.yaml
+# file: tasks/pre-action.yml
- name: pre-setup network interface
ansible.builtin.shell: |
ip l set dev {{ item.interfaceName }} up
ip a add {{ item.ip_addr }} dev {{ item.interfaceName }}
loop: "{{ calico_uplink_interfaces }}"
- ignore_errors: True
when:
- calico_sut is defined
- calico_vpp_state == "present"
tags:
- - calico-reset
\ No newline at end of file
+ - calico-pre-action
+
+- name: pre-setup routing
+ ansible.builtin.shell: |
+ ip r add {{ item.ip_route }}
+ loop: "{{ calico_uplink_interfaces }}"
+ when:
+ - calico_sut is defined
+ - calico_vpp_state == "present"
+ tags:
+ - calico-pre-action
\ No newline at end of file
--- /dev/null
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: calico-vpp-dataplane
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: calico-vpp-node-sa
+ namespace: calico-vpp-dataplane
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: calico-vpp-node-role
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ - nodes
+ - namespaces
+ verbs:
+ - get
+- apiGroups:
+ - ""
+ resources:
+ - endpoints
+ - services
+ verbs:
+ - watch
+ - list
+ - get
+ - create
+ - update
+- apiGroups:
+ - k8s.cni.cncf.io
+ resources:
+ - network-attachment-definitions
+ verbs:
+ - watch
+ - get
+ - list
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ verbs:
+ - get
+- apiGroups:
+ - ""
+ resources:
+ - nodes/status
+ verbs:
+ - patch
+ - update
+- apiGroups:
+ - networking.k8s.io
+ resources:
+ - networkpolicies
+ verbs:
+ - watch
+ - list
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ - namespaces
+ - serviceaccounts
+ verbs:
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - pods/status
+ verbs:
+ - patch
+- apiGroups:
+ - projectcalico.org
+ resources:
+ - networks
+ verbs:
+ - list
+ - get
+ - watch
+- apiGroups:
+ - crd.projectcalico.org
+ resources:
+ - globalfelixconfigs
+ - felixconfigurations
+ - bgppeers
+ - bgpfilters
+ - globalbgpconfigs
+ - bgpconfigurations
+ - ippools
+ - ipamblocks
+ - globalnetworkpolicies
+ - globalnetworksets
+ - networkpolicies
+ - networksets
+ - clusterinformations
+ - hostendpoints
+ - blockaffinities
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - nodes
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - crd.projectcalico.org
+ resources:
+ - blockaffinities
+ - ipamblocks
+ - ipamhandles
+ verbs:
+ - get
+ - list
+ - create
+ - update
+ - delete
+- apiGroups:
+ - crd.projectcalico.org
+ resources:
+ - ipamconfigs
+ verbs:
+ - get
+- apiGroups:
+ - crd.projectcalico.org
+ resources:
+ - blockaffinities
+ verbs:
+ - watch
+- apiGroups:
+ - discovery.k8s.io
+ resources:
+ - endpointslices
+ verbs:
+ - watch
+ - list
+ - get
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: calico-vpp-node
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: calico-vpp-node-role
+subjects:
+- kind: ServiceAccount
+ name: calico-vpp-node-sa
+ namespace: calico-vpp-dataplane
+---
+apiVersion: v1
+data:
+ CALICOVPP_CONFIG_TEMPLATE: |-
+ unix {
+ nodaemon
+ full-coredump
+ cli-listen /var/run/vpp/cli.sock
+ pidfile /run/vpp/vpp.pid
+ exec /etc/vpp/startup.exec
+ }
+ api-trace { on }
+ cpu {
+ main-core 1
+ corelist-workers {{ calico_corelist_workers }}
+ }
+ socksvr {
+ socket-name /var/run/vpp/vpp-api.sock
+ }
+ plugins {
+ plugin default { enable }
+ plugin dpdk_plugin.so { disable }
+ plugin calico_plugin.so { enable }
+ plugin ping_plugin.so { disable }
+ plugin dispatch_trace_plugin.so { enable }
+ }
+ buffers {
+ buffers-per-numa 131072
+ }
+ CALICOVPP_FEATURE_GATES: |-
+ {
+ "memifEnabled": true,
+ "vclEnabled": true,
+ "multinetEnabled": true
+ }
+ CALICOVPP_INITIAL_CONFIG: |-
+ {
+ "vppStartupSleepSeconds": 1,
+ "corePattern": "/var/lib/vpp/vppcore.%e.%p"
+ }
+ CALICOVPP_INTERFACES: |-
+ {
+ "maxPodIfSpec": {
+ "rx": 10, "tx": 10, "rxqsz": 1024, "txqsz": 1024
+ },
+ "defaultPodIfSpec": {
+ "rx": 1, "tx":1, "isl3": true
+ },
+ "vppHostTapSpec": {
+ "rx": 1, "tx":1, "rxqsz": 1024, "txqsz": 1024, "isl3": false
+ },
+ "uplinkInterfaces": [
+{% for interface in calico_uplink_interfaces %}
+ {
+ "interfaceName": "{{ interface.interfaceName }}",
+ "vppDriver": "{{ interface.vppDriver }}",
+ "rx": {{ interface.rx }},
+ "rxMode": "{{ interface.rxMode }}"
+ }{{ "," if not loop.last }}
+{% endfor %}
+ ]
+ }
+ SERVICE_PREFIX: 10.96.0.0/12
+kind: ConfigMap
+metadata:
+ name: calico-vpp-config
+ namespace: calico-vpp-dataplane
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ k8s-app: calico-vpp-node
+ name: multinet-monitor-deployment
+ namespace: calico-vpp-dataplane
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ k8s-app: calico-vpp-node
+ template:
+ metadata:
+ labels:
+ k8s-app: calico-vpp-node
+ spec:
+ containers:
+ - image: docker.io/calicovpp/multinet-monitor:latest
+ imagePullPolicy: IfNotPresent
+ name: multinet-monitor
+ resources:
+ requests:
+ cpu: 250m
+ serviceAccountName: calico-vpp-node-sa
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ labels:
+ k8s-app: calico-vpp-node
+ name: calico-vpp-node
+ namespace: calico-vpp-dataplane
+spec:
+ selector:
+ matchLabels:
+ k8s-app: calico-vpp-node
+ template:
+ metadata:
+ labels:
+ k8s-app: calico-vpp-node
+ spec:
+ containers:
+ - env:
+ - name: DATASTORE_TYPE
+ value: kubernetes
+ - name: WAIT_FOR_DATASTORE
+ value: "true"
+ - name: NODENAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ envFrom:
+ - configMapRef:
+ name: calico-vpp-config
+ image: docker.io/calicovpp/agent:latest
+ imagePullPolicy: IfNotPresent
+ name: agent
+ resources:
+ requests:
+ cpu: 250m
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - mountPath: /var/run/calico
+ name: var-run-calico
+ readOnly: false
+ - mountPath: /var/lib/calico/felix-plugins
+ name: felix-plugins
+ readOnly: false
+ - mountPath: /var/run/vpp
+ name: vpp-rundir
+ - mountPath: /run/netns/
+ mountPropagation: Bidirectional
+ name: netns
+ - env:
+ - name: DATASTORE_TYPE
+ value: kubernetes
+ - name: WAIT_FOR_DATASTORE
+ value: "true"
+ - name: NODENAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ envFrom:
+ - configMapRef:
+ name: calico-vpp-config
+ image: docker.io/calicovpp/vpp:latest
+ imagePullPolicy: IfNotPresent
+ name: vpp
+ resources:
+ limits:
+ hugepages-2Mi: 4096Mi
+ requests:
+ cpu: 500m
+ memory: 4096Mi
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - mountPath: /lib/firmware
+ name: lib-firmware
+ - mountPath: /var/run/vpp
+ name: vpp-rundir
+ - mountPath: /var/lib/vpp
+ name: vpp-data
+ - mountPath: /etc/vpp
+ name: vpp-config
+ - mountPath: /dev
+ name: devices
+ - mountPath: /sys
+ name: hostsys
+ - mountPath: /run/netns/
+ mountPropagation: Bidirectional
+ name: netns
+ - mountPath: /host
+ name: host-root
+ hostNetwork: true
+ hostPID: true
+ initContainers:
+ - command:
+ - /entrypoint
+ image: docker.io/calicovpp/install-whereabouts:latest
+ name: install-whereabouts
+ volumeMounts:
+ - mountPath: /host/opt/cni/bin
+ name: cni-bin-dir
+ nodeSelector:
+ kubernetes.io/os: linux
+ priorityClassName: system-node-critical
+ serviceAccountName: calico-vpp-node-sa
+ terminationGracePeriodSeconds: 10
+ tolerations:
+ - effect: NoSchedule
+ operator: Exists
+ - key: CriticalAddonsOnly
+ operator: Exists
+ - effect: NoExecute
+ operator: Exists
+ volumes:
+ - hostPath:
+ path: /opt/cni/bin
+ name: cni-bin-dir
+ - hostPath:
+ path: /lib/firmware
+ name: lib-firmware
+ - hostPath:
+ path: /var/run/vpp
+ name: vpp-rundir
+ - hostPath:
+ path: /var/lib/vpp
+ type: DirectoryOrCreate
+ name: vpp-data
+ - hostPath:
+ path: /etc/vpp
+ name: vpp-config
+ - hostPath:
+ path: /dev
+ name: devices
+ - hostPath:
+ path: /sys
+ name: hostsys
+ - hostPath:
+ path: /var/run/calico
+ name: var-run-calico
+ - hostPath:
+ path: /run/netns
+ name: netns
+ - hostPath:
+ path: /var/lib/calico/felix-plugins
+ name: felix-plugins
+ - hostPath:
+ path: /
+ name: host-root
+ updateStrategy:
+ rollingUpdate:
+ maxUnavailable: 1
+ type: RollingUpdate
\ No newline at end of file
}
CALICOVPP_FEATURE_GATES: |-
{
- "memifEnabled": true
+ "memifEnabled": true,
+ "vclEnabled": true,
+ "multinetEnabled": true
}
CALICOVPP_INITIAL_CONFIG: |-
{
+++ /dev/null
-<!-- BEGIN_TF_DOCS -->
-## Requirements
-
-| Name | Version |
-|------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.12.1 |
-| <a name="requirement_nomad"></a> [nomad](#requirement\_nomad) | >= 2.5.0 |
-
-## Providers
-
-| Name | Version |
-|------|---------|
-| <a name="provider_nomad"></a> [nomad](#provider\_nomad) | 2.5.0 |
-
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [nomad_job.gha-dispatcher](https://registry.terraform.io/providers/hashicorp/nomad/latest/docs/resources/job) | resource |
-
-## Inputs
-
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_cpu"></a> [cpu](#input\_cpu) | Specifies the CPU required to run this task in MHz. | `number` | `12000` | no |
-| <a name="input_datacenters"></a> [datacenters](#input\_datacenters) | Specifies the list of DCs to be considered placing this task. | `list(string)` | <pre>[<br/> "yul1"<br/>]</pre> | no |
-| <a name="input_dispatchers"></a> [dispatchers](#input\_dispatchers) | n/a | <pre>list(object({<br/> namespace = string<br/> repository = string<br/> }))</pre> | <pre>[<br/> {<br/> "namespace": "sandbox",<br/> "repository": "fdio-csit"<br/> },<br/> {<br/> "namespace": "prod",<br/> "repository": "fdio-csit"<br/> }<br/>]</pre> | no |
-| <a name="input_image"></a> [image](#input\_image) | Specifies the Docker image to run. | `string` | `"pmikus/docker-gha-dispatcher"` | no |
-| <a name="input_job_name"></a> [job\_name](#input\_job\_name) | Specifies a name for the job. | `string` | `"gha-dispatcher"` | no |
-| <a name="input_memory"></a> [memory](#input\_memory) | Specifies the memory required in MB. | `number` | `8000` | no |
-| <a name="input_node_pool"></a> [node\_pool](#input\_node\_pool) | Specifies the node pool to place the job in. | `string` | `"default"` | no |
-| <a name="input_region"></a> [region](#input\_region) | The region in which to execute the job. | `string` | `"global"` | no |
-| <a name="input_type"></a> [type](#input\_type) | Specifies the Nomad scheduler to use. | `string` | `"service"` | no |
-
-## Outputs
-
-No outputs.
-<!-- END_TF_DOCS -->
\ No newline at end of file
+++ /dev/null
-locals {
- datacenters = join(",", var.datacenters)
- flat_dispatchers = {
- for dispatcher in var.dispatchers : dispatcher.repository => dispatcher
- }
-}
-
-resource "nomad_job" "gha-dispatcher" {
- for_each = local.flat_dispatchers
- jobspec = templatefile(
- "${path.cwd}/nomad-${var.job_name}.hcl.tftpl",
- {
- cpu = var.cpu,
- datacenters = local.datacenters,
- image = "${var.image}-${each.value.namespace}:latest",
- job_name = "${var.job_name}-${each.value.namespace}-${each.value.repository}",
- memory = var.memory,
- namespace = each.value.namespace,
- node_pool = var.node_pool,
- region = var.region,
- type = var.type
- })
- detach = false
-}
\ No newline at end of file
+++ /dev/null
-job "${job_name}" {
- datacenters = ["${datacenters}"]
- type = "${type}"
- node_pool = "${node_pool}"
- region = "${region}"
- namespace = "${namespace}"
-
- group "${job_name}" {
- count = 1
- constraint {
- attribute = "$${attr.cpu.arch}"
- value = "amd64"
- }
- constraint {
- attribute = "$${node.class}"
- value = "builder"
- }
- ephemeral_disk {
- migrate = false
- size = 3000
- sticky = false
- }
- task "${job_name}" {
- driver = "docker"
- config {
- image = "${image}"
- }
- template {
- destination = "$${NOMAD_SECRETS_DIR}/.env"
- env = true
- data = <<EOT
-{{- with nomadVar "nomad/jobs" -}}
-{{- range $k, $v := . }}
-{{ $k }}={{ $v }}
-{{- end }}
-{{- end }}
-EOT
- }
- template {
- destination = "$${NOMAD_SECRETS_DIR}/.job"
- env = true
- data = <<EOT
-{{- with nomadVar "nomad/jobs/${job_name}" -}}
-{{- range $k, $v := . }}
-{{ $k }}={{ $v }}
-{{- end }}
-{{- end }}
-EOT
- }
- resources {
- cpu = ${cpu}
- memory = ${memory}
- }
- }
- }
-}
\ No newline at end of file
+++ /dev/null
-provider "nomad" {
- address = "http://10.30.51.24:4646"
- alias = "yul1"
- # ca_file = var.nomad_provider_ca_file
- # cert_file = var.nomad_provider_cert_file
- # key_file = var.nomad_provider_key_file
-}
\ No newline at end of file
+++ /dev/null
-# Nomad
-variable "datacenters" {
- description = "Specifies the list of DCs to be considered placing this task."
- type = list(string)
- default = ["yul1"]
-}
-
-variable "cpu" {
- description = "Specifies the CPU required to run this task in MHz."
- type = number
- default = 12000
-}
-
-variable "image" {
- description = "Specifies the Docker image to run."
- type = string
- default = "pmikus/docker-gha-dispatcher"
-}
-
-variable "job_name" {
- description = "Specifies a name for the job."
- type = string
- default = "gha-dispatcher"
-}
-
-variable "memory" {
- description = "Specifies the memory required in MB."
- type = number
- default = 8000
-}
-variable "node_pool" {
- description = "Specifies the node pool to place the job in."
- type = string
- default = "default"
-}
-
-variable "region" {
- description = "The region in which to execute the job."
- type = string
- default = "global"
-}
-
-variable "type" {
- description = "Specifies the Nomad scheduler to use."
- type = string
- default = "service"
-}
-
-variable "dispatchers" {
- type = list(object({
- namespace = string
- repository = string
- }))
- default = [
- {
- namespace = "sandbox"
- repository = "pmikus-csit"
- },
- {
- namespace = "sandbox"
- repository = "pmikus-vpp"
- },
- {
- namespace = "prod"
- repository = "fdio-csit"
- },
- {
- namespace = "prod"
- repository = "fdio-vpp"
- }
- ]
-}
\ No newline at end of file
+++ /dev/null
-terraform {
- backend "consul" {
- address = "10.30.51.23:8500"
- scheme = "http"
- path = "terraform/gha-dispatcher"
- }
- required_providers {
- nomad = {
- source = "hashicorp/nomad"
- version = ">= 2.5.0"
- }
- }
- required_version = ">= 1.12.1"
-}
Code Review / csit.git / commitdiff